How to expand from Czechia into other Member States (agents/branches, notifications, governance)
A Czech Electronic Money Institution (Electronic Money Institution, EMI) can, in principle, scale across the EEA without obtaining a new licence in every country — but only if the expansion is built within a formal passporting procedure and a correct operating model.
In practice, a “passport” is not a “growth hack.” It is a regulated expansion process with formal notifications, defined timeframes, and real supervisory expectations around governance, AML/CTF, safeguarding (protection of client funds), outsourcing oversight, and operational resilience.
Below is a practical guide, current as of 2026, on expanding from the Czech Republic into other EEA states using:
- Freedom to provide services (FOS) — cross-border / without permanent presence
- Agents
- Branches
- (for e-money specifically) distributors for distribution/redemption of e-money
What “passporting” means for a Czech EMI
Passporting is the process in which your home regulator (for a Czech EMI — the ČNB) notifies the host Member State regulator that the institution intends to operate in its territory — either cross-border (FOS) or via the right of establishment model (for example, through an agent network or a branch).
PSD2 sets the baseline “procedural” framework for notifications and cooperation between home and host authorities.
Important: EMI activity is governed by a specific regulatory construct for electronic money (including the interaction between e-money rules and the application of PSD2 procedures to EMIs with the relevant adjustments and nuances). So, in practice, the correct way to frame it is:
PSD2 home/host notification and cooperation procedures apply to EMIs taking into account e-money specifics (including the particularities of distributing/redeeming e-money through third parties).
Pick the right expansion route: FOS vs agent vs branch (and what “distributor” changes)
A) Freedom to provide services (FOS) — “cross-border”
Best suited for:
- entering a new country without a local sales network
- no on-the-ground activity (no local agent network/points, no physical operational infrastructure)
- no need for permanent operational presence
Typical profile:
- remote onboarding (online) and remote servicing
- centralised operations in the Czech Republic
- localisation mainly through terms/disclosures, complaint-handling language, and customer support
Why it’s attractive:
- usually the fastest operationally (fewest structural elements)
- lower fixed costs
- generally does not require local organisation/staff as a mandatory model element
Practical note: even under FOS, local consumer-facing expectations (language, fee disclosures, advertising/marketing rules, complaints and complaint timelines) can be significant. FOS does not mean “no local conduct requirements.”
B) Agents — local commercial expansion without a full branch
Best suited for:
- building a local go-to-market network (e.g., merchant acquisition, onboarding support, local commercial activity, parts of customer interaction), while keeping most control functions (risk/compliance/AML/MLRO and key processes) centralised.
Under PSD2, when using an agent you notify the home authority, provide data on the agent, and go through the passporting procedure for the establishment model. Host regulators, via information exchange, may raise questions — including on AML/CTF, especially for agent/branch setups.
Key EMI nuance:
The issuance of e-money is performed by the EMI as the issuer. PSD2 “agents” are primarily a channel for providing payment services (subject to agent requirements). For e-money, it is often more accurate in practice to distinguish:
- agents (payment services) vs distributors (e-money distribution/redemption)
So it is better to avoid the simplified phrase “the EMI issues e-money through agents.” A more accurate description is:
The EMI may use agents for certain payment services, but distribution/redemption of e-money via third parties is typically structured under a distributor model, and this must be reflected correctly in documentation and notifications.
C) Branch — a permanent establishment in the host state
Best suited for:
- high-volume markets where you need:
- a clear “local presence” for partners/banks/merchants
- dedicated local management
- sometimes (depending on country and model) more predictable supervisory communication and greater stakeholder trust
Branch notification requires more detailed information than FOS, including organisational structure, allocation of functions, and identification of branch management.
D) Distributors (e-money distribution/redemption)
EMIs may distribute and redeem e-money via persons acting on their behalf. When entering another country, this format may also be “passport-sensitive”: you must correctly describe the model, roles, and controls, and follow the applicable notification and supervisory interaction logic.
In simple terms:
- Agents → mainly about providing payment services
- Distributors → about distribution/redemption of e-money
- Branch → about a permanent establishment (local management + structure)
The passporting workflow (what actually happens between ČNB and the host regulator)
The procedure is a structured exchange of information between home and host supervisors:
- You submit information to the home authority (ČNB):
target countries, services, whether you use establishment models (agents/branch/other roles), and the required details. - The home authority forwards the notification to the host authority within the required timeframe after receiving a complete package.
- The host authority reviews the information within the set framework and may return “relevant information” — including AML/CTF concerns, especially for agent/branch models.
- Next steps and the “go-live point” are typically most formalised for establishment models (agent/branch): after completion of the procedure and any needed registration/accounting steps, activity may start, and often you must notify the start date.
Timing clarification: the widely cited “1 month / 3 months” structure relates to PSD2’s procedural framework and is especially relevant for establishment flows (agents/branches). FOS also has a notification logic, but the “weight” of the package and the number of structural elements differ — so it is wrong to treat those timelines as universal “math” identical for all models and cases.
Reality check: legal deadlines are a framework; actual speed depends heavily on package quality: completeness, clarity of the operating model, a clean map of services/roles/controls, and readiness to answer questions.
What you must include in the notification (and why weak packs trigger delays)
PSD2 sets a baseline information set transmitted to the home authority for entering another Member State, including:
- institution identification (name/address/authorisation status, etc.)
- host Member State(s)
- services to be provided
- agent information (if applicable)
- branch information (if applicable), including structure and responsible management
- outsourcing notification where operational functions are delegated to third parties in the host state (or where the model materially depends on such contractors)
Practical note for the Czech Republic (ČNB forms)
In practice, the ČNB uses specific annexes/templates for different passporting scenarios. Typically separate items are used for:
- cross-border services notification (FOS)
- establishment model notifications/annexes (branch/agent)
- notifications of commencement/start of activity and change notifications (new agents, operating model changes, outsourcing changes, etc.)
Practical takeaway: if the package is weak (blurred roles, processes, responsibility split, where functions are performed, how AML/controls work), the process almost inevitably turns into Q&A, and timelines become “floating” regardless of the formal framework.
Governance: what supervisors expect before you “scale the passport”
A) Keep the home-state governance strong (because it remains the anchor)
Even when entering other markets, the home supervisor remains the key anchor for most resilience and compliance elements. Host supervisors often focus on market conduct and local effects (especially consumer-facing), but baseline resilience, controls, and ongoing compliance expectations usually stay anchored at home.
Operational meaning:
- board/management responsibility cannot be “pushed to the market” or partners
- risk/compliance/MLRO must have visibility over cross-border activity
- outsourcing must be controlled, managed, and auditable
B) Agent governance is not “partner onboarding”
If you use agents, you need formalised agent governance:
- due diligence and onboarding standards
- ongoing monitoring and periodic reviews
- training, QA, complaint control
- clear contractual responsibility allocation
- escalation routes (including AML escalations)
Also: the host supervisor may signal AML/CTF concerns about an agent/branch during the information exchange.
C) Be ready for “central contact point” requirements
Some Member States may require an institution operating through an agent network to appoint a central contact point in their territory for communication and reporting. This can be a hidden cost if you scale an agent network aggressively.
D) Operational resilience is now a baseline expectation (DORA)
If you fall under DORA as a financial entity, DORA applies from 17 January 2025, increasing requirements for:
- ICT risk management
- third-party control
- incident reporting
- resilience testing
This matters for cross-border expansion because:
- more vendors (KYC, antifraud, core banking, cloud, etc.) = more third-party risk
- more countries = more operational edge cases (language, local expectations, payment rails, support hours)
- supervisors increasingly expect “evidence of resilience,” not only paper policies
A practical decision matrix (what to choose and when)
| Route | Best when | Key regulatory sensitivity | Typical pitfall |
|---|---|---|---|
| FOS (cross-border) | Market testing; a remote-only model without “on-the-ground” infrastructure | Local consumer-facing requirements: language and disclosures, fees, complaints handling, marketing/advertising rules | Assuming you can operate and market “like a local firm” without local conduct expectations |
| Agents | You need local distribution/sales/merchant reach and in-country commercial activity, while keeping control functions centralised | Agent governance, AML/CTF controls, monitoring/QA, manageability of a distributed model, reporting/supervisory readiness | Treating agents as “resellers” without proper oversight, monitoring, and escalation paths |
| Branch | High volumes; you need local presence, dedicated local management, and stronger credibility with partners/banks/merchants | Branch management, structure, allocation of functions, local processes/controls and evidencing them | Building presence while keeping weak control ownership and low manageability (unclear accountability) |
| Distributors (e-money) | Scaling distribution/redemption of e-money via third parties | Distributor oversight, correct notification logic, precise role and flow descriptions | Mixing up agent vs distributor roles and creating a mismatch between the contractual model, operational reality, and the notification package |
EMI nuance: e-money issuance is performed by the EMI; the agent model relates primarily to payment services; distribution/redemption of e-money via third parties follows a separate distributor logic, which must be described correctly in documentation and notifications.
Common expansion blockers (and how to avoid them)
- Unclear scope mapping
Host markets/partners will ask: what exactly do you do — e-money issuance, which payment services, which rails, safeguarding model, where key functions are performed. - Weak localisation (even under FOS)
Consumer law expectations, language, fee disclosure, complaint timelines, and marketing practices can create friction and become supervisory/partner discussion points. - Agent networks without a control layer
Expect questions: how you monitor agents, how QA works, AML training, and whether compliance/MLRO can actually manage a distributed model. - Outsourcing sprawl
Cross-border activity + outsourcing triggers scrutiny: whether outsourcing impairs control/supervision and whether the model remains manageable. - Underestimating reporting steps and “start of activity”
Passporting is not only “notification/approval”: often you need follow-up start-date notifications and change notifications (new agents, new vendors, expanded services, etc.).
A Czechia-to-EU passporting checklist (usable as an internal workplan)
Before filing
- Confirm route per target country: FOS / agent / branch / distributor
- Map services (PSD2 categories) + e-money flow
- Prepare governance pack for agent/branch/distributor (roles, controls, supervision cadence)
- Validate safeguarding + reconciliation procedures
- Confirm AML model (scoring, monitoring, escalations)
- Validate ICT and third-party risk (DORA readiness where applicable)
Notification pack quality (what reduces Q&A)
- Clear program of operations per market
- Understandable operating model map (who does what and where)
- Outsourcing register (including host-market vendors if any)
- Due diligence evidence for agents (if agents)
- Branch management profiles + structure (if branch)
- Clear separation of agent vs distributor roles (if e-money distribution/redemption via third parties)
After passporting goes live
- Notify start dates where required (especially agent/branch models and where local practice expects it)
- Implement conduct/complaints processes for the host market
- Confirm reporting obligations (home + host requests)
- Run the first internal control review/audit cycle for the new market
How AMS supports EMI passporting from Czechia
EMI passporting—done right, end to end
FAQ: EMI Passporting Across the EU
EMI licence vs Payment Institution (PI) in Czechia: what’s the difference?
Do we need a new licence in each EU country?
Usually no — you use the home authorisation and follow the formal passport notification route between home and host authorities.
Can a foreign (non-Czech) company apply for an EMI licence in the Czech Republic?
How long does passporting take?
PSD2 sets a structured timeline (home-to-host forwarding in 1 month, decision in 3 months for agent/branch flows), but real-world timing depends heavily on the completeness of your submission and any supervisory concerns raised.
What is “source of funds” vs “source of wealth” for Czech EMI licensing — and why CNB cares?
Can an EMI use agents in other Member States?
For payment services, yes — but be careful with the e-money-specific limitation: EMIs generally do not issue e-money through agents; structure agent vs distributor roles correctly.
Do we need local Czech directors/management for an EMI licence?
Will the host regulator supervise us directly?
Host authorities have roles (especially conduct-of-business monitoring and local market impacts), while home authority remains central. Supervisory cooperation and information exchange are built into PSD2.
