Greece · HCMC · CASP authorisation
Greece HCMC CASP Authorisation 2026 — Practitioner Guide
Greece is one of the quieter EU CASP jurisdictions — the HCMC has been deliberate in its MiCA implementation, the volume of applications has been modest, and the supervisor has time to engage closely with applicants. For CASPs that want a smaller-jurisdiction file with a serious-but-accessible regulator, Greece is an option worth modelling. The Greek-language requirement and limited bank-access for crypto businesses remain the principal frictions.
Greece's CASP authorisation is the licence granted by the Hellenic Capital Market Commission (HCMC) under MiCA Regulation (EU) 2023/1114 Articles 59 and 63, transposed into Greek law by Law 5193/2025, to crypto-asset service providers established in Greece or providing services into Greek clients on a non-passport basis.
Quick facts
| Parameter | Value |
|---|---|
| Competent authority | Hellenic Capital Market Commission (Επιτροπή Κεφαλαιαγοράς, HCMC), Athens |
| Legal basis | MiCA Regulation (EU) 2023/1114 + Law 5193/2025 |
| AML supervisor | Bank of Greece — AML supervision via the existing financial-institutions AML framework |
| FIU | Anti-Money Laundering Authority of Greece |
| Transitional regime | Greece did not maintain a pre-MiCA crypto-asset register, so no transitional grandfathering applied — all CASPs file fresh applications under MiCA |
| Statutory clock | Five months from complete file to decision under MiCA Article 63 |
| Languages accepted | Greek required for the formal application; English working translations accepted for supporting documentation |
| Capital floor | EUR 50,000 / 125,000 / 150,000 depending on Class 1 / 2 / 3 service set under MiCA Annex IV |
A smaller EU jurisdiction with a serious regulator
Greece is not a high-volume EU CASP jurisdiction in 2026. The HCMC has been deliberate in its MiCA implementation, the application pipeline is modest, and the regulator has time to engage closely with applicants. For CASPs that want a smaller-jurisdiction file with a serious-but-accessible regulator, Greece offers a different profile than Lithuania or Cyprus — fewer applications competing for supervisory attention, more direct dialogue with the assigned case team, and a slower-but-thorough process.
The HCMC is the national competent authority. It supervises the Greek securities market, Greek investment firms, and now Greek-authorised CASPs. The AML supervisor is the Bank of Greece, which extends its existing financial-institutions AML framework to CASPs. The supervisory map is two-headed but coordinated — the HCMC and the Bank of Greece have a long working relationship on Greek financial institutions and that relationship carries through to MiCA implementation.
Greece did not operate a pre-MiCA crypto-asset register. The country’s 5AMLD transposition did not establish a substantive register for crypto-asset service providers — only an AML obligation through the general anti-money-laundering rulebook. The consequence is that there is no transitional regime: every CASP files a fresh MiCA application.
What the HCMC looks for
Observed application patterns and HCMC public communications point to a familiar set of substantive expectations:
Local substance. Registered office in Greece, at least one senior manager resident in Greece, a Greek-speaking compliance contact. The HCMC is not unique in this — every EU NCA expects substance — but the Greek market is small enough that the regulator notices when an applicant has thin local presence.
Governance fit for size. A management body sized for the planned operating model, with clear segregation of duties. Independent compliance and internal audit functions for larger files. Documented fit-and-proper assessments for the senior management.
AML programme aligned with Bank of Greece expectations. The Bank of Greece applies its financial-institution AML framework — substantive customer due diligence, transaction monitoring, sanctions screening, MLRO with formal authority. Programmes designed against the 5AMLD baseline without considering BoG’s overlay tend to face supervisory questions.
Consumer protection in Greek. Client-facing materials in Greek for Greek-targeted services. Compliance with the General Secretariat for Consumer Protection’s guidance on crypto-asset marketing. Pre-contractual information including risks disclosed in Greek.
ICT and operational resilience. Documented framework consistent with DORA expectations. Business continuity tested. Cyber controls demonstrably effective.
The five-month clock in Greek practice
The HCMC’s statutory clock under MiCA Article 63 starts when the application file is deemed complete. Pre-screen typically takes three to five weeks. The HCMC’s pre-screen is rigorous — incomplete files come back with detailed information requests and the pre-screen restarts on each round.
Once the clock starts, the HCMC tends to use most of the statutory period. The case team engages with the applicant through structured information requests and follow-up meetings. The supervisory dialogue is professional and engaged — applicants report that the HCMC asks substantive questions rather than process-driven ones.
A realistic end-to-end timeline:
- Pre-filing preparation including Greek translation: 8-12 weeks
- Pre-screen and completeness cycle: 4-8 weeks
- Active clock period: 16-22 weeks
- Decision and onboarding: 2-4 weeks
Six to nine months is a working assumption. Smaller and simpler files complete faster; Class 3 trading-platform files use the full statutory period.
Banking access and the practical operating constraint
The principal operational friction for a Greek-authorised CASP is bank access. Greek tier-1 banks — Piraeus, Alpha Bank, Eurobank, NBG — remain cautious about banking crypto-asset businesses. Account opening can be a six-to-twelve-month workstream and may not succeed at all with the first-choice bank. CASPs that have launched in Greece since MiCA application have typically used:
- A non-Greek correspondent banking relationship for operating cash flow, with a Greek bank account for regulatory deposits and minimum-substance purposes
- Specialist crypto-friendly EU banks (Bank Frick, several Maltese and Liechtenstein institutions) for primary operating accounts
- EMI-based payment infrastructure where banking is not available
Plan the banking workstream in parallel with the authorisation workstream. Discovering at month five of a nine-month application that the planned bank will not open the account is a frustrating outcome.
When Greece is the right home supervisor
Greece works well for CASPs with a Greek or wider Eastern Mediterranean customer base, for businesses that want a serious markets regulator without the pipeline congestion of larger EU jurisdictions, and for groups that have Greek-language operational capacity already (often Greek-diaspora-founded businesses). It also works for CASPs that prioritise supervisor accessibility — the HCMC’s small case-team structure makes direct dialogue feasible in a way that larger NCAs struggle with.
Greece is a poor fit if the goal is the lowest-friction EU authorisation. The Greek-language requirement is real, the Bank of Greece AML overlay is substantive, and the banking workstream adds material risk. CASPs prioritising speed and minimum compliance overhead typically look to Lithuania or Estonia instead.
For a buyer triaging EU CASP options: Greece sits in the lower-volume tier alongside Slovenia, Slovakia, and Latvia. The compliance bar is comparable to the higher-volume jurisdictions; what differs is the application pipeline length and the depth of supervisor dialogue.
Pitfalls and nuances
1 Underestimating the Greek-language file requirement
The HCMC application form, articles of association, internal policies, AML manual, ICT risk-management framework, and consumer-protection documentation must all be filed in Greek. The Greek certified-translation market is small and lead times for substantial files can exceed six weeks. Build the translation workflow into the pre-filing timeline.
2 Treating Bank of Greece AML as a formality
The Bank of Greece applies the financial-institution AML rulebook to CASPs — the same framework it applies to banks. That includes formal MLRO appointment, BoG dialogue on the AML programme before authorisation, and ongoing supervisory reporting. The AML workstream is substantive even where the HCMC's substantive licensing review is the headline.
3 Assuming Greek bank access for crypto businesses is easy
Greek tier-1 banks remain cautious about banking crypto-asset businesses. Account opening for a CASP can be a six-to-twelve-month workstream and may require a non-Greek correspondent banking relationship to bridge the operating cash flow. Plan banking in parallel with authorisation, not after.
4 Overlooking the Greek consumer-protection overlay
Greek consumer law applies on top of MiCA's Article 66 conduct framework. The HCMC and the General Secretariat for Consumer Protection have published guidance on crypto-asset marketing aimed at Greek consumers. Localised marketing without Greek-language compliance disclosures and pre-contractual information attracts both regulatory and consumer-protection enforcement risk.
Frequently asked questions
Who supervises CASP authorisation in Greece?
The Hellenic Capital Market Commission (HCMC) is the national competent authority for CASP authorisation, prudential supervision, and conduct supervision under MiCA. The Bank of Greece is the AML supervisor.
Did Greece have a pre-MiCA crypto register?
No. Unlike Spain, Portugal, or several other EU member states, Greece did not establish a pre-MiCA crypto-asset service-provider register under 5AMLD. New CASPs file directly under MiCA without any transitional grandfathering.
Is Greece a fast jurisdiction for CASP authorisation?
Greece is medium-speed — typically six to nine months end-to-end for a clean first-time file. The HCMC engages closely with applicants but the application pipeline is small and pre-screen tends to be thorough.
Can a CASP authorised in Cyprus passport into Greece?
Yes. A CySEC-authorised CASP uses the MiCA Article 65 passport notification to serve Greek clients. The Bank of Greece engages on AML supervisory matters for activity in Greece.
Get matched
Working through a crypto-licensing decision?
Get an editorial shortlist of firms matched to your business — customer market, model, jurisdiction, and stage. Free, and not influenced by sponsorship.
Get a firm shortlist →Sources cited
- Regulation (EU) 2023/1114 (MiCA) — regulation
- Hellenic Capital Market Commission — MiCA — regulator
- Law 5193/2025 — MiCA transposition (Government Gazette) — official document
- Bank of Greece — financial institutions AML supervision — regulator