← Regulations / Latvia / custody
Grade A AI-Researched

Latvia -- Custody Regulations Regulatory Overview

Published: 2026-04-22 Updated: 2026-04-22 Author: SearXNG+LLM Version 1 Sources cited in: English (3)

Methodology

AI-generated synthesis from web search results.

Limitations

  • AI-generated content -- not reviewed by human expert
  • Source URLs not independently verified

Latvia, as a member of the European Union, primarily adheres to EU-level regulations concerning digital assets, particularly regarding Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF). The upcoming Markets in Crypto-Assets Regulation (MiCA) will significantly reshape the custody landscape.

Currently, the regulation of virtual asset service providers (VASPs), including those offering custodial services, is primarily driven by AML/CTF directives. The Financial Intelligence Unit (FID) of Latvia is the primary authority for registering and supervising VASPs from an AML perspective.

With the advent of MiCA, which will be phased in from June 2024 and fully applicable by December 2024, the regulatory framework for crypto custody will become much more comprehensive and harmonized across the EU, including in Latvia. The Bank of Latvia (Latvijas Banka), which absorbed the Financial and Capital Market Commission (FCMC) in 2023, will be the competent authority for licensing and supervising Crypto-Asset Service Providers (CASPs) under MiCA.

Current Regulatory Framework (Primarily AML/CTF Focused)

Before MiCA's full applicability, the main regulations governing crypto custody in Latvia stem from the implementation of the EU's 5th Anti-Money Laundering Directive (AMLD5) and national AML/CTF laws.

1. Custodial License Requirements (Registration for AML Purposes)

  • Requirement: Entities providing services of custodial wallet providers (which includes safekeeping or administration of virtual assets or instruments enabling control over virtual assets on behalf of clients) are considered Virtual Asset Service Providers (VASPs). They are required to register with the Latvian Financial Intelligence Unit (FID).
  • Process: The registration involves demonstrating compliance with AML/CTF requirements, including:
    • Developing and implementing robust internal control systems.
    • Appointing a responsible person for AML/CTF compliance.
    • Conducting customer due diligence (CDD) and ongoing monitoring.
    • Reporting suspicious transactions.
    • Ensuring the fitness and propriety of management and beneficial owners.
  • Regulatory Reference:

2. Segregation of Client Assets Rules

  • Current Status: Under the current AML framework, there are no explicit, specific rules mandating the segregation of client crypto assets for non-bank VASPs. However, general good practice, risk management principles, and the expectation of investor protection inherent in financial services would strongly suggest that reputable custodians segregate client assets from their own operational funds. For traditional financial institutions providing crypto services, existing segregation rules for client funds/assets would generally apply.

3. Insurance/Bonding Requirements

  • Current Status: There are no explicit insurance or bonding requirements specifically for custodial VASPs under the current AML registration regime in Latvia. However, the FID expects VASPs to have robust internal controls and risk management procedures, which may indirectly lead to considering insurance as a best practice for operational risks.

4. Cold Storage Mandates

  • Current Status: There are no specific legislative mandates for the exclusive use of cold storage for virtual assets in Latvia. However, robust security measures for the safekeeping of client assets are expected. Industry best practices widely adopt multi-signature wallets, cold storage, and hardware security modules (HSMs) to mitigate theft and unauthorized access risks. Regulators expect VASPs to implement state-of-the-art cybersecurity measures.

5. Qualified Custodian Definitions

  • Current Status: The Latvian AML law refers to "custodial wallet providers" as a type of VASP requiring registration. There isn't a specific definition of a "qualified custodian" that goes beyond meeting the VASP registration requirements and AML/CTF obligations.

Upcoming Regulatory Framework (MiCA - Markets in Crypto-Assets Regulation)

The EU's MiCA Regulation (Regulation (EU) 2023/1114) will directly apply across all EU member states, including Latvia. It introduces a comprehensive licensing regime for Crypto-Asset Service Providers (CASPs), including those providing custody services.

  • Applicability Dates:
    • Titles III (Asset-referenced tokens) and IV (E-money tokens) apply from 30 June 2024.
    • The remaining provisions, including those for custody of other crypto-assets, apply from 30 December 2024.

1. Custodial License Requirements (Authorization under MiCA)

  • Requirement: Under MiCA, providing "custody and administration of crypto-assets on behalf of clients" will require a full authorization (license) from the competent authority in the home Member State – in Latvia, this will be the Bank of Latvia (Latvijas Banka).
  • Authorization Process: CASPs will need to meet stringent requirements, including:
    • Specific organizational requirements (e.g., robust governance arrangements, internal control mechanisms).
    • Prudential safeguards (capital requirements).
    • Specific rules on the safekeeping of client crypto-assets.
    • Detailed information technology and security arrangements.
    • Suitability of management and shareholders.
  • Regulatory Reference:

2. Segregation of Client Assets Rules (MiCA Article 67)

  • Mandate: MiCA explicitly mandates strict segregation of client crypto-assets.
    • CASPs providing custody services must hold crypto-assets belonging to their clients separately from their own assets.
    • They must also hold crypto-assets on behalf of clients in separate wallets or accounts from crypto-assets held on behalf of other clients (unless explicit consent for omnibus accounts is obtained and specific conditions are met).
    • Client crypto-assets are not part of the CASP's insolvency estate.
  • Regulatory Reference: MiCA, Article 67 (Protection of clients' crypto-assets).

3. Insurance/Bonding Requirements (MiCA Article 68)

  • Prudential Safeguards: MiCA requires CASPs to have prudential safeguards, which can be in the form of:
    • Own funds.
    • An insurance policy.
    • A combination of own funds and an insurance policy.
  • The amount of these safeguards is determined by the specific services offered and the volume of assets under custody, calculated as the higher of a fixed minimum amount or a percentage of the average of the previous year's fixed overheads.
  • Liability: MiCA also makes CASPs liable to their clients for any loss of client crypto-assets due to the CASP's failure or misconduct, explicitly strengthening the need for robust safeguards and potential insurance.
  • Regulatory Reference: MiCA, Article 68 (Liability of CASPs for crypto-assets and funds of clients) and Article 67 (Protection of clients' crypto-assets).

4. Cold Storage Mandates (Indirectly via MiCA Security Requirements)

  • Security Standards: While MiCA does not explicitly mandate "cold storage," it requires CASPs to:
    • Develop and maintain robust IT systems and security protocols.
    • Use the best available security standards to protect the private keys and crypto-assets.
    • Have a sound business continuity plan.
  • These requirements implicitly necessitate advanced security measures, making cold storage a common and expected best practice for a significant portion of assets under custody.
  • Regulatory Reference: MiCA, Article 67 (Protection of clients' crypto-assets) and Article 69 (Organisational requirements for CASPs).

5. Qualified Custodian Definitions (Under MiCA)

  • Definition: Under MiCA, an entity authorized to provide "custody and administration of crypto-assets on behalf of clients" becomes a "qualified custodian" by virtue of obtaining the MiCA authorization. This authorization confirms that the entity meets all the stringent requirements set out in the regulation regarding capital, governance, IT security, segregation, and other operational rules.
  • Regulatory Reference: MiCA, Article 3(1)(10) (definition of 'custody and administration of crypto-assets on behalf of clients') and Title V (Authorisation and operating conditions for CASPs).

Pending Custody Legislation

The primary "pending custody legislation" is the full implementation and application of the Markets in Crypto-Assets Regulation (MiCA). Latvia will directly apply MiCA as an EU regulation, meaning there won't be separate national legislation transposing it. However, the Bank of Latvia will issue specific guidelines, supervisory expectations, and application procedures for entities seeking MiCA authorization in Latvia.

The Bank of Latvia is actively preparing for MiCA's implementation, and prospective CASPs should monitor their official communications for detailed national guidance.

In summary, Latvia is transitioning from an AML-centric registration framework for crypto custody to a comprehensive licensing and supervision regime under MiCA, which will introduce much stricter requirements for segregation, prudential safeguards, and operational security for crypto-asset custodians.

Sources & Attribution

This article was generated by SearXNG+LLM .

Primary Sources

[1] https://www.fid.gov.lv/en/reporting-entities/providers-of-virtual-asset-services/ (government-public)
[2] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32023R1114 (government-public)

Based on reporting by

[3] Unknown — https://www.bank.lv/en/

Edit History

2026-04-22 — auto-publish-pipeline: published — Auto-published: grade A

This article is maintained by AI research workers and reviewed by human editors. Learn about our methodology →