Banking for Georgian & Armenian VASPs: 2026 Reality Check

Georgia and Armenia have both built credible domestic VASP regimes. Georgia has registered VASPs with the National Bank of Georgia (NBG) under an updated AML-CFT framework since 2023. Armenia introduced full crypto-asset service-provider licensing through the Central Bank of Armenia (CBA) under Regulation 7/01, effective 31 January 2026. The frameworks differ in maturity and depth, but both jurisdictions are now legitimate domiciliation options for VASPs operating in the broader CIS region.

Banking access is a different question. EU and US sponsor banks evaluate Georgian and Armenian VASPs through a specific lens that overlays the home-jurisdiction VASP registration: Russia exposure. The 2022–2026 evolution of the EU sanctions architecture against Russia — culminating in the 20th sanctions package adopted on 23 April 2026 — has placed third-country VASPs in the Caucasus, Central Asia, and the Gulf firmly in the EU enhanced-diligence perimeter. The Caucasus VASPs that get banked in 2026 are the ones that have built a documented sanctions perimeter that demonstrates separation from Russian customer flows. The ones that have not are increasingly unable to access EU banking despite holding valid home-jurisdiction VASP registrations.

This article codifies what we call the Caucasus Banking Filter — the structural diligence framework EU and US sponsor banks now apply to Caucasus VASPs. We cover the regulatory framework comparison, the sanctions-perimeter documentation that has become decisive, the banking sequence, and the common rejection patterns we see at Layer 2 onboarding.

The Central Bank of Armenia¹^[1] has issued Regulation 7/01 — the Armenian equivalent of MiCA's CASP framework. It defines ten regulated crypto-asset services: operating a trading platform, custody and administration, buying/selling on own behalf, buying/selling on behalf of clients, transmitting orders, placement, portfolio management, advice, transfer, and issuance of asset-referenced tokens. New applicants face a 3–5 month timeline from LLC formation to licence issuance. Existing pre-regulation operators have until 31 January 2027 to complete licensing under transitional provisions.

The Armenian regime is materially closer to MiCA in scope and substance than the Georgian regime. The CBA's licensing standard, the AML/CFT alignment, and the categorical breakdown of services all reflect MiCA framing — which has implications for EU banking access: Armenian-licensed CASPs benefit from a regulatory kinship that EU sponsor-bank credit committees recognise.

The National Bank of Georgia²^[2] updated its AML-CFT framework in 2023 to include virtual assets, creating the legal basis for VASPs and crypto exchanges under Georgian law. The framework is AML-CFT-led rather than prudential-led — registration depth is shallower than Armenia's, the substance bar is lower, and the timeline is faster (2–4 months for the NBG decision, against Armenia's 3–5 months end-to-end).

Entity structure: Georgian-incorporated LLC or JSC. State fee: 5,000 GEL. For LLCs, no minimum capital. For JSCs, 100,000 GEL minimum (25% paid up at registration). Substance requirements: physical office (lease — co-working not accepted), resident director, AML programme aligned with Georgian Financial Monitoring Service (FMS) guidelines, AML Compliance Officer.

The EU's 20th sanctions package³^[3] — adopted 23 April 2026 — designated 20 Russian banks, 4 third-country financial institutions linked to Russia's SPFS messaging network, and a Kyrgyz exchange (TengriCoin) — the first designation of a third-country VASP for Russia-adjacent activity. The signal to EU and US sponsor banks is unambiguous: third-country VASPs in Central Asia, the Caucasus, and the Gulf are now firmly inside the enhanced-diligence perimeter.

Practitioner analysts (Chainalysis, Elliptic, TRM Labs) have all flagged this as a new era of crypto-sanctions enforcement: the EU is now willing to designate third-country VASPs directly, and the diligence patterns sponsor banks apply to Caucasus VASPs reflect that. The result is the Caucasus Banking Filter — a structural overlay on top of the ordinary VASP-onboarding diligence.

The Filter has three components:

• Customer-base composition test: what proportion of the VASP's customers are Russian nationals or Russian-resident? What proportion are CIS-resident more broadly? Sponsor banks now expect documented breakdowns with quarterly refresh.

• On-chain forensics overlay: the VASP must screen incoming and outgoing on-chain transactions against Russia-linked address sets (sanctioned exchanges, OFAC-listed addresses, and the wider Russia-nexus heuristics that analytics providers maintain).

• Geo-fencing infrastructure: IP-level + KYC-level enforcement of Russian-citizen / Russian-resident exclusion where the VASP commits to that exclusion.

VASPs that have built all three components — and can document them in the Layer 2 diligence file — pass the Filter. VASPs that have built fewer than three are increasingly turned away at Layer 2 onboarding regardless of home-jurisdiction VASP registration quality.

What the documentation pack needs to contain, calibrated to FATF VAS Guidance⁴^[4] plus EU sanctions framework expectations:

• Sanctions policy with explicit Russia / Belarus exclusion language, board-approved, dated.

• Customer-onboarding flow with KYC enforcement on nationality, residency, and tax-residency.

• On-chain analytics integration evidence (Chainalysis, Elliptic, or TRM Labs) with Russia-nexus heuristic enabled and documented threshold.

• Customer-base composition report: numerical breakdown by nationality / residency, dated, with quarterly refresh cadence.

• Sanctions screening logs: STR/SAR filings (or equivalent) where Russia-nexus matches were detected and resolved.

• Geo-fencing infrastructure documentation: IP-level enforcement, KYC-document-source enforcement, exception handling.

Both Armenia and Georgia have functional domestic banking ecosystems. A licensed Armenian or Georgian VASP with credible documentation and a clean sanctions perimeter typically secures a domestic operating bank within 2–4 months. The domestic bank handles OPEX, payroll, regulatory capital. This is Layer 1 of the Banking Stack. For specifics on the Stack, see our companion guide.

Identifying an EU EMI willing to onboard a Caucasus VASP is the hard part. The candidate set in 2026 is materially smaller than in 2023 — the 20th sanctions package and the broader EU regulatory direction have driven multiple specialist EMIs to exit the Caucasus segment entirely. The candidates that remain underwrite heavily on the Caucasus Banking Filter components. Realistic Layer 2 onboarding timeline: 4–8 months with documented sanctions perimeter; up to 12 months without it.

At material customer-fund volume, request Layer 2 to separate safeguarding to a distinct EU credit institution. The documented sanctions perimeter remains decisive — the safeguarding bank inherits the perimeter through Layer 2's KYC framework.

Verbal assurance without documented infrastructure. The most common rejection reason in 2026. Sponsor banks expect the customer-base composition report, on-chain analytics integration, and geo-fencing evidence — not narrative.

VASPs with Russian-citizen ultimate beneficial owners face an additional structural diligence layer. EU sponsor banks now apply enhanced due diligence on the UBO's residency, source of wealth, and post-2022 tax-residency change patterns. The UBO question is not in itself fatal — Russian-citizen UBOs with documented relocation, EU/UK residency, and clean source of wealth onboard regularly — but the diligence is materially deeper.

VASPs with substantial CIS customer flows that have not segregated into separate corporate entities (Russian-flow entity vs non-Russian-flow entity) cannot present a clean perimeter to EU sponsor banks. Restructuring is often necessary before the Layer 2 application is filed.

EU sponsor banks increasingly score Caucasus VASPs against AMLR⁵^[5] substance even before AMLR application in July 2027. VASPs whose AML programmes do not yet reflect AMLR-ready depth on customer due-diligence, transaction monitoring, and self-hosted-wallet rules face additional diligence cycles.

For a VASP planning EU/USD rails, Armenia is increasingly preferred because Regulation 7/01 is MiCA-aligned and EU sponsor-bank credit committees recognise that framing. For a VASP optimising for speed and cost, Georgia remains attractive — the registration is faster and lighter. The dominant deciding factor is the founder's customer base: Russia-adjacent customer flows make the Filter the binding constraint regardless of jurisdiction.

Not as a target market. MiCA Article 61 and ESMA's reverse-solicitation guidelines are restrictive — solicitation of EU customers requires direct MiCA CASP authorisation in an EEA member state. The Banking Stack provides EU/USD rails for the VASP's existing non-EU customer base; it does not unlock the EU market.

4–8 months at well-prepared Caucasus VASPs with documented sanctions perimeter; 8–14 months without it. The gating step is typically the customer-base composition evidence and the on-chain forensics integration — Layer 2 underwriters spend material time on these and not on the home-jurisdiction VASP registration documentation.

Then EU/USD rails are not the right answer for those customer flows. Most Caucasus VASPs in this position run a two-entity structure — one entity serving non-Russian customers with EU rails through the Banking Stack, and a separate entity serving Russian-resident customers with domestic Caucasus banking only. Mixing the books inside one entity makes the EU rails impossible to access.

Unlikely in the short term. The 20th sanctions package signalled a hardening, not a softening. AMLR application in July 2027 will further codify the third-country-VASP enhanced-diligence pattern. The Caucasus Banking Filter is structural — plan for it as a permanent feature of the EU sponsor-bank diligence frame rather than a transitory constraint.

• The Non-EU VASP Banking Stack — the three-layer architecture this article applies to Caucasus VASPs.

• The Three-Bank Resilience Standard — the resilience pattern for the operating layer.

• Sponsor Bank Profile for Fintech BaaS — the diligence framework Caucasus VASPs should apply to Layer 2 candidates.

• BaaS Due Diligence Checklist — the 30 questions to put to any Layer 2 candidate.

• Banking Access for Regulated Fintechs — our service: Caucasus VASP banking, sanctions-perimeter design, Layer 2 introductions.

The Caucasus is one of the few regions in 2026 where home-jurisdiction VASP registration is increasingly disconnected from EU/USD banking access. Armenia's CBA Regulation 7/01 and Georgia's NBG framework are credible regulatory regimes; the gap is on the EU side, where the Caucasus Banking Filter applies the 20th-sanctions-package overlay to every Layer 2 onboarding decision. Build the documented sanctions perimeter before applying for Layer 2, not after — the firms that retrofit the perimeter under Layer 2 diligence pressure rarely complete the onboarding successfully.