RTS on record keeping

To ensure that competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; can properly supervise services provided by crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;, it is necessary that crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; keep a record of the policy arrangements and procedures put in place to comply with Regulation (EU) 2023/1114.

Market abuse, including market manipulation, may be carried out through various means, including through algorithmic trading. Therefore, in order to ensure effective market surveillance, where investment decisions are made by a person other than the clientmeans any natural or legal person to whom a crypto-asset service provider provides crypto-asset services; or by a computer algorithm, that person or algorithm should be identified in the order and transactionmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; records using unique, robust and consistent identifiers. For the same reasons, it is important to lay down that where more than one person in a crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; makes the investment decision, the person with primary responsibility for the decision is to be identified in the record.

To ensure unique, consistent and robust identification of natural persons in order and transactionmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; records, those natural persons should be identified by a concatenation of the country of their nationality followed by identifiers assigned by the country of nationality of those persons. Where those identifiers are not available, natural persons should be identified by identifiers created from a concatenation of their date of birth and name.

It is necessary that certain personal datameans personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; are recorded by crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; to identify their clientsmeans any natural or legal person to whom a crypto-asset service provider provides crypto-asset services; or other natural persons relevant for orders or transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; in crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;, as these data are fundamental to ensure efficient supervision by competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;, including in the area of market abuse. For all instances of identifying natural persons, this is to be done by following the level of prioritization of the different identifiers detailed in Annex II of Commission Delegated Regulation (EU) 2017/590(⁴)Commission Delegated Regulation (EU) 2017/590 of 28 July 2016 supplementing Regulation (EU) No 600/2014 of the European Parliament and of the Council with regard to regulatory technical standards for the reporting of transactions to competent authorities (OJ L 87, 31.3.2017, p. 449, ELI: http://data.europa.eu/eli/reg_del/2017/590/oj)..

It is possible that natural persons who need to be identified for recordkeeping purposes are residents of a country other than the one of their nationality. The country of residence of natural persons can affect several obligations under Regulation (EU) 2023/1114, and is therefore an important data element for ensuring effective supervision by competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;. Whenever their country of residence is different from that person’s nationality, this should be indicated by providing the country code of the country of residence of that natural person.

To facilitate market surveillance and to allow for the comparability of the records to be kept by crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;, clientsmeans any natural or legal person to whom a crypto-asset service provider provides crypto-asset services; of crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; that are legal entities should be identified with a code that is compatible with the internationally established criteria for the development of robust identification systems for the monitoring of financial markets. Such code should be unique, neutral, reliable, open source, scalable, accessible, available for free or at a reasonable cost, and subject to an appropriate governance framework. These criteria were also used by the competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; for assessing the most appropriate identifiers in previous technical standards on supervisory data(⁵)Commission Implementing Regulation (EU) 2019/363 of 13 December 2018 laying down implementing technical standards with regard to the format and frequency of reports on the details of securities financing transactions (SFTs) to trade repositories in accordance with Regulation (EU) 2015/2365 of the European Parliament and of the Council and amending Commission Implementing Regulation (EU) No 1247/2012 with regard to the use of reporting codes in the reporting of derivative contracts (OJ L 81, 22.3.2019, p. 85, ELI: http://data.europa.eu/eli/reg_impl/2019/363/oj).(⁶)Commission Implementing Regulation (EU) No 1247/2012 of 19 December 2012 laying down implementing technical standards with regard to the format and frequency of trade reports to trade repositories according to Regulation (EU) No 648/2012 of the European Parliament and of the Council on OTC derivatives, central counterparties and trade repositories (OJ L 352, 21.12.2012, p. 20, ELI: http://data.europa.eu/eli/reg_impl/2012/1247/oj)., to ensure consistency and comparability of data on financial transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114;, and therefore should also be applicable in the context of this Regulation.

LEI is a widely recognised, financially and operationally accessible international identifier used in financial markets. LEI is an international identifier that ensures access to the underlying data at all times, allowing for comparability and aggregation of information at Union level, improving the quality and timeliness of aggregated data and reducing the reporting burden for crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;. Therefore, crypto-asset services providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should, where available, record the LEI of clientsmeans any natural or legal person to whom a crypto-asset service provider provides crypto-asset services; that are legal persons on whose behalf they carry out orders and execute transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114;. However, there are other legal entity identifiers that may be appropriate for use in the context of this Regulation. Directive (EU) 2017/1132 of the European Parliament and of the Council(⁷)Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating to certain aspects of company law (OJ L 169, 30.6.2017, p. 46, ELI: http://data.europa.eu/eli/dir/2017/1132/oj). requires companies subject to that Directive to have a European Unique identifier (‘EUID’), which unequivocally identifies companies and as such is an appropriate tool for the identification of entities in the EU. Within a period of 18 months after the entry into force of this Regulation, the Commission and ESMA will work closely to facilitate the use of EUID as a tool to identify clientsmeans any natural or legal person to whom a crypto-asset service provider provides crypto-asset services; that are legal entities for the purpose of this Regulation. Following the completion of this work, the Commission should assess the readiness to use EUID for the purposes of Article 14. Additionally, to ensure openness to other identifiers which may be fit for supervisory purposes and support the integrity of the market, this Regulation sets out criteria that should be met by those alternative identifiers. To enable the market to use such eligible alternative identifiers, ESMA should approve their use where they meet the criteria set out in this Regulation.

A unique method for the identification and classification of parties compliant with the above-mentioned criteria and instruments that follow these principles directly supports efforts to achieve data-driven market monitoring by competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;.

Manual or algorithmic abusive behaviours can also occur when a crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; determines the trading platform for crypto-assetmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; to access or the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; to which the orders are to be transmitted or any other conditions related to the execution of the order. Therefore, to ensure effective market surveillance, a person or computer algorithm within the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; performing such activities should be identified in the order and transactionmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; records. For the same reasons, where both a person and computer algorithm are involved, or more than one person or algorithm is involved, the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should determine, on a consistent basis following predetermined criteria, which person or algorithm is primarily responsible for those activities.

To ensure that competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; have access to information that is relevant, accurate and complete, the details relating to the order to be transmitted between crypto asset service providers should be specified.

Given the cross-border nature of crypto assets trading, in order to avoid data gaps where a crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; transmits orders or executes transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; via an entity to which Regulation (EU) 2023/1114 does not apply, the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should record the transmission of those orders or the execution of those transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; as if it had transmitted those orders or executed those transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; itself. Such information may be of particular importance for the performance of adequate market monitoring and market abuse supervision by the competent authoritymeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;.

To properly monitor the integrity and stability of the markets in crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;, competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; need reliable, consistent and standardised information on the crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; that are traded. Such information should enable them to identify the individual crypto-assetmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; being traded according to internationally established principles. In addition, competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; should be able to retrieve the main characteristics of the crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; traded, including their technology-specific features. Crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should therefore use an internationally agreed digital token identifier to identify crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; in the order and transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; records that they provide to competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;. The Digital Token Identifier (DTI) managed by the Digital Token Identifier Foundation is an internationally agreed identifier that guarantees reliable, consistent, standardised and available information and allows for comparability and aggregation of information at the level of the European Union, improving the quality and timeliness of aggregated data and reducing the reporting burden for crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;. Therefore, crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should be able to use the DTI to identify crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;. However, to ensure openness to other token identifiers which may be fit for supervisory purposes and support the integrity of the market, it is necessary to lay down criteria that should be met by those alternative identifiers. To enable the market to use eligible alternative identifiers, ESMA should approve their use where they meet the criteria set out in this Regulation.

To be able to properly monitor the integrity and stability of the markets in crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;, competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; need reliable, consistent and standardised information on the crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; that are traded. Such information should enable them to classify the individual crypto-assetmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; being traded according to internationally established principles. Such classification should also enable authorities to connect data on white papers with data on transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; and orders in the same crypto asset. The ISO code for the Classification of Financial Instrumentsmeans financial instruments as defined in Article 4(1), point (15), of Directive 2014/65/EU; (CFI) is an international standard used for classifying financial instrumentsmeans financial instruments as defined in Article 4(1), point (15), of Directive 2014/65/EU;. However, crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; that are not financial instrumentsmeans financial instruments as defined in Article 4(1), point (15), of Directive 2014/65/EU; cannot currently be described using the CFI code. The ISO CFI is being revised to accommodate the classification of crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;, but this revision will not be finalized before the application of this Regulation. Therefore, until such revision is completed, an interim classification indicating the type of crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; (crypto-assetsmeans a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology; other than asset-referenced tokensmeans a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies; and e-money tokens, asset-referenced tokensmeans a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies;, and e-money tokens) should be used.

To ensure efficient and effective market monitoring by competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;, transactionmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; records should reflect whether the transactionmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114; was executed wholly or partly through a branch of the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; located in another Member State or in a third country. The inclusion of data detailing the activity of each branch in the records kept by the crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;, should not lead to a disproportionate administrative burden for the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;, but would enable competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; to supervise the services provided by crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; more efficiently and to enhance the visibility on how those services are provided within the different Member States.

In line with the principle of data minimisation, crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; should only keep information that is necessary and sufficient to enable competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; to carry out a comprehensive assessment of the crypto-asset service providermeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;’s compliance with the relevant requirements of Regulation (EU) 2023/1114 and with that Regulation’s provisions on market abuse. When processing personal datameans personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; included in the records, crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; and competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; should comply with the relevant provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council(⁸)Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1, ELI: http://data.europa.eu/eli/reg/2016/679/oj)..

In order to ensure certain and efficient identification of crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; responsible for executing orders or transactionsmeans the conclusion of an acquisition or disposal of crypto-assets other than the crypto-assets referred to in Article 2(3) and (4) of Regulation (EU) 2023/1114;, those providers should ensure that they are identified in the records maintained pursuant to their record-keeping obligations using validated, issued, and duly renewed legal entity identifiers (LEIs). Pursuant to Article 62 in Regulation (EU) 2023/1114, crypto-asset service providersmeans a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59; are required to obtain a legal entity identifier in order to be authorised. Furthermore, to enable the competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; to fulfil their supervisory tasks and take enforcement measures in accordance with Article 68(10) of Regulation (EU) 2023/1114, such identifier should be verified, up-to-date and included in the records to be maintained in accordance with this Regulation.

The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council(⁹)Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39, ELI: http://data.europa.eu/eli/reg/2018/1725/oj). and delivered an opinion on 28 August 2024.

This Regulation is based on the draft regulatory technical standards submitted to the Commission by the European Securities and Markets Authority (‘ESMA’).

ESMA has conducted open public consultations on the draft regulatory technical standards upon which this Regulation is based, analysed the potential related costs and benefits and requested the advice of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council(¹⁰)Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84, ELI: http://data.europa.eu/eli/reg/2010/1095/oj).,