Italy -- Custody Regulations Regulatory Overview

Italy's cryptocurrency custody regulations are governed by the MiCAR framework (Markets in Crypto-Assets Regulation), implemented through Legislative Decree No. 129/2024 and amended by Legislative Decree 95/2025, which establishes comprehensive requirements for custodial service providers.

Custodial License Requirements

Cryptocurrency custodians operating in Italy must obtain CASP (Crypto-Asset Service Provider) authorization from national authorities[1]. The custodian authorization covers "custody and administration of crypto-assets" as a distinct service requiring separate authorization[4].

Initially, existing Virtual Asset Service Providers (VASPs) registered as of December 27, 2024 had until December 30, 2025 to transition to full CASP compliance[7]. However, a key extension through Decree-Law No. 95/2025 extended this deadline: VASPs have until July 1, 2026 to obtain formal CASP authorization under the new European rules[4]. Authorization is granted by either Consob (Commissione Nazionale per le Società e la Borsa) for most crypto-assets or the Bank of Italy (Banca d'Italia) for asset-referenced tokens and e-money tokens[1].

Asset Segregation Rules

Italy's regulatory framework mandates strict segregation of customer crypto-assets and funds. Under MiCAR, crypto-assets and funds held by CASPs while performing custodial services must be segregated by law from:

• All other assets of the CASP itself
• The assets of any other CASP customer[7]

This legal segregation requirement aims to protect customer assets in case of custodian insolvency.

Insurance and Bonding Requirements

The search results do not provide specific information about mandatory insurance or bonding requirements for custodians in Italy under the MiCAR framework. This represents a potential gap in the available regulatory guidance.

Cold Storage Mandates

The search results do not contain specific requirements regarding cold storage or particular custody technology standards for Italian custodians under MiCAR regulations.

Qualified Custodian Definitions

The regulations do not provide explicit "qualified custodian" definitions in the search results. However, custodians must meet stringent requirements for authorization, including asset segregation compliance and adherence to consumer protection standards set by Consob and the Bank of Italy[1].

Enforcement and Penalties

Custodians operating without proper authorization or breaching custody rules face significant penalties[4]:

• Fines up to €5 million or 3% of annual turnover for companies
• Up to €700,000 for individuals
• Suspension or revocation of business authorization[4]

Pending Custody Legislation

The MiCAR Regulation became fully operational on June 1, 2025, with the Italian implementation deadline for existing VASPs extended to July 1, 2026 under Decree-Law No. 95/2025[4]. No additional pending custody-specific legislation is mentioned in the available search results beyond this extension.

Note: The search results do not provide direct URLs to the specific Italian legislative decrees or regulatory guidance documents on custody requirements. For detailed custodial rules and application procedures, you would need to consult the official websites of Consob or the Bank of Italy directly, or review the full text of Legislative Decree No. 129/2024 and Legislative Decree 95/2025.