OTC (Over-the-Counter) trading has become a cornerstone of the crypto ecosystem, especially for institutions and high-net-worth clients executing large transactions outside public order books. However, with the arrival of the EU’s MiCA framework, OTC providers can no longer operate in regulatory grey zones. Many previously unlicensed intermediaries must now obtain a CASP license to serve clients legally across the European Union.
This article breaks down what the CASP authorisation means for OTC desks, which requirements apply, and how operators can prepare for stricter supervision.
Understanding the CASP License Under MiCA
A Crypto-Asset Service Provider (CASP) license grants a company the right to offer regulated crypto services across all EU Member States. MiCA defines multiple activities that fall under this licensing perimeter, including:
- facilitating crypto-to-fiat or crypto-to-crypto exchange
- executing orders on behalf of clients
- arranging trades between counterparties
- offering custody or administration services
- enabling transfers or settlement of crypto assets
Because OTC desks match buyers and sellers privately and often assist with settlement, they fall directly into these regulated categories — making licensing mandatory.
Why MiCA Makes Licensing Essential for OTC Desks
Under previous national rules, OTC operations were often tolerated with minimal oversight. MiCA eliminates that possibility. Licensing becomes required if an OTC desk:
- brokers trades or negotiates prices for clients
- intermediates between two parties in large transactions
- temporarily holds client funds or assets
- settles trades or assists in transferring crypto
- markets OTC services to EU residents
- provides execution or matching services
Operating without a CASP license after MiCA comes fully into force may result in fines, business restrictions, or forced shutdowns.
Legal Requirements OTC Desks Must Meet to Obtain a CASP License
1. Comprehensive AML/KYC Program
OTC providers must demonstrate a mature AML system capable of handling high-risk, large-volume activity. Requirements include:
- full identity verification for all clients
- enhanced checks for large or unusual transactions
- ongoing screening against sanctions and PEP lists
- blockchain monitoring of wallets involved in trades
- documented suspicious activity reporting procedures
Because OTC deals often involve significant sums, regulators expect advanced risk assessment tools and detailed recordkeeping.
2. Strong Corporate Governance and Compliance Oversight
MiCA requires OTC desks to prove they have internal structures comparable to regulated financial institutions. This includes:
- management and key decision-makers located in the EU
- an appointed AML/Compliance Officer with relevant expertise
- documented reporting lines and role responsibilities
- mechanisms for managing conflicts of interest
- internal policies covering onboarding, trade execution, and settlement
Regulators evaluate governance rigorously during the licensing review.
3. Capital Requirements and Financial Safeguards
To prevent systemic risk, OTC firms must maintain adequate financial buffers. Depending on their services, firms may need:
- minimum initial capital
- ongoing own-fund requirements
- professional liability insurance
- liquidity to support large trade settlements
These protections help ensure operational continuity and client safety.
4. Transparency, Client Disclosures & Fair Execution
MiCA places strong emphasis on investor protection. OTC desks must ensure:
- transparent pricing and fee visibility
- accurate risk disclosures before executing trades
- best-execution procedures when acting for clients
- consistent and accessible transaction records
Any misleading communication or hidden fees can jeopardize licensing.
5. Safeguarding of Client Assets
If an OTC desk handles client funds or crypto assets, even temporarily, strict custody rules apply:
- client assets must be segregated
- private-key management must follow security best practices
- reconciliation and reporting must happen regularly
- settlement operations must be fully documented
Improper asset handling is one of the fastest ways to fail a regulatory review.
6. ICT Security, Resilience & Business Continuity
To obtain a CASP license, OTC firms must show that their systems are secure and resilient. Required elements include:
- cybersecurity monitoring and penetration testing
- clear incident-response plans
- reliable system backup and recovery procedures
- policies to ensure uninterrupted operations during market stress
Regulators assess whether an OTC desk can operate consistently without exposing clients to technology failures.
CASP Licensing Timeline for OTC Providers
While exact timelines differ by Member State, firms typically experience:
- 3–6 months to prepare documentation
- 6–12 months for regulator review and clarifications
- extensions if governance, AML, or ICT systems require improvement
Well-prepared firms with strong compliance structures move significantly faster.
Frequent Obstacles OTC Desks Face During Licensing
Many firms encounter issues such as:
- weak AML monitoring for large trades
- insufficient governance or unclear responsibilities
- inconsistent onboarding workflows
- gaps in custody or settlement processes
- difficulty proving liquidity and capital adequacy
- challenges opening EU bank accounts
Addressing these gaps early greatly improves approval prospects.
Conclusion
As a result, a CASP license for OTC desks has become a mandatory requirement for operating legally across the EU under MiCA. By obtaining authorisation, licensed OTC providers not only strengthen their credibility, but also unlock access to institutional partnerships and benefit from a harmonised regulatory passport valid across all 27 EU Member States.
Moreover, as regulatory oversight continues to intensify, firms that proactively invest in compliance frameworks, robust governance structures, and operational resilience are far better positioned to adapt and grow within the evolving European crypto market. In practice, businesses that secure licensing early gain enhanced trust, improved scalability, and broader access to international and cross-border markets.
👉 Contact AMS today to assess your licensing readiness and secure your OTC operations across the EU with confidence.
Start your CASP licensing journey with AMS — and operate OTC legally, transparently, and at scale.
FAQ: CASP License for OTC Desks
Do all OTC desks need a CASP license under MiCA?
Yes. If an OTC desk facilitates crypto-to-fiat or crypto-to-crypto trades, matches buyers and sellers, helps with settlement, or provides quote-based execution to EU clients, it falls under MiCA’s regulated activities. Therefore, a CASP license becomes mandatory for legal operation in any EU Member State.
What is the main regulatory focus for OTC desks applying for a CASP license?
Regulators pay the closest attention to AML/KYC systems, governance quality, transaction monitoring, and client-asset protection. Since OTC trades often involve high volumes and institutional clients, authorities expect a sophisticated compliance framework with clear documentation and strong internal controls.
Can an OTC desk operate without custody and still require a CASP license?
Yes. Even if an OTC provider does not hold client assets, it may still require licensing if it intermediates transactions, negotiates prices, or executes orders on behalf of clients. Under MiCA, “execution of orders for clients” is itself a regulated service — independent of custody.
How long does it take for an OTC desk to obtain CASP authorisation?
Typical timelines range from 9 to 18 months, depending on the country, the completeness of documentation, the maturity of the firm’s AML/governance framework, and the regulator’s workload. OTC desks with strong internal systems move faster through the review process, while those with compliance gaps may face significant delays.
What are the biggest challenges OTC desks face during the licensing process?
Common obstacles include insufficient AML monitoring for large trades, inadequate risk scoring models, unclear onboarding procedures, poor documentation of settlement workflows, and lack of capital or liquidity evidence. Another major challenge is securing an EU banking partner — something regulators increasingly expect before granting a license.
