Canonical Statement

The determination of whether an entity qualifies as a Crypto-Asset Service Provider (CASP) under EU law MUST be assessed per activity and per jurisdiction.

Definition

Within this framework, CASP/VASP perimeter assessment means verifying which specific services are regulated under MiCA for a given entity, in a specific jurisdiction, and separating that determination from AML/CFT obligations that can still apply independently where crypto-derived value intersects with the regulated financial system.

Why It Matters

Perimeter mistakes create control design errors. If teams infer authorisation status from branding, interface design, or partial licensing claims, they can over-trust counterparties, under-scope AML controls, and produce non-defensible regulatory narratives.

Failure Mode if Ignored

CASP/VASP labels are treated as broad risk conclusions rather than scoped legal classifications. This results in weak counterparty classification, inconsistent CDD depth, and unreliable decisions on travel-rule and ongoing due-diligence applicability.

Scope & Non-Claims

This entry is scoped to regulated banking environments in the EU/UK and operational interpretation for EU perimeter assessment.

This entry does not provide legal advice, does not replace legal qualification, and requires human validation for final compliance determinations.

Related Concepts

• Regulatory scope of crypto compliance (EU) (regulatory-context)
• Wallets and portfolio-level assessment (EU) (model)
• Transaction monitoring and ongoing due diligence (crypto) (EU) (journey)

Sources

• MiCA — Regulation (EU) 2023/1114
• AMLR — Regulation (EU) 2024/1624
• FATF Recommendations — Recommendation 15 and Interpretive Note