Digital Payments & Fintech · Finland
Fintech & digital payments rules in Finland (2026)
Finland shaded by its digital payments & fintech status
Finland operates a clear, mature licensing regime for digital payments and fintech, anchored in EU law (PSD2/EMD2) transposed via the Payment Institutions Act (297/2010) and Payment Services Act, with the FIN-FSA as the competent licensing and supervisory authority. Payment institutions, e-money institutions and third-party providers must be authorised (or, below thresholds, registered) by the FIN-FSA, which maintains a public register. EU-level regimes — MiCA for crypto-assets and the Instant Payments Regulation — apply directly, with national implementing acts and FIN-FSA authorisations already being granted.
Key points
Provision of payment services or issuance of e-money requires FIN-FSA authorisation under the Act on Payment Institutions (297/2010); entities below statutory thresholds may instead register as 'persons providing payment services without authorisation'. FIN-FSA maintains a public register of all such providers.
PSD2 was transposed in two parts effective 13 January 2018 — institutional rules via the Payment Institutions Act (Act 890/2017) and conduct/service rules via the Payment Services Act (Act 898/2017), bringing third-party providers (open banking AISPs/PISPs) and strong customer authentication into scope.
Electronic money institutions are licensed by the FIN-FSA under the Payment Institutions Act, which implements the EU E-Money Directive (EMD2); EMI authorisation covers issuance of e-money alongside payment services.
MiCA has applied since 30 Dec 2024; Finland enacted a national CASP and Crypto-Asset Market Act (repealing the prior VASP Act) with a short transition ending 30 June 2025. Only FIN-FSA-authorised crypto-asset service providers may operate — Coinmotion became the first authorised CASP in July 2025.
The directly-applicable EU Instant Payments Regulation took effect from 9 October 2025 (receive obligation already in force, send obligation phasing in), and the Bank of Finland operates TARGET settlement infrastructure serving Finland and the Nordics; a national instant-payment rulebook and governance model were completed by autumn 2024.
A Consumer Protection Act (38/1978) amendment in force from 1 October 2023 steers consumers away from deferred-payment/BNPL options online (non-credit methods must be displayed first, identity verification required for deferred payment) and caps consumer credit interest at the Interest Act reference rate +15 pp (absolute ceiling 20%).
Timeline - major decisions & events
Revised FIN-FSA AML regulations and guidelines took effect, formally placing MiCA-authorised crypto-asset service providers (exchanges, custodians, wallet providers, token issuers) within the anti-money-laundering supervisory perimeter. This aligned crypto licensing obligations with the rest of the regulated financial sector.
FIN-FSA ↗Finland's MiCA grandfathering window for previously registered virtual currency providers closed, so from this date only firms holding (or actively applying for) a FIN-FSA crypto-asset service provider authorisation may lawfully offer crypto services in Finland. Coinmotion was the first firm granted such authorisation.
FIN-FSA ↗Coinmotion became the first company authorised by FIN-FSA as a crypto-asset service provider under MiCA, establishing the template for licensed crypto operations in Finland. FIN-FSA also warned consumers that many platforms still operated without authorisation.
FIN-FSA ↗MiCA's crypto-asset service provider rules became directly applicable, replacing Finland's earlier AML-only registration regime with a full prudential authorisation framework (own funds, governance, consumer and market-integrity rules) supervised by FIN-FSA.
FIN-FSA ↗FIN-FSA imposed penalty payments of EUR 25,000 on Roble Services Oy and EUR 15,000 on Alami Services Oy for failing to report to the Financial Intelligence Unit payments of at least EUR 1,000, illustrating active enforcement of AML duties on payment-services firms.
FIN-FSA ↗The PSD2 obligation to apply strong customer authentication (two-factor) for online payments and account access became effective in Finland, reshaping how banks and payment service providers secure electronic transactions.
FIN-FSA ↗Finland's first dedicated crypto law required virtual currency exchanges, issuers and custodian wallet providers to register with FIN-FSA, implementing the EU's 5th Anti-Money Laundering Directive; the first five registrations were granted later that year.
FIN-FSA ↗The EU's second E-Money Directive deadline shaped Finland's regime for licensing electronic money institutions (issuing e-money), folded into the Act on Payment Institutions framework supervised by FIN-FSA, with proportionate authorisation thresholds.
EUR-Lex (EU) ↗Finland's foundational payments framework transposed the original Payment Services Directive (PSD1), creating the licensing/registration regime for payment institutions under FIN-FSA and the conduct rules for executing payment transactions that still anchor the sector.
Finlex (Finland) ↗Finland - other topics
Last verified 5/23/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →