ESMA Final Guidelines on Knowledge and Competence under Regulation (EU) 2023/1114 (MiCA)
- James Ross
- Jul 12
- 5 min read
1. Executive Summary
On July 11, 2025, the European Securities and Markets Authority (ESMA) issued its final report on the guidelines governing the knowledge and competence criteria for personnel of Crypto-Asset Service Providers (CASPs), as mandated by Article 60(7) of the MiCA Regulation. These guidelines establish a harmonised regulatory standard designed to fortify the investor protection regime within the EU's digital asset sector. The framework establishes a clear distinction between competence requirements for staff performing informational versus advisory functions, codifies minimum qualifications, and mandates structured Continuous Professional Development (CPD). Consequently, CASPs face significant strategic and operational adjustments, necessitating investment in human capital, the implementation of robust compliance frameworks, and the formalisation of internal governance and record-keeping processes to ensure adherence to these new standards.
2. Introduction
The Markets in Crypto-Assets (MiCA) Regulation, effective as of December 30, 2024, establishes a comprehensive regulatory perimeter for crypto-assets within the European Union. A critical component of this framework is the mandate for ESMA to specify the criteria for assessing the professional competence of individuals acting on behalf of CASPs. This report provides a technical analysis of ESMA's final guidelines published on July 11, 2025. It deconstructs the core tenets of the guidelines and evaluates the strategic and operational implications for entities subject to MiCA's jurisdiction.
3. Deconstruction of the Guidelines
The guidelines apply to both National Competent Authorities (NCAs) and CASPs, structured around four primary pillars of regulatory expectation.
Guideline 1: General Principles & Governance
CASPs bear ultimate responsibility for the competence of their client-facing staff. This requires the establishment and maintenance of internal policies that ensure staff not only possess the requisite knowledge but also comprehend and adhere to the firm's ethical and procedural standards. A key structural element is the formal distinction between advisory and informational roles, imposing materially more stringent requirements on the former. For services that employ automated or semi-automated systems, the competence requirements extend to the personnel responsible for designing, developing, and continually parameterising the underlying algorithms. The management body is responsible for conducting an annual review of the effectiveness of these internal policies.
Guideline 2: Competence Requirements for Staff Providing Information
Personnel engaged in providing information must demonstrate proficiency across a spectrum of domains:
Product and Technology: In-depth knowledge of the features, risks, and technical underpinnings of offered crypto-assets and services, including distributed ledger technology (DLT) protocols, consensus mechanisms, smart contract vulnerabilities, and cybersecurity threat vectors.
Cost Structures: A granular understanding of all direct and indirect costs, fees, and charges applicable to clients.
Market Microstructure: Comprehension of crypto-asset market dynamics, including price formation, liquidity, volatility drivers, and the impact of tokenomics (e.g., supply distribution and vesting schedules).
Regulatory Framework: Familiarity with the distinctions in investor protection between MiCA and Directive 2014/65/EU (MiFID II), as well as applicable market abuse and AML/CTF regulations.
Valuation and Analysis: The ability to interpret technical information from crypto-asset white papers and understand basic valuation methodologies.
Minimum Qualification Thresholds (New Staff):
A certified professional qualification of at least 80 hours of relevant study, supplemented by 6 months of supervised professional experience; OR
A minimum of 1 year of relevant, supervised professional experience.
Continuous Professional Development (CPD):
An annual requirement, suggested at a minimum of 10 hours for standard services, to be verified by an examination.
Guideline 3: Enhanced Competence Requirements for Staff Providing Advice
In addition to satisfying all criteria for information providers, advisory personnel must possess a superior level of expertise:
Suitability Assessment: A thorough command of MiCA's suitability requirements and the methodologies for assessing a client's objectives, risk tolerance, and financial situation.
Risk Management: Advanced ability to analyse and articulate why a specific crypto-asset or strategy is unsuitable for a client's profile.
Portfolio Theory: A firm grasp of investment portfolio management, diversification principles, and risk-return optimisation in the context of crypto-assets.
Valuation Methodologies: Proficiency in the valuation mechanisms and models applicable to the crypto-assets on which advice is rendered.
Minimum Qualification Thresholds (New Staff):
A relevant tertiary education degree (e.g., finance, economics, law) and 1 year of supervised experience; OR
A certified professional qualification of at least 160 hours and 1 year of supervised experience; OR
A minimum of 2 years of advisory experience under MiFID II or the Insurance Distribution Directive (IDD), supplemented by 6 months of supervised experience specific to crypto-asset services.
Continuous Professional Development (CPD):
An annual requirement, suggested at a minimum of 20 hours for standard advisory services, to be verified by an examination.
Guideline 4: Organisational & Supervisory Obligations
CASPs must embed these competence standards within their corporate structure:
Policy Implementation: Develop and enforce robust internal policies for assessing, training, and regularly monitoring staff competence.
Supervisory Framework: Personnel not yet meeting the full competence criteria must operate under the direct supervision of a qualified individual for a period not exceeding four years. The designated supervisor is explicitly responsible for the actions of the individual being supervised.
Auditable Records: Maintain comprehensive and auditable records of all staff qualifications, experience, assessments, and CPD activities, which must be made available to NCAs upon request.
Governance and Review: Institute an annual internal review process to ensure the firm's competence framework remains aligned with evolving regulations and market practices.
4. Strategic and Operational Implications for CASPs
The guidelines necessitate a strategic reassessment of human capital management and compliance frameworks:
Elevated Regulatory and Compliance Overhead: Firms must design and operationalise a comprehensive compliance infrastructure for talent assessment, training, and supervision, complete with rigorous documentation and reporting capabilities.
Mandatory Human Capital Investment: Significant investment in structured training, professional certification programs, and CPD is no longer discretionary. This will impact budgeting and resource allocation.
Burden of Proof: The onus is now squarely on the CASP to affirmatively demonstrate—not merely attest to—the competence of its staff through verifiable means.
Liability and Risk Management: The formal supervisory requirements create clear lines of accountability, increasing the liability exposure for firms and individual supervisors in cases of non-compliance or client detriment.
Transitional Provisions: While a one-year experience threshold provides a transitional arrangement for incumbent staff, it does not exempt them from CPD or the firm's ongoing assessment responsibilities, precluding simple "grandfathering."
Operational Costs: Firms must budget for direct and indirect costs, including course fees, examination costs, the administrative burden of tracking CPD, and potentially higher salaries to attract and retain qualified personnel.
5. Implementation Timeline
The guidelines will enter into force six months following their official publication and translation across all EU languages on the ESMA website. This timeline provides a finite window for CASPs to achieve full compliance with the stipulated requirements.
6. Conclusion
ESMA's final guidelines on knowledge and competence are a cornerstone of the MiCA Regulation, fundamentally altering the operational and compliance landscape for Central Securities Depositories (CSDs) and Central Securities Depositories (CSDs) in the EU. By institutionalising professional standards, the regulations aim to enhance market integrity, reduce the risk of mis-selling, and bolster investor confidence. For firms, this represents a paradigm shift from informal practices to a structured, auditable, and regulated approach to human capital. Proactive and strategic investment in compliance and training will be a critical determinant of a firm's ability to operate successfully and maintain a competitive edge in this new regulatory landscape.
Comments