Germany

Key Requirements

• Establish German credit institution or financial services institution with BaFin authorization for crypto custody services.
• Maintain minimum capital of €125,000 per KWG requirements with quarterly capital adequacy reporting.
• Implement fit-and-proper requirements for management and supervisory board with KWG compliance and regulatory approval.
• Establish IT security procedures per BAIT (BaFin Guidance on IT Requirements) including encryption, access controls, and incident response.
• Develop customer crypto asset segregation procedures ensuring complete separation of client and proprietary assets.
• Implement AML/CFT procedures per German Money Laundering Act (GwG) with customer identification and transaction monitoring.
• Maintain professional liability insurance of minimum €1,000,000 covering custody service operation risks.

Application Process

1. 1.Establish German legal entity (GmbH, AG, or bank) with proper corporate governance and management structure.
2. 2.Prepare business plan describing crypto custody service offerings, technology platform, and security procedures.
3. 3.Document capital adequacy with €125,000 minimum through bank accounts and audited financial statements.
4. 4.Prepare detailed IT security procedures (BAIT-compliant) including encryption standards and incident response protocols.
5. 5.Develop customer crypto asset segregation procedures with independent custody verification mechanisms.
6. 6.Prepare compliance manual with AML/CFT procedures, customer due diligence, and transaction monitoring.
7. 7.Submit crypto custody license application to BaFin with all supporting documentation and compliance procedures.
8. 8.Engage with BaFin during assessment period (6-12 months) addressing regulatory inquiries.
9. 9.Receive BaFin authorization decision and register as crypto custody service provider.

Ongoing Obligations

• Maintain minimum €125,000 capital with quarterly capital adequacy reporting and annual audited financial statements.
• File regulatory reports with BaFin including annual compliance certifications and financial disclosures.
• Implement ongoing IT security updates per BAIT requirements with annual security audits and testing.
• Conduct quarterly segregation audits verifying complete separation of customer and proprietary crypto assets.
• Maintain AML/CFT compliance with customer due diligence and suspicious activity reporting per GwG.
• Report material incidents including security breaches or customer fund loss to BaFin within 24 hours.
• Maintain professional liability insurance continuously with annual renewal certificates and minimum €1,000,000 coverage.

Key Requirements

• Establish Germany-based legal entity subject to German law and BaFin supervision with EU passporting rights.
• Maintain minimum capital per MiCA Annex IV based on crypto service class: €50,000 (Class 1), €125,000 (Class 2), or €150,000 (Class 3).
• Implement governance structure with board-level oversight, compliance officer, and risk management functions per BaFin requirements.
• Adopt customer asset safeguarding procedures with segregated custody arrangements and written safeguarding agreements.
• Develop comprehensive AML/CFT compliance program per 5th EU Money Laundering Directive with transaction monitoring.
• Implement operational resilience and business continuity procedures per DORA (Digital Operational Resilience Act).
• Establish professional indemnity insurance covering minimum 25% of quarterly fixed overheads per MiCA requirements.

Application Process

1. 1.Establish Germany-based company with articles of association, management documentation, and beneficial ownership structure.
2. 2.Prepare comprehensive business plan including organizational structure, service offerings, AML/CFT procedures, and strategy.
3. 3.Document capital adequacy per MiCA service class (€50,000-€150,000) with bank account evidence and financial documentation.
4. 4.Prepare detailed operational procedures covering customer onboarding, AML/CFT compliance, and asset safeguarding arrangements.
5. 5.Submit CASP authorization application to BaFin with business plan, governance documents, and compliance framework.
6. 6.Provide evidence of professional indemnity insurance and custody/safeguarding arrangement documentation.
7. 7.Engage with BaFin during assessment period (3-6 months) responding to information requests and compliance queries.
8. 8.Receive BaFin authorization decision and register in BaFin register receiving EU-wide passporting notification.

Ongoing Obligations

• Maintain minimum capital requirement per service class with quarterly capital calculations reported to BaFin.
• Submit annual audited financial statements and governance reports to BaFin by statutory deadlines.
• Report significant incidents or regulatory violations to BaFin within 24 hours of discovery.
• Conduct annual internal governance review with board approval and submit documentation to BaFin.
• Update AML/CFT compliance procedures annually addressing identified risks and regulatory guidance changes.
• Maintain professional indemnity insurance continuously with coverage of minimum 25% quarterly fixed overheads.
• Notify BaFin of material changes including shareholders, management, or service offerings within 30 days.

Key Requirements

• Comply with Electronic Securities Act (eWpG) requirements for tokenized securities issuance on DLT infrastructure.
• Establish German legal entity with demonstrated financial capacity and operational resources for securities issuance.
• Implement regulatory compliance procedures addressing investor protection and securities law requirements.
• Develop detailed prospectus or exemption documentation complying with German Securities Trading Act (WpHG) requirements.
• Establish AML/CFT procedures with investor identification and beneficial owner verification per GwG.
• Implement custody and settlement procedures for tokenized securities with independent custodian or blockchain settlement.
• Maintain professional liability insurance covering securities issuance operations.

Application Process

1. 1.Prepare detailed issuance plan describing tokenized securities, DLT infrastructure, and investor targeting.
2. 2.Document issuer financial capacity with audited financial statements demonstrating operational capability.
3. 3.Prepare prospectus or exemption documentation complying with German Securities Trading Act requirements.
4. 4.Prepare compliance procedures addressing investor protection and eWpG tokenized securities requirements.
5. 5.Submit crypto securities registration application to BaFin with prospectus and compliance documentation.
6. 6.Engage with BaFin during assessment period (3-6 months) addressing prospectus questions and compliance clarifications.
7. 7.Receive BaFin approval and register crypto securities for public or qualified investor offering.

Ongoing Obligations

• Maintain prospectus and offering documentation current with material updates filed to BaFin within specified timeframe.
• File ongoing reports with BaFin including issuer financial status, issuance activity, and material developments.
• Maintain investor records with KYC information and beneficial owner documentation per GwG requirements.
• Implement AML/CFT procedures with transaction monitoring and suspicious activity reporting.
• Maintain custody and settlement procedures with regular verification of tokenized securities accountability.
• Report material incidents affecting investor funds or securities issuance to BaFin within specified timeframe.
• Conduct annual compliance review addressing investor protection and eWpG requirements with documented findings.