Role of FCIS for Crypto Regulation in Lithuania

Role of FCIS for Crypto Regulation in Lithuania

Lithuania has carved a recognized niche in cryptocurrency. Different from some of its European counterparts, Lithuania has embraced crypto with open arms, but only with careful consideration. To get a professional crypto license in Lithuania, knowing the rules and regulations is necessary.

The main player in making rules for cryptocurrencies in Lithuania is the Financial Crime Investigation Service (FCIS). It is the key architect of a comprehensive regulatory framework that ensures the integrity and security of the Lithuanian crypto market.

This framework, precisely crafted by the FCIS, extends far beyond a simple “license and go” approach. It’s a multi-layered tapestry with registration terms, compliance, oversight, and proactive risk management. Understanding these terms is crucial for any VASP (Virtual Asset Service Provider) seeking to navigate the Lithuanian crypto landscape.

Do You Need a License to Trade Crypto in Lithuania?

Lithuania has clear regulations on who requires a virtual currency license. Two key activities fall under the licensing mandate: operating as a crypto exchange or providing crypto custody services. Let’s break down the specifics.

When a License for Cryptocurrency is Necessary

  • Trading Crypto for Fiat or Other Digital Assets? You Need a License

You are classified as a crypto exchange service if you seek to enable clients to exchange fiat money like euros for cryptocurrencies like Bitcoin or swap between virtual currencies. Running such an outfit requires a crypto exchange license from Lithuanian authorities.

  • Storing Private Keys for Customers? Get a Virtual Currency Wallet License

Offering safekeeping of the encrypted digital keys that allow access to tokens for customers is considered crypto custody or wallet services. Crypto storage and transfer facility providers need a virtual currency wallet license.

Navigating the Licensing Application Process to Get the License in Lithuania

Ready to get licensed? Here are the step-by-step application essentials.

  • Specify Exchange or Crypto Wallet Services Sought

Indicate clearly in your application if you seek permission to operate as a legal crypto exchange, wallet provider, or both.

  • Furnish Identifying Business Information

Supply specifics like registered company name, address, tax ID, and domain registration correctly identify your entity.

  • Disclose Ownership and Leadership Particulars

Provide backgrounds on significant shareholders, executive team members, and directors so authorities can vet suitability.

  • Outline Anti-Money Laundering Precautions

Describe the internal controls you have in place to prevent using your services for money laundering, terrorist financing, and other financial crimes.

  • Assign a Dedicated Compliance Lead

Appoint a board member to spearhead adherence to all licensing conditions as your accountable executive for regulatory compliance.

  • Anticipate Ongoing Monitoring

Expect regular reporting obligations and requests for updated information as part of close monitoring by the licensing body.

Clear These Hurdles, Then Trade and Store Crypto in Lithuania!

Once approved as a verified exchange operator or wallet provider, you can begin offering crypto trading or custody platforms to customers within republic of Lithuania or across EU borders.

Get Free Consultation on Company Formation, Fintech &
Crypto Licensing, AML/CTF Compliance, Business Advisory &
Banking Solutions!

Get in Touch


Registration and Classification of Crypto License in Lithuania

The first step for any VASP aspiring to operate within Lithuanian borders is obtaining a crypto license. This license, issued by the FCIS, serves as a gateway to the market, ensuring that only qualified and compliant entities can participate.

Lithuania categorizes VASPs into two broad categories: virtual currency exchange operators and depository virtual currency wallet operators. Most VASPs, seeking efficiency and comprehensiveness, opt to register for both categories, allowing them to offer both exchange and wallet services.

AML/CTF Compliance

Once registered, VASPs must adhere to Lithuania’s robust Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) regulations. These regulations, considered some of the most stringent in Europe, are designed to prevent criminal elements from infiltrating the crypto market and utilizing it for nefarious purposes.

The cornerstone of Lithuanian AML/CTF compliance lies in the Know Your Customer (KYC)/Know Your Business (KYB) measures. VASPs must conduct thorough due diligence on every customer, verifying their identity, source of funds, and intended use of crypto assets. This meticulous vetting process helps to weed out potential money launderers and terrorist financiers.

Beyond KYC/KYB, VASPs must also implement robust transaction monitoring systems. These systems scrutinize all transactions, flagging suspicious activity such as large, unexplained transfers or frequent cross-border movements. Any such red flags must be promptly reported to the FCIS, enabling them to investigate and take appropriate action.

To ensure effective AML/CTF implementation, the FCIS mandates that VASPs designate dedicated AML officers. These officers, typically senior employees or board members, oversee and manage the VASP’s AML/CTF compliance program. Their expertise and commitment are crucial for building a strong internal culture of anti-financial crime within the VASP.

Building a Firewall Against Money Laundering and Terrorist Financing

Recognizing that the human element is central to effective AML/CTF compliance, the FCIS strongly emphasizes staff training. VASPs must train their personnel regularly, particularly those interacting directly with customers, on AML/CTF procedures and the evolving nature of financial crime typologies.

This training equips staff with the knowledge and skills to identify and report suspicious activity, further strengthening the Lithuanian crypto market’s defenses against illicit actors.

A Vigilant Eye on Every Transfer

The FCIS has established transaction thresholds for KYC/KYB checks and reporting obligations to ensure comprehensive oversight. VASPs must conduct thorough KYC/KYB checks before selecting a business relationship with a customer or exceeding a transaction threshold of 700 EUR. Additionally, any transaction exceeding 15,000 EUR must be reported to the FCIS, allowing them to monitor more significant movements of crypto assets and identify potential red flags.

Risk-Based Approach and Group-Wide Policies to Obtain a Crypto License

The FCIS recognizes that a one-size-fits-all approach to AML/CTF compliance could be more effective. Therefore, it encourages VASPs to adopt a risk-based approach, tailoring their compliance measures to the risks associated with their customer base, geographical footprint, and business model. Efficient and effective allocation of resources is prioritized based on high-risk areas for criminal activity.

For VASPs that are part of larger groups of companies, the FCIS emphasizes the importance of implementing group-wide AML/CTF policies. These policies help to ensure consistency and effectiveness across the entire group, regardless of where individual subsidiaries or branches are located.

Additionally, VASPs operating in multiple jurisdictions must ensure they comply with the legal requirements of each jurisdiction, maintaining a real connection to Lithuania and remaining accountable to Lithuanian authorities.

Continuous Monitoring and Reporting

The FCIS takes a proactive approach to monitoring VASP compliance. VASPs are expected to maintain an open dialogue with the FCIS, regularly submitting reports and promptly notifying them of suspicious activity. This ongoing communication allows the FCIS to stay abreast of potential risks and take swift action if necessary.

Proactive Risk Management in Action: FCIS Role in Regulatory Requirements

The FCIS needs more than just red flags to be raised. It actively conducts strategic sectoral analysis of virtual currency operators, regularly assessing their compliance levels and identifying areas of potential vulnerability.

This proactive approach helps to anticipate and mitigate risks before they materialize, safeguarding the integrity of the Lithuanian crypto market.

Unfortunately, not all VASPs operate with the same level of diligence and compliance. The FCIS’s analysis has revealed that many operators need to catch up to the required standards. In such cases, the FCIS takes decisive action, imposing sanctions or fines to motivate the VASPs to improve their compliance practices.

Future Developments

The FCIS recognizes that the crypto landscape constantly evolves, and its regulations must adapt accordingly. One such development is the upcoming implementation of a regulation analogous to the FATF Travel Rule, starting in January 2025. This rule will require VASPs to obtain and disclose details about the sender and recipient of a virtual asset transfer, enhancing transparency and further combating financial crime.


Lithuania’s FCIS is committed to staying ahead as the cryptocurrency world evolves. By continuously refining its regulations and engaging with VASPs, the FCIS creates a secure and trustworthy environment for crypto to thrive in Lithuania.

This commitment to responsible regulation positions Lithuania as a beacon of hope for a future where cryptocurrencies can be utilized safely and productively, contributing to a more transparent and inclusive financial system.