Montenegro: crypto & digital assets regulation

Partially regulated

Montenegro crypto regulation: AML obligations and DORA-style resilience; no specific VASP license defined

Lead regulator:
Central Bank of Montenegro
Key law:
Law on the Prevention of Money Laundering and Terrorist Financing (2023)
Last updated:
2026-07-12

Montenegro regulates digital assets primarily through anti-money laundering (AML) frameworks rather than a dedicated crypto-asset licensing regime. The Central Bank of Montenegro (CBK) oversees financial sector stability and AML compliance, with crypto-asset service providers explicitly listed as reporting entities under the 2023 AML Law.

Entities providing crypto services must comply with comprehensive AML/CFT measures, including customer due diligence and transaction monitoring, enforced by the Financial Intelligence Unit. Additionally, the 2023 Law on Digital Operational Resilience imposes strict IT security and resilience requirements on crypto-asset service providers, aligning them with broader financial sector standards.

There is no evidence in the provided documents of a specific 'VASP' license category, minimum capital requirements for crypto firms, or a dedicated crypto-asset act. The regulatory stance relies on existing financial laws to impose AML and operational resilience obligations, leaving the licensing landscape for pure crypto activities undefined in the source text.

Who regulates

  • Central Bank of Montenegro

    Primary supervisor for credit institutions and financial sector stability; oversees implementation of AML and digital resilience laws for financial entities including crypto-asset service providers.

    [1][2][3]
  • Financial Intelligence Unit

    Receives reports and enforces AML/CFT compliance for reporting entities, including crypto-asset service providers.

    [2]

Core laws & rules

  • Law on the Prevention of Money Laundering and Terrorist Financing (2023)

    Establishes AML/CFT obligations for reporting entities, explicitly including crypto-asset service providers, and defines money laundering and terrorist financing measures.

    [2]
  • Law on Digital Operational Resilience for the Financial Sector (2023)

    Mandates digital operational resilience requirements for financial entities, including crypto-asset service providers, covering IT security and incident reporting.

    [3]
  • Law on Credit Institutions (2023)

    Regulates credit institutions and defines core financial services; does not explicitly define crypto-asset licensing but establishes the broader financial regulatory framework.

    [1]

Licensing & registration

  • Crypto-Asset Service Provider (implied)

    No specific 'VASP' license category is defined in the provided documents. Entities are subject to AML registration and digital resilience compliance rather than a dedicated crypto license.

    Low confidence — verify with the regulator before relying on this.

Restrictions & warnings

  • Crypto-asset service providers are subject to strict AML/CFT reporting obligations and mandatory digital operational resilience standards, including IT security and incident management protocols.

    [2][3]

Direction of travel

  • Regulatory direction emphasizes operational resilience and AML compliance for crypto entities, aligning with broader financial sector standards. No dedicated crypto-asset licensing regime is evident in the current documents.

    [3][2]

Email alerts for Montenegro updates

New circulars, rules and guidance — a digest in your inbox, same day.

This guide is compiled automatically from 3 primary-source documents published by Montenegro's regulators, reviewed by RegAlert, and refreshed monthly (last updated 2026-07-12). It is not legal advice — always confirm requirements with the regulator or local counsel before acting.