Licensing requirements for crypto advisors: MiCA, MiFID II, and beyond

MiCA is often seen as a universal answer to crypto regulation in the EU, but for advisors the picture is more complex. The line between general information and regulated investment advice quickly becomes blurred, especially when it comes to personalised recommendations, success-based fees, or involvement in clients’ transactions. Mistakes in positioning services can lead not only to regulatory risks, but also to account blocks by banks and partners. Additional complexity comes from national regimes and adjacent requirements beyond MiCA. In this article, we will examine which licensing requirements may apply to crypto advisors beyond MiCA and how to structure the scope of services correctly.

Who is a “crypto advisor” and why licensing questions arise

A crypto advisor is commonly understood as someone who helps clients navigate the crypto market. This may include advice on launching projects, tokenomics, or working with infrastructure providers. It often also involves recommendations on specific assets or strategies for private and corporate clients. The problem is that the line between neutral explanations and influencing an investment decision is very thin. This is where regulatory issues usually begin.

Once advice becomes personalised, the risks increase sharply. Recommendations such as what to buy, when to enter a position, or how to structure a deal for a specific client may be treated as regulated activity. The risk is further amplified when compensation depends on the outcome of a transaction. A consultant’s involvement in negotiations or practical assistance with executing transactions also changes how their role is perceived. In the eyes of regulators, such a consultant is no longer just providing information, but influencing investment decisions.

Additional challenges arise when working with clients across borders. What may be permissible in one jurisdiction can require a license in another. This is particularly relevant for active marketing and client acquisition in specific markets.

A key advantage of MiCA authorisation is the passporting regime under Article 65: a CASP authorised in one EU Member State may provide services across the entire EU/EEA through a simple notification to host state competent authorities (freedom to provide services) or by establishing a branch (freedom of establishment). For crypto advisors, this means a single CASP authorisation opens access to the pan-European market - a material consideration when selecting the jurisdiction for licensing. Passporting does not, however, extend to services that fall under MiFID II (separate MiFID passport) or to national regimes outside MiCA scope.

What MiCA covers and what it doesn’t

MiCA sets a comprehensive framework for crypto-asset service providers (CASPs) in the EU, and it directly regulates advisory services: Article 3(1)(16)(h) defines ‘providing advice on crypto-assets’ as a CASP service, and Article 3(1)(16)(i) covers portfolio management on crypto-assets. Both require full CASP authorisation under Article 59 MiCA. The question for advisors is therefore not whether MiCA applies, but how the service must be structured to comply - and whether MiFID II applies in parallel where the crypto-asset qualifies as a financial instrument.

MiCA scope in one page

MiCA covers the activities of those who directly handle clients’ crypto-assets or their transactions. The following typically fall within the scope of direct regulation:

• Custody of crypto-assets and management of client wallets;
• Exchange of crypto-assets for fiat and for other crypto-assets;
• Execution of orders and placement of crypto-assets;
• Reception and transmission of orders related to crypto-asset transactions.

If an advisor limits their role to general explanations and does not take part in these activities, MiCA usually does not apply directly. This does not mean, however, that the activity falls outside regulation altogether.

Grey zones: advice vs execution vs marketing

The main risks for crypto advisors arise in borderline scenarios. Advice starts to “look” like a regulated service when it influences specific client decisions or is combined with elements of deal execution. Issues most often arise in the following situations:

• Providing personalised recommendations on buying or selling specific tokens;
• Helping structure or accompany a transaction rather than simply explaining the market;
• Linking remuneration to deal outcomes or investment volumes;
• Marketing materials that resemble investment recommendations or promise returns.

The “beyond MiCA” layer: MiFID II and national investment advice regimes

MiCA does not cover all crypto advisory scenarios. Once advice goes beyond general information and starts to influence a client’s investment decisions, other regulatory regimes come into play. In the EU, this most often means investment advice rules and national requirements applicable to such services. This is where licensing obligations or the need to operate through an authorised partner most commonly arise.

Investment advice as a regulated service (EU logic)

Under the EU regulatory logic, the key question is straightforward: are you providing personalised recommendations that can influence a client’s investment decisions? If advice is addressed to a specific client and relates to buying, selling, or holding specific assets, regulators tend to treat this as investment advice. This is particularly relevant when recommendations are supported by risk analysis and expected return assessments tailored to the client’s objectives.

MiCA covers ten categories of crypto-asset services under Article 3(1)(16): (a) custody and administration of crypto-assets on behalf of clients; (b) operation of a trading platform for crypto-assets; (c) exchange of crypto-assets for funds; (d) exchange of crypto-assets for other crypto-assets; (e) execution of orders for crypto-assets on behalf of clients; (f) placing of crypto-assets; (g) reception and transmission of orders for crypto-assets on behalf of clients; (h) providing advice on crypto-assets; (i) providing portfolio management on crypto-assets; (j) providing transfer services for crypto-assets on behalf of clients. Advisory services (h) and portfolio management (i) fall squarely within this list.

Crypto-assets that may fall outside MiCA or be treated differently

For crypto advisors, asset classification is the decisive factor. The same token may be treated differently depending on its economic substance and the rights it grants to holders. If an asset is classified as a financial instrument or another regulated product, advice relating to it is automatically subject to stricter regulatory requirements.

Misclassification of assets is one of the most common reasons advisors believe their model is “advice-only” while regulators and banks view it as a licensed activity. This is why legal assessment of token and product status should be carried out before launching an advisory service, not after regulators or partners have already raised questions.

AML/CTF obligations that can apply to advisors

Crypto advisors authorised as CASPs under MiCA are directly classified as obliged entities under EU AML/CTF law. This status triggers the full range of obligations under AMLD5 (Directive (EU) 2018/843, Article 2(1)(3)(g)) and, from 10 July 2027, under the AML Regulation (EU) 2024/1624. Advisors are also subject to the Transfer of Funds Regulation (EU) 2023/1113 (Travel Rule), applicable since 30 December 2024. The risk of unintentionally entering AML scope is highest for hybrid models - for example, where a formally ‘advice-only’ firm supports transaction execution, handles client funds, or acts as an intermediary with exchanges or OTC desks.

AML/CTF obligations for crypto advisors most commonly arise when:

1. The advisor is involved in structuring or supporting transactions involving the movement of funds;
2. The advisory model provides for remuneration linked to transaction volumes or outcomes;
3. The advisor acts as an intermediary between clients and exchanges, OTC desks, or liquidity providers;
4. The business works with clients from jurisdictions with elevated sanctions and AML risk;
5. The advisory service is integrated into an ecosystem where group-level KYC/AML requirements apply.

Even without a dedicated “advisor license”, basic compliance elements become a practical minimum. Banks and payment providers expect to see KYC procedures, records of clients and counterparties, and basic sanctions screening. The absence of such mechanisms is a common reason for service refusals or account blocks.

Practical compliance map: when advice becomes a regulated activity

The line between an “advice-only” model and regulated activity is most often blurred not by how a service is labelled, but by how client work is actually structured. Regulators, banks, and partners assess the substance of the services, the language used in communications, and the advisor’s role in transactions. This is why it is important to understand in advance which elements of the operating model move advisory services into the licensed perimeter.

Personalised recommendations and suitability

Personalised recommendations for a specific client are most often treated as investment advice. If an advisor analyses a client’s objectives and proposes specific assets or strategies, this is likely to be viewed as regulated activity, even if the service is formally described as “consulting”. In practice, references to the educational nature of the service rarely protect in such cases.

Involvement in transaction execution

An advisor’s involvement in the actual execution of a transaction significantly changes the regulatory assessment of the service. Assisting with account openings, transmitting instructions to exchanges, interacting with OTC desks, or coordinating transactions may be treated as intermediation. This is particularly sensitive when the advisor interacts with counterparties on the client’s behalf.

Compensation linked to deal outcomes

The remuneration model directly affects how advisory services are classified for regulatory purposes. When compensation depends on deal outcomes, investment volumes, or client referrals, regulators are more likely to view the model as incentivizing investment decisions. This strengthens the case that the activity goes beyond neutral advice.

Marketing language and client acquisition

Marketing wording often becomes a source of regulatory issues even where the operating model is relatively “clean”. Promises of returns, phrasing such as “we will select the best asset”, or an emphasis on investment outcomes may be treated as investment recommendations. This is particularly risky when actively acquiring clients in specific jurisdictions.

Custody and handling of client assets

Any interaction with client assets or funds significantly increases regulatory risk. Even technical access to wallets, assistance with custody, or control over the transfer process can move an advisor into the licensing perimeter. In such cases, an “advice-only” model is no longer persuasive for regulators and banks.

Typical mistakes crypto advisors make

One of the most common mistakes crypto advisors make is assuming that formally positioning their services as “consulting” automatically places the business outside the regulatory perimeter. In practice, regulators, banks, and partners assess the substance of the services rather than the wording used in contracts or on websites. This often leads to a situation where the operating model already falls within licensing requirements, while the business continues to act as if it were in an “advice-only” mode.

Another frequent mistake is mixing advisory services with elements of transaction execution. Assisting with account openings, interacting with exchanges, transmitting instructions to counterparties, or participating in transaction structuring is often perceived as intermediation. In such cases, references to the educational nature of the services do not work in practice and do not protect against regulatory claims.

Many advisory projects underestimate the role of marketing and communication language. Promises of results, references to returns, or phrasing about the “best asset to invest in” may be treated as investment recommendations. An additional risk arises from cross-border promotion of services, where requirements from multiple jurisdictions may apply simultaneously.

Finally, basic compliance is often overlooked. The absence of KYC procedures, sanctions screening, and conflict-of-interest management not only increases regulatory risk but also leads to refusals by banks and payment providers. As a result, even a formally permissible advisory model may prove unworkable from an operational infrastructure perspective.

How Key2Law helps structure and license crypto advisory services

Licensing and regulatory qualification of crypto advisory models require a comprehensive approach. Mistakes in defining the regulatory perimeter, structuring services, or designing a cross-border operating model often lead to regulatory scrutiny, bank refusals, and partner issues. Key2Law team supports crypto projects at every stage: from legal assessment of the advisory model to obtaining licenses and building sustainable compliance.

• Regulatory perimeter analysis under MiCA, MiFID II, and national regimes;
• Legal qualification of advisory models and assessment of licensing risks;
• Development of an “advice-only” model or preparation for licensing where required;
• Preparation of contracts, disclaimers, and client documentation;
• Building baseline AML/sanctions compliance aligned with the service model;
• Support in dealings with banks and payment providers;
• Assistance with cross-border structuring of services and marketing;
• Support with licensing processes and regulator communications.

If you are launching a crypto advisory service or scaling an existing model into new markets, it is worth assessing regulatory risks in advance. Contact the Key2Law team to choose the right operating model, avoid hidden licensing requirements, and build compliance without unnecessary costs or account blocks.