Regulated United Europe OÜ
Registration number: 14153440
Anno: 16.11.2016
Phone: +372 56 966 260
Email: info@rue.ee
Address: Laeva 2, Tallinn, 10111, Estonia
Crypto License in Croatia
Updated for 2026. In Croatia, crypto licensing is now assessed under the EU MiCA framework. For most operating models, the practical question is CASP authorization and post-approval EU passporting.
Request MiCA readiness assessment
Regulator
HANFA
Timeframe
From 6 months
Cost
23 900 EUR
Capital
From 50 000 EUR
Capital depends on MiCA service mix and the highest applicable bucket
Croatia under MiCA in 2026
Yes, there is a workable crypto license path in Croatia in 2026. For most exchanges, brokers, custodial wallet operators, transfer providers, advisers and portfolio managers, the relevant regime is CASP authorization under Regulation (EU) 2023/1114 (MiCA). Older statements that Croatia has no crypto license are outdated.
The key distinction is legal, not semantic: a CASP authorization is not the same as token issuance compliance. If a project issues crypto-assets, or deals with ARTs or EMTs, separate MiCA obligations may apply in parallel, and the Croatian National Bank (HNB) may become relevant depending on the structure.
For founders, the real decision points are four: whether the activity is a regulated crypto-asset service, whether the Croatian entity has sufficient substance, whether the AML/Travel Rule/DORA stack is operational, and whether the business model needs only CASP status or also an EMI or payment structure.
At RUE, we structure Croatia projects around the actual legal perimeter: CASP, issuer, EMT/ART, or hybrid fiat-crypto model. We prepare MiCA application files, AML and ICT documentation, regulator-facing remediation responses, and the linked workstreams for banking, accounting and EU expansion.
MiCA is the core legal framework
In 2026, the phrase crypto license in Croatia usually means CASP authorization under MiCA, not a legacy standalone local crypto permit.
HANFA is central for CASPs
HANFA is the key authority for most crypto-asset service providers, while HNB becomes relevant where token type or payment structure changes the regulatory perimeter.
Capital is service-based
Minimum own-funds thresholds under MiCA are commonly structured around EUR 50,000, EUR 125,000 or EUR 150,000, depending on the services provided.
Authorization can unlock EU passporting
A Croatian CASP can generally expand across the EU through notification mechanics, but passporting does not remove local tax, consumer-law or banking constraints.
Transition planning matters
Legacy VASP businesses cannot treat the transition period as open-ended. Missing the end of the transition window creates immediate operational risk.
Compliance is broader than AML
A viable 2026 application requires governance, AML/CFT, sanctions controls, Travel Rule implementation, outsourcing oversight and DORA-grade ICT resilience.
Crypto License in Croatia
23,900 EUR
Package includes (8)
- Preparation of necessary documents for registration of a new company in Croatia
- Translation of a certificate of no criminal record through a sworn translator
- Payment of state fees related to company registration
- Payment of notary fees related to company registration
- Preparation of compliance documents for MiCA application
- Preparation of a business plan
- Submission of the necessary documents to HANFA
- Recruitment of local MLRO/Compliance officer
Timeframe: From 6 months
Additional Services
MiCA structuring & jurisdiction selection advisory within the EU
from 2,900 EUR
Legal qualification of tokens (utility vs EMT vs ART vs financial instrument under MiFID II)
from 3,900 EUR
Pre-application gap analysis and readiness assessment
from 4,900 EUR
Regulatory risk memo for business model validation
from 2,900 EUR
Cross-border structuring for non-EU founders entering the EU market
from 5,900 EUR
Annual compliance reviews and internal audits
from 4,900 EUR/year
Updating policies in line with ESMA / EBA guidelines
from 1,900 EUR
Assistance with opening crypto-friendly bank accounts / EMIs
from 2,900 EUR
Core CASP requirements
A Croatian crypto application succeeds only if the business model, governance and control framework match MiCA in substance. Regulators do not assess a slide deck; they assess whether the applicant can operate a regulated crypto business on day one and continue doing so safely after launch.
The minimum review perimeter usually includes:
- regulated service mapping under MiCA;
- capital at the correct own-funds bucket;
- fit-and-proper management and transparent ownership;
- AML/CFT and sanctions controls aligned with EU standards;
- Travel Rule operating model for in-scope transfers;
- ICT governance and operational resilience consistent with DORA expectations;
- client asset handling, complaint management and outsourcing controls;
- credible local substance and decision-making in Croatia.
A shell company with outsourced everything is a weak file. Outsourcing is permitted, but responsibility remains with the authorized entity. That point is often underestimated in crypto structures built around foreign tech vendors.
MiCA service mapping +
The first question is whether the activity is a regulated crypto-asset service. Typical in-scope services include custody and administration of crypto-assets for clients, operation of a trading platform, exchange of crypto-assets for funds, exchange of crypto-assets for other crypto-assets, execution of orders, reception and transmission of orders, placing, advice, portfolio management and transfer services.
Minimum own funds +
MiCA uses service-based capital buckets. The commonly cited thresholds are EUR 50,000, EUR 125,000 and EUR 150,000. If a business combines several services, the higher applicable bucket generally drives the prudential baseline.
Fit and proper management +
Directors and key managers must be demonstrably suitable. The file must support competence, good repute, time commitment, role clarity and effective oversight. Nominee-style arrangements without real control are structurally weak.
Local substance +
Croatian presence must be real. The applicant should show operational substance, governance presence, documented decision-making and a credible control environment in Croatia. Substance is not reduced to a registered office.
AML and Travel Rule stack +
Crypto AML is a system, not a policy PDF. The firm needs onboarding rules, risk scoring, sanctions and PEP screening, blockchain analytics, transaction monitoring, escalation procedures, suspicious activity reporting logic and Travel Rule data exchange for in-scope transfers.
ICT and DORA readiness +
Cybersecurity is part of licensing, not a post-launch upgrade. Regulators expect access control, incident handling, logging, backup, disaster recovery, change management, vendor oversight and testing. A useful practical signal is whether the firm can evidence its control set against ISO 27001 or a comparable framework.
Outsourcing control +
Outsourcing does not outsource accountability. If KYC, transaction monitoring, wallet infrastructure, cloud hosting or customer support are delegated, the applicant still needs contracts, oversight, exit planning, concentration-risk analysis and board-level control.
Application file quality +
Weak documentation delays or derails the process. The file should include a program of operations, business plan, financial projections, governance map, AML manual, risk assessment, ICT policy set, outsourcing register, complaints policy, conflicts policy and client-asset handling documentation.
Jurisdiction Comparison
Compare Croatia with other jurisdictions by key conditions for obtaining and operating a MiCA/CASP license: regulator, review period, fees, capital, local substance, and passporting.
* This table focuses on MiCA/CASP authorization conditions. Use the settings icon to customize countries and parameters.
Tax treatment and cost reality
Tax analysis for a Croatian crypto business must separate company taxation from personal taxation. That distinction is where many summaries become misleading. A founder’s personal crypto gains and a licensed company’s operating income are not taxed under the same logic.
For companies, Croatian corporate income tax is generally discussed at two rates: 10% for taxpayers below the relevant revenue threshold and 18% above it. Threshold application should always be verified for the current tax year and the exact entity profile. For a CASP, the tax base depends on recognized income and deductible costs under ordinary corporate tax rules, not on retail crypto-tax folklore.
For individuals, Croatian crypto gains are commonly analyzed under capital-gains logic, with a frequently cited rate of 12% plus local surtax implications where relevant under the applicable rules. The treatment of holding periods, reporting and exemptions must be checked against current guidance from the Croatian Tax Administration. Personal rules should not be copied into treasury, inventory or market-making analysis for a company.
VAT requires separate attention. Certain exchange-related services may follow the EU line developed around financial-service treatment, but token issuance, advisory, software, SaaS and ancillary services can produce different outcomes. A CASP should also prepare for future data-reporting pressure under DAC8, even where the tax cash cost is not immediate.
Real cost planning should include more than taxes: legal drafting, MLRO/compliance staffing, audit, accounting, Travel Rule integration, blockchain analytics, cloud security, local directors or senior managers, office substance and banking onboarding all affect the total cost of ownership.
Corporate income tax
Applies to Croatian legal entities on taxable profits.
10% / 18%
Corporate income tax
Applies to Croatian legal entities on taxable profits.
The commonly referenced Croatian CIT rates are 10% and 18%. Which rate applies depends on the taxpayer’s status under the current threshold rules. For a crypto company, accounting classification matters: proprietary holdings, client assets, fees, spreads, staking-related income and token inventory may affect recognition differently.
Personal capital gains
Relevant to individuals, not to the licensed company itself.
12%
Personal capital gains
Relevant to individuals, not to the licensed company itself.
The often-cited personal rate is 12%, subject to the current Croatian rules and reporting framework. This area should be checked carefully for holding-period treatment and filing obligations. It is a personal-tax topic, not a substitute for corporate structuring advice.
VAT analysis
Depends on the exact service and transaction flow.
case-based
VAT analysis
Depends on the exact service and transaction flow.
VAT is not uniform across crypto-related revenues. Exchange functions may be treated differently from advisory, software licensing, token-design services, white-paper drafting support or platform subscriptions. Mixed-revenue CASPs should review VAT mapping before launch.
DAC8 reporting impact
EU tax transparency layer for crypto-asset reporting.
n/a
DAC8 reporting impact
EU tax transparency layer for crypto-asset reporting.
DAC8 is not a tax rate, but it is a tax-compliance burden. It increases data collection, classification and reporting expectations for crypto-asset service providers and can materially affect onboarding architecture and recordkeeping.
Ongoing compliance after authorization
A Croatian CASP is not a one-time filing project. The operating model must remain compliant across AML, governance, client protection, ICT resilience and cross-border activity.
Governance and controls
- Maintain a clear governance map with accountable management functions and board oversight.
- Keep fit-and-proper records current for directors, senior managers and qualifying shareholders.
- Review conflicts of interest, complaints handling and client disclosures on a recurring basis.
- Document material changes before expanding service scope or outsourcing critical functions.
AML CFT and sanctions
- Operate risk-based KYC, CDD and EDD with source-of-funds and source-of-wealth logic where needed.
- Run sanctions, PEP and adverse-media screening with ongoing monitoring, not only at onboarding.
- Use transaction monitoring and blockchain analytics calibrated to the actual customer and asset risk.
- Implement Travel Rule data exchange for in-scope transfers, often using IVMS101-based messaging.
ICT and DORA alignment
- Maintain an ICT risk-management framework with access control, logging, backup and recovery.
- Track incidents, escalation paths and post-incident remediation in a regulator-ready format.
- Assess cloud, wallet, KYC and analytics vendors as third-party ICT dependencies.
- Test resilience through vulnerability management, business continuity and disaster-recovery exercises.
Passporting and reporting
- Use the MiCA notification process before starting cross-border services in other EU states.
- Keep host-state marketing, consumer-law and tax-presence issues under separate review.
- Retain records that support supervisory requests, tax reporting and future DAC8 obligations.
- Treat banking and fiat-settlement relationships as an ongoing compliance workstream.
RUE handles compliance for you. Our team provides ongoing compliance support, including AML officer services, regulatory reporting, and policy updates. We ensure your license stays in good standing year after year.
Contact us for compliance support →
📝 Check Your Eligibility
Answer a few quick questions to find out if this jurisdiction suits your crypto business
Step 1 of 5
What type of crypto services will you provide?
Exchange (fiat ↔ crypto)
Custody & Wallet Services
Transfer & Payment Services
Advisory / Portfolio Management
Multiple / All of the Above
Step 2 of 5
What is your target market?
European Union only
EU + Global markets
Global (non-EU priority)
Step 3 of 5
Do you already have a registered company in the EU?
Yes, in this jurisdiction
Yes, in another EU country
No, I need to register one
Step 4 of 5
What is your available budget range?
Under €20,000
€20,000 – €50,000
€50,000 – €100,000
Over €100,000
Step 5 of 5
When do you plan to launch?
As soon as possible (1–3 months)
Within 6 months
Within a year
Just exploring options
This Jurisdiction Is a Great Fit!
Based on your answers, this jurisdiction matches your business requirements well. Here's a quick summary:
Recommended License
CASP License
Estimated Budget
€24,000 – €35,000
Estimated Timeframe
4–6 months
EU Passporting
Available
Roadmap to get licensed
Step 1
Scope services
Define exactly which MiCA services the Croatian entity will provide. This determines whether the project is a CASP, an issuer case, or a hybrid structure needing broader analysis.
Step 2
Choose structure
Set up the Croatian entity, ownership chain and governance model. Confirm whether the business also needs payment, EMT or other regulatory analysis beyond CASP.
Step 3
Map regulators
Identify whether HANFA is the primary authority and whether HNB or other frameworks become relevant because of stablecoin, redemption or fiat-flow features.
Step 4
Build governance
Appoint credible management, allocate responsibilities, document local substance and prepare fit-and-proper support for directors, senior managers and owners.
Step 5
Draft compliance set
Prepare the program of operations, AML/CFT manual, risk assessment, Travel Rule model, ICT and DORA-aligned policies, outsourcing register and client-protection documents.
Step 6
Fund capital
Confirm the applicable own-funds bucket, arrange capital support and align financial projections with the actual cost of compliance, staffing and technology.
Step 7
File and remediate
Submit the application, manage completeness review and answer substantive regulator questions with evidence-based revisions rather than generic explanations.
Step 8
Launch and passport
After authorization, finalize banking and vendor readiness, implement ongoing monitoring and use MiCA notification mechanics before expanding into other EU markets.
Answers
Frequently Asked Questions
Open the key issues founders, compliance teams and legal leads usually need to confirm before launch.
Is crypto legal in Croatia in 2026? +
Yes. Crypto activity is not outside the law in Croatia in 2026. The relevant question is which EU and Croatian rules apply to the exact model. For most operating businesses, the main framework is MiCA, with related obligations under AML/CFT, the Travel Rule and DORA.
Is there a crypto license in Croatia today? +
Yes, but the correct legal term is usually CASP authorization. In practice, when founders ask about a crypto license in Croatia, they usually mean authorization as a crypto-asset service provider under MiCA. Token issuers and stablecoin-related projects may fall under separate MiCA rules.
Who regulates crypto companies in Croatia? +
For most CASP models, HANFA is the key authority. The Croatian National Bank (HNB) becomes relevant where the structure touches ART, EMT or adjacent payment and prudential questions. The exact split depends on the business model, not on branding alone.
What services require CASP authorization in Croatia? +
MiCA captures a defined list of crypto-asset services. These include custody and administration, operation of a trading platform, exchange for funds, exchange for crypto-assets, execution of orders, placing, reception and transmission of orders, advice, portfolio management and transfer services.
How much capital is needed for a Croatian CASP? +
The standard MiCA own-funds thresholds commonly referenced are EUR 50,000, EUR 125,000 and EUR 150,000. The applicable amount depends on the service mix. If several services are combined, the higher relevant bucket generally drives the minimum capital logic.
How long does the approval process take? +
A realistic end-to-end timeline is usually 3-6+ months, not just the formal review clock. The process includes pre-filing preparation, entity and substance setup, documentation build, completeness review, substantive review and one or more remediation rounds.
What documents are usually required for the application? +
The file usually includes corporate documents, ownership and UBO evidence, a program of operations, business plan, financial projections, governance map, AML/CFT policies, risk assessment, ICT policies, outsourcing documentation, complaints handling and client-asset procedures. The exact list varies by model.
Can a Croatian CASP passport services across the EU? +
Yes, generally through MiCA notification mechanics. Authorization in Croatia can support expansion across the 27 EU member states. However, passporting does not remove local marketing, consumer-law, tax or banking issues in the target state.
Does a CASP license guarantee banking or SEPA access? +
No. Licensing helps, but it does not guarantee a bank account, direct infrastructure access or frictionless SEPA connectivity. Banks and payment partners still run their own AML, risk and commercial onboarding analysis.
What happens if a legacy firm misses the transition deadline? +
The risk is a forced stop of in-scope activity. A business relying on transitional status should not assume indefinite continuation. Missing the end of the transition window can leave the firm without a lawful basis to continue regulated services.
Can foreigners own a Croatian crypto company? +
Yes, foreign ownership is generally possible, but transparency is mandatory. The ownership chain, ultimate beneficial owners, source of funds and governance arrangements must be clear and support a fit-and-proper assessment. Foreign ownership does not remove the need for Croatian substance.
Do I only need a CASP analysis for a stablecoin or token project? +
Not always. A token or stablecoin project may require issuer analysis under MiCA rather than, or in addition to, CASP authorization. If the structure involves EMTs, ARTs, redemption mechanics or fiat payment flows, the legal perimeter can widen materially.
Main Services
Terms of Cooperation
Regulated United Europe
