General
MiCA is live: licensing is over, operational compliance starts now
The MiCA deadline settled the question of authorization for most firms, but operational compliance now depends on demonstrating consistent controls across every transaction, counterparty and custody integration.

The MiCA conversation has moved from licensing to operations. For the past eighteen months, most firms have been focused on one objective: obtaining authorization before the end of the transitional period. That deadline has passed, and from now on, crypto-asset service providers operating in the EU without a MiCA license are no longer permitted to offer regulated services to their clients.
For authorized firms, however, receiving a license is only the starting point. The market is already rewarding compliant infrastructure. Range's State of Euro Stablecoins 2025 report found that MiCA-compliant euro stablecoins are rapidly gaining market share.
The real challenge begins once transactions move through your treasury. From now on, every payment, custody integration and client onboarding process needs to stand up to regulatory scrutiny. The question is no longer whether your business is authorized, it is whether your controls operate consistently across every transaction.
After the deadline, operational compliance begins
The European Securities and Markets Authority (ESMA) statement ahead of the July 2026 deadline focused on more than the end of the transitional period.
Alongside expectations for firms that failed to obtain authorization, the statement highlights what authorized crypto-asset service providers (CASPs) are expected to do next: manage client migrations, apply robust AML and KYC processes and ensure custody integrations comply with MiCA's requirements.
This last point deserves particular attention. In ESMA's words, MiCA "specifically prohibits CASPs from outsourcing or delegating certain services, namely custody, to entities not authorized as CASPs themselves." That includes situations where custody ultimately sits with a non-EU affiliate or another entity within the same corporate group. Under MiCA, authorization applies to the legal entity providing the service, not simply to the brand.
These expectations all depend on one operational capability: knowing exactly how, and with whom, your organization is transacting.
In practice, that is rarely how digital asset operations are organized. A single counterparty may appear as multiple wallets, exchange deposit addresses, bank accounts or legal entities across different systems. Those relationships often exist in separate compliance, treasury and finance platforms, making it difficult to assess them as a single operational record.
MiCA increases the importance of unifying those records.
Client migration is the first test of those controls
The most visible compliance checks remain familiar: sanctions screening, AML controls and customer due diligence. The problem is making those controls consistent across every transaction.
Consider a client migrating from another provider. ESMA expects authorized CASPs to onboard those clients using robust AML and CFT processes before they begin operating under the new regime. That process involves more than collecting IDs.
Finance and compliance teams need confidence that the wallets, exchange and bank accounts associated with that client all belong to the same counterparty, and that previous activity has been assessed before new transactions are executed.
Controls are strongest before money moves
Many compliance programs already rely on high-quality sanctions and AML data. The question is where those controls are applied. A report generated after settlement can show that a transaction was reviewed, but not that it could have been prevented.
Pre-execution controls become increasingly important. Screening counterparties, verifying entity relationships and evaluating risks before settlement provides an auditable record of the decision itself, rather than simply documenting what happened afterwards.
That operational record becomes valuable across finance, treasury and compliance teams because everyone works from the same information.
This is what operational compliance looks like in practice
The specific examination will vary by business model, but the underlying evidence regulators expect is remarkably consistent.
An examiner is unlikely to begin by asking which software you use. They are more likely to ask whether you can identify the legal entity behind a wallet, demonstrate that controls ran before funds moved and produce a single operational record linking the counterparty, transaction and outcome.
Answering those questions should not require a week and the reconciliation of multiple spreadsheets. That is where treasury infrastructure becomes part of the compliance stack.
Range supports this operational model by bringing wallets, custodians, exchanges and bank accounts into a single real-time ledger. Our Transaction Screening evaluates every transaction for sanctions, fraud and operational risk before settlement, blocking onchain transactions before execution, while Counterparty Management links wallets, exchanges and bank accounts to the underlying legal entity, giving finance and compliance teams a consistent view of who they are transacting with across stablecoins and fiat.
Most organizations were already managing multiple custodians, wallets, exchanges and banking partners before MiCA. The regulation didn't introduce that complexity, it raised the standard for demonstrating control over it.
If you want to see where your current setup creates gaps against the new MiCA obligations, get in touch with our team and we will walk through it in your own flows.