sk sk

Supervision of Crypto-Assets

The National Bank of Slovakia supervises:

• from 30 December 2024, crypto-asset service providers (CASPs),

• from 30 June 2024, issuers of asset-linked tokens and issuers of electronic money tokens.

Crypto-Asset Service Providers

Scope of Supervision

In addition to the obligations imposed on all commercial companies under commercial law, tax, accounting and other regulations, supervised entities must:

1. comply with regulatory requirements under the MiCA Regulation, e.g. comply with minimum capital requirements, comply with prescribed corporate governance requirements, ensure the safety of client funds and crypto-assets,

2. comply with regulatory requirements under the DORA Regulation (effective from 17.1.2025), e.g. have in place an ICT business continuity policy and plans to ensure that, in the event of an interruption to their systems and procedures, data and functions are preserved and that their activities continue or timely recovery is enabled, and must also report serious ICT-related incidents,

3. comply with obligations set out in the TFR Regulation, e.g. send data to the sender and recipient of crypto assets,

4. comply with the rules of protection against legalization of proceeds from crime and against financing of terrorism,

5. comply with the rules of financial consumer protection.

Own funds

The own funds (and/or insurance policy) of crypto-asset service providers must not fall below the higher of:

• permanent minimum capital requirements (EUR 50,000/125,000/150,000 depending on the type of crypto-asset service provided),

• a quarter of the fixed overhead costs for the previous year.

Requirements for the safekeeping of crypto-assets and client funds of crypto-asset service providers

Crypto-asset service providers that hold crypto-assets (means of access to them) or funds belonging to clients must have adequate measures in place to protect the property rights of clients and to prevent the use of crypto-assets or client funds for their own account. The funds received (other than electronic money tokens) shall be placed with the bank by the end of the following business day in an account that is identifiable separately from all accounts used to hold funds belonging to crypto-asset service providers.

Supervision method

Within the framework of supervision, National Bank of Slovakia verifies the compliance of the actual state of business of crypto-asset service providers with the expected state according to the relevant regulations in areas 1-5 above. It supports healthy market development, fair competition, contributes to strengthening public confidence in this sector and tries to prevent systemic risks.

Reporting obligations of crypto asset service providers

For the purposes of supervision, crypto-asset service providers are subject to various reporting and notification obligations towards the National Bank of Slovakia.

Part of the obligations is the submission of regular reports, the submission of which is regulated by the Measure of the National Bank of Slovakia of 24 March 2025 No. 3/2025 on the submission of reports by crypto-asset service providers. The measure will enter into force on 1 July 2025 and aims to:

a) develop new reporting templates for crypto-asset service providers that have been granted a crypto-asset service provider authorisation (Balance sheet of assets and liabilities and profit and loss account, Report on own funds and prudential requirements, Report on crypto-asset services and fees, Report on wallet addresses, Report on complaints, Report on crypto-asset service provider, Report on crypto-asset service provider on AML/CFT, Notification of changes in the management body and responsible persons),

b) extend the reporting obligation for some already supervised financial market entities that are authorised to provide crypto-asset services.

The reports are submitted electronically, via the Statistical Collection Portal information system. Since it is possible to select an item only from a predefined set for some fields in the reports, for complete information we publish the List of elements and groupings.

Steps of the crypto-asset service provider after granting permission in connection with reporting according to the NBS Measure No. 3/2025

The Measure of the National Bank of Slovakia No. 3/2025 in Section 3 defines, among other things, the method and date of submission of reports, while the reports are submitted electronically via the Statistical Collection Portal information system (hereinafter referred to as the “IS ŠZP”). For this reason, it is necessary to register in the IS ŠZP and ensure active access.

  • 1. Registration of a new health care entity into the IS – application

    For registration, it is necessary to send a scan of the completed application for approval of administrator access to the IS ŠZP to the email address: jana.sicakova@nbs.sk and the original by post to: RNDr. Jana Sičáková, Statistics Department, National Bank of Slovakia, Imricha Karvaša 1, 813 25 Bratislava.

    In the introduction to the application, it is necessary to select ŠZP-SK, leave the Substitution section empty, request approval of the administrator in the entity, the second tab (ziad_príloha) does not need to be sent.

  • 2. Registration of a new reporting entity in the Social Insurance Information System – specific procedure for the first administrator

    After receiving the request from the NBS, a cryptoasset service provider (CASP) will be created in IS ŠZP and an account will be created for the first administrator. The system will send an automatic email to the administrator with his ID (login name) and password to the specified email address. The administrator will then download the certgen application for generating a certificate, which he can download from the presentation that was sent by email to the cryptoasset service provider, on slide 7, along with the password, to the computer from which he will log in. He will start certgen, fill in the application fields in step 1, and press the “Generate certificate and csr” option. The application will generate a file with the csr extension and a certificate for him. The administrator will send the csr file to the email address: jana.sicakova@nbs.sk and it will then be imported into the system. After the import, the administrator will receive another automatic email with a *.pem file, which he will save to the directory whose name and password he enters in certgen. Then the administrator completes the work in certgene with step 3, closes certgen. In the explorer on the computer, he finds the given directory, in it the file *.p12, which he sets with the mouse, selects Install PFX with the right button and installs the certificate into the storage on the computer. The last step after installing the certificate is to run the certinfoapp4.exe application and convert the certificate to RSA AES.

    After successfully completing the above steps, the administrator has access to IAM/midpoint, where he can create new administrators and add new users to the IS ŠZP. There, he will have to add the roles Editor, Responsible Person to the users. This is done in the IS ŠZP by finding Entities-List of entities on the top blue bar. He selects his company and the entity card will expand in the right part. On the second tab, he will find Contact persons, where he selects the relevant person. In the lower part, his roles will expand in green font. He clicks between them with the right mouse button and selects to add the role Editor and/or Responsible Person. If CASP decides that each editor or responsible person will only have access to a limited set of reports, it is possible to select only some reports in the list of templates. Additional information will be provided by the Handbook for the Administrator of the Entity; in case of emergency, Ms. Sičáková can be contacted by email at jana.sicakova@nbs.sk or by phone at 02/5787 2339. Further information on the registration of reporting entities in the Social Insurance Information System is available on this page.

    Sending reports is two-level. The first role is the Editor, who creates the report and fills it with data. The second role is the Responsible Person, who sends the report to the NBS. Therefore, we recommend that you set up access to the SZP IS for two people, one of whom will be the editor and the other the responsible person and administrator. The system allows the Editor and Responsible Person roles to be assigned to one user.

  • 3. Familiarization with the Social Security Information System and preparation of reports

    Users of the IS ŠZP have the opportunity to download manuals related to the IS ŠZP through this and this page. The pages in question also contain information about the NBS contact persons, namely the IS ŠZP Operation Administrator (delivery of the certificate to the entity Administrator and in the event of unavailability of the IS ŠZP) and the IS ŠZP Methodologist (in the event of questions regarding the functionality of the IS ŠZP).

    On the reporting side, it is possible to enter data into the IS ŠZP either by manually entering data into the report forms or by importing from XML files. The structure of the XML files is derived from the structure of the report templates that are designed in the IS ŠZP. Information on the XML files for individual reports is published on the page here.

    We also provide instructions for sending a classic report via the IS ŠZP and instructions for sending an individual report via the IS ŠZP using the example of a specific report for a crypto-asset service provider. For individual reports in IS ŠZP, you can find permissible values ​​in the Methodology and Responsible Persons section, and for individual reports, an Excel document template for creating an XML file.

    Methodological questions about reports as well as practical questions related to the creation of reports in IS ŠZP should be sent by crypto-asset service providers to crypto-reporting@nbs.sk (when formulating a methodological question about reports, we recommend, if possible, also sending a proposed/preferred answer to the question with any justification).

    We also recommend continuously monitoring the website of the National Bank of Slovakia as well as the planned report templates in IS ŠZP.

  • 4. Participation in an online workshop on the Health Insurance Information System (listening to the recording)

    On 20.1.2026 at 9.30 a.m. (with a planned duration of 2 hours), the NBS is organizing an online meeting for already licensed crypto-asset service providers, at which the basics of working in the IS SZP will be explained (methodology for creating a report – manually, via .xml, procedures for uploading a report, launching checks) and there will be space for related questions from CASPs. A recording of the meeting will be available subsequently. Interest in the meeting and registration of participants, to whom an invitation will be sent, must be sent to crypto-reporting@nbs.sk.

Cryptoasset service provider reporting obligations

A crypto-asset service provider is obliged to report several facts to the NBS under the MiCA regulation. The NBS may also request additional information from the crypto-asset service provider that is relevant for the performance of supervision.

Unless otherwise stated, regular and irregular reporting obligations are submitted to the following address:

Národná banka Slovenska 

Imricha Karvaša 1  813 25 Bratislava 

alebo emailom na: 

crypto@nbs.sk

Annual contribution

Crypto-asset service providers must pay an annual contribution to the supervision of the NBS. Your questions related to annual contributions can be formulated at the email address prispevky@nbs.sk.

Issuers of asset-linked tokens

Scope of supervision

In addition to the obligations that arise for all commercial companies under commercial law, tax, accounting and other regulations, supervised entities must:

1. meet the regulatory requirements under the MiCA Regulation, e.g. comply with minimum requirements for own funds, prepare a white paper on crypto-assets (if the value of the token exceeds EUR 5,000,000 or is not intended exclusively for qualified investors) and publish the approved document on their website, have an asset reserve in accordance with the MiCA Regulation,

2. meet the regulatory requirements under the DORA Regulation (effective from 17.1.2025), e.g. must have an ICT business continuity policy and plans in place to ensure that, in the event of an interruption to their systems and procedures, data and functions are preserved and that their activities continue or a timely recovery is enabled; they must also report serious ICT incidents;

3. comply with financial consumer protection rules.

Own funds

The own funds of issuers of asset-backed tokens may not fall below the highest of:

• EUR 350,000,

• 2% of the average amount of the asset reserve,

• a quarter of the fixed overhead costs for the previous year.

Requirements for custody of reserve assets by issuers of asset-backed tokens

Reserve assets are held in custody for a maximum of five business days after the date of issuance of the asset-backed token by either the crypto-asset service provider or a bank. The asset reserve is legally segregated from the issuers’ assets as well as from the asset reserve of other asset-backed tokens so that the issuers’ creditors have no claim on the asset reserve. It must also be operationally segregated from the issuer’s assets as well as from the asset reserve of other

tokens. Issuers of asset-linked tokens that invest a portion of their asset pool invest these assets only in highly liquid financial instruments with minimal market risk, credit risk, and concentration risk.

Method of conducting supervision

The National Bank of Slovakia, as part of its supervision, verifies the compliance of the actual state of business of crypto-asset service providers with the expected state according to the relevant regulations in areas 1-3 above. It supports healthy market development, fair competition, contributes to strengthening public trust in this sector and seeks to prevent systemic risks.

The issuer’s reporting obligations

Titles III and IV, concerning asset-linked tokens and electronic money tokens, shall apply from 30 June 2024.

The issuer of asset-linked tokens shall regularly submit the information in accordance with the MiCA Regulation set out below:

Information regularly submittedSubmission date, frequency
Reporting on asset-linked tokens (with an issue value exceeding EUR 100,000,000), Art. 22 MiCAThe issuer reports to NBS quarterly.
Notification of the results of the independent audit of the asset reserve, Art. 36(10) MiCAThe audit must be conducted every 6 months, from the date of authorization (approval of the white document). Deadline: within 6 weeks of the valuation reference date.
The issuer of asset-linked tokens shall submit the information listed below, as applicable:

Irregular notification/information:

Intended changes to the business model, Art. 25(1) MiCA
Draft revised white paper on cryptoassets, Art. 25(2) MiCA
Plan for the termination of the provision of services and activities, Art. 34(7) MiCA
Recovery plan, Art. 46, para. 2 MiCA. Deadline: within 6 months from the date of authorization (approval of the white document)
Back-exchange plan, Art. 47(3) MiCA

Unless otherwise stated, regular and irregular reporting obligations are submitted to the following address:

National Bank of Slovakia
Imricha Karvaša1
813 25 Bratislava

or by email to: crypto@nbs.sk