NOMOX

ESMA_QA_2791

ESMA_QA_2791

Status: ✅ Answer Published

Link to ESMA Q&A tool: https://www.esma.europa.eu/publications-data/questions-answers/2791

Regulatory Context

Regulation : MIF2

Level 1 Regulation: Directive 2014/65/EU - Markets in Financial Instruments Directive (MiFID II)

Level 2 Regulation: Regulation 2017/565 - MiFID II Delegated Regulation

Level 3 Regulation: ESMA/2015/1886 - Guidelines - Assessment of knowledge and competence (MiFID)

Topic: Suitability

Subject Matter: Records / audit trail / digital workflows / use of user credentials / Record-keeping and audit trail for “under supervision” in digital/segregated advisory workflows

Question

Submission Date: 26 February 2026

I would like to request a general clarification on the interpretation of the ESMA Guidelines ESMA/2015/1886 (rev.) regarding record-keeping requirements for “under supervision” (in particular paragraphs 19, 20(c) and 20(g)).

In practice, client communication, suitability documentation and system completion are often performed in a segregated and digital manner (e.g. different staff members involved in the client interaction, documentation and approval). This raises, in particular, the following questions:

  1. Minimum requirements for records / traceability What minimum requirements arise from the Guidelines regarding records to enable the competent authority to verify that supervision actually takes place and is carried out to an appropriate extent?

  2. Objective evidence of assumption of responsibility Is the mere formal naming of a qualified person in the documentation (e.g. in the suitability statement) sufficient, or do the Guidelines expect objectively verifiable review/approval/sign-off evidence?

  3. Digital processes / segregated documentation What requirements apply in digital systems and segregated documentation workflows where client communication, suitability documentation and system completion are not carried out by the same person?

  4. Use of user credentials / role awareness How should “under supervision” be assessed under the Guidelines if user credentials of a qualified person are used for system documentation/system completion, but that person does not provide a conscious assumption of responsibility (review/approval/sign-off) or is not aware that they are intended to act as the supervisor?

ESMA Answer

Answer Date: 31-03-2026

Dear Sir,   Thank you for contacting ESMA. The selection of questions to be developed into policy Q&As is done according to a number of criteria, which include the following:

Type of stakeholder: Questions received from investors’ and regulated firms’ associations, will be prioritised over questions from individual firms. Level of public attention: Topics receiving a higher number of questions will have a higher priority. Relevance of the issue: Questions addressing matters with high market impact, important legal risks and significant cross-border effects will have a higher priority.

We would like to inform you that your suggested questions do not appear to be amongst the ones considered of higher priority, at least at this stage. This means that, in view of the number of questions received by ESMA, we are unable to provide you with any further feedback to your question, for the moment.  We thank you for your input and invite you to monitor our website where we will continue to publish further Q&As, and other forms of guidance, with the purpose of ensuring the consistent and effective day-to-day application of Union law within ESMA’s remit.  Kind regards,   ESMA

This document was automatically extracted from the ESMA EMIR Q&A database.