What are the main aspects of the guidelines?

The guidelines aim to promote convergence among CASPs in assessing the knowledge and competence of their staff, including their understanding of the risks and characteristics associated with Distributed Ledger Technology (DLT). They also seek to strengthen investor protection by establishing a minimum baseline of knowledge applicable to all employees and to foster supervisory convergence among National Competent Authorities (NCAs).

A proportionate approach has been adopted, distinguishing between staff who provide information and those who provide advice, in line with the complexity of their respective roles.

Although Article 81(7)⁴ of the MiCA Regulation states that these guidelines apply solely to CASPs providing advice, ESMA has decided to extend their scope to include staff responsible for providing information within such entities, considering it essential that all employees receive appropriate training.

The expected benefits include the following:

• Risk reduction
• Increased investor confidence
• Enhanced operational efficiency of CASPs

The management body shall assess, at least annually, compliance with these guidelines and with Articles 68(5)⁵ and 81(7) of the MiCA Regulation, which relate to the level of knowledge and competence of staff. It shall also be responsible for adopting the necessary measures to address and remedy any deficiencies identified.

⁴ Article 81(7) of the MiCA Regulation: “Crypto-asset service providers providing advice on crypto-assets shall ensure that natural persons giving advice or information about crypto-assets, or a crypto-asset service, on their behalf possess the necessary knowledge and competence to fulfil their obligations. Member States shall publish the criteria to be used for assessing such knowledge and competence.”

⁵ Article 68(5) of the MiCA Regulation: “Crypto-asset service providers shall employ personnel with the knowledge, skills and expertise necessary for the discharge of the responsibilities allocated to them, taking into account the scale, nature and range of crypto-asset services provided.”

What relevant comments were received during the public consultation of the initial draft of the guidelines?

The majority of the responses received—including those submitted by the SMSG—expressed overall support for the guidelines. However, certain CASPs suggested that the guidelines could be replaced by a good practice guide, which would allow them to develop their own internal training policies.

The SMSG proposed the introduction of stricter requirements, such as the obligation for staff to obtain relevant professional qualifications within six months following the entry into force of the guidelines, and for staff assessments to be conducted by third parties. The guidelines allow such assessments to be performed either by the CASPs themselves or by an independent third party.

ESMA received a total of 20 public responses—all of which are available on its website⁶—including one from the CNMV Advisory Committee⁷. In addition, three confidential responses were submitted.

⁶ Consultation on the Guidelines for the criteria on the Assessment of Knowledge and Competence under MiCA.

⁷ The CNMV Advisory Committee is the CNMV’s consultative body, composed of participants from the financial markets, and its opinions are issued independently from those of the CNMV.

What are the key aspects regarding staff?

The staff responsible for providing information must possess a thorough understanding of the characteristics⁸, and associated risks⁹, of both the crypto-asset services and the crypto-assets offered. They must also be fully aware of the costs borne by the customer, the applicable regulatory framework, the functioning of the crypto-asset market, and the basic valuation mechanisms, among other relevant aspects.

Conversely, staff engaged in advisory functions must have additional expertise concerning the suitability of the product for the customer, portfolio management, and a deeper knowledge of the valuation mechanisms of the crypto-assets offered.

The guidelines also apply to staff who provide advice or information through automated or semi-automated processes. Likewise, they extend to staff responsible for defining the parameters of such processes, as the guidelines require them to possess an appropriate level of knowledge and competence.

CASPs themselves, or external service providers, must assess whether staff possess an adequate level of knowledge and competence. For guidance, the following minimum criteria are proposed:

For staff performing customer information functions:

• A professional qualification comprising at least 80 hours of training, and a minimum of six months’ experience under supervision¹⁰.
• Adequate professional experience of at least one year under supervision.

For staff performing customer advisory functions:

• A higher education degree (at university level or equivalent) of at least three years’ duration, with content relevant to the provision of advice on crypto-assets or crypto-asset-related services, together with a minimum of one year’s related experience under supervision.
• Secondary education and vocational training of at least three years, combined with at least one year of relevant experience under supervision.
• Vocational training comprising at least 160 hours, accompanied by a minimum of one year’s relevant experience under supervision.
• At least two years of professional experience in providing advice within the scope of MiFID II or the Insurance Distribution Directive (IDD)¹¹, together with a minimum of six months’ related experience under supervision.

CASPs may consider that staff who, at the date of application of these guidelines, are already engaged full-time in providing information or advice on crypto-assets or related services, whether under supervision or not, and who have been performing such functions for at least one year, possess the required levels of knowledge and competence.

⁸ The key characteristics of crypto-assets and related services with which staff should be familiar include: a basic understanding of the consensus mechanism as it relates to the protocol employed and its implications, as well as the validation rules, scalability, level of decentralisation, governance and interoperability of the protocol. Staff should also understand the economic model of the crypto-asset.

⁹ Key risks include those associated with volatility, cybersecurity, insecure storage of private keys, technological failures, and the transfer of crypto-assets.

¹⁰ According to the definition provided in the guidelines, “under supervision” means providing the relevant services to clients under the responsibility of a staff member who has both an appropriate qualification and appropriate experience.

¹¹ Directive (EU) 2016/97 of the European Parliament and of the Council of 20 January 2016 on insurance distribution

What are the key aspects related to CASP organisation?

CASPs must comply with the following requirements, among others:

• Define the responsibilities of its staff in relation to these functions.
• Ensure staff has undergone an assessment to verify the possession of an adequate level of knowledge and competence.
• Establish a minimum number of annual training hours.
• Assess, at least annually, the level of knowledge and competence of staff to ensure they remain up-to-date and possess the skills required for their respective roles.
• Maintain records of staff knowledge and competence, so that such information can be made available to the relevant NCA upon request.

What are the next steps to take in this regard?

Once the guidelines have been published in all official languages of the European Union, NCAs will have a two-month period to notify ESMA whether they comply, do not comply, or intend to comply (and, in the latter case, to specify the timeframe for doing so). If an NCA does not intend to comply, it shall provide the reasons for its decision.

Following the extension of the implementation deadline compared with ESMA’s initial proposal, the guidelines will be applicable six months after the publication of their official translations on ESMA’s website.