Lithuania has emerged as one of Europe’s leading fintech hubs, attracting hundreds of cryptocurrency businesses seeking regulatory clarity and market access. As an early adopter of comprehensive crypto regulation, Lithuania now operates under the EU’s unified MiCA (Markets in Crypto-Assets) framework, positioning itself as a gateway to the entire European market. With streamlined licensing processes, competitive costs, and full EU passporting rights, Lithuania offers crypto entrepreneurs a compelling jurisdiction for establishing compliant operations.

This comprehensive guide will walk you through every aspect of obtaining a crypto license in Lithuania in 2025. By the end of this article, you’ll understand the types of licenses available, detailed requirements, step-by-step application procedures, tax implications, and ongoing compliance obligations. Whether you’re launching a crypto exchange, custodial wallet service, or advisory platform, this guide provides the expert knowledge you need to navigate Lithuania’s regulatory landscape successfully.

This guide is brought to you by the Legal Nodes Team, including experienced crypto lawyers and compliance specialists who have helped over 400 companies establish their crypto businesses across 20+ jurisdictions.

MiCA (Markets in Crypto-Assets Regulation) is the European Union’s comprehensive regulatory framework that governs all crypto-asset activities across 27 member states. Officially adopted in 2023 and entering into full force throughout 2024-2025, MiCA represents the world’s most extensive crypto regulation, establishing unified rules for crypto service providers, token issuers, and market participants.

For Lithuania, MiCA marked a significant transition. Previously, the country operated under its own VASP (Virtual Asset Service Provider) licensing system, which included two license types: VCESP (Virtual Currency Exchange Service Provider) and VCWSP (Virtual Currency Wallet Service Provider). As of April 29, 2025, Lithuania fully aligned its national rules with MiCA, replacing the old VASP system with the new CASP (Crypto-Asset Service Provider) classification.

The transformation brings several critical advantages. First, MiCA introduces a three-tier CASP licensing structure (Classes 1, 2, and 3) that more precisely matches business models to regulatory requirements. Second, it establishes the principle of EU passporting — a license obtained in Lithuania automatically grants the right to provide services across all EU member states without obtaining separate licenses in each country. This is similar to how a driver’s license valid in one EU country works throughout the union.

Third, MiCA assigns legal status to tokens based on their economic purpose, not their underlying technology. This creates clear categories: Utility Tokens (providing access to services), Asset-Referenced Tokens or ARTs (multi-collateral stablecoins), and E-Money Tokens or EMTs (single-currency stablecoins). Each category has specific issuance and operational requirements.

Lithuania was among the first EU countries to implement MiCA-compliant regulations, demonstrating its commitment to maintaining its position as a crypto-friendly jurisdiction. Companies that held old VASP licenses received a transition period extending until December 31, 2025, to upgrade to CASP licenses. New applicants apply directly under the CASP framework.

Understanding EU Passporting

The concept of EU passporting is revolutionary for crypto businesses. Once you obtain a CASP license in Lithuania, you can legally provide your services in all 27 EU member states — a market of over 450 million people — without applying for separate licenses in France, Germany, Spain, Italy, or any other EU country. You simply notify the relevant authorities in target markets and comply with local consumer protection rules.

This makes Lithuania an optimal entry point: obtain one license, access the entire European market. Compare this to non-EU jurisdictions where you’d need separate licenses for each country, or even to some EU countries where the licensing process is slower or more expensive than Lithuania’s streamlined approach.

Under MiCA, Lithuania offers three classes of CASP licenses, each permitting progressively broader ranges of crypto activities. Understanding which class fits your business model is the first critical decision in your licensing journey.

Class 1 is the entry-level CASP license designed for businesses providing advisory and intermediary services without holding client assets. This license is ideal for crypto consultants, brokers, and portfolio managers who facilitate transactions but don’t take custody of cryptocurrencies.

Permitted Activities Under Class 1:

– Reception and transmission of orders: Accepting client orders to buy or sell crypto-assets and transmitting them to third-party platforms for execution
– Execution of orders on behalf of clients: Executing buy/sell orders for clients using your own systems or third-party infrastructure
– Placing of crypto-assets: Marketing and distributing crypto-assets on behalf of issuers
– Portfolio management: Managing crypto-asset portfolios on a discretionary basis for clients
– Providing advice on crypto-assets: Offering professional investment advice and recommendations regarding crypto-assets

Minimum Capital Requirement: €50,000

Typical Business Models: Crypto advisory firms, non-custodial brokerage platforms, portfolio management services, crypto investment consultants

Important Limitation: Class 1 does NOT permit custodial services (holding client assets) or operating an exchange platform. If you plan to store client cryptocurrencies or private keys, you need Class 2 or higher.

Class 2 builds upon Class 1 by adding the most sought-after capabilities in crypto business: custodial services and exchange operations. This is where you can legally hold client assets and private keys, making it essential for crypto wallets and exchange platforms.

Permitted Activities Under Class 2 (includes all Class 1 activities PLUS):

– Custody and administration of crypto-assets on behalf of clients: Storing cryptocurrencies and managing private keys for clients (custodial wallet services)
– Exchange of crypto-assets for fiat currency: Operating fiat-to-crypto exchange services (e.g., EUR to BTC)
– Exchange of crypto-assets for other crypto-assets: Facilitating crypto-to-crypto trading (e.g., BTC to ETH)

Minimum Capital Requirement: €125,000

Typical Business Models: Custodial wallet providers, crypto exchange platforms, hybrid services combining custody and trading, crypto payment processors

This is the license tier that platforms like Coinbase, Binance, or Kraken operate under (or equivalent licenses in their jurisdictions). If your business model involves holding client funds — even temporarily during transactions — you need Class 2 minimum.

Enhanced Requirements: Class 2 licensees face stricter operational requirements, including mandatory professional indemnity insurance (minimum €100,000 per claim, €500,000 annual aggregate), robust cybersecurity measures, segregation of client and company funds, and comprehensive AML/KYC procedures.

Class 3 is the comprehensive license for full-scale exchange operators who manage their own trading infrastructure and marketplace. This is the highest tier of CASP licensing, designed for businesses operating centralized exchanges where buyers and sellers meet.

Permitted Activities Under Class 3 (includes all Class 1 and 2 activities PLUS):

– Operation of a trading platform for crypto-assets: Running a marketplace that brings together multiple third-party buyers and sellers, facilitating peer-to-peer (P2P) and business-to-consumer (B2C) trading

Minimum Capital Requirement: €150,000

Typical Business Models: Centralized cryptocurrency exchanges (CEX), trading platforms with order books, multi-sided marketplaces for crypto-assets

While Class 2 allows you to facilitate exchanges (acting as the counterparty or intermediary), Class 3 allows you to operate the marketplace itself — the platform where multiple parties trade with each other. Think of the difference between a currency exchange booth (Class 2) and a stock exchange building (Class 3).

Enhanced Operational Requirements: Class 3 licensees must demonstrate robust market infrastructure, including order matching systems, liquidity management, market surveillance to prevent manipulation, transparent pricing mechanisms, and comprehensive reporting to regulators. The Bank of Lithuania expects Class 3 operators to maintain institutional-grade technology and operational resilience.

Comparison Table: CASP License Classes

Beyond service provider licensing, MiCA establishes clear categories for crypto-assets themselves. Understanding token classification is crucial if you plan to issue tokens or facilitate their trading. Each category has distinct regulatory requirements.

Utility tokens are digital assets that provide holders with access to a specific product or service within a blockchain ecosystem. Unlike securities, utility tokens don’t represent ownership stakes or investment contracts — they’re functional tools within a platform.

Key Characteristics:

– Provide access to a current or future product/service
– Not designed as investment vehicles
– Value derives from utility, not profit expectations
– Can be used for governance, access rights, or consumption

Regulatory Treatment: Utility token issuers don’t need prior authorization from regulators, but they must publish a comprehensive whitepaper containing detailed information about the project, token economics, rights and obligations, and risks. The whitepaper must be filed with the Bank of Lithuania and made publicly available.

Example: Filecoin (FIL) is a classic utility token. Holders use FIL to pay for decentralized storage space on the Filecoin network. The token’s primary purpose is accessing the storage service, not investment speculation.

For CASP Operators: You can facilitate trading of utility tokens, provide custody services, or assist with Initial Coin Offerings (ICOs) of utility tokens under your CASP license. The issuer handles whitepaper compliance; you ensure proper AML/KYC for token buyers.

Asset-Referenced Tokens (ARTs) are stablecoins backed by a basket of diverse assets designed to maintain stable value. Unlike single-currency stablecoins, ARTs derive stability from multiple reserve assets, which may include fiat currencies, commodities, cryptocurrencies, or other financial instruments.

Key Characteristics:

– Backed by a reserve of multiple assets (e.g., 50% EUR + 30% USD + 20% gold)
– Designed to maintain stable value relative to the basket
– More complex than single-currency stablecoins
– Subject to stringent reserve and redemption requirements

Regulatory Treatment: Issuing ARTs requires prior authorization from the Bank of Lithuania. Issuers must be established in the EU, maintain robust reserve management, ensure redemption rights, publish regular reserve audits, and comply with strict capital requirements. Only authorized credit institutions, investment firms, or specially licensed ART issuers can offer ARTs.

Example: DAI is a decentralized multi-collateral stablecoin backed by various crypto-assets locked in smart contracts. While DAI’s decentralized nature creates regulatory complexity, centralized ARTs follow clearer authorization paths.

For CASP Operators: You can provide custody and exchange services for authorized ARTs under your CASP license. However, issuing ARTs yourself requires separate authorization and significantly higher capital reserves. Most CASPs facilitate trading of ARTs issued by third parties rather than issuing their own.

E-Money Tokens (EMTs) are stablecoins pegged 1:1 to a single fiat currency. They represent the most straightforward form of stablecoin, functioning essentially as digital versions of traditional currencies.

Key Characteristics:

– Pegged to a single fiat currency (e.g., 1 EURT = 1 EUR)
– Backed by equivalent reserves in the reference currency
– Redeemable at par value at any time
– Subject to e-money regulations

Regulatory Treatment: Only licensed credit institutions (banks) or Electronic Money Institutions (EMIs) can issue EMTs. This is the most heavily regulated token category. Issuers must maintain 100% reserves, ensure instant redemption, comply with banking regulations, and undergo regular audits.

Examples: EURT (Euro Tether), USDC (USD Coin), and USDT (Tether) are classic EMTs, each pegged to a single fiat currency.

For CASP Operators: You can provide custody, exchange, and trading platform services for EMTs issued by authorized entities. You cannot issue EMTs yourself unless you also hold a banking or EMI license — a separate, more complex licensing process beyond CASP scope.

Obtaining a CASP license in Lithuania requires meeting a comprehensive set of legal, financial, and operational requirements. The Bank of Lithuania and Financial Crime Investigation Service (FCIS) conduct thorough due diligence to ensure only qualified, compliant operators enter the market.

1. Legal Entity Registration

You must establish a Lithuanian legal entity, typically a UAB (Uždaroji akcinė bendrovė) — the Lithuanian equivalent of a limited liability company (LLC). The UAB must be registered with the Register of Legal Entities before applying for a CASP license.

Requirements:
– Unique company name (must be checked for availability)
– Registered legal address in Lithuania (virtual offices are permitted)
– Articles of Association clearly stating crypto-related business activities
– Minimum one shareholder (can be individual or corporate, resident or non-resident)
– Minimum one director (can be non-resident)

2. Director and Management Requirements

Your company must have qualified management meeting the “fit and proper” standard. Directors and senior managers must demonstrate:

– Clean criminal record: No convictions for financial crimes, fraud, money laundering, or other serious offenses
– Professional competence: Relevant experience in financial services, technology, or crypto industries
– Financial soundness: No history of bankruptcy or insolvency
– Reputation: Good standing in business community with verifiable references

Good news: Directors and shareholders can be non-residents and manage the company remotely. Lithuania doesn’t require local directors, making it accessible for international entrepreneurs.

3. AML/Compliance Officer Appointment

This is the critical requirement that trips up many applicants: you must appoint an AML Officer (Compliance Officer) who is a Lithuanian tax resident. This person cannot be a non-resident managing remotely.

AML Officer Requirements:
– Must be a tax resident of Lithuania (living in Lithuania for 183+ days per year)
– Clean criminal record (especially no financial crimes)
– Professional qualifications in AML/compliance (certifications preferred)
– Deep knowledge of MiCA, AMLD6, Lithuanian AML laws
– Fluency in Lithuanian language (for regulator communication)
– Available for interviews with Bank of Lithuania

The AML Officer is responsible for implementing and overseeing all anti-money laundering and counter-terrorist financing procedures, conducting risk assessments, filing suspicious activity reports, and serving as the primary compliance contact with regulators.

Solution: If you don’t have a suitable Lithuanian resident on your team, you can outsource this function to professional compliance firms that provide qualified AML officers on a contract basis. Legal Nodes offers this service as part of our turnkey licensing package.

4. Ultimate Beneficial Owner (UBO) Disclosure

You must disclose all Ultimate Beneficial Owners — individuals who directly or indirectly own more than 25% of shares or voting rights, or otherwise exercise control over the company. UBOs undergo the same “fit and proper” checks as directors.

Required UBO Information:
– Full legal name and date of birth
– Nationality and country of residence
– Passport or national ID details
– Percentage of ownership/control
– Source of funds for capital contribution
– Criminal record certificates from all countries of residence (past 5 years)

1. Minimum Share Capital

Your UAB must maintain minimum authorized capital based on your license class:

– Class 1 CASP: €50,000
– Class 2 CASP: €125,000
– Class 3 CASP: €150,000

This capital must be registered and paid in full before submitting your license application. The capital serves as a financial cushion to cover operational costs and potential liabilities.

Capital Contribution Options:

Option A: Monetary Contribution (faster)
– Open a temporary deposit account with a Lithuanian bank
– Transfer the required amount in EUR
– Obtain bank confirmation of deposit
– Register capital with the commercial registry
– Timeline: 1-2 weeks

Option B: Non-Monetary Contribution (more flexible)
– Contribute assets such as cryptocurrency, equipment, intellectual property, or real estate
– Hire a sworn appraiser to evaluate assets and confirm EUR equivalent
– Notarize appraisal documents
– Submit to commercial registry
– Timeline: 3-4 weeks

Unique Advantage: Lithuania uniquely allows cryptocurrency as capital contribution. If you hold significant crypto assets, you can contribute them (e.g., BTC or ETH stored in a cold wallet) instead of converting to fiat. A sworn appraiser evaluates the crypto’s EUR value at the time of contribution, and this becomes your registered capital.

2. Professional Indemnity Insurance

Class 2 and Class 3 CASPs must maintain professional indemnity insurance covering operational risks, cyber incidents, and client losses due to errors or negligence.

Minimum Coverage Requirements:
– €100,000 per single claim
– €500,000 annual aggregate limit
– Coverage must include cyber risks, custody failures, and operational errors

Insurance must be obtained from a reputable provider authorized to operate in the EU. Proof of insurance is required at application and must be maintained throughout operations.

3. Ongoing Capital Maintenance

You must maintain the minimum capital at all times. If your capital falls below the threshold due to losses, you must restore it within a specified timeframe or face license suspension. Regular financial reporting to the Bank of Lithuania ensures compliance.

Financial Requirements Summary Table:

Operational compliance is where many applicants struggle. Lithuania requires robust, documented systems and procedures before granting a license. These aren’t theoretical policies — regulators expect evidence of implementation readiness.

1. Anti-Money Laundering and Know Your Customer (AML/KYC) Procedures

You must develop and implement comprehensive AML/KYC procedures compliant with:
– Lithuania’s Law on the Prevention of Money Laundering and Terrorist Financing
– EU’s 6th Anti-Money Laundering Directive (AMLD6)
– MiCA-specific AML requirements
– Travel Rule and Transfer of Funds Regulation (TFR)

Required AML/KYC Components:

Customer Due Diligence (CDD):
– Identity verification (government-issued ID, biometric verification)
– Proof of address (utility bills, bank statements)
– Source of funds and source of wealth checks
– PEP (Politically Exposed Persons) screening
– Sanctions list screening (OFAC, EU, UN)
– Adverse media checks

Enhanced Due Diligence (EDD):
– Required for high-risk customers (high transaction volumes, high-risk jurisdictions, PEPs)
– Deeper investigation into business activities and fund sources
– Ongoing monitoring with increased frequency

Transaction Monitoring:
– Real-time monitoring of all transactions for suspicious patterns
– Automated alerts for unusual activity (large transactions, rapid movement, structuring)
– Manual review procedures for flagged transactions
– Record-keeping of all monitoring activities

Suspicious Activity Reporting (SAR):
– Procedures for identifying suspicious transactions
– Internal reporting chain (staff → AML Officer → FCIS)
– Filing SARs with Financial Crime Investigation Service (FCIS)
– Prohibition on “tipping off” customers about SAR filings

Travel Rule Compliance:
– For crypto transfers between CASPs, transmit originator and beneficiary information
– Applies to all transfers (no minimum threshold under EU rules)
– Technical implementation (IVMS101 standard or equivalent)

Transfer of Funds Regulation (TFR):
– For transfers to/from self-hosted wallets over €1,000, verify wallet ownership
– Collect and store information on wallet owners
– Report transactions over €15,000 to FCIS (even if not suspicious)

Record Keeping:
– Maintain all customer identification documents for 5 years after relationship ends
– Maintain transaction records for 5 years
– Ensure records are readily accessible for audits and investigations

2. Cybersecurity and Data Protection

Crypto businesses are prime targets for cyberattacks. Lithuania requires robust cybersecurity measures to protect client assets and data.

Mandatory Security Measures:

Authentication and Access Control:
– Multi-factor authentication (MFA) for all user accounts
– Role-based access control for internal systems
– Strong password policies (complexity, rotation)
– Biometric authentication for high-value transactions

Encryption:
– End-to-end encryption for all data transmission
– Encryption of data at rest (databases, backups)
– Secure key management (HSMs for private keys)

Cold Storage:
– Majority of client crypto assets (typically 80-95%) stored in cold wallets (offline)
– Multi-signature wallets for cold storage
– Geographically distributed backup keys

Network Security:
– Firewalls and intrusion detection systems
– DDoS protection
– Regular penetration testing (at least annually)
– Vulnerability assessments and patching

Incident Response:
– Written incident response plan
– Designated incident response team
– Procedures for containment, investigation, and recovery
– Notification protocols (regulators, clients, law enforcement)

GDPR Compliance:
– Data protection impact assessments
– Privacy policies and user consent mechanisms
– Data subject rights procedures (access, rectification, erasure)
– Data breach notification (within 72 hours to authorities)

3. Digital Operational Resilience Act (DORA) Compliance

As of January 2025, all CASPs must comply with DORA, the EU regulation ensuring digital operational resilience of financial entities.

DORA Requirements:

ICT Risk Management:
– Comprehensive ICT risk management framework
– Regular risk assessments
– Business continuity and disaster recovery plans
– Backup and restoration procedures

Incident Reporting:
– Classification of ICT incidents by severity
– Reporting major incidents to regulators within strict timeframes
– Root cause analysis and remediation

Digital Operational Resilience Testing:
– Regular testing of systems and procedures
– Advanced testing for critical systems (penetration tests, red team exercises)
– Scenario-based testing of crisis management

Third-Party Risk Management:
– Due diligence on all ICT service providers (cloud, KYC vendors, payment processors)
– Contractual provisions ensuring resilience
– Monitoring and auditing of third-party performance

Information Sharing:
– Participation in information-sharing arrangements on cyber threats
– Cooperation with authorities on threat intelligence

4. Segregation of Funds

Client funds and crypto assets must be strictly segregated from company operational funds. This ensures client assets are protected even if the company faces financial difficulties.

Segregation Requirements:
– Separate bank accounts for client fiat funds
– Separate wallets for client crypto assets
– Clear accounting showing client vs. company assets
– Regular reconciliation and audits
– Prohibition on using client funds for company operations

Now that you understand the requirements, let’s walk through the practical process of obtaining your CASP license. The full journey from initial planning to license approval typically takes 3-6 months, depending on the complexity of your business model and the completeness of your application.

Before diving into registration, take 1-2 weeks to solidify your strategy and gather essential materials. Proper preparation prevents costly delays later.

Key Tasks:

1. Define Your Business Model
– Clearly articulate what services you’ll provide (exchange, custody, advisory, etc.)
– Identify your target markets (retail, institutional, specific jurisdictions)
– Determine your technology stack (proprietary platform, white-label, third-party integrations)
– Outline your revenue model (trading fees, subscription, spreads, etc.)

2. Choose the Appropriate License Class
– Map your intended services to Class 1, 2, or 3 permitted activities
– Consider future expansion plans (it’s harder to upgrade later than to start with the right class)
– Assess capital availability for the required minimum

3. Draft a Comprehensive Business Plan

Your business plan is not just a formality — regulators scrutinize it to assess viability and compliance. A strong business plan includes:

– Executive Summary: Overview of company, services, and market opportunity
– Company Description: Legal structure, ownership, management team
– Services Offered: Detailed description of each crypto service
– Market Analysis: Target customers, competitive landscape, market size
– Marketing and Sales Strategy: Customer acquisition channels, pricing strategy
– Technology and Operations: Platform architecture, security measures, third-party providers
– Compliance Framework: AML/KYC procedures, risk management, regulatory approach
– Financial Projections: 3-year revenue, expense, and profit forecasts; break-even analysis
– Risk Assessment: Identification of key risks (market, operational, regulatory, cyber) and mitigation strategies

4. Collect and Prepare Founder Documents

Gather personal documents for all shareholders, directors, and UBOs:
– Passport or national ID (notarized copies)
– Proof of address (utility bill, bank statement dated within 3 months)
– Criminal record certificates from all countries of residence (past 5 years)
– CV/resume demonstrating relevant experience
– Source of funds declaration (for capital contribution)
– Bank reference letters

Tip: Obtain criminal record certificates early — they can take 2-4 weeks in some countries and must be apostilled for international use.

With preparation complete, you’re ready to establish your Lithuanian legal entity. Thanks to Lithuania’s digitalized infrastructure, this process can be completed entirely remotely.

Step-by-Step Process:

Step 2.1: Reserve Your Company Name
– Check name availability in the Register of Legal Entities database
– Ensure the name includes “UAB” designation
– Verify the name doesn’t infringe trademarks or mislead (e.g., can’t include “Bank” without banking license)
– Reserve the name (valid for 6 months)

Step 2.2: Draft Articles of Association

The Articles of Association (company charter) must include:
– Company name and registered address
– Business activities (must explicitly mention crypto-asset services)
– Share capital amount and structure
– Shareholder information and ownership percentages
– Management structure (board of directors)
– Decision-making procedures
– Profit distribution rules

Important: Business activities must clearly state crypto services. Generic descriptions like “financial services” are insufficient. Specify: “provision of crypto-asset exchange services,” “custody of crypto-assets,” “operation of crypto trading platform,” etc.

Step 2.3: Notarize Documents

All founding documents must be notarized:
– Articles of Association
– Shareholder agreements (if applicable)
– Director appointment documents
– Power of attorney (if using a representative)

You can use a Lithuanian notary remotely via video conference, or notarize documents in your home country and have them apostilled for use in Lithuania.

Step 2.4: Submit Application Online

Lithuania’s e-Government gateway portal allows online company registration:
– Create an account on the portal
– Complete the company registration form
– Upload notarized documents
– Pay the registration fee (approximately €150)
– Submit application

Step 2.5: Receive Registration Certificate

The Register of Legal Entities reviews your application (typically 3-5 business days). Upon approval, you receive:
– Company registration certificate
– Company code (unique identification number)
– Entry in the public register

Your UAB is now officially established and can open bank accounts, sign contracts, and conduct business.

Step 2.6: Register Legal Address

You must have a registered legal address in Lithuania. Options:
– Virtual office: Cost-effective (€50-€200/month), provides legal address and mail handling
– Co-working space: Flexible (€200-€500/month), provides address and occasional workspace
– Dedicated office: More expensive (€500-€2,000+/month), necessary for larger teams

Virtual offices are fully compliant for CASP licensing — you don’t need physical office space unless you have local employees.

With your UAB registered, you must contribute the required share capital before applying for the CASP license. You have two options: monetary or non-monetary contribution.

Option A: Monetary Contribution (Faster – 1 week)

Process:
1. Open a temporary deposit account at a Lithuanian bank (some banks offer this specifically for capital contributions)
2. Transfer the required amount (€50,000, €125,000, or €150,000) in EUR from a bank account in your name
3. Obtain an official bank confirmation letter stating the amount deposited
4. Submit the bank confirmation to the Register of Legal Entities
5. The registry updates your company record to show capital as “paid in full”

Advantages: Fast, straightforward, no valuation needed
Disadvantages: Requires liquid EUR funds

Option B: Non-Monetary Contribution (More Complex – 3-4 weeks)

Process:
1. Identify assets to contribute (cryptocurrency, equipment, intellectual property, real estate)
2. Hire a sworn appraiser licensed in Lithuania to evaluate the assets
3. The appraiser conducts valuation and issues an official appraisal report confirming the EUR equivalent value
4. Notarize the appraisal report
5. Transfer the assets to the company (e.g., transfer crypto to company wallet, assign IP rights)
6. Submit the notarized appraisal and proof of asset transfer to the Register of Legal Entities
7. The registry updates your company record to show capital as “paid in full”

Cryptocurrency as Capital:

If contributing cryptocurrency:
– Store the crypto in a cold wallet (hardware wallet or paper wallet)
– Provide the appraiser with wallet addresses and proof of ownership (signed messages)
– The appraiser evaluates the crypto’s EUR value on the valuation date (using average prices from major exchanges)
– After appraisal, the crypto remains in the company’s possession as capital

Advantages: Preserves cash, allows crypto-native founders to use existing holdings
Disadvantages: Takes longer, requires appraiser fees (€1,000-€3,000), subject to crypto price volatility during valuation

Important Note: Once contributed, the capital must remain in the company. You can’t withdraw it for personal use. It serves as the company’s financial foundation and regulatory buffer.

Regulators won’t approve your license without robust, tailored compliance policies. This is where many applicants stumble — generic templates are immediately rejected. Your policies must reflect your specific business model, target markets, and risk profile.

Required Policy Documents:

1. AML/CFT Policy

Comprehensive anti-money laundering and counter-terrorist financing policy covering:
– Risk assessment methodology
– Customer due diligence procedures (CDD and EDD)
– Ongoing monitoring and transaction surveillance
– Suspicious activity detection and reporting
– Record-keeping requirements
– Staff training programs
– Internal controls and audit procedures

2. KYC Procedures Manual

Detailed step-by-step procedures for customer onboarding:
– Identity verification methods (document checks, biometric verification)
– Proof of address verification
– Source of funds and source of wealth checks
– PEP and sanctions screening
– Risk categorization of customers (low, medium, high risk)
– Enhanced due diligence triggers and procedures
– Customer acceptance and rejection criteria

3. Risk Management Framework

Overall approach to identifying, assessing, and mitigating risks:
– Risk categories (AML, operational, cyber, market, liquidity, reputational)
– Risk assessment methodology
– Risk appetite statement
– Risk mitigation strategies
– Risk monitoring and reporting
– Escalation procedures

4. Data Protection and Privacy Policy

GDPR-compliant data handling procedures:
– Legal basis for data processing
– Data collection, storage, and retention policies
– Data subject rights procedures (access, rectification, erasure, portability)
– Data breach notification procedures
– Third-party data sharing and processors
– International data transfers (if applicable)

5. Cybersecurity and Incident Response Plan

Measures to protect systems and respond to incidents:
– Security architecture and controls
– Access management and authentication
– Encryption and key management
– Network security and monitoring
– Incident classification and response procedures
– Business continuity and disaster recovery
– Third-party security assessments

6. Transaction Monitoring Procedures

How you’ll detect suspicious activity:
– Automated monitoring rules and thresholds
– Alert generation and review procedures
– Investigation and escalation processes
– SAR filing procedures
– Travel Rule and TFR compliance procedures

7. Staff Training Program

How you’ll ensure staff competence:
– Initial training for new employees
– Ongoing training schedule (at least annually)
– Training content (AML, GDPR, cybersecurity, fraud detection)
– Training records and attestation

Customization is Critical:

Your policies must be tailored to your business. For example:
– If you’re a custodial wallet provider, emphasize cold storage security and key management
– If you’re an exchange, focus on transaction monitoring and market manipulation detection
– If you serve high-risk jurisdictions, detail enhanced due diligence procedures
– If you handle large transactions, explain how you verify source of funds

AML Officer Involvement:

This is when you should hire and onboard your AML officer (Lithuanian tax resident). The AML officer should be actively involved in drafting these policies, as they’ll be responsible for implementing and overseeing them. Regulators often interview the AML officer to assess their competence and understanding of the policies.

With your company established, capital contributed, and policies developed, you’re ready to submit your CASP license application to the Bank of Lithuania.

Application Process:

Step 5.1: Access the e-Government Portal

Lithuania’s licensing applications are submitted through the e-Government gateway portal. You’ll need:
– Company electronic signature (obtained after UAB registration)
– Director’s electronic signature or power of attorney

Step 5.2: Complete the CASP License Application Form

The application form requests detailed information:
– Company details (name, code, address, contact information)
– License class requested (Class 1, 2, or 3)
– Specific crypto-asset services to be provided
– Shareholder information and ownership structure
– Director and management information
– AML Officer details
– Description of business model and target markets
– Technology and infrastructure description
– Third-party service providers (KYC vendors, payment processors, cloud providers)

Step 5.3: Upload Required Documents

You must upload a comprehensive document package:

Corporate Documents:
– Company registration certificate
– Articles of Association
– Shareholder register
– Director appointment documents
– Proof of registered address

Financial Documents:
– Proof of share capital contribution (bank confirmation or appraisal report)
– Professional indemnity insurance certificate (Class 2 and 3)
– 3-year financial projections
– Proof of financial soundness of shareholders and UBOs

Personal Documents (for all directors, shareholders, UBOs, AML Officer):
– Passport or national ID copies
– Proof of address
– Criminal record certificates (apostilled)
– CV/resume
– Fit and proper declarations

Compliance Documents:
– AML/CFT Policy
– KYC Procedures Manual
– Risk Management Framework
– Data Protection Policy
– Cybersecurity and Incident Response Plan
– Transaction Monitoring Procedures
– Staff Training Program

Business Documents:
– Detailed business plan
– Description of services
– Target market analysis
– Marketing and customer acquisition strategy
– Technology architecture documentation
– Third-party service agreements (or drafts)

Step 5.4: Pay Application Fee (if applicable)

As of 2025, Lithuania does not charge a state fee for CASP license applications. However, verify current requirements, as fee structures can change.

Step 5.5: Submit and Receive Confirmation

After uploading all documents and completing the form:
– Review everything for accuracy and completeness
– Submit the application electronically
– Receive an automatic confirmation email with application reference number
– The Bank of Lithuania begins its review

Critical Success Factor: Completeness and Accuracy

Incomplete or inaccurate applications are the primary cause of delays and rejections. Double-check:
– All documents are uploaded in the correct format (usually PDF)
– All documents are in Lithuanian or accompanied by certified Lithuanian translations
– All signatures and notarizations are valid
– All information is consistent across documents (e.g., names spelled identically)
– All required fields in the form are completed

After submission, the Bank of Lithuania conducts a thorough review of your application. While the official timeline is up to 65 working days (approximately 3 months), in practice, the process often takes 2-4 months from submission to final decision, depending on the complexity of your business and the regulator’s workload.

What Happens During Review:

1. Initial Completeness Check (1-2 weeks)

The Bank of Lithuania first verifies that your application is complete. If any required documents are missing or improperly formatted, you’ll receive a request for additional information. Respond promptly — delays in your response extend the overall timeline.

2. Substantive Review (4-8 weeks)

Regulators conduct in-depth analysis of your application:

Business Model Assessment:
– Is the business model viable and sustainable?
– Are financial projections realistic?
– Does the company have adequate resources to operate?
– Are target markets clearly defined?

Compliance Evaluation:
– Are AML/KYC policies comprehensive and tailored?
– Does the risk management framework adequately address identified risks?
– Are cybersecurity measures sufficient?
– Is the company prepared for DORA compliance?

Personnel Assessment:
– Do directors and managers meet fit and proper standards?
– Does the AML Officer have adequate qualifications and experience?
– Is the management team capable of running a compliant crypto business?

Financial Assessment:
– Is the share capital adequate for the intended activities?
– Are financial projections realistic?
– Does the company have sufficient financial resources to cover operational costs during the startup phase?

3. Regulator Inquiries and Clarifications (ongoing)

During review, the Bank of Lithuania may request:
– Clarifications on specific aspects of your business plan
– Additional information about technology infrastructure
– Revisions to compliance policies
– Supplementary financial documentation
– Interviews with key personnel (directors, AML Officer)

Common Inquiry Topics:
– “Please explain how you will monitor transactions for suspicious activity in real-time.”
– “Provide more detail on your cold storage security measures.”
– “Clarify your customer acceptance criteria for high-risk jurisdictions.”
– “Explain how you will ensure compliance with the Travel Rule.”
– “Provide evidence of your AML Officer’s qualifications and experience.”

4. Interviews and Meetings

The Bank of Lithuania may request video conference or in-person meetings with:
– Company directors to assess competence and commitment
– AML Officer to evaluate understanding of compliance obligations
– Technical staff to review cybersecurity and operational resilience

These interviews are not adversarial — they’re opportunities to demonstrate your expertise and preparedness. Be professional, transparent, and knowledgeable.

5. Background Checks

Regulators conduct background checks on all key persons:
– Verification of criminal record certificates
– Checks against international sanctions lists
– Review of past business activities and reputations
– Financial soundness verification

6. Final Decision (1-2 weeks after all inquiries resolved)

Once all questions are answered and all checks completed, the Bank of Lithuania makes a final decision:
– Approval: License granted, company added to CASP register
– Conditional Approval: License granted subject to specific conditions (e.g., “must hire additional compliance staff within 3 months”)
– Rejection: Application denied with reasons stated

Critical Success Factors:

Prompt Responses: Respond to all regulator inquiries within the requested timeframe (typically 5-10 business days). Delays signal lack of preparedness.

Professional Communication: All communication should be professional, clear, and in Lithuanian (or English if permitted). Avoid vague or evasive answers.

Transparency: Be honest and transparent. If you don’t know something, say so and commit to providing the information. Never provide false or misleading information — it can result in immediate rejection and potential criminal referral.

Preparation for Interviews: Ensure your directors and AML Officer are thoroughly prepared for interviews. They should deeply understand your business model, compliance framework, and regulatory obligations.

Congratulations! Once the Bank of Lithuania approves your application, you’ll receive official notification and your company will be listed in the public CASP register. But your work isn’t done — now comes the operational phase.

Receiving Your License:

1. Approval Notification

You’ll receive an official notification from the Bank of Lithuania stating:
– Your license has been approved
– The license class granted (Class 1, 2, or 3)
– Specific crypto-asset services you’re authorized to provide
– Any conditions or restrictions attached to the license
– Your obligations as a licensed CASP

2. CASP Register Entry

Your company will be added to the public CASP register maintained by the Bank of Lithuania. This register is accessible online and includes:
– Company name and registration number
– License class
– Authorized services
– Date of license issuance
– Contact information

Being listed in the register is proof of your licensed status and builds trust with clients, partners, and banks.

3. License Certificate

You’ll receive an official license certificate (digital and/or physical) that you can display on your website and provide to banks and partners as proof of authorization.

Post-Licensing Operational Setup:

With your license in hand, you can now proceed with operational launch:

1. Open Corporate Bank Account

Now that you’re a licensed CASP, you can approach banks to open operational accounts:
– C2B (Customer-to-Business) Account: For accepting payments from retail clients
– B2B (Business-to-Business) Account: For operational expenses and partner settlements

Opening a bank account for a crypto business remains challenging, but being licensed significantly improves your chances. See the dedicated section below on bank account opening.

2. Integrate KYC/AML Providers

Implement your KYC and transaction monitoring systems:
– Select and contract with KYC verification providers (e.g., Onfido, Jumio, Sumsub)
– Integrate identity verification APIs into your platform
– Set up transaction monitoring software (e.g., Chainalysis, Elliptic, CipherTrace)
– Configure automated alert rules based on your risk assessment
– Train staff on using these systems

3. Set Up Payment Infrastructure

Establish payment processing capabilities:
– Integrate payment gateways for fiat deposits/withdrawals (e.g., SEPA, credit cards)
– Set up crypto wallet infrastructure (hot wallets for operations, cold wallets for storage)
– Implement multi-signature security for wallets
– Test all payment flows thoroughly

4. Finalize Third-Party Agreements

Execute contracts with all third-party service providers:
– KYC/AML vendors
– Payment processors
– Cloud infrastructure providers
– Cybersecurity firms
– Legal and compliance advisors

Ensure all agreements include appropriate data protection, security, and liability provisions.

5. Conduct Internal Testing

Before launching to the public:
– Test all platform functionality (registration, KYC, deposits, trading, withdrawals)
– Conduct security audits and penetration testing
– Simulate various customer scenarios (low-risk, high-risk, suspicious activity)
– Verify that all compliance procedures work as documented
– Train customer support staff

6. Launch Operations

Once everything is tested and operational:
– Soft launch to a limited user base (beta testing)
– Monitor closely for any issues
– Gather feedback and make improvements
– Full public launch
– Begin marketing and customer acquisition

License Validity and Maintenance:

Your CASP license is valid indefinitely — there’s no expiration date or renewal requirement. However, maintaining your license requires continuous compliance with all regulatory obligations (see the Ongoing Obligations section below).

Failure to maintain compliance can result in:
– Warnings and corrective action orders
– Fines and penalties
– License suspension
– License revocation

Opening a bank account is often the biggest hurdle for crypto companies — but it’s absolutely essential for operations. Without a bank account, you can’t accept fiat deposits, pay suppliers, or conduct normal business activities. Here’s what you need to know.

The Challenge:

Traditional banks are notoriously risk-averse when it comes to crypto businesses. Even with a valid CASP license, many banks will decline to open accounts for crypto companies due to:
– Perceived money laundering risks
– Regulatory uncertainty (despite MiCA clarity)
– Lack of internal expertise in crypto
– Conservative risk appetite

The Solution: Crypto-Friendly Banks and EMIs

Your best bet is targeting banks and Electronic Money Institutions (EMIs) with experience in high-risk sectors and crypto businesses. These institutions understand the crypto industry and have appropriate risk management frameworks.

Types of Accounts Needed:

1. C2B (Customer-to-Business) Account

Purpose: Accepting payments from retail customers (deposits, purchases)

Typical Use Cases:
– Fiat deposits from customers for crypto purchases
– Payment processing for crypto services
– Receiving funds from payment gateways

Requirements: Stricter due diligence, higher compliance standards, detailed transaction monitoring

2. B2B (Business-to-Business) Account

Purpose: Operational expenses and partner settlements

Typical Use Cases:
– Paying salaries and contractors
– Paying suppliers and service providers
– Receiving payments from business partners
– General operational banking

Requirements: Standard business account requirements, less scrutiny than C2B accounts

New 2025 Requirement:

As of January 1, 2025, Lithuanian CASPs must maintain accounts with:
– A bank licensed in Lithuania, OR
– A foreign bank with a Lithuanian branch

This means you can’t rely solely on offshore or non-EU banks. You must have at least one account meeting this requirement.

Bank Account Requirements:

Banks will scrutinize your application extensively. Expect to provide:

Corporate Documents:
– Company registration certificate
– Articles of Association
– CASP license certificate
– Shareholder register
– Director appointment documents
– Beneficial ownership declaration

Business Information:
– Detailed business plan
– Description of services and business model
– Target markets and customer profiles
– Expected transaction volumes and amounts
– Source of funds (company capital and expected revenues)
– Marketing and customer acquisition strategy

Compliance Documents:
– AML/CFT Policy
– KYC Procedures
– Transaction monitoring procedures
– Risk assessment
– Compliance officer details

Personal Documents (for all directors and UBOs):
– Passport or national ID
– Proof of address
– Criminal record certificates
– CV/resume
– Source of wealth declaration
– Bank reference letters

Financial Information:
– Proof of share capital
– Financial projections
– Expected account turnover
– Explanation of fund flows

The Application Process:

1. Research and Selection (1 week)

Identify crypto-friendly banks and EMIs:
– Research institutions known to work with crypto businesses
– Check if they accept clients in your business model (exchange, wallet, etc.)
– Verify they offer the account types you need (C2B, B2B)
– Consider fees, features, and reputation

2. Initial Inquiry (1 week)

Contact the bank’s business banking department:
– Submit a preliminary inquiry describing your business
– Provide basic company information and CASP license details
– Ask about their appetite for crypto clients
– Request a list of required documents

Many banks will decline at this stage if they don’t work with crypto. Don’t be discouraged — move on to the next option.

3. Application Submission (1 week)

If the bank is interested:
– Complete the bank’s application forms
– Gather and submit all required documents
– Pay any application fees
– Submit the application

4. Due Diligence and Review (2-6 weeks)

The bank conducts extensive due diligence:
– Review of all documents
– Background checks on directors and UBOs
– Assessment of business model and risk profile
– Verification of CASP license status
– Possible interviews with directors or compliance officer

The bank may request additional information or clarifications. Respond promptly and professionally.

5. Decision and Account Opening (1 week)

If approved:
– Receive account opening confirmation
– Sign account agreements
– Receive account details (IBAN, SWIFT, online banking credentials)
– Make initial deposit (if required)
– Account becomes operational

Total Timeline: 2-4 weeks (if approved on first attempt)

Challenges and Solutions:

Challenge 1: Multiple Rejections

It’s common to be rejected by 3-5 banks before finding one that accepts you.

Solution: Work with experts who have established relationships with crypto-friendly banks. Legal Nodes has partnerships with multiple banks and EMIs that regularly accept crypto clients. We guarantee successful bank account opening as part of our turnkey service.

Challenge 2: High Fees

Crypto-friendly banks often charge higher fees than traditional banks (monthly maintenance, transaction fees, compliance fees).

Solution: Factor these costs into your business model. Typical costs: €200-€1,000/month maintenance, 0.5-2% transaction fees.

Challenge 3: Account Limitations

Some banks impose transaction limits or restrictions on crypto businesses (e.g., maximum monthly turnover, restrictions on certain countries).

Solution: Clarify all limitations upfront. Negotiate higher limits if possible. Consider opening accounts with multiple banks to diversify risk.

Challenge 4: Account Closure Risk

Banks can close accounts with little notice if they perceive increased risk or change their risk appetite.

Solution: Maintain excellent compliance records. Provide proactive updates to the bank about your business. Have backup banking relationships ready.

Crypto-Friendly Banking Options:

While we can’t endorse specific banks, consider these categories:

European EMIs: Electronic Money Institutions often have more flexible risk appetites than traditional banks. Many specialize in fintech and crypto clients.

Fintech Banks: Modern digital banks with tech-savvy management are often more open to crypto businesses.

Crypto-Specialized Institutions: Some banks and EMIs specifically target crypto businesses, offering tailored services.

Traditional Banks with Crypto Divisions: A few traditional banks have established dedicated crypto/fintech divisions.

Understanding your tax obligations is crucial for financial planning and compliance. Lithuania offers a competitive tax environment for crypto businesses, with some attractive incentives for small companies.

Standard Corporate Income Tax Rate:

Lithuania’s standard corporate income tax rate is 15% on taxable profits. As of 2025, this rate increases to 16% for most companies.

Small Business Tax Exemption:

Small crypto businesses can qualify for significantly reduced rates:

5% Rate: Companies with fewer than 10 employees and annual revenue under €300,000 can elect to pay a reduced 5% corporate income tax rate.

0% Rate: Micro-businesses meeting even stricter criteria (typically sole proprietorships or very small companies) may qualify for 0% corporate tax under certain conditions.

Eligibility Requirements:
– Fewer than 10 full-time equivalent employees
– Annual revenue below €300,000
– Not engaged in certain excluded activities (varies by specific tax regime)
– Proper accounting and tax filing

Distributed vs. Undistributed Profits:

Lithuania uses a unique corporate tax system: only distributed profits (dividends paid to shareholders) are taxed. Undistributed profits that remain in the company are not subject to corporate income tax.

This creates a powerful tax optimization opportunity:
– Reinvest profits in the business without paying tax
– Accumulate capital for expansion
– Delay dividend distributions to defer tax

When you do distribute dividends, they’re taxed at the applicable corporate rate (15%/16% or 5%/0% for small businesses).

Dividend Withholding Tax:

When dividends are paid to shareholders, a 15% withholding tax (WHT) applies. However, this can be reduced or eliminated under:
– EU Parent-Subsidiary Directive (0% WHT for qualifying EU parent companies)
– Double taxation treaties (reduced rates for shareholders in treaty countries)

Example Tax Calculation:

Scenario: Your crypto exchange generates €500,000 profit in 2025.

Option A: Distribute All Profits
– Corporate income tax (16%): €80,000
– Net profit after tax: €420,000
– Dividend WHT (15%): €63,000
– Net to shareholders: €357,000
– Total tax: €143,000 (28.6% effective rate)

Option B: Retain All Profits
– Corporate income tax: €0 (undistributed profits)
– Profits reinvested in business: €500,000
– Total tax: €0 (0% effective rate)

This demonstrates the power of Lithuania’s system for growth-focused businesses.

Corporate Tax Rates Summary:

VAT Exemption for Crypto Services:

Great news for crypto operators: cryptocurrency exchange and wallet services are NOT subject to VAT. The EU classifies these as financial services, which are VAT-exempt.

VAT-Exempt Crypto Activities:
– Cryptocurrency exchange services (fiat-to-crypto, crypto-to-crypto)
– Custodial wallet services
– Crypto brokerage and intermediary services
– Crypto trading platform operation

This means you don’t charge VAT to customers for these services, and you don’t collect or remit VAT to tax authorities.

VAT on Goods and Services Paid in Crypto:

However, if you accept cryptocurrency as payment for goods or services (not crypto itself), standard VAT rules apply.

Example: If you sell merchandise (t-shirts, hardware wallets) and accept Bitcoin as payment, you must charge 21% VAT on those sales, just as you would for EUR payments.

Standard VAT Rate: 21% on most goods and services in Lithuania

Accounting Treatment:

For accounting and tax purposes, all cryptocurrency transactions must be converted to EUR at the time of transaction. Use the average exchange rate from major exchanges (Coinbase, Binance, Kraken) on the transaction date.

VAT Registration:

If your annual turnover exceeds €45,000, you must register for VAT. However, since your core crypto services are VAT-exempt, you likely won’t need to charge or collect VAT unless you also sell VAT-able goods or services.

Investment Purchases and Sales:

Buying and selling cryptocurrency for investment purposes (not as a business activity) is also VAT-exempt. This applies to your company’s treasury management — if you hold crypto as an investment, buying and selling it doesn’t trigger VAT.

VAT Treatment Summary:

Beyond corporate income tax and VAT, you’ll need to account for payroll-related taxes and other obligations.

1. Social Insurance Contributions

Rate: 19.5% of gross salary

Employers must pay social insurance contributions for all employees. This covers:
– Pension insurance
– Sickness and maternity benefits
– Unemployment insurance
– Work injury insurance

Example: If you pay an employee €3,000/month gross salary, you pay an additional €585/month in social insurance.

2. Medical Insurance Contributions

Rate: 6.98% of gross salary

Separate from social insurance, medical insurance contributions fund the national healthcare system.

Example: On a €3,000/month salary, you pay an additional €209.40/month in medical insurance.

Total Payroll Tax Burden: 19.5% + 6.98% = 26.48% on top of gross salaries

3. Personal Income Tax (withheld from employee salaries)

Rate: 20% (standard rate) or 32% (for high earners above certain thresholds)

While this is paid by employees (withheld from their salaries), you’re responsible for withholding and remitting it to tax authorities.

4. Capital Gains Tax

If your company sells assets (including cryptocurrency holdings), capital gains are taxed at 15%.

Example: Your company bought 10 BTC at €30,000 each (€300,000 total) and sold them at €40,000 each (€400,000 total). Capital gain: €100,000. Tax: €15,000.

5. Real Estate Tax

If you own real estate (office space), you’ll pay real estate tax based on the property’s value. Rates vary by municipality (typically 0.3-3% of property value annually).

6. Other Taxes and Fees

– State fees: Various administrative fees for permits, registrations, etc.
– Environmental taxes: If applicable to your operations (unlikely for crypto businesses)
– Excise duties: Not applicable to crypto services

Complete Tax Overview:

Getting the license is just the beginning — maintaining it requires continuous compliance with regulatory obligations. Failure to meet these requirements can result in warnings, fines, license suspension, or revocation.

1. Suspicious Activity Reports (SARs)

You must file Suspicious Activity Reports with the Financial Crime Investigation Service (FCIS) for any transactions or customer behavior that raises red flags.

When to File a SAR:
– Unusual transaction patterns (e.g., rapid deposits and withdrawals)
– Transactions inconsistent with customer profile
– Attempts to evade KYC procedures
– Suspected money laundering or terrorist financing
– Transactions involving sanctioned individuals or entities
– Customer refuses to provide requested information

Filing Process:
– Internal detection (automated alerts or manual identification)
– Investigation by AML Officer
– Decision to file SAR
– Submit SAR to FCIS through secure portal
– Maintain confidentiality (do not inform customer)

Timeline: File SARs immediately upon suspicion (typically within 24-48 hours of detection)

2. Large Transaction Reporting

All cryptocurrency transactions of €15,000 or more must be reported to FCIS, even if not suspicious.

Reporting Requirements:
– Transaction amount and date
– Sender and recipient information
– Cryptocurrency type
– Purpose of transaction (if known)
– Any other relevant details

Timeline: Report within 3 business days of transaction

3. Travel Rule and TFR Compliance Reporting

For transfers between CASPs or to/from self-hosted wallets over €1,000:
– Collect and transmit originator and beneficiary information
– Verify self-hosted wallet ownership
– Maintain records of all transfers
– Report to FCIS as required

4. Financial Reports to Bank of Lithuania

Submit regular financial and operational reports to the Bank of Lithuania:

Quarterly Reports:
– Financial statements (balance sheet, income statement, cash flow)
– Transaction volumes and statistics
– Customer numbers and demographics
– Operational metrics

Annual Reports:
– Audited financial statements (required annually)
– Comprehensive operational report
– Compliance report (AML/KYC effectiveness, incidents, improvements)
– Risk assessment update

Ad Hoc Reports:
– Material changes to business model or services
– Changes in management or ownership
– Significant incidents (cyber attacks, data breaches, large losses)
– Regulatory inquiries or investigations

5. Audited Financial Statements

You must engage an independent auditor to conduct an annual audit of your financial statements. The audited statements must be:
– Prepared according to International Financial Reporting Standards (IFRS) or Lithuanian accounting standards
– Submitted to the Bank of Lithuania
– Filed with the Register of Legal Entities
– Made publicly available

6. Transaction Monitoring Systems

Maintain and continuously operate transaction monitoring systems that:
– Monitor all transactions in real-time
– Generate alerts for suspicious patterns
– Integrate with sanctions screening
– Maintain audit trails
– Produce reports for AML Officer review

Regular System Maintenance:
– Update monitoring rules based on emerging risks
– Calibrate alert thresholds to minimize false positives
– Conduct periodic testing of system effectiveness
– Train staff on system use and alert investigation

1. Minimum Capital Maintenance

You must maintain the required minimum share capital at all times:
– Class 1: €50,000
– Class 2: €125,000
– Class 3: €150,000

If your capital falls below the threshold due to losses:
– Notify the Bank of Lithuania immediately
– Develop a capital restoration plan
– Restore capital within the specified timeframe (typically 3-6 months)
– Failure to restore capital can result in license suspension

Monitoring: Conduct regular financial reviews (at least quarterly) to ensure capital adequacy.

2. Corporate Governance Requirements

Maintain proper corporate governance practices:

Board Meetings:
– Hold regular board of directors meetings (at least quarterly)
– Maintain detailed minutes of all meetings
– Document all major decisions (strategy, policies, significant transactions)
– Ensure directors fulfill their fiduciary duties

Shareholder Meetings:
– Hold annual general meetings
– Approve financial statements
– Make decisions on profit distribution
– Approve major corporate changes

Document Maintenance:
– Keep all corporate documents up to date (Articles of Association, shareholder register, director appointments)
– File changes with the Register of Legal Entities within required timeframes
– Maintain organized corporate records readily accessible for audits

3. Record Keeping

Maintain comprehensive records for at least 5 years:

Customer Records:
– Identity verification documents
– KYC questionnaires and due diligence reports
– Risk assessments
– Customer communications
– Account opening and closure documentation

Transaction Records:
– All transaction details (amount, date, parties, purpose)
– Source of funds documentation
– Transaction monitoring alerts and investigations
– SAR filings and supporting documentation

Operational Records:
– Compliance policies and procedures (all versions)
– Staff training records
– Internal audit reports
– Incident reports and remediation actions
– Regulator correspondence

Financial Records:
– Accounting books and ledgers
– Bank statements
– Invoices and receipts
– Tax filings
– Audit reports

Storage Requirements:
– Secure storage (physical and digital)
– Backup and disaster recovery
– Access controls (only authorized personnel)
– Readily retrievable for audits and investigations

4. Internal Audits

Conduct regular internal audits to assess compliance effectiveness:

Audit Scope:
– AML/KYC procedures
– Transaction monitoring effectiveness
– Cybersecurity controls
– Data protection compliance
– Financial controls
– Operational procedures

Frequency: At least annually (more frequently for high-risk areas)

Audit Process:
– Independent auditor (internal or external)
– Review of policies, procedures, and records
– Testing of controls
– Identification of deficiencies
– Recommendations for improvement
– Management response and remediation plan

5. Staff Training

Ensure all staff receive regular compliance training:

Initial Training: All new employees must complete comprehensive training on:
– AML/CFT fundamentals
– KYC procedures
– Fraud detection
– Data protection (GDPR)
– Cybersecurity awareness
– Company policies and procedures

Ongoing Training: All staff must receive annual refresher training covering:
– Updates to regulations (MiCA, AMLD6, etc.)
– New threats and typologies
– Changes to company policies
– Case studies and lessons learned

Specialized Training: AML Officer and compliance staff should receive advanced training and professional certifications (e.g., CAMS – Certified Anti-Money Laundering Specialist).

Training Records: Maintain records of all training (dates, topics, attendees, assessment results)

While Lithuania offers an attractive regulatory environment, crypto businesses face several practical challenges. Here’s how to address them.

The Problem:

While many official websites offer English versions, all communication with authorities and document submissions must be in Lithuanian. This creates:
– Extra costs for translation and interpretation services
– Potential for miscommunication or errors in translation
– Delays in responding to regulator inquiries
– Difficulty understanding legal and regulatory nuances

For non-Lithuanian speakers, this can be a significant operational hurdle, especially when dealing with complex regulatory matters.

The Solution:

1. Partner with Local Legal Firms

Work with Lithuanian legal and compliance firms that provide:
– Native Lithuanian speakers who understand regulatory language
– Translation of all documents and correspondence
– Direct communication with regulators on your behalf
– Cultural and linguistic expertise

2. Hire Bilingual Staff

If you plan significant operations in Lithuania, consider hiring:
– Lithuanian-speaking AML Officer (required anyway)
– Lithuanian-speaking compliance or administrative staff
– Bilingual customer support (if serving Lithuanian market)

3. Use Professional Translation Services

For critical documents:
– Use certified translators for legal accuracy
– Have translations reviewed by legal experts
– Maintain both Lithuanian and English versions of all policies

Legal Nodes Solution: We handle all Lithuanian-language requirements for our clients. Our team includes native Lithuanian speakers who manage all regulator communications, document translations, and legal filings. You never need to worry about language barriers.

The Problem:

Lithuania’s crypto regulation is a multi-layered system. You must comply with:
– Lithuanian national laws: Law on the Prevention of Money Laundering and Terrorist Financing, Company Law, Tax Code
– MiCA: EU-wide crypto regulation
– AMLD6: 6th Anti-Money Laundering Directive
– DORA: Digital Operational Resilience Act
– GDPR: General Data Protection Regulation
– TFR: Transfer of Funds Regulation
– Various EU regulations: eIDAS, PSD2, etc.

This creates a complex compliance landscape where:
– Requirements can overlap or conflict
– Changes at EU level must be implemented nationally
– Interpretation can vary between regulators
– Staying current requires constant monitoring

The Solution:

1. Engage Specialized Legal Advisors

Work with lawyers who specialize in:
– EU crypto regulation (not just general corporate law)
– Cross-border compliance
– Both Lithuanian and EU regulatory frameworks

2. Implement Robust Compliance Management

– Maintain a compliance calendar tracking all regulatory deadlines
– Subscribe to regulatory update services
– Attend industry conferences and webinars
– Participate in industry associations (e.g., Lithuanian Blockchain Association)

3. Build Compliance into Operations

– Integrate compliance checks into all business processes
– Use compliance management software
– Conduct regular compliance reviews
– Maintain open communication with regulators

4. Stay Proactive, Not Reactive

– Monitor proposed regulations before they become law
– Assess impact on your business early
– Implement changes ahead of deadlines
– Engage in regulatory consultations (provide feedback on proposed rules)

Legal Nodes Solution: Our team specializes in EU crypto regulation across 20+ jurisdictions. We monitor all regulatory developments, assess their impact on your business, and implement necessary changes. Our Virtual Legal Officer service provides ongoing compliance monitoring, ensuring you’re always ahead of regulatory changes.

The Problem:

Your AML Officer must be a Lithuanian tax resident (living in Lithuania for 183+ days per year). This is challenging for foreign-owned companies because:
– You may not have existing connections in Lithuania
– Qualified AML professionals with crypto experience are scarce
– Salaries for qualified professionals can be high (€3,000-€6,000/month)
– You need someone with specific qualifications (clean record, MiCA knowledge, Lithuanian language)
– The AML Officer must be available for regulator interviews and ongoing responsibilities

For a startup or small company, hiring a full-time Lithuanian AML Officer can be cost-prohibitive and operationally complex.

The Solution:

1. Outsource AML Function

Engage professional compliance firms that provide:
– Qualified Lithuanian tax resident AML Officers on a contract basis
– Shared services model (one AML Officer serves multiple clients)
– Cost-effective solution (€1,000-€2,500/month vs. €3,000-€6,000 for full-time)
– Experienced professionals with crypto expertise
– Backup coverage (if primary AML Officer is unavailable)

2. Hire Part-Time or Fractional AML Officer

If your transaction volumes are low initially:
– Engage an AML Officer on a part-time basis
– Pay for actual hours worked
– Scale up to full-time as business grows

3. Use Recruitment Agencies

If you prefer to hire directly:
– Engage Lithuanian recruitment agencies specializing in compliance roles
– Post on Lithuanian job boards (CVOnline, CV.lt)
– Network through Lithuanian fintech and crypto communities

Required Qualifications for AML Officer:
– Lithuanian tax residency (mandatory)
– Clean criminal record (especially no financial crimes)
– Professional qualifications in AML/compliance (CAMS, ICA, or equivalent preferred)
– Deep knowledge of MiCA, AMLD6, Lithuanian AML laws
– Experience in financial services or crypto industry
– Fluency in Lithuanian (for regulator communication)
– Strong analytical and investigative skills

Legal Nodes Solution: We provide qualified Lithuanian tax resident AML Officers as part of our turnkey licensing service. Our AML Officers are experienced crypto compliance professionals who serve multiple clients efficiently. This gives you:
– Guaranteed compliance with residency requirement
– Experienced professional from day one
– Cost-effective shared services model
– Backup coverage and continuity
– Seamless integration with your operations

Thanks to EU passporting under MiCA, a crypto license from any EU member state grants access to the entire EU market of 450+ million people. So why choose Lithuania over alternatives? Let’s compare.

Poland: Flexible Regulation and Large Domestic Market

Advantages:
– Flexible regulatory approach with fast licensing (2-4 months)
– Large domestic market (36+ million people)
– Growing fintech ecosystem
– Competitive costs (similar to Lithuania)
– No local director or AML Officer residency requirement

Disadvantages:
– Less established fintech infrastructure than Lithuania
– Fewer crypto-friendly banks
– Less international recognition in crypto industry
– Language barrier (Polish required for official documents)

Best For: Companies targeting Central European markets or seeking maximum regulatory flexibility

Estonia: The Original Digital Nation

Advantages:
– Fully digital company management (e-Residency program)
– 0% corporate tax on undistributed profits (same as Lithuania)
– Strong tech ecosystem and talent pool
– English widely spoken in business
– Established crypto hub with many existing companies

Disadvantages:
– Reputational challenges due to past money laundering scandals (Danske Bank, etc.)
– Increased regulatory scrutiny and stricter enforcement
– More expensive than Lithuania (higher legal and operational costs)
– Longer licensing timelines due to enhanced due diligence
– Banking access has become more difficult

Best For: Tech-savvy founders comfortable with fully digital operations and willing to invest in strong compliance

France: EU’s Second-Largest Economy

Advantages:
– Strong regulatory credibility and reputation
– Access to large, wealthy domestic market (67 million people)
– Established financial center with deep capital markets
– Government support for crypto innovation
– Prestigious jurisdiction enhances business credibility

Disadvantages:
– Higher costs (legal fees, operational expenses, taxes)
– Slower licensing process (6-12 months typical)
– More bureaucratic procedures
– Higher capital requirements for some activities
– Language barrier (French required for many processes)

Best For: Established companies with significant capital seeking maximum credibility and access to institutional clients

Ireland: English-Speaking EU Hub

Advantages:
– English-speaking (major advantage for international companies)
– Attractive 12.5% corporate tax rate
– Strong rule of law and business-friendly environment
– Gateway to both EU and UK markets
– Established financial services sector

Disadvantages:
– More expensive than Lithuania (higher costs across the board)
– Longer licensing timelines
– Stricter regulatory requirements
– Competitive market with many established players

Best For: Companies prioritizing English-language operations and willing to pay premium for Ireland’s advantages

Malta: Mediterranean Crypto Hub

Advantages:
– English-speaking (official language)
– Established crypto hub with supportive government
– Attractive tax regime for certain structures
– Mediterranean location and lifestyle
– Experienced crypto service providers

Disadvantages:
– Reputational concerns (money laundering, gaming industry associations)
– Increased regulatory scrutiny from EU authorities
– Banking access can be challenging
– Small domestic market (500,000 people)

Best For: Companies seeking English-speaking EU jurisdiction with established crypto ecosystem

Jurisdiction Comparison Table:

*Malta offers various tax optimization structures that can reduce effective rates significantly

Why Lithuania Remains Optimal:

Lithuania strikes the best balance for most crypto businesses:
– Speed: 3-6 month licensing timeline is among the fastest in the EU
– Cost: Reasonable legal fees, operational costs, and capital requirements
– Reputation: Strong regulatory credibility without the baggage of money laundering scandals
– Infrastructure: Established fintech ecosystem with crypto-friendly banks and service providers
– Track Record: Hundreds of successfully licensed crypto companies
– EU Access: Full passporting rights to entire EU market
– Tax Efficiency: 0% tax on undistributed profits enables reinvestment and growth

For most crypto startups and scale-ups, Lithuania offers the optimal combination of speed, affordability, and credibility to enter the European market.

At Legal Nodes, we specialize in crypto legal structuring across 20+ jurisdictions, with Lithuania being one of our core competencies. We’ve helped over 400 companies establish compliant crypto businesses, and we bring that expertise to every engagement.

Our Comprehensive Services:

1. End-to-End Licensing Support

We handle every aspect of your licensing journey:
– Jurisdiction selection and strategy: Assess your business model and recommend the optimal jurisdiction and license class
– Company registration: Establish your UAB with proper structure and documentation
– Capital contribution: Facilitate monetary or crypto capital contribution with sworn appraisers
– Policy development: Create bespoke AML/KYC policies, risk frameworks, and compliance procedures tailored to your business
– License application: Prepare and submit comprehensive application with all required documents
– Regulator liaison: Communicate with Bank of Lithuania on your behalf, respond to inquiries, coordinate interviews
– Bank account opening: Guaranteed successful opening of corporate accounts (C2B and B2B)
– Ongoing compliance: Virtual Legal Officer service for continuous compliance monitoring and support

2. Guaranteed Bank Account Opening

Unlike many legal firms that stop at license approval, we guarantee successful bank account opening. We have established relationships with multiple crypto-friendly banks and EMIs. If one bank rejects you, we immediately move to the next option until you have functioning accounts.

3. Lithuanian Tax Resident AML Officer

We provide qualified Lithuanian tax resident AML Officers as part of our service. Our AML Officers are:
– Experienced crypto compliance professionals
– Pre-vetted and regulator-approved
– Fluent in Lithuanian and English
– Available for regulator interviews and ongoing responsibilities
– Cost-effective shared services model

4. Virtual Legal Officer Service

Beyond licensing, our Virtual Legal Officer service ensures you always have external legal support:
– Ongoing compliance monitoring and calendar management
– Regulatory update alerts and impact assessments
– Policy updates as regulations evolve
– Ad hoc legal advice and document review
– Escalation support for regulatory inquiries or incidents

This prevents issues before they arise and ensures continuous compliance.

5. Cost-Effective Boutique Approach

Unlike large law firms with high overhead and hourly billing, we offer:
– Fixed-fee packages with transparent pricing
– Boutique firm agility and personalized service
– Network of independent experts (no unnecessary overhead)
– Cost-efficient solutions without compromising quality

Our Competitive Advantages:

Experience: Over 400 companies trust Legal Nodes for their crypto legal needs. We’ve navigated every type of crypto business model and regulatory challenge.

Expertise: Our team includes lawyers, compliance specialists, and crypto industry veterans who deeply understand both the legal and technical aspects of crypto businesses.

Network: We work with boutique law firms and independent experts across 20+ jurisdictions, giving you access to local expertise everywhere you need it.

Speed: Our streamlined processes and established regulator relationships enable faster licensing than competitors.

Results: We guarantee successful outcomes — license approval and bank account opening — or we continue working until you’re operational.

Support: We don’t disappear after licensing. Our Virtual Legal Officer service provides ongoing support for the life of your business.

Client Testimonials:

“Legal Nodes made the complex process of obtaining a Lithuanian crypto license straightforward and stress-free. Their team handled everything from company registration to bank account opening, and we were operational in just 4 months.” — Crypto Exchange Founder

“The Virtual Legal Officer service is invaluable. We always have expert legal support available without the cost of hiring a full-time legal team.” — Custodial Wallet CEO

Ready to Get Started?

Contact our team today for a free consultation. We’ll:
1. Assess your business model and requirements
2. Recommend the optimal jurisdiction and license class
3. Provide a detailed proposal with timeline and costs
4. Answer all your questions

Within 1-2 weeks, you’ll have a clear roadmap to obtaining your Lithuania crypto license and launching your compliant EU crypto business.

Lithuania has firmly established itself as a premier crypto jurisdiction in the European Union, offering a unique combination of speed, affordability, and regulatory credibility. With 3-6 month licensing timelines, reasonable costs (€50,000-€150,000 capital requirements), and access to the entire EU market via passporting, Lithuania provides an unmatched entry point for crypto businesses seeking to operate compliantly in Europe.

The country’s early adoption of comprehensive crypto regulation, now fully aligned with MiCA, demonstrates its commitment to maintaining its position as a fintech leader. The three-tier CASP licensing structure (Classes 1, 2, and 3) allows businesses to choose the appropriate authorization level for their specific services, from basic advisory to full-scale exchange operations. Combined with competitive taxation (0% on undistributed profits, 15-16% on distributed profits), Lithuania creates an environment where crypto businesses can grow and thrive.

While challenges exist — language barriers, complex multi-layered regulations, and the requirement for a Lithuanian tax resident AML Officer — these are easily overcome with professional support. The benefits far outweigh the obstacles: rapid market entry, full EU access, strong regulatory reputation, and an established ecosystem of crypto-friendly banks and service providers.

As Europe continues to lead global crypto regulation through MiCA, Lithuania stands at the forefront of this transformation. The country’s proven track record with hundreds of successfully licensed crypto companies, combined with its progressive regulatory approach, makes it the optimal choice for entrepreneurs seeking to build compliant, scalable crypto businesses in the world’s largest economic bloc.

Legal Nodes is your trusted partner in navigating this journey. From initial strategy and company registration to license approval, bank account opening, and ongoing compliance support, we handle every detail so you can focus on building your business. Our team of crypto legal specialists, compliance experts, and Lithuanian professionals ensures your success at every stage.

With over 400 companies trusting Legal Nodes for their crypto licensing needs, we bring unparalleled experience, established regulator relationships, and guaranteed results. Our Virtual Legal Officer service provides continuous compliance monitoring and legal support, ensuring you maintain your license and stay ahead of regulatory changes.

The European crypto market is waiting. Get started today.