Regulatory Compliance Associates

Practical compliance solutions for Estonian companies

Who we are

Our purpose is to make every day better through solutions that count. Everything we do is inspired by our company values – bold, open and trusted – along with our business principles, and a clear focus on putting our customers first. Our customer-led, compliance-first strategy is all about delivering a standout customer experience and helping our customers to get the most out of their business.

Our vision is to provide valuable, practical compliance services to fin-tech companies by offering a full spectrum of management services to companies that are incorporated, or, considering to start-up in Estonia. Our ultimate goal is to help companies achieve complex compliance obligations under Estonian regulatory compliance requirements.

Our comprehensive knowledge and experience in the regulatory environment, delivers dynamic, tailor-made solutions that are designed to ensure that companies are fully compliant with the law, alert, current and proactive. This has resulted in establishing over 100+ companies with financial service licenses.

We are eager, available and open to discuss your requirements.

Licence nr FIU000385

We have an official licence required to incorporate and take care of your compliance in Estonia as required by the legislation

Logo of Estonia's Ministry of Economic Affairs

Meet our key people

Marti Kõrnas


Marti Kõrnas began his advisory career with Incorporate in Estonia, gaining unparalleled experience in corporate law, while also establishing himself as respected advisor to financial service providers.

As a seasoned corporate administrator, he is passionate about the fintech industry as it keeps pushing innovation both in the financial sector and the Estonian regulatory space. He holds an Advanced Anti-Money Laundering certificate from EiMF and has trained numerous compliance officers and team members for companies who have been licensed by the Estonian Financial Intelligence Unit.

Kaspar Oskar Tali

Junior AML and Compliance Advisor

Kaspar Oskar Tali started his legal career with an apprenticeship in legal firm Eipre and Partners. During his stay there he learned to draft legal documents, put together legal analyses and helped lawyers in their everyday work.

Kaspar Oskar is a fresh face in the world of compliance, who takes pride in his determination and adaptability. He is very keen on the developments of the fintech and compliance landscape.

Matheus Passos Silva

Data protection officer

Matheus Passos Silva has bachelor’s degrees in computer science and political science, with a master’s degree also in the latter area. Currently attending two PhDs in Law in Lisbon, Portugal. Data Protection Officer at L’Oréal Portugal. Assistant Data Protection Officer in the European Association of Data Protection Professionals.

He has taught more than 20,000 students about privacy and data protection since 2018. Since 2004 he has been an Assistant Professor in different universities, having worked in several higher education institutions in Brazil and Portugal.


  • Project developing – execution and full assistance, including pre- and post-incorporation support services
  • AML officer service
  • Company principal service (company second director/Member of the Board)
  • Administration services, including assistance in finding a suitable office space for the company
  • Procedure and internal audit rules which are compliant with the Estonian laws (AML Procedure, Code of Conduct for the application of the customer’s due diligence measures, Code of Conduct for the collection and preservation of data, Code of Conduct for the performance of the notification obligation and for informing the management, Internal Control Rules)
  • Assistance with opening a bank account and/or a payment account
  • Other services directly related to the administration and operation of the client’s affiliated Estonian limited liability company
  • AML officer service
  • Company principal service (company second director/Member of the Board)
  • Compliance advisory during the application process
  • Provisions of advice for the business plan and corporate structure as well as advice on the key areas that regulatory authorities take into consideration when granting licenses
  • Preparation and implementation of the procedure and internal audit rules which are compliant with the Estonian laws (AML Procedure, Code of Conduct for the application of customer due diligence measures, Code of Conduct for the collection and preservation of data, Code of Conduct for the performance of the notification obligation and for informing the management, Internal Control Rules)
  • Fitting, filing and submitting the license applications
  • Handling of licensing application, including addressing all matters and queries raised by regulators during the application
  • Act as the main contact between regulators and clients
  • Negotiation of licensing conditions and notifying regulators of all relevant changes, if any, during the application process
  • AML and KYC training for obtaining an Estonian financial activity service licence
  • GDPR training for a DPO
  • Training related to the company’s compliance with applicable legislation
  • Ad hoc compliance training
  • Consultations
  • Legal advice
  • Commencement of challenge proceedings
    This is an administrative procedure the purpose of which is to verify the legality of a given administrative act or performed act or of the refusal, delay or inaction thereof, as well as the non-examination of the application, and to apply a legal remedy. Due to our experience in communicating with licencing administrations, we can provide the client with high-quality legal advice to resolve the situation.
  • Court representation

The service includes:

  • AML contact person of a licenced company and/or a local Member of the Board
  • Execution of tasks described in the Money Laundering and Terrorist Financing Prevention Act
  • Legal and compliance advice related to the context of Estonian AML legislation. Up to 4 hours per month

Our tasks are:

  • To find and recruit a person who has the necessary knowledge that fits the needs of the company
  • Full training of the candidate. The goal is to match the candidate with AML requirements and FIU conditions for such a position
  • Legal advice up to 4 hours in the first month after receiving the licenses
  • The whole process would start with a practical assessment based on the client’s specifics
  • We evaluate the effectiveness of the company’s current rules of procedure, internal control rules and the client’s due diligence measures
  • We propose recommendations based on our audit in cooperation with the client
  • After the final evaluation, an updated version of the rules of procedures is prepared and handed over to the client
  • Data Protection Officer (DPO) services
  • Preparation of GDPR risk analysis and impact assessment, internal policies and privacy policy
  • GDPR Audits
  • GDPR advisory and consultation services

Financial activity licence authorization process

Inquiry review and agenda planning

This is free of charge. The next steps are are priced at an hourly rate of 190 EUR

Initial evaluation

We will arrange a meeting with the client, identify your needs and plan an initial approach. 2-3 hours

Roadmap drafting

A step-by-step procedure with a timeline. 14-16 hours

Preparation phase

The preparation phase consists of:

1. Collecting all necessary documents
2. A KYC procedure
3, Payment account introduction
4. Company formation etc.

24-30 hours

Submitting of the application

After the final review and necessary fittings, we submit the application to the regulator with all necessary and proper documentation. 4-6 hours

Handling of the licensing application

Processing and compliance, dealing with all matters and queries raised by regulators during the application;

We also act as the main contact between the regulator and the client. 26-30 hours

Issuance of the licence and post-authorization support

We will continue to offer guidance while maintaining and providing  required services. 4-6 hours

Get in touch

We are eager, available and open to discuss your requirements

Ministry of Finance propose new regulations for Estonian Virtual Assets Service Providers (VASPs)

With the value of Bitcoin breaking the $40,000 threshold at the beginning of 2021, it is no surprise to see that words like virtual assets, digital wallet and Blockchain have become more mainstream. Estonia introduced the initial regulation for the virtual currency exchanges and wallet service providers late 2017 and by the end of 2019 the FIU had issued more than 2000 operating licenses to exchange and wallet service providers.

In 2019, Estonia began to think about how to regulate innovative or innovative ways of raising capital, primarily with a view to ensuring greater investor protection. To put it simply, the trend was to modernise and regulate a significant part of the Estonian FinTech sector.

The unexpected popularity of the virtual exchange and wallet provider licenses resulted in new regulations, of which were aimed to safeguard the reputation of the Estonian business sector and make an oversight of the companies who had acquired an operating license easier. The amendments came into force March 2020 and new regulations required a licensee to have a place of business and a seat of management in Estonia, in order to maintain their license. With the new regulations in force and the FIU’s increased oversight activities, the number active license holders dropped to below 400 by January of 2021.

As the new regulation for VASPs have been proposed in the EU level, the Estonian Ministry of Finance has introduced a new draft regulation for virtual asset service providers and crowdfunding. The drafters of the new regulation noted that the principles of investment and raising capital have not changed significantly over time, but the innovation in the finical sector has made raising capital easier, which has had a noteworthy impact on the business models in the sector. As the cover letter of the regulation points out, it is important to support innovation and the creation of new services on the one hand, and to protect them from the unintended consequences on the other. At the same time, the current regulation has not kept pace with the new possibilities, which means that there is a need to extend investor protection to capital raising models that fall outside the scope of the current regulation.

The proposed regulation aims to regulate the following activities:

  • Virtual assets service providers;
  • Crowdfunding platforms;
  • other undertakings that offer so-called alternative investment opportunities but are not yet subject to supervision.


The current article focuses mainly on the changes that may affect cryptocurrency companies, including virtual assets service providers. As Estonia currently does not have any regulation for crowdfunding, the regulation proposed for the crowdfunding platforms will be covered in separate article

If you would like to read the full article, then you can get it for free by subscribing to our mailing list.