MiCA Business Plan Requirements: What Authorities Expect from CASP Applicants

Artem Tkachenko 7 mins read

Under the Markets in Crypto-Assets (MiCA) regulation, authorities expect crypto-asset service provider (CASP) applicants to demonstrate that their business is well-controlled and capable of operating within a regulated environment.

The business plan is where all of this comes together, from product design to governance and risk management.

At Legalaes, our team combines legal, regulatory, and operational expertise to guide clients through this process. Having worked on related projects from early-stage planning to submission, we fully understand all MiCA business plan requirements to help you present your operations in a way that meets regulatory expectations.

Key Takeaways

  • A MiCA business plan must clearly explain how a CASP will operate in practice, not just outline high-level intentions.
  • Authorities expect detailed descriptions of services, governance, risk controls, and financial capacity.
  • A structured and realistic approach to markets, clients, and resources strengthens the credibility of your application.
  • Weak or incomplete documentation can lead to delays, follow-up questions, or rejection during the licensing process.

Table of Contents

What Authorities Expect in a CASP Business Plan

Authorities review the business plan as a core part of the CASP licensing assessment process.

Your CASP business plan must provide a clear and detailed picture of how your company will operate for at least three years.

Authorities will look for the following:

A precise description of services and the overall business model

The business plan should clearly identify the types of crypto-asset services you will offer, how you will generate revenue, and how you will deliver your services across markets. It should show a solid understanding of demand and competition.

Well-defined target clients and geographic scope

Authorities look for evidence that you understand your target clients and information on where you will operate. It should be detailed enough for the regulatory body to understand your target market.

Governance and internal structure

The business plan should outline details of your company’s ownership, management responsibilities, and internal controls, including compliance and risk functions.

Risk management

Authorities should have a clear idea of your anti-money laundering (AML) and counter-terrorist financing (CTF) procedures. The document should also have details regarding your client’s asset protection, cybersecurity measures, and business continuity planning.

Financial Position and Funding

The financial section of your business plan must include realistic projections, funding sources, and proof that your company meets the minimum capital requirements.

Below are the important elements that should be included in the MiCA licensing business plan content:

Group structure and integration

This section should explain how your activities fit within the wider corporate group. Authorities expect a clear description of ownership, reporting lines, and how responsibilities are divided across entities.

It is important to show how the different entities of your group interact, especially if certain functions are shared or centralized. The structure should make it easy for regulators to understand who is responsible for decision-making, oversight, and operational delivery.

Strategy and jurisdiction choice

This element allows you to present your CASP’s overall direction and explain why you chose Slovakia for expansion if you are applying for a crypto license in Slovakia. It should present both your commercial and regulatory reasons. Authorities will expect to see how the business contributes to the local market, including employment and economic activity, while still operating on a broader international scale.

Products, services, and transaction flows

This section must clearly describe all services and types of crypto-assets you intend to offer. The business plan should also explain how they work in practice. It should provide a step-by-step transaction flow or customer journey to help regulators understand how funds and information move through the system. This level of detail shows that the business model is well-thought-out and operationally sound.

Additional activities

A CASP business plan under MiCA should state other activities you may engage in that fall outside your main services in both regulated and unregulated areas. This may include offering crypto-assets to the public or seeking admission to trading platforms. Authorities want a complete picture of your company’s activities to assess potential risks and ensure you leave nothing important out of your crypto license application.  

Geographic scope

This section should identify where you plan to offer your crypto-asset services and where your clients are located. It must highlight the specific area you will use as your starting point, but also mention other countries you may be interested in for expansion. A clear explanation of initial markets, supported by a realistic expansion plan, can help demonstrate that you can manage your business and that you have access to adequate resources.

Target client categories

Your business plan should identify the types of clients your company intends to serve, such as retail users, corporate clients, or institutional investors. It should also explain why you are offering your services to these groups and how you will address their needs.

Access to services

This part should explain how your clients will access your services. It must include the domain names of all websites and ICT-based applications to be used to provide crypto-asset services, along with details on available languages and the services accessible on each platform. Any member states where these can be accessed must also be listed.

Marketing strategy

Your business plan must provide details about how you intend to promote your services. This part should cover your marketing channels, communication methods, and the languages to be used.

Resources and infrastructure

This section provides a detailed overview of the resources required to demonstrate your capability to operate effectively. It should include descriptions of the following:

  • Human resources, explaining the roles, responsibilities, and geographical location of all employees.
  • Technical resources, detailing the technology you will use, including software, infrastructure, and other IT and technological systems that will support your safe and reliable delivery of services.
  • Financial resources, specifying your sources of funding, budget allocation, and financial projections. You can include your detailed financial and budget projections as annexes to your business plan, but their summary should be presented here.

Outsourcing framework

If you need to outsource any functions, this section should explain how you will structure and manage them. It should provide details regarding who is responsible for monitoring third-party providers and how risks will be controlled. The plan should also show that outsourced activities will remain under proper supervision and will not weaken internal control.

Outsourcing service providers

Under MiCA regulations, the business plan should include a list of all external service providers you intend to work with, along with their locations and the services they deliver. This helps regulators assess any associated risks.

Financial projections

This part provides detailed financial forecasts that reflect your expected performance. This includes projected financial statements and assumptions used to build them. You can mention consolidated group and sub-consolidated level financial relationships, if relevant, in accordance with Directive 2013/34/EU.

Crypto-asset activities

This section should describe any planned activities involving the exchange of crypto-assets for funds or interactions with decentralized applications.

Risk assessment (SWOT)

This part covers a structured assessment of your CASP’s strengths, weaknesses, opportunities, and possible threats to demonstrate your awareness of the business environment.

If you need to outsource functions such as AML or IT, your service providers must meet the standards set out in Article 73 of the Markets in Crypto-Assets Regulation.

Some important requirements you should prepare include:

  • A written agreement that can be terminated at any time
  • Consent to on-site inspections by the regulator
  • Full disclosure of all locations (physical and virtual) where records are stored

Read more information that can help you create a CASP application business plan checklist you can follow:

How detailed does the three-year forecast need to be?

The three-year financial forecast in a MiCA business plan must include projected financial statements, clearly stated assumptions, and a breakdown of funding sources. Regulators expect figures that reflect realistic business performance, not optimistic estimates. Projections should also address consolidated group-level financials when relevant.

Do regulators expect operational and staffing details?

Yes. MiCA authorities require a comprehensive overview of your human, technical, and financial resources. This includes the roles and responsibilities of all employees, their geographic locations, and the technology infrastructure used to deliver services. Regulators use this information to assess whether the applicant has the operational capacity to function within a regulated environment.

What risks should be addressed in the plan?

A MiCA business plan must address AML and counter-terrorist financing procedures, cybersecurity measures, client asset protection, and business continuity planning. A structured SWOT analysis is also expected, demonstrating your awareness of the broader business environment. Outsourcing risks must be addressed separately to prove that third-party providers are properly supervised.

Can a weak business plan slow down approval?

Yes. The business plan is an important part of the MiCA licensing assessment, and any gaps or weak sections can lead to delays and possible rejection. Authorities expect a clear picture of your services, governance, financials, and risk management. A well-made business plan demonstrates operational readiness and regulatory competence, which directly affects how smoothly the review process moves.​

Preparing a MiCA business plan requires careful attention to detail and a clear understanding of regulatory expectations. Every section should reflect how your business will function in real conditions. Taking the time to get this right can make a meaningful difference during the review process.

Contact us today to get expert support in preparing your MiCA business plan.

May also interest you

Discover more

Montana MSB Explained for Crypto and Payment Businesses

Montana has become one of the most attractive jurisdictions for crypto and payment businesses entering the U.S. market. Unlike every other U.S. state, Montana

Artem Tkachenko 5 mins read
Read more

Who Needs RPAA Registration in Canada, and Who May Be Exempt?

The Retail Payment Activities Act (RPAA) is a Canadian federal law that mandates the registration of payment service providers (PSPs) to ensure compliance with

Artem Tkachenko 10 mins read
Read more

What Documents Are Needed for a CASP Application? A Checklist of MiCA CASP Document Requirements

The Markets in Crypto-Assets (MiCA) Regulation, i.e., Regulation (EU) 2023/1114, requires crypto-asset service providers (CASPs) in the European Union to apply for authorization from

Artem Tkachenko 10 mins read
Read more

Contact Us

Our expert team is prepared to address your needs and ensure your projects are handled with the utmost efficiency and care

Phone: +372 602 8525 (request a call back or schedule a meeting)

Messengers:

Connect with our experts

    Connect with our experts using

    our chanels: Whatsapp Telegram WeChat or contact from below:

      Connect with our experts via WeChat

      Scan the QR code to continue in WeChat application
      Request a call back
      Schedule a call
      Back

      Enter phone number