Banner

CASP license in Lithuania

Lithuania has established itself as a favorable jurisdiction for obtaining a Crypto-Asset Service Provider (CASP) license, underpinned by a regulatory framework that is both structured and accommodating. The primary regulatory authorities overseeing CASP companies in Lithuania are the Bank of Lithuania (BOL) and the Financial Crime Investigation Service (FCIS/FNTT). These bodies ensure compliance and facilitate a transparent regulatory process.

Obtaining a Lithuania CASP license is possible subject to the verification and approval of local regulators such as the Bank of Lithuania (BoL) and the Financial Crimes Investigation Service (FCIS/FNTT). Lithuania was one of the first countries to introduce regulation of crypto asset operators in its market. This was due to the coordinated efforts of the Lithuanian Ministry of Finance, which ensures compliance of national laws with EU directives, and the Bank of Lithuania, which is the main regulator of the financial sector.

The Bank of Lithuania will serve as the main supervisory authority in the crypto market. Its responsibilities include:

  • Making decisions to grant or deny CASP licenses;
  • Monitoring market participants for compliance with CASP requirements, as well as monitoring compliance with AML/CTF rules;
  • Applying sanctions in the form of license revocation or imposition of fines.

The function of the Financial Crimes Investigation Service (FCIS/FNTT) is to detect and investigate violations related to non-compliance with AML/CTF procedures.

FCIS bases its activities on national legislation and EU directives, including:

lithuania

Service packages for CASP in Lithuania

Legal Frameworks Setup

30 000 EUR
  • Reviewal of the business model and adjust the business plan
  • Compliance management framework development
  • Internal governance and control framework
  • Risk management framework development
  • Business continuity management framework development
  • ICT and security framework development
  • Financial reporting framework development
  • Travel Rules implementation into legal frameworks
  • Customer relations framework development
  • Development of a training program
  • Supervision over implementation policies
Legal and Consulting Services
from 1 120 EUR/month
  • Communication with regulators (guiding through the application process, answering their requests, asking for clarifications regarding the implementation of regulations, etc.);
  • Management of certain processes (e.g., passporting, investigations, trademark registration, etc.);
  • Participation in meetings regarding frameworks implemented (e.g. workshops for risk assessment, etc.);
  • Drafting and amending legal documents (e.g., if the auditor asked to amend policies, contracts, etc.);
  • Communication with third parties (e.g., banks, KYC/KYT providers, etc.);
  • Communication with regulators (guiding through the application process, answers to their requests, asking clarifications regarding implementation of regulations, etc.);
  • Answering to client’s claims and ensuring proper communication;
  • Search of third parties necessary for business (auditor, office, KYC/KYT provider, etc.).
  • Setting up accounting software and framework for processing financial statements;
  • Helping your internal (or external) accountant to understand the specifics of crypto transactions;
  • Ensuring communication with auditor and tax authorities;
  • Financial reporting & other reports (e.g., BoL, Statistics, counterparties);
  • Bookkeeping and other accounting-related task.
HR & Training Services
from 900 EUR/month
  • Seeking for the appropriate personnel and ensuring their integration (incl. finding a replacement in any case);
  • Employment and unemployment of personnel;
  • Preparing employees for the interview with Bank of Lithuania for the licensing process;
  • Integration of employees into the company’s ecosystem;
  • Payroll and declarations related thereof;
  • Communication with BoL in case of key person change.
  • Employee training, including new employees, following regulatory requirements (at least annually) and the supervisory authority’s expectations;
  • Prepare organization-tailored training and implementation.
Compliance & IT Audit Services
from 4 000 EUR/quarter
  • Assisting with the risk assessment (to the extent permitted by audit standards);
  • Assisting in-house employees regarding the implementation of an internal control framework;
  • Performing regular internal reviews and assessing the effectiveness of the Company’s processes;
  • Performing DORA-related tasks: ICT risk reviews;
  • Analysis of ICT incidents, analysis of 3rd party ICT service providers, building staff awareness and providing cyber security trainings, assisting in table-top exercises, assisting in regulatory reporting.
Mark Gofaizen
Senior Partner, Head of Consulting
Vlad Martynov
Partner, Consultant

Which companies need a Lithuanian CASP licence

CASP license in Lithuania must be obtained by all crypto market entities involved in the following activities (according to Art.3 of MICA):

  • Provide storage services, including custodial wallets with encrypted keys.
  • Operate cryptocurrency trading platforms where crypto assets are bought/sold.
  • Offer services for exchanging virtual currencies for traditional currencies or other digital assets.
  • Provide marketing services for crypto assets.
  • Advise on the functioning of the crypto environment.
  • Accept and transmit transaction orders on behalf of customers.
  • Execute clients’ orders for transactions involving crypto contracts.
  • Manage a portfolio of crypto assets by client instructions.
  • Execute transactions of clients between their accounts, and wallets as instructed.

The new Regulation requires custodians to secure client crypto assets using private cryptographic keys.

Exchanges must describe how the system will work in the event of a crisis, as well as guarantee the segregation of customer assets from the company’s operating capital.

Token issuers must disclose all information, and technical documentation about the token, the purpose of its issuance, and its market offering. Issuers of asset-linked tokens will be subject to special scrutiny by regulatory authorities. Persons offering tokens on behalf of the issuer are subject to the same requirements as the issuer.

MiCA rules (Art.8) affect the interests of offerors and persons who seek to obtain the right of entry for trading and trading platforms. The new rules require them to provide all technical documentation to regulators.

The rights of retail holders of digital assets are also protected by the new Regulation. Article 13 outlines the process of payment of fees, and commissions when a client cancels a transaction. In addition, institutional investors must now receive full information about the asset being purchased (its characteristics, functions, and potential risks).

Gofaizen & Sherle assists in obtaining a pan-European CASP license in Lithuania.

Peculiarities of obtaining a CASP license in Lithuania

The process for obtaining a CASP license in Lithuania comprises two key stages. Initially, the Bank of Lithuania evaluates whether the application is complete, providing feedback within 25 days. During this stage, BOL can request additional information or clarification, which may extend the review period by another 25 working days per request, with no limit on the number of extensions. The second stage involves the evaluation of the application and the issuance of a final decision within 40 days. The national supervisory authority can request further clarification, potentially leading to a single 20-day extension.

Lithuanian law mandates CASP-licensed entities to employ at least three local professionals: a Chief Compliance Officer (CCO), a Chief Executive Officer (CEO), and a Money Laundering Reporting Officer (MLRO). Smaller entities may consolidate the MLRO and CCO roles, though it is advisable for larger companies to maintain separate positions and also appoint a local Chief Technical Officer (CTO) and Chief Operating Officer (COO) to enhance their operational robustness in the eyes of financial institutions, thereby improving their chances of license approval.

Lithuania’s appeal extends beyond regulatory efficiency to its competitive taxation regime. With a corporate tax rate of 15% and a dividend tax of 15%, the country provides a favorable fiscal environment for businesses.

Transfer of Funds (TFR) Regulation in Lithuania

Lithuania, as part of the EU, adheres to the Transfer of Funds Regulation (TFR), which obliges cryptocurrency companies to comply with fund transfer requirements, including for transactions involving crypto assets. Lithuania also follows the FATF’s anti-money laundering recommendations. Anyone who obtains a CASP license in Lithuania will be required to:

  • Collect and transmit sender and recipient information, including names, account numbers, and personal identifiers, for all transfers. This also applies to cryptocurrency ATM transactions.
  • Collect all necessary information and verify ownership of the non-custodial wallet for transfers over €1,000.
  • Follow AML/CTF procedures, and take enhanced EDD verification measures when interacting with third-country counterparties.
  • Report suspicious activities, and customer transactions to the Financial Intelligence Unit (FIUs).

Request more information about the CASP license in Lithuania

AML requirements in Lithuania

  • 1

    Initially carry out KYC procedures and determine the risk level of the customer profile.

  • 2

    For customers identified as high-risk, implement Enhanced Due Diligence (EDD).

  • 3

    Monitor transactions on an ongoing basis for suspicious and confusing patterns, high-value transfers, or transactions related to high-risk jurisdictions.

  • 4

    Submit a report to the SAR within 24 hours on identified irregularities.

  • 5

    Comply with data retention rules for 5 years and provide access to data to regulators during audits and performance reviews.

infoLithuania, as an EU member state, is subject to EU Directives 2015/849 (4AMLD) and 2018/843 (5AMLD). What does it mean for market participants to unconditionally comply with AML/KYC procedures.

Conclusion

Harmonization of rules for crypto operators in the EU has given them access to a market with more than 450 million users. Lithuania is one of the countries that was the first to implement MICA regulations and launch the local market as quickly as possible, to optimize the regulatory framework for EU standards, and to offer favorable conditions for starting a blockchain business. The Lithuanian crypto ecosystem provides all participants with stable, transparent conditions for work and clients with a guarantee of protection from financial fraud.

Connect with our experts

Our experts will tell you how to do it as quickly and easily as possible.

Estonia

    By clicking the button, I confirm that I have read the privacy policy and consent to the collection and processing of my personal data in accordance with the GDPR rules.

    Thank you

    Thank you for reaching us. Our team is working on your request, and we will contact you soon.