European Markets in Financial Instruments Directive (MiFID) licenseApplication

1. Background and purpose of MiFID

1. Promote market integration: Promote cross-border financial services and competition by unifying the financial market regulatory rules of EU member states.
2. Protecting investors: Raise investor protection standards and ensure financial institutions act in the best interests of their clients.
3. Improving market transparency：Standardize transaction execution and reporting to reduce market manipulation and unfair behavior.
4. Enhance market efficiency：Encourage innovation of financial instruments and trading platforms to reduce transaction costs.

2. Scope of application of MiFID

• Financial institution：Banks, investment companies, securities companies, asset management companies, etc.
• Financial tool: Covers stocks, bonds, derivatives (futures, options, swaps, etc.), structured products, fund shares, etc.
• Trading venue: Includes regulated markets (RM), multilateral trading facilities (MTF), organized trading facilities (OTF) and systematic internal matching (SI).

• Legal entity establishment :

  • Applicants must be registered as a legal entity (such as a limited company) in an EU member state.
  • The entity must have a clear business scope and focus on investment services or activities specified in MiFID (such as securities trading, investment advice, asset management, etc.).

• ---

  Clear business scope :

  • Applicants are required to submit a detailed business plan clearly stating the types of investment services and financial instruments to be provided. Investment services regulated by MiFID include:
    • Accept and deliver customer orders.
    • Execute customer orders.
    • Proprietary trading.
    • Portfolio management.
    • Investment advice.
    • Underwriting or placing financial instruments.
  • The business plan should also describe the target market, customer type (retail, professional or qualified counterparty) and operating model.

• ---

  Minimum capital requirements :

  • MiFID II sets different minimum capital requirements depending on the type of services provided by the institution and the risk exposure, as follows:
    • €50,000: Applicable to institutions that do not hold client funds or securities and only provide order routing or investment advice.
    • €125,000: Applicable to institutions that hold client funds or securities, or engage in proprietary trading.
    • €730,000: Applicable to institutions engaged in high-risk activities (such as systematic internal matching or large-scale proprietary trading).
  • Institutions are required to demonstrate that they are adequately capitalized and submit audited financial statements.

• ---

  Governance structure and organizational requirements :

  • Corporate Governance：A clear organizational structure needs to be established, including a board of directors, a supervisory board (if applicable) and senior management.
  • Risk Management: Establish an independent risk management department to formulate and implement risk control policies covering market risk, operational risk and credit risk, etc.
  • Compliance Department: Establish a compliance department to ensure compliance with MiFID II’s transparency, reporting and investor protection requirements.
  • Internal Audit: In some cases, it is necessary to establish an independent internal audit function to regularly evaluate the effectiveness of internal controls.

• ---

  Personnel Qualification and Suitability :

  • senior management：Directors and senior management must have sufficient professional knowledge, skills and experience (usually more than 5 years of experience in finance or related fields) and pass the regulator's "Fit and Proper" assessment.
  • Key position employees：Traders, compliance officers, risk managers, etc. need to have relevant qualifications or prove their professional capabilities.
  • background check: All senior managers are subject to background checks to ensure they have no criminal record or major violations.

• ---

  Technical and operational capabilities :

  • Trading System: Applicants need to demonstrate that their trading systems are robust and can handle order execution, data recording and reporting requirements, especially high-frequency trading or algorithmic trading.
  • Data report: Must have the ability to submit transaction reports to regulators and comply with MiFID II's pre- and post-trade transparency requirements.
  • cyber security: Ensure that the system has adequate cybersecurity measures to prevent data leakage or system failure.
  • record keeping: You must be able to keep all communication records related to investment services (including phone calls, emails, etc.), which are usually kept for 5 to 7 years.

• ---

  Investor Protection Measures :

  • Applicants will need to demonstrate compliance with MiFID II’s investor protection requirements, including:
    • Customer classification (retail, professional, eligible counterparties) and their corresponding protection measures.
    • Suitability and suitability assessment process.
    • Best execution policy ensures that customer orders are executed under the best conditions.
    • Conflict of interest management policy to prevent commission inducement or other improper behavior.
  • Submit product governance plans to ensure that financial product design and distribution meet the needs of the target market.

• ---

  Anti-Money Laundering and Compliance :

  • Applicants are required to develop and implement an Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) policy in compliance with the EU Anti-Money Laundering Directive (AMLD).
  • It is necessary to conduct customer due diligence (KYC) and ensure monitoring and reporting mechanisms for suspicious transactions.

• Choosing a Regulatory Authority :

  • Applicants are required to choose a regulatory authority in an EU member state to submit their application. The choice is usually based on the location of the business, the regulatory environment or cost (e.g. Cyprus, Malta etc. are popular due to their lower costs).
  • Common regulatory agencies include:
    • Financial Conduct Authority (FCA)
    • German Federal Financial Supervisory Authority (BaFin)
    • Cyprus Securities and Exchange Commission (CySEC)
    • Malta Financial Services Authority (MFSA)

• ---

  Prepare application materials :

  • Applicants are required to submit the following documents (specific requirements vary by regulatory body):
    • Certificate of Incorporation and Articles of Incorporation.
    • Detailed business plan (including market analysis, financial forecasts and risk management strategy).
    • Proof of capital adequacy (bank deposit certificate or audited financial statements).
    • Resumes, qualifications and background check materials of senior management and key employees.
    • Risk management, compliance and internal control policies.
    • Description of technical systems (including trading platforms, data reporting and network security measures).
    • Investor protection measures and product governance plans.
    • Anti-Money Laundering and KYC policies.
  • All documents must be translated into the language required by the regulatory body (e.g. English or local language).

• ---

  Submit application :

  • Submit your application through the regulator’s online platform or in paper form.
  • Pay the application fee (fees vary from country to country, usually from several thousand to tens of thousands of Euros).

• ---

  review process :

  • The regulatory authorities typically complete their review within 3 to 6 months (depending on the complexity of the application and the efficiency of the regulatory authorities).
  • During the review, the regulator may request additional materials or conduct an interview.
  • Some regulators (such as the FCA) may require an on-site inspection to ensure the applicant's operational readiness.

• ---

  Obtaining a license :

  • If the application is approved, the regulator will issue a MiFID license, allowing the applicant to provide investment services in the country.
  • License holders can provide services to other EEA member states through "passporting" without the need for additional application.

1. investor protection

• Customer Classification :
  • Continue to classify clients as retail clients, professional clients or eligible counterparties and provide different levels of protection based on their classification.
  • The accuracy of client classification needs to be reviewed regularly, particularly if the client's financial situation or investment objectives change.
• Suitability and fitness assessment :
  • When providing non-advisory services, assess whether the client’s knowledge and experience are appropriate for the specific financial instrument (suitability).
  • When providing investment advice or asset management, ensure that the advice is consistent with the client’s financial situation, investment objectives and risk tolerance (suitability).
  • Relevant assessment records must be kept for review by regulatory authorities.
• Best Execution :
  • Develop and implement best execution policies to ensure that client orders are filled at the best price, speed and execution possibility.
  • Regularly (at least annually) review the effectiveness of the execution policy and disclose execution quality reports to clients.
• Conflict of Interest Management :
  • Identify and manage potential conflicts of interest (e.g., commission incentives or proprietary trading versus client interests).
  • Disclose unavoidable conflicts of interest and take steps to mitigate their impact.
  • MiFID II prohibits accepting commissions from third parties in certain circumstances (e.g. for independent investment advice), ensuring that fee structures are transparent.
• Product Governance :
  • Ensure that the financial products designed and distributed meet the needs of customers in the target market and review product performance regularly.
  • Share target market information with product distributors and monitor distribution channels for compliance.
• Information disclosure :
  • Provide customers with clear, fair and not misleading information, including fees, risks, product features and terms of service.
  • Providing regular reporting (e.g. on portfolio performance or transaction costs) to ensure clients understand the status of their investments.

2. Market transparency and reporting

• Pre-trade transparency :
  • Publicly available bid and ask quotes and order book data on a regulated market (RM), multilateral trading facility (MTF) or organised trading facility (OTF).
  • Systematic internal matching (SI) agencies are required to make their quotes public, especially for equities and derivatives.
• Post-trade transparency :
  • All transactions (including over-the-counter transactions, OTC) must be reported to the Approved Publication Arrangement (APA) or regulatory authority within a reasonable time.
  • The report includes transaction time, price, quantity, counterparty and financial instrument identification number (such as ISIN).
• Transaction Report :
  • Submit detailed transaction reports to the regulator covering transactions in all MiFID financial instruments.
  • The report must be submitted within T+1 day after the end of the trading day and the format must comply with ESMA's technical standards.
• Reference Data :
  • Submit reference data of financial instruments (such as ISIN code, trading venue code) to ensure data consistency and traceability.
• Data quality :
  • Ensure accuracy and completeness of reported data and implement internal data validation processes.
  • If any errors are found, they must be corrected promptly and the regulatory authorities notified.

3. Trading venues and market structure

• Operational Compliance :
  • If an institution operates an RM, MTF or OTF, it must comply with specific operational and transparency rules, such as fair trading principles and system robustness requirements.
  • OTF operators need to ensure that their discretionary power complies with regulatory guidelines.
• Systematic Internal Matching (SI) :
  • If an institution meets the SI threshold (i.e. frequently trades with clients on its own account), it must register as an SI and comply with quotation and reporting requirements.
  • Regularly assess whether SI qualifications are met and report to the regulatory authority.
• Over-the-Counter (OTC) :
  • Implement stricter reporting and transparency requirements for OTC transactions to reduce the risk of unreported transactions.

4. Derivatives Market Regulation

• Compulsory Liquidation :
  • Certain standardized over-the-counter derivatives need to be cleared through a central clearing house (CCP), and institutions need to establish a connection with the CCP and comply with clearing rules.
• Trading obligations :
  • Certain derivatives must be traded on RM, MTF or OTF, and institutions must ensure that the trading venues are compliant.
• Risk Management :
  • Implement risk management measures for derivatives trading, such as margin requirements and position limits.

5. Algorithmic Trading and High Frequency Trading (HFT)

• System robustness :
  • Ensure that algorithmic trading systems have sufficient robustness and risk controls to prevent system failures or market disruptions.
  • Implement stress testing and business continuity plans.
• regulatory requirements :
  • Institutions engaging in high-frequency trading are subject to specific licensing and additional reporting requirements (such as order book data).
  • Maintain detailed records of all algorithmic trading, including order submissions and cancellations.
• Market Abuse Prevention :
  • Monitor trading behavior to prevent order book manipulation, quote stuffing, or other market abuse.

6. Anti-Money Laundering and Compliance

• Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) :
  • Conduct customer due diligence (KYC) to verify customer identities and assess their risk level.
  • Monitor suspicious transactions and report them to regulators in compliance with the EU Anti-Money Laundering Directive (AMLD).
• Compliance Monitoring :
  • Establish a compliance officer to oversee MiFID compliance and liaise with regulators.
  • Train employees regularly to ensure familiarity with regulatory requirements and internal policies.

7. record keeping

• Maintain all records related to investment services, including:
  • Customer communications (phone, email, instant messaging, etc.).
  • Trading data (orders, execution records, reports).
  • Suitability and appropriateness assessment.
  • Conflict of interest management measures.
• Shelf life is typically 5 to 7 years, depending on regulatory agency requirements.
• Records need to be readily available for inspection by regulatory authorities and stored in an electronic format for rapid retrieval.

8. Capital and Financial Requirements

• Adequate capital :
  • Continue to meet minimum capital requirements and adjust capital levels based on business size and risk exposure.
  • Regular capital stress testing is performed to ensure that operations can be maintained during market fluctuations or operational difficulties.
• Financial reporting :
  • Submit audited financial statements to regulatory authorities, usually as annual reports.
  • If there are any significant financial changes (such as capital reduction), the regulatory authorities must be notified in a timely manner.

9. Internal Governance and Audit

• governance structure :
  • Maintain effective corporate governance, including separation of board oversight, risk management and compliance functions.
  • Regularly review governance policies to ensure they remain relevant to business and regulatory changes.
• Internal Audit :
  • Implement internal audit programs to evaluate the effectiveness of risk management and compliance measures.
  • Engage external auditors to conduct independent audits, particularly in the areas of transaction reporting and financial compliance.