Glossary

Markets in Crypto-Assets Regulation. EU-wide framework regulating crypto-asset issuance and service provision. Classifies tokens as Utility, EMT, or ART. Applies from June 2024 (stablecoins) and December 2024 (CASP).

Crypto-Asset Service Provider. Any entity providing crypto services (exchange, custody, advisory, transfer, portfolio management) under MiCA. Requires NCA authorization, capital minimums (€50K–€350K), and AML compliance.

E-Money Token. A crypto-asset that stabilizes its value by referencing a single official currency. Electronic substitute for cash. Can be used for payments. Issuer must be an EMI or credit institution. RLUSD is an example on XRPL.

Asset-Referenced Token. A crypto-asset that stabilizes its value by referencing other values, rights, or assets (including other crypto-assets). Requires NCA authorization. Stricter rules than utility tokens.

Significant E-Money Token. An EMT classified as significant by ESMA/EBA (>€5B market cap or >10M holders). Subject to enhanced requirements: higher capital, liquidity management, ECB oversight.

Significant Asset-Referenced Token. An ART classified as significant (>€5B or >10M holders). Subject to enhanced capital, governance, and EBA direct supervision.

Digital Asset Service Provider. French (AMF) pre-MiCA regulatory framework for crypto service providers. Includes PSAN registration. Being replaced by MiCA CASP regime.

Prestataire de Services sur Actifs Numériques. French AMF registration for digital asset service providers. Transitional regime before full MiCA implementation.

EU sandbox allowing tokenised securities to be traded on DLT-based infrastructures under simplified requirements. Temporary regime to test blockchain-based financial market infrastructure.

Jeux à Objets Numériques Monétisables — French regime under the SREN law (adopted May 2024) for games with monetizable digital objects. 3-year experimental regime regulated by the **ANJ** (Autorité Nationale des Jeux). 3 cumulative criteria for gambling reclassification: public offer + chance-based gain + financial sacrifice. Sorare/ANJ precedent (2022).

EU regulation requiring a prospectus for public offerings of securities above €8M (or €1M in some member states). Applies to security token offerings (STOs).

Markets in Financial Instruments Directive II. EU framework governing investment services and financial markets. Applies to security tokens and tokenised securities alongside MiCA.

Payment Services Directive 2. EU directive regulating payment services. Applies when crypto services involve fiat currency conversion. PSD3 update in progress.

Payment Services Directive 3. Upcoming update to PSD2 with enhanced consumer protection and open banking requirements.

Electronic Money Institution. A licensed entity authorized to issue electronic money (including stablecoins) under EU EMD/PSD framework. Required for EMT issuance under MiCA.

European Securities and Markets Authority. EU financial regulatory body overseeing MiCA implementation, CASP supervision, and S-ART/S-EMT designation.

Autorité des Marchés Financiers. French financial regulator. NCA for MiCA in France. Administers DASP/PSAN registration.

National Competent Authority. The national regulatory body responsible for implementing MiCA in each EU member state (e.g., AMF in France, BaFin in Germany).

Autorité Nationale des Jeux (France). The French gambling regulator. Supervises the JONUM regime (2024-2027 experimental period) for games with monetizable NFTs. Previously investigated Sorare in 2022, which triggered the creation of JONUM under the SREN law.

Loi SREN (Sécuriser et Réguler l'Espace Numérique) — French digital regulation law adopted in May 2024. Creates the JONUM regime (3-year experimental framework for games with monetizable digital objects), overseen by ANJ.

Bundesanstalt für Finanzdienstleistungsaufsicht. Germany's federal financial supervisory authority. NCA for MiCA in Germany; also supervises the national crypto custody licence.

Commission de Surveillance du Secteur Financier. Luxembourg financial regulator. NCA for MiCA in Luxembourg; administers the VASP registration regime (Law of 25 March 2020).

Malta Financial Services Authority. Malta's single financial regulator. NCA for MiCA in Malta; previously administered the VFA Act (2018) and its CASP-equivalent licence.

Central Bank of Ireland. Ireland's central bank and financial regulator. NCA for MiCA in Ireland; administers VASP registrations and payment/e-money institution licensing.

Bank of Lithuania. Lithuania's central bank and financial regulator. NCA for MiCA in Lithuania — a popular jurisdiction for crypto and EMI passporting in the EU.

Finanzmarktaufsicht Liechtenstein. Liechtenstein's Financial Market Authority. Supervises the TVTG (Token and Trusted Technology Service Providers Act) and registers the 14 types of token service providers it defines.

US Supreme Court test (1946) to determine if a transaction qualifies as a security. 4 criteria: investment of money, in a common enterprise, with expectation of profit, from efforts of others. Central to SEC crypto enforcement.

Financial Crimes Enforcement Network. US Treasury bureau enforcing BSA/AML. Requires MSB registration for crypto exchanges and money transmitters.

Money Services Business. FinCEN registration required for entities dealing in money transmission, currency exchange, or stored value. Applies to crypto exchanges and payment services.

Money Transmitter Licence. State-level licence required in ~48 US states for money transmission including crypto. Must be obtained per state. Time-consuming and expensive.

New York State Department of Financial Services (NYDFS) licence for businesses involved in virtual currency activities in New York. One of the strictest state-level crypto licences.

Bank Secrecy Act. US federal law requiring financial institutions to maintain AML programs, file SARs, and implement KYC procedures.

Suspicious Activity Report. Mandatory filing with FinCEN when a financial institution detects potentially suspicious transactions above certain thresholds.

Office of Foreign Assets Control. US Treasury office administering economic sanctions. Crypto businesses must screen transactions against OFAC sanctions lists.

Securities and Exchange Commission. US federal regulator of securities markets. Classifies tokens as securities via the Howey Test and drives crypto enforcement (SEC v. Ripple, SEC v. Coinbase).

Commodity Futures Trading Commission. US federal regulator of derivatives markets. Classifies Bitcoin and Ether as commodities; oversees crypto futures, options and swaps.

Office of the Comptroller of the Currency. US federal banking regulator. Issues national trust charters including the special-purpose crypto charters used by custodians like Anchorage and Paxos.

New York State Department of Financial Services. NY state financial regulator. Created and administers the BitLicense regime — one of the strictest crypto licensing frameworks in the US.

Virtual Asset Service Provider. FATF term for entities providing virtual asset services including exchange, transfer, custody, and issuance. Broadly equivalent to CASP in EU terminology.

Financial Action Task Force. International body setting AML/CFT standards. Defines VASPs and the Travel Rule. Recommendations adopted by most jurisdictions.

FATF Recommendation 16. Requires VASPs/CASPs to exchange originator and beneficiary information for crypto transfers. Thresholds: >€1K (EU), >$3K (US), varying elsewhere.

Anti-Money Laundering. Legal framework requiring financial institutions and VASPs to prevent money laundering through KYC, transaction monitoring, and suspicious activity reporting.

Combating the Financing of Terrorism. Regulatory obligations complementing AML to detect and prevent terrorist financing through financial systems including crypto.

Know Your Customer. Process of verifying the identity of clients. Required by all regulated crypto service providers. Includes document verification, risk assessment, and ongoing monitoring.

Know Your Business. Extended KYC for business clients, including verification of corporate structure, beneficial ownership, directors, and source of funds.

Token- und VT-Dienstleistergesetz (Liechtenstein). The Token and Trusted Technology Service Providers Act. World's most comprehensive token legislation. Defines 14 types of service providers and the 'Token Container Model'.

Swiss Financial Market Supervisory Authority. Swiss regulator overseeing DLT Act, FinTech licences, and crypto token classification (payment/utility/asset).

Verein zur Qualitätssicherung von Finanzdienstleistungen. Swiss self-regulatory organization for AML compliance. Membership provides AML compliance framework for crypto businesses.

Self-Regulatory Organization. Swiss AML compliance framework bodies (e.g., VQF). Membership required for crypto businesses acting as financial intermediaries.

Monetary Authority of Singapore. Central bank and financial regulator. Administers the Payment Services Act (PSA) governing DPT services.

Digital Payment Token. MAS classification for crypto-assets under the Payment Services Act. XRP is classified as DPT in Singapore.

Securities and Futures Commission of Hong Kong. Regulator for VASP licensing (VATP), securities, and investment management.

Hong Kong Monetary Authority. Central banking institution. Co-regulates stablecoins with SFC. Administers stored value facility (SVF) licences.

Anti-Money Laundering and Counter-Terrorist Financing Ordinance. Hong Kong's AML law covering VASPs. Basis for SFC VASP licensing regime.

Financial Conduct Authority. UK financial regulator. Administers cryptoasset registration, Consumer Duty, and CASS custody rules.

Client Assets Sourcebook. FCA rules for safeguarding client assets. Being extended to cover cryptoasset custody in the UK.

Virtual Assets Regulatory Authority (Dubai). Dubai-specific regulator for virtual asset services. Issues VASP licences with tech audit requirements.

Anti-Money Laundering Act (Switzerland). Swiss federal AML law governing financial intermediaries including crypto businesses. Basis for VQF/SRO membership requirements.

Dubai Financial Services Authority. Regulator of the DIFC free zone (Dubai International Financial Centre). Issues DIFC-specific crypto and fund licences — distinct from the UAE-mainland VARA regime.

Cayman Islands Monetary Authority. Primary financial regulator of the Cayman Islands. Administers the Virtual Asset (Service Providers) Act — common offshore domicile for token issuers and crypto funds.

Bermuda Monetary Authority. Financial regulator of Bermuda. Administers the Digital Asset Business Act (DABA, 2018), an early and comprehensive crypto licensing framework.

Financial Services Agency (Japan). Japan's integrated financial regulator. Administers the Payment Services Act and Financial Instruments and Exchange Act for crypto exchanges and stablecoin issuers.

Japan Virtual and Crypto Assets Exchange Association. Self-regulatory organization for licensed crypto exchanges in Japan. Required membership for FSA-registered exchanges.

Financial Services Commission (South Korea). Korea's top financial regulator. Together with KoFIU, administers the Specified Financial Information Act (VASP registration) and the upcoming Virtual Asset User Protection Act.

Korea Financial Intelligence Unit. Korean AML/FIU body under the FSC. Maintains the VASP register and enforces AML/CFT reporting obligations on crypto exchanges.

Australian Securities and Investments Commission. Australia's corporate, markets and financial services regulator. Determines which crypto tokens qualify as financial products; administers AFS licensing.

Australian Prudential Regulation Authority. Australia's prudential supervisor of banks, insurers and super funds — relevant for stablecoin issuers and banks providing crypto services.

Australian Transaction Reports and Analysis Centre. Australia's AML/CTF regulator and FIU. Digital currency exchanges must register with AUSTRAC and meet AML/CTF program obligations.

Financial Intelligence Unit — India. India's AML/FIU body under the Ministry of Finance. Virtual Asset Service Providers serving Indian users must register with FIU-IND under PMLA.

Commissione Nazionale per le Società e la Borsa (Italy). Italy's securities and markets regulator. Joint MiCA NCA with Banca d'Italia for CASP authorisation. Approves prospectuses for tokenised securities under the TUF (D.Lgs. 58/1998); supervises ICOs and digital-asset service providers post-MiCA.

Italy's central bank. Joint MiCA NCA with CONSOB for CASP authorisation (custody scope). Sole NCA for stablecoin (EMT/ART) issuance and Payment Institution licensing. Issued the first sovereign tokenised bond on DLT Pilot Regime with CDP in Nov 2024.

Organismo Agenti e Mediatori (Italy). Italy's pre-MiCA register for crypto-asset service providers (Decree 13/2022). Active during the MiCA transitional period (until July 2026) — providers must remain OAM-registered until they obtain a CASP licence.

Agenzia delle Dogane e dei Monopoli (Italy). Italy's customs and gambling authority. Issues TUR / Skill Game / Lottery concessions for any gambling-adjacent activity, including crypto-gaming with chance-based monetisable mechanics.

Autorità per le Garanzie nelle Comunicazioni (Italy). Italy's communications authority. Regulates media platforms and digital content services — relevant for NFT marketplaces classified as content platforms or for fungible-equivalent NFT collections.

Testo Unico della Finanza (Italy, D.Lgs. 58/1998). Italy's Consolidated Financial Act. Defines what constitutes a 'financial instrument' and triggers prospectus + MiFID II obligations. Tokenised securities follow TUF + Prospectus Regulation 2017/1129; outside MiCA per Art. 2(4)(a).

Saudi Central Bank (Saudi Arabian Monetary Authority). Saudi Arabia's central bank and integrated financial regulator. Oversees banking, payment services and stablecoin matters; co-leads the upcoming VASP framework with CMA. Issued a 2018 advisory cautioning against unregulated crypto.

Fintech Saudi (regulatory sandbox). Saudi Arabia's flagship fintech sandbox, jointly run by SAMA + CMA. Case-by-case admission for crypto pilots — the canonical entry path for any crypto product targeting Saudi residents until a formal VASP framework is enacted.

General Commission for Audiovisual Media (Saudi Arabia). Saudi authority for audiovisual content and game publishing. Authorises game publishers and content platforms — relevant for crypto-gaming non-gambling and NFT content services.

Saudi Esports Federation. Saudi authority for esports activities. Issues authorisations for skill-based competitive gaming (vs gambling-prohibited chance-based gaming, blocked by Sharia + Saudi law).

Philippine Amusement and Gaming Corporation. Government-owned authority that regulates and licenses gambling in the Philippines. Issues onshore casino + online gaming licences and POGO (offshore-only) licences; relevant for crypto-gaming with monetisable mechanics.

Anti-Money Laundering Council (Philippines). Philippines' AML/FIU body under the BSP. Mandatory registration for any BSP-licensed VASP; enforces AMLA (RA 9160) reporting obligations including STR/SAR filings.

National Privacy Commission (Philippines). Independent body administering the Data Privacy Act (RA 10173). Oversees personal-data protection for any platform serving Filipino users — relevant for KYC/AML data handling.

Securities and Exchange Commission of Thailand. Thailand's securities regulator and primary crypto authority. Administers the Royal Decree on Digital Asset Businesses (May 2018) + RFA 2024 amendments. Issues Digital Asset Exchange / Broker / Dealer / Custodian licences and oversees ICO portal pre-approval.

Bank of Thailand. Thailand's central bank. Primary regulator for THB-pegged stablecoins, payment systems and FX-control rules. Co-regulator for cross-border payment and on/off-ramp activity alongside SEC Thailand.

Personal Data Protection Committee (Thailand). Independent body administering the Personal Data Protection Act (PDPA 2019, in force 2022). Oversees personal-data protection for any platform serving Thai users — relevant for KYC/AML data handling.

Financial Transactions and Reports Analysis Centre of Canada. Canadian AML regulator and FIU. Crypto exchanges must register as Money Services Businesses (MSB) with FINTRAC.

Canadian Securities Administrators. Umbrella of Canada's 13 provincial and territorial securities regulators. Sets the national policy for crypto-asset trading platforms (e.g., VRCA framework for stablecoins).

Ontario Securities Commission. Largest provincial securities regulator in Canada. Leads crypto trading platform oversight and enforcement within the CSA framework.

Investment Industry Regulatory Organization of Canada. Canadian SRO for investment dealers (merged into CIRO in 2023). Supervises dealers operating crypto trading platforms.

Banco Central do Brasil. Brazil's central bank. Lead regulator for virtual asset service providers under Law 14,478/2022 (Marco Legal das Criptomoedas).

Comissão de Valores Mobiliários. Brazilian securities regulator. Classifies tokens as securities and oversees token offerings that qualify as investment contracts.

Conselho Monetário Nacional. Brazil's National Monetary Council. Issues high-level monetary and financial policy resolutions that shape BCB crypto rule-making.

Israel Securities Authority. Israel's securities regulator. Applies the Israeli Securities Law (1968) — including a US-style Howey-like test — to determine which tokens qualify as securities. Lead regulator for STOs and security tokens issued from or to Israel.

Bank of Israel. Israel's central bank. Oversees payments, banking, and the digital shekel (CBDC) project. Co-regulates stablecoins and crypto payment activities with ISA and CMISA.

Israel Money Laundering & Terror Financing Prohibition Authority. Israel's AML/FIU body under the Ministry of Justice. Enforces the AML Order 2018 on crypto service providers — KYC/CDD + suspicious-transaction reporting.

Capital Market, Insurance and Savings Authority (Israel). Supervises non-bank financial services providers under the Financial Services Regulation (Regulated Financial Services) Law 2016 — covers crypto custody, trading services and money-services-style activities.

Commodity Futures Trading Regulatory Agency (Indonesia, Ministry of Trade). Indonesia's current crypto regulator: classifies crypto as a tradable commodity since 2018. Supervises licensed crypto exchanges (PFAK) and the Indonesia Crypto-Asset Futures Exchange (CFX). Oversight transitions to OJK in 2025 under Law 4/2023.

Otoritas Jasa Keuangan / Financial Services Authority (Indonesia). Indonesia's integrated financial regulator. Takes over crypto oversight from Bappebti in 2025 under UU P2SK / Law 4/2023 — landmark transition reframing crypto from 'commodity' to 'financial instrument'.

Bank Indonesia. Indonesia's central bank. Regulates payment systems, e-money issuers, and the rupiah digital (CBDC) project. Co-regulator for stablecoin and payment-related crypto activity alongside Bappebti / OJK.

Pedagang Fisik Aset Kripto / Physical Crypto Asset Trader (Indonesia). Bappebti licence category for licensed crypto exchanges in Indonesia. Strict requirements: local incorporation, IDR 100B paid-up capital, mandatory CFX membership.

Securities and Exchange Commission of Nigeria. Nigerian capital-markets regulator. Administers the 2022 Rules on Digital Assets (DASP registration, DACS custody, DAOP offering platforms) and the 2024 ARIP framework.

Central Bank of Nigeria. Nigeria's central bank. Issues the 2023 Guidelines on operations of bank accounts for virtual asset service providers (post-2021 ban lift) and oversees NGN fiat on/off-ramps.

Nigerian Financial Intelligence Unit. Nigeria's AML/FIU body. Receives suspicious transaction reports from VASPs and enforces MLPPA obligations.

Central Bank of Kenya. Kenya's central bank. Regulates payment service providers and is the key regulator for fiat-KES on/off-ramps integrating with crypto.

Capital Markets Authority (Kenya). Kenyan securities regulator. Classifies crypto tokens that qualify as securities and participates in the virtual asset regulatory roadmap.

Financial Sector Conduct Authority (South Africa). South Africa's market-conduct regulator. Declared crypto assets a 'financial product' in 2022; administers the FSP licence covering CASPs.

South African Reserve Bank. South Africa's central bank. Supervises exchange-control and payment-system aspects of crypto; co-regulates stablecoins with FSCA.

Financial Intelligence Centre (South Africa). South Africa's AML/FIU body. Enforces FICA (Financial Intelligence Centre Act) obligations on crypto asset service providers.

Bank of Ghana. Ghana's central bank. Operates the Regulatory and Innovation Sandbox (2023) for crypto/fintech and is the lead authority on the still-pending Virtual Asset Providers Act (draft 2024). Banking sector currently restricted from direct crypto exposure.

Securities and Exchange Commission of Ghana. Ghanaian capital-markets regulator. Will supervise security tokens and tokenised investment products under the upcoming VAPA framework. Joint custodian of the BoG/SEC sandbox programme.

Financial Intelligence Centre (Ghana). Ghana's AML/FIU body. Enforces the Anti-Money Laundering Act 2020 (Act 1044) including STR/SAR reporting from VASPs and digital-asset operators.

Banque des États de l'Afrique Centrale. Central bank of the CEMAC zone (Cameroon, Chad, CAR, Republic of Congo, Equatorial Guinea, Gabon). May 2022 ban prohibits crypto as a means of payment in CEMAC; banks cannot facilitate crypto transactions.

Commission Bancaire de l'Afrique Centrale. CEMAC's banking supervisor. Enforces BEAC's restrictions on crypto-banking interaction across all CEMAC member states, including Cameroon.

Agence Nationale des Technologies de l'Information et de la Communication (Cameroon). National ICT regulator. Oversees electronic-communication law and warns publicly against crypto activity in the absence of authorisation. Front-line enforcer for online crypto-related fraud.

Comisión Nacional de Valores. Argentina's securities regulator. Administers the PSAV (Proveedor de Servicios de Activos Virtuales) registry under Law 27.739 (March 2024) — the mandatory framework for crypto exchanges, brokers and custodians serving Argentine residents.

Banco Central de la República Argentina. Argentina's central bank. Strictly limits banking sector exposure to crypto (BCRA Communication 'A' 7506) and supervises FX & payment-system aspects of crypto activity.

Unidad de Información Financiera (Argentina). Argentina's AML/FIU. Issues Resolution 49/2024 imposing AML obligations on PSAVs (KYC, suspicious transaction reports, recordkeeping) in line with FATF Recommendation 15.

Proveedor de Servicios de Activos Virtuales (Argentina). Argentine VASP registration category created by Law 27.739 (March 2024) under CNV supervision. Mandatory for any entity offering crypto exchange, brokerage, transfer or custody to Argentine residents.

Comisión Nacional de Activos Digitales (El Salvador). National Digital Assets Commission created by the Digital Assets Issuance Law (LEAD, January 2023). Sole licensing authority for non-Bitcoin Digital Asset Service Providers (DASPs) and digital-asset issuers.

Banco Central de Reserva de El Salvador. El Salvador's central bank. Co-regulator with CNAD on payment-system aspects of digital assets and Bitcoin (legal tender since 2021).

Bitcoin Service Provider (El Salvador). Licence category under the Bitcoin Law (2021), separate from non-Bitcoin DASPs (which fall under LEAD/CNAD). Required for any business offering Bitcoin custody, exchange or payment services in El Salvador.

Proveedor de Servicios de Activos Digitales (El Salvador, LEAD). CNAD-licensed category for entities providing services on non-Bitcoin digital assets — exchange, custody, broker, transfer, advisory. Distinct from Bitcoin Service Providers (BSP), which fall under the 2021 Bitcoin Law.

Major Payment Institution. MAS-issued Singapore licence under the Payment Services Act for higher-volume digital payment token service providers (above SPI thresholds). Required by crypto exchanges and payment companies with material Singapore activity.

Standard Payment Institution. Entry-level MAS Singapore licence under the Payment Services Act for smaller digital payment token operators (below volume and float thresholds that would trigger MPI).

FCA's UK register for cryptoasset firms. Mandatory since 2020 for firms operating crypto exchanges, custody or related services in the UK. Focused on AML/CTF compliance rather than full prudential supervision.

SEC registration allowing a firm to act as a broker (agent for others) or dealer (principal) in securities transactions. Crypto Broker-Dealers handling tokenised securities must be registered and FINRA members (e.g., Securitize Markets).

SEC-registered entity that maintains records of share ownership and transfers securities between parties. For tokenised securities (RWA), the transfer agent function can be enforced on-chain via smart contracts.

Alternative Trading System. SEC-regulated trading venue that matches buyers and sellers of securities outside a national exchange. Crypto platforms handling tokenised securities often operate as an ATS (e.g., Securitize Markets).

National Trust Bank charter issued by the US Office of the Comptroller of the Currency. A federal (not state) licence allowing a crypto-native bank to operate as a regulated custodian for digital assets across all US states. First granted to Anchorage Digital in 2021.

BaFin's Germany-specific crypto custody licence — the first dedicated national crypto licence in the EU (2020). Coinbase Germany was the first holder (Jun 2021). Still applies in parallel with MiCA CASP for legacy German activities.

Lighter BaFin registration regime in Germany for crypto custody providers that predates the full Crypto Custody licence. Being phased into the MiCA CASP framework.

Kreditwesengesetz — Germany's Banking Act. Hosts § 1.1a (Crypto-Custody Licence, since Jan 1, 2020 — first dedicated EU national crypto licence) and § 32 (general banking-licence requirement). Now operates in parallel with MiCA: KWG § 1.1a holders auto-convert to MiCA CASP custody scope under Art. 143 transitional regime.

Elektronische-Wertpapiere-Gesetz (Electronic Securities Act, in force June 2021). Germany's pioneering legal framework for crypto-securities (Kryptowertpapiere) — securities issued on a DLT. Introduces the Kryptowertpapierregister (electronic register kept by a BaFin-licensed registrar like Cashlink or Tangany). Technology-neutral: any blockchain (Ethereum, Polygon, Stellar, XRPL) is admissible if the registrar supports it.

Crypto-security under the German eWpG. A security issued on a distributed ledger and registered in the Kryptowertpapierregister. Treated as a regular Wertpapier under WpHG (Securities Trading Act) — full disclosure, market-abuse, and prospectus rules apply. Not to be confused with MiCA crypto-assets (which are explicitly excluded from securities regulation).

Zahlungsdiensteaufsichtsgesetz — German Payment Services Supervision Act. Transposes PSD2 in Germany. Required for payment institutions (Zahlungsinstitut), e-money institutions (E-Geld-Institut). Crypto on/off-ramp providers and payment-rail operators serving German users from a German entity typically need a ZAG licence in addition to MiCA CASP.

Wertpapierhandelsgesetz — German Securities Trading Act. Defines the scope of 'Wertpapier' (securities) including Kryptowertpapiere under eWpG. Sets disclosure, market-abuse, and conduct rules for investment firms. Cornerstone of German securities regulation alongside WpPG (Prospectus Act).

Comisión Nacional del Mercado de Valores — Spain's securities and crypto-asset regulator. Acts as the Spanish NCA under MiCA. Issued Circular 1/2022 governing crypto-asset advertising to retail (pre-clear creative for campaigns > 100K users). Hosts the public registers of investment firms, fund managers, and authorised CASPs.

Ley del Mercado de Valores (Law 6/2023) — Spain's Securities Market Law (current text in force since 2023). Defines what constitutes a Spanish security, sets the prospectus regime (with EU Prospectus Regulation), and grants CNMV its supervisory powers. Tokenised securities issued in Spain are governed by this law (no dedicated electronic-securities act yet, unlike Germany's eWpG).

Servicio Ejecutivo de la Comisión de Prevención del Blanqueo de Capitales e Infracciones Monetarias — Spain's Financial Intelligence Unit. Receives Suspicious Activity Reports (SARs) from CASPs, banks, payment institutions and other AML-obligated entities. Spanish equivalent of FinCEN (US) or Tracfin (France).

Dirección General de Ordenación del Juego — Spain's national online gambling regulator (under the Ministry of Consumer Affairs). Issues general + specific gambling licences (poker, betting, casino) and enforces the strict 1% advertising-ratio cap from Royal Decree 958/2020. Crypto-gaming with cash-out value falls under DGOJ supervision.

Spanish tax declaration form — annual reporting of crypto-assets HELD ABROAD when their total value exceeds €50,000 at year-end (or with significant variation during the year). Required from individuals + companies tax-resident in Spain. Non-compliance fines start at €5,000 per data point. Exists alongside the older Modelo 720 (foreign bank/securities accounts).

Komisja Nadzoru Finansowego — Poland's Financial Supervision Authority. Acts as the Polish NCA under MiCA + supervises payment institutions (KIP), e-money issuers, investment firms, and the broader financial sector. Process notoriously slow but predictable; pre-application Sondieren-style consultations welcomed.

Krajowa Instytucja Płatnicza — Poland's national payment-institution licence, issued by KNF (transposing PSD2). Required to operate fiat payment services in Poland; combines with MiCA CASP for crypto rails. Lighter capital tiers than EMI (E-Geld-Institut equivalent).

Generalny Inspektor Informacji Finansowej — Poland's Financial Intelligence Unit. Receives Suspicious Activity Reports (SARs) from CASPs, banks, payment institutions and other AML-obligated entities. Polish equivalent of FinCEN (US) or Tracfin (France).

Narodowy Bank Polski — Poland's central bank. Coordinates with KNF on monetary-stability aspects of stablecoin issuance, oversight of significant payment systems, and the Polish złoty's role in cross-border crypto rails. Not the primary crypto regulator (KNF is) but indispensable for any PLN-pegged stablecoin project.

Polish income-tax declaration form for capital gains, including crypto. Crypto gains taxed at 19% flat (separate basket from other income — losses can offset crypto gains across years). Crypto-to-crypto NOT taxable until fiat-conversion (same logic as the French PFU). Filed annually by 30 April for the previous tax year.

Comisión Nacional Bancaria y de Valores — Mexico's banking and securities supervisor. Authorises Fintech Law institutions (ITF / IFPE / IFC) including crypto exchanges and custodians. CNBV is widely seen as one of the slowest LATAM regulators (12-24 month authorisations) but legally clear once granted.

Banco de México — Mexico's central bank. Issued Circular 4/2019 banning Mexican banks and IFTs from holding crypto on their own account, transacting in crypto with their customers, or using crypto for settlement. Coordinates with CNBV on monetary-stability aspects of stablecoin and payment-rail oversight.

Ley para Regular las Instituciones de Tecnología Financiera — Mexico's Fintech Law (March 2018). Created the ITF (Institución de Tecnología Financiera) regulatory framework with two main authorisations: IFPE (Electronic-Funds Institution, e-money) and IFC (Crowdfunding Institution). Crypto exchanges are not directly regulated as a distinct category; they fit under the broader ITF umbrella with case-by-case CNBV review.

Institución de Tecnología Financiera — generic category under Mexico's Fintech Law (LRITF). Covers Fintech operators including crypto-asset service providers. CNBV authorisation required, with capital + governance + cybersecurity requirements. Sub-types include IFPE (e-money) and IFC (crowdfunding).

Institución de Fondos de Pago Electrónico — Mexico's e-money institution licence (Fintech Law sub-type). Required for issuing peso-pegged stablecoins and operating fiat payment rails. Capital requirements scale with operations (~MXN 500K–2.6M minimum).

Sermaye Piyasası Kurulu — Turkey's Capital Markets Board. Primary crypto regulator since Law 7518 (in force July 2024) — authorises and supervises Crypto-Asset Service Providers (CASPs). Also handles tokenised securities and Borsa İstanbul listings. SPK applications for crypto authorisation opened late 2024 with mandatory transition by August 2025.

Bankacılık Düzenleme ve Denetleme Kurumu — Turkey's Banking Regulation and Supervision Agency. Supervises banks and payment institutions (PSP). Coordinates with SPK on crypto-rail and stablecoin operators.

Türkiye Cumhuriyet Merkez Bankası — Central Bank of the Republic of Turkey. Issued the April 2021 regulation prohibiting crypto AS PAYMENT (cannot use crypto to pay for goods/services in Turkey) — still in force May 2026. Coordinates with SPK + BDDK on stablecoins and FX flows.

Mali Suçları Araştırma Kurulu — Turkey's Financial Crimes Investigation Board (FIU). Receives Suspicious Activity Reports from CASPs, banks, payment institutions and other AML-obligated entities. Turkish equivalent of FinCEN (US) or Tracfin (France).

Turkey's Crypto-Asset Service Provider Law (in force July 2024). Establishes the SPK authorisation regime for crypto-asset service providers — one of the strictest emerging-market frameworks (capital ~TRY 500M / USD 15M, segregation, insurance, annual audit). Existing operators had until August 2025 to obtain authorisation. Excludes genuine 1-of-1 NFTs from crypto-asset definition.

Professional of the Financial Sector (Luxembourg). CSSF authorisation category for regulated investment firms, payment institutions and specialised financial professionals. Crypto firms often obtain a PFS before transitioning to MiCA CASP.

One of the 14 service-provider categories defined by Liechtenstein's TVTG (Token and Trusted Technology Service Providers Act). Covers entities that issue tokens on behalf of themselves or clients.

French ANJ authorisation to operate under the JONUM regime (2024-2027 experimental) — games involving monetisable digital objects such as NFTs. Sorare was the first authorised operator in May 2024.

Swiss DLT Act (2021) — umbrella term for the legal framework enabling DLT securities, DLT trading facilities and bankruptcy-remote token custody. Administered by FINMA. Primary basis for Swiss crypto custody and RWA tokenisation.

Entry-level VASP licence under Dubai's VARA regime. Covers a subset of virtual-asset services with lower capital and governance requirements than Class F / M. Binance's Dubai entity operates under a VASP Class I.

DFSA-issued licence to operate crypto or financial services from within the DIFC free zone in Dubai. Covers a full suite of authorised activities — distinct from the VARA licence which applies to Dubai mainland.

Financial Services Permission issued by the FSRA of the Abu Dhabi Global Market free zone. Covers crypto-asset activities under ADGM's dedicated virtual-asset framework. Separate from Dubai's VARA and DFSA regimes.

Virtual Asset Trading Platform licence (Hong Kong SFC). Mandatory since June 2023 for any platform offering virtual-asset trading services to retail or professional investors in Hong Kong. Strict custody and disclosure requirements.

Canadian CSA mechanism — a formal undertaking signed by a crypto trading platform committing to meet specific investor-protection, custody and disclosure conditions while working towards full CSA registration. Interim compliance vehicle since 2022.

Australian Financial Services Licence. ASIC-issued licence required to provide financial services in Australia — crypto platforms need an AFSL when the underlying product qualifies as a financial product.

Digital Currency Exchange registration. AUSTRAC registration regime mandatory for any entity providing crypto-to-fiat or fiat-to-crypto exchange services in Australia. AML/CTF Act compliance.

Digital Asset Business Act (Bermuda, 2018). Dedicated legal framework for digital asset businesses, administered by the BMA. Offers tiered licensing (Class F/M/T) depending on activity scope; one of the earliest comprehensive crypto frameworks.

Full digital asset business licence under Bermuda's DABA. Permits the full range of regulated digital-asset activities (issuance, custody, exchange, transfer). Used historically by Circle for USDC issuance before its MiCA transition.

A US trust-company charter authorising an entity to act as a fiduciary — hold and manage assets on behalf of clients. Crypto-focused trust charters (federal OCC national trust charter, state trust charters like NY or South Dakota) have become the dominant licensing path for US institutional custody.

New York State limited-purpose trust charter issued by the NYDFS. Unlike the BitLicense, this charter confers full fiduciary powers and lets the holder act as a regulated custodian for digital assets. Used by BitGo NY Trust Company (2021), Paxos, Gemini, and others.

State trust company charter issued by the South Dakota Division of Banking. A US state-level trust regime often used by crypto custodians (e.g., BitGo Trust Company since 2018) because of its flexible fiduciary framework.

Digital Asset Offering Platform (Nigeria). SEC Nigeria licence category under the 2022 Rules on Issuance, Offering and Custody of Digital Assets — covers token-sale platforms.

Digital Asset Custodian Services (Nigeria). SEC Nigeria licence category for custody providers under the 2022 Digital Assets Rules.

Accelerated Regulatory Incubation Programme (Nigeria). SEC Nigeria's 2024 fast-track provisional authorization for VASPs while the full DASP regime matures.

Crypto Asset Exchange Service Provider (Japan). FSA-registered category under the Payment Services Act for licensed crypto exchanges. Membership in JVCEA is also required.

Multilateral Trading Facility. EU MiFID II venue type — a multilateral system bringing together multiple third-party buying and selling interests in financial instruments. Archax holds the first UK FCA-authorised MTF + digital securities exchange.

National Lottery Regulatory Commission (Nigeria). Nigeria's federal gambling regulator. Licenses lotteries and online games with monetizable items — relevant for NFT/GameFi projects with chance elements.

Betting Control and Licensing Board (Kenya). Kenya's gambling authority. Licenses betting, casinos and online gaming — relevant for NFT/GameFi projects operating in Kenya.

Territorial scope — a regime or licence that applies only if you incorporate or physically operate in that jurisdiction. Example: the BitLicense only covers businesses operating in New York.

Scope attribute — a regime that applies whenever you serve or target users of that jurisdiction, even if your company is incorporated elsewhere. Example: MiCA applies to any business serving EU users, no matter where it's based.

Scope attribute — an international standard adopted or transposed by most jurisdictions worldwide. Example: the FATF Travel Rule and KYC/AML principles are applied almost universally.

Traditional Finance. Conventional financial system (banks, stock exchanges, insurers). Fully regulated, centralized infrastructure. High barriers to entry but established compliance frameworks.

Centralized Finance. Crypto services operated by centralized entities (Binance, Coinbase). Uses blockchain but relies on centralized intermediaries. Partially regulated.

Decentralized Finance. Financial services on blockchain without centralized intermediaries. Smart contracts execute transactions autonomously. Regulatory grey zone — MiCA excludes truly decentralized protocols but front-ends may still be regulated.

Decentralized Autonomous Organization. Blockchain-based governance structure with token-based voting. Risk of requalification as a company in many jurisdictions. Wyoming DAO LLC available in US.

Self-executing code deployed on blockchain. Automates transactions when conditions are met. Not legally a 'contract' in most jurisdictions. DFSA decentralization test examines smart contract autonomy.

Distributed Ledger Technology. Broad term encompassing blockchain and similar technologies for shared, replicated databases. Basis for EU DLT Pilot Regime and Swiss DLT Act.

Security Token Offering. Regulated token sale representing securities (equity, debt, revenue share). Subject to securities laws (MiFID II, SEC, SFA). Stricter than ICO.

Initial Coin Offering. Token sale to raise capital. Mostly unregulated historically, now subject to MiCA (EU), Howey Test (US), or national frameworks. Often requires whitepaper.

Initial Token Offering. Similar to ICO but emphasizing the utility or governance function of the token rather than investment return.

Real-World Assets. Physical or traditional financial assets (real estate, bonds, commodities) tokenised on blockchain. Subject to securities/financial regulation in most jurisdictions.

Non-Fungible Token. Unique digital asset on blockchain. Excluded from MiCA if truly unique (1/1). Large fungible series risk ART classification. Used for art, gaming items, IP, and credentials.

XRPL mechanism for holding non-XRP tokens (IOUs). A bidirectional credit relationship between an account and a token issuer (gateway). Foundation of stablecoins, RWA, and fiat representation on XRPL.

I Owe You. Token issued on XRPL Trust Lines representing a claim on an off-chain asset held by the issuer (gateway). Gateway model = custodial. Requires CASP + potentially EMI under MiCA.

XRPL native feature for time-locked or condition-based XRP lockup. Protocol-enforced release conditions. Non-custodial (no third party controls funds). Used for vesting, conditional payments, cross-border settlement.

XRPL native off-ledger micropayment channel. Depositor locks XRP on-chain; receiver collects signed claims off-chain. Non-custodial. Enables streaming payments, API monetization, gaming micropayments.

Multi-Purpose Token (XLS-33). XRPL's programmable token standard with transfer fees, lock conditions, authorization requirements. lsfRequireAuth = KYC gating. lsfLocked = AML holds. No explicit MiCA category yet.

XRPL NFT standard (live 2022). Native NFT minting, burning, trading with built-in royalties (TransferFee). Broker mode enables non-custodial marketplace via atomic swap.

XRPL Multi-Purpose Token amendment (in development 2025). Programmable tokens with transfer fees, lock conditions, authorization requirements, and compliance flags. More flexible than Trust Lines.

Ripple's USD-backed stablecoin on XRPL and Ethereum. Reference implementation of a regulated stablecoin. Qualifies as EMT under MiCA. Uses IOU/Trust Line model on XRPL.

Automated Market Maker. On XRPL: native protocol feature (XLS-30, live 2024). Provides liquidity pools alongside the existing order book DEX. Front-end DApp routing to AMM may need CASP analysis.

XRPL native M-of-N multi-signature mechanism. Defines N signers with weights and quorum threshold. Non-custodial if service cannot reach quorum alone. Key custody mechanism for institutional XRPL accounts.

XRPL secondary key pair assigned to an account. Allows key rotation without changing XRPL address. Grey zone custody: CASP if service controls Regular Key alone, non-custodial if user retains Master.

Multi-Party Computation. Private key never exists in full — fragmented as shares across parties. Threshold signature computed distributedly. Not native to XRPL (application layer). Grey zone for custody regulation.

Threshold Signature Scheme. Variant of MPC where t-of-n parties must cooperate to sign. Compatible with XRPL ed25519 and secp256k1 curves. Providers: Fireblocks, Silence Laboratories.

XRPL Trust Line feature allowing IOU payments to chain through intermediate accounts (A→gateway→B). DefaultRipple flag enables this. Essential for payment routing but has compliance implications.

XRPL Trust Line flag allowing a gateway to freeze an individual trust line. Used for AML compliance holds. Only the token issuer can freeze. Does not affect XRP.

XRPL flag allowing a gateway to freeze ALL its trust lines simultaneously. Emergency compliance mechanism. All tokens issued by that gateway become non-transferable.

XRPL account flag (lsfRequireAuth). Requires the issuer to explicitly authorize each holder before they can hold the token. Enables on-chain KYC gating for compliance.

MPT (XLS-33) flag allowing the issuer to lock tokens in a holder's account. Enables AML holds and compliance freezes at the individual token level.

The legal text itself — the statute, regulation, directive or act passed by a legislature. Grounds everything else: it defines which licences exist, which activities are regulated, and what obligations apply. Examples: MiCA (EU 2023/1114), GENIUS Act (US 2025), TVTG (Liechtenstein 2020), BSA, PSD2.

The concrete authorization a startup must obtain to operate legally. The operational consequence of a Regime — when you perform a regulated activity (exchange, custody, stablecoin issuance…), the Regime requires you to hold a specific Licence. Granted by a Regulator. Examples: CASP (under MiCA), MTL (state-by-state US), BitLicense (NY only), VASP (FATF / Dubai), DASP / PSAN (France), EMI.

The official authority that supervises your activity, issues the Licence and enforces compliance. You report to them, they inspect you, they approve your Licence and can revoke it. Examples: AMF / ESMA (EU), SEC / CFTC / FinCEN / OCC (US), VARA (Dubai), MAS (Singapore), SFC (Hong Kong), FCA (UK), FINMA (Switzerland), FMA (Liechtenstein).

A concrete operational duty imposed by a Regime or Regulator. Something a startup must DO on a daily basis, captured in policies, processes and systems. Examples: KYC, KYB, AML, CFT, FATF Travel Rule (R.16), SAR filings, OFAC sanctions screening.

How a digital asset is classified by a regulator. Determines which Regime applies to the token itself (separate from the service-provider regime). Can evolve over the token's life (a security token may become a commodity as the network decentralises). Examples: EMT, ART, S-EMT, S-ART (MiCA), Utility Token, Security Token (Howey), RWA, NFT, Stablecoin, DPT (Singapore), MPT (XLS-33 on XRPL).

Technical or ecosystem concepts that are not themselves regulated, but which shape how regulation applies. Reference terms encountered constantly in the crypto space — DeFi vs CeFi, on-chain vs off-chain, XRPL primitives, etc. Examples: TradFi, CeFi, DeFi, DAO, Smart Contract, DLT, Trust Line, IOU, Escrow, SignerList, MPC, TSS.

A legal test or court ruling that interprets the law. Crucial when the statute is silent or ambiguous — the Doctrine fills the gap. Especially important in the US where case law plays a major role. Examples: Howey Test (SEC v. W.J. Howey Co., 1946) — 4 prongs to qualify a security. SEC v. Ripple (2023) — primary vs secondary market distinction.

How a jurisdiction taxes crypto activity — capital gains, income, withholding, VAT/GST, corporate tax, wealth tax. A parallel mini-system to the Regime/Regulator/Obligation triplet, with its own regime (tax code), regulator (tax authority) and obligations (annual returns, TDS withholding, 1099-DA filing, DAC8 reporting). Two angles to consider for a startup: (1) corporate P&L (corporate income tax + VAT on services), (2) end-user exposure (CGT, TDS at every transaction in India, 30% flat rates, etc.) which often shapes product design and pricing.

EU Directive 2023/2226 — extends the Directive on Administrative Cooperation (DAC) to crypto-asset service providers. Requires CASPs to report user holdings + transactions to tax authorities, who then exchange the data across all 27 Member States. In force since 1 January 2026. Aligned with the OECD CARF.

Crypto-Asset Reporting Framework. OECD-developed global standard (Aug 2022, finalised 2023) for the automatic exchange of crypto tax information between participating jurisdictions. ~50 jurisdictions committed to first exchanges by 2027. Same logic as the Common Reporting Standard (CRS) but for crypto.

Common Reporting Standard. OECD's 2014 framework for automatic exchange of financial-account information between participating jurisdictions (~120 countries). The pre-crypto sibling of CARF — covers traditional bank accounts, custody accounts, insurance contracts. CARF extends the same logic to crypto-asset service providers.

Prélèvement Forfaitaire Unique. France's 30% flat tax on crypto capital gains for individual occasional investors (12.8% income tax + 17.2% social charges). Pro traders are taxed under BIC/BNC instead. Crypto-to-crypto trades are tax-neutral until conversion to fiat.

Capital Gains Tax. Tax on the profit realised when selling an asset (including crypto) at more than its acquisition cost. Rates and exemptions vary widely: UK 10–24% above £3K exemption, US 0/15/20% long-term, Switzerland 0% for private individuals, Australia 50% discount above 12 months.

Tax Deducted at Source. Indian withholding mechanism — 1% TDS deducted by the buyer (or exchange) on every Virtual Digital Asset transfer above ₹10K (₹50K for specified persons). Combined with the 30% flat tax on VDA gains, this creates significant friction at every transaction and is widely cited as one of the world's strictest crypto tax regimes.

Virtual Digital Asset. India's statutory term (Finance Act 2022) for crypto-assets, NFTs and any token tagged by notification. VDA gains are taxed at a 30% flat rate with NO deductions and NO loss offset against other income — paired with 1% TDS on every transfer.

US IRS digital-asset reporting form. Brokers (centralized exchanges, custodians) must issue 1099-DA to customers and the IRS for digital-asset sales — gross proceeds for tax year 2025, plus cost basis from 2026. Codifies the 'broker' definition that applies under the Infrastructure Investment & Jobs Act of 2021.

Foundational US tax doctrine for crypto. The IRS Notice (March 2014) declared that virtual currency is treated as PROPERTY for federal tax purposes — not currency. Consequence: every crypto transaction (sale, swap, payment) is a taxable event triggering capital-gains calculation. Mining = ordinary income at fair-market value on receipt. Underpins the entire US crypto tax regime today.

Foreign Account Tax Compliance Act (US, 2010). Requires US persons with > $50K in foreign financial accounts (incl. crypto held offshore at certain reporting thresholds) to disclose them on Form 8938. Foreign financial institutions must report US-account-holder information to the IRS or face 30% withholding. Long-standing precedent for the cross-border tax-transparency stack now extended by CARF + DAC8.

Tax deducted at the source of payment by the payer (employer, exchange, broker) and remitted directly to the tax authority on behalf of the recipient. In crypto: India's 1% TDS on transfers, US backup withholding for non-1099 reporters, EU DAC8 reporting. Reduces tax-evasion risk but adds friction and cash-flow complexity for users.

Annual tax on the net value of an individual's worldwide assets. Crypto holdings are typically included at fair-market value as of 31 December. Switzerland (~0.1–0.5% cantonal), Liechtenstein (~0.5–4%), Spain (in select autonomous communities) and Norway apply wealth taxes; France's IFI is restricted to real-estate so does NOT cover crypto.

Digital Asset Tax. Kenya's 3% tax on the gross transfer value of digital assets (no deductions, no minimum threshold) — in force since September 2023. Operators (exchanges, payment platforms) must withhold and remit within 5 business days of each transaction. Pioneer in Africa for a dedicated crypto tax instrument.

The original acquisition cost of an asset (including fees) — the reference point against which capital gains/losses are calculated when the asset is sold. For crypto: tracking basis across thousands of trades, swaps, airdrops and forks is the single biggest practical tax problem. Common methods: FIFO (first-in-first-out, default in many jurisdictions), LIFO, specific identification, average cost. From 2026 US brokers must report cost basis on Form 1099-DA.

Miscellaneous income (雑所得) — Japan's tax classification for crypto gains. Taxed at progressive rates up to 55% (45% national + 10% local). Critically: NO capital-gains regime exists for crypto, and crypto losses cannot offset other income. Cited as one of the harshest crypto tax regimes for high-income earners. Reform to align with traditional securities (~20% flat) has been under discussion since 2023.

Official UK tax guidance for individuals and businesses holding or transacting crypto-assets. HMRC's view: crypto is property (not currency), so disposal triggers Capital Gains Tax (10–24% above £3,000 annual exemption from 2026/27). Crypto-to-crypto IS a taxable disposal. Mining/staking = miscellaneous income at fair-market value on receipt. Comprehensive coverage of forks, airdrops, DeFi lending, NFTs, employee tokens.

Germany's 1-year holding rule (§ 23 EStG, private sale transaction). Crypto held privately for MORE than 12 months can be sold tax-FREE for individuals — no capital-gains tax at all. Sold within 12 months: gains > €1,000/year exemption taxed at the personal income-tax rate (up to 45% + 5.5% solidarity surcharge). Staking/lending extends the holding period to 10 years in some interpretations (clarified in BMF 2022 guidance).

Swiss 'private wealth' doctrine. Individuals classified as private investors pay NO capital-gains tax on crypto disposals — gains are tax-free. Trade-off: an annual wealth tax (~0.1–0.5%, cantonal) applies on year-end crypto holdings at fair-market value. Whether you qualify as a private investor (vs. professional trader) depends on 5 SFTA criteria: holding period, leverage, frequency, size, and dependency on trading income.

France's professional-trader tax regime, alternative to the PFU. When crypto trading qualifies as a habitual professional activity (frequency, sophistication, dependency on income), gains are taxed as Bénéfices Industriels et Commerciaux (BIC) or Bénéfices Non Commerciaux (BNC) at the personal income-tax progressive rate (up to 45% + 17.2% social charges) instead of the 30% PFU. The line between occasional investor and professional is determined case-by-case by the DGFiP.

Non-Habitual Resident regime — Portugal's preferential tax status. From 2023, crypto held > 365 days = tax-FREE for individuals; held < 365 days = 28% capital-gains tax. Mining/staking taxed as professional income (up to 53%). The original 2009 NHR scheme was scrapped in 2024 for new applicants (replaced by IFICI for innovation/research workers), but existing NHR holders keep their 10-year benefit.

All-in-one identity verification + AML monitoring + Travel Rule compliance platform (London-base, founded 2015). Bundles KYC/IDV + KYB + sanctions/PEP screening + transaction monitoring + Travel Rule messaging in a single SDK. ~5,000 clients including major crypto exchanges. MiCA-aligned and chain-agnostic — works for XRPL VASPs.

Leading Travel Rule messaging network for VASPs (FATF Recommendation 16). Pre-transaction sanctions screening + counterparty verification + originator/beneficiary data exchange. 1,200+ VASPs onboarded. Founded by post-FATF Travel Rule architects. Chain-agnostic — works for XRPL VASPs.

Identity verification platform (UK-base, acquired by Entrust 2024). Document IDV + biometric liveness + ongoing monitoring. One of the historic IDV vendors used by Tier-1 fintech and crypto firms (Coinbase Europe, Revolut). MiCA-aligned.

Industry-standard crypto transaction-monitoring + investigations + sanctions-screening platform (US-base, founded 2014). Used by US Treasury / IRS / FBI + most regulated crypto exchanges. Two flagship products: KYT (Know Your Transaction, real-time risk scoring) + Reactor (forensic investigations). Native XRPL coverage including IOU flows + AMM + RLUSD.

Crypto-native AML platform (UK-base, founded 2013). Two flagship products: Holistic (cross-chain transaction monitoring with stablecoin tracing) + Lens (entity intelligence + risk scoring). MiCA-aligned. Used by Coinbase, Revolut, Binance, the UK FCA. XRPL covered.

Real-time blockchain intelligence + sanctions screening + investigations platform (US-base, founded 2018). Used by US Secret Service, FBI, OFAC + major crypto exchanges. Strong in compliance automation for institutional flows. Native XRPL coverage including RLUSD tracking from issuance.

AI-powered sanctions / PEP / adverse-media screening + ongoing monitoring (UK-base, founded 2014). Real-time data updates from 100M+ data points across 200+ jurisdictions. Used heavily in fintech and crypto — Coinbase, Gemini, BitGo, Klarna among clients.