01 — Advisory
Licensing & regulatory build
End-to-end licensing strategy and submission, target operating model, governance, three-lines-of-defence design, AML/CFT programme architecture and policy stack.
Read moreInspection-ready by design.
CASA is an institutional crypto compliance and licensing advisory firm — built in the United Arab Emirates and engaged across the EU, UK, Asia, Switzerland, the Americas and the offshore international financial centres. Resident practice where it matters, network partners where it makes sense, monitoring where the regime is still moving.
What we do
An institutional partner for compliance, licensing and operations.
We sit at the intersection of three operating models that today exist as separate firms — combining the regulatory edge of boutique advisory with the executional discipline of large professional services, anchored by a structured training academy that produces the next generation of compliance talent.
02 — Operations
Managed services & KYC/KYB
Productised onboarding, transaction monitoring and sanctions pods. Per-case unit pricing alongside per-FTE-month capacity, with documented sampling and SLA reporting.
Read more03 — Assurance
Internal audit & attestation
Co-sourced internal audit, mock inspections, model validation and independent attestations — board, regulator and counterparty distribution.
Read more04 — Talent
CASA Academy
MLRO and CCO readiness programmes, transaction monitoring analyst academy, sanctions and Travel Rule operations, executive education.
Read more05 — Technology
RegTech & model assurance
Vendor selection, integration architecture, AML model tuning and false-positive reduction, perpetual KYC enablement, real-time payments controls.
Read more06 — People
Outsourced control functions
Named MLRO, CO/CCO, DPO, Risk Officer and Finance Officer support — with deputy cover and an oversight QA layer.
Read moreWhy CASA
Fearless guidance through the UAE virtual asset perimeter.
We are not consultants. We are partners in the regulatory architecture of your firm — from licensing pathway selection to inspection-ready operations on day two thousand. Anchored in Dubai, working across VARA, ADGM, DIFC and the federal UAE perimeter as a single integrated team.
One partner. Every stage.
Most clients buy us as a single integrated platform — advisory, operations and assurance under one engagement charter. You don't manage three vendors and reconcile their interpretations of the same rulebook. You manage one relationship.
Senior, named, present.
No bait-and-switch. The lead you meet on the first call is the lead doing the work — supported by a bench, audited by an internal QA layer, accountable through a written RACI on every engagement.
Built to be defended.
Every deliverable we hand back is designed to be opened in front of a regulator twelve months later. Productised methodology, documented evidence, ownership transferred at hand-back — not theatre engineered to win the pitch.
Our posture
An extension of your team, not a vendor at arm's length.
We brand and contract for delivery as part of the client organisation, with client-controlled named-individual staffing. Our engagements are governed by an explicit RACI: the client retains accountability for binding compliance decisions, and CASA performs review, drafting, QA, escalation and remediation execution under client supervision.
Engagements above a defined threshold are reviewed by an internal Engagement Acceptance Committee before signing — the same posture we expect of the firms we serve.
We help our clients answer regulators with the same evidence pack twelve months from now that they would have used on day one.
— Operating principle, CASA engagement charter
Who we serve
Built for institutional virtual asset businesses.
International firms entering the UAE
Licensing pathway selection, business plan and submission preparation, compliance and operations build-out, banking and on/off-ramp enablement.
UAE-active virtual asset firms
Ongoing compliance retainers, outsourced MLRO, transaction monitoring and onboarding pods, internal audit cycles, training, regulator engagement.
Banks & asset managers adopting digital rails
Permission strategy, risk and control design, integration with custodians and analytics providers, board reporting, model validation.
Tokenisation issuers and projects
Feasibility, regulatory pathway, structuring and prospectus support — without acting as Issuer or Custodian.
Family offices and treasuries
Virtual asset exposure governance, suitability frameworks, target operating model design, vendor and counterparty due diligence.
Adjacent advisors and investors
Co-delivery alongside statutory audit firms, international counsel, regional investors and the procurement panels that back them.
Insights
Long-form regulatory thinking, on cadence.
At least two long-form briefings per quarter, with a monthly newsletter and a quarterly inspection-readiness webinar.
VARA Version 2.0 Rulebooks: what tightened, and what to do about it
A field guide to the May 2025 Version 2.0 release across the seven activity categories — and the practical inspection-readiness adjustments most firms still owe their boards.
Read briefing →DFSA Crypto Token rules, after 12 January 2026
The amendments shifted suitability accountability from regulator to firm. We unpack the documented-reasoning standard DIFC firms are now expected to evidence at any moment.
Read briefing →Federal Decree-Law No. 33 of 2025: from SCA to CMA
A consolidated federal capital markets perimeter, explicit statutory authority over virtual assets, and extraterritorial reach. What it means for licensing strategy in 2026 and beyond.
Read briefing →Ready to talk?
Whether you are entering the UAE, scaling, or preparing for inspection — start with a confidential conversation. We respond within one business day.