By CertiK service

For each security service, see which jurisdictions trigger it and how attractive each market is right now.

L1 Chain Audit

Jurisdictions triggering

Norms triggering

High-maturity markets

Top markets for L1 Chain Audit

Country	Region	Lead regulator	Maturity	Next deadline	Days	Score
BR — Brazil	LATAM	BCB	High	2026-10-30	155	82.9
DE — Germany	EU	Bundestag	High	—	—	63.4
HK — Hong Kong	APAC	SFC	High	—	—	63.4
GB — United Kingdom	EU	FCA	High	2027-10-25	515	63.2
FR — France	EU	Parlement	High	—	—	57.7
AE — United Arab Emirates	MENA	CBUAE	Medium	—	—	56.8
AR — Argentina	LATAM	BCRA	Medium	—	—	56.8
TR — Türkiye	MENA	null	Medium	—	—	56.8

Norms that trigger L1 Chain Audit

HK2023-05-23

Consultation Conclusions on the Proposed Regulatory Requirements for Virtual Asset Trading Platform Operators Licensed by the Securities and Futures Commission

This document proposes a comprehensive licensing and regulatory framework for centralized virtual asset trading platforms operating in or marketing to Hong Kong. It covers requirements for custody, AML/CFT, token admission, and introduces investor protection measures to allow access for retail investors.

AE2024-08-01

CBUAE Payment Token Services Regulation (PTSR) — Circular No. 2 of 2024 (effective Aug 2024) — stablecoin regime; distinguishes Dirham Payment Token (AED-backed, CBUAE-licensed issuer) from Foreign Payment Token (non-AED, CBUAE-registered issuer); licences issuance, custody/transfer, conversion; bans algorithmic stablecoins and privacy tokens as means of payment; 100% reserves; applies UAE-wide except DIFC/ADGM (but reaches VARA entities)

This regulation establishes a licensing and registration framework for payment token (stablecoin) services in the UAE. It covers issuance, custody, and conversion, distinguishing between AED-backed tokens (licensed) and foreign currency-backed tokens (registered).

GB2023-06-08

FCA FG23/3 — Finalised non-handbook guidance on cryptoasset financial promotions — practical application including store-of-value claims, rates of return, on/off-ramp

This guidance clarifies rules for communicating or approving financial promotions for qualifying cryptoassets in the UK. It focuses on ensuring promotions are fair, clear, and not misleading, covering various models like stablecoins and yield products.

AR2025-03-14

CNV General Resolution No. 1058/2025 — FULL PSAV REGULATION; imposes registration, cybersecurity, asset custody, AML, and risk-disclosure duties; requires ANNUAL SYSTEMS AUDIT; sets adequacy deadlines; CNV may suspend/revoke registrations; unregistered PSAVs may be judicially blocked

This regulation establishes a mandatory registration regime for Virtual Asset Service Providers (VASPs) in Argentina. It imposes comprehensive duties including AML, cybersecurity, asset segregation, and public proof-of-reserves.

DE2022-12-14

EU Digital Operational Resilience Act (DORA) 2022/2554 — ICT risk management, third-party governance and incident reporting for financial entities including CASPs

This regulation establishes a comprehensive framework for digital operational resilience in the EU financial sector. It sets harmonized rules for ICT risk management, incident reporting, resilience testing, and managing ICT third-party risk.

DE2024-12-27

FinmadiG — Finanzmarktdigitalisierungsgesetz (Financial Market Digitalization Act, 27/12/2024) — umbrella law implementing MiCA, TFR and DORA in Germany; Article 1 creates the KMAG; subsequent articles amend KWG, WpHG, WpIG, KAGB, HGB, GwG, ZAG

This is an umbrella law implementing the EU's MiCA, TFR, and DORA regulations in Germany. It creates the KMAG (Crypto Markets Supervision Act) and amends various existing financial laws.

BR2025-11-10

BCB Resolution No. 520 of 2025

This resolution establishes a licensing framework for Virtual Asset Service Providers (VASPs) in Brazil. It defines VASP categories, operational rules, governance, and asset segregation requirements.

BR2026-01-22

BCB Normative Instruction No. 701 of 2026 — technical-certification requirements by independent qualified firms for crypto-asset intermediation/custody licenses (anchors Res. 520 arts. 20 and 23)

This norm details the requirements for a mandatory technical certification by an independent firm. This certification is a prerequisite for entities seeking to provide crypto-asset intermediation and custody services in Brazil.

BR2025-11-10

BCB Resolution No. 521 of 2025

This regulation integrates Virtual Asset Service Providers (VASPs) into Brazil's foreign exchange market framework. It establishes rules and reporting requirements for international payments and transfers involving virtual assets.

BR2020-08-12

BCB Resolution No. 1, of August 12, 2020

This regulation establishes the Brazilian instant payment system, Pix. It defines the rules, participants, governance, and operational framework for 24/7 real-time fund transfers.

BR2025-11-10

BCB Resolution No. 519 of 2025

This resolution establishes the authorization and licensing process for Virtual Asset Service Providers (VASPs) and other financial brokerage firms in Brazil.

BR2022-12-31

BCB Resolution No. 277 of 2022 — FX market rules (amended by Res. 521 to include crypto operations)

This resolution regulates the Brazilian foreign exchange (FX) market. It was amended to include virtual asset services, establishing an authorization regime for VASPs to operate within the FX framework.

BR2021-04-08

BCB Resolution No. 85 of 2021 — cybersecurity policy for payment institutions (companion of CMN 4,893)

This resolution establishes a mandatory cybersecurity policy for payment institutions and other regulated entities, including virtual asset service providers from 2026. It details requirements for risk management, incident response, and contracting cloud services.

BR2021-08-20

BCB Resolution No. 130, of August 20, 2021

This resolution establishes rules for independent audit services for authorized institutions, including payment institutions. It covers auditor independence, mandatory replacement, and the creation of audit committees.

BR2021-02-26

CMN Resolution No. 4,893 of 2021 — cybersecurity policy and cloud-processing/storage requirements for BCB-regulated institutions; extended to SPSAVs by Res. 520

This resolution establishes a cybersecurity policy and requirements for contracting cloud computing services for financial institutions. It mandates risk management, incident response plans, and specific security controls.

FR2019-05-22

French PACTE Law n° 2019-486 of 22 May 2019 — created PSAN status (Prestataire de Services sur Actifs Numériques) and the definition of digital assets (actifs numériques = tokens + virtual currencies); pioneering, inspired MiCA

This law created the French legal framework for Digital Asset Service Providers (PSAN). It defines digital assets and establishes a dual regime of mandatory registration and optional licensing for various crypto-asset services.

TR2024-07-02

Law on Amendments to the Capital Markets Law (Law No. 7518)

This law establishes a comprehensive licensing and supervision framework for Crypto-Asset Service Providers (CASPs) in Türkiye. It empowers the Capital Markets Board to regulate their activities, with technical criteria for IT systems set by TÜBİTAK.