Source: OJ L, 2025/1142, 10.6.2025Current language: EN
- Markets in crypto-assets
Crypto-asset service provider
- RTS on CASP conflicts of interest
Article 4 Conflict of interest policies and procedures referred to in Article 72(1) of Regulation (EU) 2023/1114
The conflict of interest policies and procedures shall be set out in writing and shall take into account:
the scale, nature and range of crypto-asset services and other activities provided or carried out by the crypto-asset service provider;
where the crypto-asset service provider is a member of a group, any circumstances which may give rise to a conflict of interest due to the structure and business activities of other entities within the group.
The management body of the crypto-asset service provider shall be responsible for the definition, adoption, implementation of those policies and procedures. It shall periodically assess and review their effectiveness and address any deficiencies in that respect.
Crypto-asset service providers shall establish effective internal channels to inform and provide ongoing access to employees and members of the management body of their conflict of interest policies and procedures and provide appropriate updated training on those conflict of interest policies and procedures.
The conflict of interest policies and procedures shall include:
in relation to any crypto-asset service or activity provided by the crypto-asset service provider or carried out on its behalf by a consultant, adviser, delegatee or outsourcee, a description of the circumstances which may give rise to a conflict of interest as referred to in Articles 2 or 3;
the processes to be applied in order to identify, prevent, manage, and disclose the conflicts of interest referred to in Articles 2 and 3;
a clear reference to the organisational and managerial structure of the crypto-asset service provider.
The conflict of interest policies and procedures shall take into account the risk of damage to the interests of one or more clients or the interests of the crypto-asset service provider.
The processes referred to in Article 4(4), point (b), shall include at least the following elements:
measures to report and communicate promptly to the designated internal reporting channel any matter that may result, or has resulted, in a conflict of interest;
measures to prevent and control the exchange of information between connected persons engaged in activities involving a risk of a conflict of interest where the exchange of that information may harm the interests of one or more clients;
the separate internal oversight of connected persons whose principal functions involve carrying out activities on behalf of, or providing services to, clients whose interests may conflict with each other or with the interests of the crypto-asset service provider;
the removal of any direct link between the remuneration provided to the crypto-asset service provider’s employees, delegatees, outsourcees, subcontractors or members of the management body principally engaged in one activity and the remuneration of, or revenues generated by, different employees, delegatees, outsourcees, subcontractors or members of the management body of the crypto-asset service provider principally engaged in another activity, where there are demonstrable grounds that a conflict of interest may arise in relation to those activities;
measures to ensure that connected persons who perform outside business activities related to the crypto-asset service provider are prevented from having inappropriate influence within the crypto-asset service provider regarding those activities;
measures to prevent or control the simultaneous or sequential involvement of a connected person in separate crypto-asset services or activities where such involvement may impair the proper management of conflicts of interest;
measures to ensure that conflicting activities or transactions are entrusted to different persons;
measures to establish the responsibility of the members of the management body to inform other members of and abstain from voting on any matter where a member has or may have a conflict of interest;
measures to prevent members of the management body from holding management positions in competing crypto-asset service providers outside of the same group;
measures to prevent and control the exchange of information between connected persons engaged in activities involving a risk of a conflict of interest where the exchange of that information may affect the performance of such connected person’s responsibilities to the crypto-asset service provider.
The crypto-asset service provider shall ensure that policies and procedures referred to in paragraph 3, point (b), provide reasonable reassurance that the risks of damage to the interests of the crypto-asset provider or its clients will be prevented or appropriately mitigated.
The conflicts of interest policies and procedures shall ensure that adequate resources, including adequate and independent human resources are dedicated by the crypto-asset service provider to their implementation, maintenance and review, including the appointment of a person that is responsible for the identification, prevention, management and disclosure of conflicts of interest.
That person shall have the authority necessary to discharge their responsibilities appropriately and independently and shall report directly to the management body.
Where that person has been entrusted with other roles or functions, those shall be appropriate given the scale, nature and range of crypto-asset services and other activities of the crypto-asset service provider, and shall not compromise the independence and objectivity of that person.
The conflict of interest policies and procedures shall define the skills, knowledge and expertise necessary for staff in charge of the responsibilities referred to in the first subparagraph and shall provide for such staff to have access to all relevant information for the discharge of their responsibilities.
Relevant recitals
Recital 1 Proportionality principle
When implementing and maintaining the policies and procedures to identify, prevent, manage and disclose conflicts of interest as referred to in Article 72 of Regulation (EU) 2023/1114, crypto-asset service providers should take into account the principle of proportionality to ensure that the conflict of interest policies and procedures are sufficient to achieve the objectives of that Article. In accordance with Article 72(1) of Regulation (EU) 2023/1114, crypto-asset service providers are also to take into account the scale, nature and range of crypto-asset services provided.
Recital 3 Consideration of group-related circumstances
Where the crypto-asset service provider belongs to a group, circumstances related to that fact should be also taken into account.
Recital 4 Managing group-driven conflict of interests
Crypto-asset service providers that are part of a group should therefore appropriately address situations that may give rise to a conflict of interest due to the structure and business activities of other entities within their group. To that end, where a crypto-asset service provider provides, on its own or with other entities of its group, multiple crypto-asset services and related activities, the conflict of interest policies and procedures should prevent any abuse resulting from concentrated control, management of related-party transactions, including transactions involving affiliated companies.
Recital 6 Ensuring transparent organisational structure
In order for the conflict of interest policies and procedures to be effective, crypto-asset service providers should have a transparent organisational and managerial structure, which is consistent with their overall strategy and risk profile, and which is well understood by their management body, affiliated entities, national competent authorities, and clients.
Recital 7 Decision-making integrity of the management body
The sound governance and management of crypto-asset service providers is fundamental to ensure both their functioning and trust in the financial markets. For those reasons, the conflict of interest policies and procedures should deal with cases where the conflicts of interest could impede the ability of the members of the management body to take objective and impartial decisions in the best interests of the crypto-asset service provider and its clients.
Recital 9 Measures not limited to transparency
To ensure transparency about the measures taken to mitigate identified conflicts of interests, crypto-asset service providers should comply with the requirements to disclose conflicts of interests set out in Article 72(2) of Regulation (EU) 2023/1114. However, to ensure that conflicts of interest policies and procedures meet their objective, crypto-asset service providers should not rely on simply disclosing conflicts of interests as a way to address them. Therefore, they should comply with the requirements of disclosure, but also ensurethe identification, prevention and management of conflicts of interest.
Recital 10 Remuneration practices avoiding client detriment
The remuneration of staff involved in the provision of crypto-asset services to clients can give rise to conflicts of interest. While crypto-asset service providers are free to determine their remuneration policies in general, they should ensure that their remuneration policies and practices do not create conflicts between the interests of clients and those of the crypto-asset service provider or connected persons and do not impair the ability of connected persons to carry out their duties and responsibilities in an independent and objective manner. To ensure the efficient and consistent application of the conflicts of interest requirements in the area of remuneration, the notion of remuneration should include all forms of payment and financial or non-financial benefits provided directly or indirectly by crypto-asset service providers to persons with an impact, directly or indirectly, on crypto-asset services provided by the crypto-asset service providers or on their corporate behaviour. Remuneration policies implemented in the context of conflict of interest policies should ensure that clients are treated fairly and their interests are not impaired by the remuneration practices adopted by the crypto-asset service providers in the short, medium or long term.
Recital 11 Person responsible for management of conflicts of interest
In view of appropriate implementation, maintenance and review of conflict of interest policies and procedures, such policies and procedures should ensure that there are adequate and internally independent human resources for the management of conflicts of interest. Those human resources should also have the necessary skills, knowledge and expertise on conflicts of interest. For that reason, the person responsible for the management of conflicts of interest should be able to access and report directly to the relevant internal reporting channel in its management function and, where applicable, in its supervisory function.
Recital 14 Applicability of the GDPR
Union law on data protection, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council(2)Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1, ELI: http://data.europa.eu/eli/reg/2016/679/oj)., is applicable to the processing of personal data by crypto-asset service providers, including the information collected through their conflicts of interest policies and procedures.
Recital 15 Specifying necessary categories of personal data
In line with the principle of data minimisation as laid down in Regulation (EU) 2016/679, crypto-asset service providers should specify which categories of personal data they will process to identify, prevent and manage the conflicts of interest in their policies and procedures referred to in Article 72(1) of Regulation (EU) 2023/1114, taking into account the scale, nature and range of crypto-asset services and other activities provided or carried out by the crypto-asset service provider and the group to which it belongs.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
- providing custody and administration of crypto-assets on behalf of clients;
- operation of a trading platform for crypto-assets;
- exchange of crypto-assets for funds;
- exchange of crypto-assets for other crypto-assets;
- execution of orders for crypto-assets on behalf of clients;
- placing of crypto-assets;
- reception and transmission of orders for crypto-assets on behalf of clients;
- providing advice on crypto-assets;
- providing portfolio management on crypto-assets;
- providing transfer services for crypto-assets on behalf of clients;
- designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;
- designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;