CySEC MiCA Compliance: The 2026 Guide for Cyprus-Licensed CASPs and Crypto Promotion Rules

CySEC MiCA Compliance: the 2026 pillar guide for Cyprus-licensed CASPs.

Sedric Team

Communications

Share article on

TL;DR — Regulation (EU) 2023/1114 — the Markets in Crypto-Assets Regulation (MiCA) — entered into force in June 2023 and has been in full application since 30 December 2024 for crypto-asset service providers (CASPs) under Title V, with Titles III (asset-referenced tokens, ARTs) and IV (e-money tokens, EMTs) in application since 30 June 2024. CySEC is the National Competent Authority for MiCA in Cyprus and supervises Cyprus-licensed CASPs and crypto-asset issuers alongside its long-standing CIF and fund supervision. The marketing-and-communications framework for crypto is built from MiCA's specific marketing-communication provisions (Articles 7 and 9 for non-ART/non-EMT crypto-assets and Article 66 for CASPs), the ESMA Guidelines on market abuse for crypto-assets adopted in April 2025, the AML overlay (the Travel Rule Regulation (EU) 2023/1113, the AML Regulation (EU) 2024/1624, and AMLA), and the finfluencer-supervision expectations under both MiCA and the wider EU framework. This pillar walks the marketing and communications side of CySEC's CASP supervision end-to-end. For the marketing framework for traditional CIF activity see the CySEC Marketing Compliance pillar; for the Article 16(7) call-recording side see the CySEC Communications Compliance pillar; for the broader EU MiCA authorisation framework see the MiCA Authorisation Checklist.

What CySEC MiCA compliance is, and who it applies to
The MiCA framework and its application dates
Marketing communications under MiCA
White papers and marketing alignment
The crypto risk-warning regime
Article 66: CASP conduct of business and marketing
ESMA market-abuse guidelines for crypto-assets (April 2025)
Finfluencer and affiliate supervision for crypto
The AML overlay
The transitional regime: Article 143
CySEC supervision of CASPs
Building a CySEC MiCA compliance programme
How Sedric helps
FAQ

What CySEC MiCA compliance is, and who it applies to

CySEC MiCA compliance is the discipline by which Cyprus-licensed CASPs and Cyprus-based issuers of crypto-assets satisfy the requirements of Regulation (EU) 2023/1114 (MiCA), the associated EU-level technical standards, the AML overlay, and the supporting CySEC Circulars and supervisory expectations. The marketing-and-communications side of MiCA compliance — the focus of this pillar — covers:

Marketing communications by Cyprus-licensed CASPs and Cyprus-based crypto-asset issuers, including websites, paid digital, social, video, podcasts, finfluencer content, affiliate and introducer arrangements, and any other promotional channel.
White papers and the relationship between the white paper and the firm's marketing communications.
Risk warnings on crypto-asset promotions.
Influencer and affiliate supervision for crypto promotions.
Market-abuse surveillance over crypto-asset trading, including the surveillance and reporting obligations established by the ESMA guidelines of April 2025.
The AML overlay, particularly the Travel Rule for crypto-asset transfers and the AML Regulation.

The framework applies to:

CASPs authorised under MiCA by CySEC — entities providing one or more crypto-asset services on a professional basis (custody, exchange, execution, order reception/transmission, advice, portfolio management, placing, transfers).
Issuers of crypto-assets other than ARTs and EMTs that publish a white paper for an offer in Cyprus or admission to trading on a Cypriot trading platform.
Issuers of asset-referenced tokens (ARTs) authorised by CySEC under Title III of MiCA.
Issuers of e-money tokens (EMTs) authorised in Cyprus as credit institutions or e-money institutions under Title IV of MiCA.

Cyprus has been one of the EU's busier MiCA jurisdictions in the first wave of CASP authorisations. The supervisory model that CySEC applies to MiCA work draws on its long-standing approach to CIF marketing supervision — with significant overlays for the specific characteristics of crypto.

The MiCA framework and its application dates

MiCA — Regulation (EU) 2023/1114 — entered into force on 29 June 2023 and has been in staged application since:

MiCA application timeline and the Article 143 transitional regime.

30 June 2024 — Titles III (asset-referenced tokens) and IV (e-money tokens).
30 December 2024 — full application, including Title V (CASPs) and the supporting conduct-of-business, market-abuse, and supervisory titles.

The marketing-communication framework that this pillar covers is principally in:

The MiCA marketing-communications regulatory stack for Cyprus-licensed CASPs.

Articles 7 and 9 of MiCA — marketing-communications rules for offers of crypto-assets other than ARTs and EMTs.
Article 66 — conduct-of-business obligations for CASPs, including the fair-honest-professional-treatment standard and the related marketing requirements.
Title VI — the market-abuse regime for crypto-assets admitted to trading or for which a request for admission has been made, including insider information, insider dealing, unlawful disclosure, market manipulation, and Suspicious Transaction and Order Reports (STORs) for crypto markets.
The associated Commission Delegated and Implementing Regulations that flesh out the technical standards.

The framework is supported by the EBA Guidelines on related matters (for credit institutions issuing EMTs in particular), the ESMA Guidelines on conditions and criteria for the classification of crypto-assets as financial instruments, the ESMA Q&As, and the ESMA Guidelines on market abuse for crypto-assets (the April 2025 guidelines, see below).

Marketing communications under MiCA

The marketing-communication standards under MiCA — particularly under Articles 7 and 9 for offers of crypto-assets other than ARTs and EMTs, and under Article 66 for CASPs — are substantively close to the MiFID II Article 24 fair-clear-not-misleading standard applied to traditional investment communications, with crypto-specific overlays:

Fair, clear, and not misleading. Marketing communications must be honest, presented in a way that is likely to be understood, must not mislead, and must not omit information that is material to the recipient's understanding.
Identifiable as marketing. Marketing communications must be clearly identifiable as such. The framing must not present the communication as research, news, or other non-promotional content where it is in fact promotional.
Consistent with the white paper. Marketing communications by an issuer or its agents must be consistent with the white paper for the relevant crypto-asset. Marketing that overstates returns, understates risks, or otherwise diverges from the substance of the white paper is non-compliant.
Risk-warning prominence. Crypto-asset promotions must present risk information with prominence appropriate to the audience. Retail-facing promotions are subject to a higher standard of prominence.
No misleading claims about returns, performance, or product features. Specific claims about historical performance, projected returns, or product attributes must be substantiated. The fair-clear-not-misleading standard applies the same scrutiny here as MiFID II applies to CFD promotions.
Disclosure of the publisher and the regulatory status of the firm. Communications must identify the CASP, the regulated activity, and the supervisory authority.

The substantive standard is principles-based. CySEC examiners (and ESMA, in the convergence work) read communications in context, taking into account the audience, the channel, and the framing. Retail-facing crypto promotions on social media draw the highest level of scrutiny.

White papers and marketing alignment

The MiCA white paper is the central regulatory disclosure document for an offer of crypto-assets other than ARTs and EMTs. The white paper requirements are detailed in MiCA's Annex I (for non-ART/EMT crypto-assets), Annex II (for ARTs), and Annex III (for EMTs), with mandatory content covering the issuer, the project, the rights and obligations attached to the crypto-asset, the technology, the risks, and the consumer-protection disclosures.

For marketing communications, the operative principle is that the marketing must be consistent with the white paper. This is not a formal cross-reference requirement; it is a substantive consistency obligation. Marketing that:

Implies returns, features, or rights not stated in the white paper
Understates or omits risks disclosed in the white paper
Presents the crypto-asset's purpose, technology, or governance differently from the white paper
Suggests regulatory characteristics — e.g., investor protections — that the white paper does not in fact provide

...is non-compliant, regardless of whether the underlying white paper itself is in order.

The operational implication is that the firm's marketing-review programme must be tied to the relevant white paper for each crypto-asset being promoted. A compliance-review platform that reviews marketing in isolation from the white paper cannot enforce the consistency obligation.

The crypto risk-warning regime

MiCA does not impose a single standardised risk-warning text comparable to the CFD risk-warning regime under ESMA / CySEC product intervention. Instead, MiCA requires risk warnings calibrated to the specific crypto-asset, its risks, and the retail-facing audience.

Common elements that retail-facing crypto-promotion content must address:

The crypto-asset's value can fluctuate significantly and may lose all of its value.
The crypto-asset is not covered by deposit-protection schemes (where applicable) or investor-compensation schemes.
The crypto-asset is not centrally cleared, settled, or guaranteed (where applicable).
Specific product-risk disclosures particular to the crypto-asset class — stablecoin reserve-asset risks for stablecoins, governance risks for utility tokens, liquidity risks for thinly-traded assets, smart-contract risk for contract-deployed crypto-assets.
Where the marketing references DeFi, staking, lending, or other yield-generating activity, additional disclosures about the specific risks of each activity.

The substantive standard for prominence and treatment of risk information is the MiFID II / MiCA fair-clear-not-misleading standard — risk must be presented with the same prominence as benefits, in the same medium as the marketing, in language likely to be understood by the audience.

Cyprus-licensed firms operating CFD products on cryptocurrencies (a distinct regulated activity from CASP services) must also apply the ESMA / CySEC CFD product-intervention measures — including the 2:1 leverage cap for retail crypto-CFDs and the standardised CFD risk warning. The two regimes — MiCA for crypto-asset services and the CFD product-intervention measures for crypto-CFDs — can apply concurrently to the same firm offering different products.

Article 66: CASP conduct of business and marketing

Article 66 of MiCA sets the general conduct-of-business obligations for CASPs. The substantive elements that bear on marketing and client-facing communications:

Act honestly, fairly, and professionally in the best interests of clients and prospective clients.
Provide fair, clear, and not misleading information to clients and prospective clients, including marketing communications.
Warn clients of the risks associated with the crypto-assets and crypto-asset services the CASP provides.
Publish prices and fees in a clear and not misleading way.
Establish and maintain effective and transparent procedures for handling client complaints.

The Article 66 standard is the CASP-side equivalent of the MiFID II Article 24 standard for traditional investment firms. The substance is comparable; the difference is that MiCA applies its standard to a wider set of CASP activities (custody, exchange, transfers, advice, etc.) and to the crypto-asset class.

ESMA market-abuse guidelines for crypto-assets (April 2025)

ESMA adopted Guidelines on market abuse for crypto-assets on 17 April 2025 (the "April 2025 guidelines"), elaborating Title VI of MiCA. The guidelines apply to crypto-assets admitted to trading or for which a request for admission has been made, and to the persons subject to the MiCA market-abuse regime — including CASPs, issuers, and persons professionally arranging or executing transactions.

The substantive elements directly relevant to marketing and communications supervision:

Insider information. Information of a precise nature that has not been made public and that would, if made public, be likely to have a significant effect on the price of crypto-assets. The guidelines provide criteria for when information is deemed inside information in the crypto context.
Market manipulation in crypto markets. Specific patterns including wash trading, spoofing and layering, momentum ignition, pump-and-dump schemes that frequently use social-media promotion, and coordinated promotional activity intended to move price.
STOR-equivalent obligations. Persons professionally arranging or executing transactions in crypto-assets must establish effective arrangements to detect and report suspicious orders and transactions.
Insider lists. Issuers and CASPs with access to inside information must maintain insider lists in the form specified.
Surveillance of coordinated promotional activity. The guidelines specifically address coordinated social-media promotional activity in crypto markets that may constitute market manipulation. CASPs and other relevant persons are expected to have surveillance arrangements that can detect such activity.

The market-abuse regime applies an additional layer of surveillance and recordkeeping on top of the standard CASP communications-supervision programme. For Cyprus-licensed CASPs the same captured communications archive that supports Article 16-style supervision feeds the MiCA market-abuse surveillance, with the relevant MiCA rule library applied on top.

Finfluencer and affiliate supervision for crypto

The finfluencer-supervision expectations for crypto are particularly active. CySEC's CASP supervisory model — like that of the FCA, the SEC, and most other major regulators — holds the CASP responsible for content distributed on its behalf by paid promoters.

The operational expectations:

Pre-engagement diligence. Authorisation status of the promoter in every jurisdiction where their audience is located; "fit and proper" checks; audience-composition review; past-content audit; sanctions and adverse-media screening.
Written agreement. Scope, channels, jurisdictions, products, mandatory disclosures, takedown rights, retention cooperation.
Pre-publication review of every campaign asset against the CASP's policy library, the white paper for the relevant crypto-asset, and the MiCA marketing-communication standards.
Disclosure of the commercial relationship. Promoter content must clearly disclose that the promoter is being compensated by the CASP, with prominence the audience cannot reasonably miss.
Risk-warning carry-through. The crypto risk warnings must travel with the marketing. A finfluencer post promoting a CASP's crypto-asset service without the warning at the required prominence is non-compliant, and the CASP is responsible.
Post-publication monitoring. Content edits, comment-thread interaction, story replies, and downstream re-shares must be monitored. The supervisory record extends across the full lifecycle of the published asset.
Market-abuse vigilance. Coordinated promotional activity by multiple finfluencers around specific crypto-assets is one of the patterns the ESMA April 2025 guidelines specifically flag as potential market manipulation. The CASP's surveillance programme must address it.
Retention. All approved-version content, the approval record, the actual published version, and the monitoring evidence are part of the CASP's books and records.

The cross-jurisdictional view of finfluencer supervision is covered in our finfluencer compliance pillar; the crypto-specific operating model sits on top of that framework.

The AML overlay

The AML overlay for CASPs is substantial and runs concurrently with the MiCA marketing-and-communications framework.

The Travel Rule (Regulation (EU) 2023/1113)

The Travel Rule applies to crypto-asset transfers and has been in application since 30 December 2024. It requires CASPs to obtain, verify, and transmit specified originator and beneficiary information accompanying crypto-asset transfers, regardless of amount, to mitigate AML/CFT risks.

The AML Regulation (Regulation (EU) 2024/1624) and AMLA

The AML Regulation (AMLR) and the establishment of AMLA (the Anti-Money Laundering Authority) are EU-level instruments that have entered into force and will reach full operational reality through 2027. CASPs are inside the scope of the AMLR, with detailed obligations on customer due diligence, ongoing monitoring, beneficial-ownership identification, and suspicious-activity reporting.

The interaction with marketing and communications

The AML overlay touches marketing and communications in several ways:

Marketing-stage onboarding messaging must align with the firm's KYC and CDD framework. Marketing that promises rapid or frictionless onboarding in ways the firm's AML programme does not in fact deliver creates conduct risk and supervisory exposure.
Geographic targeting — marketing reaching jurisdictions where the CASP cannot lawfully accept clients, or where the AML risk requires heightened due diligence, creates AML-supervisory exposure.
Influencer and affiliate diligence includes AML screening of the promoter and the audience.
Suspicious-activity recordkeeping draws on the same captured communications archive that supports the marketing-supervision and Article 16-style review.

The transitional regime: Article 143

Article 143 of MiCA provides a transitional regime for crypto-asset service providers that were operating under existing national crypto regimes before MiCA's date of application.

The principal elements (relevant for Cyprus):

Article 143(3). Member States may have allowed entities operating under existing national crypto registrations before 30 December 2024 to continue providing crypto-asset services without MiCA authorisation, for a period the Member State sets, up to a maximum of 18 months from 30 December 2024 (i.e., to 1 July 2026).
Member State variation. Different Member States chose different lengths within the 18-month cap. The Cyprus position should be checked with CySEC's published implementation timetable.
Article 143(6). National Competent Authorities could, before 30 December 2024, designate a simplified procedure for firms already authorised under MiFID II or another EU regime to receive MiCA authorisation.
ART and EMT transitional. Article 143(4) and (5) cover the ART and EMT side. ARTs issued before 30 June 2024 continue until 1 July 2026 unless the issuer obtains authorisation. EMT issuers had no transitional period.

For full operational detail on the MiCA authorisation process — checklist for governance, fit-and-proper, conduct-of-business, technology, AML, and supervisory documentation — see our dedicated MiCA Authorisation Checklist for CASPs.

CySEC supervision of CASPs

CySEC is the National Competent Authority for MiCA in Cyprus. The supervisory model draws on CySEC's existing CIF and fund-supervision practice with crypto-specific overlays. The principal operational implications:

Authorisation. CASP authorisation under MiCA requires a complete application covering the governance, fit-and-proper, conduct-of-business, technology, AML, and supervisory dimensions.
Ongoing supervision. CASPs are subject to ongoing prudential and conduct supervision by CySEC, including periodic reporting, on-site and off-site examinations, and ad hoc requests for information.
Marketing supervision. CySEC's marketing-supervision practice for CASPs applies the MiFID II / MiCA fair-clear-not-misleading standard and the white-paper consistency obligation. Examiners sample marketing communications across channels, check risk-warning prominence, and probe the finfluencer-supervision programme.
Market-abuse surveillance. Following the April 2025 ESMA guidelines, CySEC has heightened expectations on the surveillance side. CASPs are expected to have arrangements that detect and report suspicious activity, including the coordinated social-media promotional patterns that frequently move crypto-asset prices.
Cross-border perimeter. CySEC supervises Cyprus-licensed CASPs across the EU's passporting framework. The supervisory footprint extends to the host states where the CASP's marketing reaches consumers.

The CASP supervisory model is still maturing across the EU. CySEC's approach in the first wave of authorisations and the early supervisory cycle will shape the practical interpretation of the MiCA standards for years to come.

Building a CySEC MiCA compliance programme

A defensible CySEC MiCA programme — on the marketing-and-communications side — has six operational pillars.

The six pillars of a CySEC MiCA compliance programme on the marketing-and-communications side.

1. White-paper-aware policy library

The CASP's marketing policy library is tied to the white paper for each crypto-asset being promoted. Reviews automatically check consistency between marketing claims and white-paper substance.

2. Pre-publication review with rule-level audit trail

Every advertisement, post, video, and partner asset passes through review against the MiCA marketing-communication standards (Articles 7, 9, 66), the white paper, the AML overlay, and the firm's own product-specific policies. Every flag links to the specific provision; every decision is logged.

3. Risk-warning enforcement

The crypto-asset-specific risk warnings sit in a versioned template library applied automatically to the relevant content. Prominence, format, language, and channel-appropriateness are validated.

4. Market-abuse surveillance under the ESMA April 2025 guidelines

Captured communications, transaction patterns, and order patterns feed a MiCA market-abuse surveillance layer. Specific detection patterns address insider-information signals, pump-and-dump promotional activity, and coordinated social-media promotional campaigns.

5. Finfluencer and affiliate supervision

Pre-engagement diligence, written agreement, pre-publication review, post-publication monitoring, retention. The CASP's responsibility extends to the third-party-distributed surface as fully as to its direct communications.

6. AML-integrated retention and supervisory documentation

The retention infrastructure covers white papers, marketing communications, captured communications, surveillance records, STOR-decision documents, insider lists, and the AML books and records on a single audit trail.

The six pillars share a common architecture: a policy library tied to the regulatory framework, a review platform that applies the library, a captured-archive layer that holds the evidence, a supervisory-review layer that produces the audit trail, and an export format that satisfies the examiner's request.

How Sedric helps

Sedric is the AI compliance platform purpose-built for the regulatory stack CASPs operate inside. Cyprus-licensed CASPs run Sedric for marketing review, communications surveillance, and the integrated MiCA market-abuse surveillance overlay.

A MiCA-aware policy library. Sedric's rule library is mapped to Articles 7, 9, and 66 of MiCA, the white-paper consistency obligation, the crypto risk-warning standards, the ESMA April 2025 market-abuse guidelines, the Travel Rule requirements, and the AML framework. The library is configurable so the CASP can layer its own product-specific overlays — different risk warnings and disclosures for stablecoins, utility tokens, NFTs, staking products, and DeFi-adjacent services.

White-paper alignment in real time. The platform reads the white paper for each crypto-asset alongside the marketing content. Inconsistencies between marketing claims and the white-paper substance are surfaced before publication.

Pre-publication review across every channel and language. Every advertisement, post, video, and partner asset is reviewed against the MiCA framework in real time. Sedric processes content in the languages CASPs actually market in — English, Greek, German, French, Italian, Spanish, Portuguese, Dutch, Polish, Romanian, Russian, and others — natively.

Market-abuse surveillance under the April 2025 ESMA guidelines. The platform applies the MiCA market-abuse rule library to captured communications and trading activity, surfaces coordinated promotional patterns, and integrates with the firm's STOR-decision and insider-list workflows.

Finfluencer and affiliate supervision. The platform extends the same review-and-audit framework to third-party content, with diligence, written-agreement tracking, pre-publication review, post-publication monitoring, and retention.

Audit-ready export. Every flag, citation, decision, override, and approval is logged with timestamp and attributable decision-maker. The export is what a CySEC MiCA examiner asks for, in the form expected.

For Cyprus firms operating both as CIFs and as CASPs — a common pattern in the Cyprus market — Sedric provides a unified supervisory model across both regulatory regimes. The same policy library architecture, the same audit-trail format, and the same export structure cover MiFID II, MiCA, MAR, and the AML overlay on a single platform.

Frequently asked questions

When did MiCA enter full application for CASPs?

30 December 2024 for Title V (CASPs) and the supporting conduct, market-abuse, and supervisory titles. Titles III (ARTs) and IV (EMTs) entered application earlier, on 30 June 2024.

Is CySEC the National Competent Authority for MiCA in Cyprus?

Yes. CySEC is designated as the competent authority for MiCA in Cyprus, supervising CASP authorisation and ongoing conduct alongside its long-standing CIF and fund supervision.

What's the relationship between MiCA marketing rules and the MiFID II marketing rules?

The substantive standards are closely aligned. MiCA's Article 7/9/66 fair-clear-not-misleading standard, the requirement that marketing be identifiable as marketing, the white-paper-consistency obligation, and the risk-warning expectations are functionally close to the MiFID II Article 24 framework applied to traditional investment firms. The principal differences are in scope (MiCA covers crypto-asset services and crypto-asset issuance) and in the specific risk-warning content (calibrated to crypto-asset risk profiles).

Does our MiCA programme have to align with the white paper for every promotion?

Yes. The marketing-consistency obligation is substantive. Marketing that implies returns, features, rights, or characteristics that the white paper does not in fact contain is non-compliant.

What does the April 2025 ESMA market-abuse guidance change?

The guidelines elaborate Title VI of MiCA — the market-abuse regime for crypto-assets — including criteria for inside information in the crypto context, specific market-manipulation patterns (wash trading, spoofing, pump-and-dump, coordinated social-media promotion), STOR-equivalent obligations, and insider-list requirements. CASPs and other relevant persons need surveillance arrangements that detect and report the patterns the guidelines describe.

How does finfluencer supervision under MiCA differ from finfluencer supervision under MiFID II?

The substantive operational pattern is the same — pre-engagement diligence, written agreement, pre-publication review, post-publication monitoring, retention — with crypto-specific overlays for the white-paper alignment and the market-abuse coordinated-promotion patterns the April 2025 guidelines specifically flag.

Does the Travel Rule apply to all CASP transfers?

The Travel Rule (Regulation (EU) 2023/1113) applies to crypto-asset transfers between CASPs and between a CASP and a self-hosted address (subject to specific thresholds for self-hosted), regardless of amount in the CASP-to-CASP case. The full operational detail is in the regulation itself.

What about CFDs on crypto-assets?

CFDs on crypto-assets are not crypto-assets under MiCA — they are financial instruments under MiFID II. They are subject to the ESMA / CySEC product-intervention measures for CFDs, including the 2:1 leverage cap for retail and the standardised CFD risk warning. A firm that offers both crypto-asset services under MiCA and CFDs on crypto-assets under MiFID II is subject to both regimes concurrently.

How does the AML Regulation interact with MiCA?

The AML Regulation (EU) 2024/1624 and AMLA establish the EU-level AML framework that CASPs operate under, in parallel with the MiCA conduct-of-business and market-abuse regime. The two regimes are complementary: MiCA addresses authorisation, conduct of business, marketing, and market abuse; the AML framework addresses customer due diligence, ongoing monitoring, suspicious-activity reporting, and beneficial-ownership transparency.

What does a CySEC MiCA examination look like in practice?

CASP examinations are document- and evidence-led, similar to CIF examinations. CySEC examiners typically request: the firm's MiCA authorisation documentation and the supervisory communications since authorisation; samples of marketing communications across channels with the supervisory-review log; the white papers for the crypto-assets being promoted and evidence of marketing-white-paper alignment; the finfluencer and affiliate agreements and supervisory file; the market-abuse surveillance configuration and a sample of recent STOR decisions; the AML programme documentation; and the books-and-records retention configuration.

How does CySEC MiCA supervision interact with the EU framework?

CySEC is part of ESMA and the broader European System of Financial Supervision. ESMA's MiCA Q&A documents and guidelines (including the April 2025 market-abuse guidelines) are persuasive in CySEC supervision. ESMA-level convergence work on crypto-asset classification, marketing standards, and market abuse flows through to CySEC's national supervisory practice.

What's the simplest way to think about the regulatory stack for a Cyprus CASP that's also a CIF?

Two parallel regimes on shared infrastructure. MiFID II / CIF Law / MiFIR / ESMA CFD product intervention govern the investment-services side. MiCA / Article 66 / ESMA April 2025 guidelines / Travel Rule / AMLR govern the crypto side. MAR applies to the investment side; MiCA Title VI applies to the crypto side (with substantively similar architecture). The capture, retention, supervisory-review, and audit-trail infrastructure can be shared across both — and is, in practice, where Sedric is most often deployed for such firms.

Building or running a CySEC-licensed CASP?

Sedric is the AI compliance platform purpose-built for the MiCA framework and the broader regulatory stack Cyprus-licensed CASPs operate inside. Our platform reviews marketing communications against the MiCA marketing rules and the white paper before publication, supervises finfluencer and affiliate content, runs market-abuse surveillance under the ESMA April 2025 guidelines, and produces the audit trail a CySEC examination expects.

Book a working session with our team. We'll walk through your white papers, your marketing surfaces across every language and channel, your finfluencer arrangements, and your surveillance configuration — with citations to the specific MiCA provision or ESMA guideline for every flag, and a sample of the audit export your firm would hand to a CySEC examiner.

Book a demo · For crypto firms · For trading and wealth-management firms