Introduction - Lithuania Crypto License

Operating cryptocurrency exchange, custody, or digital asset services in Lithuania requires CASP licensing under EU Markets in Crypto-Assets regulation. Lithuania has transitioned from VASP registration to comprehensive MiCA CASP licensing, creating gateway to European cryptocurrency markets with single-license EU passporting.

Buckingham Capital Consulting has offices in the UK and US, helping cryptocurrency exchanges, digital asset platforms, and fintech companies navigate European licensing since 2013. We manage Lithuania CASP applications, MiCA compliance, and European market entry strategy.

Understanding Lithuania's MiCA Transition

Lithuania established cryptocurrency licensing in 2021 through VASP registration under anti-money laundering legislation. The framework required registration with Financial Crime Investigation Service with modest capital requirements. This made Lithuania one of Europe's most accessible cryptocurrency jurisdictions attracting hundreds of digital asset businesses.

MiCA implementation fundamentally changed the landscape. From January 2026, all cryptocurrency businesses must hold MiCA CASP licences issued by Bank of Lithuania. VASP registration ended. Existing VASPs had transition periods to obtain CASP licences whilst continuing operations.

The transition represents shift from registration-based oversight to prudential licensing with capital requirements, governance standards, and comprehensive regulatory supervision.

What CASP Licensing Authorises

CASP licences authorise cryptocurrency services across EU. Services include custody and administration of crypto assets on behalf of clients, operation of trading platforms for crypto assets, exchange of crypto assets for fiat currency or other crypto assets, execution of orders for crypto assets on behalf of clients, placing of crypto assets, reception and transmission of orders for crypto assets, and provision of advice on crypto assets.

Lithuania CASP licence provides EU passporting rights. Once licensed, you provide services across all 27 EU member states without additional licensing. You notify host state regulators and comply with local consumer protection requirements. Single licence provides comprehensive European market access.

Who Needs Lithuanian Licensing

If you operate cryptocurrency exchanges trading crypto assets for fiat or other crypto assets, provide cryptocurrency custody or wallet services holding assets on behalf of clients, run trading platforms matching buyers and sellers, or offer cryptocurrency brokerage or advisory services, you need Lithuanian licensing to serve Lithuanian customers or operate from Lithuania.

Foreign companies can establish Lithuanian operations and obtain licensing. You need Lithuanian legal entity, office in Lithuania, and EU resident director. Once licensed in Lithuania, EU passporting enables service provision across Europe.

MiCA Capital Requirements

MiCA establishes tiered capital requirements based on services and risk profile. Minimum capital ranges from €50,000 to €150,000 depending on service classification and business scale.

Class 1 services including advice and order reception require lower capital thresholds. Class 2 services including trading platform operation require intermediate capital. Class 3 custody services require highest capital given responsibility for client asset protection.

Bank of Lithuania assesses required capital based on business plan, transaction volumes, client asset holdings, and risk management frameworks. Capital must be paid-in and maintained continuously throughout operations.

Previous VASP registration required minimal capital. The increase represents substantial change requiring businesses to secure adequate capitalisation before pursuing licensing.

Application Requirements

CASP applications require comprehensive documentation. You need Lithuanian limited liability company registered in Registry of Legal Entities. You need detailed business plan explaining cryptocurrency services, technical infrastructure, security measures, risk management, and financial projections.

You need governance documentation demonstrating appropriate management structures, board oversight, and clear lines of responsibility. You need compliance programmes addressing anti-money laundering, counter-terrorist financing, market abuse prevention, and consumer protection.

You need background checks for shareholders holding 10% or more, directors, and senior management demonstrating fitness and propriety. Criminal record checks must be recent. Bank of Lithuania assesses whether individuals meet competence and integrity requirements.

You need technical documentation explaining cryptocurrency infrastructure, wallet security, private key management, cybersecurity measures, and business continuity arrangements. Documentation must address operational resilience and incident response procedures.

Timeline Expectations

Bank of Lithuania assesses application completeness within 25 working days of receipt. If incomplete, regulator sets deadline for missing information. Applications remaining incomplete after deadline may be refused.

Bank of Lithuania assesses complete applications within 40 working days. During assessment, regulator may request additional information no later than 20th working day. Assessment period may extend if additional information is required.

In practice, well-prepared applications with complete documentation and robust compliance programmes process more efficiently. Applications requiring substantial clarification or additional information extend timelines beyond statutory periods.

Businesses should allow several months for preparation, application, and approval. Starting preparation immediately maximises likelihood of successful application and efficient processing.

Transition Timeline for Existing VASPs

Lithuania extended transition deadline to January 1, 2026 for existing VASPs. VASPs registered before December 30, 2024 can continue operations during transition period whilst preparing CASP applications.

Transition period protection expires January 1, 2026 regardless of application status. Operating without CASP licence after transition deadline is illegal. Businesses must submit complete applications well before deadline to avoid operational disruptions.

VASPs during transition period have limited scope. They cannot benefit from EU passporting rights. Their customers do not enjoy enhanced protections associated with licensed status. Bank of Lithuania has urged VASPs to prepare for licensing or wind down activities ahead of deadline.

Services Covered Under CASP Framework

Custody services involve holding and administering crypto assets on behalf of clients including private key management and asset safeguarding. Trading platform operation involves providing venue where multiple buyers and sellers can trade crypto assets. Exchange services involve buying and selling crypto assets for own account against fiat currency or other crypto assets.

Order execution involves executing orders to buy or sell crypto assets on behalf of clients. Order reception and transmission involves receiving orders from clients and transmitting to third parties for execution. Advisory services involve providing personalised recommendations on crypto asset investments.

Each service category has specific regulatory requirements around capital, governance, risk management, and client protection. Businesses specify which services they intend to provide in applications.

Ongoing Compliance Obligations

CASP licence brings comprehensive ongoing obligations. You must maintain minimum capital requirements continuously. You must submit regular financial reporting to Bank of Lithuania including audited financial statements and capital adequacy reports.

You must maintain anti-money laundering programmes with customer due diligence procedures, transaction monitoring, and suspicious activity reporting to Financial Crime Investigation Service. You must implement EU Travel Rule sharing required information with counterparty CASPs for crypto asset transfers.

You must maintain operational resilience with business continuity planning, disaster recovery capabilities, and incident response procedures. You must report cybersecurity incidents and operational failures to Bank of Lithuania.

You must segregate client crypto assets from company assets ensuring client holdings are protected from company insolvency. You must maintain insurance or equivalent arrangements protecting against operational failures and asset losses.

Bank of Lithuania conducts ongoing supervision including examinations assessing compliance with MiCA requirements, adequacy of risk management systems, and protection of client assets.

Anti-Money Laundering Requirements

Comprehensive anti-money laundering programmes are mandatory. You need written policies and procedures addressing cryptocurrency money laundering risks. You need customer due diligence procedures verifying customer identity, understanding beneficial ownership, and assessing source of funds.

You need transaction monitoring systems calibrated to cryptocurrency transaction patterns and regulatory thresholds. You need blockchain analytics capabilities monitoring on-chain activity and identifying suspicious patterns including sanctioned addresses and high-risk counterparties.

You need suspicious activity reporting procedures identifying and reporting suspicious transactions to Financial Crime Investigation Service. You need staff training ensuring team understands cryptocurrency money laundering typologies and detection methods.

Financial Crime Investigation Service supervises anti-money laundering compliance alongside Bank of Lithuania's prudential supervision. FCIS conducts examinations focusing on effectiveness of anti-money laundering controls and suspicious activity reporting.

Technical Infrastructure Requirements

Bank of Lithuania expects robust technical infrastructure supporting cryptocurrency operations. You need secure wallet infrastructure with appropriate private key management, multi-signature controls, and cold storage arrangements for material client asset holdings.

You need cybersecurity measures protecting against hacking, theft, and unauthorized access including penetration testing, vulnerability assessments, and security incident response capabilities.

You need business continuity and disaster recovery arrangements ensuring operations can continue or recover quickly from incidents. You need systems for monitoring cryptocurrency transactions, maintaining audit trails, and producing regulatory reports.

Technical documentation submitted with applications must comprehensively explain infrastructure demonstrating security, resilience, and operational capability meeting MiCA standards.

EU Passporting Rights

Lithuanian CASP licence provides access to entire EU market. Once licensed, you notify host state regulators of intention to provide services in their jurisdictions. Notification process is straightforward involving submission of standard information about services and business operations.

Host state regulators can impose additional consumer protection requirements but cannot require separate licensing. Single Lithuanian licence eliminates need for obtaining licences in each target jurisdiction.

Passporting represents significant strategic advantage. EU market comprises over 450 million people across 27 member states. Single regulatory relationship provides comprehensive European access. Alternative approach requiring licensing in multiple jurisdictions is substantially more expensive and complex.

Investment Requirements

Application fees for CASP licensing in Lithuania are being finalized as MiCA implementation progresses. Initial application fees and ongoing supervisory fees apply though specific amounts should be verified with Bank of Lithuania.

Main investment is minimum capital requirement ranging from €50,000 to €150,000 depending on services. Capital must be paid-in cash or cash equivalents maintained throughout operations.

Additional costs include compliance programme development, legal support, technical infrastructure, cybersecurity measures, and staff with appropriate cryptocurrency and compliance expertise. You need qualified compliance officer understanding cryptocurrency risks and MiCA requirements.

Total investment for CASP licensing typically ranges from low hundreds of thousands to over half million euros depending on business scale, service scope, and infrastructure requirements.

How Buckingham Capital Consulting Manages Lithuanian Licensing

We handle Lithuanian CASP licensing end-to-end from our UK offices.

We start with strategic assessment evaluating whether Lithuanian licensing suits your business model and European expansion plans. We assess timing considering transition deadlines and your operational requirements.

We manage Lithuanian company establishment including limited liability company formation, registration in Registry of Legal Entities, and establishment of Lithuanian office and banking arrangements where required.

We prepare CASP applications addressing all Bank of Lithuania requirements. We develop business plans explaining cryptocurrency operations, technical infrastructure, and growth strategy. We prepare governance documentation establishing appropriate board structures and management oversight. We develop compliance programmes addressing MiCA requirements including anti-money laundering, market abuse prevention, and consumer protection.

We prepare technical documentation explaining wallet infrastructure, cybersecurity measures, and operational resilience arrangements. We gather fitness and propriety documentation for shareholders, directors, and senior management ensuring completeness and addressing regulator expectations.

We provide regulatory liaison managing relationships with Bank of Lithuania throughout review process. We respond to information requests and clarification questions efficiently. We manage application through to licence approval.

Post-licensing, we provide ongoing compliance support including anti-money laundering programme management, regulatory reporting, examination preparation, and updates as MiCA framework and Lithuanian implementation evolve.

For existing VASPs transitioning to CASP licensing, we manage transition planning ensuring applications are submitted before deadlines and operations continue during transition period.

Why Lithuanian Licensing Matters for European Strategy

Lithuania offers strategic advantages for cryptocurrency businesses targeting European markets. Early MiCA adoption provides regulatory clarity. Single CASP licence provides EU-wide passporting eliminating need for multiple licences across member states. Lithuania has established fintech infrastructure supporting cryptocurrency businesses.

Getting Lithuanian licensing right positions you for European market access through single regulatory relationship with established cryptocurrency regulator. Bank of Lithuania has supervised cryptocurrency businesses for years building experience and expertise.

Getting it wrong means inability to serve European customers, forced exit from European markets after transition deadlines, or operating without proper authorization facing enforcement action and criminal liability.

Frequently Asked Questions

Can businesses still get VASP registration?

No. VASP registration ended December 30, 2024. All new cryptocurrency businesses must apply for MiCA CASP licensing. Existing VASPs have until January 1, 2026 to obtain CASP licences.

What happens to existing VASPs after January 1, 2026?

Operating without CASP licence after January 1, 2026 is illegal. Businesses accepting new clients, holding crypto assets in custody, or providing other crypto asset services without licence face criminal liability. Bank of Lithuania has urged businesses to obtain licensing or wind down operations.

What are minimum capital requirements?

Minimum capital ranges from €50,000 to €150,000 depending on services and risk profile. Bank of Lithuania assesses required capital based on business plan and risk assessment. Previous VASP minimum capital was substantially lower.

How long does CASP licensing take?

Bank of Lithuania assesses complete applications within 40 working days. In practice, total timeline including preparation, submission, regulator review, and information requests typically takes several months. Well-prepared applications process more efficiently.

Does Lithuanian CASP licence cover entire EU?

Yes. Lithuanian licence provides EU passporting rights allowing service provision across all 27 member states without additional licensing. You notify host state regulators and comply with local consumer protection requirements.

What ongoing obligations apply?

Comprehensive obligations including maintaining capital requirements, submitting regular financial reports, maintaining anti-money laundering programmes, implementing transaction monitoring, segregating client assets, maintaining cybersecurity and operational resilience, and reporting incidents to regulator.

Can foreign companies get Lithuanian licensing?

Yes. Foreign companies can establish Lithuanian subsidiaries and obtain CASP licensing. You need Lithuanian legal entity, office in Lithuania, and EU resident director. Once licensed, passporting enables European operations.

What penalties apply for operating without licence?

Operating without required licensing is criminal activity. Penalties include substantial fines, imprisonment, and regulatory enforcement. Bank of Lithuania can blacklist domains, freeze assets, and pursue criminal prosecution.

Contact Buckingham Capital Consulting

Buckingham Capital Consulting manages Lithuania CASP licensing, MiCA compliance, and European cryptocurrency regulatory strategy. Contact us to discuss your Lithuanian licensing requirements and European market entry plans.

Email us at info@buckinghamcapitalconsulting.co.uk or call 0207 866 2512