Governments are cracking down on crypto with tougher reporting requirements, stricter due diligence, and restrictions on overseas operations.
New regulations are targeting crypto companies, as governments seek to bring greater transparency and oversight to the shadowy digital asset world. Companies must stay informed and rapidly decode the shifting regulatory maze.
Lexology PRO details five key upcoming compliance deadlines in cryptocurrency and virtual asset regulation for your calendar.
See our new interactive Compliance Calendar for key deadlines and dates in core compliance areas throughout, including enforcement dates, reporting deadlines and changes to regulations.
Singapore to block unlicenced platforms from overseas deals on 30 June 2025
Cryptocurrency service providers in Singapore must cease overseas operations by 30 June 2025 unless they hold a digital token service provider (DTSP) licence. This applies to both local and foreign firms operating in Singapore.
Companies servicing overseas customers must obtain a licence from the Monetary Authority of Singapore (MAS), under Section 137 of the Financial Services and Markets Act 2022 – but domestic operations remain permitted for unlicenced companies.
There is no transition period and all crypto service providers must comply with the upcoming deadline.
Non-compliant businesses face fines of up to 250,000 Singaporean dollars (US$194,463). Company directors or sole proprietors who operate unlicenced digital token services to overseas markets face imprisonment of up to three years.
Strict reporting obligations for EU providers take effect on 30 June 2025
Crypto asset service providers (CASPs) operating in the European Union (EU) must comply with new reporting requirements under the Markets in Crypto-Assets Regulation 2023 (MiCA) by 30 June 2025.
CASPs must submit Pillar 3 disclosures via the European Banking Authority’s (EBA) new centralised Pillar 3 data hub, which will streamline data collection and submissions from across the bloc.
Pillar 3 disclosures provide insights into a company’s risk profile and sustainability strategies. To prepare, CASPs should review the EBA’s ITS 4.1 framework and update their internal reporting systems accordingly.
Norway enacts two major laws on 1 July 2025
Norway will enforce the Crypto-Assets Act and an amended Anti-Money Laundering Act 2018 from 1 July 2025, aligning with two EU regulations: MiCA and the Transfer of Funds Regulation (TFR II).
The Crypto-Assets Act introduces stricter licensing and operational standards for CAPS. CASPs must now implement robust systems to collect, verify and store detailed information about the sender and recipient of crypto transfers.
The amended Anti-Money Laundering Act brings CASPs and crypto transactions within the scope of Norway’s anti-money laundering (AML) framework. CASPs face the same obligations as banks and other financial institutions. They must carry out thorough customer due diligence, monitor transactions for suspicious activity and file suspicious activity reports.
Finland to enforce binding EBA sanctions guidelines from 30 December 2025
CASPs in Finland must comply with new EBA guidelines on sanctions compliance from 30 December 2025. While not an EU directive, these guidelines are binding under existing EU legislation.
It means CASPs must establish internal policies and controls – including customer and transaction screening, risk assessments and ongoing due diligence – to detect and prevent transactions involving sanctioned individuals or entities.
Companies should review and adapt their internal procedures to meet these new standards.
UK CASPs face stricter tax reporting requirements from 1 January 2026
CASPs operating in the UK or servicing UK customers must collect customer identification data and report to HM Revenue & Customs (HMRC) under the OECD Crypto-Asset Reporting Framework (CARF).
This includes personal and transactional information for UK tax residents and those in CARF-participating jurisdictions, plus annual summary reports on all crypto transactions. They must also submit annual summary reports to HMRC detailing customer information and crypto-asset transactions.
The first reporting deadline is 31 May 2027, covering activity from 1 January to 31 December 2026.