Crypto Licence in Germany
In Germany, crypto businesses are authorised by the Federal Financial Supervisory Authority (BaFin) whose role is to supervise the German financial market by enforcing relevant legislation and this way safeguard its stability and integrity. The authority constantly examines new participants of the financial market or new business models of established providers to determine whether they require authorisation under supervisory laws.
Germany is a member of the Financial Action Task Force (FATF), the leading global money laundering and terrorist financing watchdog, which enforces greater transparency and security for the customers and partners of crypto businesses. This means that receiving a BaFin authorisation for any crypto-based economic activities gives very strong credibility to the business, which in turn attracts new investors.
Crypto Licence in Germany
PACKAGE «COMPANY & CRYPTO License IN GERMANY»
- Preparation of company documents
- Company registration in Germany
- State fee for company registration
- Registered domicile
- Company documents
- Assistance to deposit share capital of the company
- Proof of required share capital
- Registration of the qualified director for VASP
- Proof of reliable owners of the company
- Revision and amendments on business plan
- Translation of business plan to German
- Revision of qualified IT level
- Assistance on preparation of highly qualified IT proof
- Assistance on Prevention of money laundering and Terrorist Financing
The following activities require crypto authorisation from BaFin:
- Providing crypto investment advice
- Cryptocurrency mining
- Cryptocurrency exchange into fiat money and vice versa
- Cryptocurrency exchange into another type of cryptocurrency
- Custodial wallet services
- Initial coin offering (ICO)
- Security token offering (STO)
- Initial exchange offering (IEO)
- Storage of fiat money on customers’ behalf for subsequent exchange for cryptocurrencies
- Cryptocurrency transactions from one customer e-wallet to another
- Provision of loans in cryptocurrencies
- Funds and investments in cryptocurrencies
- Gambling in cryptocurrencies
If you engage in more than one of the above-mentioned economic activities in Germany, you’ll be required to obtain authorisation for each of them as they’re also subject to varying legislation. In terms of the type of licence, the determining factors are the anticipated business model and the legal and actual design of the planned products and services. BaFin examines every crypto business individually to determine whether a business model requires authorisation and, if so, what type and scope of the authorisation. The BaFin licensing framework is the first of its kind in the EU, and it allows for a variety of licensing combinations, e.g. crypto custody and trading in the case of Coinbase.
German authorities recognise the following tokens which also determine the application of laws and licensing requirements:
- Cryptocurrency tokens – a means of payment or store of value, that serve as decentralised virtual currencies for transactions with third parties or marketplaces; they’re regulated under banking laws and accordingly require a licence
- Security tokens – the means to receive access to future profits, interest or certain control rights (e.g., voting, investment decisions) over the issuer; they’re regulated under banking and securities laws
- Utility tokens – no entitlement to a payment, but similarly to vouchers, they give access to certain products or services provided on a particular DLT platform (they are tradable on secondary markets though and can therefore generate profit); they aren’t strictly regulated under the financial market legislation due to their characteristics
Crypto Legislation in Germany
Cryptocurrency businesses operating in Germany are subject to general legislation which is applied depending on the specific characteristics of cryptocurrencies in use. However, in response to the swift growth of cryptocurrency businesses, some of the legal acts are already amended to include cryptoassets.
In Germany, the following legislation is applicable to cryptocurrency businesses:
- The German Securities Trading Act and the Markets in Financial Instruments Directive (MiFID II)
- The German Securities Prospectus Act
- The German Capital Investment Act
- The German Law on Electronic Securities
- The Anti-Money Laundering Act
- The German Banking Act
- The Insurance Supervision Act
- The Payment Services Supervision Act
- The Investment Code
The German Banking Act recognises cryptoassets as financial instruments. A cryptoasset is defined as a digital representation of value that hasn’t been issued or guaranteed by a central bank or public authority, and which isn’t recognised as legal tender but on the basis of an agreement or actual practice is still accepted by natural or legal persons as a means of exchange or payment or for investment purposes, and it can be transferred, stored and traded by electronic means. It’s worth noting that in certain cases cryptoassets may also fall under a different category of financial instrument which is why it’s important to consider each crypto business on a case-by-case basis when it comes to deciding which legislation is applicable. Our team here at Regulated United Europe (RUE) is well-prepared to help you untangle the regulatory complexities.
In addition to national legislation, German cryptocurrency businesses should also be aware of the regulatory developments at the EU level. In 2022, the Economic and Monetary Affairs Committee approved the Markets in Crypto-Assets (MiCA) for a vote by the full European Parliament and the EU member states which is one of the most significant legislative pieces setting standards for the rest of the world. MiCA’s regulations should enter into force between early 2023 and before the end of 2024 and will harmonise regulations related to the prevention of the misuse of cryptoassets, as well as encourage the development of DLT-based innovations.
MiCA is introducing, inter alia, the following changes:
- Cryptocurrency businesses will be obligated to contribute to the reduction of the high carbon footprint of cryptocurrencies by publishing information related to the environmental impact (e.g., the levels of their energy consumption) on their business websites and reporting to the national authorities
- The supervision of stablecoins will be assigned to the European Banking Authority (EBA) who’ll be responsible for enforcing such rules as building up a sufficient liquid reserve with a 1:1 ratio and partly in the form of deposits which will allow every stablecoin holder to be offered a claim by the issuer at any time and free of charge
- The European Banking Authority (EBA) will maintain a public register and conduct enhanced AML/CFT checks of crypto businesses that are categorised as non-compliant crypto asset service providers (CASPs)
In addition to the above-mentioned changes, the Pilot DLT Market Infrastructure Regulation (PDMIR) is planned to come into force in March 2023 and provide a legal framework for the trading and settlement of transactions in cryptoassets that are categorised as financial instruments under Markets in Financial Instruments Directive 2 (MiFID 2). It will provide opportunities for cryptocurrency businesses to experiment with DLT-based trading facilities and settlement systems for financial instruments. It will also give an opportunity to operate a combined trading and settlement facility.
Requirements Concerning Anti-Money Laundering and Counter-Terrorist Financing
AML/CFT regulations are enforced by BaFin’s Department for the Prevention of Money Laundering. To comply with the regulations, every crypto company must have internal procedures that would enable the detection of suspicious transactions. These procedures should protect the reputation and financial strength of the cryptocurrency company, as well as guarantee the integrity and stability of the entire financial market by ensuring transparency in business relationships and transactions through the use of a combination of precautionary measures.
The first important pillar of the prevention of money laundering is risk management. Every crypto company should have a risk management function corresponding with the type and scope of the business. It includes risk analysis processes and internal risk measures. A risk management function is effective if it takes all the company’s economic activities into account, including individual risks, and has a regular assessment of internal anti-money laundering procedures in place. The risk analysis helps to determine and assess risks concerning money laundering and terrorist financing and it must be clearly documented and regularly reviewed to determine whether updates are necessary. Considering the novelty and complexity of cryptographic technologies and the different levels of anonymisation inherent to crypto activities, it’s imperative to focus on the product risks.
Another important AML/CFT pillar is customer due diligence processes. A crypto company must identify the contracting party and, where applicable, the person acting on their behalf, the beneficial owner, the purpose and intended nature of the business relationship, and establish if the contracting party or the beneficial owner is a politically exposed person. Risk-management processes will help decide whether simplified due diligence requirements or enhanced due diligence requirements are to be fulfilled.
Engaging in continuous monitoring of the business relationship or transactions and reporting are crucial responsibilities of a crypto company. It’s important to ensure that the relevant documents and information are updated without delays, in line with the internal policies and legal requirements. These measures enable the retracing of cash flows and identifying suspicious business transactions. If such a transaction is identified, the crypto company must report it to the Central Customs Authority’s Financial Intelligence Unit immediately. Money laundering activities are prosecuted at a regional level by appropriate offices of state prosecutors. Investigations are carried out by the State Office of Criminal Investigations and local police.
General Requirements for Crypto Businesses
Although there are several types of crypto licence, many of the requirements are generally applicable to every crypto business seeking to operate in Germany. They’re mainly related to AML/CFT regulations which apply across the financial market regardless of the business model. Other applicable legislation differs depending on the characteristics of the cryptoassets, and the business model. If intended economic activities include financial instruments pursuant to MiFID II, the crypto authorisation process might be based on Delegated Regulation (EU) 2017/194 instead of the German Banking Act. If you’re not sure how to determine what German and EU laws apply to your specific crypto project, our team here at Regulated United Europe (RUE) will gladly provide clarification in a personalised meeting which you can request to schedule now.
If a company engages in several different crypto-related economic activities, each of them requires separate authorisation from BaFin. This also applies if the company carries out its own business as a member or participant of an organised market or a multilateral trading system or with direct electronic access to a trading venue or with commodity derivatives, emission allowances, or derivatives on emission allowances. New authorisation from BaFin is also required if an authorised crypto custodian sells its own financial instruments unless this is already classified as conducting a banking business or providing a financial service.
To be considered for a crypto licence, every applicant must submit an application accompanied by the following:
- Proof of required initial capital
- A viable business plan for the first three years
- Information about the company directors, including proof of their reliability, professional suitability, and ability to dedicate sufficient time to perform their duties
- The statement of facts indicating a close connection between the institution and other natural persons or other companies
- If significant participations are held in the institution, the details of the holders, the amount of the holdings, and the information required to assess the reliability of these owners or legal representatives or personally liable partners
- If these holders have to prepare annual accounts, the annual accounts for the last three financial years along with audit reports from independent auditors
- If these owners belong to a group, information on the group structure and, if such accounts are to be prepared, the consolidated group accounts of the last three financial years along with audit reports from independent auditors
- The details of the members of the administrative or supervisory body along with the information required to assess their reliability, expertise, and ability to dedicate sufficient time to the performance of their duties
The business plan must include the following information:
- The nature of the planned transactions
- The organisational structure of the institution, specifying parent companies, financial holding companies and mixed financial holding companies within the group
- Intended internal control procedures and policies
- A comprehensive description of the implemented IT systems
It’s important to note that German is the official language at BaFin. If there’s an intention to submit a document in another language, it must be discussed and agreed upon with BaFin in advance. Otherwise, if you require a certified translator, our team will be happy to assist you.
CRYPTO REGULATION IN GERMANY
|Period for consideration
||Up to 6 months||Annual fee for supervision||Up to 500,000 EUR|
|State fee for application
||10,750 €||Local staff member||Required|
|Required share capital||125,000 €||Physical office||Required|
|Corporate income tax||15.83%||Accounting audit||No|
Crypto Licence for a Crypto Custody Business
As of January 2020, pursuant to the German Banking Act, crypto values (i.e., cryptoassets) are treated as financial instruments and the provision of crypto custody services in Germany requires a licence from BaFin. Crypto exchanges are as well affected by the categorisation of cryptocurrencies as financial instruments. The licence is required not only in the case of the crypto custodian being located in Germany and serving customers residing in Germany but also when a crypto custodian is based in Germany but serves persons residing abroad. Moreover, crypto custodians located outside of Germany who offer their services to legal and natural persons residing in Germany, are also required to obtain a crypto custody licence. The list of supervised companies with permission to provide crypto custody business can be found in BaFin’s company database.
According to the German Banking Act, crypto custody is defined as the safekeeping, administration or storage of crypto values or private crypto keys used to hold, store or transmit crypto values for others. Crypto values are defined as digital representations of a value which hasn’t been issued or guaranteed by any central bank or public body and which doesn’t have the status of legal tender but is nevertheless accepted by natural or legal persons as a means of exchange or payment or for investment purposes and which can be transferred, stored and traded electronically. Cryptocurrencies and crypto securities fall within the definition of crypto values. The definition excludes e-money.
Key requirements for crypto custodians:
- The initial capital of at least 125,000 EUR
- The directors must be reliable and possess all necessary professional qualifications and competence in adhering to regulations
- Sound risk management in accordance with MaRisk requirements, including a compliance and audit function, processes of reporting to the supervisory authority, as well as infrastructure and policies compliant with IT regulations
- Appointment of an auditor who should audit annual financial statements, as well as monitor the soundness and effectiveness of risk management, remuneration and IT security
- Creation of a risk management system in accordance with the German Anti-Money Laundering Act to prevent money laundering and the financing of terrorism
- Appointment of an anti-money laundering officer
- Preparation of a risk analysis and development of internal security measures
- Employees must be checked for reliability and trained in accordance with AML/CFT requirements
The crypto custody licence isn’t based on EU legislation which means crypto custody businesses aren’t permitted to avail of the passporting opportunities within the EU. Having a licence from another member of the EEA doesn’t automatically allow them to operate in Germany. Also, a licence granted in Germany can’t replace the local registration in another EU country.
Crypto Securities Registration
Pursuant to the German Banking Act, crypto securities registration is a financial service requiring authorisation, and it is subject to requirements regarding the business organisation and the conduct of business. Essentially, crypto securities are regulated by the German Electronic Securities Act.
The German Electronic Securities Act entered into force in June 2021 and enabled the issuance of securities through entry into an electronic securities register without the requirement to issue a physical certificate. In accordance with the act, crypto securities registration is defined as a financial service. Electronic securities that are issued through entry in a crypto securities register are referred to as crypto securities. This crypto securities register can be operated on the basis of distributed ledger technology (DLT) systems and is used for the initial issuance of electronic securities. From a legal perspective, an electronic security only comes into existence when it’s entered into the register.
The transfer of electronic securities will generally continue to be governed by the provisions of the German Civil Code. The crypto securities register should facilitate the creation of secure, decentralised databases that are also designed to record securities transactions. Moreover, the lawmakers adopted an option to facilitate the introduction of crypto funds by this regulation, which are defined as unit certificates issued through a crypto securities register. Such a regulation would be issued by the Federal Ministry of Justice and Consumer Protection and the Federal Ministry of Finance.
BaFin is authorised to keep the crypto securities register with the aim to enforce the protection of investors and to ensure that market activities are transparent, and smooth, and guarantee market integrity. The process of maintaining the register will probably be automated and based on algorithms. BaFin will also publish a public list of the crypto securities on Bundesanstalt für Finanzdienstleistungsaufsicht website which is only for information purposes and doesn’t give rise to any legal effects. When the number of notifications reaches a certain level, an electronic interface to BaFin will be set up for crypto securities issuers. This will be the way for the issuers to submit the required information which includes the issuer’s name, registrar entity, date of entry of the crypto securities into the crypto securities register, and changes made to the crypto security.
It’s necessary for the crypto securities register to define a liable person which is a party that can be dealt with as a legal entity, under the German Electronic Securities Act referred to as the registrar entity. In the crypto securities register, this is the person that’s designated as the registrar entity by the issuer who’s responsible for ensuring clarity in relation to this aspect. If the registrar entity isn’t clear, the issuer itself is treated as the registrar entity and consequently becomes a person liable for the same supervisory requirements. When the authorisation is granted, the registrar entity can set up a crypto securities register, the purpose of which will be to register crypto securities. This licence can’t be passported, as it’s not harmonised with EU legislation.
Crypto Licensing Process in Germany
Crypto authorisation applications are submitted to BaFin which handles all licensing procedures. Only complete applications accompanied by all required documents are accepted by the authority. If required information or documentation isn’t yet available, the justification should be provided, with the estimated date of submission. Upon grant of authorisation, every applicant is normally obligated to pay a fee of 10,750 EUR. A fee will also apply if the application is rejected and also in case of the withdrawal of the application for authorisation. A fee may also be charged for the suspension of the authorisation procedure since it also requires administrative resources.
Once the applicant has submitted a complete application, BaFin must inform the applicant whether authorisation is granted or refused within six months. However, the duration of the authorisation process depends on the individual case and is significantly determined by the complexity of the applicant’s business model, and the quality and completeness of the submitted documents.
If during the process of the application preparation questions related to supervisory legislation arise, and the answers to these questions are considered likely to be critical for the granting of this authorisation, applicants can contact either BaFin or their Deutsche Bundesbank regional office. It’s strictly forbidden to start operating prior to receiving appropriate authorisation.
The applications must be signed by persons authorised to represent the crypto company and can be submitted digitally, in line with the requirements of section 3a of the German Administrative Procedure Act, i.e., only if signed with a qualified electronic signature. Documents and declarations can be submitted in a simple digital format if the relevant statutory provisions don’t require the submission of the original or a handwritten signature. Documents submitted digitally should always be sent through secure communication channels (e.g. PGP or S/MIME-encrypted emails).
The annual supervision fees are defined based on individually attributable public services provided by Bafin within the applicable regulatory framework and depending on the complexities of the supervised business can reach up to 500,000 EUR.
Prestige and worldwide recognition of the jurisdiction
All cryptocurrency transactions are regulated by EU law
Germany is the 4th most innovative country in the world
The German market is more than 82 million people
Open a Crypto Company in Germany
Generally, the formation and operations of German companies are governed by Company Law. One of the most popular legal business structures in Germany is a Company with Limited Liability (GmbH), the formation of which takes up to three weeks and it’s regulated by the Act Concerning Companies with Limited Liability.
While many businesses can start operations during the process of the registration of the company, most of the crypto companies aren’t permitted to do so as they first need to obtain an appropriate licence in accordance with applicable legislation. As mentioned earlier, it usually involves complying with AML/CFT laws and having to meet such requirements as establishing an internal risk-based approach, customer due diligence and know-your-customer policies without which a crypto company wouldn’t be eligible for a licence.
Key steps of opening a crypto company in Germany:
- Prepare all the required documentation (passport copies of the owners and directors, business plan, Articles of Association, etc.) – our team can assist you with the preparation, including certified translation and notarisation
- Choose a purpose and a name for the business
- Register a local office
- Appoint suitable directors, one of which must be local (for certain business models one director will suffice)
- Transfer required initial share capital
- Submit a notarised application to the Commercial Register Court which will register the company with the Commercial Registry and inform relevant authorities about the incorporation
- Apply for a crypto licence from BaFin
For tax purposes cryptocurrencies are viewed as private assets, which implies certain tax liabilities. For instance, cryptocurrencies held for at least a year are eligible for a 25% Capital Gains allowance. Regardless of cryptocurrency characteristics, however, crypto companies are obligated to pay most of the general taxes, including the standard Corporate Income Tax, the rate of which is 15,83%. The standard VAT tax is 19% but cryptocurrencies are VAT-exempt, while other types of tokens might be subject to VAT. In terms of tax reporting, companies are required, among other things, to disclose all relevant facts, most notably those pertaining to transactions with foreign companies.
German companies are subject to the German Generally Accepted Accounting Principles and the International Financial Reporting Standards. The annual financial statements of medium and large companies are to be audited by independent auditors. Small companies with less than 50 employees, assets worth no more than 6 mill. EUR, and an annual turnover of up to 12 mill. EUR doesn’t need to have an audit.
If you’re determined to obtain a crypto licence in the jurisdiction with the highest global standards and this way to build a sustainable crypto business, highly qualified and experienced consultants of Regulated United Europe (RUE) will be delighted to equip you with the necessary knowledge that will help you lay your path to success. We very well understand and closely monitor crypto-related legislation in Germany and thus can guide you through the process of establishing a company and obtaining a crypto licence. Moreover, we’re more than happy to assist you with financial accounting and tax optimisation. Book a personalised consultation now to start your new journey in the crypto industry.
FREQUENTLY ASKED QUESTIONS
Yes, a crypto business can’t operate in or from Germany without an appropriate licence. The Federal Financial Supervisory Authority (BaFin) is responsible for granting different types of crypto licence in Germany.
When a crypto business has a registered office in Germany, even if it only conducts crypto business with persons that aren’t residents of Germany. Also, a German crypto licence is required when a foreign company opens a legally dependent branch office or maintains another physical presence in Germany from where it engages in crypto-related economic activities regardless of the location of its customers.
A complete application form, accompanied by required documents, must be submitted to the Federal Financial Supervisory Authority (BaFin) electronically. Every applicant is also required to pay an application fee of 10,750 EUR which is non-refundable. The authority must inform the applicant whether authorisation is granted within six months following the submission of the application form.
Generally, every company is required to register as a taxpayer in Germany within a month following its registration with the Commercial Registry.
There are two types of crypto licences in Germany. A licence for a crypto custody business is regulated by the German Banking Act and it includes crypto exchanges. A separate authorisation is granted to companies engaged in the issuance of crypto securities through the entry into the electronic securities register, and it’s regulated by the German Electronic Securities Act. Such activities as crypto wallets, crypto mining, crypto investment advice and loans in cryptocurrencies are also licensable.
Provided that an application is of high quality, a German crypto licence can be obtained within six calendar months.
Yes. The annual supervision fees are mostly defined on a case-by-case basis as different types of crypto businesses require varied public services from the Federal Financial Supervisory Authority (BaFin). The annual fee can reach 500,000 EUR depending on the complexity of a supervised business.
Yes. There are no residence requirements for crypto company founders in Germany as long as they have the right to enter the country.
Opening a local bank account is a prerequisite when establishing a German company for crypto-related economic activities.
Crypto companies are required to pay taxes in accordance with the general taxation framework. Cryptocurrencies are treated as private assets for tax purposes which implies such tax liabilities as Capital Gains Tax as well as appropriate tax allowances.
While EU passporting is available for various financial services, a crypto custody licence can’t be passported into other EU countries and vice versa.
Applicants for a crypto custody licence must possess at least 125,000 EUR. Applicants for the crypto securities registry must possess at least 150,000 EUR.
If you want to open a company and obtain a crypto licence in Germany, when do you have to deposit the initial share capital?
Generally, the initial share capital has to be deposited during the company formation process.
Germany is certainly among the most reputable jurisdictions and therefore German crypto licensees are well respected and trusted by international investors. According to the 2021 Bloomberg Innovation Index, Germany ranks 4th among the most innovative countries in the world as the government consistently dedicates a lot of funds to research and development (R&D) activities and other resources to high-tech businesses.
German crypto companies are audited in accordance with the German Generally Accepted Accounting Principles and the International Financial Reporting Standards. Small companies with less than 50 employees, assets worth no more than 6 mill. EUR, and an annual turnover of up to 12 mill. EUR are exempt from statutory audits.
At least one company director must be a resident of Germany.
Yes. Pursuant to the Anti-Money Laundering Act, every crypto company must have internal control mechanisms designed to assess inherent risks, implement customer-due-diligence processes, and detect transactions linked to money laundering and terrorist financing.
Obtaining a crypto licence from the Federal Financial Supervisory Authority (BaFin) is a challenge in itself as the authority is very protective of the national financial market. Therefore, it’s imperative to be able to demonstrate robust internal processes and competence, as well as be able to back up any provided information with sufficient documentation when applying for a German crypto licence.
While a registered office address is a must, having a virtual office is still possible.
Yes. German crypto businesses can and must open a bank account at a German bank in accordance with general rules.
At the moment, the main services of our company are legal and compliance solutions for FinTech projects. Our offices are located in Tallinn, Vilnius, Prague, and Warsaw. The legal team can assist with legal analysis, project structuring, and legal regulation.