Authorization Permits for Crypto Asset Service Providers in Sweden: Understanding the Role of Finansinspektionen under MiCA

The European Union has entered a new phase of financial regulation with the introduction of the Regulation on Markets in Crypto Assets, commonly known as MiCA. This regulation is designed to bring clarity, consistency, and investor protection to a market that has developed at great speed but without the same level of oversight as traditional financial services. As MiCA becomes effective across the Union, national authorities such as Finansinspektionen in Sweden take on the central role of granting authorization to firms that want to provide crypto asset services.

This article aims to explain what MiCA is, how Finansinspektionen implements it in Sweden, the transitional arrangements, the permit application process, and the ongoing obligations for firms that are authorized. It also discusses the implications of this regulatory framework for the Swedish crypto market and the broader European financial landscape.

What is MiCA?

MiCA is a regulation adopted by the European Union to create a harmonized framework for the issuance of and trading in crypto assets. The regulation covers authorization requirements for crypto asset service providers, rules for the issuance of asset referenced tokens, electronic money tokens, and utility tokens, and obligations that apply to those who provide services to
the public in these assets.

MiCA applies to all member states of the Union, and its goal is to prevent regulatory fragmentation by replacing the patchwork of national rules that previously applied. The regulation introduces strong provisions on governance, prudential safeguards, transparency, and conduct of business. It is designed to protect consumers, maintain market integrity, and ensure financial stability while at the same time allowing innovation to thrive.

The regulation became applicable in stages, with certain provisions starting from June 2024 and full application by December 2024. By creating a single rulebook, MiCA enables companies that are authorized in one member state to provide services throughout the Union through a passporting mechanism. For firms that want to operate in Sweden, this means that Finansinspektionen becomes the main point of contact for the application process and for ongoing supervision.

Regulatory Context in Sweden

In Sweden, Finansinspektionen is the competent authority responsible for implementing MiCA. Under the Swedish framework, a company that wants to provide crypto asset services must obtain a permit from Finansinspektionen unless the company is already subject to certain other forms of financial regulation. Even firms that are already licensed for other activities must at minimum notify Finansinspektionen if they want to provide crypto asset services.

Crypto asset services covered by MiCA include custody and administration of crypto assets, operation of a trading platform, exchange of crypto assets for funds or other crypto assets, execution of orders on behalf of clients, placing of crypto assets, reception and transmission of orders, and providing advice or portfolio management on crypto assets.

Finansinspektionen requires that all providers of these services comply with strict rules on anti money laundering and counter terrorist financing. Sweden has already introduced national measures in these areas, and by December 2024 the rules are fully aligned with MiCA. This ensures that crypto asset service providers are subject to the same obligations on customer due diligence, monitoring, and reporting as banks and other financial institutions.

Transition and Grandfathering Provisions

The MiCA framework recognizes that many firms are already active in the crypto asset sector. To ensure a smooth transition, the regulation includes specific provisions that allow existing companies to continue their activities for a limited time while they prepare and submit their applications.

In Sweden, the key dates are December 2024 and September 2025. Companies that were providing crypto asset services before the end of December 2024 may continue to do so as long as they submit a complete application for authorization to Finansinspektionen by the end of September 2025. These companies are allowed to continue operating while their applications are under review, provided the applications were submitted before the October deadline.

This transition period is important because it allows firms to adapt their internal procedures, governance structures, and compliance frameworks to the detailed requirements of MiCA without an immediate interruption of their services. At the same time, Finansinspektionen is able to build capacity and develop supervisory practices in line with the new regulation.

Authorization Process with Finansinspektionen

The process of obtaining authorization from Finansinspektionen is rigorous and designed to ensure that only firms with solid business models, sound governance, and adequate financial resources are allowed to operate.

Applicants must submit a detailed application that covers the following elements:

• Capital adequacy: The company must show that it has sufficient own funds to meet the prudential requirements set by MiCA. The level of capital required depends on the type of services offered.
• Business plan: The company must present a comprehensive business plan that describes the services, target clients, expected volumes, risk management, and financial projections.
• Ownership and management: Information about the owners and managers must be disclosed. Owners must be suitable and managers must have the necessary competence and experience.
• Internal controls and governance: The company must explain how it will ensure compliance with legal requirements, manage risks, and safeguard clients’ assets.When an application is received, Finansinspektionen issues a diary number and assigns a case handler. The applicant is informed about the applicable fees and is asked to pay only after receiving this confirmation. Finansinspektionen may request additional information and clarifications before making a decision.

If authorization is granted, the firm is entered into the official register of crypto asset service providers and may begin offering services in Sweden and across the Union under the passporting regime.

Post Authorization Obligations under MiCA

Authorization is only the first step. Firms that receive permits must continuously comply with a wide range of obligations under MiCA. These obligations are designed to protect clients, ensure market integrity, and reduce systemic risk.

Governance and Organization

Authorized firms must have governance arrangements that are proportionate to their size and the nature of their services. This includes effective internal control systems, risk management policies, and business continuity arrangements. In particular, firms must have strategies to ensure the resilience of their information and communication technology systems and to
protect against operational disruptions.

Safeguarding of Client Assets

Firms that provide custody and administration of crypto assets must keep clients’ assets separate from their own, must enter into clear custody agreements with clients, and must have procedures in place to deal with potential losses. Transparency about how assets are held and how clients can exercise their rights is required at all times.

Trading Platforms

Operators of trading platforms must comply with rules that ensure fair and orderly trading. They must maintain transparent order books, publish information about prices and trades, and ensure that their systems are resilient and secure. They must also have non discriminatory access policies and effective monitoring of trading activities to detect and prevent abuse.

Advisory and Portfolio Management Services

Firms that provide advice or portfolio management must assess the suitability of the services for their clients. They must disclose all costs and charges, manage conflicts of interest, and provide clear risk warnings. Advisors must have adequate knowledge and competence to guide clients in a responsible way.

Reporting and Transparency

Authorized firms must regularly report to Finansinspektionen and provide the information necessary for supervision. They must also publish information about their services and policies in a clear and accessible form so that clients can make informed decisions.

Implications for Market Entry and Cross Border Operations

The new framework has major implications for companies that want to enter the Swedish market. By applying for a permit with Finansinspektionen, a company can gain access not only to Sweden but to the entire Union. This is a significant opportunity for growth and for the development of pan European business models. For Swedish investors and consumers, the framework provides increased protection. They can have greater confidence that the firms they deal with are subject to strict oversight, have adequate resources, and are obliged to act in their clients’ best interests.

For the broader market, MiCA reduces the risk of regulatory arbitrage, where companies might previously have chosen to operate in the jurisdiction with the least demanding rules. Now the same requirements apply across the Union, which supports a level playing field.

The Bottom Line

The introduction of MiCA and its implementation by Finansinspektionen marks a turning point for the crypto asset industry in Sweden and across Europe. For the first time, there is a comprehensive and harmonized regulatory framework that governs how crypto assets can be issued and how services can be provided to the public.

In Sweden, companies that wish to operate as crypto asset service providers must obtain authorization from Finansinspektionen or at least notify it if they already have other types of financial licenses. They must meet demanding standards of capital, governance, and transparency, and they must continue to comply with these standards after authorization.
The transition period until September 2025 allows existing firms to adjust and apply without disruption to their services, but ultimately every provider will need to be authorized to continue operating.

For the market, the benefits are clear. Investors gain stronger protection, firms gain the possibility of cross border expansion, and the financial system gains greater stability. MiCA and Finansinspektionen together create a framework that balances innovation and security, setting the stage for the next phase of development in the digital finance sector.

References:

1. MiCA Regulation – https://eur-lex.europa.eu/legalcontent/EN/TXT/HTML/?uri=CELEX:32023R1114
2. Kryptotillgångar och kryptotillgångstjänster – https://www.fi.se/sv/betalningar/soktillstand/kryptotillgangar-och-kryptotillgangstjanster
3. FI – Frågor och svar – https://www.fi.se/sv/betalningar/sok-tillstand/kryptotillgangar-ochkryptotillgangstjanster/fragor-och-svar
4. Mica according to FI website – https://www.fi.se/sv/betalningar/kryptotillgangar/mica