The Dutch regulator is tightening the pressure on crypto firms that still market to consumers with weak risk disclosure and poor cost transparency. In a new statement, the AFM said crypto-asset service providers, or CASPs, have made some progress, but there is still too much incorrect, unclear or misleading information in advertising and on websites. The watchdog added that firms which continue breaching information standards should expect enforcement action.
The strongest angle is not just that the AFM found problems. It is that the regulator is signaling the post-grace-period phase of MiCAR supervision has now begun. The tone of the statement is clear: the market has had time to adjust, the room for leniency is largely over, and crypto firms selling into the Netherlands now need to treat advertising and consumer cost disclosures as core compliance issues, not side matters.
The AFM says the sector has improved, but not nearly enough
According to the AFM, CASPs must provide information that is correct, clear and not misleading under MiCAR, and they must place information about costs in a prominent place on their websites. The regulator reviewed the advertising and cost information of 33 CASPs and found significant shortcomings in advertising at 14 firms and significant shortcomings in cost information at 19 firms.
That matters because this was not framed as a niche review of a few outliers. The AFM is effectively saying disclosure weaknesses remain widespread enough to justify broader supervisory pressure across the sector. The review covered both Dutch firms and international firms actively serving the Dutch market.
Misleading marketing language remains one of the main problems
The AFM says many crypto ads still fail to present risks in a balanced way. It specifically points to marketing language that refers to crypto trading as “safe” without proper explanation or context, and to promotions using terms such as “commission-free” or “free” without being clear about additional charges, limitations or other embedded costs.
That is one of the most important details in the report because it shows exactly where the regulator believes firms are still crossing the line. In the AFM’s view, crypto advertising becomes misleading not only when it contains false claims, but also when it softens risk, overstates safety or leaves out the real economics of the service.
The regulator is especially sensitive to terms like “safe,” “very reliable,” or even “saving” when used in crypto contexts, because those words can suggest a protection level that consumers normally associate with bank deposits and deposit guarantee schemes.
Cost disclosures are still too hard to find
The AFM also says cost information is often not publicly available in a prominent place on firm websites. In some cases, it says the information was not available on the website at all, or was only discoverable through external search engines. In other cases, consumers had to click multiple times from the homepage before reaching it.
The accompanying report goes further and says some firms failed to present complete and clear cost information, including not properly disclosing common charges such as deposit fees, withdrawal fees, ongoing costs, or specific tariff levels.
That makes this more than a marketing-style issue. The AFM is treating poor cost visibility as a consumer protection problem in its own right, because opaque pricing can distort decisions even if the product description itself is technically accurate. This is an analytical reading of the regulator’s findings and framing.
The AFM is also warning firms about mixed regulated and unregulated services
One of the more interesting findings in the report is the risk of confusion around services that sit inside and outside formal supervision. The AFM says this can happen, for example, where firms present activities like staking or lending next to regulated crypto services without clearly explaining which protections do and do not apply.
That matters because it shows the regulator is not only focused on whether a firm is licensed. It is also focused on whether consumers can tell which parts of a firm’s offering fall under MiCAR supervision and which do not. For crypto platforms with bundled product menus, that could become a major compliance pressure point. This is an analytical conclusion based on the AFM’s fifth improvement point.
Domestic firms will get letters, and foreign firms will be escalated
The AFM says the affected Dutch CASPs will soon receive a supervisory letter. For the ten international firms in scope, it says it will inform the relevant national regulators about the shortcomings it identified.
That is important because it shows the Dutch watchdog is not treating this as a local-only issue. It is using the cross-border supervisory structure built into Europe’s crypto framework, which means firms passporting into the Netherlands cannot assume weak local marketing will escape scrutiny.
This looks like the next phase of MiCAR enforcement
The AFM says this review follows an earlier study from the beginning of 2025, when MiCAR had just come into force. It notes that at that time some CASPs were still holding back on marketing because of mitigation measures after the end of the transition period on 30 June 2025. It now says that when those firms resume marketing, their information disclosures must meet MiCAR standards, and the AFM will continue supervising and, where necessary, enforcing.
That makes this announcement feel like a shift from onboarding and adjustment to actual behavioral policing. The message is no longer “get ready for MiCAR.” It is “you are already in MiCAR, and your consumer-facing disclosures will be judged accordingly.” This is an analytical reading of the timing and tone of the regulator’s statement.
The AFM has laid out five concrete fixes
The regulator says CASPs should use five main improvement points as a reference framework:
- avoid misleading statements and make sure information is properly substantiated
- present risks in a balanced way
- make cost information easy to find
- be clear and transparent about costs for consumers
- clearly distinguish between services that are inside and outside supervision
Those points may sound basic, but that is exactly why they matter. They are the kind of rules many firms assume they already satisfy, yet the AFM’s findings suggest a large share of the market still does not meet them in practice.
Why it matters for crypto
This is one of the clearer signs that MiCAR supervision is moving from licensing headlines into day-to-day conduct enforcement. The AFM is making clear that consumer-facing disclosures, web copy and fee pages are now supervisory territory, not just branding decisions.
It also shows that regulators increasingly view misleading crypto marketing and poor cost visibility as part of the same risk picture. In other words, firms can no longer separate “compliance” from “growth copy” and assume the latter will be tolerated. This is an analytical conclusion based on the AFM’s findings and enforcement warning.
What to watch next
The first thing to watch is whether the AFM escalates from supervisory letters into public enforcement cases, especially if firms fail to fix risk language and fee disclosures after this warning. The regulator explicitly says ongoing breaches can lead to handhavende maatregelen, or enforcement measures.
The second is whether other EU regulators begin publishing similar findings under MiCAR. Because the Dutch review included international firms and cross-border notification to other national authorities, this issue is likely bigger than the Netherlands alone. This is an inference based on the AFM’s escalation path.