Skip to main content
Version date: 10 October 2016 - onwards

Question 1 Encryption [Last update: 10 October 2016]

Art. 16(6) of MiFID II Art. 16(7) of MiFID II Art. 72 of the MiFID II Delegated Regulation

How should firms prepare copies of records that have been encrypted and which have been requested by clients, competent authorities or other competent third parties?

Answer 1

For records that are captured by the requirements under Article 16(6) and 16(7) of MiFID II, ESMA expects firms to have the organisational and administrative capabilities to convert any encrypted data into an unencrypted format.

ESMA expects firms to deliver or make available copies of these records in an unencrypted and easily analysable format, or provide the means that such data can be unencrypted when requested by the client, competent authority or other competent third party.