Final Report on Guidelines for Assessment of Knowledge and Competence under MiCA

11 July 2025 ESMA35-1872330276-2380 Final Report Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA)

ESMA - 201-203 rue de Bercy - CS 80910 - 75589 Paris Cedex 12 - France - Tel. +33 (0) 1 58 36 43 21 - www.esma.europa.eu 2

3 Table of Contents 1 Executive Summary ....................................................................................................5 2 Background.................................................................................................................7 3 Feedback to the consultation.......................................................................................8 4 Annexes ....................................................................................................................17 4.1 Annex I: Cost-benefit analysis ............................................................................17 4.2 Annex II: SMSG advice to ESMA on Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA)24 4.3 Annex III: Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA) ............................28 1 Scope........................................................................................................................28 2 Legislative references, abbreviations and definitions.................................................29 2.1 Legislative references ........................................................................................29 2.2 Abbreviations .....................................................................................................29 2.3 Definitions ..........................................................................................................29 3 Purpose.....................................................................................................................30 4 Compliance and reporting obligations........................................................................31 4.1 Status of the guidelines ......................................................................................31 4.2 Reporting requirements......................................................................................31 5 Guidelines for the criteria on the assessment of knowledge and competence ...........32 5.1 General (Guideline 1).........................................................................................32 5.2 Criteria for knowledge and competence of staff giving information about crypto￾assets or crypto-asset services (Guideline 2)................................................................32 5.3 Criteria for knowledge and competence for staff giving advice about crypto-assets or crypto-asset services (Guideline 3)...........................................................................36 5.4 Organisational requirements for assessment, maintenance and updating of knowledge and competence (Guideline 4) ....................................................................38

4 6 Annex: Illustrative examples of the application of certain aspects of the guidelines ...40

5 1 Executive Summary Reasons for publication The Regulation on Markets in Crypto-Assets (MiCA)1 was published in the Official Journal of the European Union (EU) on 9 June 2023. The MiCA provisions relating to the provision of crypto-asset services have entered into application on 30 December 2024. The European Securities and Markets Authority (ESMA) has been required to issue guidelines on the criteria for the assessment of knowledge and competence of natural persons giving information or advice on crypto-assets or crypto-asset services, on behalf of crypto-asset service providers. On 17 February 2025, ESMA published a Consultation Paper (CP) to seek stakeholders’ views on ESMA’s proposals for these guidelines. The consultation period closed on 22 April 2025. ESMA received 23 responses, 3 of which were confidential. The answers received are available on ESMA’s website unless respondents requested otherwise. ESMA also sought the advice of the Securities and Markets Stakeholder Group (SMSG). Contents Section 2 sets out the background, including the legal background. Section 3 consists of the feedback statement relating to the draft guidelines which were included in the ESMA public consultation. Annex I contains the costs-benefit analysis undertaken in relation to the guidelines. Annex II contains the advice of the SMSG in relation to the guidelines. Annex III contains the guidelines. The guidelines aim at strengthening investor protection and ensuring an appropriate knowledge and competence of staff providing information or advice on crypto-assets or crypto-asset services by (i) ensuring a minimum level of knowledge and competence of such staff; and (ii) addressing specific features and risks of crypto-assets markets and services through the criteria for the assessment of the relevant staff’s knowledge and competence. To these ends, the guidelines assist crypto-asset service providers in meeting their obligations to act in the best interest of their clients and support competent authorities in adequately assessing how crypto-asset service providers meet these obligations. Consequently, ESMA expects these guidelines to promote greater convergence in the criteria for the assessment of knowledge and competence of staff providing advice or information about crypto-assets or crypto-asset services and their application.

6 Next Steps The guidelines in Annex III of this report will be translated into the official EU languages and published on the ESMA website. The publication of the translations will trigger a two-month period during which competent authorities must notify ESMA whether they comply or intend to comply with the guidelines. The guidelines will apply from six months after the publication of the translations on the ESMA website. 1 Regulation (EU) 2023/1114 of the European Parliament and the Council of 31 May 2023 on markets in crypto-assets (OJ L 150, 9.6.2023, p. 40–205).

7 2 Background Legal background

1. Article 81(15) of MiCA provides for ESMA to issue guidelines specifying the criteria for the assessment of knowledge and competence in accordance with paragraph 7 of this Article.
2. Article 81(7) of MiCA provides that “crypto-asset service providers providing advice on crypto-assets shall ensure that natural persons giving advice or information about crypto￾assets, or a crypto-asset service, on their behalf possess the necessary knowledge and competence to fulfil their obligations. Moreover, Member States are required to publish the criteria to be used for assessing such knowledge and competence”. 2
3. In addition, in line with Article 68(5) of MiCA that requires crypto-asset service providers to employ personnel with the knowledge, skills and expertise necessary for the discharge of the responsibilities allocated to them, ESMA is of the view that all crypto-asset service providers, not just those providing advice, should ensure that natural persons giving information about crypto-assets or crypto-asset services possess the necessary knowledge and competence to fulfil their obligations. ESMA therefore is complementing the guidelines based on the mandate in Article 81(15) of MiCA by own-initiative guidelines in the same area. Background
4. Crypto-assets and crypto-asset services are increasingly easily accessible to EU retail investors. For example, such assets and services are available online through various mobile applications or websites that require limited technological knowledge and equipment (e.g., access to the internet and a simple smartphone are often sufficient). Additionally, low minimum investments and 24/7 operation of trading platforms facilitate retail investors’ access to crypto-assets and crypto-asset services.
5. However, the knowledge of market participants, especially retail investors, about crypto￾assets and the related services still seems to be limited.3 2 On 2 May 2024, the European Commission published a corrigendum to the Regulation (EU) 2023/1114 (MiCA Regulation) which inter alia amended Article 81(15)(a). 3 According to a study by the UK Financial Conduct Authority, only 42% of adults had heard about crypto-assets in 2019. This ratio has been rising to 73% in 2020, 78% in 2021 and 91% in 2022. Nevertheless, only 74% of the people who had heard of crypto-assets in 2022, were capable to recognise correctly its definition from a list of statements (https://www.fca.org.uk/publication/research-notes/research-note-cryptoasset-consumer-research-2023-wave4.pdf).

8 6. Additionally, the following two key features of crypto-asset markets have been observed. Firstly, new crypto-assets continue being created, often very swiftly. Secondly, the volatility of many crypto-assets seems to exceed traditional financial instruments, such as shares. 4

7. As the combination of the above-mentioned factors increases the risk of potential detriment, especially for retail investors, it is crucial that staff of crypto-asset service providers who give advice on crypto-assets or information about crypto-assets or crypto￾asset services possess, and also maintain, an appropriate level of knowledge and competence to fulfil their obligations set out under MiCA, including but not limited to the requirement to act in the best interests of clients.
8. This Final Report summarises and analyses the responses to the CP and explains how the responses, together with the SMSG advice, have been taken into account. ESMA recommends reading this report together with the CP to have a complete view of the rationale for the guidelines in Annex III. 3 Feedback to the consultation Q1: Do you agree with the minimum requirements5 regarding qualification, experience and continuous professional development of staff giving information on crypto-assets and crypto-asset services to clients included in paragraphs 19 to 21 of draft Guideline 2? If not, what would, in your view, be adequate minimum requirements? Please state the reasons for your answer.
9. Most respondents, including the SMSG, agreed with ESMA’s approach of suggesting guidance regarding minimum thresholds for the qualification, experience and continuous professional development (CPD) of staff providing information on crypto-asset and crypto-asset services to clients. However, some respondents made suggestions on specific elements included on the guidance related to those minimum thresholds, which are addressed below. On the guidance regarding minimum thresholds for the professional qualification and experience (Guideline 2, paragraph 19)
10. Some respondents noted that the proposed minimum of 80 hours of professional qualification which crypto-asset service providers’ staff giving information about crypto￾4 For example, total market capitalisation of crypto-assets exceeded USD 3 trillion on 10 November 2021, before rapidly falling below USD 850 billion barely 13 months later. 5 Please note that, given the non-binding character of ESMA guidelines, reference to ‘requirements’, where referring to these Guidelines, should be read as the ‘guidance’ provided in the same guidelines.

9 assets or crypto-asset services should obtain prior to providing such information would be appropriate. Accordingly, the 80 hours should enable the relevant staff to understand the crucial functioning of crypto-asset markets (e.g. the crypto-asset market structures or cyber-security risks) and thereby allow these staff members to inform their clients adequately. 11. However, some respondents expressed the view that 80 hours of qualification would be too comprehensive and would not be proportionate. In the view of these respondents, the guidelines should not be too prescriptive and thus refrain from introducing minimum thresholds and instead be limited to specifying the content of the relevant knowledge for the relevant staff, while the minimum length of the qualification should not be included in guidelines but rather left to the full discretion of the crypto-asset service providers themselves. 12. ESMA’s response: Regarding proportionality, ESMA reminds stakeholders that the guidelines identify several options for CASPs to consider ensuring that their staff acquires an adequate level of knowledge and competence. Paragraph 19 of the guidelines indeed indicated 2 options: i) a professional qualification of at least 80 hours and appropriate experience of at least 6 months under supervision; or ii) appropriate experience of at least 1 year under supervision. 13. In addition, ESMA notes that the minimum of 80 hours indicated in the guidelines is the equivalent of 2 weeks of a work week of 40 hours. Therefore, any natural person with a pre-MiCA education on financial markets is highly likely to have already acquired at least some knowledge and competence included in the 80 hours of professional qualification, provided that their professional qualification covered the topics listed in paragraph 18. If the relevant staff’s pre-MiCA education did not cover all topics covered, then the CASP may organise top-up training for the relevant topics. 14. ESMA considers that the minimum set out in paragraph 19 is appropriate to enable the relevant staff members to comply with their obligations under MiCA. Additionally, CASPs should apply proportionality to consider whether, on the basis of the range and nature of their crypto-asset services and crypto-assets, they should ensure that their staff undergo more than 80 hours of professional qualification. 15. ESMA believes that it is appropriate to provide guidance, including minimums, on the professional qualification because the volatility of many crypto-assets seems to exceed traditional financial instruments (e.g. shares or debt instruments) and MiCA does not offer the same level of investor protection as MiFID II does. Indeed, under MiCA, clients are not protected by product governance requirements or appropriateness requirements. Therefore, it is tremendously important to make sure that staff providing information to clients is knowledgeable and competent so that clients and potential clients get correct

10 information. 6 However, in light of comments received and to ensure that Guideline 2 offers sufficient flexibility to crypto-asset service providers, ESMA amended Guideline 2 to make clear that paragraph 19 sets out examples of the qualification and/or experience that would be regarded as adequate. Crypto-asset service providers may have to apply higher standards, depending on the range of the crypto-assets and crypto-asset services they provide. Topic-related knowledge and competence guidance for staff giving information on crypto￾assets or crypto-asset services (Guideline 2, paragraph 18) 16. In the view of some respondents, the list set out in paragraph 18 encompasses a too broad range of topics in light of the practical activities of such staff. The proposals of these respondents include: • to focus the provision of paragraph 18a on the fact that staff giving information should demonstrate the necessary knowledge and competence set out in that paragraph only for crypto-assets and crypto-asset service offered by the crypto￾assets service provider and not for crypto-assets which are for example, technically in the scope of the crypto-asset service, but are actually not offered by the CASP in any of such services; • to delete certain elements of the knowledge and competence guidance (e.g. tax implications and valuation methodologies) from Guideline 2, as these respondents regard these aspects as more relevant for staff providing advice about crypto￾assets or crypto-asset services (Guideline 3). 17. ESMA’s response: ESMA notes that paragraph 18(a) was already referring to knowledge and competence limited to the “key characteristics, risks and features of the crypto-asset services offered by the crypto-asset service provider and the crypto-assets in the scope of these services”, so not in relation to all crypto-assets. However, ESMA acknowledges that the wording was not sufficiently clear in that respect and thus amended paragraph 18a of Guideline 2 in Annex III, to make it clearer. 18. Additionally, ESMA deleted the guidance for staff giving information on crypto-asset services and crypto-assets to understand general tax implications. ESMA recognises that this – the understanding of general tax implications - may de disproportionate for staff just giving information about crypto-asset services and crypto-assets, especially given that CASPs often operate cross-border in a non-harmonised tax framework. In addition, ESMA amended certain provisions of Guideline 2 to introduce more 6 Article 66 of MiCA provides that crypto-asset service providers shall provide their clients with information that is fair, clear and not misleading, including in marketing communications, which shall be identified as such.

11 proportionality whilst still providing guidance on an adequate level of knowledge and competence of staff providing information about crypto-asset services and crypto-assets. For instance, in paragraph 18(k), ESMA clarified that an understanding of only basic valuation mechanisms is requested. On the guidance for existing members of staff giving information or advice on crypto-assets or crypto-asset services on the date of entry into application of these guidelines (Guideline 2, paragraph 20/Guideline 3, paragraph 25) 19. Stakeholders’ comments and suggestions on the guidance for existing members of staff giving information or advice on crypto-assets or crypto-asset services on the date of entry into application of these guidelines were very similar. Thus, the following paragraphs address both. 20. Some respondents raised concerns about the transitional provisions included in paragraphs 20 and 25 of the draft guidelines and applicable to existing members of staff giving information on crypto-assets or crypto-asset services on the date of entry into application of the guidelines. More specifically, a few respondents and the SMSG propose to include further guidance to verify the knowledge and competence of such staff members and to avoid disparities in staff competence which could hamper the quality of information provided to clients. These suggestions include the SMSG proposal to instead indicate that existing members of staff providing information or advice on crypto-assets or crypto-asset services should obtain the necessary professional qualification of 80 or 160 hours respectively, within six months from the date of application of the guidelines. A few other respondents proposed that ESMA should provide guidance on which form of evidence such staff should provide to demonstrate their knowledge and competence (e.g. client interactions or sign-offs by superior crypto￾asset service provider’s staff). As an additional suggestion, some respondents mentioned that such staff should be allowed to continue providing information or advice for one year, while having to pass during this period a certified exam with an external provider to prove their knowledge and competence. 21. ESMA’s response: ESMA’s approach to such transitional measures is rooted in the intention to slowly ensure that staff providing information or advice on crypto-asset services or crypto-assets acquire the necessary knowledge and experience. The current transitional measures use a presumption that existing staff already exercising such function and that have been doing so for a minimum period of 1 year have or have acquired through that period the necessary knowledge and competence. Although ESMA acknowledges that this should be demonstrated, to this end, the guidelines leave some flexibility to staff and crypto-asset service providers. This may be done through, for instance, annual appraisals, internal exam, external exams.

12 22. ESMA is of the view that assessing the knowledge and competence of existing staff only through an exam carried out by an external provider would be too disruptive and, at the moment, possibly not doable given that no widely accepted exam of the sort seems to be available. ESMA believes that, in combination with the guidance provided in paragraph 21 (for staff giving information to clients) and 26 (for staff giving advice) regarding minimum continuous professional development (CPD) and training, Guidelines 2 and 3 will allow existing staff member to reach and maintain a necessary level of knowledge and competence. Guidance on the minimum thresholds regarding CPD for staff giving information or advice on crypto-assets or crypto-asset services (Guideline 2, paragraph 21 / Guideline 3, paragraph 26) 23. Due to the similarities between stakeholders’ responses with regards to the proposed guidance on CPD for staff providing information or advice on crypto-assets or crypto￾asset services, the responses on the two types of CPD will both be addressed below. 24. Respondents’ comments included the following topics: • few respondents7 proposed to provide smaller crypto-asset service providers with more flexibility regarding the CPD guidance for their staff giving information or advice on crypto-asset and crypto-asset services. • in relation to the content of the CPD measures, few respondents 8 suggested including in the guidelines that such activities should account for inter alia regulatory changes, market developments and newly emerging technologies and risks to ensure that the relevant staff increases its knowledge and competence on such relevant points. 25. ESMA’s response: With respect to the flexibility to be introduced in the guidelines for smaller crypto-asset service providers, ESMA notes that the requirements for crypto￾asset service providers to employ staff with the necessary knowledge and competence applies to all crypto-asset service providers, of any size and providing any type of crypto￾asset services. 9 However, being aware of the challenges all crypto-asset service providers face to implement the MiCA framework, ESMA has decided to set the date of application of these guidelines to six months after the publication of the translation of the guidelines, rather than two months as originally set out in the CP. It is important, however, to underline that, notwithstanding the choice made by ESMA on this set of guidelines, 9 Article 68(5) of MiCA

13 crypto-asset service providers are required to fully comply with the relevant legal requirements set out in the MiCA Regulation. 26. Moreover, the ESMA guidelines recognise that the guidelines are to be applied in a proportionate manner (see paragraph 12 of the guidelines). Additionally, ESMA considers that the minimum guidance for CPD set out in paragraph 21 and 26 of the guidelines, is appropriate to ensure the relevant staff members maintain sufficient knowledge and competence to comply with their obligations under MiCA, especially in light of the dynamic character of the crypto-asset and crypto-asset service markets. Additionally, and beyond this basis, CASPs may apply proportionality to their CPD measures, while accounting for the range of their offered crypto-assets and crypto-asset services. However, to ensure that Guidelines 2 and 3 offer sufficient flexibility to crypto￾asset service providers regarding CPD hours, ESMA amended both Guideline 2 and Guideline 3 to make clear that paragraphs 21 and 26 set out examples of the minimum number of CPD hours that would be regarded as adequate. Crypto-asset service providers may have to apply higher standards, depending on the range of the crypto￾assets and crypto-asset services they provide. 27. Additionally, ESMA has specified in paragraphs 21(b) and 26(b) of the guidelines that the content of the CPD measures should ensure that crypto-asset service providers’ relevant staff enhance their knowledge and competence to be able to fulfil their obligations, in light of inter alia, regulatory changes, key market developments and newly emerging technologies, including potential related risks for investors. Q2: Do you agree with the minimum requirements regarding qualification, experience and continuous professional development of staff giving advice on crypto-assets and crypto-asset services to clients included in paragraphs 24 to 26 of draft Guideline 3? If not, what would, in your view, be adequate minimum requirements? Please state the reasons for your answer. 28. Most respondents, including the SMSG, agreed with ESMA’s approach of suggesting guidance regarding qualification, experience and continuous professional development of staff providing advice to clients on crypto-asset and crypto-asset services to clients. The respondents made proposals on specific elements of the guidance which are addressed below. On the guidance related to minimum thresholds for professional qualification and appropriate experience (Guideline 3, paragraph 24) 29. A few respondents agreed with the proposed guidance on the minimum of 160 hours of professional formation that staff giving advice about crypto-assets or crypto-asset services should obtain as it was, in their view, necessary to ensure investor protection.

14 30. Conversely, in the view of a few other respondents, this guidance on a minimum threshold of 160 hours of professional formation is too high. These respondents noted, inter alia, that the aforementioned threshold gives too much importance to a quantitative criterion in ensuring the qualification of relevant staff. Additionally, a few respondents proposed to consider in the professional qualification any previously acquired knowledge related to the MiFID II framework which is also relevant for the provision of information under MiCA. 31. ESMA’s response: Providing advice can be considered a high-quality service among the range of services that crypto-asset service providers may offer under MiCA. To be capable to provide this service in compliance with relevant MiCA requirements, it is crucial for the relevant staff to have obtained sufficient knowledge and competence before giving advice on crypto-assets and crypto-asset services. The volatility of many crypto-assets and specific additional risks compared to traditional financial markets (e.g. on cyber security) makes even greater the need for staff having the appropriate knowledge and competence when advising clients on crypto-assets and crypto-asset services. Besides, ESMA notes that the professional qualification of a minimum of 160 hours that attracted most of the comments is just one of the different routes for staff to gain the appropriate knowledge and competence and that there are 3 other options available. Additionally, a few EU jurisdictions have set out a similar minimum of hours to obtain the required qualification to provide under MiFID II. Consequently, in ESMA’s view, the guidance on the minimum of 160 hours (set out in paragraph 24c) is an appropriate and proportionate optional guidance, to ensure that the relevant staff is capable to act in the best interest of clients when providing advice. However, to ensure that Guideline 3 offers sufficient flexibility to crypto-asset service providers, ESMA amended it to make clear that paragraph 24 sets out examples of the minimum qualification and/or experience that would be regarded as adequate. Crypto-asset service providers may have to apply higher standards, depending on the range of the crypto-assets and crypto-asset services they provide. 32. Furthermore, ESMA agrees that staff’s knowledge and competence acquired under MiFID II may be relevant. For this reason, the draft guidelines already included in paragraph 24(d) the option to account for the MiFID II experience of staff. Provision of courses to acquire the necessary knowledge and competence and CPD and exam verification 33. Some respondents and the SMSG suggested that educational institutions or NCAs should develop schemes for professional qualification programmes, aligned with these guidelines, which NCAs would approve. Such schemes would aim at achieving a comparable level of qualification and CPD for the relevant staff. Additionally, the SMSG

15 suggested that competent authorities publish a list of approved educational providers to obtain a level playing field in training standards. 34. Moreover, some respondents and the SMSG proposed to include in the guidelines that external parties should examinate and verify the acquired knowledge and competence, including CPD courses. The respondents noted that such an independent knowledge and competence verification can enhance the quality of the examinations and may foster the trust of investors in the newly emerged crypto-asset services. 35. ESMA’s response: ESMA agrees that such courses and external exams are desirable to ensure a level playing field and would even facilitate the supervisory work of NCAs. However, ESMA does not have the powers to establish or approve such courses/exams and/or external education providers and notes that several NCAs do not have the legal powers to standardise, in their jurisdiction, programmes for the relevant staff of crypto￾asset service providers to acquire the relevant minimum knowledge and competence and maintain the CPD in accordance with these guidelines. Q3: Do you agree with the proposed draft guidelines? Please state the reasons for your answer. 36. Most respondents, including the SMSG, agreed with the draft guidelines proposed by ESMA. However, few respondents did not agree with the proposed draft guidelines. In the view of these respondents, CASPs themselves should determine and implement the criteria for knowledge and competence for their staff providing information or advice on crypto-assets or crypto-asset services. These respondents proposed inter alia to provide the content of these guidelines as “recommended practices” to enable CASPs to implement them with more flexibly in light of their business activities. 37. ESMA’s response: ESMA respectfully disagrees with the proposal to publish the guidelines as only best practices, as in ESMA’s view, it would not foster convergence and a level playing field, nor would it ensure that staff providing information or advice on crypto-asset services or crypto-assets would have the necessary knowledge and competence. This would thus hamper investor protection and investors’ trust in the crypto-asset markets. Knowledge and competence guidance for information or advice about crypto-assets or crypto￾asset services provided in an automated or semi-automated manner (Guideline 1, paragraph 17) 38. For some respondents the scope of the knowledge and competence guidance for information or advice about crypto-assets or crypto-asset services provided in an automated or semi-automated manner is too broad and would need to be clarified to

16 allow for an effective application of the guidelines to the relevant tasks and staff of the crypto-asset service provider. These respondents also noted that the staff designing or overseeing algorithm-based investment information or advice related to crypto-asset services or crypto-assets seems to rather focus on ensuring an efficient design of the algorithm and the quality of its output. However, such technical staff does seem to lack competences related to features, risks or suitability of crypto-assets and their related services. Consequently, this aspect could hamper the application of the guidelines to advice or information on crypto-asset services or crypto-assets provided in an automated or semi-automated manner. 39. ESMA’s response: To foster an effective application of these guidelines to advice or information on crypto-asset services or crypto-assets provided in an automated or semi￾automated manner, while accounting for the circumstances of their production, ESMA amended paragraph 17. It clarifies that the full guidelines do not apply to staff that do not define the content of the information or advice. However, staff setting the parameters on how such information or advice should be delivered should have sufficient knowledge and competence to ensure that clients receive the adequate information or advice. Annex: Illustrative examples of the application of certain aspects of the guidelines 40. Some respondents, including the SMSG, noted that the inclusion of further examples of the application of specific aspects of the guidelines could foster their application by crypto-asset service providers and thereby contribute to fostering supervisory convergence and investor protection. The proposals of these respondents encompassed, inter alia, examples on features of CPD measures and related to the examination of knowledge and competence. 41. ESMA’s response: To facilitate crypto-asset service providers’ application of the guidelines, ESMA has included additional illustrative examples in the Annex of the guidelines. Q4: Are there any additional comments that you would like to raise and/or information that you would like to provide? 42. The comments received to this question were addressed as part of the feedback statement for the previous questions.

17 4 Annexes 4.1 Annex I: Cost-benefit analysis Impact of the guidelines under Article 81(15)(a) of MiCA and Article 16(1) of the ESMA Regulation

1. As per Article 16(2) of Regulation (EU) No 1095/2010, any guidelines developed by ESMA are to be accompanied by an analysis of ‘the related potential costs and benefits of issuing such guidelines’. Such analysis shall be ‘proportionate in relation to the scope, nature and impact of the guidelines’.
2. MiCA sets out a new legal framework which encompasses requirements for the provision of ten different crypto-asset services. These services include the provision advice on crypto-assets; defined in Article 3(1)(24) of MiCA as “offering, giving or agreeing to give personalised recommendations to a client, either at the client’s request or on the initiative of the crypto-asset service provider providing the advice, in respect of one or more transactions relating to crypto-assets, or the use of crypto-asset services”. Article 81(15)(a) of MiCA gives a mandate to ESMA to issue guidelines in accordance with Article 16 of Regulation (EU) No 1095/2010 specifying criteria for the assessment of knowledge and competence in accordance with paragraph 7 of this Article.
3. Article 81(7) of MiCA provides that “crypto-asset service providers providing advice on crypto-assets shall ensure that natural persons giving advice or information about crypto￾assets, or a crypto-asset service, on their behalf possess the necessary knowledge and competence to fulfil their obligations. Moreover, Member States are required to publish the criteria to be used for assessing such knowledge and competence.”
4. In addition, considering Article 68(5) of MiCA, ESMA is of the view that all crypto-asset service providers, not just those providing advice, should ensure that natural persons giving information about crypto- assets or crypto-asset services possess the necessary knowledge and competence to fulfil their obligations. ESMA therefore is complementing the guidelines based on the mandate in Article 81(15) of MiCA by own-initiative guidelines in the same area
5. The next paragraphs present the cost-benefit analysis of the main policy options included in this Final Report on the guidelines for the criteria on the assessment of knowledge and competence under Article 81 of MiCA.

18 Problem identification 6. Crypto-asset and crypto-asset services have been observed to combine the following key features: firstly, both are increasingly easily accessible to EU retail investors, for example, through mobile applications or websites that require limited technological knowledge and equipment. Secondly and simultaneously, market participants’ knowledge about crypto-assets and the related services still seems to be limited, especially among retail investors. Thirdly, certain characteristics of crypto-assets can make them specifically risky for retail investors. This includes that the volatility of many crypto-assets seems to exceed traditional financial instruments (e.g. shares) and that new crypto-assets can be created rather swiftly. 7. Lastly, MiCA does not offer the same protections to investors compared to MiFID II (no product governance requirements or appropriateness test, for instance). 8. This combination of the above-described factors increases the risk of potential detriment, especially for retail investors. Therefore, it is crucial that staff of crypto-asset service providers giving advice or information about crypto-assets or crypto-asset services possess, and also maintain, an appropriate level of knowledge and competence to fulfil their obligations set out under MiCA. 9. To address these challenges and ensure a high level of investor protection and harmonisation, Article 81(15) of MiCA provides for ESMA to issue guidelines specifying the criteria for the assessment of knowledge and competence in accordance with paragraph 7 of this Article. These guidelines should address the criteria for the assessment of knowledge and competence of natural persons giving advice on crypto￾assets or information about crypto-assets or crypto-asset services, on behalf of crypto￾asset service providers. By providing guidance on the adequate level of knowledge and competence of staff providing advice and information on crypto-assets or crypto-asset services to clients, ESMA seeks to enhance investor protection and foster investors’ trust in the crypto-asset markets. Policy objectives 10. The strategic objective of the guidelines is to strengthen investor protection and to ensure an appropriate knowledge and competence of staff providing information or advice on crypto-assets or crypto-asset services by: ● ensuring a minimum level of knowledge and competence of staff providing advice and information on crypto-assets; and

19 ● addressing through the criteria for the assessment of knowledge and competence of the aforementioned staff members features and risks specific to crypto-assets markets and services and which are less prominent or absent in traditional financial markets. Baseline scenario 11. In the absence of guidelines, crypto-asset service providers would need to comply with the requirements on providing advice on crypto-assets and providing portfolio management of crypto-assets under Article 81 of MiCA and the relevant obligations related to providing information to clients on other crypto-asset services under Chapter 3 of MiCA without additional guidance. This could result in varied levels of knowledge and competence of staff providing information or advice on crypto-assets and crypto￾asset services across entities and Member States, leading to fragmented investor protection and inefficiencies in regulatory oversight. As the EU crypto-assets markets have been in operation only since rather recently and its services are still less well known among investors, the aforementioned shortcomings could also lead to an erosion of investors’ trust in crypto-asset services and their providers. Options considered and preferred options 12. This section presents the main policy options discussed and the decisions made when developing the guidelines. The policy options’ respective advantages and disadvantages and the preferred options resulting from this analysis are assessed below Policy issue 1: Characteristic of minimum or non-minimum guidance on knowledge and competence of staff providing advice or information about crypto-assets or crypto-asset services 13. The legal mandate under Article 81 requires ESMA to issue guidelines specifying the criteria for the assessment of knowledge and competence of natural persons giving advice on crypto-assets or information about crypto-assets or crypto-asset services, on behalf of crypto-asset service providers. Against this backdrop, ESMA considered 2 policy options with regards to the characteristic of minimum or non-minimum guidance on knowledge and competence of staff providing information or advice about crypto￾assets or crypto-asset services in the guidelines set out in Annex III hereto. 14. Option 1a: Provide guidance on the criteria for the knowledge and competence of staff giving advice or information about crypto-assets or crypto-asset services, including the features and risks specific to crypto-assets markets and services, without any guidance on minimum standards.

20 15. Option 1b: Provide guidance on the criteria for the knowledge and competence of staff giving information or advice about crypto-assets or crypto-asset services, including minimum standards for the key criteria and the features and risks specific to crypto￾assets markets and services 16. Option 1a would provide a certain harmonisation of key topics accounting for features and risks specific to crypto-assets markets and services as part of the relevant knowledge and competence for staff giving information or advice about such assets or services. However, such a limited harmonisation could hamper investor protection and lead to inefficiencies in regulatory oversight. These shortcomings would then be further exacerbated by specific features and risks linked to crypto-assets and their services, such as limited investor knowledge about this rather new market and high price volatility of crypto-assets. 17. Option 1b harmonises the guidance beyond the topics which should be considered for the knowledge and competence for giving information or advice on crypto-assets and crypto-asset services. It additionally introduces guidance – through examples – on the minimum level and extent of qualifications staff should obtain prior to and while providing information or advice. This includes examples of minimum professional qualification and appropriate experience requirements for the provision of information or advice and annual minimum hours of CPD measures to maintain the relevant staff’s knowledge and competence. 18. Finally, Option 1b has been chosen, due to being the more effective approach to ensure i) an adequate level of knowledge and competence for staff providing advice and information on crypto-assets or crypto-asset services to fulfil their obligations towards clients and ii) to enhance investor protection in the crypto-asset markets, whilst still maintaining sufficient flexibility for crypto-asset service providers. Cost-benefit analysis 19. The guidelines are expected to result in limited costs for crypto-asset service providers and national competent authorities, while also providing benefits for clients, crypto-asset service providers and national competent authorities. Costs 20. The guidelines are expected to create new costs for crypto-asset service providers and national competent authorities but not beyond those that naturally stem from the obligations in MiCA.

21 21. More specifically, the main costs that crypto-asset service providers are likely to incur stem from (i) one-off costs related to the implementation of the guidelines, inter alia for organizational arrangements necessary for the implementation of the guidelines (such as human resources costs) and through the training of new staff and/or training to ensure that existing staff having provided information or advice under pre-MiCA regulatory frameworks complies with MiCA knowledge and competence guidance; (ii) ongoing costs for inter alia CPD measures and the annual review of the relevant knowledge and competence guidance. 22. ESMA is however of the view that the guidelines provide sufficient flexibility for crypto￾asset service providers to implement them without incurring unreasonable costs. 23. For national competent authorities, these guidelines will lead to limited ongoing costs during the implementation phase of the guidelines and for the following supervision of crypto-asset service providers to ensure compliance (or not) with the guidelines. National competent authorities might also have to slightly extent their resources applied to the supervision of crypto-asset service providers in light of the relevant MiCA requirements. Benefits 24. For crypto-asset service providers, significant benefits are to be expected from the knowledge and competence guidance devoted to raise the professional quality of their staff providing information or advice on crypto-assets and crypto-asset services to their clients. The main expected positive effect should be an increase in the quality of the crypto-asset services provided to clients, which can subsequently result in better investment decisions. This should include the following more specific benefits for crypto￾asset service providers: ● reduction of the mis-selling risk and its related financial consequences (due to loss of reputation, claims, costs of appeals and legal expenditure for tribunal cases, fines, etc.); ● creation and continuous increase of investors’ confidence in the rather new crypto￾assets markets; ● positive effects on the efficiency of crypto-asset service providers. 25. Furthermore, ESMA is of the view that costs for training and ensuring an appropriate level knowledge and competence of the relevant staff are lower than the costs which may result for crypto-asset service providers from potential improper behaviour and conduct risk (such as fines, penalties and reputational risk).

22 26. From the perspective of national competent authorities and in terms of benefits, the guidelines will promote the convergence of national competent authorities’ supervisory activities. Thereby, the guidelines will contribute to one of the main objectives of MiCA, which is to foster investor protection. The guidelines also promote fair competition between crypto-asset service providers independently of the home Member State, as the guidance aims at ensuring a minimum level of knowledge and competence of staff providing advice and information on crypto-assets or crypto-asset services to clients. 27. Clients benefit from the guidelines through an increased qualify of crypto-asset services, increased investor protection and reduced potential investor detriment. 28. ESMA considers that crypto-asset service providers’ and NCAs’ compliance with these guidelines will result in an improved quality of crypto-asset services to clients, a higher degree of investor protection and an overall reduction in client detriment. These benefits are particularly important to foster trust in and further development of the rather recent EU crypto-asset service markets and the crypto-asset service providers themselves. In conclusion, these benefits will outweigh the costs related to these guidelines. Table: costs and benefits Stakeholder groups affected Costs Benefits Crypto- asset service providers One-off costs related to organizational arrangements necessary for the implementation of the guidelines, such as HR costs; and the training of new staff and/or training to ensure that existing staff having provided information or advice under pre-MiCA regulatory frameworks comply with MiCA knowledge and competence requirements. Ongoing costs for inter alia CPD measures and the annual review of the requirements Increase in quality of crypto-asset services provided to clients Reduction of the mis-selling risk and its related financial consequences for crypto-asset service providers Positive effects on the efficiency of crypto-asset service providers Enhanced clients’ trust in the crypto￾assets industry.

23 Competent authorities Limited ongoing costs during the implementation phase and the following supervision to ensure that crypto-asset service providers have properly implemented the guidelines. Slight extension of their resources dedicated to the supervision of the MiCA framework may be needed. Enhanced consistency and no fragmentation of supervision of the MiCA requirements related to criteria on the assessment of knowledge and competence of staff providing information or advice on crypto-assets and crypto-asset services Mitigation of investor detriment due to the guidelines on knowledge and competence for staff providing information or advice on crypto-asset and crypto-asset services Clients None Increased quality of information or advice on crypto-asset and crypto￾asset services provided by staff of the crypto-asset service provider Enhanced investor protection and reduced risk of investor detriment.

24 4.2 Annex II: SMSG advice to ESMA on Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA) Advice to ESMA SMSG advice to ESA’s Consultation Paper on Guidelines for the knowledge and competence under the Markets in Crypto Asset Regulation (MiCA) Executive Summary The SMSG’s advice reflects a dual concern: crypto-assets constitute a unique ecosphere that is often not well understood, while at the same time, they may pose significant risks for investors. In light of this, the SMSG supports the need for proper information and advice for potential investors and therefore endorses strict knowledge and competence requirements for those providing such information and advice. In this regard, the SMSG shares the same principles as ESMA in its guidelines, particularly the tailored application of MiFID II knowledge and competence requirements, the principle of proportionality, and the provision of a transition period. However, taking into account the concerns mentioned above, the SMSG overall proposes stricter requirements than those suggested by ESMA. While the SMSG agrees with the proposed competence requirements, it advocates for stricter guidelines concerning the verification of competence. Given the diverse nature of Crypto-Asset Service Providers (CASPs) and the associated concerns, the SMSG recommends that competence verification should not be conducted by the CASPs themselves, but by an external party. Furthermore, regarding the transition period for staff already engaged in crypto-asset services, the SMSG considers that one year of supervised experience is insufficient. Here too, competence should be externally verified. While advocating for stricter verification requirements, the SMSG also acknowledges the importance of proportionality. In this respect, the SMSG supports ESMA’s distinction between 'giving information' and 'giving advice'. However, given the varied nature of crypto-assets – from highly speculative digital investments to digital payment tools used at festivals – the SMSG suggests that ESMA include illustrative examples (possibly in an Annex) to clarify which crypto-services fall within the scope of these guidelines. Finally, the SMSG cautions against a potential unintended consequence of the guidelines. Given the limited product offerings in this domain by regulated financial institutions, it is

25 uncertain whether they will invest in extensive competence development programs. This could leave the market vulnerable to less scrupulous actors. While this issue is only partly within ESMA's remit, the SMSG believes that independent assessments of competence requirements could elevate standards in the sector, and that proportionality can help avoid undue burdens. General remarks

1. The SMSG has previously highlighted, in a recent ESMA consultation, that the crypto￾assets ecosystem has distinct characteristics compared to traditional financial systems. The specific attributes of various crypto-assets (e.g., utility tokens, payment coins, stablecoins, DeFi-related assets) are often not well understood by stakeholders and market participants, as they represent new asset classes with differing fundamentals.
2. Regulators worldwide have expressed concerns about investor harm, issuing multiple warnings over the years. These include the risk of total loss of investment, extreme volatility, and the prevalence of scams, fraud, operational errors, and cyberattacks. The crypto ecosystem has been among the most frequently warned-about sectors over the past 15 years.
3. In this context, a stricter regulatory approach is warranted. Those providing information and advice must be well-equipped to understand and communicate these specificities. They play a key role in educating clients and mitigating investment risks in this emerging area. Recent academic research supports this view. For example, Sobolev and Kallinteraki (2024)1 suggest that "regulators could extend their reach by providing investors with more informative and detailed cryptocurrency risk advice." Similarly, Qi et al. (2025)2 recommend that financial professionals enhance client education on crypto risks and that policymakers ensure accurate information is disseminated.
4. The SMSG’s advice aligns with ESMA’s principles: • Applying MiFID II knowledge and competence requirements where appropriate, to align standards for crypto-assets with those of other financial products and services, while acknowledging their specificities. • Recommending a proportionate application of these guidelines, taking into account the nature, scale, and complexity of CASP businesses. • Providing a transition period for existing businesses.
5. Given these considerations, the SMSG advocates for a stricter framework than that proposed in the consultation document.

26 I. Question 1: Do you agree with the minimum requirements regarding qualification, experience and continuous professional development of staff giving information on crypto-assets and crypto-asset services to clients included in paragraphs 19 to 21 of draft Guideline 2? If not, what would, in your view, be adequate minimum requirements? Please state the reasons for your answer. II. Question 2: Do you agree with the minimum requirements regarding qualification, experience and continuous professional development of staff giving advice on crypto￾assets and crypto-asset services to clients included in paragraphs 24 to 26 of draft Guideline 3? If not, what would, in your view, be adequate minimum requirements? Please state the reasons for your answer. 6. The SMSG agrees with the minimum requirements regarding both information and advice provision. 7. The SMSG also supports the proportionality in distinguishing between “information” and “advice”. 8. However, the SMSG advocates for stricter verification of competence. This does not only stem from the specific concerns already raised above, but also from the observation that Crypto-Asset Service Providers (CASP’s) may be very diverse in nature. The SMSG recommends that verification be conducted by an external party, not the CASP itself. 9. To support training and verification, the SMSG proposes: • That educational institutions, or the NCAs themselves, develop professional qualification schemes aligned with these guidelines, which would be approved and recognized by NCAs. • That competent authorities publish a list of approved educational providers, ensuring a level playing field in training standards. 10. The SMSG further suggests that experience under supervision alone is insufficient. Knowledge and competence must be verified. Therefore, the SMSG proposes the following provision: "Existing members of staff providing information or advice on crypto￾assets or crypto-asset services must obtain the aforementioned professional qualification within six months from the date of application of these guidelines." III. Question 3: Do you agree with the proposed draft guidelines? Please state the reasons for your answer. 11. See general remarks and responses to Questions 1, 2 and 4.

27 IV. Question 4: Are there any additional comments that you would like to raise and/or information that you would like to provide? 12. While supporting strict knowledge and competence requirements (and even stricter verification requirements), the SMSG also endorses the proportional application of these rules. 13. ESMA applies proportionality mainly through the distinction between 'giving information' and 'giving advice'. However, crypto-services vary greatly. For example, there is currently no distinction between high-risk assets and stablecoins. Stablecoins typically pose less risk, as they are used more as digital currencies than as investments. Similarly, digital coins can serve safe, practical purposes (e.g., festival tokens), where the investment element is minimal. It would be excessive to apply the same competence standards in such cases. The SMSG suggests that ESMA more clearly delineate which products fall under these requirements. 14. The SMSG also raises a broader concern. There is a risk that unscrupulous actors may dominate the market, particularly if regulated banks, which have few crypto products, are reluctant to invest in competence development. While this issue lies partially outside ESMA’s scope, the SMSG believes that: • Independent verification of competence, as recommended by the SMSG, could enhance trust in crypto advice services. NCAs could launch public awareness campaigns to highlight the existence and value of competence standards, helping quality providers to stand out. • Proportionality, especially concerning product types, can support stricter standards for riskier services without imposing unnecessary burdens where the risk is low. This advice will be published on the Securities and Markets Stakeholder Group section of ESMA’s website.

28 4.3 Annex III: Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA) 1 Scope Who?

1. These guidelines apply to: a. competent authorities and b. crypto-asset service providers as defined in Article 3(1)(15) of MiCA. What?
2. These guidelines apply in relation to the provision of crypto-asset services listed in Article 3(1)(16) of MiCA. When?
3. These guidelines apply from 6 months from the date of their publication on ESMA’s website, in all official EU languages.

29 2 Legislative references, abbreviations and definitions 2.1 Legislative references ESMA Regulation Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC10 IDD Directive (EU) 2016/97 of the European Parliament and of the Council of 20 January 2016 on insurance distribution11 MiCA Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) 1095/2010 and Directives 2013/36/EU and (EU) 2019/193712 MiFID II Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU 2.2 Abbreviations EU European Union ESFS European System of Financial Supervision ESMA European Securities and Markets Authority 2.3 Definitions 4. Unless otherwise specified, terms used in MiCA have the same meaning in these guidelines. In addition, the following definitions apply: 10 OJ L 331, 15.12.2010, p. 84. 11 OJ L 26, 2.2.2016, p. 19–59. 12 OJ L 150, 9.6.2023, p. 40–205.

30 a. ‘Staff’ means natural persons providing relevant services to clients on behalf of the crypto-asset service provider. b. ‘Relevant services’ means giving advice or information on crypto-assets or crypto￾asset services to clients. c. ‘Giving information’ means directly providing information to clients about crypto￾assets or crypto-asset services, either upon the request of the clients or at the initiative of the crypto-asset service provider, in the context of the provision by the staff member to the client of any of the services listed in Article 3(1)(16) of MiCA. d. ‘Knowledge and competence’ means having acquired an appropriate qualification and appropriate experience to fulfil obligations in Articles 68 and 81 of MiCA in order to provide the relevant services. e. ‘Appropriate qualification’ means a qualification or other test or training course that meets the criteria set out by these guidelines. f. ‘Appropriate experience’ means that a member of staff has successfully demonstrated the ability to perform the relevant services through previous work. Beyond the minimum guidance regarding appropriate experience set out in these guidelines, the competent authority can differentiate the period of experience, depending on the appropriate qualification attained by staff and also depending on the relevant services being provided. g. ‘Under supervision’ means providing the relevant services to clients under the responsibility of a staff member who has both an appropriate qualification and appropriate experience. 3 Purpose 5. These guidelines, developed by ESMA, are based on Article 81(15)(a) of MiCA and Article 16(1) of the ESMA regulation. The objectives of these guidelines are to establish consistent, efficient and effective supervisory practices within the ESFS and to ensure the common, uniform and consistent application of the provisions in Articles 68(5) and 81(7) of MiCA. 6. In particular, ESMA expects these guidelines to promote greater convergence in the criteria for the assessment of knowledge and competence of staff providing advice or information about crypto-assets or crypto-asset services and their application. These guidelines provide important guidance to assist crypto-asset service providers in meeting their obligations to act in the best interest of their clients and to assist competent

31 authorities to adequately assess how crypto-asset service providers meet these obligations. In complying with these guidelines, ESMA anticipates a corresponding strengthening of investor protection. 7. The Annex includes a number of illustrative examples of how a crypto-asset service provider might apply the guidelines. 4 Compliance and reporting obligations 4.1 Status of the guidelines 8. In accordance with Article 16(3) of the ESMA Regulation, competent authorities and crypto-asset service providers shall make every effort to comply with these guidelines. 9. Competent authorities to which these guidelines apply should comply by incorporating them into their national legal and/or supervisory frameworks as appropriate, including where particular guidelines are directed primarily at financial market participants, i.e., crypto-asset service providers. In this case, competent authorities should ensure through their supervision that financial market participants comply with the guidelines. 4.2 Reporting requirements 10. Within two months of the date of publication of the guidelines on ESMA’s website in all EU official languages, competent authorities to which these guidelines apply must notify ESMA whether they (i) comply, (ii) do not comply but intend to comply, or (iii) do not comply and do not intend to comply with the guidelines. 11. A template for notification is available on ESMA’s website. Once the template has been filled in, it shall be transmitted to ESMA. 12. Crypto-asset service providers are not required to report whether they comply with these guidelines.

32 5 Guidelines for the criteria on the assessment of knowledge and competence13 5.1 General (Guideline 1) 13. Crypto-asset service providers should ensure that staff providing relevant services possess the necessary knowledge and competence to meet the relevant regulatory and legal requirements and business ethics standards. 14. Crypto-asset service providers should ensure that staff know, understand, and apply the crypto-asset service provider’s internal policies and procedures designed to ensure compliance with MiCA. In order to ensure a proportionate application of knowledge and competence requirements, crypto-asset service providers should ensure that staff have the necessary levels of knowledge and competence to fulfil their obligations, reflecting the scope and degree of the relevant services provided. 15. The management body of the crypto-asset service provider should, at least on an annual basis, assess and review the effectiveness of the policies and procedures established to comply with Articles 68(5) and 81(7) of MiCA and these guidelines and should take appropriate measures to address any deficiencies identified in that respect. 16. The level and depth of knowledge and competence expected for staff giving advice on crypto-assets and crypto-asset services should be of a higher standard than those that only give information on crypto-assets and crypto-asset services. 17. Where information or advice about crypto-assets or crypto-asset services is provided in an automated or semi-automated manner, crypto-asset service providers should ensure that these guidelines apply to staff responsible for determining the content of the information or advice delivered to clients. Staff setting the parameters and deciding on the settings for such information or advice to be delivered should also have sufficient knowledge and competence to ensure that appropriate information or advice is provided accurately, in adequate circumstance and to the right recipients. 5.2 Criteria for knowledge and competence of staff giving information about crypto-assets or crypto-asset services (Guideline 2) 18. Crypto-asset service providers should ensure that staff giving information about crypto￾assets or crypto-asset services available through the crypto-asset service provider have the necessary knowledge and competence to understand: 13 These guidelines apply without prejudice to any other guidelines on the knowledge and competence of staff providing financial services, for example, the MiFID II Guidelines for the assessment of knowledge and competence (ESMA71-1154262120-153).

33 a. the key characteristics, risks and features of the crypto-asset services offered by the crypto-asset service provider and the crypto-assets made available through these crypto-asset services by the crypto-asset service provider, as well as the functioning of distributed ledger technology and the key features and functioning of the different protocols used and the impact they may have for transactions in crypto-assets or crypto-asset services. Particular care should be taken when giving information with respect to risks related to the crypto-assets characterised by higher levels of complexity and volatility; b. the types of costs and charges to be incurred by the client in the context of transactions in crypto-assets, or provision of crypto-asset services, and how they contribute to the total amount; including fees crypto-asset service providers charge for their own services and other costs such as those incurred through the relevant DLT network (e.g., gas fees); c. how crypto-asset markets function and how they affect the value and pricing of crypto-assets on which the staff provide information to clients, including: ● the features, functioning and risk of the different types of crypto-assets; ● the potential impact of investor sentiments and social media on rapid price changes of crypto-assets in very short time periods (“high price volatility”), which may be difficult to predict; ● the potential impact of holders of large amount of crypto-assets on the liquidity and price volatility in crypto-asset markets14; d. the impact of economic figures, crucial national/regional/global events on markets and on the value of crypto-assets on which they provide information; e. the difference between past performance and future performance scenarios as well as the limits of predictive forecasting; f. the differences between the investor protection safeguards for clients investing in crypto-assets and using crypto-asset services under MiCA and clients investing in financial instruments and using investment services regulated under the MiFID II 14 For example, in relation to liquidity, investors holding a large number of a crypto-asset often keep their holdings for a longer time period, thus decreasing the available supply of the crypto-asset in the market for other investors. Or, relating to volatility, holders of a large number of a crypto-asset may cause significant price movements in the market when they suddenly sell a large portion or the totality of their holdings.

34 framework, as well as the impact of these differences on the protection of clients investing in crypto-assets and using crypto-asset services; g. issues relating to market abuse and anti-money laundering and terrorist financing; h. data relevant to the crypto-assets on which the staff provide information to clients such as provided by white papers, financial statements, or financial data; i. specific market structures for the crypto-assets on which the staff provide information to clients and, where relevant, their trading platforms15 or the existence of any secondary markets; j. basic valuation mechanisms applicable to crypto-assets in relation to which the information is provided. For the purposes of a. above, the key risks to be considered should include, as a minimum: ● volatility; ● cyber security risks, such as risks of hacks and theft of clients’ crypto-assets; ● risks related to client’s inappropriate storage of their private cryptographic keys; ● IT programming risks, for example malfunctioning of IT programs due to shortcomings in software programming (“bugs”) could lead to the loss of clients’ crypto-assets; ● risks related to crypto-asset transfers such as the risk of losing crypto-assets, if clients choose a DLT network which is not supported for the transfer of the crypto￾asset. For the purposes of a. above and, more specifically, the understanding of the key features and functioning of specific protocols, staff giving information about crypto-assets or crypto-asset services should notably have a basic understanding of, at least: ● the consensus mechanism applicable to the protocol and its consequences, ● the rules for the validation of transactions on this protocol, 15 For example trading platforms for crypto-assets which are open 24 hours.

35 ● the scalability of the protocol, ● its decentralisation level and governance structure, the measures in place to protect the network from attacks or frauds, ● its interoperability, ● its use case (the primary purpose or application the protocol is designed to support such as payment systems, supply chain, smart contracts), ● the economic model governing the crypto-asset, including supply, distribution, and incentives for validation. 19. Crypto-asset service providers should ensure that staff giving information about crypto￾assets or crypto-asset services on their behalf have obtained, prior to providing such information, the relevant knowledge and competence on the points set out in paragraph 18. This should be demonstrated by passing an assessment conducted either by the crypto-asset service provider itself or an external body and the obtention of, for example: a. a professional qualification of at least 80 hours and appropriate experience of at least 6 months under supervision; or b. appropriate experience of at least 1 year under supervision. 20. Existing members of staff giving information on crypto-assets or crypto-asset services16 on the date of entry into application of these guidelines may be considered by crypto￾asset service providers as having the necessary knowledge and competence to fulfil their obligations, by (i) successfully giving information on crypto-assets or crypto-asset services on a full-time equivalent basis, (ii) under or without supervision, and (iii) for a minimum period of 1 year, prior to the entry into application of these guidelines. 21. Crypto-asset service providers should determine, based on the nature of the crypto￾assets and crypto-asset services on which they give information, the adequate minimum number of hours of continuous professional development or training (CPD) per year that staff giving information about crypto-assets or crypto-asset services should complete, taking into account: ● the existing knowledge and competence of staff members giving information about crypto-assets or crypto-asset services; and 16 This includes members of staff who provided information on crypto-assets or crypto-asset services to clients on the behalf of virtual asset service providers (VASPs) under a pre-MiCA national regulatory framework.

36 ● applicable regulatory changes, key market developments and newly emerging technologies, including potential related risks for investors. For example, staff giving information on a limited range of crypto-assets or crypto-asset services of the least complex nature should complete a number of CPD hours of 10 hours. Crypto-asset service providers should ensure that their staff giving information on crypto￾assets or crypto-asset services complete the relevant number of hours of CPD per year, as established by the crypto-asset service providers, either by participating in a CPD scheme operated by an external professional education body providing a recognised qualification or by arranging their own CPD hours. Any of the two organisational options for the CPD should include an examination of participants’ acquired knowledge and competence. Competent authorities may publish a list of external professional education bodies providing a recognised qualification. 5.3 Criteria for knowledge and competence for staff giving advice about crypto￾assets or crypto-asset services (Guideline 3) 22. Crypto-asset service providers should ensure that staff giving advice about crypto-assets or crypto-asset services comply with paragraph 18 of Guideline 2, as such guidance is also relevant for staff giving advice about crypto-assets or crypto-asset services. 23. In addition, crypto-asset service providers should ensure that staff giving advice about crypto-assets or crypto-asset services understand: a. the total amount of costs and charges to be incurred by the client in the context of the advice provided, including fees crypto-asset service providers charge for their own services (including for advice) and other costs such as those incurred through the relevant DLT network (e.g. gas fees); b. the obligations of crypto-asset service providers in relation to the suitability requirements under Article 81 of MiCA, including the obligations as set out in the Guidelines on certain aspects of the suitability requirements and format of the periodic statement for portfolio management activities under MiCA17; c. how crypto-assets or a specific crypto-asset provided by the crypto-asset service provider may not be suitable for the client, having assessed the relevant 17 Available here

37 information provided by the client against potential changes that may have occurred since the relevant information was gathered; d. the fundamentals of managing a portfolio, including being able to understand the implications of diversification regarding individual investment alternatives; and e. understand the valuation mechanisms applicable to the crypto-assets subject to the advice. 24. Crypto-asset service providers should ensure that staff giving advice about crypto-assets or crypto-asset services on behalf of the crypto-asset service provider have obtained, prior to providing such advice, the relevant knowledge and competence on the points set out in paragraphs 22 and 23. This should be demonstrated by passing an assessment conducted either by the crypto-asset service provider itself or an external body and following, for example, the obtention of: a. a degree of tertiary education18 of three years of study relevant for the provision of advice on crypto-asset or crypto-asset services and appropriate experience of at least 1 year in the provision of the relevant crypto-asset services under supervision; or b. a secondary education degree and a professional formation of at least 3 years and appropriate experience of at least 1 year in the provision of the relevant crypto￾asset services under supervision; or c. a professional formation of at least 160 hours and appropriate experience of at least 1 year in the provision of the relevant crypto-asset services under supervision; or d. professional experience of at least 2 years which was acquired in the provision of advice under MiFID II or IDD preceding the start of the provision of advice on crypto-assets and crypto-asset services and appropriate experience of at least 6 months in the provision of the relevant crypto-asset services under supervision. 25. Existing members of staff giving advice on crypto-assets or crypto-asset services19 on the date of entry into application of these guidelines may be considered by crypto-asset service providers as having the necessary knowledge and competence to fulfil their obligations by (i) successfully providing advice on crypto-assets or crypto-asset services 18 For example a university degree or equivalent in a field such as economics, law or business administration. 19 This includes members of staff who provided advice on crypto-assets or crypto-asset services to clients on the behalf of virtual asset service providers (VASPs) under a pre-MiCA national regulatory framework.

38 on a full-time equivalent basis, (ii) under or without supervision, and (iii) for a minimum period of 1 year prior to the entry into application of these guidelines. 26. Crypto-asset service providers should determine, based on the nature of the crypto￾assets and crypto-asset services on which they give advice, the adequate minimum number of hours of continuous professional development or training (CPD) per year that staff giving advice about crypto-assets or crypto-asset services that are available through the crypto-asset service provider should complete, taking into account: a. the existing knowledge and competence of staff members giving advice about crypto-assets or crypto-asset services20 ; b. regulatory changes, key market developments and newly emerging technologies, including potential related risks for investors. For example, staff giving advice on a limited range of crypto-assets or crypto-asset services of the least complex nature should complete a number of CPD hours of 20 hours.21 Crypto-asset service providers should ensure that their staff giving advice about crypto￾assets or crypto-asset services complete the relevant number of hours of CPD per year, as established by the crypto-asset service providers, either by participating in a CPD scheme operated by an external professional education body providing a recognised qualification or by arranging their own CPD hours. Any of the two organisational options for the CPD should include an examination of participants’ acquired knowledge and competence. Competent authorities may publish a list of external professional education bodies providing a recognised qualification. 5.4 Organisational requirements for assessment, maintenance and updating of knowledge and competence (Guideline 4) 27. Crypto-asset service providers should set out the responsibilities of staff and ensure that, where relevant, in accordance with the services provided by the crypto-asset service provider and its internal organisation, there is a clear distinction in the description of responsibilities between the roles of giving advice and giving information. 28. Crypto-asset service providers should: 20 For example, staff providing advice on complex crypto-asset containing client portfolios may need more CPD hours per year than staff providing advice on regular monthly crypto-asset investments of small amounts. 21 As the provision of advice on crypto-assets or crypto-asset services is a more complex service than giving information on crypto￾assets or crypto-asset services, these 20 hours of CPD cover the 10 hours of CPD set out in paragraph 21.

39 a. ensure that staff providing relevant services to clients are assessed through the successful completion of an appropriate qualification and having gained appropriate experience in the provision of relevant crypto-asset services to clients; b. carry out an internal or external review, on at least an annual basis, of staff members’ development and experience needs, assess regulatory developments and take action necessary to comply with applicable requirements. This review should also ensure that staff possess an appropriate qualification and maintain and update their knowledge and competence by undertaking continuous professional development or training, at least in accordance with the relevant minimum guidance set out in these guidelines. This should also include specific training in advance of any new type of crypto-asset or crypto-asset service being offered by the crypto-asset service provider; c. ensure that they submit to their competent authority, on request, records concerning knowledge and competence of staff providing relevant services to clients. These records should contain information that enables the national competent authority to assess and verify compliance with these guidelines; d. ensure that when a member of staff has not acquired the necessary knowledge and competence in the provision of the relevant crypto-asset services, this staff member cannot provide the relevant services. Where a member of staff has not acquired the appropriate qualification or the appropriate experience to provide the relevant crypto-asset services or both, this staff member should be allowed to provide the relevant services under supervision. The level and intensity of supervision should reflect the relevant qualification and experience of the staff member being supervised and this could include, where appropriate, supervision during meetings with clients and other forms of communication such as telephone calls and e-mails. CASPs should ensure that a staff member who has not acquired the necessary knowledge and experience should be able to work under supervision for a maximum period of 4 years, except where a shorter period is determined by the competent authority; e. ensure that, in situations under letter d., the staff member supervising other staff has the necessary knowledge and competence referred to in these guidelines and the necessary skills and resources to act as a competent supervisor; f. ensure that the supervision provided is tailored to the services to be provided by that staff member and cover the principles of these guidelines relevant to those services;

40 g. ensure that the supervisor takes responsibility for the provision of the relevant services when the staff member under supervision is providing relevant services to a client, as if the supervisor is providing the relevant services to the client, including signing-off the suitability report where advice is being provided. 6 Annex: Illustrative examples of the application of certain aspects of the guidelines Examples relating to the scope of the guidelines 29. The following examples set out instances where a staff member would not fall within the scope of the guidelines: a. employees only pointing out where clients can find information provided by the crypto asset service provider; b. employees distributing brochures and leaflets to clients without giving additional information with regards to its content or providing any follow up crypto-asset services to those clients; c. employees who only hand over information at the client’s request without giving any additional information with regards to its content or providing any follow up crypto-asset services to those clients; and d. employees who perform back-office functions without direct relevance for clients, and do not have direct contact with the clients.22 General examples relating to Guideline 1: 30. A crypto-asset service provider provides regular mandatory training to staff in the area of MiCA conduct of business, and organisational requirements. 31. The crypto-asset service provider adopts a code of ethics to set forth the standards of business conduct and behaviour necessary for the proper provision of relevant services and obtain written acknowledgements from staff that they have read, understood and complied with it. 22 However, employees in charge of drafting and publishing information with direct relevance for clients (e.g. - information regarding crypto-assets including recommendations to buy crypto-assets available on their platform) would be in scope of these guidelines, even though they may not be in direct contact with clients.

41 Examples relating to the Guidelines 1, 2 and 3: 32. A crypto-asset service provider provides regular mandatory training to staff in the features and characteristics, including potential risks, of the crypto-assets offered by the provider. This comprises training about products newly offered by the crypto-asset service provider. 33. A crypto-asset service provider ensures its staff are familiar with the situations in which conflicts of interest arise and how to apply the policies and procedures to identify, prevent, manage and disclose conflicts of interest established by the crypto-asset service provider in accordance with Article 72 of MiCA. 34. A crypto-asset service provider ensures its staff are familiar with the situations as to when a crypto-asset service provider may pay or receive an inducement and the relevant legal requirements regulating inducements. 35. CPD courses also include as part of the training and exam assessments of the participant facing client and providing advice in a practical context, which includes for example finding out the client’s investment objectives, the comparison of different products and the explanation of crypto-asset related risks to the client. Examples relating to Guidelines 3 and 4 36. A crypto-asset service provider regularly monitors the suitability assessments provided by staff to assess whether the staff member has considered all aspects of the suitability requirements, against the specific details of the crypto-asset. 37. A crypto-asset service provider regularly monitors that relevant staff giving advice demonstrate: a. ability to ask appropriate questions to the client to understand her/his investment objectives, financial situation and knowledge and experience; b. ability to explain the risks and rewards of a particular crypto-asset or strategy to the client; c. ability to compare selected crypto-assets with regards to key features and risks, to be able to select the crypto-asset best suited to the client profile.

42 Examples relating to Guideline 4 38. The crypto-asset service provider documents staff roles and responsibilities and evaluates their performance against key set criteria contained in the description of responsibilities. 39. Crypto-asset service providers communicate publicly, in a way that is consistent and meaningful to clients, their criteria for demonstrating how staff comply with these guidelines. 40. Continuous or on-going professional development is required in order for staff to hold the “appropriate qualification”. This ongoing assessment contains updated material and tests staff on their knowledge of, for example, regulatory changes, new crypto-assets and services available on the market. This ongoing assessment: a. may involve training in the form of courses, seminars, independent studies or learning; and b. includes an exam to verify that the staff has acquired the necessary knowledge and competence. 41. Crypto-asset service providers verify the relevance of continuous on-ongoing development being provided to staff providing relevant services.