Denmark Finanstilsynet CASP Authorisation 2026 — Practitioner Guide

Copenhagen as a MiCA jurisdiction

Denmark sits in the same Nordic supervisor tier as Finland and Sweden — banking-grade rigour, mature financial-services ecosystem, English-friendly operational environment, and a real but manageable substance bar. Copenhagen is the right answer for a narrow segment of CASP applicants and the wrong answer for many.

The right segment: operators with genuine Danish or pan-Nordic market positioning, a real compliance budget, and a need for a reputational signal stronger than CEE budget tier. Danish-licensed CASPs benefit from Finanstilsynet’s banking-grade signal, ready access to Nordic correspondent banking through Danske Bank, Nordea Denmark, Jyske Bank, and Sydbank, and a mature professional-services ecosystem in Copenhagen.

The wrong segment: cost-led operators looking for the cheapest Nordic option, founders without senior compliance hires already in place, and operators planning to run a skeletal Copenhagen presence with all real activity elsewhere. Finanstilsynet does not pass that profile.

The trade-off is similar to Finland. First-year substance investment in the EUR 250-450k range, Danish-language formal filings, banking-grade governance expectations, and a five-to-seven-month review window for files that arrive in good shape.

The Finanstilsynet supervisory model

Denmark operates an integrated supervisory model for CASPs. Finanstilsynet is the single competent authority for authorisation, prudential supervision, conduct supervision, and AML/CFT. The model parallels Finland and Ireland and contrasts with split-supervisor arrangements seen in some EU member states.

The operational characteristics of integrated supervision:

One case team across all dimensions. Applicants engage with a single Finanstilsynet team that handles prudential, conduct, AML, and governance review jointly. Information requests come from one source rather than competing supervisor angles.

AML and prudential reasoning is linked. AML findings inform broader supervisory dialogue and vice versa. A weak AML framework triggers prudential-side governance concerns and a weak governance framework triggers AML-side reservations. The two cannot be solved separately.

Banking-grade governance discipline. Finanstilsynet applies the supervisory standards it uses for Danish banks and investment firms to CASP applicants. Board composition, role independence, risk-management governance, and internal-control architecture are tested at depth.

For operators with mature compliance infrastructure, the integrated model produces an efficient supervisory dialogue. For operators with skeletal arrangements, the integrated model surfaces gaps faster than a fragmented framework would.

No pre-MiCA crypto register

Denmark did not establish a dedicated pre-MiCA crypto-asset register. Crypto-asset firms operating in or into Denmark fell under 5AMLD AML obligations and engaged with Finanstilsynet on a case-by-case basis. There was no formal Danish equivalent of the Estonian MTR register or the Finnish virtual-currency-provider register.

The lack of a pre-MiCA register has two practical consequences:

First, there is no legacy population of registered Danish crypto operators to migrate. The post-MiCA Danish CASP population is being built from new applications rather than register migration. This keeps the population small — early 2026 Danish CASP authorisations are in single digits.

Second, Finanstilsynet has limited pre-MiCA case base on Danish CASP-style applicants. The supervisor’s working frame of reference is Danish bank and investment-firm files. CASP applicants are tested against that frame. Applicants who frame their files in banking-style governance and risk-management vocabulary find easier supervisory dialogue than applicants who file in pure crypto-native style.

Language and translation realities

Danish is the official language for Finanstilsynet formal applications. English working translations are accepted for review purposes and many Finanstilsynet staff are English-proficient, but the formal documents must be Danish. The translation overhead is real.

Documents requiring certified Danish translation for a full CASP file:

• Articles of association of the Danish operating entity
• Application form and supporting attestations
• Internal policies covering governance, risk management, AML, and conduct
• Business plan and financial projections
• AML manual and customer due-diligence procedures
• ICT risk management framework documentation under DORA
• Key personnel CVs and fit-and-proper supporting documentation

Translation cost for a mid-tier Danish CASP file runs EUR 12,000-25,000. Translation timeline runs 4-6 weeks for full-volume work. Plan certified translation engagement in parallel with file drafting rather than as a final stage — last-minute translation is the most common cause of filing delay in our Danish file base.

Some applicants choose to draft the business plan in Danish and English in parallel rather than translate from English at the end. The parallel approach costs more but produces tighter Danish-language final documents and a cleaner Finanstilsynet review.

Substance expectations

Finanstilsynet applies Nordic banking-grade substance expectations to CASP applicants. Specific requirements:

Senior management presence. CEO, MLRO, and other key-person roles need Danish residence or documented working presence in Copenhagen at material time-share. Pure non-resident arrangements with monthly visits face refusal. Finanstilsynet looks for Danish-resident senior compliance hires.

Functional substance in Denmark. Real Danish AML team, compliance team, and risk-management headcount. Outsourcing is permitted under MiCA Article 73 but Finanstilsynet expects genuine Danish oversight of outsourced functions and a credible internal team to manage the outsourcing relationship.

Operational infrastructure. Copenhagen office (not a corporate-services-provider address), Danish corporate registration through Erhvervsstyrelsen, Danish employment contracts for headcount, and Danish banking arrangements through one of the four major Danish banks.

Board governance. Board with appropriate independence, dedicated risk and audit committees for larger operators, documented governance policies aligned with Danish corporate governance practice.

First-year substance investment runs EUR 250-450k for a mid-tier CASP. Ongoing substance runs EUR 200-350k per year. The cost tier sits with Finland, Ireland, and the Netherlands — meaningfully above CEE budget jurisdictions, meaningfully below German BaFin engagement.

DORA expectations on day one

DORA Regulation (EU) 2022/2554 applies to CASPs from 17 January 2025. Finanstilsynet expects DORA-ready ICT frameworks as a baseline condition of CASP authorisation, not as a post-grant build. Files that arrive without working DORA documentation face material information-request loops.

Specific Finanstilsynet DORA expectations:

ICT risk management framework. Identification, assessment, treatment, and monitoring of ICT risks. Board-level governance of ICT risk with documented policies and procedures.

ICT third-party risk register. Complete register of all ICT third-party providers. Contractual provisions ensuring DORA flow-through. Identification of critical third parties under the DORA Article 28 criteria.

ICT incident reporting infrastructure. Categorisation framework aligned with the DORA RTS on incident classification. Reporting workflows to Finanstilsynet within the 4-hour initial / 72-hour intermediate / 1-month final deadlines.

Digital operational resilience testing programme. Annual testing including threat-led penetration testing for operators above the relevant thresholds. Test results documented and available to Finanstilsynet on request.

Operators that file the CASP application with DORA documentation already in place avoid the most common Danish file delay. Operators that treat DORA as a post-grant project face supervisory dialogue running for additional months.

Banking access in Denmark

Banking access for Danish-licensed CASPs is materially better than for CASPs licensed in smaller EU jurisdictions but is not automatic. The Danish banking market is concentrated — Danske Bank, Nordea Denmark, Jyske Bank, and Sydbank dominate. Each maintains its own crypto-policy framework and risk appetite.

Practical Danish banking patterns:

Danske Bank. Selective on crypto-related accounts. Engages with licensed CASPs but applies extended due diligence. Typical onboarding runs 3-6 months for a licensed CASP. Accounts are operational once granted but with active monitoring.

Nordea Denmark. Broadly comparable approach to Danske Bank. Slightly more open to mid-sized CASPs with credible governance. Account onboarding runs 2-5 months.

Jyske and Sydbank. More conservative profile. Some onboarding of smaller CASPs is possible but extended scrutiny is the norm. Useful as backup banking rather than primary.

Nordic correspondent network. Danish-bank accounts integrate well with the broader Nordic correspondent banking network. For operators with Nordic-region payments flow, Danish banking provides operational efficiency the more isolated CEE-bank arrangements cannot match.

A Danish-licensed CASP can typically secure primary Danish banking within 4-8 months of authorisation. The lag is real and should be budgeted in the operational launch plan.

How Denmark compares to other Nordic options

Denmark, Finland, and Sweden form the Nordic-Tier MiCA cohort — banking-grade supervisors, mature ecosystems, real substance bar, English-friendly operational reality, Danish/Finnish/Swedish formal-document requirements. Choosing among them comes down to market positioning and operational fit rather than procedural advantage.

Denmark vs Finland. Similar supervisory rigour. Similar substance and cost profile. Denmark has slightly stronger Nordic correspondent-banking integration through Danske Bank; Finland has slightly higher applicant volume and a more developed pre-MiCA case base. Choose Denmark for Danish-market positioning, Finland for Helsinki-based operations.

Denmark vs Sweden. Similar supervisor tier. Sweden has higher applicant volume and a more developed crypto-firm ecosystem in Stockholm. Denmark has lower applicant volume and slightly tighter substance expectations. Choose by market positioning rather than by procedural advantage.

Denmark vs Norway. Norway is EEA not EU — Norwegian licensing produces EEA scope but does not automatically passport into the EU single market. For operators needing EU passport, Denmark is the right Nordic answer. Norway is the right answer only for operators with primary Norwegian focus or EEA-broader strategy.

Denmark vs Estonia. Different tiers. Estonia is budget Nordic-adjacent with materially lower substance bar; Denmark is full Nordic-tier with banking-grade expectations. Operators choosing between them should be choosing by strategy, not by cost — a Danish licence and an Estonian licence are different products for different customer bases.

Practical takeaways

Denmark is a credible MiCA jurisdiction for operators with genuine Nordic-market positioning and a real compliance budget. It is not the right answer for cost-led operators or for operators looking for a light-touch supervisor. The Nordic-tier substance bar is real. The Danish-translation overhead is real. The Finanstilsynet review intensity is real.

For operators that fit the profile, the trade-off is favourable — banking-grade reputational signal, Nordic correspondent-banking access, English-friendly operational reality, and a clear five-to-seven-month path to authorisation for files in good shape. For operators that do not fit, Estonia, Lithuania, or Latvia produce better cost economics and Finland or Sweden produce comparable Nordic positioning with marginally different operational fit.

For corrections, updates, or counsel referrals on Danish CASP authorisation, email [email protected].