Fintech and crypto companies operate in an environment defined by rapidly evolving regulation, higher expectations from banks and PSPs, and growing competitive pressure. To successfully enter the market, pass licensing, and build trust with financial partners, a company must demonstrate operational maturity, transparency of its business model, and an ability to manage risks.
One of the core documents that enables this is the Business Activity Plan — a structured description of how the company works, what services it provides, what processes are in place, and how it ensures compliance and operational reliability.
This document distinguishes a mature, professionally managed company from a project that is still “figuring things out.”
Why the Business Activity Plan Matters
1. It demonstrates operational maturity
Regulators and banks expect more than presentations or high-level descriptions — they expect a clearly defined operational model.
A Business Activity Plan is essentially an X-ray of the business.
2. It is mandatory for MiCA, CASP, PI, EMI, and VASP licensing
Regulators require companies to describe their services, processes, risks, controls, and operational setup in detail.
3. It simplifies banking and PSP onboarding
Banks may skim a traditional business plan, but they always require an operational document that explains KYC/AML, transaction processing, governance, and system architecture.
4. It aligns internal teams and management
The document creates a shared understanding of how the business operates — for executives, technical teams, and investors.
What a Business Activity Plan Should Include
Below is a structured overview of what regulators, banks, PSPs, and supervisory authorities expect.
1. Description of Services and Business Model
The document must clearly explain:
- what services the company provides (on-ramp, off-ramp, crypto checkout, custody, API),
- who the target customers are,
- how users interact with the product,
- how the service operates day-to-day,
- what differentiates the company from competitors.
2. Customer Segmentation
| Segment | What They Receive | Why They Matter |
|---|---|---|
| Retail | Simple crypto operations | High volume, recurring activity |
| SMB / merchants | Checkout, auto-conversion | Stable margins |
| Enterprise | API/SDK, white-label solutions | High LTV, low churn |
| HNWI / funds | Custody, secure transactions | High-value fees |
Segmentation demonstrates that the company understands the economics and risk profile of each user group.
3. Monetisation Model
The plan must outline:
- transaction fees,
- exchange margins,
- corporate API pricing,
- conversion fees,
- subscription or service fees,
- merchant settlement fees.
It is important to show:
- stability of revenue,
- differences in margin per segment,
- how revenue covers PSP, AML, and infrastructure costs.
4. Operational Model and Processes
Regulators expect detailed explanations of:
- customer onboarding (KYC/KYB),
- AML/CFT controls, sanctions and PEP screening,
- KYT and transaction monitoring,
- handling of high-risk jurisdictions,
- payment processing workflows,
- collaboration with PSPs and banks,
- custody and asset protection,
- IT architecture and security,
- escalation procedures and risk rules.
This is one of the most scrutinised sections.
5. MiCA Compliance and Regulatory Alignment
The Business Activity Plan must describe:
- governance and role distribution,
- internal controls,
- AML/KYC/KYT workflow,
- transaction monitoring,
- reporting to regulators,
- anti-fraud measures,
- liquidity and risk management.
MiCA makes these elements mandatory for all CASPs.
6. Financial Resilience and Stress Scenarios
Regulators want to see that the business can withstand market volatility:
- stress scenarios at −30%, −40%, −50%, −60% revenue,
- ability of shareholders to support the company,
- liquidity and treasury management,
- realistic assumptions.
💡 Important: Financial resilience in this document is described only at a high level.
Detailed forecasts, unit economics, liquidity modelling and the full financial model are submitted separately in the Financial Plan, a mandatory standalone document.
Seven Practical Steps to Preparing a Business Activity Plan
1️⃣ Define and describe the services
What the company provides and the clear value proposition.
2️⃣ Segment the customer base
Different segments have different economics, risks, and behaviours.
3️⃣ Build the monetisation structure
Revenue sources must be transparent and sustainable.
4️⃣ Describe operational processes
Regulators want to understand how the service works internally.
5️⃣ Present AML/KYC/KYT and governance
This is one of the most critical MiCA elements.
6️⃣ Add financial resilience and stress scenarios
Licensing requires evidence of sustainability.
7️⃣ Align with the risk framework and governance
The plan must look coherent — business, operations, AML and risks must support one another.
Common Mistakes in Preparing a Business Activity Plan
❌ Superficial description of services — regulators expect detailed operational flows.
❌ Insufficient AML/KYT explanation — lack of specifics is a red flag.
❌ No link between operations and the economic logic of the service — the model must “explain itself.”
❌ Underestimated risks or missing scenarios — regulators expect realism.
❌ Missing technical architecture — MiCA requires transparency at the infrastructure level.
How AMS Supports Companies
At AMS, we help fintech and crypto companies turn complex regulatory requirements into a clear, structured and practical Business Activity Plan. Our approach goes far beyond simply “filling in sections” — we translate your business model, processes and technical setup into a document that regulators, banks and auditors can immediately understand and trust.
Our Business Activity Plans are:
- fully aligned with MiCA and EU supervisory expectations, reflecting the structure and level of detail regulators expect during CASP, PI or EMI licensing;
- built on a comprehensive view of your operations, including service descriptions, workflow logic, AML/KYC/KYT procedures, governance, and risk management;
- supported by clear descriptions of technical architecture, monetisation strategy, client segmentation, and stress scenarios that demonstrate the company’s long-term resilience;
- adapted for review by banks, PSPs, auditors and supervisory authorities, ensuring smoother onboarding and fewer follow-up requests;
- prepared in English and Czech, with consistent terminology and formatting suitable for regulatory submissions.
Behind each document is a team that understands fintech and crypto not только как отрасль, но как систему:
AMS brings together operational, technical, compliance and financial expertise to create documentation that withstands audits, supports licensing, and builds trust with banking partners.
FAQ: Business Activity Plan
What is a Business Activity Plan?
An operational document that describes services, processes, risks, architecture and compliance. Required under MiCA for CASP/PI/EMI licensing.
How is it different from a business plan?
A business plan outlines strategy and market positioning.
A Business Activity Plan explains operations, controls and risk management.
Do banks and PSPs require it?
Yes. It is a core document used to assess risk management, AML/KYC processes and operational reliability.
What services must be described?
All that the company actually provides: on-ramp, off-ramp, checkout, API, custody, digital asset transfers.
What do regulators review first?
AML/KYC/KYT processes, governance, architecture, risk management, and operational controls.
What happens if the document is weak?
Regulators may request multiple revisions, pause the application, or issue a refusal.
Can AMS prepare the document?
Yes — we produce fully structured, regulator-ready Business Activity Plans accepted by banks, PSPs and EU regulators.
