Learn more about the latest security and privacy threats
Editorial illustration for the article "Binance loses its EU market: the MiCA licence failure explained".

Binance withdrew its Greek MiCA licence bid on 24 June 2026 and must halt new EU services from 1 July. What the fit-and-proper failure means for your firm.

Table of contents

The world's largest crypto exchange has no Binance MiCA licence, so from 1 July 2026 it must stop offering new services to European Union users. Binance withdrew its application in Greece on 24 June after reports the regulator would reject it, leaving millions of EU customers to migrate to authorised rivals.

  • Binance withdrew its MiCA application filed with Greece's Hellenic Capital Market Commission on 24 June 2026, six days before the hard deadline.
  • From 1 July 2026, EU users lose new spot orders, deposits, sign-ups, and Earn and staking products, while withdrawals stay open.
  • Regulators reportedly focused on the fit-and-proper test, Binance's anti-money-laundering history, and majority owner Changpeng Zhao.
  • Only around 210 of more than 3,000 crypto firms in Europe cleared full authorisation, a pass rate near 7 percent.
  • Coinbase, Kraken, OKX, and Crypto.com secured authorisation and can now passport services across the bloc.

What happened to Binance in the EU?

Binance failed to secure the licence it needs to serve European Union customers before the Markets in Crypto-Assets Regulation transitional window closed. It withdrew its application in Greece on 24 June 2026, then told users in France, Italy, Spain, Poland, and other member states that new services would stop from 1 July.

The transitional period was never soft. In a statement dated 23 June 2026, the European Securities and Markets Authority told unauthorised providers "to take immediate steps to wind down their EU activities." There is no extension and no partial-compliance carve-out, as we covered when the MiCA transitional period ended. A firm either holds authorisation from a national competent authority by 1 July 2026 or it stops.

Binance framed the retreat as a choice, not a defeat. It said it withdrew "after careful consideration of the status and the timeline of the process in Greece, with our users' interests at the center." Reuters reported on 16 June, citing two sources, that Greece's Hellenic Capital Market Commission was preparing to reject the bid; Binance disputed that account. The absence of a Binance MiCA licence is the practical result either way.

ItemDetailDate
Application withdrawnGreece (Hellenic Capital Market Commission)24 June 2026
ESMA transitional deadlineCease activities if unauthorised1 July 2026
New EU services suspendedSpot orders, deposits, sign-ups, Earn, staking1 July 2026
WithdrawalsRemain openOngoing
Firms authorised in EuropeAbout 210 of 3,000-plusBy 1 July 2026

Why did Binance fail the fit-and-proper test?

Authorisation under MiCA is not just a paperwork exercise. National regulators must assess whether the people who own and run a crypto-asset service provider are suitable, a standard known as fit and proper. Reporting indicates the concern with Binance centred on its anti-money-laundering record and on co-founder and majority owner Changpeng Zhao.

That record is documented in a United States enforcement action. In November 2023 Binance and Zhao pleaded guilty to federal charges, with the Department of Justice announcing a resolution of more than 4 billion dollars. Zhao personally pleaded guilty to failing to maintain an effective anti-money-laundering programme and was later sentenced to four months in prison. President Trump pardoned Zhao in October 2025, though that pardon does not extend to Binance the corporate entity.

A pardon clears a US criminal record; it does not automatically satisfy a European regulator's forward-looking integrity test. MiCA Article 68 requires that members of the management body, and shareholders with qualifying holdings, be of sufficiently good repute. That is why a firm can be operationally huge and still lack a Binance MiCA licence: the gate tests governance and control, not trading volume.

What does the Binance MiCA licence failure change for your obligations?

If you run a crypto-asset service provider, a payments firm, or a bank that touches crypto, the Binance MiCA licence failure reshapes concrete duties rather than sentiment. Treat it as a live test of your customer due diligence, screening, and onboarding capacity, because migrating users will land on your platform within days.

Customer due diligence and onboarding. Every EU user leaving Binance for an authorised exchange is a new business relationship. Under the EU anti-money-laundering framework, that triggers full customer due diligence at the receiving CASP: identity verification, beneficial-ownership checks where relevant, and purpose-of-relationship data. ESMA is explicit that "the onboarding CASP should carry out all necessary onboarding procedures, including customer due diligence." A migration surge is exactly when static onboarding checks buckle and fraud slips through.

Travel Rule and transfers. Crypto transfers between providers fall under Regulation (EU) 2023/1113, the recast transfer-of-funds rule in force since 30 December 2024. As balances move from an unlicensed venue to licensed ones, originator and beneficiary information must travel with qualifying transfers. Reconcile counterparties carefully during the wind-down.

Sanctions and PEP screening. A wave of inbound accounts is a screening load, not a formality. Screen migrating customers against sanctions and politically exposed person lists at onboarding, and do not assume a name checked by a former provider was checked to your standard. If the distinction between these controls is fuzzy, our primer on KYC versus AML sets out where each duty sits.

Governance evidence. The Binance case shows regulators reading fit-and-proper as an integrity judgement on owners and managers. Refresh your own senior-management and qualifying-shareholder records now, and make sure you can evidence repute and suitability if an authority asks.

What is still uncertain about Binance in Europe?

Plenty remains unresolved, and the open questions carry real cost. Binance says it will apply for authorisation in another member state, reportedly France, and remains "confident we will secure a MiCA licence in the coming months." Whether a second national regulator reaches a different fit-and-proper conclusion on the same owner is the central unknown, and until it does there is still no such EU authorisation anywhere in the bloc.

There is customer-asset risk in the wind-down itself. Withdrawals are open today, but a rushed exodus concentrates operational strain on both the departing platform and the receiving ones. Delays, failed transfers, and support backlogs are the predictable friction, and they raise the odds that users fall for migration-themed phishing.

There is fraud risk in the migration. Attackers exploit exactly these moments, impersonating exchanges and prompting account resets. A spike in new onboarding, done fast and under pressure, is fertile ground for synthetic identities and deepfake-driven account opening. Receiving firms carry that liability, not Binance.

Finally, there is precedent risk. If one regulator can gate the largest exchange on governance grounds, every large firm with a complicated past must assume its owners and directors will be scrutinised the same way. The standard, not the paperwork, is now the binding constraint.

How does this compare with rival exchanges?

Binance is the outlier among the large exchanges, not the norm. Several direct competitors cleared MiCA authorisation before the deadline and can now passport services across all 27 member states from a single national licence. The contrast is stark and, for users, decisive.

The scale of the cull matters for context. Of more than 3,000 crypto firms operating across Europe under old national regimes, only around 210 secured full authorisation by 1 July, up from roughly 204 on ESMA's mid-June interim register, a pass rate near 7 percent. The Binance MiCA licence gap is therefore part of a broad clear-out, but it is the most consequential single name in it.

ExchangeMiCA authorisationEU status from 1 July 2026
CoinbaseGrantedOperating across the bloc
KrakenGrantedOperating across the bloc
OKXGrantedOperating across the bloc
Crypto.comGrantedOperating across the bloc
BinanceNot grantedNew services suspended, seeking a licence elsewhere

Source: ESMA interim register of authorised CASPs.

How should compliance teams respond?

Compliance teams should treat the migration window as an operational and fraud event, not a quiet week, and plan for a surge before it arrives. Start with capacity: model an onboarding spike and stress-test your customer due diligence and screening pipeline against it, not a normal week. Pre-brief support and fraud teams that migration phishing will rise, and publish clear guidance so customers can tell a genuine transfer from a scam. Reconcile Travel Rule data on inbound transfers and confirm sanctions and PEP screening runs on every new account, not a sample. Refresh your own fit-and-proper evidence for owners and senior managers while the topic is live.

The deeper lesson is about where onboarding risk concentrates. Fast, high-volume identity checks are where fraud and data exposure cluster, and centralised stores of verified identity are exactly what attackers target during a migration. Zyphe verifies customers by reading the NFC chip in a passport to ICAO 9303 and eIDAS standards with two-step liveness and no image upload, then shards the result across a decentralised network so no single node holds a complete record and there is no central honeypot to breach (how it works). A reusable KYC credential lets a migrating user verify once and re-present elsewhere, which turns a migration surge into a lighter load. To see how it fits your onboarding, book a demo.

The bottom line

A firm can dominate a market and still be shut out of one. The Binance MiCA licence failure shows that European authorisation turns on governance and integrity, not scale, and that the fit-and-proper test can gate even the largest exchange. For compliance teams the near-term work is operational: absorb migrating users without dropping customer due diligence, screening, or Travel Rule discipline, and treat the migration window as a fraud event. The durable lesson is that onboarding at speed, and the identity data it creates, is where risk concentrates, so design for it before the surge arrives.

Cited sources

Michelangelo FrigoMichelangelo Frigo(Co-Founder at Zyphe)Michelangelo Frigo is a privacy and identity infrastructure expert and co-founder of Zyphe.

Frequently Asked Questions

No. Binance says user assets remain safe and accessible, and withdrawals stay open. What stops from 1 July 2026 is new activity for EU users: new spot orders, deposits, sign-ups, and Earn and staking products. Existing balances can be withdrawn or moved to an authorised provider during the wind-down.

Reuters reported that the Hellenic Capital Market Commission was preparing to reject the bid, with concerns reportedly centred on Binance's anti-money-laundering history and the fit-and-proper standard applied to owner Changpeng Zhao. Binance withdrew the application on 24 June 2026 before any formal decision was issued.

It is the requirement that the people who own and manage a crypto-asset service provider are suitable. MiCA Article 68 obliges regulators to check that management-body members and qualifying shareholders are of good repute. It is a governance and integrity assessment, separate from a firm's size or trading volume.

Yes, in principle. Binance says it will apply in another member state, reportedly France, and expects to secure a licence in the coming months. The open question is whether a second national regulator reaches a different fit-and-proper conclusion about the same majority owner and the same compliance record.

Run full customer due diligence on each new relationship, apply sanctions and politically exposed person screening, and attach Travel Rule information to qualifying transfers under Regulation (EU) 2023/1113. Migration volume does not lower the standard; if anything, it raises the fraud risk that onboarding controls must catch.

See privacy-first KYC in action

Verify identity without storing a single document. Reusable credentials, an exportable audit trail, and a 15-minute integration.

Book a demo