OKX obtained a Maltese VFA licence before securing its MiCA licence in Malta. What motivated your choice of Malta as a base?

We chose Malta because it offered regulatory depth and predictability. Malta was one of the first EU jurisdictions to put in place a dedicated virtual asset framework through the VFA Act. That meant we were engaging with a regulator that already had hands-on experience with different crypto business models, long before MiCA entered the picture.

For us, the VFA regime was a natural bridge to MiCA. By operating under VFA, we were able to build governance, reporting and risk-management structures that aligned closely with what MiCA would eventually require. When MiCA arrived, much of the underlying infrastructure – from control functions to documentation culture – was already in place. That made Malta a logical location for our European headquarters.

“If Malta continues on its current trajectory, it can be a centre of regulatory excellence within the EU. Not because of size, but because of the depth of experience its regulators and industry have built.”

How have you found Malta’s business environment?

The business environment is highly supportive. Malta has built a dense and specialised ecosystem around virtual assets – from legal advisors to auditors and regtech providers. Many of these firms have years of experience working within both the VFA regime and MiCA, which makes the operating environment more efficient and better informed. The state itself is clearly pro-innovation, yet equally committed to high regulatory standards.

On talent, Malta offers a strong core of regulatory, compliance and legal expertise. For more specialised roles – such as product development or local-market compliance – we complement the Malta team with hires across Europe.

What matters is that everything is tied back to a single MiCA framework, ensuring consistency across markets.

The result is a hybrid model: Malta as the regulatory and governance centre, supported by local teams across the EU where deeper market knowledge or localisation is needed.

How do you see Malta’s role evolving within the EU crypto landscape as MiCA becomes fully operational?

If Malta continues on its current trajectory, it can be a centre of regulatory excellence within the EU. Not because of size, but because of the depth of experience its regulators and industry have built. Under MiCA, the competition between jurisdictions won’t be about being ‘light-touch’; it will be about clarity, predictability and supervisory competence. Malta is already known for being hands-on and detail-oriented. That positions it well to attract firms that value long-term stability – particularly institutional-facing businesses that prefer mature regulatory environments.

I also think Malta will increasingly serve as a bridge between European standards and global innovation. It’s small enough to be agile, but embedded enough in the EU to ensure very high standards. That combination is rare, and it’s one of the reasons we’ve chosen to anchor our European strategy here.

What lessons have you taken from Malta’s supervisory expectations that might be useful for other firms planning to operate in Europe?

The key lesson is that good intentions are not enough. Regulators expect documented processes, tested systems, independent checks, and demonstrable evidence of compliance maturity. Malta’s supervisors push firmly but fairly: if something isn’t up to standard, they don’t just point it out – they expect you to develop a remediation plan, resource it properly and then prove that it works. For companies coming from fast-moving crypto cultures, that can be an adjustment. But it’s a positive adjustment. The European market is moving toward the kind of discipline you see in banking and payments. Malta’s expectations – on AML, governance, transaction monitoring, or consumer protection – have been very aligned with that direction. For firms coming into Europe, my advice is to embrace that mindset early. Build the right structures before the licence, not after.