Crypto licensing • Mauritius

Mauritius VASP structuring and licensing-ready compliance.

Legal support for Mauritius-based VASP setups: choosing the right structure, building an AML/CTF framework, preparing policies and “bank-ready” documentation, and mapping a realistic licensing/compliance route for your business model.

Best fit for global crypto businesses that need a credible compliance baseline for banking/partners and a structured offshore route for operations or holding.

What we clarify first

Your exact activity: exchange, brokerage, custody, payments, token issuance support.
Client markets and whether you operate cross-border.
Banking/PSP strategy and expected compliance evidence.
Substance approach: directors, policies, vendor stack, oversight model.

If you need a fixed starting scope, see Packages.

Overview

Mauritius route: substance + AML + counterparties.

Mauritius is often chosen for international structuring. In practice, the “make or break” point is bank/PSP and institutional counterparties. We build a coherent compliance baseline and operating narrative that works in real onboarding and audits.

Perimeter

Map your services & risk perimeter

Define scope, restrictions and a practical cross-border positioning baseline.

Service mapping and red flags.
Marketing and client restrictions baseline.
Token/product design considerations.

Outcome: clear “what we do / what we don’t do”.

Structure

Company setup & governance baseline

A governance and accountability model that counterparties can understand.

Shareholding and management structure baseline.
Delegations and oversight framework.
Outsourcing map and vendor controls baseline.

Outcome: clean structure + implementable governance.

Compliance

AML/CTF & controls pack

Risk-based AML controls aligned with onboarding, monitoring and the tools you use.

AML policy + procedures baseline.
Sanctions screening + escalation logic.
Recordkeeping and incident handling baseline.

Outcome: “bank-ready” compliance baseline.

What we do

Core workstreams for Mauritius VASP setups.

Usually: perimeter + structure first, then compliance documentation and counterparty readiness. We scale scope depending on your activity (custody, exchange, payments, etc.).

Phase 1

Readiness & roadmap

Confirm if Mauritius fits your model and define the compliance/operational baseline.

Activity map and risk perimeter.
Structure and substance baseline.
Roadmap and document list.

Phase 2

Documentation pack

A coherent set of policies and procedures aligned with your onboarding and evidence needs.

AML/CTF + sanctions policies and procedures.
Compliance manual / risk framework baseline.
Website legal layer and client disclosures baseline.

Phase 3

Counterparty readiness

Support for “bank/PSP readiness”: make sure your documents and story stand up to due diligence.

Compliance evidence alignment.
Vendor and outsourcing contracts baseline.
Q&A packs for counterparties.

Support

Corporate structuring

Corporate setup, governance and contracting designed for institutional counterparties.

Entity and governance baseline.
Founder arrangements and authorities.
Commercial contracts support.

Open Corporate →

Support

Ongoing compliance

Support after go-live: updates, audits, reporting, vendor changes and incident handling.

Policy updates and control testing baseline.
Monitoring improvements and remediation.
Change management and documentation upkeep.

Open Compliance →

Support

IT/IP & website legal

Terms, privacy/data layer, vendor DPAs and platform legal baseline for launch.

Terms of Use and risk disclaimers baseline.
Privacy & cookie layer baseline.
Vendor contracts and data processing baseline.

Open IP/IT →

Process

How Mauritius VASP projects usually run.

Predictable flow: scope → structure → docs → counterparty readiness → implementation baseline.

Step 1

Kick-off & scope

Define services, client geographies, asset flows and banking/PSP strategy.

Step 2

Structure & substance

Confirm entity setup, management, outsourcing model and governance controls baseline.

Step 3

Compliance & docs

Draft AML/sanctions, onboarding/monitoring procedures and client disclosure baseline.

Step 4

Bank/PSP readiness

Align evidence and Q&A packs so the story stands up to due diligence and audits.

What we need from you

Short description of services and target markets.
Custody/settlement flow (who holds keys, who can move funds).
Client onboarding approach (KYC/KYB) and compliance tooling.
Vendors: KYC, screening, analytics, custody tech, banks/PSPs.

If you’re early-stage, we start with perimeter + a pragmatic compliance baseline.

Typical deliverables

Mauritius scope memo + structure/substance roadmap.
Compliance documentation pack (AML/sanctions + procedures baseline).
Client disclosures and website legal baseline.
Counterparty Q&A pack (bank/PSP readiness).

Want a fixed-scope start? See Packages or request a tailored scope via Contact.

FAQ

Common questions about Mauritius for crypto.

Short, practical answers. We confirm specifics in the initial assessment.

Is Mauritius only a “holding” jurisdiction?

It can be used for holding and for operations, but counterparties will expect real governance and AML controls. We build a structure that fits your actual business model.

Do we still need strong AML controls?

Yes. Banking/PSP due diligence usually requires credible AML/sanctions controls, onboarding procedures and evidence of implementation.

Can we later expand into EU/UAE?

Yes. We can map Mauritius baseline alongside MiCA/UAE/AIFC routes to avoid re-building documentation from scratch.

Do you coordinate with local providers?

Yes. We coordinate with local corporate service providers/counsel for execution, while we handle structure, compliance framework and documentation alignment.

Want a practical Mauritius route for your crypto business?

Send a short description: what you do, whether you custody client assets, target markets, and your banking/PSP expectations. We’ll suggest the best starting scope (readiness → docs → counterparty readiness).

If you plan multi-jurisdiction expansion, we can map Mauritius baseline alongside MiCA/UAE/AIFC routes.

Useful to include in your message:

Services: exchange/custody/brokerage/payments/issuance support.
Client geographies and where you will market.
Asset flows (who holds keys, who settles, fiat rails).
Banking/PSP plans + vendors (KYC, screening, analytics, custody).

Even 8–10 lines is enough to start.