MiCA Compliance: 53 Licensed, 63 Revoked

A compliance scorecard as the EU's strict crypto regulation draws enforcement lines.

The EU's Markets in Crypto-Assets Regulation (MiCA) has moved from legislative milestone to operational reality. MiCA enforcement crypto exchanges operating in the European Union now face a binary choice: secure formal authorization under the new rules or prepare to exit the bloc's market. As of Q1 2026, the compliance divide is stark and consequential.

What Is MiCA and Why Enforcement Matters Now

MiCA became fully applicable on December 30, 2024, marking the end of fragmented national crypto regulations across all 27 EU member states.The regulation applies uniformly to Crypto-Asset Service Providers (CASPs)—exchanges, wallet providers, custody services, and stablecoin issuers—creating a single regulatory perimeter for the entire bloc.

What makes this enforcement wave particularly consequential: CASP licensure grants passporting rights.A single license, granted by one member state's national competent authority (NCA), permits an exchange to operate across all 27 countries without seeking separate authorization in each jurisdiction. This creates a durable competitive moat for early movers. Those who secure MiCA approval gain immediate pan-EU access; those who don't face gradual market share bleed as EU users migrate to regulated alternatives.

Enforcement began in earnest in Q1 2026. National authorities are revoking licenses, imposing penalties that scale to 5–12.5% of annual turnover, and requiring non-compliant exchanges to implement orderly wind-down plans.The July 1, 2026 deadline is absolute: any CASP still operating without authorization after that date faces direct legal enforcement actions by national regulators.

The Compliant Cohort: 53 Licensed CASPs and Counting

As of Q1 2026, 53 entities hold formal CASP approval across the EU.The roster of major licensed exchanges reads like the institutional tier of the industry: Coinbase, Kraken, OKX, Gemini, Robinhood, and Bitstamp have all secured MiCA authorization.

The geographic distribution of licenses reveals regulatory efficiency disparities:

Germany: 43+ licenses by mid-January 2026, establishing itself as the primary MiCA hub
Netherlands: 22 licenses, the second-largest issuing jurisdiction
France: 11 licenses, despite aggressive enforcement against non-compliant firms
Luxembourg and Malta: Emerging as passporting hubs, leveraging expedited approval frameworks

Stablecoin issuers have followed similar patterns. Circle (USDC), Société Générale, and Crypto.com obtained stablecoin issuer licenses, positioning themselves as compliant settlement layers for EU-regulated trading.These authorizations matter for composability: licensed stablecoins become the native settlement asset for regulated exchanges, while non-compliant stablecoins face progressive delistings.

The Notable Absences: Binance and Tether Under Pressure

Binance, the world's largest exchange by trading volume, did not obtain MiCA authorization before enforcement began. Instead, the exchange filed its first CASP application with Greece's Hellenic Capital Market Commission in January 2026—over a year after full MiCA applicability.This belated approach signals reactive rather than proactive compliance, and France's identification of Binance among 90 unlicensed firms suggests regulatory pressure influenced the timeline.

Binance's partial mitigation strategy: delisting nine non-compliant stablecoins—USDT, DAI, TUSD—from EU spot trading.This move demonstrates an effort to reduce regulatory friction, but it does not constitute full compliance. Without CASP authorization, Binance faces a June 30 deadline to cease EU operations or risk enforcement action.

Tether (USDT) confronts a more structural problem: the company has not obtained stablecoin issuer authorization under MiCA. The regulation requires stablecoin issuers to maintain segregated reserves, undergo regular audits, and disclose reserve composition.Tether's historical resistance to third-party audits places it at odds with these requirements.

The consequence: Tether delistings cascade across regulated exchanges. Coinbase, Kraken, Crypto.com, and Binance have all removed USDT from EU trading pairs for EU-based users, replacing it with USDC and other licensed stablecoins.These aren't speculative moves—they reflect regulatory compliance necessity. A licensed exchange offering an unlicensed stablecoin on EU rails faces enforcement risk.

CASP Licensing Requirements and Technical Barriers

Obtaining MiCA CASP authorization is not trivial. The regulation imposes specific capital, operational, and governance requirements that serve as real structural barriers to entry.

Financial requirements: CASPs must maintain €50K–€150K in capital reserves depending on service scope—whether the firm provides trading, custody, portfolio management, or settlement services.For smaller exchanges, this represents meaningful initial cost but not an insurmountable hurdle. For custodians and trading platforms, the capital burden increases.

Operational compliance: MiCA mandates Anti-Money Laundering (AML) and Know-Your-Customer (KYC) procedures that must meet EU standards. Exchanges must segregate customer assets, implement fair pricing policies, and comply with the Travel Rule for transaction monitoring.Wallet providers must implement multi-signature controls and maintain insurance coverage to qualify as authorized CASPs.

Order book enforcement: National regulators began enforcing order book standards in November 2025, with a six-month grace period for compliance.Exchanges must publish real-time trading data, prevent wash trading, and ensure fair order matching.

Jurisdictional barrier: Non-EU companies serving EU clients must establish local legal presence to qualify for CASP licensing.This requirement alone explains why some U.S.-headquartered exchanges delayed or abandoned EU market entry.

Enforcement in Action: Penalties, Revocations, and Trends

The enforcement data reveals regulatory intent and velocity. As of February 2026, MiCA enforcement is not a future threat—it is present reality.

Violation statistics: 224 MiCA non-compliance cases have been recorded across the EU in 2025.Of those, 63 CASP licenses were revoked by November 2025, with 50+ additional firms losing authorization by February 2026.

The most common violations cluster around three areas:

AML/KYC breaches: 49% of enforcement cases
Stablecoin reserve failures: 38% of cases
Incomplete technical documentation: 29% of cases

These statistics indicate that compliance failures are not arcane technical violations—they center on fundamental prudential standards (AML, reserves) and operational documentation.

Penalty severity: Fines reach 5–12.5% of annual turnover. The average fine cited in enforcement data is €5.6M.For mid-sized exchanges, this represents material financial loss. For larger platforms, the penalty is reputational and operationally disruptive.

Criminal prosecutions: The enforcement mix includes criminal cases. Prosecutions increased 22% year-over-year, affecting 54 individuals including exchange executives and founders.This signals that regulators view certain compliance failures as intentional misconduct worthy of criminal referral.

Geographic enforcement leadership: Germany and France lead both by case count and penalty severity.Germany's aggressive issuance of licenses also reflects its role as a regulatory hub; France's enforcement aggression reflects its historical stance on crypto finance.

The July 1, 2026 Deadline: What Happens to Non-Compliant Exchanges

The July 1, 2026 cutoff is non-negotiable. Member states were permitted to apply transitional (grandfathering) provisions until that date, allowing firms operating under national regimes to continue serving EU users without full MiCA authorization.France exemplifies the deadline pressure: its transition period ends June 30, forcing 90+ unlicensed firms to cease EU operations within days of the month's end.

What does post-cutoff enforcement look like? Non-compliant CASPs must implement orderly wind-down plans to prevent abrupt market disruptions.In practice, this means: allowing existing customers to withdraw funds, preventing new customer onboarding, and ceasing market-making activities. Exchanges cannot simply flip a switch.

Operating unlicensed after July 1 exposes platforms to direct legal enforcement actions by national competent authorities. This is not theoretical—the European Securities and Markets Authority (ESMA) maintains a published register of non-compliant entities to guide enforcement and market participant decisions.Regulators use this register to identify targets for enforcement action, asset seizures, and account freezes.

The practical impact: exchanges operating in regulatory gray zones after the cutoff risk losing banking relationships, payment processor connections, and liquidity provider partnerships. Counterparties will view non-MiCA authorization as unacceptable operational risk.

DeFi and Wallet Providers: The Regulatory Limbo

Not all crypto service providers are equal under MiCA. DeFi protocols—decentralized exchanges, lending protocols, yield farming platforms—currently fall outside MiCA's direct enforcement scope for CASP licensing, though ESMA has not issued formal guidance clarifying their final status. Non-custodial wallet providers similarly remain in regulatory limbo pending ESMA guidance.

This creates a regulatory arbitrage opportunity and a legal ambiguity simultaneously. On one hand, DeFi protocol designers and non-custodial wallet maintainers have breathing room; they are not currently subject to MiCA's capital, AML, and governance requirements. On the other hand, this regulatory gap leaves users operating in an ambiguous legal zone.If a decentralized protocol offers yield to EU residents, are those residents in violation? If a non-custodial wallet provides user-controlled staking, is that regulated?

ESMA has signaled that it will eventually close these gaps. Wallet providers offering custody or active trading features may be reclassified as CASPs and forced to comply. NFT regulation under MiCA also remains unresolved; the market structures and legal treatment of digital assets beyond crypto-assets are still undefined.

Conclusion: The Regulatory Divide Hardens

MiCA enforcement marks a structural shift in EU crypto finance. The region is no longer a fragmented patchwork of national regimes—it is a single, enforced regulatory perimeter.

For compliant platforms, the prize is clear: passporting rights, institutional credibility, and access to regulated liquidity and banking. For non-compliant platforms, the cost is equally clear: market share migration, enforcement risk, and the possibility of forced wind-down.

Binance's belated application and Tether's unlicensed status exemplify the stakes. These are not minor players accepting niche regulatory risk. They are major market participants forced to either comply or accept significant market access losses in one of the world's largest wealth regions.

The July 1, 2026 deadline is real. Exchanges have fewer than 100 days to decide: apply for authorization, implement wind-down, or risk enforcement action. Traders and investors should begin consolidating positions on MiCA-compliant platforms. Stablecoin users should expect further migration from unlicensed assets like USDT to licensed alternatives like USDC.