CASP license for cryptocurrency in Spain rules and stages - read in the blog of the company COREDO

Nikita Veremeev

30.08.2025 | 6 min read

Updated: 30.08.2025

CASP license Spain: it’s not just a formal admission to activities with crypto-assets but also a strategic tool for entering the European market. This status allows you to legally provide custodial services, brokerage services, launch crypto-exchange platforms, and work with stablecoins according to the EU’s single standards.
The registry of cryptocurrency companies in Spain, controlled by the National Securities Market Commission (CNMV), serves as a marker of transparency and reliability for banks and investors. In practice, a solution developed by COREDO for one of its clients allowed not only obtaining a CASP license but also opening a corporate account in one of the leading Spanish banks, which was previously considered almost impossible for crypto companies.
The key advantage is direct access to the EU payment infrastructure and the opportunity to provide cross-border services without needing to re-license in other Union countries.

Differences between CASP and VASP licenses in the EU

CASP license Spain is based on the MiCA Regulation and significantly differs from the previous VASP license in several parameters:

Criterion	VASP License (before MiCA)	CASP License (MiCA)
Regulator	SEPBLAC	CNMV
Capital Requirements	Minimal	From 125,000 to 150,000 EUR
AML/CFT	National norms	EU + national norms
Cross-border service rights	No	Yes (passporting in the EU)
Activity domains	Limited	Custody, exchange, brokerage, ICO
Management responsibility	Limited	Personal and criminal

COREDO’s experience shows: transition to CASP status opens new opportunities for clients to integrate with the financial system and attract institutional investors who previously avoided projects with unclear status.

The impact of MiCA on the crypto market in Spain

MiCA Regulation: it’s not just a new law but a fundamental shift in the crypto-assets regulation paradigm in the EU. Spain is one of the first to implement MiCA into national legislation, creating a unique window of opportunity for early market participants.

The MiCA transition period in Spain will last until the end of 2025, but CNMV and SEPBLAC are already intensifying control over companies’ compliance with new standards.

COREDO’s practice confirms: projects that implement internal AML, KYC procedures, and financial monitoring beforehand gain a competitive advantage and reduce rejection risks during licensing.

Actionable advice:

Analyze the strategic advantages of CASP licensing for your business: entering the EU market, accessing banking infrastructure, and scaling opportunities.
Assess the differences between CASP and VASP licenses regarding rights, obligations, and risks.
Stay updated on changes in MiCA and national norms to timely adapt internal processes.

Regulation of cryptocurrencies in Spain

Illustration for the section 'Regulation of cryptocurrencies in Spain' in the article 'CASP License for Cryptocurrency in Spain – Rules and Stages'

Today, Spain is one of the most dynamic and regulated jurisdictions for cryptocurrency business in the EU. Law 6/2023 (LMV), MiCA Regulation, and CNMV national instructions form a comprehensive approach to crypto-assets control, balancing innovation with investor protection.

Implementation of MiCA in Spain 2025

MiCA Regulation (Markets in Crypto-Assets Regulation) establishes uniform rules for all crypto service operators in the EU, including capital requirements, information disclosure, investor protection, and AML/CFT.

In Spain, MiCA is implemented in stages: first, companies must register in the Spanish Cryptocurrency Companies Registry, then undergo Licensing through CNMV.

Special attention is given to stablecoin regulation (stablecoin regulation Spain) and custodial services, where IT infrastructure and reserve requirements are significantly higher than for classic VASP.

Control over cryptocurrency companies in Spain

The National Securities Market Commission (CNMV) is responsible for licensing and supervising CASP operators, including auditing internal procedures, reviewing business plans, and monitoring operations.

SEPBLAC (Servicio Ejecutivo de la Comisión de Prevención del Blanqueo de Capitales e Infracciones Monetarias) conducts AML control, including KYC checks, internal audit, and risk assessment of cryptocurrency operations.

Bank of Spain cryptocurrency: The Bank of Spain controls payment issues, corporate account openings, and the integration of crypto business into the traditional financial system.

MiCA transition period: what businesses need to know

The MiCA transition period in Spain lasts until the end of 2025. During this period, companies already registered in the Cryptocurrency Companies Registry can continue operations but must align internal policies, IT systems, and AML/CFT procedures with new requirements.

COREDO’s team has implemented several projects to adapt clients’ business processes to MiCA, avoiding sanctions and accelerating licensing.

Actionable advice:

Start preparing for licensing in advance, considering the transition period deadlines.
Implement internal AML/KYC policies and prepare IT infrastructure for CNMV and SEPBLAC audits.
Assess risks and opportunities related to MiCA implementation for strategic planning.

Smooth transition to the next section:

Next, we will examine the key steps for obtaining a crypto business license in Spain and MiCA requirements.

Crypto business license in Spain

Illustration for the section 'Crypto business license in Spain' in the article 'CASP License for Cryptocurrency in Spain – Rules and Stages'

The process of obtaining a CASP license in Spain requires a comprehensive approach to legal structure, capital, internal procedures, and document preparation.

COREDO’s practice shows: a systematic approach to document preparation and business planning minimizes rejection risks and speeds up application review.

Registration of a crypto company in Spain

For registering a cryptocurrency company in Spain, the optimal form is Sociedad Limitada (S.L.), allowing flexible capital structure management and meeting CNMV requirements.

Spanish Trade Register: the first step for business legalization: requires a unique name, charter, information on directors and founders, and confirmation of the legal address.

Capital and company structure requirements

The minimum capital for a CASP license depends on the type of activity:

Custodial services: from 150,000 EUR
Crypto exchange platforms: from 125,000 EUR
Brokerage services with crypto assets: from 125,000 EUR

The company structure must include:

Directors with experience in the financial or IT sector
Crypto company compliance officer with AML/CFT experience
Internal audit and risk assessment procedures

Submitting the application to CNMV: business plan and documents

Development of a business plan describing the business model, target markets, IT architecture, and AML/KYC procedures.
Preparation of a document package for Crypto license Spain: charter, information on beneficiaries, internal policies, contracts with IT solution providers.
Submission of the application to CNMV and preliminary review.
Interaction with SEPBLAC for AML/CFT procedure approval.
Obtaining permission and entry in the CASP operators register.

Application review timeframes and applicants’ mistakes

The timeframe for obtaining a CASP license is from 3 to 6 months, provided the documents are correctly prepared.

Typical mistakes: incomplete document package, business plan non-compliance with MiCA requirements, lack of a qualified compliance officer.

Actionable advice:

Choose the legal form S.L. for flexibility and to meet requirements.
Form a team with AML/CFT and IT experience.
Prepare the business plan and internal policies considering MiCA and CNMV requirements.

AML/KYC for crypto companies in Spain

Illustration for the section 'AML/KYC for crypto companies in Spain' in the article 'CASP License for Cryptocurrency in Spain – Rules and Stages'

Implementing effective AML/KYC procedures: a key factor for successful licensing and long-term sustainability of crypto business in Spain.

The market demands high requirements for internal policies, automation, and audits.

Effective implementation of these procedures forms the basis for compliance with the strictest regulations and preparation for audit checks, which we will discuss in more detail in the next section.

AML/CFT: policy and audit requirements

MiCA and national norms require:

The development of internal AML procedures, including customer identification and verification (KYC)
Risk assessment of cryptocurrency operations
Regular internal audits of the crypto company
Documentation of business processes for licensing

COREDO implements comprehensive solutions for clients, including automated financial monitoring of operations and regular updates of internal policies.

SEPBLAC check: preparing for inspection

SEPBLAC conducts checks not only at the licensing stage but also during operational activities.

Our experience at COREDO showed: regular testing of procedures, staff training, and maintaining detailed documentation significantly reduce the risk of sanctions.

AML and KYC automation: best solutions

Modern platforms allow the automation of customer verification processes, transaction monitoring, and detection of suspicious operations.

A solution developed by COREDO for one of the European clients allowed reducing the time for KYC procedures by 3 times and increasing transparency for CNMV auditors.

Actionable advice:

Implement automated AML/KYC solutions with integration capability with banking and government systems.
Regularly update internal policies and conduct internal audits.
Prepare for SEPBLAC inspections through team training and procedure stress testing.

Opening an account for a crypto company in Spain

Illustration for the section ‘Opening an account for a crypto company in Spain’ in the article ‘CASP License for Cryptocurrency in Spain – Rules and Stages’

opening a bank account for a crypto company in Spain: one of the most challenging stages requires transparency of the business model and compliance with compliance standards.

Bank requirements for CASP companies

Banks set the following requirements for CASP operators:

Confirmation of the license or status in the CNMV registry
Presence of transparent AML/KYC procedures
Description of business structure and source of funds
Detailed documentation on IT infrastructure and data protection

Account opening and integration into the financial system

Preparing a complete document package, including business plan, internal policies, registration confirmation.
Bank presentation of the business model focusing on transparency and risk control.
Interaction with the Bank of Spain to agree on the specifics of operations with crypto assets.

COREDO’s practice confirms that companies that have implemented automated monitoring and reporting systems receive positive account opening decisions twice as fast.

Problems and risks working with banks

Main difficulties: lengthy compliance process, requests for additional documents, increased transparency requirements for operations.

COREDO’s recommendation: build relationships with the bank based on regular reporting, openness, and readiness for additional checks.

Actionable advice:

Prepare an expanded document package and internal policies in advance.
Demonstrate transparency of business processes and sources of funds.
Use automation to speed up compliance procedures.

Responsibility and risks for CASP in Spain

Illustration for the section 'Responsibility and risks for CASP in Spain' in the article 'CASP License for Cryptocurrency in Spain – Rules and Stages'

CASP license: not just rights but also serious legal obligations, including management responsibility, fines, and requirements for investor protection.

Responsibility of CASP operators

Crypto company executives bear personal and criminal responsibility for violations of AML/CFT rules, information disclosure, and client rights protection.

Internal audit and regular procedure updates: mandatory elements for risk mitigation.

Typical violations and fines: how to avoid

Violation	Fine (EUR)	Consequences
AML/KYC violation	150,000 – 5,000,000	License suspension
Insufficient capital	50,000 – 1,000,000	Temporary blocking
Absence of internal audit	100,000 – 500,000	Unscheduled inspection
Incomplete information disclosure	200,000 – 2,000,000	CNMV and SEPBLAC sanctions

COREDO’s practice shows: regular internal audits and implementing automated reporting systems minimize violation likelihood.

Client and investor protection

MiCA and national norms require:

Liability insurance for clients
Development of refund procedures
Operational transparency and regular reporting

Actionable advice:

Conduct regular internal audit and update AML/KYC policies.
Implement liability and refund insurance systems.
Prepare the team for inspections and unscheduled checks.

CASP license for crypto business in the EU

CASP license Spain opens opportunities for business scaling within the EU and entering new markets without needing re-licensing.

Business scaling in the EU and abroad

Thanks to the passporting mechanism, a CASP license allows providing services in all EU countries, significantly reducing costs and speeding up entry into new markets.

COREDO’s team implemented projects for scaling crypto business with CASP licenses into markets in Germany, France, and Benelux countries.

Gambling regulation in Spain and the EU

Jurisdiction	Minimum Capital	Licensing Timeframes	Features
Spain	125,000 – 150,000	3–6 months	High level of banking integration
Estonia	12,000	2–4 months	Simpler procedure but weaker investor protection
Cyprus	50,000	4–8 months	Strict AML control
United Kingdom	100,000	6–12 months	No passporting in the EU

Optimizing structure and tax burden

Optimizing company structure: an important element for reducing tax burden and increasing efficiency.

A solution implemented by COREDO for one of its clients included creating a holding structure with function distribution between Spanish S.L. and subsidiaries in other EU jurisdictions.

Actionable advice:

Use passporting for rapid market entry into the EU.
Compare requirements and costs of different jurisdictions to choose the optimal structure.
Engage experts to build holding and tax-efficient models.

CASP licensing in Spain: how to proceed

The success of licensing depends on a systematic approach to company preparation, business planning, internal procedures, and choosing a reliable partner.

Company and business plan preparation: step by step

Conduct an audit of current business processes and identify gaps in AML/KYC.
Develop a business plan considering MiCA requirements and CNMV.
Prepare internal policies, procedures, and IT architecture for report automation.

How to choose a legal consultant

COREDO’s practice confirms: involving experts significantly reduces rejection risks and speeds up the process.

Key criteria for partner selection:

Experience with CASP and MiCA licenses
Deep understanding of national and European norms
Comprehensive support: from registration to audit and scaling

Evaluating the effectiveness of the CASP license: metrics and KPIs

Time to obtain a license and open a bank account
The number of successfully completed AML/KYC procedures
Percentage of operations complying with MiCA and CNMV requirements
ROI of crypto company after CASP license implementation

Actionable advice:

Use metrics and KPIs to evaluate the effectiveness of license implementation.
Engage experts for auditing and optimizing business processes.
Invest in automation and team training.

Answers to entrepreneurs’ questions

CASP license Spain – is a strategic asset for the crypto business, ensuring legal entry into the EU market, investor protection, and scaling opportunities.

Entrepreneurs and Investors’ questions, FAQ

What advantages do CASP licenses offer for investors and partners?
The CASP license confirms the company’s compliance with MiCA standards, reducing risks for investors and easing funding attraction.

How does the CASP license impact the ROI of a crypto company?
A legal status, access to banking infrastructure, and the ability for cross-border operations increase investment profitability and accelerate business growth.

What long-term risks and obligations arise for CASP license owners?
The main risks relate to non-compliance with AML/CFT, insufficient client rights protection, and reporting errors. Obligations include regular audits, policy updates, and management’s personal responsibility.

How will regulation change after full MiCA implementation in Spain?
There is expected tightening of control over internal procedures, report automation, and investor protection enhancement. Companies that have prepared ahead for these changes will gain a competitive edge.

Regulation and market: outlook until 2026

Tightening requirements for IT infrastructure and data security
Increase in CNMV and SEPBLAC inspections
Heightened competition among CASP operators and market consolidation
The emergence of new business models based on tokenization and stablecoin

Insights for managerial decisions

Build strategy considering MiCA long-term trends and national norms.
Invest in automation and internal audit for sustainable growth.
Engage COREDO experts for comprehensive support at all stages of licensing and business scaling.

CASP license Spain: not just a formality, but a strategic resource for growth, investor trust, and sustainable development of your crypto business. COREDO’s practice proves: a systematic approach, expertise, and comprehensive solutions are keys to success in the European digital asset market.