Greece has introduced a stricter licensing framework for cryptocurrency service providers, bringing the country fully in line with the European Union’s MiCA regulation, which recently came into force across all member states.
The Hellenic Capital Market Commission announced the new rules in the Government Gazette, setting out a detailed procedure for exchanges, wallet operators and other crypto businesses that want to operate legally in the country. Under the framework, companies such as Binance or digital wallet platforms will now have to undergo a multi-stage approval process before offering services to Greek clients.
The process begins with a preliminary online meeting with the Commission, during which firms present their business model, explain how they intend to comply with EU standards and outline the services they plan to provide. Although the meeting is not binding, it is designed to prevent errors in the formal application that follows and to give both sides an opportunity to clarify possible concerns early on.
Applicants are then required to submit a comprehensive dossier including details on corporate structure, board members, services offered, financial records, and policies for customer protection and transaction security. Companies offering staking services, for example, will need to demonstrate how they intend to safeguard client assets and prevent their misuse.
The Commission has five working days to acknowledge receipt of an application and up to 25 days to verify that the documentation is complete. If information is missing, firms are given 20 days to provide it. Once the application is deemed complete, regulators have 40 business days to conduct a full evaluation and issue a decision on whether to grant or deny a license. The outcome is then communicated within five days.
In an effort to increase transparency, all required forms and questionnaires will be published on the Commission’s website, including a standardized application template. Applicants will have to provide not only their legal status and management structure, but also a three-year business plan, information on operations in other jurisdictions, intentions to expand outside the EU, and contingency measures for risks such as cyberattacks or money laundering.
