MiCA Sanctions in France: AMF Enforcement Powers

The MiCA compliance question that concentrates a French crypto provider's attention is not "what must we file?" but "what happens if we don't?" In France the answer has teeth: statutory criminal exposure on top of AMF administrative sanctions, blacklisting, and the power to have unauthorized providers' websites blocked. This article sets out the enforcement reality so the 1 July 2026 deadline is understood for what it is — a hard legal stop.

TL;DR

• Criminal exposure: providing crypto-asset services in France without authorization after the transitional period (ends 1 July 2026) is punishable under Code monétaire et financier Articles L. 54-10-4 and L. 572-23 — reported as up to 2 years' imprisonment and a €30,000 fine.
• AMF administrative fines: reported as up to €5 million or 12.5% of annual turnover.
• Blacklist + public warnings: the AMF publishes unauthorized providers and warns the public.
• Website blocking: the AMF can initiate proceedings to block unauthorized providers' sites.
• Consequences stack: criminal + administrative + reputational + market-access + (for CASPs) authorization risk.

The criminal layer

The part that distinguishes France from a routine licensing regime: there is a statutory criminal exposure. Under the Code monétaire et financier (Articles L. 54-10-4 and L. 572-23), providing crypto-asset services in France without the required authorization after the transitional period is punishable, with reporting summarising the exposure as up to two years' imprisonment and a €30,000 fine.

This is why the PSAN-to-CASP deadline of 1 July 2026 is a hard stop and not a soft administrative line: continuing to operate unauthorized after it is not merely "unlicensed," it is within a penal provision. Whether prosecuted in a given case is a separate question; the planning posture is to treat the deadline as legally binding.

The administrative layer

Alongside the criminal exposure, the AMF holds supervisory and sanctioning powers:

The administrative fine ceilings are substantial, but for many providers the blacklist + website blocking combination is the more damaging outcome: it removes French market access and inflicts reputational harm that a paid fine does not. Loss of access, not the cheque, is often the real cost.

Why the consequences stack

The exposures are not alternatives — they compound:

1. Criminal (L. 54-10-4 / L. 572-23) — imprisonment/fine exposure for unauthorized provision.
2. Administrative — AMF fines up to the reported ceilings.
3. Reputational — blacklist and public warnings.
4. Market access — website blocking; effective exclusion from French users.
5. Authorization risk (for an authorized CASP) — supervisory findings bearing on the licence itself.

For an authorized CASP, layer 5 is existential: the whole business depends on the authorization, and serious or repeated non-compliance is a supervisory concern that feeds the authorization assessment (the same licence-protection logic as DAC8 penalties, in the MiCA context).

What this means for the deadline

The enforcement architecture reframes 1 July 2026. It is not "the date after which you should have a licence." It is the date after which operating without one is simultaneously a criminal exposure, an administrative-fine exposure, a blacklisting/website-blocking exposure, and — if you are an authorized CASP with deficiencies — an authorization exposure. The rational posture for any provider still deliberating is to treat authorization as non-optional and engage the AMF process early (see MiCA in France: the AMF and PSAN to CASP).

What a firm should actually do

1. Treat 1 July 2026 as a hard legal stop, not an administrative grace point.
2. Engage the AMF authorization process early — timeline is the binding constraint.
3. If unauthorized at the deadline, cease French crypto-asset services rather than operate into the penal exposure.
4. For authorized CASPs, treat compliance as licence protection — supervisory findings stack onto authorization risk.
5. Confirm current sanction ceilings and statutory references with French counsel — figures are set in law and applied case by case.

Where vendors fit

• ADAN and industry bodies — track AMF enforcement communications and doctrine.
• Cryptio — financial records that reduce supervisory-finding exposure for authorized CASPs.
• Sumsub — KYC/AML controls expected of an authorized CASP.

Tooling reduces the compliance-failure surface; it does not remove the statutory exposure for operating unauthorized.

How Wag3s helps

For authorized or authorizing CASPs, Wag3s Ledger provides the audit-ready financial records and multi-chain reconciliation that support the systems-and-controls the AMF supervises — reducing the supervisory-finding surface that can stack onto authorization risk. It does not change the statutory sanctions; it helps a firm stay on the authorized side of them. See the Ledger product page.

Further reading

• MiCA in France: The AMF as Competent Authority
• PSAN to CASP Migration (France)
• MiCA Timeline 2024-2026
• MiCA Regulation: What It Means for Crypto Businesses
• DAC8 CASP Penalties
• MiCA Implementation Checklist

Sources

• Code monétaire et financier — Articles L. 54-10-4 and L. 572-23 (unauthorized provision of crypto-asset services)
• AMF — the European MiCA regulation overview
• AMF — reminder that the transitional period for DASPs ends 1 July 2026
• Regulation (EU) 2023/1114 (MiCA) — EUR-Lex