Crypto License in Finland

CASP authorization in Finland under MiCA in 2026.
Legal, tax and compliance roadmap for exchanges, custody and crypto service providers.

Request eligibility assessment
Regulator
FIN-FSA
Timeframe
From 6 months
Cost
21 500 EUR
Capital
From 50 000 EUR
Corporate setup and CASP prudential requirements are not the same

What crypto license in Finland means in 2026

In 2026, “crypto license in Finland” usually means authorization as a Crypto-Asset Service Provider (CASP) under Regulation (EU) 2023/1114, known as MiCA. The legacy Finnish VASP framework remains relevant mainly as historical context and for transition analysis, but new market entry planning should be built around the MiCA/CASP regime, the role of the Finnish Financial Supervisory Authority (FIN-FSA / Finanssivalvonta), and EU-wide conduct, governance and prudential expectations.

Finland is not a shortcut jurisdiction. It is a rules-based EU member state where applicants are expected to show real control over AML/CFT, sanctions screening, Travel Rule compliance, governance, ICT security, outsourcing oversight and client-asset protection. For serious founders, that is often an advantage: the same application architecture can support later EU passporting after authorization and notification.

RUE structures Finland CASP projects from service-scope mapping to document architecture, AML/CFT framework, governance pack, regulator-facing remediation and launch-readiness controls. We also align company setup, tax positioning, banking preparation and post-authorization operating model.

⚖️

MiCA-native legal framework

The practical licensing discussion in Finland is now centered on CASP authorization under MiCA, not on outdated “easy VASP registration” narratives.

🇪🇺

EU market access logic

After home-state authorization, a CASP may expand into other EU member states through the MiCA notification framework, subject to scope and procedural requirements.

🛡️

Strong compliance credibility

FIN-FSA-facing applications require substance in AML, governance, ICT security, outsourcing and safeguarding. This can improve banking and institutional counterpart perception.

🏢

Clear company law environment

Finnish company incorporation is handled separately from regulatory authorization. This distinction helps founders structure ownership, governance and tax planning correctly.

Crypto License in Finland

21,500 EUR
Package includes (8)
  • Preparation of necessary documents for registration of a new company in Finland
  • Translation of a certificate of no criminal record through a sworn translator
  • Payment of state fees related to company registration
  • Payment of notary fees related to company registration
  • Preparation of compliance documents for MiCA application
  • Preparation of a business plan
  • Submission of the necessary documents to FIN-FSA
  • Recruitment of local MLRO/Compliance officer
Order now
Timeframe: From 6 months

Additional Services

MiCA structuring & jurisdiction selection advisory within the EU
from 2,900 EUR
Legal qualification of tokens (utility vs EMT vs ART vs financial instrument under MiFID II)
from 3,900 EUR
Pre-application gap analysis and readiness assessment
from 4,900 EUR
Regulatory risk memo for business model validation
from 2,900 EUR
Cross-border structuring for non-EU founders entering the EU market
from 5,900 EUR
Annual compliance reviews and internal audits
from 4,900 EUR/year
Updating policies in line with ESMA / EBA guidelines
from 1,900 EUR
Assistance with opening crypto-friendly bank accounts / EMIs
from 2,900 EUR

Ready to Get Started?

Book a free 30-minute consultation with our licensing expert

Request Consultation

Core requirements for a crypto license in Finland

A Finnish company alone does not give the right to provide regulated crypto-asset services. The applicant must align its legal entity, actual business model and control framework with the authorization perimeter under MiCA. In practice, the regulator will look beyond the website and legal form and assess how the service really works: who controls client assets, who executes instructions, where onboarding happens, how monitoring is performed, and whether critical functions are outsourced with proper oversight.

The key mistake in this market is confusing corporate formation with regulatory readiness. A Finnish limited liability company may be incorporated first through the Finnish Patent and Registration Office (PRH), but authorization analysis then turns to ownership transparency, fit-and-proper management, AML/CFT controls, Travel Rule operations, complaints handling, ICT security, financial planning and internal governance.

Finnish legal entity and clear service scope +

The applicant normally needs a properly structured Finnish entity with a business model that can be mapped to specific crypto-asset services. Scope errors at this stage often cause later re-drafting of the full application pack.

UBO disclosure and ownership transparency +

Beneficial ownership must be transparent and documentable. Foreign ownership is possible in principle, but opaque chains, nominee-heavy structures or unexplained source-of-funds issues can create immediate regulatory friction.

Directors and managers fit and proper +

Management must show competence, integrity and time commitment. The regulator will expect evidence that key persons understand the actual crypto service model, not only generic corporate governance language.

AML/KYC, sanctions and Travel Rule framework +

AML is an operating system, not a template. You need customer due diligence, risk scoring, ongoing monitoring, suspicious activity escalation, sanctions and PEP screening, recordkeeping and a workable Travel Rule process for relevant transfers.

Governance and internal controls +

The application must show who controls what. This usually includes board oversight, segregated responsibilities, compliance reporting lines, conflict-of-interest handling, complaints procedures and documented decision-making.

ICT security and custody controls +

Where client crypto-assets or keys are involved, technical architecture matters. Regulators increasingly expect detail on wallet segregation, access control, key lifecycle, incident response, logging and vendor dependency management.

Outsourcing oversight +

Outsourcing does not outsource accountability. If onboarding, monitoring, custody tech or compliance tooling is delegated, the applicant still needs contracts, controls, escalation paths and an outsourcing register.

Financial plan and prudential readiness +

Share capital and regulatory own funds are different concepts. The prudential requirement depends on the service category and operating model; it should not be confused with the minimum capital mechanics of company incorporation.

Jurisdiction Comparison

Compare Finland with other jurisdictions by key conditions for obtaining and operating a MiCA/CASP license: regulator, review period, fees, capital, local substance, and passporting.

Countries to compare

Parameters

* This table focuses on MiCA/CASP authorization conditions. Use the settings icon to customize countries and parameters.

Taxation for crypto companies in Finland

For 2026, the headline corporate tax point is straightforward: Finnish corporate income tax is 20%. The difficult part is not the headline rate but the classification of revenue streams, cross-border flows, custody-related fees, token-related activity and the VAT treatment of specific services. Crypto businesses should therefore separate tax planning for the company from tax treatment of users, founders or investors.

VAT analysis must be service-specific. Finland’s standard VAT rate is 25.5% in 2026 where VAT applies generally, but crypto-related services cannot be reduced to a single blanket answer. Whether a given fee is exempt, taxable or mixed depends on the legal nature of the service, contractual structure and applicable EU VAT interpretation. This is particularly relevant for exchange interfaces, brokerage-like models, technology layers, SaaS compliance tools and bundled service packages.

Tax governance also matters operationally. A regulated crypto company should align bookkeeping, wallet reconciliation, fee recognition, treasury treatment, transfer pricing where relevant, and audit trail retention from day one. Founders often underestimate how quickly accounting complexity grows once the platform handles multiple asset flows, rebates, spreads, staking-related revenues or outsourced settlement operations. For tax implementation support, see accounting services and our jurisdiction-specific page on Finland crypto tax.

Corporate income tax

General corporate taxation of Finnish companies
20%

Finnish corporate income tax is 20%. Taxable profit depends on properly recognized revenues, deductible expenses, transfer-pricing position where relevant and accounting treatment of crypto-related operations.

VAT

Applies only where the relevant service is VAT-taxable
25.5%

The standard Finnish VAT rate is 25.5% in 2026 where applicable. Crypto services require case-by-case analysis because VAT treatment depends on the exact service type, legal qualification and invoicing structure.

Withholding and cross-border payments

Depends on payment type, treaty position and structure
case-based

Cross-border flows should be reviewed under domestic law and applicable tax treaties. This is relevant for management fees, royalties, intercompany services, outsourced technology arrangements and investor distributions.

Ongoing compliance after authorization

Authorization is the start of supervision, not the end of the project. In 2026, a Finland CASP must maintain live controls across AML, governance, ICT, outsourcing and client-facing operations.

🔎

AML and transaction monitoring

  • Risk-based customer due diligence and beneficial ownership verification
  • Ongoing monitoring of customer activity and blockchain transaction patterns
  • Sanctions and PEP screening with escalation workflow
  • Suspicious activity review, recordkeeping and reporting logic
  • Travel Rule data collection and transmission controls where relevant
🏛️

Governance and internal control

  • Board oversight and documented allocation of responsibilities
  • Conflict-of-interest management and complaints handling
  • Periodic review of policies, controls and risk appetite
  • Reliable MI and compliance reporting to management
  • Evidence that outsourced functions remain under effective control
🔐

ICT and custody resilience

  • Access control, audit logs and incident response procedures
  • Wallet governance, key management and segregation logic
  • Vendor due diligence for custody, analytics and KYC tools
  • Change management, vulnerability handling and business continuity
  • Client-asset protection measures aligned with the actual custody model
💡
RUE handles compliance for you. Our team provides ongoing compliance support, including AML officer services, regulatory reporting, and policy updates. We ensure your license stays in good standing year after year. Contact us for compliance support →

📝 Check Your Eligibility

Answer a few quick questions to find out if this jurisdiction suits your crypto business

Step 1 of 5

What type of crypto services will you provide?

Exchange (fiat ↔ crypto)
Custody & Wallet Services
Transfer & Payment Services
Advisory / Portfolio Management
Multiple / All of the Above
Step 2 of 5

What is your target market?

European Union only
EU + Global markets
Global (non-EU priority)
Step 3 of 5

Do you already have a registered company in the EU?

Yes, in this jurisdiction
Yes, in another EU country
No, I need to register one
Step 4 of 5

What is your available budget range?

Under €20,000
€20,000 – €50,000
€50,000 – €100,000
Over €100,000
Step 5 of 5

When do you plan to launch?

As soon as possible (1–3 months)
Within 6 months
Within a year
Just exploring options

This Jurisdiction Is a Great Fit!

Based on your answers, this jurisdiction matches your business requirements well. Here's a quick summary:

Recommended License

CASP License

Estimated Budget

€24,000 – €35,000

Estimated Timeframe

4–6 months

EU Passporting

Available

📞 Get Personalized Assessment

How to get authorized in Finland

Step 1

Scope the services

Define the exact crypto-asset services, custody model, target markets and client journey. This is the step that determines the rest of the file.

Step 2

Form the company

Incorporate the Finnish entity through PRH and align ownership, governance, UBO disclosure and corporate records with the planned regulated activity.

Step 3

Build the document pack

Prepare the program of operations, business plan, AML/CFT framework, risk assessment, governance documents, ICT policies, outsourcing register and financial projections.

Step 4

Test control readiness

Validate onboarding, sanctions screening, transaction monitoring, Travel Rule workflow, complaints handling, custody controls and vendor oversight before filing.

Step 5

Submit and answer Q&A

File the application and manage regulator questions, clarification rounds and remediation requests. Review is iterative and timing depends on completeness and complexity.

Step 6

Prepare for launch

After authorization, activate day-one controls, reporting logic, governance routines and operational monitoring so the business can launch on a supervised basis.

Start Your Application
Answers

Frequently Asked Questions

Open the key issues founders, compliance teams and legal leads usually need to confirm before launch.

Do I need a CASP authorization or only a VASP registration in Finland? +

In 2026, new planning should generally be assessed under the CASP framework of MiCA. The older VASP terminology remains useful mainly for historical and transition context. If your model involves regulated crypto-asset services, the safer legal starting point is MiCA scoping and FIN-FSA-facing authorization analysis.

Who regulates crypto companies in Finland? +

The key regulator for authorization is the Finnish Financial Supervisory Authority (FIN-FSA / Finanssivalvonta). PRH handles company registration, while the Finnish Tax Administration handles tax matters. At EU level, MiCA sits within the broader framework shaped through EUR-Lex, ESMA and, where relevant, EBA.

Can a foreign shareholder own 100% of a Finnish crypto company? +

Yes, foreign ownership is possible in principle. The practical condition is full ownership transparency, proper UBO disclosure and a structure that does not create unresolved compliance or source-of-funds concerns.

Is a local director mandatory in Finland? +

Not every case can be reduced to a blanket yes or no. The key issue is whether governance, effective management and local substance are credible for the actual business model. Some structures can work without a simplistic “mandatory local director” rule, but the regulator will still assess management effectiveness case by case.

How long does a crypto license in Finland usually take? +

A realistic project window is often measured in months, not weeks. Preparation may take 1-3 months or more depending on readiness, and regulator review can take 3-9+ months depending on complexity, completeness and remediation rounds. There is no reliable one-size-fits-all deadline.

What documents are usually required for a Finland CASP application? +

The core file usually includes a program of operations, business plan, governance framework, AML/CFT manual, risk assessment, ICT and security policies, outsourcing documentation and financial projections. Custody-heavy models also need a much deeper explanation of wallet architecture, key management and client-asset protection.

Can I operate before authorization is granted? +

Operating a regulated crypto-asset service without the required authorization creates enforcement and business-interruption risk. Founders should not assume that a company registration, a website disclaimer or a third-party white-label engine removes the licensing issue.

Does a Finland crypto license give access to the whole EU? +

It can support EU expansion, but passporting is procedural. After authorization in the home member state, the firm must follow the relevant notification process for cross-border services or branch activity. “Licensed in one country means automatic operation everywhere” is too simplistic.

What is the main tax rate for a crypto company in Finland? +

The headline corporate income tax rate is 20%. VAT treatment is more nuanced and depends on the exact service. Finland’s standard VAT rate is 25.5% in 2026 where VAT applies generally, but crypto services require case-specific analysis.

What is the biggest mistake applicants make? +

The biggest mistake is filing a generic package that does not match the real operating model. Weak service scoping, template AML documents, unclear custody logic, thin outsourcing oversight and unrealistic financials are the most common reasons for delays and expensive rework.

CONTACT US

RUE (Regulated United Europe) customer support team complies with high standards and requirements of clients. Based on feedback from clients worldwide, we continuously improve service quality and response speed to keep support practical and reliable.

Main offices of the international advisory legal company RUE (Regulated United Europe) are located in Estonia (Tallinn), Lithuania (Vilnius), Czech Republic (Prague) and Poland (Warsaw). Contact the most suitable for you branch, so that our company could provide comprehensive individually-tailored to your needs services.

Please leave your request

The RUE team understands the importance of continuous assessment and professional advice from experienced legal experts, as the success and final outcome of your project and business largely depend on informed legal strategy and timely decisions. Please complete the contact form on our website, and we guarantee that a qualified specialist will provide you with professional feedback and initial guidance within 24 hours.

    Main Services

    Terms of Cooperation

    Regulated United Europe

    Facebook Instagram YouTube LinkedIn
    Chambers Legal500