MiCA Sanctions in France: AMF Enforcement Powers

What makes the French MiCA regime bite is not the filing burden but the downside of ignoring it. Operating crypto-asset services in France without authorization is not merely "unlicensed": it sits inside a penal provision of the Code monétaire et financier, on top of AMF administrative fines, public blacklisting, and the power to have a provider's website blocked. This spoke is specifically about that enforcement architecture — the layers of exposure and how they compound. The deadline mechanics are in the PSAN to CASP spoke and the regulator's wider role in the MiCA in France spoke; for the EU-wide phasing, see the MiCA timeline.

The exposure in brief

• Criminal exposure: providing crypto-asset services in France without authorization after the transitional period (ends 1 July 2026) is punishable under Code monétaire et financier Articles L. 54-10-4 and L. 572-23, reported as up to 2 years' imprisonment and a €30,000 fine.
• AMF administrative fines: reported as up to €5 million or 12.5% of annual turnover.
• Blacklist + public warnings: the AMF publishes unauthorized providers and warns the public.
• Website blocking: the AMF can initiate proceedings to block unauthorized providers' sites.
• Consequences stack: criminal + administrative + reputational + market-access + (for CASPs) authorization risk.

The criminal layer

The part that distinguishes France from a routine licensing regime: there is a statutory criminal exposure. Under the Code monétaire et financier (Articles L. 54-10-4 and L. 572-23), providing crypto-asset services in France without the required authorization after the transitional period is punishable, with reporting summarising the exposure as up to two years' imprisonment and a €30,000 fine.

This is why the PSAN-to-CASP deadline of 1 July 2026 is a hard stop and not a soft administrative line: continuing to operate unauthorized after it is not merely "unlicensed," it is within a penal provision. Whether prosecuted in a given case is a separate question; the planning posture is to treat the deadline as legally binding.

The administrative layer

Alongside the criminal exposure, the AMF holds supervisory and sanctioning powers:

The administrative fine ceilings are substantial, but for many providers the blacklist + website blocking combination is the more damaging outcome: it removes French market access and inflicts reputational harm that a paid fine does not. Loss of access, not the cheque, is often the real cost.

Why the consequences stack

The exposures are not alternatives — they compound:

1. Criminal (L. 54-10-4 / L. 572-23) — imprisonment/fine exposure for unauthorized provision.
2. Administrative — AMF fines up to the reported ceilings.
3. Reputational — blacklist and public warnings.
4. Market access — website blocking; effective exclusion from French users.
5. Authorization risk (for an authorized CASP) — supervisory findings bearing on the licence itself.

For an authorized CASP, layer 5 is existential: the whole business depends on the authorization, and serious or repeated non-compliance is a supervisory concern that feeds the authorization assessment (the same licence-protection logic as DAC8 penalties, in the MiCA context).

What this means for the deadline

The enforcement architecture reframes 1 July 2026. It is not "the date after which you should have a licence." It is the date after which operating without one is simultaneously a criminal exposure, an administrative-fine exposure, a blacklisting/website-blocking exposure, and — if you are an authorized CASP with deficiencies — an authorization exposure. The rational posture for any provider still deliberating is to treat authorization as non-optional and engage the AMF process early (see MiCA in France: the AMF and PSAN to CASP).

What a firm should actually do

1. Treat 1 July 2026 as a hard legal stop, not an administrative grace point.
2. Engage the AMF authorization process early — timeline is the binding constraint.
3. If unauthorized at the deadline, cease French crypto-asset services rather than operate into the penal exposure.
4. For authorized CASPs, treat compliance as licence protection — supervisory findings stack onto authorization risk.
5. Confirm current sanction ceilings and statutory references with French counsel — figures are set in law and applied case by case.

Where vendors fit

• ADAN and industry bodies — track AMF enforcement communications and doctrine.
• Cryptio — financial records that reduce supervisory-finding exposure for authorized CASPs.
• Sumsub — KYC/AML controls expected of an authorized CASP.

Tooling reduces the compliance-failure surface; it does not remove the statutory exposure for operating unauthorized.

Where Wag3s fits

Nothing here removes the statutory exposure for operating unauthorized — that line is crossed or not crossed regardless of tooling, and the decision to apply and the legal posture belong to French counsel. For a firm that is authorized or authorizing, though, the supervisory-finding surface that can stack onto authorization risk is partly a record-keeping problem. Wag3s Ledger addresses that with audit-ready financial records and multi-chain reconciliation supporting the systems-and-controls the AMF supervises. It helps a firm stay on the authorized side of the regime, not escape its sanctions. See the Ledger product page.

Further reading

• MiCA in France: The AMF as Competent Authority
• PSAN to CASP Migration (France)
• MiCA Timeline 2024-2026
• MiCA Regulation: What It Means for Crypto Businesses
• DAC8 CASP Penalties
• MiCA Implementation Checklist

The PSAN-to-CASP transition and the 1 July 2026 hard stop

France's MiCA implementation requires PSANs (Prestataires de Services sur Actifs Numériques) registered under the old PACTE framework to transition to full CASP (Crypto-Asset Service Provider) authorization under MiCA. The transitional period ends on 1 July 2026. After that date, a PSAN operating without a MiCA CASP authorization is in the same legal position as an entirely unlicensed operator — the old registration does not extend.

Several practical points about the transition timeline that are frequently underestimated:

The authorization process takes time. The AMF authorization procedure under MiCA is substantive — it requires documented governance arrangements, AML/KYC programs, a compliance function, capital adequacy evidence, and systems and controls documentation. A PSAN that submits its authorization dossier in May 2026 is unlikely to receive authorization before 1 July 2026. The AMF has communicated that delayed applications are at the applicant's risk; the transitional period is not extended because an application is pending.

AMF supervisory expectations for authorized CASPs. An authorized CASP is subject to ongoing AMF supervision that differs from the lighter-touch PSAN registration regime. This includes periodic reporting, potential on-site inspections, and notification requirements for material operational changes. Firms that treated PSAN registration as a one-time compliance event face a meaningful increase in ongoing regulatory burden under MiCA authorization.

The 12.5%-of-turnover fine ceiling is calibrated to scale. For a large exchange operating in France with significant revenue, a fine at 12.5% of annual turnover is a material amount even before considering the blacklist and website-blocking consequences. For smaller players, the monetary fine may be secondary to the market-access impact — being on the AMF's unauthorized-providers list disqualifies a firm from institutional partnerships, banking relationships, and white-label arrangements almost immediately.

Multi-jurisdiction providers. A CASP authorized under MiCA in one EU Member State benefits from the EU passporting mechanism and can provide services in other Member States through notification rather than separate authorization. For a PSAN completing the French transition, the question of which Member State to use as home for MiCA authorization — France or another EU country — has strategic implications for the passporting scope and the home regulator's supervisory style. This is a regulated-counsel and regulatory-strategy question, not a purely administrative one.

Sources

• Code monétaire et financier — Articles L. 54-10-4 and L. 572-23, on the unauthorized provision of crypto-asset services (text citation; consult Légifrance for the consolidated articles).
• AMF — reminder that the transitional period for DASPs ends 1 July 2026: states the criminal exposure (two years' imprisonment, €30,000 fine) for unauthorized provision after 1 July 2026.
• AMF — the European MiCA regulation overview: the AMF's supervisory and sanctioning role.
• Regulation (EU) 2023/1114 (MiCA) — EUR-Lex official text: the authorization requirement the French sanctions enforce.