A newly released FinTelegram Compliance Intelligence Report documents how MEXC continued to onboard a new EU retail user after the MiCA transition deadline — while payment and onboarding flows connected the offshore exchange environment to Romanian, French, Australian and MiCA-authorised Irish service layers. A separate reader-friendly Compliance Briefing summarises the key findings.
The Key Point
FinTelegram has released its new MEXC After MiCA Day One Compliance Intelligence Report, together with a shorter MEXC Compliance Briefing for readers seeking a concise overview of the case. The central finding is stark.
According to FinTelegram’s documented live testing, a new EU retail user was able to register with MEXC on 1 July 2026, complete advanced KYC including EU identity and address verification, receive functional account access and proceed toward fiat and crypto funding routes.
This occurred after the end of the MiCA transitional period and against the background of ESMA’s clear expectations that unauthorised crypto-asset service providers cease onboarding new EU clients and restrict remaining activity to an orderly wind-down.
FinTelegram has identified no publicly disclosed MiCA authorisation for a MEXC operator serving EU clients. The report therefore places MEXC under FinTelegram Radar Status: Black — Active EU Onboarding Watch / Payment Rails Watch / MiFID II Derivatives Watch.
The Payment Relay Behind the User Journey

The report goes substantially further than asking whether MEXC itself holds a MiCA licence. Its core contribution is the reconstruction of the service and payment architecture appearing around the MEXC user journey. FinTelegram’s testing documented a multi-layer environment involving:
- Finetix Limited S.R.L., a Romanian company that publicly describes itself as a crypto exchange and fiat payment gateway provider. Finetix-linked legal materials and a MEXC-associated card descriptor appeared in tested flows.
- Heuro SAS / Harmoniie SAS dba OuiTrust, a French ACPR-authorised electronic money institution. A tested EUR bank-transfer route generated a concrete payment instruction using a French IBAN and Heuro banking details.
- Ocean Wave Fintech Pty Ltd, an Australian company whose public corporate history includes the former names MEXC Australia Pty Ltd and MXC Tech Pty Ltd. During the tested journey, the EU user encountered a service-provider change referring to an Australian jurisdiction and received account-related communications.
- Legend Trading / Legend Financial Ireland Limited, whose Irish entity is MiCA-authorised. A separate MEXC-related buy-crypto flow triggered a Legend account application and onboarding communications.
The report does not allege that these entities are under common ownership or that their appearance in the transaction architecture proves wrongdoing. The compliance question is different — and more important:
How can a non-EU exchange with no publicly disclosed MiCA authorisation continue to offer a functioning EU-facing onboarding and funding journey through a layered network of third-party providers?
Why This Matters After MiCA
The MEXC case illustrates what FinTelegram considers one of the central enforcement challenges of the post-transition MiCA market. An authorisation regime is only as effective as the infrastructure surrounding it.
Where an offshore exchange can continue to accept new EU users while fiat funding, onboarding, settlement or conversion functions are provided through European payment institutions, crypto service providers or third-country entities, the regulatory perimeter becomes an infrastructure question — not merely an exchange-licensing question.
The report therefore examines not only MEXC, but also the obligations and exposure of institutions appearing in the chain.
For regulated banks, EMIs, PSPs, CASPs, acquirers and payment facilitators, the relevant questions include:
- Has the institution assessed the MiCA status of the underlying crypto platform?
- Who is legally the client at each stage of the flow?
- Who receives the fiat and who delivers the crypto?
- Is the regulated provider acting independently, as an on-ramp, as a payment intermediary, or as a bridge into the offshore exchange environment?
- What enhanced due diligence has been conducted in light of MEXC’s public regulatory history?
- Where exactly does the regulated service end and the MEXC service begin?
A Regulatory History That Cannot Be Ignored
The findings arise against a significant adverse regulatory background.
The full Compliance Report reviews public warnings and enforcement actions involving MEXC-branded operations across multiple jurisdictions, including the United Kingdom, Belgium, Australia and Seychelles.
Of particular significance, the Seychelles Financial Services Authority publicly identified MX Global Ltd as the operator of the MEXC platform and stated in May 2026 that the entity had been carrying on virtual-asset services without the required authorisation under Seychelles law.
The report also examines the earlier role of Paytend Europe UAB in MEXC-related payment flows. Paytend later lost its Lithuanian EMI licence following serious AML/CFT and internal-control findings by the Bank of Lithuania.
FinTelegram expressly notes that the Lithuanian regulator did not identify MEXC as the unnamed high-risk customer referenced in the Paytend enforcement findings and that no causal link between MEXC-related flows and the licence revocation has been established.
The relevance of the Paytend case is therefore structural: payment-layer institutions can face severe supervisory consequences where high-risk-customer handling, monitoring and governance fail.
Reverse Solicitation Looks Like a Difficult Defence
MEXC or involved intermediaries may argue that EU users approach services on their own initiative or that specific transaction steps are performed independently by regulated third parties.
The full report examines these possibilities.
FinTelegram’s assessment is that a reverse-solicitation explanation appears difficult to reconcile with the cumulative pattern observed:
EU user acceptance, EU identity and address verification, functional account activation, available deposit routes and embedded third-party payment or CASP layers.
Website accessibility alone is not the issue.
The issue is the architecture as a whole.
Two Publications, Two Audiences
To make the findings accessible to both specialist and general readers, FinTelegram is releasing two documents:
MEXC Compliance Report
The full master report provides the detailed regulatory framework, evidence methodology, entity analysis, payment-rail reconstruction, legal and compliance assessment, risk matrix, open questions and stakeholder right-of-reply framework.
MEXC Compliance Briefing
The shorter four-page briefing presents the essential findings in a reader-friendly format and explains why the case matters for the future enforcement of MiCA and the supervision of crypto-related payment infrastructure.
Whistleblower Call
FinTelegram invites current and former employees, compliance officers, MLROs, contractors, payment processors, banks, acquirers, CASPs and users with information about MEXC, Finetix, Heuro/OuiTrust, Ocean Wave Fintech, Legend Trading, Paytend, OSL Pay or related fiat and crypto flows to contact us confidentially through Whistle42.
We are particularly interested in contracts, payment-flow documentation, merchant and acquirer records, compliance assessments, onboarding arrangements, internal communications, settlement structures and regulatory correspondence.
Share information securely. Help us map the infrastructure behind the market.
FinTelegram’s Radar Status and risk assessments are editorial compliance classifications and not findings by a court or regulator. The report does not allege criminal conduct by any named entity. All named parties are invited to provide corrections and statements for incorporation into updated versions.




