EU/EEA PassportingMiCA CASP authorisation

CASP Authorisation in Iceland

Iceland is an EEA/Nordic CASP route under the Central Bank of Iceland for teams that want niche Nordic positioning and regulated CASP operations under the MiCA framework. It is still a full substance route: governance, local staff, office, audit, AML and banking readiness need to be built into the application.

Processing time
From 6 months
Service price
21 900 EUR
Required share capital
From 50 000 EUR
State fee
Approx. 5,000 EUR
Annual supervision fee
Approx. 3,000 EUR
Banking difficulty
Medium to high
RegulatorCentral Bank of Iceland

Confirm current Central Bank of Iceland MiCA/CASP application guidance, EEA implementation status, fee schedule, service categories, filing process and supervisory expectations before using this page for client advice.

Regulatory status should be confirmed by local counsel before relying on this route.

What is Iceland CASP authorisation?

Iceland CASP authorisation is the Icelandic EEA/Nordic route for crypto-asset service providers under Central Bank of Iceland supervision and the MiCA framework as applied through the EEA context. It fits teams that want regulated CASP operations with a distinctive Nordic jurisdictional profile.

CASP
Jurisdiction
Iceland
Regulator
Central Bank of Iceland
Regime
CASP
Legal basis
Legal basis: MiCA CASP authorisation route supervised in Iceland by the Central Bank of Iceland, subject to Icelandic and EEA implementation details.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

CASP service scope in Iceland

An Iceland CASP application should start with a precise service perimeter. Exchange, custody, brokerage, wallet, advisory, staking and payment-adjacent services can each change the required evidence for governance, AML, safeguarding, technology and banking.

  • Exchange

    Conditional

    Exchange activity may require additional scope or separate licensing.

  • Custody

    Conditional

    Custody may require separate review or additional controls.

  • Brokerage

    Conditional

    Brokerage or OTC activity typically fits within scope.

  • Wallet provider

    Conditional

    Exchange activity may require additional scope or separate licensing.

  • EU market

    Included

    EU/EEA passporting available.

  • Startups

    Excluded

    High setup complexity means significant budget is needed.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

EU/EEA passporting from Iceland

Iceland can support EU/EEA passporting planning as an EEA/MiCA route, but passporting should be presented as a controlled regulatory process tied to approved services, target markets and notifications. It is not automatic access to every EU product, client segment or future activity.

  • Define target EU/EEA countries, client types, distribution channels and service categories before submission.

  • Map passporting plans to each requested CASP permission and the controls supporting that service.

  • Use Iceland when niche Nordic/EEA positioning is commercially valuable and the team can maintain substance, governance and compliance after authorisation.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Capital, governance and audit expectations

The CSV snapshot positions Iceland as a high-complexity route with share capital from 50,000 EUR, state fee of approximately 5,000 EUR, annual supervision fee of approximately 3,000 EUR, local staff, physical office and audit.

  • Board, senior management, compliance, AML and technology owners should be identified and credible before filing.high
  • Capital planning should match the requested service scope, especially for exchange, custody and fiat-heavy operations.high
  • Audit, outsourcing oversight, reporting, incident management and compliance monitoring should be budgeted as recurring obligations.high

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Iceland CASP application bottlenecks

Typical blockers are operating-model weaknesses rather than form-filling issues. Iceland works best when the team resolves service scope, governance, local substance, AML, safeguarding, audit and banking readiness before treating the route as a timeline exercise.

  • Unclear CASP service perimeter or EU/EEA passporting plan

    High

  • Icelandic office or staffing model that does not support real local substance

    High

  • Weak custody, safeguarding, wallet or technology-control evidence

    High

  • Generic AML policies that do not match clients, tokens, geography and fiat flows

    High

  • Banking, EMI, PI or PSP package prepared too late

    High

  • Route selection driven by a low-budget or fast offshore objective rather than regulated Nordic/EEA operations

    High

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Activity fit for this route

Review which crypto activities fit within the scope of this route.

Exchange
Conditional

Exchange activity may require additional scope or separate licensing.

Custody
Conditional

Custody may require separate review or additional controls.

Brokerage
Conditional

Brokerage or OTC activity typically fits within scope.

Wallet provider
Conditional

Exchange activity may require additional scope or separate licensing.

EU market
Suitable

EU/EEA passporting available.

Startups
Not suitable

High setup complexity means significant budget is needed.

Not sure if your model fits? Request a licensing assessment

Is Iceland CASP authorisation right for your project?

Best for

  • EU passporting and regulated CASP operations
  • EU/EEA market access

Not suitable for

  • Low-budget or fast offshore setup
  • Projects without a prepared banking strategy

Banking difficulty is high for this route. Prepare a banking strategy before committing to the Iceland route.

Core requirements

Use this section to check the main regulatory and operational requirements before committing to a jurisdiction.

Required share capitalFrom 50 000 EUR
Required
Local staffRequired
Required
Physical officeRequired
Required
AuditRequired
Required

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Local substance in Iceland

Local staff and a physical office should be treated as real operating requirements. A defensible Iceland model explains which management, compliance, AML and operational responsibilities sit locally and how group or third-party support is supervised.

Local staff

Required

Required

At least one locally-accountable staff member or director is expected.

Physical office

Required

Required

A genuine office presence is expected, not a nominal registered address.

Audit

Required

Required

External audit is required for ongoing supervision compliance.

Planning notes

  • Plan Icelandic compliance ownership and regulator-facing accountability before filing.
  • Document what is controlled in Iceland and what is outsourced to group entities, technology vendors or other service providers.
  • Budget staff, office, audit and recurring compliance separately from the application advisory fee.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Service price (professional fees)Application preparation and professional services.
21 900 EUR EURFixed
State fee
Approx. 5,000 EURFrom
Annual supervision feeRecurring annual cost after authorisation.
Approx. 3,000 EURFrom
Required share capitalMust be held, not an expenditure.
From 50 000 EURFrom
High ongoing cost

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown — Iceland

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Cost itemAmount
Service priceApplication preparation and professional services.€21,900
State fee€1
Required share capitalMust be held, not an expenditure.€50,000

Summary

One-off costs
€71,901
Annual (year 1)
€0
Total year 1
€71,901

Adjust to convert to your base currency.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Application process

The sequence below shows the usual project flow. Exact steps depend on the regulator, business model and application scope. Iceland — From 6 months.

Total timelineFrom 6 months

  1. Pre-assessment and scope review

    1–3 weeks

    Define the activity scope, governance model and target markets before formal preparation.

  2. Company setup in Iceland

    2–6 weeks

    Establish legal entity, appoint local staff and set up local operating structure.

  3. Documentation and compliance packBottleneck risk

    3–8 weeks

    Prepare AML/CFT policies, governance documents, controls framework and application materials.

  4. Application submission to Central Bank of Iceland

    1–2 weeks

    Submit complete application with all required documentation.

  5. Regulator reviewBottleneck risk

    From 6 months

    Regulator reviews the application. May request clarifications. Incomplete files extend this phase.

    Depends on: File quality and completeness

  6. Authorisation or registration confirmation

    1–4 weeks

    Regulator confirms authorisation or registration. Commence operations.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

What can delay or increase cost

These factors are most likely to affect timelines and budgets for this route.

High setup complexity
High

Setup complexity is rated high for Iceland. Company setup, governance and documentation take longer than average.

Likely impactAdd 4–8 weeks to the preparation phase.
MitigationStart company setup and governance planning immediately after scope confirmation.
Banking difficulty
High

Banking difficulty is rated high. Opening accounts for crypto businesses in Iceland requires extensive documentation.

Likely impactBanking can delay or block operations for 3–6 months after authorisation.
MitigationIdentify and pre-qualify banking partners before submitting the application.
High maintenance cost
Medium

Ongoing supervision, audit and compliance costs are above average. Budget for these separately from the application fee.

Likely impactRecurring annual cost significantly above the one-time service price.
MitigationModel annual compliance costs before committing to this route.
Application completeness
Medium

Incomplete files are the most common cause of delay. Regulator queries extend review by weeks or months.

Likely impactEach regulator query adds 2–6 weeks to the review phase.
MitigationUse a structured compliance pack. Review file completeness before submission.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Banking and PSP strategy in Iceland

Iceland offers high Nordic/EEA regulatory credibility, but banking difficulty remains medium to high for crypto businesses. Bank, EMI, PI and PSP readiness should run in parallel with the CASP application, especially for custody, exchange and fiat-heavy flows.

Banking difficulty
High

Reflects how challenging it is to open and maintain business bank accounts in this jurisdiction.

Medium PSP availability
Medium

Reflects availability of payment service providers willing to onboard crypto-licensed entities.

A licence or registration does not guarantee bank account or payment provider approval. Banking feasibility should be reviewed before the application strategy is finalized.

Preparation checklist

  • Prepare ownership, source-of-funds, flow-of-funds, client geography, token policy and transaction-monitoring evidence early.
  • Explain safeguarding, settlement flows, fiat rails and reconciliation before approaching banks or PSPs.
  • Do not assume Central Bank of Iceland authorisation will automatically solve account opening or payment provider onboarding.

Business model fit — Iceland

Assess how well this route covers your planned activities.

Fit score

Good fit
0/6
Partial fit
6/6
Poor fit
0/6

Iceland may not cover your primary activities

Consider an alternative route that better matches your activity profile.

Central Bank of Iceland application profile

Regulatory authority · Iceland

Central Bank of Iceland

An Iceland CASP file should read like a mature financial-services application. Central Bank of Iceland positioning is strongest when the applicant can show clear services, accountable management, Icelandic substance, AML controls, safeguarding and a realistic banking or PSP package.

Likely areas of scrutiny
  • Iceland's regulatory reputation is high, but weak local substance or template policies are likely to create review friction.
  • Custody, exchange and cross-border fiat flows need deeper controls than narrow brokerage or advisory models.
  • AML, sanctions, travel rule, transaction monitoring, outsourcing and cybersecurity evidence should be product-specific.
  • Fees, timelines, EEA implementation details, forms and Central Bank of Iceland process should be rechecked before client-facing reliance.
Regulatory reputation
High

Strong international recognition and established supervision track record.

Setup complexity
High

Reflects documentation depth, governance requirements and expected review friction.

Regulatory risk
Medium

Reflects likelihood of delays, additional information requests or policy uncertainty.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Compliance documentation

Most crypto licensing routes require a documented compliance framework before submission, not only after approval.

  • Required
    AML/CFT policy and risk assessmentDocument your customer risk model and control framework.
  • Required
    Customer due diligence (CDD) procedures
  • Required
    Enhanced due diligence (EDD) proceduresFor high-risk clients and jurisdictions.
  • Required
    Transaction monitoring system and rules
  • Required
    Sanctions screening procedures
  • Required
    Suspicious activity reporting (SAR) process
  • Required
    MLRO / Compliance officer appointmentLocal accountability may be required.
  • Recommended
    Board-approved governance charter
  • Conditional
    Outsourcing policy and monitoringRequired if functions are outsourced.
  • Recommended
    ICT / cybersecurity policy
  • Required
    Complaints handling procedure
  • Required
    Annual external audit engagementRequired for ongoing supervision compliance.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Documents to prepare

Preparing these materials before filing reduces regulator questions and helps with banking or payment provider onboarding.

0 / 12 required
Required
Recommended
Depends on scope

Corporate documents

AML and compliance

Operational

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Risk assessment

Main risk dimensions for the Iceland route.

Banking difficulty
High

Route risk rating — banking difficulty: Medium to high. Authorisation does not guarantee bank account opening.

Mitigation: Start banking outreach and compliance preparation before the application.

Setup complexity
High

Route risk rating — setup complexity: High.

Maintenance cost
High

Route risk rating — maintenance cost: High. Budget for ongoing compliance, fees and supervision separately.

Regulatory reputation
High

Route risk rating — regulatory reputation: High.

Regulatory risk
Medium

Route risk rating — regulatory risk: Low to medium. Weak compliance, vague scope or insufficient controls increase review risk.

Mitigation: Prepare an evidence-based compliance file before submission.

This content is for general orientation only. Crypto regulation changes quickly and the final scope should be confirmed through a jurisdiction-specific legal review before filing or incorporation.

Iceland CASP vs alternatives

Compare Iceland with Norway CASP when Norwegian or broader Nordic/EEA positioning matters, Sweden CASP and Denmark CASP for larger Nordic/EU regulator profiles, and Malta CASP for an established MFSA-facing EU/MiCA crypto authorisation route.

Current

Iceland

CASP

Price
21 900 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

Norway (CASP)

CASP

Passporting
EEA assessment required
Banking
Medium to high
Reputation
High

+ Nordic/EEA comparison route when Norwegian market positioning is commercially important

Requires separate validation of Norway-specific CASP timing, EEA implementation and passporting mechanics

View route

Sweden (CASP)

CASP

Price
25 500 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Nordic/EU route with strong regulator reputation and broader EU market familiarity

Not a lighter route for substance, AML, audit or banking preparation

View route

Denmark (CASP)

CASP

Price
21 400 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Nordic/EU alternative for regulated CASP operations and regional credibility

Requires MiCA-grade governance, local substance and banking preparation

View route

Malta (CASP)

CASP

Price
20 700 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Established MFSA-facing EU/MiCA CASP route for regulated crypto operations

Less distinctive for niche Nordic/EEA positioning

View route

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Iceland vs other CASP routes

Compare key parameters across CASP authorisation routes.

Sort by:
IcelandCurrent
Price21 900 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Sweden
Price25 500 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Denmark
Price21 400 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Malta
Price20 700 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh

Check your readiness for Iceland CASP authorisation

Documented AML/CFT policies, risk assessment, compliance officer.

Share capital

From 50 000 EUR minimum capital required.

AML/CFT framework

Documented AML/CFT policies, risk assessment, compliance officer.

Governance structure

Board, management, accountability chain defined.

Banking preparation

Banking strategy and identified partners.

Local substance plan

Local staff and office in Iceland.

Readiness status

Answer the criteria on the left to see your readiness status.

Frequently asked questions

Iceland CASP authorisation can support EU/EEA passporting planning for approved services through the EEA/MiCA framework and the required notification process. It should not be presented as automatic access for every market, product, client type or future activity.

Iceland is best suited for teams that need regulated CASP operations, value niche Nordic/EEA positioning and can support Central Bank of Iceland supervision, local substance, governance, AML, audit and banking preparation.

No. Iceland is a high-complexity route with local staff, physical office, audit, capital, compliance ownership and ongoing controls. It fits regulated EEA operations better than low-cost launch planning.

Check CASP service scope, EEA implementation status, target markets, Icelandic substance, management accountability, AML and travel rule controls, safeguarding, outsourcing, audit, banking or PSP readiness and any non-MiCA permission triggers.

Compare Iceland with Norway when Nordic/EEA positioning is the main driver, Sweden and Denmark when larger Nordic/EU regulator profiles are preferred, and Malta when an established MFSA-facing EU/MiCA crypto route is a better fit.

The page is not legal advice and should not be relied on as a substitute for advice from qualified counsel in the relevant jurisdiction.

Your dedicated specialists

  • Enrico Kärvinen

    Enrico

  • Rein Tammik

    Rein

  • Jurata Žukaitė

    Jurata

  • Andrej Kazlauskas

    Andrej

  • Marta Värna

    Marta

  • Katrin Lepik

    Katrin

  • Inga Stankavičiūtė

    Inga

Request a Iceland CASP assessment

Share your planned activities, target markets and timeline. We will review which crypto licensing route is likely to fit.

Leave open if you want a country comparison.
Select every activity you plan to offer. The licence route may change if you include custody, exchange, trading platform or fiat flows.
Include service fees, regulator fees, share capital, local office or staff, audit and ongoing compliance.

By submitting this form, you agree to be contacted about your crypto licensing request. Do not include passwords, private keys or confidential customer data.