Skip to content

AI-generated content: Responses are generated by AI, automatically assembled and may contain errors. Conformi is a research tool and does not replace legal advice or case-by-case legal review. All responses should be verified using the linked original sources.

Conformi/Knowledge Base/Financial services/MiFID II
💰For financial services

MiFID II — Directive on Markets in Financial Instruments (2014/65/EU)

Analysis from 18 April 20262 sourcesConsolidated version of 6 June 2026 (amendment 014.001)EUR-Lex Original

Are our investment services compliant with MiFID II — and what happens at the next supervisory audit if they are not?

Investment firms, banks offering investment services, and market operators face fines of up to EUR 5 million or 10 % of annual turnover if they breach MiFID II's investor-protection, product-governance, or market-structure rules — compliance and legal teams must verify ongoing adherence now.

Short Answer

MiFID II has been fully applicable since 3 January 2018 and imposes continuous obligations on any firm providing investment services or operating trading venues in the EU [Art. 1]. It requires suitability and appropriateness assessments before every client transaction [Art. 25], a documented product-governance process with target-market analysis for every instrument manufactured or distributed [Art. 16(3), Art. 24(2)], and transparent cost-and-charges disclosure aggregated into a single figure showing the cumulative effect on returns [Art. 24(4)]. The 2024 amendments (Directive 2024/2811) add new rules on issuer-sponsored research, with ESMA regulatory technical standards due by 5 December 2025 [Art. 24(3c)].

Who is affected

Investment firms authorised under MiFID II, credit institutions providing investment services or advising on structured deposits [Art. 1(3)-(4)], market operators running regulated markets, MTFs, or OTFs, and third-country firms operating through an EU branch [Art. 1(1)]. Algorithmic-trading firms and direct-electronic-access providers face additional requirements [Art. 17]. Insurance undertakings and entities dealing exclusively on own account (without market-making) are exempt [Art. 2(1)].

Deadline

MiFID II is permanently enforceable. The next material deadline is 5 December 2025, when ESMA must deliver regulatory technical standards on issuer-sponsored research codes of conduct [Art. 24(3c)]. Firms must also prepare for best-execution RTS due 29 December 2024 [Art. 27(10)]. All ongoing obligations — suitability assessments, telephone recording retention (5 years, extendable to 7), cost disclosure — apply continuously.

Risk

Competent authorities may impose administrative fines of at least EUR 5 million per infringement on natural persons and at least EUR 5 million or 10 % of total annual turnover on legal persons — whichever is higher [Art. 70(6)(f)-(g)]. Alternatively, fines may reach twice the benefit derived from the infringement [Art. 70(6)(h)]. Member States may set even higher caps [Art. 70(7)]. Beyond fines, authorities can withdraw authorisation [Art. 70(6)(c)], permanently ban individuals from management [Art. 70(6)(d)], and publish the infringer's name [Art. 70(6)(a)].

Proof

Legal status

  • In force
  • as of 2026-04-18
  • Consolidated version of 6 June 2026 (amendment 014.001)

Primary sources

What to do now

Legal / DPO

  • Review whether each investment service offered is covered by a valid authorisation and falls within the scope exemptions of [Art. 2(1)] — unauthorised services trigger automatic enforcement.
  • Verify that the inducements framework complies with [Art. 24(7)-(9)]: independent advisers must not accept third-party fees; non-independent firms must demonstrate quality enhancement and disclose all payments.
  • Assess whether the firm's whistleblowing mechanism satisfies [Art. 73] requirements including retaliation protection and anonymous reporting channels.

Compliance

  • Audit the product-governance process end to end: every manufactured instrument must have a documented target market, risk assessment, and compatible distribution strategy with regular post-sale reviews [Art. 16(3)].
  • Confirm that all suitability assessments capture the client's knowledge, experience, financial situation, ability to bear losses, risk tolerance, and investment objectives — and that a suitability statement is provided before each transaction [Art. 25(2), Art. 25(6)].
  • Ensure telephone and electronic-communication recordings of order-related conversations are retained for at least 5 years and are retrievable for competent-authority requests [Art. 16(7)].

IT / Security

  • Validate that algorithmic-trading systems have effective risk controls, pre-set volume and price thresholds, circuit breakers, and business-continuity arrangements aligned with DORA (Regulation 2022/2554) [Art. 17(1)].
  • Ensure that direct-electronic-access controls enforce per-client pre-trade credit and trading limits, with real-time monitoring to cut off non-compliant order flow [Art. 17(5)].
  • Verify that order and transaction record-keeping systems store accurate, time-sequenced data — including all algorithmic-trading and high-frequency-trading records — in a format readily available to regulators [Art. 16(6), Art. 17(2)].

Product / Engineering

  • Map every financial instrument in the product catalogue to its identified target market and confirm that distribution channels match the manufacturer's target-market assessment [Art. 24(2)].
  • Implement aggregated cost-and-charges disclosure showing the cumulative effect on return for each product, broken down by category and updated at least annually [Art. 24(4)].
  • Conduct a structured product review cycle to identify instruments that no longer serve their target market or present unforeseen risks, and escalate findings to management [Art. 16(3)].

Key Terms

Investment firm
Any legal person whose regular occupation or business is the provision of one or more investment services to third parties and/or performing investment activities on a professional basis [Art. 4(1)(1)].
Suitability assessment
Mandatory evaluation of a client's knowledge, experience, financial situation, ability to bear losses, risk tolerance, and investment objectives before providing investment advice or portfolio management [Art. 25(2)].
Best execution
Obligation on firms to take all sufficient steps to obtain the best possible result for the client in terms of price, costs, speed, likelihood of execution and settlement, size, and nature of the order [Art. 27(1)].
Regulated market
A multilateral system operated or managed by a market operator, which brings together multiple third-party buying and selling interests in financial instruments in accordance with non-discretionary rules [Art. 4(1)(21)].
Multilateral trading facility (MTF)
A multilateral system operated by an investment firm or market operator, matching multiple third-party buying and selling interests in financial instruments according to non-discretionary rules [Art. 4(1)(22)].
Organised trading facility (OTF)
A multilateral system other than a regulated market or MTF in which third-party buying and selling interests in bonds, structured finance products, emission allowances, or derivatives interact in a way that results in a contract [Art. 4(1)(23)].
Product governance
Obligation on manufacturers and distributors of financial instruments to define a target market, assess risks, ensure compatible distribution strategies, and periodically review each product [Art. 16(3)].
Algorithmic trading
Trading where a computer algorithm automatically determines individual parameters of orders such as timing, price, or quantity with limited or no human intervention [Art. 4(1)(39)].
Inducement
Any fee, commission, or non-monetary benefit paid to or by a third party in connection with an investment service; restricted or prohibited depending on the firm's advisory model [Art. 24(7)-(9)].
Tied agent
A natural or legal person who, under the full and unconditional responsibility of one investment firm, promotes investment services, receives and transmits client orders, or places financial instruments [Art. 4(1)(29)].
?

Frequently Asked Questions

Does MiFID II apply to credit institutions that offer investment services?
Yes. Credit institutions authorised under Directive 2013/36/EU (CRD) are subject to MiFID II's conduct-of-business rules, product-governance requirements, and sanctions regime whenever they provide investment services or advise on structured deposits [Art. 1(3)-(4)].
What is the difference between suitability and appropriateness under MiFID II?
Suitability applies to investment advice and portfolio management: the firm must assess the client's knowledge, experience, financial situation, loss-bearing ability, risk tolerance, and objectives [Art. 25(2)]. Appropriateness applies to other non-advisory services and only checks knowledge and experience; if the service is inappropriate, the firm must warn the client [Art. 25(3)].
When can a firm provide execution-only services without an appropriateness test?
Only for non-complex instruments — such as shares admitted to a regulated market, plain bonds without embedded derivatives, money-market instruments, UCITS, and non-complex structured deposits — and only where the service is initiated by the client. The firm must warn the client that no appropriateness assessment is carried out [Art. 25(4)].
How long must telephone and communication recordings be retained?
At least 5 years. The competent authority may request retention for up to 7 years. The recordings must cover all conversations relating to transactions concluded when dealing on own account and client orders [Art. 16(7)].
What are the product-governance obligations for distributors?
Distributors must understand the financial instruments they offer, obtain target-market information from manufacturers, ensure the distribution strategy is compatible with the identified target market, and periodically review whether products continue to be consistent with the needs of their client base [Art. 16(3), Art. 24(2)].
Does MiFID II regulate algorithmic and high-frequency trading?
Yes. Firms engaging in algorithmic trading must operate effective systems and risk controls with pre-set thresholds, prevent erroneous orders and market-abuse usage, and notify their competent authority. High-frequency traders must store accurate time-sequenced records of all orders [Art. 17(1)-(2)].
Are inducements still permitted under MiFID II?
Independent advisers and portfolio managers may not accept third-party inducements [Art. 24(7)-(8)]. Non-independent firms may accept them only if the payment enhances service quality and does not impair the duty to act in the client's best interest, and the client is clearly informed [Art. 24(9)].
3

Assessment Factors & Checklist

Premium
Start 7-day free trial
4

Questions for Your Lawyer

Premium
Start 7-day free trial
5

Conclusion & Summary

Premium
Start 7-day free trial

Detailed analysis with source links.

Schalten Sie die KI-Analyse frei — mit markierten Fundstellen und direkten Links zu EUR-Lex. 7 Tage kostenlos testen.

Start 7-day free trial

Keine Kreditkarte heute. Kündigung jederzeit.