Commission opens MiCA infringement case against Hungary: implications for market participants

Overview

The European Commission has decided to open infringement proceedings against Hungary (INFR(2025)2174) for failing to fully comply with the EU’s Markets in Crypto-Assets Regulation (MiCA) (Regulation (EU) 2023/1114). The proceedings are triggered specifically by Hungary’s introduction, through Act LXVII of 2025 amending the Hungarian Crypto Act (Act VII of 2024), of a national “exchange validation” regime including criminal liability provisions that the Commission considers incompatible with MiCA’s harmonised framework.

This development was, in many respects, anticipated. We previously highlighted the tension between Hungary’s bespoke validation requirements and the EU-level MiCA framework in our earlier client alerts and articles on the topic. This alert brings those threads together and sets out what the infringement procedure means in practice for businesses operating in Hungary’s crypto-asset market.

1. Background: how we got here

Hungary’s regulatory approach to crypto-asset exchanges has evolved rapidly over the past year. During this time Wolf Theiss monitored each key development for clients:

1.1 April 2025 – the MiCA transition deadline

In our first client alert (published 7 April 2025), we highlighted that 1 July 2025 would be a critical compliance milestone: crypto-asset service providers active in Hungary before 30 December 2024 had to be fully MiCA-compliant by that date, including holding a valid licence from a competent authority of an EU Member State. We cautioned that non-compliant providers would be at risk of enforcement action, including potential suspension of activities.

1.2 July 2025 – criminal liability and the validation gap

In our second alert (published 18 July 2025), we analysed the Hungarian legislature’s decision to go significantly further than MiCA by introducing two new criminal offences into the Hungarian Criminal Code, effective 1 July 2025: one targeting the provision of unauthorised crypto-exchange services and another targeting the use of such services. We drew attention to the regulatory gap at that point: the Criminal Code provisions referenced a validation framework – specifically, a compliance certificate issued by a licensed crypto-asset conversion validation service provider – that had not yet been operational. This created significant legal uncertainty, with even unwitting users potentially exposed to criminal liability for exchanges conducted without validation that was not, at that time, practically obtainable.

1.3 January 2026 – the validation regime takes effect

In our most recent article (published 9 January 2026), we confirmed that Hungary’s validation regime formally entered into force on 27 December 2025, following the adoption of SARA Decree 10/2025 (X.27.) on 27 October 2025. From that date, every crypto-to-fiat and crypto-to-crypto exchange in Hungary must be accompanied by a compliance certificate from a SARA-licensed validator. We noted that the validator’s due diligence obligations go beyond standard KYC/AML checks and that the regime operates alongside, but separately from, MiCA’s CASP licensing framework. MNB supervises MiCA licensing, while SARA authorises validators.

It is this dual-track structure – and particularly Hungary’s decision to layer criminal sanctions and a transaction-level validation obligation on top of MiCA’s harmonised regime – that has now prompted the Commission to act.

2. The infringement procedure: what the Commission is saying

The Commission’s letter of formal notice identifies two core concerns:

First, Hungary’s introduction of the “exchange validation service” authorisation regime, requiring a compliance certificate for every exchange transaction, is not provided for under MiCA. MiCA establishes a uniform, directly applicable framework governing the authorisation and conduct of crypto-asset service providers across the EU. Member States are not, in the Commission’s view, entitled to introduce additional transaction-level mechanisms of this kind alongside MiCA.

Second, the associated criminal liability provisions – which penalise both the operation and the use of exchanges conducted without validation – have had a measurable negative effect on the market. The Commission notes that some crypto-asset service providers have suspended or discontinued services for Hungarian users as a result, creating legal uncertainty and prejudicing clients.

The Commission acknowledges that Hungary’s stated objective – strengthening AML/CFT safeguards – is legitimate, but emphasises that such measures must remain compatible with MiCA.

Hungary now has two months to respond to the letter of formal notice. If the Commission is not satisfied with Hungary’s response, it may escalate the matter by issuing a reasoned opinion, a further step that could ultimately lead to referral to the Court of Justice of the European Union.

3. Practical implications for market participants

The infringement proceedings do not, in themselves, suspend or override Hungarian law. The validation regime and the associated criminal provisions remain in force. However, the proceedings create regulatory uncertainty that market participants – including crypto-asset service providers, exchanges and businesses holding or trading digital assets in Hungary – should factor into their planning.

Key considerations include:

The validation obligation remains applicable for now.

Until Hungarian law is amended or a court rules otherwise, the requirement to obtain a compliance certificate from a SARA-licensed validator remains the operative legal position. Businesses should continue to comply with this requirement and verify validator status through SARA’s public register before transacting.

Monitor Hungary’s response closely.

Hungary’s two-month deadline to respond falls in early April 2026. Whether Hungary indicates a willingness to amend its legislation or chooses to defend its position will be an important indicator of how quickly the regime may be change. We will update clients as developments emerge.

Consider the risk profile of the current dual-track structure.

The Commission’s intervention confirms that the validation regime operates outside MiCA’s harmonised framework. For businesses also subject to MiCA-level authorisation through MNB, this dual structure may need to be revised if Hungarian law changes. Affected clients should review their compliance arrangements in light of the infringement proceedings.

Criminal liability risk remains, but the legal landscape is shifting.

The criminal offences linked to the validation regime remain in force. However, if Hungary amends or repeals the validation requirement in response to the proceedings, the associated criminal provisions would also need to be reconsidered. In the interim, the prudent approach is to transact only through validated channels where available.

4. Next steps

We will continue to monitor the infringement proceedings and any legislative or regulatory response from the Hungarian authorities. Please contact us If you have questions about how the current position affects your business or crypto-asset activities in Hungary.