Platform-specific routeVASP licence / registrationNo passporting

DLT Licence in Gibraltar

Gibraltar is a high-reputation GFSC DLT provider route for infrastructure-sensitive DLT and VASP operations. It is not an EU passporting route and is usually too demanding for low-budget startups.

Processing time
From 4 months
Service price
30 900 EUR
Required share capital
20 000 GBP
State fee
10,000 GBP
Annual supervision fee
10,000 GBP
Banking difficulty
Medium
RegulatorGibraltar Financial Services Commission (GFSC)
Market access
No passporting

CSV-only input: confirm the current GFSC DLT provider framework, application category and fee basis before client use.

Regulatory status should be confirmed by local counsel before relying on this route.

What is the Gibraltar DLT route?

Gibraltar DLT is a GFSC-supervised provider route for businesses using distributed ledger technology to store or transmit value in a regulated operating model. Treat it as a reputation-led DLT provider framework, not as a generic offshore crypto registration.

Best fit: reputable DLT provider, exchange or custody-adjacent operations with meaningful governance and control evidence.

Not the right fit: low-budget startup, wallet-only, brokerage-only or purely offshore marketing activity.

The CSV also references a VASP licence / registration label, so the final route naming and application category need legal confirmation.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Gibraltar DLT activity scope

Scope mapping starts with the DLT provider framework and the actual use of ledger technology before treating Gibraltar as the right route.

Activity coverage

  • Exchange

    Exchange activity may require additional scope or separate licensing.

    Conditional
  • Custody

    Custody may require separate review or additional controls.

    Conditional
  • Brokerage

    Brokerage is not in the primary fit for this route.

    Not covered
  • Wallet provider

    Exchange activity may require additional scope or separate licensing.

    Not covered
  • EU market

    EU passporting not available from this route.

    Not covered
  • Startups

    High setup complexity means significant budget is needed.

    Not covered

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Technical readiness for GFSC review

A Gibraltar DLT application needs to explain how the technology, custody, transaction flow and operational resilience work in practice.

Ledger architecture, transaction lifecycle and client asset flow

Owner:
Required
Private key management, custody controls and authorisation logic

Owner:
Required
Cybersecurity, business continuity and incident response evidence

Owner:
Required
Outsourcing, vendor risk and critical infrastructure dependency controls

Owner:
Recommended
Audit trail, reconciliation, monitoring and change management procedures

Owner:
Recommended

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Institutional readiness

Gibraltar DLT is strongest where the company can show mature governance, experienced leadership and documented risk ownership.

Senior management needs to understand the DLT infrastructure, AML, custody and operational risk model.
Required

Policies need to be practical enough for GFSC review, audit and ongoing supervision.
Required

The project needs to budget for a high-complexity setup and high maintenance cost level from day one.
Strongly recommended

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Is Gibraltar DLT route right for your project?

Best for

  • GFSC supervision gives the route stronger reputational signalling than lightly supervised registrations.
  • The route can fit DLT provider and VASP operations that need infrastructure credibility rather than EU market access.
  • The trade-off is high setup complexity, annual supervision cost and a more evidence-heavy application.

Not suitable for

  • Low-budget startups

Local substance, capital and audit

The CSV indicates no local staff requirement, but a physical office, audit, 20 000 GBP share capital, 10,000 GBP state fee and 10,000 GBP annual supervision fee. Treat staff planning as a legal-review point because DLT operations often still need credible local governance.

Local staff

Not required

Not required

Review local person requirements before setup.

Physical office

Required

Required

A genuine office presence is expected, not a nominal registered address.

Audit

Required

Required

External audit is required for ongoing supervision compliance.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Service price (professional fees)Application preparation and professional services.
30 900 EUR EURFixed
State fee
10,000 GBPFrom
Annual supervision feeRecurring annual cost after authorisation.
10,000 GBPFrom
Required share capitalMust be held, not an expenditure.
20 000 GBPFrom
High ongoing cost

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Cost breakdown — Gibraltar

Budget for service price, regulatory fees, share capital and ongoing costs separately.

Cost itemAmount
Service priceApplication preparation and professional services.€30,900
State fee€10,000
Required share capitalMust be held, not an expenditure.€20,000

Summary

One-off costs
€60,900
Annual (year 1)
€0
Total year 1
€60,900

Adjust to convert to your base currency.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Application process

The sequence below shows the usual project flow. Exact steps depend on the regulator, business model and application scope. Gibraltar — From 4 months.

Total timelineFrom 4 months

  1. Pre-assessment and scope review

    1–3 weeks

    Define the activity scope, governance model and target markets before formal preparation.

  2. Company setup in Gibraltar

    2–6 weeks

    Establish legal entity with required governance structure.

  3. Documentation and compliance packBottleneck risk

    3–8 weeks

    Prepare AML/CFT policies, governance documents, controls framework and application materials.

  4. Application submission to Gibraltar Financial Services Commission

    1–2 weeks

    Submit complete application with all required documentation.

  5. Regulator reviewBottleneck risk

    From 4 months

    Regulator reviews the application. May request clarifications. Incomplete files extend this phase.

    Depends on: File quality and completeness

  6. Authorisation or registration confirmation

    1–4 weeks

    Regulator confirms authorisation or registration. Commence operations.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

What can delay or increase cost

These factors are most likely to affect timelines and budgets for this route.

High setup complexity
High

Setup complexity is rated high for Gibraltar. Company setup, governance and documentation take longer than average.

Likely impactAdd 4–8 weeks to the preparation phase.
MitigationStart company setup and governance planning immediately after scope confirmation.
High maintenance cost
Medium

Ongoing supervision, audit and compliance costs are above average. Budget for these separately from the application fee.

Likely impactRecurring annual cost significantly above the one-time service price.
MitigationModel annual compliance costs before committing to this route.
Application completeness
Medium

Incomplete files are the most common cause of delay. Regulator queries extend review by weeks or months.

Likely impactEach regulator query adds 2–6 weeks to the review phase.
MitigationUse a structured compliance pack. Review file completeness before submission.

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Banking and PSP access

Banking and PSP availability are both marked medium in the CSV. A GFSC DLT route can help with reputation, but financial institutions will still review ownership, AML controls, source of funds, custody model and transaction monitoring.

Banking difficulty
Medium

Reflects how challenging it is to open and maintain business bank accounts in this jurisdiction.

Medium PSP availability
Medium

Reflects availability of payment service providers willing to onboard crypto-licensed entities.

A licence or registration does not guarantee bank account or payment provider approval. Banking feasibility should be reviewed before the application strategy is finalized.

Preparation checklist

  • Business model and transaction flow description
  • AML/KYC and sanctions controls
  • Expected fiat currencies and payment corridors
  • Source of funds and source of wealth documentation
  • Custody, token and counterparty policies where relevant

Business model fit — Gibraltar

Assess how well this route covers your planned activities.

Fit score

Good fit
0/6
Partial fit
3/6
Poor fit
3/6

Gibraltar may not cover your primary activities

Consider an alternative route that better matches your activity profile.

Compliance documentation

Most crypto licensing routes require a documented compliance framework before submission, not only after approval.

  • Required
    AML/CFT policy and risk assessmentDocument your customer risk model and control framework.
  • Required
    Customer due diligence (CDD) procedures
  • Required
    Enhanced due diligence (EDD) proceduresFor high-risk clients and jurisdictions.
  • Required
    Transaction monitoring system and rules
  • Required
    Sanctions screening procedures
  • Required
    Suspicious activity reporting (SAR) process
  • Required
    MLRO / Compliance officer appointmentLocal accountability may be required.
  • Recommended
    Board-approved governance charter
  • Conditional
    Outsourcing policy and monitoringRequired if functions are outsourced.
  • Recommended
    ICT / cybersecurity policy
  • Required
    Complaints handling procedure
  • Required
    Annual external audit engagementRequired for ongoing supervision compliance.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Documents to prepare

Preparing these materials before filing reduces regulator questions and helps with banking or payment provider onboarding.

0 / 11 required
Required
Recommended
Depends on scope

Corporate documents

AML and compliance

Operational

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

GFSC regulator profile

Regulatory authority · Gibraltar

Gibraltar Financial Services Commission (GFSC)

The GFSC route is reputation-oriented and supervisory rather than a passporting shortcut. It can support credibility with partners, but it also raises the bar for governance, systems and ongoing compliance.

Regulatory reputation
High

Strong international recognition and established supervision track record.

Setup complexity
High

Reflects documentation depth, governance requirements and expected review friction.

Regulatory risk
Medium

Reflects likelihood of delays, additional information requests or policy uncertainty.

Country-specific regulatory statements should be checked against current regulator guidance before relying on this route.

Risk assessment

Main risk dimensions for the Gibraltar route.

Setup complexity
High

Route risk rating — setup complexity: High.

Maintenance cost
High

Route risk rating — maintenance cost: High. Budget for ongoing compliance, fees and supervision separately.

Regulatory reputation
High

Route risk rating — regulatory reputation: High.

Regulatory risk
Medium

Route risk rating — regulatory risk: Low to medium. Weak compliance, vague scope or insufficient controls increase review risk.

Mitigation: Prepare an evidence-based compliance file before submission.

Banking difficulty
Medium

Route risk rating — banking difficulty: Medium. Authorisation does not guarantee bank account opening.

Mitigation: Start banking outreach and compliance preparation before the application.

This content is for general orientation only. Crypto regulation changes quickly and the final scope should be confirmed through a jurisdiction-specific legal review before filing or incorporation.

Gibraltar DLT vs alternatives

Compare Gibraltar with Switzerland DLT for a more premium infrastructure route, Malta MiCA for EU/EEA passporting and Dubai VASP for a non-EU virtual asset framework.

Current

Gibraltar

DLT

Price
30 900 EUR
Timeline
From 4 months
Passporting
No passporting
Banking
Medium
Reputation
High

Switzerland (DLT)

DLT

Price
17 200 EUR
Timeline
From 8 months
Passporting
No passporting
Banking
Medium to high
Reputation
Very high

+ Premium FINMA infrastructure route

Higher capital and readiness burden

View route

Malta (MiCA)

MICA

Price
20 700 EUR
Timeline
From 6 months
Passporting
EU/EEA
Banking
Medium
Reputation
High

+ EU/EEA CASP passporting for service-provider models

Not a Gibraltar DLT framework route

View route

Dubai (VASP)

VASP

Price
22 300 EUR
Timeline
From 6 months
Passporting
No passporting
Banking
Medium
Reputation
High

+ Strong non-EU virtual asset regulator profile

Different supervisory and local substance model

View route

Fees, timelines and capital figures are indicative and may vary by business model, regulator feedback, application scope and third-party costs.

Gibraltar vs other DLT routes

Compare DLT and infrastructure-oriented crypto routes by reputation, controls and complexity.

Sort by:
GibraltarCurrent
Price30 900 EUR
TimelineFrom 4 months
BankingMedium
ReputationHigh
Switzerland
Price17 200 EUR
TimelineFrom 8 months
BankingMedium to high
ReputationVery high
Malta
Price20 700 EUR
TimelineFrom 6 months
BankingMedium
ReputationHigh
Dubai
Price22 300 EUR
TimelineFrom 6 months
BankingMedium
ReputationHigh

Check your readiness for Gibraltar DLT licensing

Documented AML/CFT policies, risk assessment, compliance officer.

Share capital

20 000 GBP minimum capital required.

AML/CFT framework

Documented AML/CFT policies, risk assessment, compliance officer.

Governance structure

Board, management, accountability chain defined.

Banking preparation

Banking strategy and identified partners.

Readiness status

Answer the criteria on the left to see your readiness status.

Frequently asked questions

Usually no. Gibraltar DLT is better suited to reputable DLT provider, exchange, custody or infrastructure-sensitive operations. Simple brokerage needs comparison with lighter VASP or CASP routes.

No. Gibraltar is not an EU/EEA passporting route. If EU market access is the main goal, assess MiCA/CASP routes separately.

The route involves GFSC-facing governance, technical architecture, AML, audit, physical office, capital, supervision fees and ongoing compliance evidence.

Consider it when regulatory reputation, DLT provider positioning, infrastructure credibility and non-EU operations matter more than low setup cost or fast market testing.

No. The CSV has a general VASP licence / registration label, but this route is treated as a DLT provider / Gibraltar DLT framework route pending legal confirmation.

The page is not legal advice and should not be relied on as a substitute for advice from qualified counsel in the relevant jurisdiction.

Your dedicated specialists

  • Enrico Kärvinen

    Enrico

  • Rein Tammik

    Rein

  • Jurata Žukaitė

    Jurata

  • Andrej Kazlauskas

    Andrej

  • Marta Värna

    Marta

  • Katrin Lepik

    Katrin

  • Inga Stankavičiūtė

    Inga

Request a Gibraltar DLT assessment

Share your planned activities, target markets and timeline. We will review which crypto licensing route is likely to fit.

Leave open if you want a country comparison.
Select every activity you plan to offer. The licence route may change if you include custody, exchange, trading platform or fiat flows.
Include service fees, regulator fees, share capital, local office or staff, audit and ongoing compliance.

By submitting this form, you agree to be contacted about your crypto licensing request. Do not include passwords, private keys or confidential customer data.