MiCA record-keeping requirements: what crypto finance teams need in place now

The short answer: MiCA's transitional period ended on 1 July 2026. Authorised crypto-asset service providers must keep records of every service, order, and transaction for at least five years, in a form a regulator can reconstruct. DAC8 adds tax reporting on top, with 2026 as the first collection year. Complete transaction records stopped being optional.
The license race dominated the headlines. The paperwork is what happens next. This guide covers what changed on 1 July 2026, what MiCA actually demands from the records side, and what finance teams and accountants should put in place this quarter. It is an accounting perspective, not legal advice.
What changed on 1 July 2026
MiCA became fully applicable on 30 December 2024, but firms that already operated under national rules got a grace period, the so-called grandfathering clause. Member states could shorten it, and several did. Germany and Ireland closed their windows on 31 December 2025, and a handful of countries allowed only six months. The outer limit for everyone was 1 July 2026. That date has now passed, and no member state may extend it.
The scale of the cutoff is easy to underestimate. According to ESMA figures reported by Euronews, only around 210 firms had obtained full authorisation by May 2026, out of more than 1,200 that previously held national crypto registrations across the EU. That is a conversion rate of well under a fifth. On 23 June 2026, ESMA published a statement telling unauthorised providers to wind down in an orderly way: stop onboarding EU clients, stop marketing, and limit activity to closing positions and returning assets.
Two more dates matter for planning. ESMA updated its Interim MiCA Register on 12 June 2026, which lists authorised providers and flagged non-compliant entities, and the European Commission opened a targeted consultation on the MiCA review that runs until 31 August 2026. The rulebook is live, and it is still moving.
Who MiCA covers, and who feels it anyway
MiCA directly regulates two groups. Crypto-asset service providers, or CASPs, meaning exchanges, custodians, brokers, and anyone providing crypto services to EU clients as a business. And issuers of asset-referenced tokens and e-money tokens, the regulation's stablecoin categories.
A company that simply holds bitcoin in treasury, or pays a supplier in USDC, is not a CASP and does not need a license. If that describes you, three indirect effects still land on your desk.
Your venues just changed. Every exchange and custodian your company or your clients use must now hold an authorisation to serve EU customers. The ESMA register is the reference list. Assets sitting at a provider that did not make the cut need to move, and every one of those moves is an accounting event: a transfer to document, custody to re-establish, cost basis to carry over.
Your data is being reported. DAC8 reporting started collecting in January 2026, more on that below.
Your auditor noticed. Once regulators define what a complete crypto record looks like, that definition becomes the benchmark in audits, financing conversations, and due diligence, whether or not you are regulated yourself.
Article 68: the record-keeping rule in plain language
Buried in MiCA's governance chapter is the provision finance teams will live with for years. Under Article 68, an authorised CASP must keep records of all its services, activities, orders, and transactions. The retention period is at least five years, and the regulator can extend it to seven. The records must be detailed enough that the supervisor can reconstruct each transaction.
Here is what those phrases translate to in practice.
| What MiCA expects | What it means for your books |
|---|---|
| Records of all services, activities, orders, and transactions | A complete transaction history per wallet, venue, and client. Monthly PDF statements do not qualify |
| Retention for at least five years, seven on request | Storage and exports that survive tool migrations, staff turnover, and vendor exits |
| Enough detail to reconstruct each transaction | Timestamp, counterparty, asset, amount, fees, the valuation applied at the time, and the journal entry it produced |
| Safeguarding of client assets (Article 70) | Client holdings segregated from house holdings, with books that prove the segregation |
The key word is reconstruct. A supervisor does not want to watch your dashboard. They want the trail: this order came in, this trade executed, these fees applied, this entry hit the ledger, and here is the document for every step. If your history lives in a spreadsheet that gets overwritten at each close, you cannot reconstruct anything.
For accounting firms, the same table is a client-intake checklist. A crypto client who cannot produce this trail is not just an accounting risk anymore. They may be sitting on a compliance gap with their own regulator.
DAC8 turns 2026 into the first reporting year
MiCA is the licensing layer. DAC8 is the tax-transparency layer, and its clock is already running. Since 1 January 2026, reporting crypto-asset service providers have been collecting transaction data on their EU-resident users. First reports go to national tax authorities during 2027, and member states exchange the data by 30 September 2027. DAC8 is the EU implementation of the OECD's CARF framework, so the same pattern is rolling out well beyond Europe.
The practical consequence: everything your company does on a reporting venue in 2026 will be visible to a tax authority in 2027, summarised by the venue, not by you. When that report disagrees with your books, you will want your own complete records to argue from. US readers know this movie from Form 1099-DA, which went through the same logic for American brokers.
A records checklist for the second half of 2026
What we would actually do before year-end, in order.
- Inventory every venue, custodian, and wallet. Check each provider against the ESMA register. Note which are authorised, which are winding down.
- Export full histories from any platform that is exiting. Do it now, before access closes. Trade logs, deposit and withdrawal records, fee schedules, everything they let you download.
- Reconcile the subledger to the general ledger monthly. A month-end close routine is the cheapest audit-trail insurance there is.
- Document your cost basis method and valuation sources. Which method you apply, where prices come from, and that the answer stays consistent period to period.
- Make the trail portable. Five to seven years outlasts most SaaS subscriptions. Confirm you can export journal entries and transaction history in a format that stands alone.
- For firms: make this a standard intake question. "Show me your transaction history for the last 12 months" tells you more about a crypto client than their balance sheet does.
Where a subledger fits, and where it does not
Honesty first: no accounting tool makes anyone MiCA compliant. Authorisation, governance arrangements, prudential capital, complaint handling, and market-abuse controls sit far outside any subledger, ours included.
What a subledger owns is the records layer, and that layer is exactly what Article 68 and DAC8 stress-test. Breezing syncs complete transaction history from 80+ blockchains and exchanges into Xero, QuickBooks Online, or Bexio. Journal entries update in place when something changes, instead of delete-and-repost, so the audit trail stays continuous. Every tier includes unlimited wallets and unlimited users, which matters when a firm manages records for many clients at once. The platform itself is SOC 2 Type II certified, and pricing is published, from $29 per month. For how this compares across the market, see our guide to the best crypto accounting software.
If you are a CASP, your compliance officer owns the license. Someone still has to own the books underneath it. If you are a regular company with crypto on the balance sheet, the regulators just defined what good records look like, and it is cheaper to adopt that standard now than to rebuild history later.
Quick answers
What are the MiCA record-keeping requirements? Article 68 of MiCA requires authorised crypto-asset service providers to keep records of all their services, activities, orders, and transactions for at least five years. The regulator can extend that to seven. Records must be complete enough for a supervisor to reconstruct each individual transaction.
When did the MiCA transitional period end? On 1 July 2026. That was the final EU-wide deadline for firms that had been operating under national registrations. Several member states closed their windows earlier, Germany and Ireland already on 31 December 2025. Since July 2026, serving EU clients requires a MiCA authorisation.
Does MiCA apply to companies that just hold crypto? Not directly. MiCA regulates crypto-asset service providers and token issuers, not a company holding its own coins in treasury. The indirect effects are real though. DAC8 tax reporting covers your exchange data from 2026, auditors increasingly expect MiCA-grade paper trails, and every provider you rely on now needs a license to serve you in the EU.
What is DAC8 and when does it start? DAC8 is the EU directive that extends automatic tax-information exchange to crypto-assets. Reporting crypto-asset service providers collect transaction data on EU users from 1 January 2026 and file their first reports with national tax authorities during 2027. It is the EU implementation of the OECD's CARF framework.
Can accounting software make you MiCA compliant? No single tool can. Authorisation, governance, prudential capital, and market-abuse controls go far beyond software. What a crypto subledger like Breezing covers is the records layer: complete transaction history across wallets and venues, documented valuations, and an audit trail your accountant and your regulator can actually follow.
Bottom line
The MiCA license question settled itself on 1 July 2026. Around 210 firms made it through, the rest are winding down, and the EU now has one rulebook instead of 27. What did not settle is the operational work underneath: five-to-seven-year records, transaction-level reconstruction, and a tax authority reading your venue data from January 2026 onward. The license belongs to compliance. The records belong to finance. If your crypto transaction history is complete, reconciled, and exportable, most of what these rules ask from the accounting side is already done. If it is not, the second half of 2026 is the right time to fix it.
More articles

Ledgible alternatives: an honest guide for accountants and finance teams
What Ledgible does, what it costs, and when an alternative fits better. Compare Ledgible and Breezing on pricing, wallets, users, and Xero and QuickBooks sync.

Bitwave alternatives: an honest comparison for 2026
Bitwave is built for enterprise crypto accounting. See how it compares with Breezing on pricing, wallets, users, and ERP fit, and which tool suits your firm.

Bitcoin Accounting Software: A Buyer's Guide for Finance Teams
Bitcoin accounting software ingests transactions, applies cost basis, handles ASC 350-60 fair value, and posts clean entries to Xero or QuickBooks.