Home / All CMS Expert Guides / CMS Expert Guide to Crypto Regulation /
Germany

CMS Expert Guide to Crypto Regulation in Germany

Table of contents
  1.  How is crypto regulated?
  2.  Are the following activities regulated or unregulated in your jurisdiction? ― Exchange (buy/sell) ― Custody (hold) ― Borrowing/lending ― Yield/staking
  3. How long would establishing a cryptoasset business/obtaining a license in your jurisdiction take?
  4. What would be the approximate overall cost of obtaining a licence?
  5. What is the probability (%) of success in obtaining a licence?
  6. What other limitations are there in your jurisdiction when looking to set up a cryptoasset business? E.g., Compliance requirements and physical presence
Germany
Add jurisdiction
Choose a jurisdiction to compare with

Disclaimer: This chapter was last updated on 5 September 2023 and does not reflect any subsequent developments. The information provided is intended for general informational purposes and should not be construed as legal advice.

1. How is crypto regulated?

AML RegulationFinancial Services Regulation
The Money Laundering Act (GwG) and the Regulation on Enhanced Duties of Care concerning the Transfer of Crypto Assets (KryptoWTransferV) are the relevant AML regulations.Most crypto assets are regulated as financial instruments in Germany. Therefore, certain activities are considered financial services that require permission from the German Federal Financial Supervisory Authority (BaFin). In particular, the German Banking Act (KWG) and the Securities Institutions Act (WpIG) are crucial.

2. Are the following activities regulated or unregulated in your jurisdiction? ― Exchange (buy/sell) ― Custody (hold) ― Borrowing/lending ― Yield/staking

AML RegulationFinancial Services Regulation

AML obligations must be complied with if the applicant is located in Germany and if it is a regulated institution (section 2 (1) GwG). In all other cases, limited AML requirements can apply, for example depending on the value of the cryptoassets or in case of NFTs which qualify as art.

Many of these restrictions will also apply under the EU MiCA regulation. 

  • Exchange (buy/sell)
    Yes, the exchange of crypto assets usually requires permission from BaFin as such activity mostly qualifies as proprietary trading or brokerage or operation of a MTF, as the case may be.
  • Custody (hold)
    Yes, a custody license needs to be obtained from BaFin. Custody of crypto assets as a service for third parties, as well as managing third party rights deriving from crypto assets, require a BaFin licence. Also, services that provide digital storage of private keys or custody of physical data carriers, on which private keys are stored, constitute regulated activities. Companies that offer storage space only (e.g., webhosting or cloud-services), do not require a BaFin license if they do not explicitly offer storage of private keys. Manufacturers and sellers of hardware or software for self-custody do not require a license if they do not have access to the crypto assets stored by users.
  • Borrowing/lending
    There are structures which do not require a license, but there is no guidance from the regulator yet.
  • Yield/staking
    There are structures which do not require a license, but there is no guidance from the regulator yet.

Many of these restrictions will also apply under the EU MiCA regulation. 

3. How long would establishing a cryptoasset business/obtaining a license in your jurisdiction take?

AML RegulationFinancial Services Regulation
 Obtaining one or more of the aforementioned licenses typically takes 6 to 18 months.

4. What would be the approximate overall cost of obtaining a licence?

AML RegulationFinancial Services Regulation
 Depending on the type of license required, plus costs for, in particular, IT and HR.

5. What is the probability (%) of success in obtaining a licence?

AML RegulationFinancial Services Regulation
 

High. The biggest roadblocks (in our experience) are:

  • No sufficient IT.
  • Unsuccessful ownership control procedure.
  • Lack of qualified management.

6. What other limitations are there in your jurisdiction when looking to set up a cryptoasset business? E.g., Compliance requirements and physical presence

AML RegulationFinancial Services Regulation
 There are a number of compliance requirements, in particular the requirement to have a physical presence in Germany (except in the case of EU passporting) and the requirement to demonstrate to BaFin a certain amount of initial capital and management reliability.
EU consumer protection laws need to be complied with. 
 

Authors

Show more Show less
Portrait ofMarkus Kaulartz
Dr. Markus Kaulartz
Partner
Munich
Benedikt Holl