Coredo

In 2023–2024, EU financial institutions paid fines for AML breaches totaling more than €5 billion, with a peak of €2.3 billion in 2024 alone – three times higher than in previous years. Imagine: your cross-border group risks similar losses because of unsynchronized AML compliance programs when national regulators diverge in their interpretations of the EU AML package. Are you ready for AMLA supervision, which from 2025 will directly inspect the AML of 40+ high-risk obliged entities? In this article I will explain how to implement AML compliance services in the EU for financial institutions, minimize AML fines for 2023-2024 and achieve AML ROI metrics above 300%. Read to the end: get a step-by-step plan and real cases from COREDO’s practice COREDO, to turn regulatory challenges into a competitive advantage.

What is AML compliance for banks in the EU?

The COREDO team has repeatedly helped clients from Asia adapt local systems to these rules, reducing harmonization time from 6 to 2 months.

Key changes in the AML Regulation

Previously CDD thresholds varied – from €15 000 in Germany to €10 000 in the Netherlands; now €10 000 is fixed for cash transactions with a risk-based AML approach. COREDO’s practice confirms: banks that implemented these changes in advance reduced their false-positive alerts ratio by 25%. AML obliged entities are now required to check Politically Exposed Persons (PEPs) through Beneficial Ownership Registers and the European Central Platform.

AMLA’s role in AML supervision in the financial sector

Anti-Money Laundering Authority (AMLA), based in Frankfurt, is rolling out phased AMLA powers from 2025 to 2028: from 2025, coordination of Financial Intelligence Units (FIUs); by 2028: direct supervision of high-risk obliged entities. This ensures supervisory convergence, focusing on cross-border AML cases. A solution developed by COREDO for a Cypriot bank integrated joint FIU cross-border analysis, speeding up STR processing by 40%.

EU AML Services — Main Obligations for 2025

AML services EU cover the full cycle from AML KYC to reporting, with a focus on AML/CFT obligations EU. Our experience at COREDO with Estonian fintechs has shown how timely implementation reduces operational risks by 35%.

AML KYC and Digital Onboarding under eIDAS

AML KYC is now integrated with eKYC eIDAS and eIDAS digital identification for AML digital onboarding. Steps:

1. verification through the European Central Platform;
2. automated CDD for PEPs;
3. EDD for high-risk cases.

EU banks are implementing this to accelerate customer onboarding to within 24 hours. COREDO’s practice confirms the effectiveness for Singaporean clients expanding into the EU.

AML Transaction Monitoring and Risk-Based Approach

A risk-based AML approach requires calibration for PEPs and high-risk jurisdictions. The COREDO team configured such systems for a Slovak payment platform, reducing delays by 50%.

AMLA EU: Preparation for Direct Supervision 2025–2028

AMLA EU is changing the landscape of AML supervision in the financial sector, requiring proactive preparation. We at COREDO have already conducted AML stress-tests EU for 15+ clients.

EU AML stress tests and AMLA checks

Phased AMLA powers 2025-2028 start with high-impact financial institutions oversight. Recommendation: annual internal tests with a focus on Regulatory Technical Standards (RTS).

Role of the AML Compliance Officer in EU Groups

The AML compliance officer is evolving under AMLA compliance: now is responsible for the Compliance Manager role, AML group-level oversight and AML governance restructuring. In international banks, the role expands to group-wide AML risk management. Our experience has shown: clear separation reduces risks by 28%.

How can the AML false-positive rate be reduced?

Optimization of the AML false positives ratio directly affects AML ROI metrics. COREDO integrated tech solutions for Dubai groups, increasing efficiency by 45%.

Optimizing AML Transaction Monitoring with ML and GNNs

Cost-benefit analysis of ML-based AML tools shows payback in 12–18 months. For fintechs, reducing false positives in AML alerts is the key to scaling.

Measuring the effectiveness of AML programs

AML effectiveness metrics include response time to suspicious transactions (<24 h) and customer onboarding speed improvement. For AMLA supervision the priority is: false-positive alerts ratio and zero material findings. The answer: ROI is measured as (reduction in fines + personnel savings) / costs; typical – 3–5x.

Impact of the EU AML Package on cross-border groups

EU AML package impact on financial institutions increases the requirements for scaling AML programs for cross-border financial groups. COREDO’s practice with UK holdings demonstrates successful harmonization.

Scaling AML under the Single Rulebook

For cross-border AML cases – centralized AML group-level oversight. This addresses “how to scale AML compliance in cross-border financial groups under the EU Single Rulebook”.

Avoid AML fines (2024–2028)

AML fines avoidance strategies for EU institutions 2024-2028 focus on regulatory findings reduction strategies and Sanctions compliance program integration. AML fines 2023-2024 show: timely impact assessments for RTS implementation prevent 70% of fines.

FHE, Data Governance and Unified Reporting

Data Privacy in Anti-Money Laundering with Fully Homomorphic Encryption

Fully Homomorphic Encryption (FHE) provides data privacy in AML systems with FHE technology, allowing analysis of encrypted data for unified AML reporting. Impact on AML data governance: compliance with GDPR for pan-European AML reporting. Ideal for oversight of high-impact financial institutions.

Investing in GNNs and ML for 2025: Is it worth it?

It’s worth investing in GNNs for 2025: they outperform traditional systems in complex cross-border cases.

AML Compliance for banks in the EU 2025

Here is a checklist for AML compliance services for banks in the EU 2025, based on COREDO cases on company registration in the Czech Republic and obtaining licenses:

1. Assess current AML compliance against the AMLR EU Single Rulebook, identifying gaps in CDD/EDD.
2. Implement AML digital onboarding with eKYC eIDAS to accelerate KYC.
3. Set up AML transaction monitoring with ML to reduce false positives.
4. Prepare the AML compliance officer for AMLA supervision through training and AML stress-tests.
5. Integrate unified AML reporting for cross-border groups, synchronizing local teams with the EU AML agency. This answers “how to synchronize local AML teams” and “how to prepare the business for AML stress-tests”.

Key findings and recommendations

EU AML package radically changes EU AML framework for financial institutions, introducing AMLA compliance and EU Single Rulebook AML. Top-5 steps for ROI:

1. ML for false positives;
2. FHE for privacy;
3. stress-tests;
4. group oversight;
5. unified reporting.

COREDO offers comprehensive support: from registration in the EU/Singapore/Dubai to AML services EU. Risk/benefit table:

Over the past two years I have increasingly seen the same scenario: a stable, profitable investment company suddenly gets refused account opening in the Czech Republic, or a bank, without warning, initiates the closure of accounts in the Czech Republic and freezes operations. In one recent case a client received refusals from three Czech banks in a row within six weeks, despite a perfect audit in the EU and an impeccable track record in another jurisdiction.

Why do banks refuse service to investment companies even with a transparent background, real investments, and a clear business model?
How unique is the situation to the Czech Republic, and can you plan your structure in advance to avoid account freezes in the Czech Republic six months after launch?

In this article I will analyze why Czech banks close investment accounts and refuse to provide services, how Czech KYC requirements, AML regulations, EU sanctions and the 14th package affect this, and what strategies the COREDO team is already using today to:

– minimize the risk of AML refusal in the Czech Republic,
– pass KYC verification for investments on the first try,
– build a sustainable banking setup in the Czech Republic and beyond.

If you are planning or already running an investment business with Czech banks (FioBanka, Creditas, UniCredit, ČSOB), I recommend reading the material in full: there will be no generic advice here. I will break down the real banking risk into concrete blocks and show how we at COREDO work with each of them in practice.

Why banks refuse to work with investment companies in Czechia

In recent years the Czech banking sector has undergone a significant tightening of financial compliance and risk management. The Czech National Bank (CNB) has been steadily implementing European banking standards, and international partners are increasing requirements for correspondent accounts in dollars and euros. The result is the same: the refusal of banks to serve investment firms in Czechia has become more the rule than the exception.

What our clients encounter in practice:

• FioBanka and Creditas carefully check “economic substance”, the reality of operations, local presence and a sustained link to Czechia (sustained link to Czechia). The absence of an office, employees or a clear economic rationale for the location often leads Czech banks to close investment accounts already after initial opening.
• UniCredit and ČSOB are increasing their focus on non‑EU residents, especially with complex ownership structures and transactions with third countries: from investment funds to family offices.

Inside banks decisions are made not by front‑office managers but by compliance officers relying on internal risk models: sector, client jurisdictions, sanctions risks, UBO transparency, and transaction history. For investment companies this means one thing: formally correct documents are no longer sufficient; what matters is the transparency of the company’s structure and its logic for the specific bank.

AML refusals in Czechia and KYC non-compliance

The main reason banks refuse investment companies in Czechia is failure to meet KYC (Know Your Customer) and AML (Anti‑Money Laundering) expectations. EU Directive 2018/1673 requires banks not simply to collect a basic package of documents, but effectively to build an evidentiary base showing that:

• the beneficial owners (UBO) are known,
• the source of funds is clear (legality of the source of capital),
• the source of wealth is clear (how the capital was accumulated over the course of activity),
• there are no links to sectors and jurisdictions that increase the risk of money laundering.

At COREDO I constantly see a typical AML refusal scenario in Czechia for investment companies:

• owners with a business history across multiple countries;
• a structure through holdings in different jurisdictions;
• turnover in the tens of millions, but some transactions are through partners or platforms for which there is no detailed documentation.

For a bank this is enough to classify the profile as high‑risk. KYC non‑compliance by investment companies in Czechia often appears in small details:

• a gap between declared forecasts and historical turnover;
• incomplete evidence of the source of capital (no contracts, closing docs, auditors’ reports on M&A deals or exits);
• outdated corporate documents and inconsistencies between legal and financial data.

EU sanctions and Czech banks: investment accounts

A separate block of risks: EU sanctions and their projections into local bank policies. The 14th EU sanctions package increased pressure on both the energy and financial sectors and on transactions with a number of countries that fall within the scope of secondary sanctions and OFAC monitoring.

For Czech banks this means:

• stricter screening of counterparties and beneficiaries;
• expanded control over operations related to certain sectors (energy, finance, trade);
• additional questions for clients who have links to the sanctions perimeter, even if the operations do not directly breach the rules.

At COREDO we model in advance for the client how the 14th EU sanctions package will affect investment flows through Czechia: which jurisdictions should not be used, which sectors require special explanation, and where it is better to separate the operational and investment circuits across different banks and countries.

Blocking of suspicious transactions

Even after successful account opening the risk does not disappear. For many investment companies the real problem starts later: through suspicious transactions in Czech banks that trigger internal monitoring systems.

Typical suspicious patterns include:

• a sharp increase in turnover without an explainable business logic;
• complex chains of transfers through multiple countries or banks;
• regular large transactions with counterparties from high‑risk jurisdictions;
• transactions inconsistent with the declared investment strategy.

Banks pay special attention to high‑risk investment sectors:

• cryptocurrency funds and crypto investment platforms;
• gambling and the betting segment;
• models close to high‑risk trading with an unclear economic substance.

It is not surprising that refusal to service crypto investment companies in Czechia has become commonplace: internal risk models in banks often classify crypto as high‑risk by default. In several cases the COREDO team worked on, crypto led to refusals by Czech banks already at the stage of analyzing the company’s website and marketing materials.

Account opening refusals in the Czech Republic for investment firms

Over the years I have developed a fairly clear matrix of typical reasons why investment companies are refused by Czech banks. I will summarize it using examples of popular banks:

In one case the COREDO team supported a company that was refused three times due to “insufficient connection with the Czech Republic”. We rebuilt the structure: added a local director, signed a genuine office lease, and established operational links with Czech partners. Six months later, on re‑application to another bank the account was opened, and the questions during the bank interview were mainly about the business plan and internal KYC/AML policies, not the owners’ jurisdiction.

Account freezes in the Czech Republic for businesses

Когда речь идёт не о первичном отказе в открытии счёта в Чехии, а о внезапной блокировке счетов в Чехии или решении банка о закрытии счетов в Чехии, последствия для инвесткомпании выходят далеко за пределы банка:

• останавливаются выплаты инвесторам и партнёрам;
• срываются сделки, что напрямую бьёт по ROI и доверительным отношениям с LP;
• повышается риск арбитражных споров с банками и претензий со стороны регуляторов других стран, если затронуты клиенты.

В COREDO при анализе риска блокировки счетов инвестиционных фирм мы используем собственный набор индикаторов: доля операций с high‑risk юрисдикциями, связь с санкционными секторами, сложность структуры UBO, история комплаенса в других банках. Это позволяет оценить ROI‑риски ещё до выбора банка и при необходимости выстроить мультибанковскую стратегию, распределяя потоки по разным юрисдикциям.

Crypto and sanction triggers in investments

Криптоинвестиции: отдельная тема. Для части чешских банков любые связи с крипторынком автоматически относят клиента к высокорисковым отраслям, даже если компания действует строго в рамках регуляций, а модели прозрачны.

Типичные сценарии:

• Банк видит в материалах клиента слова crypto, token, DeFi, и отказывает криптоинвестиционной компании в Чехии, не вдаваясь в подробности.
• Уже работающему фонду банк меняет внутреннюю риск‑политику и через какое‑то время уведомляет о закрытии счетов в Чехии по причине несоответствия обновлённым критериям.
• При появлении новых санкций в отношении отдельных проектов или стран банк усиливает скрининг и расширяет перечень «запрещённых» для себя моделей.

Задача, которую часто решает команда COREDO, адаптация структуры компании: разделить криптоактивность и классические инвестиции по разным юрлицам, банкам и юрисдикциям, чтобы снизить общую нагрузку на комплаенс и не подвергать весь бизнес риску отказа.

How to avoid being declined by banks in the Czech Republic

In practice, the probability of banks refusing investment companies in the Czech Republic can be significantly reduced if account opening is treated as a separate compliance project rather than a technical task.

Key steps I recommend:

Maximum UBO transparency

• Simplify the structure where possible.
• Ensure consistency of beneficiary data across all documents, including foreign registers.
• Prepare a clear explanation of why the structure looks the way it does.

Detailed package for source of funds and source of wealth

• Gather contracts, reports, documents on exit deals, dividends, and asset sales.
• Structure them into a logical chain: from the origin of capital to investments through the Czech company.
• At COREDO we often prepare this as a short “compliance memo” for the bank.

KYC‑ready package for the business model

• A clear business plan with realistic turnover figures.
• Description of target counterparties, countries, and typical transactions.
• Public materials (website, presentations) that do not contradict the stated profile and do not increase the perception of high‑risk.

Preliminary compliance analysis for a specific bank

• Match the bank’s policy on non-residents with your company’s profile.
• Assess how the bank views your countries, industries, and transaction volumes.
• In COREDO’s practice, it’s often more advantageous to choose another bank in the Czech Republic or the EU from the start than to try to “get through” where the risk of refusal is high.

Preparation for the interview with the bank

• Beneficiaries and the director must be able to clearly and consistently explain the model, the origin of funds, and the reasons for choosing the Czech Republic.
• In some cases, the COREDO team conducts interview rehearsals, working through awkward questions before the meeting with the bank.

Strategies for unblocking accounts

If a refusal or blocking has already occurred, there is still room to manoeuvre, but action must be structured.

Practical strategies we apply:

• Request a reasoned refusal and a detailed analysis of the wording from a regulatory perspective: sometimes the bank indicates remediable reasons (incomplete package, unclear source of funds).
• Preparation of an expanded compliance file: additional documents, explanatory letters, updated AML policies/KYC, and internal monitoring procedures.
• An appeal to the bank with a legally sound justification of why the client meets internal and regulatory criteria, including references to local and European standards.
• In the event of a prolonged freeze of assets: assess the feasibility of arbitration proceedings against the bank, taking into account the amount, reputational risks, and prospects.

Alternatives to Czech banks for EU companies

Sometimes the most rational solution is not to force the entire business into the confines of a single Czech bank, but to build a diversified banking strategy relying on other jurisdictions.

In practice, the COREDO team often considers the following options:

Often re‑registering an investment company or creating a holding level in a friendly EU jurisdiction allows you to:

• reduce the likelihood of refusals by Czech banks;
• separate sanction‑sensitive and conservative flows;
• ensure better scalability of the investment portfolio without tying the entire business to a single banking center.

COREDO regularly designs such structures for clients, combining companies in the Czech Republic, Cyprus, Singapore, the UAE and other jurisdictions to strike a balance between market access, tax efficiency and compliance resilience.

Recommendations for investors

I’ll compile everything above into a practical list of actions that I use as the basis for strategic sessions with clients:

1. Conduct a KYC/AML audit before engaging with the bank
Assess the transparency of the UBO, source of funds, and flow structure. If necessary: revise the documents, policies, and model. The cost of such an audit is far lower than the price of account blocking or refusal.

2. Design a banking infrastructure, not just “open an account”
Choose banks taking into account beneficiary jurisdictions, industry, sanctions risks, and expected turnover. In some cases it’s sensible to plan for 2–3 banks in different countries from the start.

3. Minimize sanction and secondary risks
Continuously monitor EU sanctions packages, including the 14th, and the impact of restrictions on partners and industries. Reassess deal structures when rules change so as not to force the bank to stop operations.

4. Prepare a clear narrative for the bank
Including a company presentation, a description of the business model, an explanation of connections with the Czech Republic, counterparty selection criteria, and internal compliance procedures. This is critical, especially for Creditas and ČSOB.

5. Use the experience of specialized consultants
company registration in the EU, obtaining financial licenses, building an AML framework, and supporting banking relationships: this is a separate layer of work. At COREDO we regularly get involved already at the structure design stage so that we don’t have to “remedy” the consequences of refusals, but instead build from the outset a system that is resilient to KYC/AML checks.

Conclusion: checklist before applying to a Czech bank

Before submitting an application to a Czech bank, I would recommend asking yourself five questions:

1. Is the UBO structure and the sources of capital transparent and logical for compliance?
2. Is the business model clear to someone reading about it for the first time, and does it not appear high‑risk without explanations?
3. Do you have a sustainable and documentable connection to the Czech Republic (sustained link to Czechia)?
4. Have sanctions and jurisdictional risks been taken into account, and do your flows avoid intersecting with sensitive areas unless strictly necessary?
5. Do you have a complete, consistent KYC package prepared that will withstand not only the initial review but also subsequent regulatory inspections by the EU and the CNB?

According to European regulators, the fine for unlicensed crypto services in several EU countries already reaches 5% of annual turnover or a fixed threshold of several million euros, and in certain cases an additional double profit penalty is applied — recovery in the double amount of the profit extracted. In COREDO we have seen how such sanctions turned a promising crypto business into a crisis case after just one round of inspection.

When a crypto license is needed

MiCA: Crypto project legally operating without a CASP in the EU

EU Regulation 2023/1114 (MiCA regulation) introduces common rules for CASP services (Crypto‑Asset Service Providers) across the Union: from custodial storage to managing trading platforms and crypto‑to‑crypto or crypto‑to‑fiat exchange. For an entrepreneur the key question is simple: do I fall within the definition of a CASP or not.

• you provide non-custodial crypto services: wallets with full user control of keys, non‑custodial DeFi interfaces, protocols where you do not manage clients’ funds;
• your service is not an organized trading venue where you, as the operator, consolidate orders and are responsible for execution;
• you do not provide personalized investment advice on specific tokens under the MiCA definition;
• all turnover is crypto‑to‑crypto, and fiat off‑ramp avoidance is implemented through third‑party licensed payment gateways.

In practice an unlicensed DeFi protocol or interface can remain in the «regulatory grey zone crypto» if three criteria are met:

• non‑custodial architecture and no access to users’ funds;
• no centralized operator making investment decisions;
• a transparent white paper of the crypto project clearly stating the token status (utility, non‑security) and the risks for users.

At COREDO we regularly conduct compliance audits of such crypto models for clients who want to maximize the flexibility of a non‑licensed crypto project without crossing into CASP.

Fines for crypto without a license: Czech Republic, Lithuania, Malta

Even within the EU regulators treat unlicensed VASPs differently. The most frequent requests to COREDO in 2024–2025 are related to three jurisdictions: Czech Republic, Lithuania, Malta.

One practical alternative is participation in a regulatory crypto sandbox where available: the regulator sees the experimental format in advance, and you get a chance to test the business model before full licensing. For a number of European Web3 teams we have built exactly such a trajectory: a fast launch as non‑custodial, then entry into the sandbox and only after validation – an application for Licensing.

EU crypto license vs no license

When a founder comes to me asking “where is it better to obtain an EU crypto license and where is crypto business without a license acceptable”, I always separate these scenarios along two axes: purpose (EU single market access or global presence) and readiness for regulatory burden.

Classic route: Lithuania, Malta, sometimes Cyprus: with a full crypto license, minimal capital, audit of the crypto company and access to European banks. Alternative route: an offshore crypto entity or onshore‑structures with the territorial taxation principle, where crypto registration without a license is permissible if the business does not serve local residents and does not touch fiat.

Asia: crypto license vs no license

Asian hubs remain one of the main requests from COREDO clients. In practice for Web3 projects we most often consider Singapore, Hong Kong, the UAE and a number of other Asian jurisdictions.

• if you touch fiat, accept client funds or manage them – counting on “crypto without a license is legal” will not work;
• for purely technological models (infrastructure DeFi protocols, analytics, blockchain infrastructure) Web3 project registration may be possible without a crypto license, provided the activity is correctly described and AML frameworks are observed.

If this is not done, the client loses:

• access to payment providers;
• the trust of institutional investors;
• the ability to achieve proper cross-border crypto compliance when entering Europe or the CIS markets.

Advantages of a license-free crypto project in Costa Rica

Costa Rica has become one of the most discussed jurisdictions in COREDO’s requests on license-free crypto projects. The reason is simple: the combination of crypto territorial taxation and a relatively relaxed approach to non-licensed crypto businesses oriented toward foreign clients.

Key features we take into account when structuring:

• territorial taxation principle: taxes are levied only on income from sources in the country; global crypto operations, if properly configured, may not be subject to local tax;
• Costa Rica closed registries: corporate registers are less public, which is more convenient for IP asset shielding and protecting ownership structure;
• no audit requirements for small private companies and the possibility of a single shareholder setup without significant minimum capital.

African crypto jurisdictions with territorial taxation

African emerging crypto zones are still less known to the wider audience, but COREDO already sees steady interest in certain countries with territorial taxation and a flexible approach to unlicensed VASPs. These jurisdictions are of interest when you:

• are targeting global DeFi or Web3 services without directly working with local residents;
• are building scaling non-licensed DeFi and want to test the model before obtaining an EU license;
• are looking for a more tolerant attitude toward regulatory grey-zone crypto, provided there is transparency for banks and investors.

How to launch a crypto project without a license in 2025

When an entrepreneur asks me: «how to launch a crypto project without a crypto license in 2025», I always emphasize: the goal is not to “evade regulation”, but to choose the correct regime with clear rules.

Choosing a jurisdiction

• whether you plan EU clients now or in the foreseeable future;
• how important access to traditional banking is;
• whether you are ready for public disclosure of beneficiaries and reporting.

If you need maximum flexibility and a crypto business without a license, Costa Rica and certain Asian and African jurisdictions come into focus. If the priority is the European market and the brand of a legal player, it makes more sense to plan for an EU crypto license from the start.

Company registration and IP protection

• selects the optimal format of an offshore crypto entity or onshore structure;
• prepares the crypto project’s white paper with a clear description of the revenue model, token status (token utility non-security, where justifiable) and user restrictions;
• sets up IP asset shielding: registering IP in a jurisdiction with strong rights protection, separating IP from the operating company.

AML compliance for a crypto project without a license

• we implement a risk-based KYC model with a KYC threshold exemption for microtransactions;
• we document transaction monitoring procedures, especially for cross-border operations;
• we prepare internal policies and a compliance audit (crypto) as an argument for banks and investors.

Issuance of tokens without a license and without listing

• centralized exchanges carry out their own investor Due Diligence of an unlicensed project;
• without a basic compliance package, a transparent structure and a jurisdictional conclusion on the token’s status, exchange listing of an unlicensed project becomes practically unrealistic.

Scaling and cross-jurisdictional scaling

• assessing turnover thresholds at which the status of a CASP without a license is no longer acceptable and a transition to licensing is required;
• planning entry into the crypto-operators registry where possible as an intermediate step;
• stepwise migration of some functions into a licensed structure while keeping the DeFi core non-custodial.

Risks of a crypto project operating without a license or AML measures

• fines and crypto enforcement actions;
• freezing of bank and exchange accounts;
• attacks on IP and domain assets;
• inability to attract institutional investors.

Fines for crypto services without a license: Czechia, Lithuania

A typical pattern that the COREDO team has seen:

1. first, the bank requests additional information about the activity;
2. then a sudden freezing of assets occurs during the review;
3. in the end: a regulator’s order, a fine and a demand to cease operations.

• we determine in advance whether we need to register as a crypto operator and what the minimum set of procedures required for that is;
• we use legal regimes such as reporting exemption (crypto) and capital adequacy waiver, if the project is small in turnover and does not pose systemic risks;
• we create a structure in which the main financial turnover does not pass through the most aggressive jurisdictions, reducing the likelihood of a “targeted” inspection.

Protection of IP and assets in an unlicensed Web3 project

• protocol code and smart contracts;
• domains and branding;
• user databases.

• registration of trademarks and copyrights in jurisdictions with strong case law;
• separation of IP ownership and operational activity so that local claims against one link do not paralyze the entire ecosystem;
• clear investor protection mechanisms for unlicensed projects: contractual structures, vesting, risk disclosure, even if formally you remain «non‑CASP».

Crypto business without a license: ROI and taxes

The main argument in favor of a “no license” strategy: the ROI of an unlicensed crypto project. But calculations should include not only reduced initial costs, but also the risk-adjusted return of being unlicensed: the probability of fines, losses from blocks, and missed investments.

• initial CAPEX is lower than when obtaining an EU crypto license;
• operational compliance expenses are lower, but not zero;
• the tax burden can be minimized due to territorial taxation and tax risk mitigation;
• On the other hand, access to European and Asian banks and large funds is often limited while the structure remains non-licensed.

• «as is»: profitability without a license, accounting for discounted risks;
• «as will be»: a scenario of gradual transition to licensing (EU or Asia) and accessing a new class of investors.

Key steps to launching a crypto project without a license

• Conduct an initial crypto compliance audit: determine whether the model falls under CASP, VASP, or remains in the non‑custodial zone.
• Choose a jurisdiction with clear rules and territorial taxation (Costa Rica, certain Asian and African hubs) if the goal is a license‑free crypto business with a global focus.
• Implement AML/KYC even without a formal requirement: it’s the foundation of trust for banks, exchanges, and investors.
• Prepare a quality white paper and financial plan taking into account reporting exemption for crypto, if you plan to be listed in registries.
• Plan an exit strategy for the crypto project: at what turnover you will move to crypto licensing in 2025 (EU or Asia), so as not to run into sanctions from MiCA and local regulators.
• For businesses from the CIS: proactively plan CIS business crypto expansion through structures in the EU/Asia/Africa to avoid situations where a fine of up to 5% of turnover and asset freezes put an end to the project.