Crypto payment services

Crypto projects are increasingly integrating gateways with fiat currencies such as the purchase or sale of crypto-assets, the provision of euro denominated accounts, the acquiring of funds on behalf of third parties, and the offer of services related to stablecoins. These operations raise major regulatory challenges, often linked to the legal framework for payment services or electronic money.

The boundary between crypto-asset services provided by a crypto-asset service provider (CASP) and regulated payment services (PSPs) is not always clear and requires a precise analysis of substance. Incorrectly classified activities are exposed to risks of administrative penalties, loss of access to banking services, or restrictive measures from authorities. ORWL supports crypto market participants in the classification, structuring, and securing of their activities involving fiat currency flows.

ORWL’s expertise in payment services for crypto projects

ORWL is a law firm specialising in supporting crypto-asset services. Our teams combine recognised expertise in financial law, payment services law, and the regulation of CASPs. We regularly act for projects that combine crypto-assets and fiat currency flows, where the scope of their regulated activity must be determined with precision.

Our strength lies in an integrated approach that combines legal analysis with a technical understanding of operational flows and ongoing dialogue with regulators. We have advised numerous CASPs, fintechs, and Web3 projects on the classification of their activities, including high stakes matters. This experience enables us to provide practical solutions at every stage of development and regulatory compliance.

What is the legal framework for crypto payment services?

Operations involving fiat currency in a crypto project must be analysed in light of several regulations, including the MiCA Regulation for crypto-asset services, the PSD2 Directive for payment services, the EMD Directive for stablecoin flows, and the French Monetary and Financial Code.

The purchase or sale of digital assets for fiat and the execution of orders are governed by MiCA. These fall under the category of crypto-asset services and do not, as such, require payment institution status, unless they fall within the scope of acquiring transactions on behalf of third parties.

By contrast, the provision of a euro balance, comparable to a payment account, or payment instruments such as bank cards or IBANs, are likely to fall within the scope of payment services. These operations require, with few exceptions, authorisation as a payment institution, electronic money institution, or agent or distributor status.

The AMF and the ACPR both have jurisdiction over these matters. CASP status does not, on its own, allow for the provision of payment services within the meaning of European regulation. Case law and the positions of the ACPR confirm this separation, which includes specific obligations regarding anti-money laundering, the segregation of funds, and client disclosure. A detailed analysis of crypto and fiat flows is therefore essential to structure a compliant project.

Our step-by-step support

Fiat and crypto flow mapping

We analyse the legal nature of the flows handled by the project, including the acquisition or sale of digital assets, execution of orders, payment acquisition, the provision of a payment account or payment instruments, and the use of third parties.

Regulatory classification

Each component of your solution is classified according to the relevant categories, such as CASP or stablecoins under MiCA, payment services under PSD2, and electronic money or account maintenance under the French Monetary and Financial Code.

Regulatory structuring

We define the most appropriate strategy, whether that involves obtaining a formal authorisation, establishing a partnership with a payment institution, or adapting terms and conditions and contractual flows.

Operational compliance

We assist you in obtaining authorisation or agent status, drafting procedures and policies, managing contracts, setting up AML/CFT systems, coordinating with KYC and AML providers, and designing flow architecture.

Legal securization

We provide support in your discussions with regulators such as the AMF and ACPR, as well as with your banking partners, PSPs, or technical service providers.

Case studies

CASP offering a euro balance to its users

Context

A provider authorised for the custody and administration of crypto assets sought to allow its clients to hold a fiat balance in euros on its platform.

Legal challenge

The firm had to determine whether holding fiat funds constitutes the management of a payment account under the PSD2 framework or remains strictly incidental to the exchange of crypto assets for funds.

Our solution

We conducted a detailed analysis of substance to differentiate between the safekeeping of crypto assets and the provision of regulated payment services. Our team structured a strategic partnership with an authorised payment institution, enabling the client to obtain agent status.

Outcome

The project was successfully secured and the model was validated by the ACPR, ensuring full compliance with both the MiCA and the French Monetary and Financial Code

Crypto fintech providing acquiring services for third party sellers

Context

A fintech project developed a gateway allowing merchants to receive payments in either crypto assets or fiat currencies from their customers.

Legal challenge

The hybrid nature of the solution involved both the exchange of crypto assets for funds and the acquiring of payment transactions on behalf of third party merchants.

Our solution

We designed a legal architecture that clearly separated the crypto asset services governed by MiCA from the regulated payment services. This included structuring the relationship with a partner payment institution and defining the contractual framework for the entire user journey.

Outcome

This approach allowed the project to scale by addressing corporate clients while mitigating the risk of being reclassified for the unauthorised provision of financial services.

FAQ – Crypto payment services

Is a euro balance on a crypto platform classified as a payment account?

If the platform allows users to receive, hold, or use funds in official currency, such as euros, it may be classified as providing a payment account. Under MiCA Regulation, “funds” are defined by reference to the PSD2 framework. While a crypto-asset service provider may be authorised for the custody and administration of crypto-assets on behalf of clients, this does not automatically authorise the holding of fiat currency.

Is the acquiring of transactions for third party sellers permitted without specific authorisation?

No, this activity is strictly regulated. The acquiring of payment transactions constitutes a regulated payment service. It requires either a formal authorisation as a payment institution or a structured legal arrangement, such as agent or distributor status, with an authorised payment service provider.

Can a crypto-asset service provider (CASP) handle fiat currency flows directly?

An authorisation as a crypto-asset service provider does not, on its own, empower an entity to provide payment services. While a CASP may perform the exchange of crypto-assets for funds, any ongoing holding or management of fiat currency may require additional status under the e-money or payment services frameworks. Proactive analysis of substance is required to avoid the risk of being reclassified for the unauthorised provision of regulated services.

Is it possible to rely on a partner payment service provider (PSP) to offer these services?

Yes, this is a common strategic solution. The relationship must be formally structured through contractual arrangements, such as a mandate or a distribution agreement. The entity must often obtain a specific legal status, such as becoming an agent or a distributor for the authorised institution.

What are the typical timelines for obtaining a payment institution authorisation?

The duration varies based on the complexity of the project and the quality of the application. Legally, competent authorities have specific timeframes to perform the assessment of the application for authorisation once it is deemed complete. In practice, including the pre-filing and instruction phases, the process generally requires between 9 and 12 months to reach a final decision.

What is the ACPR’s position on simplified payment institution authorisation for CASPs offering e-money token (EMT) services?

The ACPR has recently introduced the possibility of a simplified, or “lightweight”, payment institution authorisation for providers whose handling of fiat funds is strictly accessory to their crypto-asset activities, particularly for the purchase or sale of e-money tokens (EMTs).

Because MiCA legally classifies EMTs as electronic money, any funds received in exchange for these tokens must be protected according to rigorous rules. This simplified status allows CASPs to comply with PSD2 requirements for holding fiat funds without the full prudential burden of a traditional payment institution.

Why does the offering of stablecoins (EMTs) require specific vigilance regarding payment services?

Under the MiCA framework, e-money tokens (EMTs) are defined as digital representations of value that function as electronic surrogates for coins and banknotes, intended for making payments.

Consequently, the issuance of EMTs is strictly reserved for credit institutions and e-money institutions. Any provider offering services related to EMTs must ensure that the management of fiat funds, such as euros, required for the issuance or redemption of these tokens is covered by the appropriate payment authorisation (see our analysis here), as these flows fall directly within the scope of banking and payment services regulations.