San Marino
Delegated Decree No. 138/2024 establishes the legal framework for tokens and crypto-assets using DLT and incorporates some tax treatment of crypto-assets. All DLT operators, local or foreign, must register with the Central Bank (for crypto-assets) or the Institute for Innovation (for utility tokens). A white paper must be published for public offerings unless exempted. The decree enforces consumer protection rules, including a 14-day withdrawal right and custody safeguards, introduces a digital public register, exempts capital gains on crypto up to €2,000 annually, and imposes fines of up to 10% of turnover or double the illicit gain for violations.
Law No. 92/2008 is San Marino’s AML/CFT law, which has undergone several amendments: in 2018, definitions for virtual assets and VASPs were introduced; in 2019, stronger preventive measures were implemented; in 2020, rules regarding beneficial ownership and VASPs were established; and in 2024, the law expanded the scope of virtual assets activities and reinforced the EU TFR. These amendments require VASPs to register and obtain licenses while fulfilling all AML/CFT obligations, including due diligence, monitoring, and compliance with EU TFR for transactions of €1,000 or more, under the supervision of the Financial Intelligence Agency.
Central Bank Regulation No. 2021-03 implements Delegated Decree 111/2021, establishing the requirements for banks to gain and retain authorisation for virtual asset custody services. This applies only to banks authorised under the Financial Companies Law. Some other requirements include insurance coverage (€5M+), technical certification, and cybersecurity measures with mandatory incident reporting.
Delegated Decree No. 111/2021 establishes a regulatory framework allowing only authorised banks to provide virtual asset custody services, subject to Central Bank approval, insurance, cybersecurity, and technical certifications, while imposing client protection duties, public registration, and AML-compliance obligations.
Delegated Decree No. 86/2019 creates a legal framework for recognised blockchain entities to issue utility and investment tokens via Initial Token Offerings (ITOs). This requires registration, Whitepaper/Prospectus disclosure, and truthful advertising, with a potential trust involved. It grants full income tax exemption on token transactions, applies AML/CFT obligations to investment token offerings of €1,000 or more, and empowers San Marino Innovation to oversee compliance.
Serbia
Law on Digital Assets (No. 153/2020) establishes rules for issuing and trading digital assets, dividing oversight between the National Bank of Serbia (for virtual currencies) and the Securities Commission (for digital tokens). Key provisions include licensing requirements for Serbian-incorporated VASPs with minimum capital, white-paper approval, restrictions on advertising, and allowances for secondary and over-the-counter (OTC) trading, as well as the use of smart contracts. Furthermore, the law applies AML/CFT and foreign exchange (FX) rules and prohibits market abuse.
AML/CFT Law first included crypto in its framework in 2020 by defining digital assets and designating VASPs with travel-rule duties, then in 2023 broadened coverage, in 2024 added proliferation-financing controls and clarified enhanced due diligence (including for VASP correspondent-type relationships), and in 2025 refined DLT/self-hosted/intermediary-VASP provisions, expanded crypto-transfer rules to include identification requirements, and standardised sanctioning criteria (e.g. severity and duration).
National Bank of Serbia Regulations & Decisions include VASP licensing and consent processes (including cross-border approvals), minimum-capital and periodic-reporting rules, public registers of providers and a non-public register of virtual-currency holders, strict client-asset segregation and recordkeeping, dinar/FX payment rules for primary and secondary transactions, and detailed white-paper content/approval for virtual-currency offerings.
Securities Commission Bylaws include procedures for token-service provider licensing and cross-border consents, minimum-capital calculation and periodic reporting, remote identity-verification standards, ICT governance and continuity controls, limits on advertising without an approved white paper, and the rulebook for white papers and subsequent white papers.
Notable case: On 29 October 2024, the Securities Commission issued a warning on digital asset fraud after the shutdown of a fake cryptocurrency investment call centre ring in Belgrade.
Slovakia (EU Member)
Law No. 248/2024 Coll. implements the EU MiCA into national laws. It designates the National Bank of Slovakia (NBS) as the competent authority, granting it, amongst other powers, the power to issue binding, non-appealable, but judicially reviewable measures. Additionally, the law provides protections for the reserves of asset-referenced tokens and money tokens (ART and EMT). It also mandates training and examinations for CASP advisors and allows a transition period for MiCA CASPs until 30 December 2025.
Law No. 297/2008 Coll. (as amended) is the AML/CFT legal framework in Slovakia, regulating VASPs since their inclusion as obliged entities in the 2020 amendment. It mandates identity checks for crypto transfers of €1,000 or more, enhanced due diligence on foreign partner institutions before establishing cross-border correspondent relationships, reports for suspicious transactions to the Financial Intelligence Unit (FIU), risk controls for self-hosted wallets, and compliance with the EU Transfer Regulation (TFR). It imposes sanctions of up to €1,000,000 for breaches, with banks and financial institutions facing fines of up to €5,000,000 or 10% of annual turnover.
Act No. 595/2003 Coll. (as amended) provides for the taxation of disposals of crypto-assets—including swaps, payments, or other transfers—based on fair value on the exchange date, and non-business gains are treated as “other income”. Entrepreneurs are taxed with deductions equalling the entry prices, while validation and mining receipts are deferred until disposal. Additionally, crypto-to-crypto exchanges are deemed as taxable. The Financial Directorate has published guidelines for crypto-taxation, including taxation for non-business individuals and sole-traders/entrepreneurs.
Slovenia (EU Member)
Act No. 95/24 implements the EU MiCA into Slovenia’s national law. Under the law, the Securities Markets Agency (ATVP) is designated as the competent authority for authorisations relating to CASPs and asset-referenced tokens (ART), while the Bank of Slovenia is responsible for e-money tokens. The regulation mandates MiCA disclosure duties, including whitepapers, marketing alignment, holder notifications, and CASP client information. It also empowers inspections and prescribes fines for different offences. For instance, certain market-abuse breaches can attract up to €15 million or 15% of turnover fines. Existing providers are granted a transition period until 1 July 2025.
Act Amending the Implementation of the EU MiCA (2025) requires CASPs and asset-referenced token issuers to hold client crypto-assets in fiduciary accounts legally owned by clients and shielded from provider creditors, implementing MiCA’s segregation principle.
Tax Acts: Under personal income tax, capital gains from selling virtual currencies are tax-free for individuals outside business activity, while mining, airdrops, and forks are taxed as “other income” unless part of a registered business; under companies tax crypto gains per accounting rules as financial assets; under VAT crypto-fiat exchange and certain mining rewards are VAT-exempt, utility tokens are taxed like prepayments; under financial services tax act, crypto transactions equivalent to financial instruments are subject to financial services tax. Additionally, in April 2025, the Ministry of Finance submitted a proposal for the Income Tax Act on the disposal of cryptocurrencies and a new Profit Tax Act on the Disposal of Derivatives. It proposes a 25% flat tax on individuals’ crypto disposals with record-keeping and an optional simplified 5-year calculation, effective 1st January 2026, if adopted, and a parallel 25% flat tax on derivatives regardless of holding period.
AML/CFT Act (as amended) included VASPs as obliged entities subject to all AML/CFT provisions in 2017. It introduced mandatory registration and disclosure of ownership for VASPs in 2021, and by 2023, adopted the EU MiCA’s definition of crypto-assets, extending AML/CFT obligations to CASPs.
Spain (EU Member)
Law 6/2023 establishes the framework for implementing the EU MiCA in Spain. It designates the Comisión Nacional del Mercado de Valores (CNMV) as the authority responsible for supervising the issuance, offering, and admission to trading of crypto-assets that are not classified as financial instruments under MiFID II. Additionally, the Bank of Spain is assigned authority over e-money tokens and asset-referenced tokens where applicable. The law incorporates MiCA’s definitions and service categories, outlining Spain’s sanctions regime. A transitional period (30 December 2025) is provided for CASPs, and persons already providing crypto-related services or registered to do so in Spain before MiCA.
Notable case: In 2025, CMVA authorised several companies under MiCA.
Law 10/2010 is the AML/CFT law. In 2021, it expanded its scope to include crypto-related service providers as obliged entities. This inclusion mandates compliance with all AML/CFT provisions and requires registration with the Bank of Spain. Subsequent amendments to the law introduced additional regulations, such as those concerning beneficial ownership for legal persons and trusts, along with the establishment of a national beneficial ownership register.
Law 35/2006 (as amended) establishes the information-reporting requirements for custodians, exchanges, intermediaries, and ICO issuers. These entities are mandated to report to the Tax Administration all virtual currencies they hold in custody, as well as any acquisitions, disposals, swaps, transfers, and payments/receipts conducted in virtual currencies. The reports must include relevant details such as names, addresses, tax IDs, the class and number of coins, price, and date of transactions. Additionally, the Spanish Tax Agency provides guidelines regarding the taxation of cryptocurrencies.
Sweden (EU Member)
Proposition 2024/25:43 incorporates the EU MiCA and TFR into Swedish national law, designating the Finansinspektionen (FI) as the competent authority with the power to impose sanctions and fines, including temporary bans of up to 30 working days and permanent prohibitions on offerings and trading, while administrative fines can reach 15% of turnover or three times the profit; furthermore, the law stipulates that marketing rules for required customer information fall under the Marketing Act, meaning that information mandated by MiCA (whitepapers and customer disclosures), is considered material under this act. Thus, any missing or unclear information can trigger legal actions related to marketing law. A transition period is granted for pre-existing operators until 30 September 2025, or until a final decision is reached if they apply by 1 October 2025.

Act 2017:630 (as amended) serves as the AML/CFT law, mandating that CASPs are obliged entities required to comply with its provisions. The law stipulates that customer due diligence must be conducted for crypto or funds transfers exceeding EUR 1,000. Additionally, it mandates enhanced checks for transfers to or from unhosted (or stand-alone) addresses. Furthermore, extra due diligence and documentation are necessary when establishing correspondent relationships with third-country institutions, which include verifying the counterparties’ authorisation or registration. The law also prohibits anonymous accounts and services.

Tax Guidance from the Skatteverket (Tax Agency) clarifies that cryptocurrencies like Bitcoin are considered capital assets. As such, any sale, exchange (including crypto-to-crypto), payment for goods or services, or lending where the borrower can use the coins constitutes a taxable disposal. This must be reported on Form K4, Section D. Gains from these transactions are taxed at 30%, while losses are 70% deductible. Specific activities, such as ETH 2.0 staking rewards and mining, are taxed either as capital income or hobby/business income. Strict record-keeping is required to substantiate acquisition costs, sale prices, and wallet ownership.
Switzerland
SR 958.1 outlines the framework for DLT-securities and DLT trading systems, defining them and applying core venue rules such as transparency and orderly trading. Authorisation is required from the Financial Market Supervisory Authority (FINMA) to operate, with registration occurring only after authorisation. The Swiss National Bank is involved if the infrastructure is systemically important. The framework allows for private participants and establishes rules for admission, custody, and settlement, while extending market-abuse bans to instruments on DLT venues. Additionally, the FINMA provides further guidelines for providers of crypto services.
Notable case: In March 2025, BX Digital AG was licensed by FINMA as the first DLT trading facility.
SR 957.1 is the Book Securities Act (BEG). It provides that when a tokenised (ledger-based) securities are credited to a securities account and held through an intermediary (custodian, central securities depository, etc.) to become an intermediated security, and thus subject to its rules for creation, transfer, collateral, and custody liability.
SR 958.11 specifies the application process to the Swiss Financial Market Supervisory Authority. It defines when operating a distributed ledger technology system is considered a commercial activity, triggering a ten-day notification and a sixty-day licence filing (or ninety days for adjusted filings if a small system exceeds size limits). It sets minimum capital requirements of one million or five million Swiss francs for these systems.
SR 220 OR establishes the legal framework for tokenisation, creating ledger-based securities that confer full civil-law rights, including obligations for payment, transfer, pledge, resolution of lost keys, and issuer liability.
SR 950.1 Finanzdienstleistungsgesetz (Financial Services Act – FIDLEG) and SR 950.11 Finanzdienstleistungsverordnung (Financial Services Ordinance – FIDLEV) provide investor protection. FIDLEG allows for a token structured as a register-based security to qualify as a security, thus falling under the standard conduct and disclosure requirements. If the tokenised security is listed on a DLT trading system, the same prospectus rules that apply in traditional venues are included in the existing investor protection framework. FIDLEV facilitates this process, and no new prospectus is required for securities already listed on another Swiss venue or DLT system. Switzerland can also recognise foreign DLT systems.
SR 954.1 Finanzinstitutsgesetz (Financial Institutions Act – FINIG) and SR 954.11 Finanzinstitutsverordnung (Financial Institutions Ordinance – FINIV). FINIG outlines the firms under securities-firm supervision, mandating retail-facing firms to join an ombuds scheme. FINIV extends trade recording/reporting requirements to instruments on DLT trading systems, integrating crypto-securities services into the same supervisory framework as traditional ones.
Swiss AML framework (AMLA/AMLO/AMLO-FINMA) classifies DLT trading facilities as financial intermediaries, subjecting them to all AML obligations, including KYC, beneficial owner identification, and reporting. Virtual currencies are treated as means of payment and payment services when assisting clients with transfers. Accepting assets, including virtual currencies, and disbursing cash or virtual currencies, or wiring value over a system, are classified as Money or Value Transfer Services (MVTS), necessitating full AML compliance. Additionally, if a single crypto transaction (or linked transactions) exceeds CHF 1,000, the customer must be identified, provided there is no money/value transfer or ongoing relationship. Anti-structuring technology is required to prevent bypassing this limit for over 30 days.
Tax Guidance provided by the Federal Tax Administration (FTA) categorises tokens into payment, asset (debt, contract-based, equity), and utility, with distinct tax implications for holders and issuers. Holders face a wealth tax on the year-end value of tokens, while private trading gains are generally tax-free, and losses are non-deductible. Additionally, income from mining, staking, airdrops, and token wages is taxable. For issuers, debt tokens incur withholding tax and often securities transfer tax on interest. Equity-like tokens are treated as capital contributions with dividend withholding and issuance duty. Utility or contract-based tokens are taxed as revenue at issuance, typically exempt from withholding and stamp duties.
Ukraine
Law on Virtual Assets (which is not yet in force) defines both secured and unsecured virtual assets and clarifies that they are not considered legal tender. It establishes the jurisdictional scope and assigns oversight to the National Securities and Stock Market Commission (NSSMC), while the National Bank (NBU) is responsible for currency-backed virtual assets. Additionally, the law mandates that Virtual Asset Service Providers (VASPs), which include custody, exchange, transfer, and intermediation services, must operate as legal entities with specific permits and minimum capital requirements. It also requires disclosures for public offers and introduces a travel rule for virtual assets and funds transfers through amendments to anti-money laundering regulations.
AML/CFT Act designates VASPs as obliged entities, requiring them to implement customer due diligence and KYC protocols. Additionally, they must report suspicious and over-the-threshold transactions, maintain records for five years or more, and conduct targeted sanctions screening and freezing. The Act incorporates the travel rule for transfers of funds and virtual assets, and assigns supervision to the Ministry of Digital Transformation.
Cabinet Ministers Resolution No. 662 (2023) states that the Ministry of Digital Transformation supervises service providers involved in the circulation of virtual assets. It grants the Ministry the authority to conduct risk-based onsite and offsite checks, whether planned or unplanned. Furthermore, when multiple state AML supervisors oversee the same entity, they are to carry out a joint planned inspection.
Ministry of Finance Order No. 465 (2022) outlines key risk indicators associated with virtual assets. These include using virtual assets in operations that lack a clear legal, tax, commercial, economic, or other lawful justification. Additionally, the use of virtual assets and anonymous payment methods, as well as transactions that appear to lack economic purpose or an apparent lawful aim, are considered red flags. Such indicators should elevate risk assessments and trigger enhanced measures.
National Bank Resolutions No. 65 & No. 107 of 2020 mandate that banks classify VASP-related clients as high risk. Consequently, they must implement enhanced due diligence and ongoing monitoring. Similarly, non-bank financial institutions are required to treat virtual asset activities as high risk and must implement strong AML/CFT controls.
United Kingdom
The Financial Services and Markets Act (FSMA) (Draft Order 2025) introduces and amends regulations for cryptoassets, addressing issues such as clarifying fiat-referenced stablecoins, stating that sums exchanged for these stablecoins are not considered ‘deposits’, outlining the safeguarding and custody requirements for qualifying cryptoassets, and tightening financial promotions by adding controlled activities related to custody, platforms, and staking, and at the same time defining what “qualifying cryptoasset” and “qualifying stablecoin,” are. The draft order also amends the AML law to require the FCA to maintain an AML register for exchange and custodian wallets only where firms are not FSMA-authorised. Additionally, authorised cryptoasset firms must notify the FCA when they act as exchange or wallet providers, as well as when they cease such activities.
FSMA, as amended, brings cryptoassets under its framework. It introduces a designated activities rule for the marketing of cryptoassets, regulating related conduct even for firms that aren’t formally authorised. It establishes a framework for stablecoins, referred to as digital settlement assets (DSAs), covering issuers, custodians, and exchanges. The Act empowers the Bank of England, the Financial Conduct Authority, and the Payment Systems Regulator to oversee key providers under a Financial Market Infrastructure type administration. Additionally, it grants the Treasury the authority to adapt the electronic money and payments law to stablecoins. Furthermore, the Act opens a sandbox for testing settlement using distributed ledger technology, delivering clearer marketing rules, enhanced consumer and system safeguards, and the flexibility to update regulations quickly.
FSMA Order (Financial Promotion), as amended, brings crypto advertising under the FSMA marketing rules by establishing a qualifying cryptoasset (QCA) as a controlled investment for financial promotion purposes. To qualify as a QCA, an asset must be interchangeable and transferable; it specifically excludes electronic money, fiat currency (including digitally issued fiat), and limited-use tokens. The order allows anti-money-laundering–registered crypto exchanges and custodians to promote their own ads under strict conditions. Additionally, it extends certain exemptions, including the “sale of goods and supply of services” exemption, to QCA communications. This amendment provides the Financial Conduct Authority (FCA) with clear tools to oversee these promotions.
FSMA Order (Regulated Activities), as amended, outlines the criteria for what constitutes regulated investments and activities. It applies to cryptocurrencies when a token qualifies as electronic money or a security/financial instrument. Additionally, the order encompasses products that are derivatives, such as contracts for difference, which reference cryptocurrencies.
AML/CFT Law (as amended), in its 2019 amendment, brought CASPs and custodian wallet providers into scope, mandating registration with the Financial Conduct Authority (FCA) and requiring customer due diligence for crypto automated teller machine (ATM) transactions. The 2022 amendment introduced the travel rule, which mandates that sender and recipient information accompany transfers. It also requires customer due diligence on cryptoasset transfers of €1,000 or more, strengthens record-keeping practices, and mandates immediate responses to law enforcement requests and FCA reporting. Additionally, it introduced change-of-control approval for registered crypto firms. The 2023 amendment updated the treatment of politically exposed persons, establishing a lower-risk baseline that can scale up in response to other risk factors. This amendment also outlines the supervisory role of the FCA.
Notable case: In February 2025, in FCA v Olumide Osunkoya, the defendant was convicted over unregistered crypto ATMs and failing AML checks.
The Economic Crime and Corporate Transparency Act (amended) amends the Proceeds of Crime Act 2002 (POCA). It empowers enforcement officers—including police, Revenue and Customs officers, Serious Fraud Office officers, and accredited financial investigators—to search for, seize, and detain items related to cryptoassets. The Act requires that electronic information be produced in a readable format, enabling officers to identify or access wallets. Additionally, it permits the retention, disposal, or destruction of unclaimed crypto-related items after one year.
Tax Guidance: According to Revenue and Customs (RC) guidance, disposals of cryptocurrency—such as selling, swapping, or spending—are usually subject to Capital Gains Tax (CGT). Tokens received from an employer, through mining or transaction confirmation, or from specific airdrops are taxed as income. Whether one’s activities qualify as trading depends on various factors, including frequency, level of organisation, and intention; if it is a trade, profits are calculated in the usual way (receipts minus allowable expenses) and taxed as trading profits. Regarding location (“situs”) rules, if a token represents an underlying asset like gold or shares, the asset’s location is used. If there is no underlying asset, RC considers the token to be located where the beneficial owner resides.
Vatican City
The AML/CFT Law is based on Legge n. XVIII (2013), which was later amended by Legge n. CCXLVII (2018) to explicitly prohibit the provision of crypto, virtual, and synthetic currency services. Further amendments were made with Legge n. DCXIV (2023), which introduced detailed definitions for crypto/e-money/virtual/synthetic currency and expanded the scope of AML measures to include digital and electronic value, as well as Money Value Transfer Services (MVTS), but it still maintained the existing ban.

Conclusion

The regulatory frameworks governing blockchain-related activities in Europe are dynamic, comprising harmonised EU regulations and distinct national approaches that are constantly evolving. This article illustrates how a region comprising 46 countries strives to balance the technological innovation of blockchain with the necessary oversight. It outlines the current regulatory landscape and highlights the crucial roles of organisations such as the European Securities and Markets Authority (ESMA) and the Organisation for Economic Co-operation and Development (OECD), along with various national supervisory authorities, in shaping the future of digital finance.

Blockchain Governance: Europe — Part 4 — S–Z

Navigate