Two risks. One counsel.
Legal compliance and security audits for crypto.
Amura Audit combines specialist EU crypto regulation with rigorous smart-contract security auditing — so digital-asset businesses can launch compliant, verified and audit-ready from day one.
Legal & Regulatory
Navigate the EU regulatory framework
- MiCA compliance & white-paper review
- CASP / VASP licensing
- AML / KYC frameworks
- Tax structuring & token agreements
Security Auditing
Verify your code before the market does
- Smart contract audit
- Penetration testing & attack simulation
- Formal verification
- Proof of reserves
What we do
Legal and security audit services for digital-asset businesses
End-to-end counsel and technical auditing across the lifecycle of a crypto business — from entity set-up and licensing to smart-contract review and ongoing compliance.
Licensing & Regulatory
MiCA & EU regulatory compliance
Gap analysis, white-paper review, governance and ongoing compliance under the Markets in Crypto-Assets Regulation and related EU regimes.
CASP / VASP licensing
Authorisation and registration of crypto-asset service providers with the CNMV, Banco de España and EU regulators — application to approval.
AML / KYC frameworks
Anti-money-laundering policies, KYC/CDD procedures, risk assessments and SEPBLAC reporting tailored to digital-asset operations.
Commercial & Advisory
Crypto tax advisory
Spanish and cross-border tax structuring for tokens, trading and staking — including the Modelo 721 and informative obligations.
Corporate & token agreements
Entity structuring, shareholder and SAFT/token agreements, and smart-contract terms reviewed for enforceability under EU law.
Fundraising & token issuance
Legal review of token sales, IEO/ICO structures and investor documentation, with prospectus and marketing-rules guidance.
Security Audits
Smart contract audit
Line-by-line legal and technical review of smart contracts for enforceability, undisclosed risk, and regulatory exposure under EU law.
Penetration testing & attack simulation
Adversarial in-depth testing of DeFi protocols, exchanges and custody infrastructure — simulating real-world attack vectors to surface risk before deployment.
Proof of reserves & whitepaper review
Independent reserves verification for exchanges and custodians, plus full legal review of token white papers against MiCA disclosure requirements and ESMA guidelines.
About
A legal and technical team for regulated web3 work
Amura Audit is built around a small team of lawyers and technical specialists who understand both digital regulation and blockchain infrastructure.
The project is led by two Barcelona-based lawyers with experience advising technology companies, fintechs and web3 projects on Spanish and European Union regulatory frameworks.
Their work is supported by a senior blockchain developer and smart-contract vulnerability analyst, allowing legal, compliance and technical risk to be reviewed in one coordinated workflow.
How we work
One process. Legal and security, in parallel.
-
01
Consultation
A focused first call to understand your business model, goals and risk exposure.
-
02
Dual assessment
A regulatory gap analysis and smart-contract security review run in parallel — a complete picture of legal and technical risk.
-
03
Strategy & remediation
A prioritised roadmap covering licensing, structuring, security fixes and documentation — with clear costs for each workstream.
-
04
Ongoing support
Continued counsel as you grow, scale across the EU and adapt to regulatory change.
Get in touch
Let's talk about your business
Tell us where you are and where you want to go. We'll reply within one business day.
- Location Barcelona, Spain · Serving the EU