EU/EEA PassportingMiCA CASP authorisation

CASP Authorisation in Norway

Norway is an EEA/Nordic CASP route under Finanstilsynet for teams that need regulated crypto-asset services, Nordic credibility and EEA passporting planning. It is relatively expensive and substance-heavy: governance, AML, audit, local operations and banking readiness should be built before the route is treated as commercially viable.

Processing time
From 6 months
Service price
27 800 EUR
Required share capital
From 50 000 EUR
State fee
Approx. 8,000 EUR
Annual supervision fee
Approx. 5,000 EUR
Banking difficulty
Medium to high
RegulatorFinancial Supervisory Authority of Norway (Finanstilsynet)

Confirm current Finanstilsynet MiCA/CASP application guidance, Norwegian EEA implementation status, fee schedule, service categories, filing process and supervisory expectations before using this page for client advice.

Regulatory status should be confirmed by local counsel before relying on this route.

What is Norway CASP authorisation?

Norway CASP authorisation is the Finanstilsynet-supervised Norwegian route for crypto-asset service providers under the EEA/Nordic MiCA framework. It is strongest for teams that need high Nordic credibility and can support real governance, AML, compliance ownership and local substance.

CASP
Jurisdiction
Norway
Regulator
Financial Supervisory Authority of Norway (Finanstilsynet)
Regime
CASP
Legal basis
Legal basis: MiCA CASP authorisation supervised in Norway by the Financial Supervisory Authority of Norway (Finanstilsynet), subject to Norway-specific EEA implementation and process checks.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

CASP service scope in Norway

A Norway CASP application should start with a precise service perimeter. Exchange, custody, brokerage, wallet, advisory, staking and payment-adjacent services can each change the expected evidence for governance, AML, safeguarding, technology and banking.

  • Exchange

    Conditional

    Exchange activity may require additional scope or separate licensing.

  • Custody

    Conditional

    Custody may require separate review or additional controls.

  • Brokerage

    Conditional

    Brokerage or OTC activity typically fits within scope.

  • Wallet provider

    Conditional

    Exchange activity may require additional scope or separate licensing.

  • EU market

    Included

    EU/EEA passporting available.

  • Startups

    Excluded

    High setup complexity means significant budget is needed.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

EEA passporting planning from Norway

Norway can be relevant for EEA passporting planning when the authorised services, target markets and notification process align with the operating model. Passporting should be presented as a controlled regulatory process, not as automatic access to every EU or EEA market, product, client segment or future activity.

  • Define target EU/EEA countries, client types, distribution channels and service categories before submission.

  • Map passporting plans to each requested CASP permission and the controls supporting that service.

  • Validate Norway-specific EEA implementation and notification mechanics before relying on cross-border market access assumptions.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Capital, governance and audit expectations

The CSV snapshot positions Norway as a high-complexity and relatively expensive route with share capital from 50,000 EUR, state fee of approximately 8,000 EUR, annual supervision fee of approximately 5,000 EUR, local staff, physical office and audit.

  • Board, senior management, compliance, AML and technology owners should be identified and credible before filing.high
  • Capital planning should match the requested service scope, especially for exchange, custody and fiat-heavy operations.high
  • Audit, outsourcing oversight, reporting, incident management and compliance monitoring should be budgeted as recurring obligations.high

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Norway CASP application bottlenecks

Typical blockers are operating-model weaknesses rather than form-filling issues. Norway works best when the team resolves service scope, EEA market access planning, governance, substance, AML, safeguarding, audit and banking readiness before selling the route internally as a timeline exercise.

  • Unclear CASP service perimeter or EU/EEA passporting plan

    High

  • Norwegian office or staffing model that does not support real local substance

    High

  • Weak custody, safeguarding, wallet or technology-control evidence

    High

  • Generic AML policies that do not match clients, tokens, geography and fiat flows

    High

  • Banking, EMI, PI or PSP package prepared too late

    High

  • Route selection driven by a low-budget or fast offshore objective rather than regulated Nordic/EEA operations

    High

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Activity fit for this route

Review which crypto activities fit within the scope of this route.

Exchange
Conditional

Exchange activity may require additional scope or separate licensing.

Custody
Conditional

Custody may require separate review or additional controls.

Brokerage
Conditional

Brokerage or OTC activity typically fits within scope.

Wallet provider
Conditional

Exchange activity may require additional scope or separate licensing.

EU market
Suitable

EU/EEA passporting available.

Startups
Not suitable

High setup complexity means significant budget is needed.

Not sure if your model fits? Request a licensing assessment

Is Norway CASP authorisation right for your project?

Best for

  • EU passporting and regulated CASP operations
  • EU/EEA market access

Not suitable for

  • Low-budget or fast offshore setup
  • Projects without a prepared banking strategy

Banking difficulty is high for this route. Prepare a banking strategy before committing to the Norway route.

Core requirements

Use this section to check the main regulatory and operational requirements before committing to a jurisdiction.

Required share capitalFrom 50 000 EUR
Required
Local staffRequired
Required
Physical officeRequired
Required
AuditRequired
Required

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Local substance in Norway

Local staff and a physical office should be treated as real operating requirements. A defensible Norway model explains which management, compliance, AML and operational responsibilities sit locally and how group or third-party support is supervised.

Local staff

Required

Required

At least one locally-accountable staff member or director is expected.

Physical office

Required

Required

A genuine office presence is expected, not a nominal registered address.

Audit

Required

Required

External audit is required for ongoing supervision compliance.

Planning notes

  • Plan Norwegian compliance ownership and regulator-facing accountability before filing.
  • Document what is controlled in Norway and what is outsourced to group entities, technology vendors or other service providers.
  • Budget staff, office, audit and recurring compliance separately from the application advisory fee.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Service price (professional fees)Application preparation and professional services.
27 800 EUR EURFixed
State fee
Approx. 8,000 EURFrom
Annual supervision feeRecurring annual cost after authorisation.
Approx. 5,000 EURFrom
Required share capitalMust be held, not an expenditure.
From 50 000 EURFrom
High ongoing cost

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown — Norway

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Cost itemAmount
Service priceApplication preparation and professional services.€27,800
State fee€1
Required share capitalMust be held, not an expenditure.€50,000

Summary

One-off costs
€77,801
Annual (year 1)
€0
Total year 1
€77,801

Adjust to convert to your base currency.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Application process

The sequence below shows the usual project flow. Exact steps depend on the regulator, business model and application scope. Norway — From 6 months.

Total timelineFrom 6 months

  1. Pre-assessment and scope review

    1–3 weeks

    Define the activity scope, governance model and target markets before formal preparation.

  2. Company setup in Norway

    2–6 weeks

    Establish legal entity, appoint local staff and set up local operating structure.

  3. Documentation and compliance packBottleneck risk

    3–8 weeks

    Prepare AML/CFT policies, governance documents, controls framework and application materials.

  4. Application submission to Financial Supervisory Authority of Norway

    1–2 weeks

    Submit complete application with all required documentation.

  5. Regulator reviewBottleneck risk

    From 6 months

    Regulator reviews the application. May request clarifications. Incomplete files extend this phase.

    Depends on: File quality and completeness

  6. Authorisation or registration confirmation

    1–4 weeks

    Regulator confirms authorisation or registration. Commence operations.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

What can delay or increase cost

These factors are most likely to affect timelines and budgets for this route.

High setup complexity
High

Setup complexity is rated high for Norway. Company setup, governance and documentation take longer than average.

Likely impactAdd 4–8 weeks to the preparation phase.
MitigationStart company setup and governance planning immediately after scope confirmation.
Banking difficulty
High

Banking difficulty is rated high. Opening accounts for crypto businesses in Norway requires extensive documentation.

Likely impactBanking can delay or block operations for 3–6 months after authorisation.
MitigationIdentify and pre-qualify banking partners before submitting the application.
High maintenance cost
Medium

Ongoing supervision, audit and compliance costs are above average. Budget for these separately from the application fee.

Likely impactRecurring annual cost significantly above the one-time service price.
MitigationModel annual compliance costs before committing to this route.
Application completeness
Medium

Incomplete files are the most common cause of delay. Regulator queries extend review by weeks or months.

Likely impactEach regulator query adds 2–6 weeks to the review phase.
MitigationUse a structured compliance pack. Review file completeness before submission.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Banking and PSP strategy in Norway

Norway has high Nordic regulatory credibility, but banking difficulty remains medium to high for crypto businesses. Bank, EMI, PI and PSP readiness should run in parallel with the CASP application, especially for custody, exchange and fiat-heavy flows.

Banking difficulty
High

Reflects how challenging it is to open and maintain business bank accounts in this jurisdiction.

Medium PSP availability
Medium

Reflects availability of payment service providers willing to onboard crypto-licensed entities.

A licence or registration does not guarantee bank account or payment provider approval. Banking feasibility should be reviewed before the application strategy is finalized.

Preparation checklist

  • Prepare ownership, source-of-funds, flow-of-funds, client geography, token policy and transaction-monitoring evidence early.
  • Explain safeguarding, settlement flows, fiat rails and reconciliation before approaching banks or PSPs.
  • Do not assume Finanstilsynet authorisation will automatically solve account opening or payment provider onboarding.

Business model fit — Norway

Assess how well this route covers your planned activities.

Fit score

Good fit
0/6
Partial fit
6/6
Poor fit
0/6

Norway may not cover your primary activities

Consider an alternative route that better matches your activity profile.

Finanstilsynet application profile

Regulatory authority · Norway

Financial Supervisory Authority of Norway (Finanstilsynet)

A Norway CASP file should read like a mature financial-services application. Finanstilsynet positioning is strongest when the applicant can show clear services, accountable management, Norwegian substance, AML controls, safeguarding and a realistic banking or PSP package.

Likely areas of scrutiny
  • Norway's regulatory reputation is high, but weak local substance or template policies are likely to create review friction.
  • Custody, exchange and cross-border fiat flows need deeper controls than narrow brokerage or advisory models.
  • AML, sanctions, travel rule, transaction monitoring, outsourcing and cybersecurity evidence should be product-specific.
  • Fees, timelines, forms, EEA implementation details and Finanstilsynet process should be rechecked before client-facing reliance.
Regulatory reputation
High

Strong international recognition and established supervision track record.

Setup complexity
High

Reflects documentation depth, governance requirements and expected review friction.

Regulatory risk
Medium

Reflects likelihood of delays, additional information requests or policy uncertainty.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Compliance documentation

Most crypto licensing routes require a documented compliance framework before submission, not only after approval.

  • Required
    AML/CFT policy and risk assessmentDocument your customer risk model and control framework.
  • Required
    Customer due diligence (CDD) procedures
  • Required
    Enhanced due diligence (EDD) proceduresFor high-risk clients and jurisdictions.
  • Required
    Transaction monitoring system and rules
  • Required
    Sanctions screening procedures
  • Required
    Suspicious activity reporting (SAR) process
  • Required
    MLRO / Compliance officer appointmentLocal accountability may be required.
  • Recommended
    Board-approved governance charter
  • Conditional
    Outsourcing policy and monitoringRequired if functions are outsourced.
  • Recommended
    ICT / cybersecurity policy
  • Required
    Complaints handling procedure
  • Required
    Annual external audit engagementRequired for ongoing supervision compliance.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Documents to prepare

Preparing these materials before filing reduces regulator questions and helps with banking or payment provider onboarding.

0 / 12 required
Required
Recommended
Depends on scope

Corporate documents

AML and compliance

Operational

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Risk assessment

Main risk dimensions for the Norway route.

Banking difficulty
High

Route risk rating — banking difficulty: Medium to high. Authorisation does not guarantee bank account opening.

Mitigation: Start banking outreach and compliance preparation before the application.

Setup complexity
High

Route risk rating — setup complexity: High.

Maintenance cost
High

Route risk rating — maintenance cost: High. Budget for ongoing compliance, fees and supervision separately.

Regulatory reputation
High

Route risk rating — regulatory reputation: High.

Regulatory risk
Medium

Route risk rating — regulatory risk: Low to medium. Weak compliance, vague scope or insufficient controls increase review risk.

Mitigation: Prepare an evidence-based compliance file before submission.

This content is for general orientation only. Crypto regulation changes quickly and the final scope should be confirmed through a jurisdiction-specific legal review before filing or incorporation.

Norway CASP vs alternatives

Compare Norway with Sweden CASP and Denmark CASP for Nordic/EU positioning, Iceland CASP for another EEA/Nordic comparison route, and Malta CASP for an established MFSA-facing EU/MiCA crypto authorisation profile.

Current

Norway

CASP

Price
27 800 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

Sweden (CASP)

CASP

Price
25 500 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Nordic/EU CASP comparison route with Finansinspektionen supervision and EU market access planning

Still requires MiCA-grade governance, substance, AML, audit and banking preparation

View route

Denmark (CASP)

CASP

Price
21 400 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Nordic/EU alternative for regulated CASP operations and regional credibility

Not materially lighter on local substance, audit, AML or ongoing compliance

View route

Iceland (CASP)

CASP

Passporting
EEA assessment required
Banking
Medium to high
Reputation
High

+ EEA/Nordic comparison route when Icelandic positioning is commercially relevant

Requires separate validation of Iceland-specific CASP timing, fees, implementation and passporting mechanics

View route

Malta (CASP)

CASP

Price
20 700 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium to high
Reputation
High

+ Established MFSA-facing EU/MiCA CASP route for regulated crypto operations

Also a high-complexity route and not a low-budget alternative

View route

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Norway vs other CASP routes

Compare key parameters across CASP authorisation routes.

Sort by:
NorwayCurrent
Price27 800 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Sweden
Price25 500 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Denmark
Price21 400 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh
Malta
Price20 700 EUR
TimelineFrom 6 months
BankingMedium to high
ReputationHigh

Check your readiness for Norway CASP authorisation

Documented AML/CFT policies, risk assessment, compliance officer.

Share capital

From 50 000 EUR minimum capital required.

AML/CFT framework

Documented AML/CFT policies, risk assessment, compliance officer.

Governance structure

Board, management, accountability chain defined.

Banking preparation

Banking strategy and identified partners.

Local substance plan

Local staff and office in Norway.

Readiness status

Answer the criteria on the left to see your readiness status.

Frequently asked questions

Norway CASP authorisation can support EU/EEA passporting planning for approved services, subject to Norway-specific EEA implementation, the approved service scope and the required notification process. It should not be presented as automatic access for every market, product, client type or future activity.

Norway is best suited for teams that need a Finanstilsynet-supervised EEA/Nordic CASP route, value high regulatory reputation and can support local substance, governance, AML, audit and banking preparation.

No. Norway is a high-complexity and relatively expensive route with local staff, physical office, audit, capital, compliance ownership and ongoing controls. It fits regulated EEA operations better than low-cost launch planning.

Check CASP service scope, target EU/EEA markets, Norwegian substance, management accountability, AML and travel rule controls, safeguarding, outsourcing, audit, banking or PSP readiness, EEA implementation details and any non-MiCA permission triggers.

Compare Norway with Sweden and Denmark when Nordic/EU positioning is important, Iceland when another EEA/Nordic route is commercially relevant, and Malta when an established MFSA-facing EU/MiCA crypto route is preferred.

The page is not legal advice and should not be relied on as a substitute for advice from qualified counsel in the relevant jurisdiction.

Your dedicated specialists

  • Enrico Kärvinen

    Enrico

  • Rein Tammik

    Rein

  • Jurata Žukaitė

    Jurata

  • Andrej Kazlauskas

    Andrej

  • Marta Värna

    Marta

  • Katrin Lepik

    Katrin

  • Inga Stankavičiūtė

    Inga

Request a Norway CASP assessment

Share your planned activities, target markets and timeline. We will review which crypto licensing route is likely to fit.

Leave open if you want a country comparison.
Select every activity you plan to offer. The licence route may change if you include custody, exchange, trading platform or fiat flows.
Include service fees, regulator fees, share capital, local office or staff, audit and ongoing compliance.

By submitting this form, you agree to be contacted about your crypto licensing request. Do not include passwords, private keys or confidential customer data.