← Regulations / Finland / licensing
Grade A AI-Researched

Finland -- Licensing Requirements Regulatory Overview

Published: 2026-04-29 Updated: 2026-04-22 Author: SearXNG+LLM Version 1 Sources cited in: English (3), Finnish (3)
Note: This article cites primary sources in languages other than English. Cited links open the original-language text; machine translation (via browser) may help readers verify claims. See the badge next to each source for its language.

Methodology

AI-generated synthesis from web search results.

Limitations

  • AI-generated content -- not reviewed by human expert
  • Source URLs not independently verified

Finland, as an EU member state, has implemented regulations for virtual asset service providers (VASPs) largely driven by the EU's 5th and 6th Anti-Money Laundering Directives (AMLD5 and AMLD6). The primary regulator for virtual currency providers in Finland is the Financial Supervisory Authority (FIN-FSA – Finanssivalvonta).

Registration vs. Licensing Regime

Finland operates a registration regime for virtual currency providers, rather than a full licensing regime in the traditional sense (like for banks or investment firms). This means that entities wishing to offer virtual currency services must register with the FIN-FSA and comply with ongoing regulatory obligations, but they do not receive a "license" in the same way a licensed financial institution would.

The key legislation governing this is the Act on Virtual Currency Providers (Laki virtuaalivaluutan tarjoajista 930/2019).

Scope of "Virtual Currency Provider" (VCP)

Under the Act on Virtual Currency Providers, entities conducting the following activities are considered "virtual currency providers" and must register with the FIN-FSA:

  1. Providing services for exchanging virtual currency and fiat currency: This covers entities facilitating the purchase or sale of virtual currencies using traditional currencies (e.g., EUR, USD).
  2. Providing services for exchanging virtual currency and other virtual currencies: This covers entities facilitating the exchange of one virtual currency for another (e.g., Bitcoin for Ethereum).
  3. Providing custodial wallet services: This refers to services where an entity holds, stores, or transfers virtual currencies or private cryptographic keys on behalf of customers.

Required Licenses for Specific Services

Based on the above definitions:

  • Exchanges: Both exchanges offering fiat-to-crypto and crypto-to-crypto trading services are clearly defined as "virtual currency providers" and require registration with the FIN-FSA.
  • Custody Providers: Entities providing "custodial wallet services" are also explicitly defined as "virtual currency providers" and require registration with the FIN-FSA. This includes services where the private keys are held by the provider on behalf of the client.
  • Payment Processors: This depends on the nature of the service:
    • If a payment processor handles virtual currencies directly (e.g., converts virtual currency payments received from customers into fiat currency for a merchant, or facilitates direct virtual currency transfers), they would likely fall under the definition of a virtual currency provider (specifically "exchanging virtual currency and fiat currency" or "exchanging virtual currency and other virtual currencies") and require registration with the FIN-FSA.
    • If a payment processor only facilitates fiat currency payments to or from virtual currency platforms (e.g., a traditional payment service provider (PSP) that processes bank transfers or card payments for a crypto exchange, but does not touch the virtual currency itself), they would generally be regulated under the Payment Services Act (implementing PSD2/PSD3) and would require a payment institution license from the FIN-FSA, but not necessarily a "virtual currency provider" registration, unless their activities extend to handling the virtual assets themselves.
    • For the purposes of crypto licensing, if the payment processor is directly involved in the acceptance, transfer, or conversion of virtual assets, registration as a VCP is required.

Key Requirements

Applicants for registration as a virtual currency provider must meet several requirements:

  1. Local Presence:
    • The applicant must be a Finnish limited liability company (osakeyhtiö) or a branch of a limited liability company incorporated in an EEA country.
    • The management of the applicant must be located in Finland. This includes the CEO and at least one other member of the board of directors.
  2. Capital Requirements (Professional Indemnity Insurance):
    • Unlike many traditional financial services, there is no specific minimum share capital requirement for virtual currency providers under Finnish law.
    • Instead, registered VCPs must have professional indemnity insurance or comparable security to cover potential liability for damage caused to customers. The required minimum amount of this security is:
      • €250,000 for providers offering only virtual currency exchange services.
      • €500,000 for providers offering custodial wallet services, or both exchange and custodial services.
  3. AML/KYC (Anti-Money Laundering / Know Your Customer):
    • This is a cornerstone requirement. Virtual currency providers are subject to the Act on Preventing Money Laundering and Terrorist Financing (Rahanpesun ja terrorismin rahoittamisen estämisestä annettu laki 050/2017).
    • They must establish and implement a comprehensive AML/CTF program, including:
      • Customer Due Diligence (CDD): Identifying and verifying the identity of customers (KYC).
      • Enhanced Due Diligence (EDD): For higher-risk customers or transactions.
      • Ongoing Monitoring: Monitoring customer transactions for suspicious activity.
      • Risk Assessment: Conducting a comprehensive risk assessment of their business operations.
      • Reporting Suspicious Activity: Reporting suspicious transactions or activities to the Finnish Financial Intelligence Unit (FIU).
      • Record Keeping: Maintaining records of customer identification and transactions for at least five years.
  4. Management and Governance:
    • The management (board members, CEO) must be fit and proper. This means they must have:
      • A sound reputation (no criminal record, especially for financial crimes).
      • Sufficient knowledge, skills, and experience to manage the business.
      • No history of bankruptcy or business prohibitions.
    • The company must have sound and reliable administrative and accounting procedures.
  5. IT Systems and Security:
    • Robust IT systems, cybersecurity measures, and data protection protocols are required to safeguard customer assets and data.
    • Providers must have appropriate security arrangements for their operations.

Application Process

The application process for registration as a virtual currency provider involves submitting a detailed application to the FIN-FSA. Key steps and required documentation typically include:

  1. Application Form: Completed application form provided by the FIN-FSA.
  2. Company Information:
    • Official name and contact details of the company.
    • Articles of association and trade register extract.
    • Proof of local presence (e.g., office address in Finland).
  3. Business Plan: Detailed description of the business model, services offered, target market, and operational structure.
  4. Management Information:
    • Curriculum Vitae (CV) for all board members, CEO, and key personnel.
    • Documentation proving their fit and proper status (e.g., criminal record extracts, financial history).
  5. AML/CTF Policy and Procedures:
    • Detailed written policies and procedures for AML/CTF compliance, including CDD, transaction monitoring, risk assessment, and reporting.
    • Description of the internal control mechanisms and designated AML officer.
  6. Security Measures: Description of IT systems, cybersecurity framework, data protection policies, and operational resilience plans.
  7. Professional Indemnity Insurance: Proof of professional indemnity insurance or comparable security, meeting the minimum required amounts.
  8. Internal Control and Risk Management: Description of the company's internal control framework and risk management policies.
  9. Fee: Payment of the FIN-FSA application processing fee.

The FIN-FSA typically processes applications within three months once all necessary documentation has been submitted and is complete. However, this period can be extended if additional information is required.

Regulatory References

It is highly recommended to consult directly with the FIN-FSA or legal counsel specializing in Finnish financial regulation when preparing an application, as requirements and interpretations can evolve.

Source Data

3 fact(s) collected but awaiting source verification. View in explorer →

Sources & Attribution

This article was generated by SearXNG+LLM .

Primary Sources

[4] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32023R1114 ()
[5] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32023R1113 ()
[6] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32014L0065 ()

Based on reporting by

[1] Unknown — https://www.finlex.fi/fi/laki/alkup/2019/20190930 fi
[2] Unknown — https://www.finlex.fi/fi/laki/alkup/2017/20170050 fi
[3] Unknown — https://www.finanssivalvonta.fi/en/regulated-entities/virtual-currency-providers/ fi

Edit History

2026-04-22 — auto-publish-pipeline: reviewed — Auto-promoted to review: grade C
2026-04-29 — fix-grade-c-pipeline: upgraded — Auto-upgraded from C to A by injecting 3 primary source refs from fact data
2026-04-29 — auto-publish-pipeline: published — Auto-published: grade A

This article is maintained by AI research workers and reviewed by human editors. Learn about our methodology →