LegalizeCommission Delegated Regulation (EU) 2025/416 of 29 November 2024 supplementing Regulation (EU) 2023/1114 of the European Parliament and of the Council with regard to regulatory technical standards specifying the content and format of order book records for crypto-asset service providers operating a trading platform for crypto-assets
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (1), and in particular Article 76(16), third subparagraph thereof,
Whereas:
(1) To enable competent authorities to perform effective and efficient collation, comparison and analysis of the order data, crypto-asset service providers operating platforms for crypto-assets should keep records of relevant data relating to all orders (order book records) in accordance with this Regulation. They should record the data in an electronic and machine-readable JSON format developed in accordance with the ISO 20022 methodology. An order book should be considered an organised list of buy and sell orders for a specific crypto-asset.
(2) To properly monitor the integrity and stability of the markets in crypto-assets, competent authorities need reliable, consistent and standardised information on the crypto-assets that are traded. Such information should allow them to identify the individual crypto-asset being traded according to internationally established principles. In addition, they should be able to retrieve the main characteristics of the crypto-assets, including their technology-specific features. Crypto-asset service providers should therefore use an appropriate asset identifier to identify crypto-assets in the order and transactions records that they provide to competent authorities. In light of that objective, the use of the Digital Token Identifier (DTI) managed by the Digital Token Identifier Foundation, or alternative eligible identifiers is provided for in Commission Delegated Regulation establishing technical standards adopted pursuant to Article 68(10), first subparagraph, point (b) to identify crypto assets that are the subject of an order or transaction to be recorded by the crypto-asset service provider. In light of those considerations and to ensure a consistent supervisory approach, it is appropriate to provide for the use of asset identifiers in this Regulation under the same conditions as in Commission Delegated Regulation establishing technical standards adopted pursuant to Article 68(10), first subparagraph, point (b).
(3) It is possible that market abuse behaviours, including market manipulation, are carried out through various means, including algorithmic trading. Therefore, to ensure effective market surveillance, where investment decisions are made by a person other than the client or by a computer algorithm, that person or algorithm should be identified in the order and transaction records using unique, robust and consistent identifiers. Where more than one person make an investment decision, the crypto-asset service provider should identify in its records the person with primary responsibility for the decision.
(4) To ensure unique, consistent and robust identification of natural persons referred to in order records, those should be identified by a concatenation of the country of their nationality followed by identifiers assigned by the country of nationality of those persons. Where those identifiers are not available, natural persons should be identified by identifiers created from a concatenation of their date of birth and name. The identification of natural persons should be conducted following the level of prioritisation of different identifiers detailed in Annex II of Commission Delegated Regulation (EU) 2017/590 (2).
(5) It is possible that natural persons that need to be identified for record keeping are residents of a country other than the one of their nationality. Several obligations under Regulation (EU) 2023/1114 are linked to the country of residence of natural persons and collecting that information under this Regulation is therefore important to ensure effective supervision of transactions and orders by competent authorities.
(6) It is necessary that certain personal data are recorded by crypto-asset service providers to identify their clients or other natural persons relevant for orders in crypto-assets, as these data are fundamental to ensure efficient supervision by competent authorities, including in the area of market abuse. In compliance with the principle of data minimisation set out in Regulation (EU) 2016/679 of the European Parliament and of the Council (3), crypto-asset service providers should keep only information that is necessary and sufficient to enable the competent authority to carry out a comprehensive assessment of the crypto-asset service provider’s compliance with the requirements of Regulation (EU) 2023/1114 and to monitor the trading activity relating to crypto-assets orders. When processing personal data included in the records, crypto-asset service providers and competent authorities should comply with the relevant provisions of Regulation (EU) 2016/679.
(7) To facilitate market surveillance and allow comparability of the records, clients that are legal entities should be identified with an identifier that is compatible with the internationally established criteria for the development of robust identification systems for the monitoring of financial markets. With a view to ensuring a consistent supervisory approach, the entity identifiers provided for in Commission Delegated Regulation establishing technical standards adopted pursuant to Article 68(10), first subparagraph, point (b), it is appropriate to provide for the use of entity identifiers in this Regulation under the same conditions as in that Regulation.
(8) Making a choice as to which crypto-asset trading platform to execute orders on or which crypto-asset service provider to transmit orders to, or determining any other conditions related to the execution of the order can be directly relevant for establishing market abuse behaviour. Therefore, to ensure effective market surveillance, a person or computer algorithm within the crypto-asset service provider that is performing such activities should be identified in the order records. Where both a person and computer algorithm are involved, or more than one person or algorithm are involved, the crypto-asset service provider should determine, on a consistent basis following predetermined criteria, which person or algorithm is primarily responsible for those activities.
(9) In compliance with the principle of data minimisation, the crypto-asset service provider should keep only information that is necessary and sufficient to enable the competent authority to carry out a comprehensive assessment of the crypto-asset service provider’s compliance with the relevant requirements of Regulation (EU) 2023/1114 and with that Regulation’s provisions on market abuse. When processing personal data included in the records, crypto-asset service providers and competent authorities should comply with the relevant provisions of Regulation (EU) 2016/679.
(10) The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (4) and delivered an opinion on 28 August 2024.
(11) This Regulation is based on the draft regulatory technical standards submitted to the Commission by the European Securities and Markets Authority (‘ESMA’).
(12) ESMA has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the advice of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council (5),
HAS ADOPTED THIS REGULATION:
Article 1
Content, standards and format of data relating to orders in crypto-assets
Crypto-asset service providers operating a trading platform for crypto-assets shall keep at the disposal of the competent authority, or give the competent authority access to the details of each order in crypto-assets advertised through their systems set out in Articles 2 to 15, as specified in the format laid down in Tables 2 and 3 of the Annex, insofar as they pertain to the order concerned.
The data referred to in paragraph 1 shall be in a JSON format in accordance with the methodology laid out in standard ISO 20022.
Article 2
Identification of the parties involved in the order
For all orders in crypto-assets, crypto-asset service providers operating a trading platform for crypto-assets shall keep records to identify all of the following:
(a) the participant to the trading platform for crypto-assets that is a legal entity and submits the order to the trading platform for crypto-assets, as identified in accordance with Article 4 and field 1 of Table 2 of the Annex;
(b) the participant to the trading platform for crypto-assets who is a natural person and submits the order to the trading platform for crypto-assets, as identified in accordance with field 2 of Table 2 of the Annex;
(c) the client on whose behalf the participant to the trading platform for crypto-assets referred to in points (a) or (b) submits the order to the trading platform for crypto-assets, as identified in accordance with field 3 of Table 2 of the Annex;
(d) the person or the computer algorithm within the participant to the trading platform for crypto-assets referred to in points (a) and (b) that is responsible for the investment decision in relation to the order, as identified in accordance with field 4 of Table 2 of the Annex;
(e) the person or the computer algorithm within the participant to the trading platform for crypto-assets referred to in points (a) and (b) that is responsible for the execution of the order, as identified in accordance with field 5 of Table 2 of the Annex.
For the purposes of point (d), where more than one persons take the investment decision, the crypto-asset service provider operating a trading platform for crypto-assets shall keep records of the person with primary responsibility for that decision. A crypto-asset service provider operating a trading platform for crypto-assets shall only identify such a person or computer algorithm where the investment decision is made on behalf of either the participant, or a client in accordance with a discretionary mandate to it by the client.
Where a participant to the trading platform for crypto-assets intends to allocate an order to its client following submission of the order to the trading platform for crypto-assets and has not yet allocated the order to its client at the time of the submission of the order, that client shall be identified as specified in field 3 of Table 2 of the Annex.
Where several orders of different clients are submitted to the trading platform for crypto-assets together as an aggregated order, the information referred to in field 3 of Table 2 of the Annex shall be recorded in respect of each client.
Article 3
Designation to identify natural persons
Crypto-asset service provider operating a trading platform for crypto-assets shall identify natural persons in the order book records by using the designation resulting from the concatenation of the ISO 3166-1 alpha-2 specified in ISO 3166 followed by the national client identifier as specified in Annex II of Delegated Regulation (EU) 2017/590 based on the nationality of the person. The two-letter country code shall correspond to the nationality of natural person.
The national client identifier referred to in paragraph 1 shall be assigned in accordance with the priority levels provided in Annex II of Delegated Regulation (EU) 2017/590 using the highest priority identifier that a person has regardless of whether that identifier is already known to the crypto-asset service provider operating a trading platform for crypto-assets.
Where a natural person is a national of more than one European Economic Area (EEA) country, the country code of the first nationality when sorted alphabetically by its ISO 3166-1 alpha-2 code and the identifier of that nationality assigned in accordance with paragraph 2 shall be used. Where a natural person has a non-EEA nationality, the highest priority identifier in accordance with the field referring to ‘all other countries’ provided in Annex II of Delegated Regulation (EU) 2017/590 shall be used. Where a natural person has an EEA and a non-EEA nationality, the country code of the EEA nationality and the highest priority identifier of that nationality assigned in accordance with paragraph 2 shall be used.
Where a natural person is a resident of a country other than the one of its nationality, crypto-asset service providers operating a trading platform for crypto-assets shall also identify that natural person based on the country of its residence as specified in field 50 of Table 2 of the Annex.
Prefixes to names shall be excluded and first names and surnames shorter than five characters shall be appended by ‘#’. All characters shall be in upper case. No apostrophes, accents, hyphens, punctuation marks or spaces shall be used.
Where the identifier assigned in accordance with paragraph 2 is based on CONCAT, the natural person shall be identified by the crypto-asset service provider operating a trading platform for crypto-assets using the concatenation of the following elements in the following order:
(a) the date of birth of that person in the format YYYYMMDD;
(b) the five first characters of the first name of that person;
(c) the five first characters of the surname of that person.
Article 4
Identifiers for legal entities and crypto-assets
Crypto-asset service providers operating a trading platform for crypto-assets shall identify legal entities in order book records by using the entity identifier in accordance with Article 14 of Commission Delegated Regulation establishing technical standards adopted pursuant to Article 68(10), first subparagraph, point (b).
Crypto-asset service providers operating a trading platform for crypto-assets shall identify crypto-assets in order book records by using the asset identifiers in accordance with Article 15 of Commission Delegated Regulation establishing technical standards adopted pursuant to Article 68(10), first subparagraph, point (b).
Where using the Legal Entity Identifier (LEI) to identify legal entities in accordance with paragraph 1, the crypto-asset service provider operating a trading platform for crypto-assets shall ensure that the length and construction of the LEI code recorded in the order book records is compliant with the ISO 17442 standard and that the LEI code is included in the Global LEI database maintained by the Central Operating Unit appointed by the Regulatory Oversight Committee, and refers to the entity concerned.
Article 5
Trading capacity of participants of the trading platform for crypto-assets
The trading capacity in which the participant of the trading platform for crypto-assets submits an order shall be recorded as specified in field 7 of Table 2 of the Annex.
Article 6
Date and time recording
Crypto-asset service providers operating a trading platform for crypto-assets shall maintain a record of the date and time of the occurrence of each event listed in field 20 of Table 2 of the Annex as specified in field 8 of Table 2 of the Annex.
Crypto-asset service providers operating a trading platform for crypto-assets shall maintain a record of the date and time for each data element listed in fields 47, 48 and 49 of Table 2 of the Annex, as specified in field 8 of Table 2 of the Annex.
Article 7
Validity period and order restrictions
Crypto-asset service providers operating a trading platform for crypto-assets shall keep a record of the validity periods and order restrictions that are listed in fields 9 and 10 of Table 2 of the Annex.
Records of the dates and times in respect of validity periods shall be maintained for each validity period as specified in field 11 of Table 2 of the Annex.
Article 8
Priority and sequence numbers
Crypto-asset service providers operating a trading platform for crypto-assets which operate trading systems on a price visibility-time priority shall maintain a record of the priority time stamp for all orders as specified in field 12 of Table 2 of the Annex.
Crypto-asset service providers operating a trading platform for crypto-assets which operate trading systems on a size-time priority basis shall maintain a record of the quantities which determine the priority of orders as specified in field 13 of Table 2 of the Annex and the priority time stamp referred to in paragraph 1.
Crypto-asset service providers operating a trading platform for crypto-assets which use a combination of price-visibility-time priority and size-time priority and display orders on their order book in time priority shall maintain a record of the priority time stamp for all orders as specified in field 12 of Table 2 of the Annex.
Reading this document does not replace reading the official text published in the Official Journal of the European Union. We assume no responsibility for any inaccuracies arising from the conversion of the original to this format.