EU Crypto Regulators: Complete List of National Competent Authorities (2026)

Getting a crypto license in the European Union used to feel like navigating a maze with no exit. You had different rules in every country, and it was often unclear who actually held the power. That chaos ended on December 30, 2024, when the Markets in Crypto-Assets Regulation (MiCA) came into full force. Now, if you want to operate legally in the EU, you deal with one specific body in your chosen member state: the National Competent Authority (NCA). These are the financial regulators responsible for issuing licenses, supervising compliance, and enforcing rules for crypto firms.

This guide breaks down exactly which regulator handles crypto in each major EU country, how the licensing process works right now in 2026, and why the entire system might change soon due to plans for centralization. Whether you are a startup founder or an investor, knowing who holds the keys is critical.

Who Are the National Competent Authorities?

Under MiCA, each of the 27 EU member states designates one primary financial regulator as its NCA. This authority acts as your main point of contact. They review your application, grant your CASP license (Cryptoasset Service Provider), and monitor your ongoing operations. The good news is that once you get licensed by one NCA, you can offer services across the entire EU through a 'passporting' mechanism. However, the experience varies significantly depending on which country you choose as your home base.

Here are the key NCAs you need to know:

  • Germany: BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht) oversees crypto activities. Known for strict but clear banking regulations, BaFin began issuing licenses in January 2025.
  • France: The AMF (Autorité des Marchés Financiers) handles crypto supervision. France has been aggressive in attracting Web3 projects, offering a supportive ecosystem alongside rigorous oversight.
  • Netherlands: The Dutch Authority for the Financial Markets (AFM) was among the first to issue licenses on day one of MiCA. The Netherlands has become a hotspot for early adopters due to its efficient processing times.
  • Malta: The MFSA (Malta Financial Services Authority) continues its legacy as a crypto-friendly jurisdiction, issuing initial licenses immediately upon MiCA's start date.
  • Spain: The CNMV (Comisión Nacional del Mercado de Valores) serves as the competent authority for securities-related crypto assets.
  • Italy: CONSOB (Commissione Nazionale per le Società e la Borsa) manages supervision, focusing heavily on market integrity and investor protection.

The Licensing Landscape in 2026

Since MiCA went live in late 2024, the landscape has shifted rapidly. According to data from the European Securities and Markets Authority (ESMA) public CASP register, more than 40 licenses were issued in the first six months alone. Germany and the Netherlands dominated this early wave, collectively accounting for the majority of approvals. This isn't random; companies gravitated toward these jurisdictions because their regulators demonstrated preparedness and speed.

If you are applying for a license today, you face a few realities. First, the documentation requirements are heavy. You need to prove robust governance structures, risk management frameworks, and capital adequacy. Second, costs are rising. Beyond the application fees, you must budget for regular audits, regulatory disclosures, and potential supervisory fees that vary by member state. Smaller firms often find this challenging, leading to a consolidation trend where larger players secure the licenses while startups struggle with compliance overhead.

Comparison of Major EU NCAs for Crypto Licensing
Country Regulator (NCA) Processing Speed (Early 2025-2026) Key Focus Area
Germany BaFin Methodical, steady issuance since Jan 2025 Banking standards, AML/CFT
Netherlands AFM Fastest early issuer Efficiency, cross-border coordination
France AMF Moderate, high volume of applications Innovation support, market surveillance
Malta MFSA Rapid initial issuance Crypto-friendly business environment
Superhero with CASP license shield protected by EU regulator emblems

Ongoing Supervision and Compliance

Getting the license is just the beginning. Your NCA becomes your daily supervisor. They expect regular reports on trading activities, custody arrangements, and consumer protection measures. If you issue stablecoins or asset-referenced tokens, the scrutiny intensifies. You must maintain adequate reserves and liquidity, subject to checks not just by your NCA but also by the European Banking Authority (EBA), which sets prudential standards for significant tokens.

Market abuse prevention is another critical area. As of April 29, 2025, new Delegated Regulations under MiCA require firms to have sophisticated systems for detecting and reporting suspicious activities. This means your internal compliance team needs to be sharp. Any failure to report incidents or adhere to anti-money laundering (AML) protocols can lead to severe penalties, including license revocation. The NCA monitors these aspects closely, ensuring that the promise of innovation doesn't come at the cost of financial stability.

The Shift Toward Centralized Supervision

While the NCA system is currently operational, it may not last forever. EU leadership has identified inefficiencies in having 27 separate regulators build expertise from scratch. Verena Ross, chair of ESMA, confirmed in October 2024 that the European Commission is preparing rules to transfer supervision of crypto companies from national authorities to ESMA directly. Maria Luís Albuquerque, the EU commissioner for financial services, echoed this in September 2024, stating they are considering transferring powers for "the most significant cross-border entities."

The goal is to create a more integrated and globally competitive capital market. Currently, resources are duplicated across member states. Centralizing supervision would streamline processes and ensure uniform interpretation of MiCA rules. For large crypto firms, this sounds appealing-no more dealing with varying interpretations from different NCAs. However, smaller member states worry about losing regulatory sovereignty. The timeline for this shift is unclear, likely taking several years for legislative approval and institutional restructuring. In the meantime, the current NCA-centric model remains the law of the land.

Regulators facing ESMA centralization in dramatic graphic novel scene

Other Key Players in the Regulatory Ecosystem

Your NCA isn't working in isolation. Several other bodies play crucial roles in the EU crypto framework:

  • ESMA: Develops technical standards, coordinates between NCAs, and maintains blacklists of non-compliant firms. They are the architect of the unified rulebook.
  • EBA: Focuses specifically on stablecoin issuers, overseeing reserve requirements and liquidity frameworks to prevent bank runs on digital currencies.
  • ECB: Monitors broader financial stability. If stablecoins threaten monetary policy or payment systems, the ECB retains intervention authority.
  • AMLA: The Anti-Money Laundering Authority, launching in 2026, will directly supervise the largest cross-border crypto firms for AML/CFT compliance. This adds another layer of centralized oversight specifically targeting money laundering risks.

Strategic Advice for Crypto Companies

So, what should you do? If you are planning to launch in the EU, choose your home member state carefully. Consider factors like the NCA's processing speed, regulatory philosophy, and local legal infrastructure. Germany and the Netherlands offer speed and clarity, while France provides strong industry support. Avoid jurisdictions with uncertain timelines unless you have ample runway for delays.

Prepare for high compliance costs. Budget for external audits, legal counsel, and technology upgrades to meet reporting standards. Engage with your chosen NCA early in the process. Many regulators offer pre-application meetings to clarify expectations. Finally, stay alert to the centralization debate. While the NCA system stands today, the move toward ESMA-led supervision could simplify things for large players in the future. For now, treat your relationship with your NCA as a long-term partnership, not just a transactional hurdle.

What is a National Competent Authority (NCA) in the context of EU crypto regulation?

An NCA is the designated financial regulator in each EU member state responsible for licensing and supervising Cryptoasset Service Providers (CASPs) under the MiCA regulation. It serves as the primary interface between crypto firms and regulatory compliance within that country.

Which countries have issued the most crypto licenses under MiCA so far?

Germany and the Netherlands have led in license issuance since MiCA's full implementation in December 2024. Their regulators, BaFin and AFM respectively, were among the first to approve applications, demonstrating rapid preparedness.

Will ESMA replace national regulators for crypto supervision?

The EU is actively considering transferring supervisory powers for significant cross-border crypto entities from NCAs to ESMA. This centralization aims to improve efficiency and consistency, but it requires legislative changes and is expected to take several years to implement fully.

How does the Anti-Money Laundering Authority (AMLA) affect crypto firms?

Launching in 2026, AMLA will directly supervise the largest cross-border crypto firms for anti-money laundering and counter-financing of terrorism (AML/CFT) compliance. This adds a centralized layer of oversight specifically focused on financial crime prevention.

Can I use a license from one EU country to operate in others?

Yes, MiCA includes a passporting mechanism. Once licensed by your home member state's NCA, you can provide services across all other EU member states without needing separate licenses, though you must notify the relevant authorities in those countries.