Read the CySEC Circular C790
Memo #40-2026
CySEC Circular No: C790
Date: 07/07/2026
Subject: ML/TF risks following the end of the MiCA Transitional Period
Purpose: To draw the attention of Regulated Entities that the MiCA transitional period has ended on 1 July 2026.
In Summary:
CySEC has issued the Circular C790 on 07/07/2026 to draw the attention of Crypto Asset Service Providers, CIFs, UCITS Management Companies, Internally managed UCITS, AIFMs, Internally managed AIFs, Internally managed AIFLNPs, Companies with sole purpose the management of AIFLNPs and Small AIFMs under Law 81(I)/2020, that the Markets in Crypto-Assets (MiCA) transitional period has ended on 01/07/2026.
CySEC notes that following this date, firms are required to obtain authorisation as Markets in Crypto-Assets Regulation (MiCAR)-compliant crypto-asset service providers (CASPs) in order to continue providing crypto-asset services within the European Union.
CySEC informs the Regulated Entities that the EU’s Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) has published an Advisory note on the money laundering and terrorist financing (ML/TF) risks associated with the end of the transitional period under the MiCAR.
CySEC further notes that the end of the transitional period is expected to result in significant structural changes within the EU crypto-asset sector, as unauthorised VASPs exit the market and customer relationships previously maintained with such providers are either terminated or transferred to a smaller number of authorised CASPs. In particular, the potential ML/TF risks arising from the end of the transitional period along with suggested mitigation measures for unauthorised VASPs and authorised CASPs are:
• Unauthorised VASPs - Unauthorised VASPs are exposed to a risk of weakened AML/CFT controls during exit process, as the compressed timelines for ceasing activities may strain their AML/CFT frameworks at a critical juncture.
• Authorised CASPs - Authorised CASPs may experience sudden changes in their ML/TF risk exposure following the end of the MiCA transitional period. Shifts in business models and customer portfolios following authorization decisions may result in materially different risk profiles.
With Circular C790, CySEC reminds the Regulated Entities that compliance with applicable AML/CFT obligations remains their responsibility throughout the transition period and after the completion of any customer migration or wind-down activities.
CySEC also draws the attention of Regulated Entities to the FATF Report Understanding and Mitigating the Risks of Off-shore VASPs, which highlights the ML/TF risks associated with relationships with unauthorised or offshore VASPs. In this regard, Regulated Entities are expected to identify and assess the ML/TF risks arising from relationships, transactions or business activities involving unauthorised VASPs and to apply appropriate risk mitigation measures in accordance with a risk-based approach.
CySEC urges the Regulated Entities to take duly into account and consider the specific ML/TF risks that may arise following the end of the MiCA Transitional Period and enhancing their risk-based approach under the Prevention and Suppression of Money Laundering Activities Law (L. 188(I) 2007) as amended from time to time.
The AMLA Advisory note can be found on the following link:
The FATF Report Understanding and Mitigating the Risks of Off-shore VASPs can be found on the following link:
Read the CySEC Circular C790
Read more news at Regulatory News
