After eight years of de facto prohibition, Morocco is reversing its position on cryptocurrency with the introduction of Bill 42.25 on digital assets. This legislative text, developed jointly by the Ministry of Finance, Bank Al-Maghrib, and the AMMC (Autorité Marocaine du Marché des Capitaux), establishes a comprehensive regulatory framework directly inspired by the European Union’s MiCA Regulation and aligned with FATF, BIS, and IMF recommendations.
Morocco crypto law 2026
The shift responds to market realities: approximately 6 million Moroccans currently hold cryptocurrencies, representing 16% of the population, despite the 2017 Office des Changes warning against their use. The draft law transforms this informal market into a regulated financial sector, opening opportunities for licensed operators while maintaining strict supervision.
Legal framework and scope of Bill 42.25
Bill 42.25 defines crypto-assets as “digital representations of value or rights that can be transferred via blockchain or distributed ledger technology.” The law distinguishes between two main categories: utility tokens (providing access to specific services or products) and asset-referenced tokens (stablecoins backed by fiat currencies, commodities, or other assets).
The legislation covers five types of activities requiring authorization:
Crypto-asset issuance: Primary offerings, whether public or private, must comply with disclosure requirements similar to securities offerings. Issuers must provide detailed white papers covering project governance, technical specifications, risk factors, and token economics.
Trading and exchange services: Operating platforms where users can buy, sell, or exchange crypto-assets against fiat currency or other digital assets requires a crypto-asset service provider (CASP) license.
Custody services: Entities holding private keys or maintaining control over clients’ crypto-assets on their behalf must obtain specific authorization and implement robust security measures.
Advisory services: Providing investment advice or portfolio management services related to crypto-assets falls under the regulated activities requiring licensing.
Transfer services: Facilitating crypto-asset transfers between users, whether for remittances or other purposes, requires compliance with anti-money laundering standards.
The law explicitly excludes certain activities from its scope: central bank digital currencies (CBDCs), non-fungible tokens (NFTs) representing unique collectibles rather than financial instruments, and mining operations that do not involve client funds.
An important limitation: crypto-assets are not recognized as legal tender in Morocco. They cannot be used as payment methods for goods and services. The law treats them strictly as a distinct financial asset class subject to regulation.
Licensing requirements for crypto-asset service providers
Foreign investors planning to operate crypto-asset businesses in Morocco must obtain a CASP license from the AMMC. The authorization process involves several legal and financial requirements.
Minimum capital: Applicants must demonstrate initial capital of at least MAD 3 million (approximately $300,000). This amount may vary depending on the specific activities undertaken. Capital must be held in a Moroccan banking institution and remain available throughout operations.
Corporate structure: The CASP must be incorporated as a Moroccan legal entity, typically a société anonyme (SA) or société à responsabilité limitée (SARL). Foreign investors can hold up to 100% of shares, but the company must have legal domicile in Morocco with operational presence.
Management requirements: At least two senior managers with proven experience in financial services or technology must be designated. These individuals undergo fitness and propriety assessments by the AMMC, including background checks and verification of professional qualifications.
Governance standards: The applicant must establish a board of directors (or equivalent governance body), internal audit functions, risk management committees, and compliance officers. Written policies covering operations, conflicts of interest, client protection, and business continuity must be submitted.
Technical infrastructure: The application must include detailed documentation of IT systems, cybersecurity measures, wallet security protocols, and disaster recovery plans. Regular penetration testing and security audits will be mandatory.
AML/CFT compliance: Full implementation of Law 43-05 on anti-money laundering and counter-financing of terrorism is required. This includes customer due diligence procedures, transaction monitoring systems, suspicious activity reporting mechanisms, and staff training programs.
Need guidance on your CASP license application? Our team assists fintech companies with regulatory filings, corporate structuring, and compliance frameworks. Contact Cabinet Lafrouji Avocats at +212 (5) 22 47 55 29.
Three-regulator supervision model
Bill 42.25 establishes a tripartite regulatory architecture distributing supervision among three Moroccan authorities, each with distinct responsibilities.
AMMC (Autorité Marocaine du Marché des Capitaux) serves as the primary regulator for crypto-asset market activities. The AMMC’s competence includes reviewing and approving CASP license applications, supervising trading platforms, monitoring compliance with disclosure requirements for token issuances, and investigating market manipulation or insider trading. The authority can impose administrative sanctions, suspend licenses, or revoke authorizations for serious violations.
In December 2025, the AMMC conducted a training seminar in partnership with Chainalysis, a blockchain analytics firm, preparing its staff for on-chain transaction monitoring and forensic analysis capabilities. This demonstrates the regulator’s commitment to developing technical expertise.
Bank Al-Maghrib, Morocco’s central bank, regulates stablecoins and asset-referenced tokens. Given these instruments’ potential impact on monetary policy and financial stability, BAM supervises their issuance, monitors reserve requirements, verifies asset backing, and assesses systemic risks. Stablecoin issuers must maintain reserves in segregated accounts at Moroccan credit institutions under BAM supervision.
ANRF (Agence Nationale de Réglementation des Finances), Morocco’s financial intelligence unit, enforces anti-money laundering and counter-financing of terrorism obligations. CASPs must register with ANRF, file suspicious activity reports, implement transaction monitoring systems, and participate in regular compliance audits. ANRF maintains the authority to freeze accounts or block transactions linked to illicit activities.
This three-regulator model mirrors the European approach under MiCA, where market conduct, prudential supervision, and AML enforcement are distributed among specialized authorities.
Penalties and enforcement mechanisms
Bill 42.25 establishes a graduated enforcement regime combining administrative, financial, and criminal sanctions.
Administrative sanctions include warnings, public censure, temporary suspension of activities, and license revocation. The AMMC can impose these measures following investigation procedures that respect defendants’ rights to present evidence and contest findings.
Financial penalties range from MAD 100,000 to MAD 5 million depending on violation severity. Factors considered include harm caused to investors, profits derived from misconduct, recidivism, and cooperation with authorities during investigations.
Criminal liability applies to serious offenses. Operating without a license carries prison sentences of one to five years plus fines up to MAD 500,000. Market manipulation and insider trading, when involving crypto-assets, are punishable by prison terms of two to seven years and fines reaching MAD 10 million. These penalties align with sanctions for securities fraud under existing capital markets law.
The law also establishes investor protection mechanisms. CASPs must segregate client assets from proprietary funds, maintain adequate insurance coverage, and participate in a compensation scheme for cases of insolvency or fraud. Clients have recourse to courts for civil damages resulting from CASP negligence or breach of fiduciary duties.
MiCA alignment and implications for EU-based firms
Morocco’s choice to model Bill 42.25 on the EU’s Markets in Crypto-Assets Regulation creates advantages for European fintech companies already compliant with MiCA.
Regulatory familiarity: Firms that obtained MiCA authorization in EU member states will find Morocco’s framework structurally similar. Categories of regulated activities, licensing criteria, operational requirements, and supervision approaches largely parallel the European model.
Documentation reuse: White papers, governance policies, risk management frameworks, and compliance manuals prepared for MiCA can be adapted for Moroccan applications with jurisdiction-specific adjustments rather than complete redrafting.
Technical standards: The AMMC has indicated it will reference European technical standards published by ESMA (European Securities and Markets Authority) where appropriate. This reduces compliance complexity for firms operating in both jurisdictions.
Passporting potential: While Bill 42.25 does not currently provide for mutual recognition or passporting arrangements with the EU, the regulatory alignment creates conditions for future cooperation agreements. Moroccan authorities have expressed interest in establishing memoranda of understanding with European regulators.
Differences remain: Morocco requires physical presence and incorporation under Moroccan law, whereas MiCA permits cross-border service provision. Capital requirements may differ from those applicable in specific EU member states. AML obligations follow Morocco’s Law 43-05, which implements FATF recommendations but contains jurisdiction-specific requirements.
Market opportunity and timeline
The Moroccan crypto-asset market presents significant growth potential. Current market size is estimated at $278.7 million in 2025, projected to reach $292.4 million in 2026, representing annual growth of approximately 5%. The user base of 6 million represents substantial demand for regulated services.
Demographics favor crypto adoption: Morocco has a young population (median age 29), high mobile penetration (over 120% of population), and increasing internet access (88% penetration in 2025). Financial inclusion gaps persist, with traditional banking services not reaching all segments, creating opportunities for crypto-based remittances and savings products.
Legislative timeline: Bill 42.25 was published for public consultation in November 2025. Parliamentary review is expected in the first quarter of 2026, with potential adoption by mid-2026. Following promulgation, the AMMC will publish implementing regulations detailing application procedures, technical standards, and operational requirements. First licenses may be issued in late 2026 or early 2027.
Market entry preparation: Foreign investors should begin preparatory steps now. This includes conducting legal due diligence on Moroccan corporate and tax law, identifying potential local partners or management personnel, developing compliance frameworks adapted to the tripartite supervision model, and preparing technical documentation for license applications.
The transition from prohibition to regulation creates a first-mover advantage for well-capitalized, compliant operators. Early market entrants can establish brand recognition, build customer bases, and shape industry standards before competition intensifies.
Legal services for crypto-asset market entry in Morocco
Establishing a licensed crypto-asset service provider in Morocco requires specialized legal guidance covering corporate structuring, regulatory compliance, and ongoing supervision.
Cabinet Lafrouji Avocats provides comprehensive legal services for fintech investors:
- CASP license applications: Preparation of authorization dossiers, coordination with AMMC/BAM/ANRF, management of regulatory correspondence
- Corporate structuring: Incorporation of Moroccan entities, shareholder agreements, governance documentation, capital structuring
- Regulatory compliance: Implementation of AML/CFT procedures, development of compliance manuals, staff training programs
- Cybersecurity certification: Coordination with DGSSI (Direction Générale de la Sécurité des Systèmes d’Information) for required certifications
- Ongoing regulatory support: License renewals, regulatory reporting, representation in supervisory proceedings, response to AMMC inquiries
Our team has extensive experience advising international financial services firms on Moroccan regulatory requirements and maintains regular dialogue with supervisory authorities.
Contact us for an initial consultation:
Cabinet Lafrouji Avocats
64 rue Taha Houssein
20000 Casablanca – Maroc
Telephone: +212 (5) 22 47 55 29
Email: contact@lafroujiavocats.com
Legal disclaimer: This article provides general information about Morocco’s draft crypto-assets law and does not constitute legal advice. Companies should consult qualified legal counsel to assess their specific circumstances and regulatory strategy.
Comments are closed