Skip to content

MAR & MiFID II: What You Need to Stay Compliant & Prevent Insider Trading

Post Picture

In November 2021, the European Securities and Markets Authority (ESMA) released its report on the sanctions imposed for market abuse in 2020. National competent authorities (NCAs) and other authorities charged a total of €17.5 million in fines during that calendar year, relating to 541 administrative and criminal actions. In order to counter this abuse and to increase trust in the capital markets, the European Union has implemented two major pieces of legislation in recent years. MAR and MiFID II – the Market Abuse Regulation and the Markets in Financial Instruments Directive II, respectively – are at the forefront of the bloc’s fight against financial crime.  

Both documents require organisations to make great efforts to remain compliant. In order to prevent conflicts of interest and insider dealing, there are procedures set out in MAR and MiFID II that you must abide by. You should ensure that the information is distributed throughout the organisation so all employees understand the requirements and their obligations relating to compliance.  

This article explains what effect both MAR and MiFID II have had on the financial industry and the steps the compliance function must take to keep the organisation on the right side of the law. 


1. What is the Market Abuse Regulation?

The Market Abuse Regulation (596/2014/EU) (MAR) came into force on July 3, 2016. Its scope includes any financial instrument traded on a regulated market, a multilateral trading facility (MTF) or an organised trading facility (OFT), and any other conduct or action that can have an effect on such a financial instrument, irrespective of whether it takes place on a trading venue.

It seeks to prevent:



Unlawful disclosure of inside information Passing on inside information in any situation other than in the course of regular professional duties. 
Market manipulation Artificially inflating or deflating the price of a financial instrument by misleading the market. This can involve colluding to fix prices, knowingly distributing misleading information, placing orders to give a false impression of the supply or demand of a product, or any similar activity. 
Insider trading The use of specific, non-public information that, if made public, would significantly affect the price of a financial instrument, in order to gain a financial advantage when executing trades. This also applies to cancelling trades once in possession of inside information. 

2. What is the Markets in Financial Instruments Directive II?

The Markets in Financial Instruments Directive II (2014/65/EU) (MiFID II) came into effect on January 3, 2018. It was published at the same time as the Markets in Financial Instruments Regulation (MiFIR), although they are often collectively referred to as MiFID II.  

It applies to EU investment firms and it aims to:  

  • Harmonise market regulation across the EU
  • Make investor protection more robust
  • Strengthen powers to supervise activity on the markets
  • Increase the key requirements for transaction reporting, including both on the sell-side and on the buy-side.  

3. The effect of MAR and MiFID II

Both MAR and MiFID II have added a number of requirements that the compliance function must deal with in order to shore up market integrity and restore faith in the financial markets following events such as the financial crisis of the late 2000s. Organisations must retain details of records and communications relating to a broad range of practices. This is to aid NCAs in monitoring compliance relating to spotting suspicious activity, investor protection and market transparency, and is achieved through: 

  • More wide-ranging record-keeping
  • The ability to accurately reconstruct events through retention of telephone calls and electronic conversations
  • A comprehensive supervision plan for market abuse monitoring 

Organisations have had to put in place new procedures, such as creating insider lists as soon as information is classified as inside information.  

Keep reading to find out the major requirements of MAR and MiFID II for affected organisations.  

4. Requirements under MAR and MiFID II

4.1 Extended record-keeping 

MiFID II Article 16(6) states: 

“An investment firm shall arrange for records to be kept of all services, activities and transactions undertaken by it which shall be sufficient to enable the competent authority to fulfil its supervisory tasks and to perform the enforcement actions under this Directive.” 

This is so you can prevent suspicious activity from developing into illegality. 

Article 17(7) states that this includes records of telephone calls and electronic messages relating to transactions made, or that were intended to be made, by employees on either their own account or on behalf of a client. You should also keep records of face-to-face meetings.  

Financial institutions should either supply the equipment needed for employees to make and record these conversations or the business should approve the use of the employee’s own equipment.

You should keep all records on a durable medium. They should also feature unaltered data, meaning you should make use of ‘write once, read many’ storage, referred to as WORM storage. Records must be in a searchable medium that ensures they are accessible and readily available upon request.

4.2 Ability to reconstruct events

Trade reconstitution is a key element of MiFID II’s record-keeping rules, requiring investment firms to be able to reconstruct the entire lifecycle of a trade using the electronic and other records kept on file. As such, they must be stored in a manner that allows the NCA to access them and place the constituent parts into an order that shows the stages of the deal and how it occurred.  

This can prove challenging for businesses that must sort through both structured and unstructured data across multiple data types and formats. The process can take a long time and is resource-intensive. However, it is necessary as proof that you are monitoring for crimes such as market abuse.  

4.3 Voice compliance

There have been challenges in recent years in maintaining accurate, good quality voice recordings to document pre-trade, trade and post-trade conversations. According to ESMA, “firms are required to establish, implement and maintain an effective recording of telephone conversations and electronic communications policy.” 

This policy includes a requirement to retain the data for five years, prevent unauthorised deletion of recordings, inform clients that conversations will be recorded and put policies in place for when devices are lost or stolen or when employees leave the business. 

Using a recording system for calls made from the office, with appropriate storage compliant with the MiFID II requirements, can be reasonably straightforward. 

Initially, many investment firms banned the use of personal devices for trading conversations in order to ensure all such interactions were recorded appropriately using the firm’s own equipment. However, the COVID-19 pandemic led to more remote working and increased use of personal devices to make voice calls for both personal transactions and client trades.  

ESMA confirmed in March 2020 that, although the policy remained that “a firm shall take all reasonable steps to prevent a relevant person from making, sending or receiving relevant telephone conversations and electronic communications on devices which the firm is unable to record or copy”, there may be times when recording conversations may not be practicable. 

In these cases, ESMA asked firms to look at viable alternatives, such as taking detailed minutes of conversations. These actions must be subject to advanced monitoring. 

The authority is adamant that these measures should be temporary and only taken when absolutely necessary.

4.4 Longer retention periods

Here are the retention periods for records for an investment firm, according to the Markets in Financial Instruments Directive II:

Record Retention Period
Orders and transactions Minimum of five years
Communications (electronic, telephone recordings and minutes of face-to-face meetings or unrecorded telephone calls) Minimum of five years, maximum of seven years at the request of the NCA
General client records Minimum of five years, maximum of seven years

4.5 Market abuse monitoring

In its technical standards, ESMA confirms that “the firm shall periodically monitor the records of transactions and orders subject to these requirements including relevant conversations, to monitor compliance with the regulatory requirements. Such monitoring shall be risk based and proportionate.” 

This monitoring should be vigilant for any recommendations that might contravene the prohibition on unlawful disclosure of inside information relating to financial instruments from the Market Abuse Regulation. It should also be alert for communications that display an intent to commit market abuse or other suspicious activity.  

It is particularly challenging to monitor recommendations, as an employee dealing with clients may make many of them daily in the course of their work. It is difficult to pin down the full details of every single recommendation in order to root out those that could be non-compliant. 

Market abuse surveillance systems require a lot of resources but are essential for compliance with the legislation.  

4.6 Disclosure of inside information

Under the market abuse regime, it is the duty of an issuer to make public all inside information as soon as possible. MAR defines inside information as “information of a precise nature, which has not been made public, relating, directly or indirectly, to one or more issuers or to one or more financial instruments, and which, if it were made public, would be likely to have a significant effect on the prices of those financial instruments or on the price of related derivative financial instruments”. 

As soon as this information arises, you should make it public in “a manner which enables fast access and complete, correct and timely assessment of the information by the public.” This means:  

  • Sending out a press release to organisations that are likely to be able to distribute the information widely to a relevant audience across the EU. This is generally the financial press and trade press from your sector. 
  • Publishing the information on your company website.
  • Informing the financial market authorities relating to the trading venues.  

However, there are some conditions under which it is allowable to delay disclosure. These are: 

  • When disclosing immediately would harm the interests of the issuer
  • When it is unlikely the delay would mislead the public
  • When the issuer can guarantee it remains confidential 

In these situations, market participants must document their decision to delay disclosure, which should include: 

  • When the inside information on the financial instrument came into being
  • The date and time you decided to delay disclosure
  • The date and time you expect to disclose the information to the public
  • Name of the person or persons responsible for the decision to delay disclosure
  • Details of how you fulfil the requirements for deferring disclosure.

4.7 Insider lists

Under Article 18 of MAR, companies must compile an event-based insider list for each piece of inside information that arises.  

The list should feature details of the information, when it became inside information and why you delayed disclosure. You should add details of all people with access to that information, when they gained access to it and, if applicable, when they no longer had access to it. You should also keep this up to date as and when there are changes to any element of it.  

When adding insiders, you must notify them and confirm they understand their obligations not to use the information to inform a trade of any kind or to unlawfully disclose it. 

You must provide the list to the NCA if requested and store it for five years in case of any subsequent investigation.  

5. FAQs

5.1 What is insider trading?

Insider trading is the use of specific, non-public information that would affect the price of a financial instrument to inform the purchase, sale or cancellation of an order for that financial instrument. These market abuse offences are detrimental to capital markets and the financial services industry, and can cause financial penalties and reputational damage to firms. 

5.2 How do you monitor insider trading?

As part of your market abuse regime, you can monitor insider trading by accessing the recorded conversations between employees and clients to flag any suspicious transactions. In addition, employee trade monitoring is possible through implementing pre-clearance approval into your trading policy for personal transactions, using employee trade monitoring software like TradeLog

5.3 Which types of organisations are affected by the Markets in Financial Instruments Directive II?

MiFID II affects financial institutions within the European Union, as well as those financial firms based elsewhere who operate within the EU.  

6. Conclusion

The Market Abuse Regulation and Markets in Financial Instruments Directive II are intended to make the financial industry a fairer and more transparent place where financial crime is prevented, and those ambitions are to be applauded. However, as the industry is all-encompassing and generates massive amounts of data every day, it means that regulatory compliance with the requirements set by both pieces of legislation is a major task for any business. From creating and maintaining insider lists to ensuring all relevant conversations are recorded and stored in the correct manner, there are huge administrative challenges to overcome in increasing market integrity. 

This is why it’s a good idea to explore digital solutions to automate your processes. InsiderLog is insider list management software that helps you create insider lists in a secure online environment, sending automated reminders to insiders in order to show you have taken all reasonable steps to comply. Request a demo for your business today. 

7. References and further reading

Share this post

Article Summary

Subscribe to our newsletter

Stay up to date with the latest news and products


Sign up for our newsletter

Stay up to date with the latest news and products

You have successfully subscribed!

This is your official confirmation. Thank you for joining ComplyLog Newsletter. While you wait for the next issue of ComplyLog, check out the latest articles and references.

Related articles

Post Picture

Market Abuse Regulation (MAR) Explained

The Market Abuse Regulation, introduced in 2016, aims to protect investors by increasing transparency in the financial markets and quelling market...
Read More
Post Picture

The 7 Behaviours That Qualify As Market Abuse

Even with a solid understanding of the Market Abuse Regulation (MAR), it may still be difficult to understand what is considered market abuse. That’s...
Read More
Post Picture

4 Reasons You Need A Market Abuse Policy (And How To Create One)

Organisations around the European Union are increasingly aware of the need to strengthen their internal policies to ensure compliance with a range of...
Read More
Post Picture

5 Ways To Enable Market Abuse Monitoring And Reduce Risk

The Market Abuse Regulation (MAR) is a key piece of legislation for the financial sector in the European Union. It came into force in July 2016 in...
Read More
All articles