AIFC Money Service Operator License in Kazakhstan: Complete Guide for 2026
Updated: March 2026 | Author: Zitadelle AG Regulatory Team
⚠️ Major 2025–2026 Regulatory Update: AFSA adopted a comprehensive new Providing Money Services (PMS) framework on April 13, 2025, replacing the previous Rule 21 provisions. The new framework came into force in two phases: Phase 1 on October 13, 2025 (new definitions, revised capital requirements, digital asset integration) and Phase 2 on January 13, 2026 (mandatory client protection, cybersecurity obligations, incident reporting, and strong customer authentication). Any guidance predating October 2025 should be treated as outdated. Contact Zitadelle AG to navigate the new framework.
Kazakhstan's Astana International Financial Centre (AIFC) has rapidly established itself as the leading regulated financial hub for Central Asia, the CIS, and cross-border payment operators seeking access to the Eurasian corridor. With over 4,000 firms from more than 85 countries now registered in the AIFC, a common-law framework, an independent regulator (AFSA), and one of the world's most generous zero-tax regimes, the AIFC offers a compelling and cost-effective base for payment companies, money remittance platforms, EMIs, and fintech operators — including those integrating digital assets into their payment flows.
Zitadelle AG is a specialist regulatory consultancy providing end-to-end support for firms seeking an AIFC Money Service Provider (MSP) authorization — from corporate structuring and business plan preparation through AFSA submission, key staff recruitment, and post-authorization compliance. This guide covers everything you need to know about the AIFC MSP license in 2026, including the material changes introduced by the new Providing Money Services framework.
Frequently Asked Questions About the AIFC Money Service Provider License
What Is the AIFC Money Service Provider (MSP) License?
The AIFC Money Service Provider (MSP) authorization — formerly referred to as the "Money Service Operator" license — is issued by the Astana Financial Services Authority (AFSA), the independent regulator of the Astana International Financial Centre. It authorizes firms to provide a regulated range of payment and money service activities in or from the AIFC.
As of October 13, 2025, the regulatory basis for this license shifted from Rule 21 of the AIFC General Rules to the dedicated AIFC Rules on Providing Money Services (PMS Rules), adopted on April 13, 2025. The PMS Rules represent a complete overhaul of the prior framework and are now the definitive regulatory reference for any firm seeking or holding this authorization.
What activities are authorized under the AIFC MSP license?
Under the new PMS Rules, "Providing Money Services" covers:
Currency exchange (including arranging currency exchange)
Selling or issuing payment instruments
Selling or issuing stored value
Execution of payment transactions, including transfers via bank/settlement accounts, direct debits, and payments via card or similar devices
Execution of payment transactions backed by a credit line
Money remittance (domestic and cross-border)
Transactions initiated through telecommunications, digital networks, or IT systems
Digital asset payment services — including digital asset remittances and acquiring (new from October 2025)
Non-custodial payment initiation services involving digital assets (e.g., MetaMask-type and Trust Wallet-type business models — new from October 2025)
This license explicitly authorizes the transfer of funds abroad, including royalty payments, merchant settlements, and client remittances — making it directly applicable to cross-border payment platforms, fintech operators, and international remittance services.
What Changed Under the New 2025–2026 AFSA PMS Framework?
The April 2025 PMS framework is the most significant regulatory development for AIFC money service providers since the AIFC's establishment. Firms applying for or holding an MSP authorization must now comply with requirements that did not exist under the previous Rule 21 structure.
Phase 1 — Effective October 13, 2025:
New unified definitions for money services activities, replacing fragmented provisions across the AIFC General Rules
Revised capital requirements framework — the capital floor is now formally set under the PMS Rules, with additional working capital buffer obligations
Digital asset integration — two new models codified for MSPs operating with digital assets (see Digital Asset Services section below)
Regulatory perimeter clarified — AFSA explicitly extended its scope to cover digital asset payment transactions that function like traditional money services, including digital asset remittances and acquiring
Phase 2 — Effective January 13, 2026:
Mandatory client protection — firms must include specific disclosures in Client agreements, implement refund provisions, establish liability for unauthorized transactions, and provide clear rights of recourse
Complaints handling framework — formalized complaints procedures required as a regulatory obligation
Safeguarding of Client money — segregation and safeguarding requirements for client funds held by MSPs
Cybersecurity obligations — mandatory cybersecurity policies, incident reporting protocols, and independent IT audits
Operational resilience — technology governance frameworks, ongoing IT risk monitoring and testing
Strong Customer Authentication (SCA) — required for relevant payment transactions
AFSA 2026 Regulatory Roadmap: AFSA has also confirmed plans for further framework development in 2026–2028, including updates to AML/CFT guidance, fintech lab framework enhancements, and targeted amendments across multiple regulatory areas. Firms should expect ongoing regulatory evolution and build compliance functions capable of adapting to iterative AFSA updates.
Key takeaway for 2026: The AIFC MSP license is now a substantively more demanding authorization than it was 18 months ago. Firms that secured an MSP authorization prior to October 2025 must have updated their compliance frameworks to meet the new requirements. Firms applying now do so under the full PMS Rules from the outset — which requires more robust compliance documentation but also signals AIFC's maturation into a Tier 1 payment regulation jurisdiction.
Why Choose the AIFC for Your Payment or Fintech Business in 2026?
The AIFC's combination of regulatory quality, tax incentives, strategic location, and common-law legal infrastructure is increasingly difficult to match — particularly for firms targeting the Eurasian market.
Common-law legal environment. All AIFC regulation is governed under English common law principles, providing a stable, internationally recognized legal framework. Disputes are resolved through the AIFC Court — an independent common law court modeled on the DIFC Courts — or the AIFC International Arbitration Centre.
Zero-tax regime until 2066. AIFC participants benefit from 0% Corporate Income Tax (CIT), 0% withholding tax on dividends, interest, and capital gains, 0% VAT on financial services, and no capital gains tax for non-resident shareholders — all guaranteed under Kazakhstan's AIFC Constitutional Law until January 1, 2066.
Strategic gateway to Eurasia. The AIFC provides access to Kazakhstan, the wider Central Asian market, the CIS, and increasingly to China's Belt and Road corridor. For firms seeking regulated presence in a jurisdiction between Europe and Asia, the AIFC offers unmatched positioning.
Rapidly growing ecosystem. Over 4,000 firms from 85+ countries are registered in the AIFC, including global names such as KPMG, EY, PwC, Deloitte, Binance, Bybit, China Construction Bank, and China Development Bank. The AIFC is a functional, active financial ecosystem — not a shell jurisdiction.
Digital asset–friendly. The AIFC is one of the few jurisdictions globally that has formally integrated digital asset payment services into its money services framework, with clear operating models (Bridge and Direct) and a supportive regulatory sandbox (FinTech Lab) for early-stage digital asset models.
Cost-effective licensing. Application fees start at just USD 500 (via the self-service portal) — among the lowest of any regulated financial jurisdiction globally for equivalent authorization. There is no annual license tax at the AFSA level.
Fast processing times. AFSA targets a 2–3 month processing window for materially complete applications for regulated activities — significantly faster than comparable jurisdictions in the EU or Gulf.
Visa and work permit facilitation. Employees of AIFC participants and their family members benefit from a simplified visa regime and work permit process, including multi-year visas without standard labor permit requirements — a meaningful advantage for international staffing.
AIFC MSP Licensing Requirements (2026)
Capital Requirements
Under the new PMS Rules (effective October 13, 2025):
Requirement | Amount |
|---|---|
Minimum base capital (fiat) | USD 200,000 |
Working capital buffer | The higher of USD 200,000 or sufficient working capital in fiat currency to sustain 12 months of operations under realistic forecast scenarios (both positive and negative) |
The capital must be maintained on an ongoing basis. AFSA also expects a formal capital buffer to be reflected in financial projections, particularly for firms handling third-party client funds — this has become a more formal requirement under the new PMS Rules.
Local Management and Staffing
AFSA places strong emphasis on local accountability and substantive presence. For MSP authorization, the following appointments are required:
Senior Executive Officer (SEO) There is no strict residency requirement for the SEO, but AFSA expects the individual to spend an appropriate and meaningful amount of time in Kazakhstan, commensurate with the responsibilities of the role.
Money Laundering Reporting Officer (MLRO) / Compliance Officer Must be ordinarily resident in Kazakhstan. This is a non-negotiable requirement — remote MLRO arrangements are not accepted by AFSA.
Based on Zitadelle AG's active market intelligence for AIFC-regulated entities, qualified compliance professionals and executive directors typically command USD 3,500–6,500 per month. This should be budgeted as a fixed operational cost. Zitadelle AG can assist with the search and vetting of qualified candidates through our sister company HRFinease.
Entity Requirements
A new company must be registered as an AIFC Participant (AIFC-incorporated private company limited by shares or LLC equivalent)
The company must have a registered office within the AIFC (Nur-Sultan/Astana)
Physical presence in the AIFC is required — AFSA does not authorize purely shell arrangements
Application Fee
USD 500 (self-service portal application)
USD 1,500 (paper application via email)
Annual supervisory fees apply post-authorization (vary by firm size and activity)
Digital Asset Services Under the AIFC MSP License (2026)
The new PMS framework's integration of digital assets into the money services perimeter is one of the AIFC's most significant regulatory developments and differentiates the AIFC from most comparable jurisdictions globally.
Two Operating Models for Digital Asset MSPs
Bridge Model The MSP handles digital assets in its own name — it sends, receives, or holds digital assets on behalf of clients, but under the provider's own control. This model is appropriate for firms operating digital asset payment rails where the MSP is the counterparty to client transactions.
Direct Model The MSP acts as an intermediary — facilitating clients in sending or receiving digital assets directly between their own wallets and those of the MSP. This model covers business models similar to payment initiation services, including non-custodial providers such as MetaMask or Trust Wallet-type platforms.
Both models are now formally regulated under the PMS Rules. Firms operating either model must comply with the full PMS framework, including client protection, AML/CTF, cybersecurity, and incident reporting obligations.
What Digital Asset Services Are Permitted Under the MSP License?
Digital asset remittances (cross-border transfers using crypto rails)
Digital asset acquiring (receiving crypto payments on behalf of merchants)
Non-custodial payment initiation services involving digital assets
Currency exchange involving digital assets acting as a medium (bridge currency)
What Requires a Separate Digital Asset Authorization?
Operating a Digital Asset Trading Facility (crypto exchange) — requires a separate AFSA authorization
Providing custody of digital assets for clients — requires Digital Asset Custody authorization
Issuing digital assets or stablecoins — subject to a separate AFSA framework under development
Dealing in digital assets as securities — falls under capital markets regulation
Zitadelle AG can advise on the appropriate authorization structure for your specific digital asset business model, including whether an MSP authorization, a Digital Asset Services authorization, or a combination is optimal.
Full AIFC License Menu: Where the MSP Fits
The AIFC offers a comprehensive suite of financial services authorizations. The MSP license is one of several options, and for some business models, a combination of licenses may be appropriate.
License Category | Primary Activities |
|---|---|
Money Service Provider (MSP) | FX, payments, remittance, stored value, digital asset payments |
Payment Institution / EMI | Electronic money issuance, payment accounts |
Digital Asset Trading Facility | Crypto exchange, OTC crypto desk |
Digital Asset Services | Custody, dealing, managing digital assets |
Investment Firm (Broker-Dealer) | Securities brokerage, asset management |
Islamic Finance Provider | Sharia-compliant banking and finance |
Crowdfunding Platform | Loan-based and equity crowdfunding |
Representative Office | Market entry without full authorization (pre-license) |
FinTech Lab | Regulatory sandbox for unproven/innovative models |
The Representative Office route is available for firms that wish to explore the AIFC market before committing to full authorization. The FinTech Lab sandbox remains available for digital asset and fintech models that do not yet fit within existing license categories.
Ongoing Compliance Obligations for AIFC MSPs (2026)
Authorization is the foundation, not the entirety, of regulatory compliance. Firms holding an AIFC MSP authorization must maintain:
AML/CTF program — robust, documented, and regularly reviewed AML/CTF framework aligned with AFSA AML Rules and FATF standards.
Annual external audit — mandatory for all AIFC-authorized firms; financial statements must be audited by an AFSA-approved auditor.
Cybersecurity framework — mandatory from January 13, 2026, including cybersecurity policies, regular IT risk monitoring and testing, and independent IT audit.
Incident reporting — operational and cybersecurity incidents must be reported to AFSA within defined timeframes under the new PMS Rules.
Client agreement content — mandatory disclosures as specified in the PMS Rules, including refund provisions, liability for unauthorized transactions, and rights of recourse.
Safeguarding of client money — client funds must be segregated and safeguarded in accordance with PMS Rules requirements.
Complaints handling — formal complaints framework required, with defined resolution timelines.
Ongoing AFSA reporting — regular regulatory reports and notifications to AFSA, including material changes to business, ownership, or key personnel.
MLRO residency — the locally resident MLRO must remain in post and active; any change requires AFSA notification and approval.
Application Process and Timeline
Stage | Estimated Duration |
|---|---|
Feasibility assessment and structuring | 2–4 weeks |
Document preparation (business plan, compliance framework, financial projections) | 4–8 weeks |
AIFC company incorporation | 2–4 weeks (can run concurrently) |
AFSA application submission and review | 2–3 months (materially complete application) |
Total end-to-end (with Zitadelle AG) | Approximately 4–6 months |
The most critical variable in timeline is the quality and completeness of the application. AFSA's 2–3 month processing window applies only to materially complete applications. Incomplete or inconsistently documented submissions restart the review clock. Zitadelle AG's submission-ready preparation eliminates this risk.
How Zitadelle AG Supports Your AIFC MSP Application
Zitadelle AG is a boutique regulatory consultancy specializing in financial services authorizations across the AIFC, UAE, EU, Canada, and international jurisdictions. Our AIFC MSP service includes:
Regulatory scoping and feasibility assessment — we assess your business model against the full PMS Rules framework, identify which digital asset models apply (Bridge vs. Direct), and determine whether additional authorizations are required.
AIFC company incorporation — coordinated in parallel with the AFSA authorization process to minimize overall timeline.
Business plan and financial projection preparation — drafted specifically to meet AFSA's authorization criteria and the capital buffer requirements under the new PMS Rules.
AML/CTF compliance framework — full documentation including risk assessment, AML/CTF policies, KYC procedures, and ongoing monitoring frameworks.
Cybersecurity and client protection documentation — mandatory under Phase 2 of the PMS Rules (January 2026); Zitadelle AG prepares all required policies and frameworks.
Key staff sourcing and onboarding — through our sister company HRFinease, we identify, assess, and support the onboarding of Kazakhstan-resident MLRO and SEO candidates who meet AFSA's competency requirements.
Full AFSA application management — preparation, portal submission, and ongoing liaison with AFSA throughout the review process.
Post-authorization compliance support — regulatory reporting, annual audit coordination, policy maintenance, and guidance on future AFSA framework updates.
Frequently Asked Questions (FAQ)
What is the difference between the old "Money Service Operator" license and the current MSP authorization? The terminology and underlying regulatory framework have both been updated. The old "Money Service Operator" label referenced Rule 21 of the AIFC General Rules. As of October 13, 2025, the dedicated AIFC Rules on Providing Money Services (PMS Rules) now govern this authorization. The activity scope has expanded (particularly to include digital asset payment services), capital requirements have been formalized with a working capital buffer obligation, and new mandatory requirements apply for client protection, cybersecurity, and incident reporting.
Can the MSP license be used to operate a crypto exchange? No. Operating a Digital Asset Trading Facility (crypto exchange) requires a separate AFSA authorization. However, the MSP license permits digital asset remittances, digital asset acquiring, and non-custodial payment initiation services involving digital assets — under either the Bridge or Direct model.
Does the AIFC MSP license allow me to serve clients outside Kazakhstan? Yes. AIFC authorizations permit activities conducted "in or from" the AIFC — which includes services provided to counterparties outside Kazakhstan and outside the AIFC. However, AFSA advises participants to take independent legal advice on whether additional licenses may be required from other jurisdictions (including Kazakhstan's domestic regulator, ARDFM) depending on the nature of client-facing activities.
Is a physical office in Kazakhstan required? Yes. AIFC participants must have a registered office within the AIFC and a substantive physical presence. The MLRO must be locally resident. Purely nominee or shell arrangements are not accepted by AFSA.
How long does the AIFC MSP authorization take? AFSA targets a 2–3 month processing window from receipt of a materially complete application. Total end-to-end timeline — including incorporation and documentation preparation — is approximately 4–6 months with Zitadelle AG's support.
Are there ongoing fees after authorization? Yes. Annual supervisory fees apply post-authorization, varying by firm size and activity scope. The initial application fee is USD 500 (portal) or USD 1,500 (paper). Annual financial audits by AFSA-approved auditors are also a required cost.
What are the tax benefits, and how long do they last? AIFC participants benefit from 0% CIT, 0% withholding tax, 0% VAT on financial services, and no capital gains tax for non-resident shareholders. These benefits are guaranteed until January 1, 2066 under Kazakhstan's AIFC Constitutional Law.
Can Zitadelle AG help with digital asset business models at the AIFC? Yes. Zitadelle AG advises on the full range of AIFC digital asset authorizations, including the MSP PMS framework (Bridge and Direct models), Digital Asset Trading Facility, Digital Asset Services, and the AFSA FinTech Lab sandbox. We assess which authorization — or combination of authorizations — is optimal for your specific business model.
Ready to Establish Your AIFC Payment or Fintech Business?
The AIFC in 2026 is a materially more sophisticated regulatory environment than it was even two years ago — and that is precisely what makes an AIFC MSP authorization so valuable. The new PMS framework brings the AIFC into alignment with international best practice on client protection, cybersecurity, and digital asset integration, while preserving the zero-tax regime, common-law infrastructure, and cost-effective licensing that makes Kazakhstan's financial center strategically compelling.
Contact Zitadelle AG today for a free, no-obligation consultation. We will assess your business model against the full PMS Rules framework, identify any additional authorization requirements, and design the most efficient path to AIFC authorization.
📞 Call / WhatsApp / Telegram: +357 96 649654 🌐 Website: www.zitadelleag.com 📅 Book a Free Consultation
This article is provided for informational purposes only and does not constitute legal or regulatory advice. AFSA regulatory requirements are evolving. Always consult a qualified advisor — such as Zitadelle AG — before initiating a licensing process. Last updated: March 2026.
Related Services from Zitadelle AG:
