ESMA MiCA Knowledge and Competence Guidelines: Complete Compliance Guide

ESMA MiCA Knowledge and Competence Guidelines Overview

On July 11, 2025, the European Securities and Markets Authority (ESMA) published its Final Report on Guidelines for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA). This landmark regulatory framework establishes, for the first time, EU-wide standards for the professional qualifications and ongoing training of staff who provide information or advice about crypto-assets and crypto-asset services.

The MiCA knowledge and competence guidelines represent a critical step in professionalizing the European crypto industry. MiCA provisions for crypto-asset services entered into application on December 30, 2024, and Article 81(15)(a) mandated ESMA to issue these guidelines. Following a public consultation launched on February 17, 2025, which received 23 responses, and advice from the Securities and Markets Stakeholder Group (SMSG), ESMA finalized the framework that will reshape how crypto-asset service providers (CASPs) train, assess, and certify their client-facing staff.

For CASPs operating across the EU, understanding these guidelines is essential for compliance planning. Unlike MiFID II, which provides robust product governance and appropriateness requirements, MiCA does not offer the same level of investor protection — making the knowledge and competence of front-line staff even more critical for safeguarding retail investors. This guide breaks down every aspect of the requirements, from qualification pathways to continuous professional development standards. For broader context on EU crypto regulation, explore our analysis of the evolving European regulatory landscape.

Why MiCA Knowledge Competence Guidelines Matter

The rationale behind these guidelines stems from a convergence of market factors that create heightened risk for retail investors in crypto markets. ESMA identifies several critical observations in its background analysis that justify stringent professional standards.

Unprecedented accessibility: Crypto-assets and services are increasingly available to EU retail investors through mobile applications and websites requiring minimal technological knowledge. Low minimum investments and 24/7 trading platform operations further reduce barriers to entry, exposing more unsophisticated investors to complex financial products.

Limited investor knowledge: Despite growing awareness (the UK FCA found crypto awareness rose from 42% in 2019 to 91% in 2022), only 74% of people who had heard of crypto-assets could correctly identify their definition from a list of statements. This knowledge gap creates significant vulnerability, particularly when combined with aggressive marketing and social media influence on crypto markets.

Extreme volatility and specific risks: The total crypto market capitalization exceeded $3 trillion in November 2021 before plunging below $850 billion just 13 months later — a decline of over 70%. This extreme volatility, combined with cyber security risks, programming bugs, key storage risks, and DLT transfer risks, makes well-informed professional guidance essential.

MiCA’s limited protections compared to MiFID II: A crucial distinction highlighted by ESMA is that MiCA does not provide the product governance requirements or appropriateness test that protect investors under MiFID II. This regulatory gap makes the quality of information and advice from CASP staff even more critical as the first line of investor defense.

Staff Giving Information: MiCA Guideline 2 Requirements

Guideline 2 of the MiCA knowledge competence framework addresses staff who provide information about crypto-assets or crypto-asset services to clients — a category broader than advisory staff, covering all client-facing roles that involve directly communicating about crypto products.

ESMA establishes two primary qualification pathways for information staff, presented as examples of adequate minimum standards:

The 80 hours of professional qualification is equivalent to approximately 2 weeks of full-time study (40 hours/week). ESMA notes that professionals with pre-MiCA financial markets education likely already possess some of the required knowledge, allowing CASPs to organize top-up training for gaps in specific topics. All staff must pass an assessment — conducted either by the CASP itself or an external body — before providing information to clients.

The scope of “giving information” is carefully defined. It means directly providing information to clients about crypto-assets or services, either upon client request or at the CASP’s initiative, in the context of providing any service listed in MiCA Article 3(1)(16). Notably, the guidelines exclude employees who merely point out where clients can find information, distribute brochures without additional context, hand over information at client request without elaboration, or perform back-office functions without direct client relevance.

Staff Giving Advice: MiCA Guideline 3 Qualifications

Advisory staff face significantly higher standards under the MiCA knowledge competence guidelines, reflecting the greater responsibility and complexity of providing personalized crypto-asset recommendations. ESMA provides four qualification pathways, each designed to accommodate different professional backgrounds:

The 160-hour professional qualification option (Pathway C) attracted the most consultation feedback. Some respondents argued it was excessive, while others — and the SMSG — supported strict standards. ESMA defended the requirement, noting that “the volatility of many crypto-assets and specific additional risks compared to traditional financial markets makes even greater the need for staff having the appropriate knowledge and competence when advising clients.”

Advisory staff must understand everything required of information staff (Guideline 2, paragraph 18), plus additional topics: total costs and charges including DLT network fees, MiCA suitability requirements under Article 81, how crypto-assets may not be suitable for specific clients, portfolio management fundamentals including diversification implications, and full valuation mechanisms for advised crypto-assets. The distinction between information and advice is critical — CASPs must ensure clear role separation in staff responsibilities.

MiCA Knowledge Topics and Core Competencies

The MiCA knowledge competence framework specifies an extensive list of topics that staff must understand. These requirements reflect the unique characteristics of crypto markets and go well beyond traditional financial product knowledge.

Crypto-asset characteristics and risks: Staff must understand key features, risks, and functioning of crypto-assets made available through their CASP, including DLT fundamentals, protocol features, volatility, cybersecurity risks, key storage risks, programming risks (“bugs”), and DLT transfer risks (e.g., sending crypto-assets to an unsupported network).

DLT protocol understanding: A notable requirement is that staff must have basic understanding of specific protocols, including: consensus mechanisms and their consequences, transaction validation rules, scalability, decentralization level and governance structure, security measures against attacks and fraud, interoperability, use cases, and economic models governing supply, distribution, and validation incentives.

Market dynamics: Understanding how crypto markets function and affect pricing, including: the potential impact of investor sentiment and social media on rapid price changes, the impact of “whales” (large holders) on liquidity and volatility, differences between past performance and future scenarios, and the limits of predictive forecasting.

Regulatory and compliance knowledge: Staff must understand differences between MiCA investor protections and MiFID II protections, market abuse provisions, AML/CTF requirements, and the CASP’s internal compliance policies and procedures. ESMA removed the requirement for information staff to understand tax implications, acknowledging this was disproportionate given cross-border operations in non-harmonized tax frameworks.

Continuous Professional Development Under MiCA

The MiCA knowledge competence guidelines establish mandatory continuous professional development (CPD) requirements, recognizing the rapidly evolving nature of crypto markets and technology.

For information staff, CASPs must determine the adequate minimum CPD hours based on their specific crypto-asset offerings and services. ESMA provides an example: staff giving information on a limited range of crypto-assets of the least complex nature should complete at minimum 10 hours of CPD per year. CASPs offering more complex or diverse products should set higher standards.

For advisory staff, the minimum example is 20 hours of CPD per year (which encompasses the 10 hours applicable to information staff). This higher standard reflects the greater depth of knowledge required for providing personalized recommendations and the advisory staff’s heightened responsibility.

CPD content must ensure staff enhance their knowledge to fulfill obligations, accounting for: regulatory changes, key market developments, and newly emerging technologies including potential related risks for investors. CPD can be fulfilled through external professional education body schemes (providing recognized qualifications) or through internally arranged programs. Crucially, both options must include examination of participants’ knowledge and competence — passive attendance alone is insufficient.

Competent authorities may publish lists of approved external professional education bodies, creating a potential quality benchmark. The SMSG strongly advocated for external verification, arguing it would enhance trust and standards, though ESMA stopped short of mandating it due to limited powers and current lack of widely accepted external examination frameworks.

Organisational Requirements for Crypto-Asset Service Providers

Guideline 4 establishes the organizational framework CASPs must implement to ensure ongoing MiCA knowledge competence compliance. These requirements create a comprehensive governance structure around staff qualifications.

Role separation: CASPs must set out staff responsibilities and ensure clear distinction between roles of giving advice and giving information. This prevents scope creep where information staff inadvertently provide advisory services without adequate qualifications.

Annual assessment and review: Management bodies must, at minimum annually, assess and review the effectiveness of policies and procedures established under Articles 68(5) and 81(7) of MiCA and these guidelines, taking appropriate measures to address deficiencies. This includes reviewing staff development needs, assessing regulatory developments, and ensuring appropriate qualifications are maintained.

Supervision framework: Staff who have not yet acquired the necessary knowledge and competence may provide relevant services only under supervision, for a maximum of 4 years (unless a shorter period is set by the competent authority). Supervisors must themselves possess the required knowledge, competence, and supervisory skills. The supervisor takes responsibility for services provided by supervised staff, including signing off suitability reports for advice.

Record-keeping: CASPs must maintain records of staff knowledge and competence and submit them to competent authorities on request. This enables regulatory verification and creates an audit trail for compliance assessment. New crypto-asset or service offerings trigger mandatory specific training before staff can provide related information or advice.

Transitional Provisions for Existing Crypto Staff

The guidelines include important transitional provisions for staff already working in the crypto industry before the guidelines take effect. Understanding these provisions is critical for CASPs planning their compliance timeline.

For existing information staff: Staff members who have been successfully giving information about crypto-assets or services on a full-time equivalent basis for at least 1 year before the guidelines’ application date may be considered as having the necessary knowledge and competence. This applies whether the experience was gained under supervision or without, and includes experience under pre-MiCA national regulatory frameworks (e.g., as staff of virtual asset service providers/VASPs).

For existing advisory staff: The same principle applies — 1 year of full-time equivalent experience providing advice on crypto-assets before the application date creates a presumption of adequate knowledge. However, ESMA emphasizes this must be demonstrated, though flexibility is provided in how (e.g., annual appraisals, internal exams, external exams).

The SMSG advocated for stricter transitional measures, proposing that existing staff should be required to obtain the full professional qualification (80 or 160 hours) within six months. ESMA rejected this as “too disruptive” and noted the absence of widely accepted external exams. Instead, ESMA combines the transitional provisions with CPD requirements to ensure existing staff gradually attain and maintain the required standards.

Regarding automated or semi-automated advice and information, the guidelines clarify that full requirements apply to staff who define the content of automated advice/information. Staff who only set delivery parameters need sufficient knowledge to ensure clients receive adequate information — but the full guidelines may not apply to purely technical staff who don’t define content. For more on navigating AI governance in financial services, see our NIST AI Risk Framework analysis.

Cost-Benefit Analysis and Industry Impact

ESMA’s cost-benefit analysis provides valuable insight into the expected economic impact of the MiCA knowledge competence guidelines across the ecosystem.

Costs for CASPs include one-off implementation costs (organizational arrangements, HR, initial training of new and existing staff) and ongoing costs (CPD measures, annual knowledge reviews). However, ESMA argues these costs are lower than the potential costs of improper conduct, including fines, penalties, legal expenses, and reputational damage from mis-selling.

Costs for competent authorities are characterized as “limited” — primarily ongoing supervision costs during implementation and verification of CASP compliance. Some authorities may need to slightly extend resources dedicated to MiCA supervision.

Benefits are substantial: For CASPs, the guidelines should increase service quality, reduce mis-selling risk and associated financial consequences, create investor confidence in the crypto market, and improve operational efficiency. For competent authorities, the guidelines enhance supervisory convergence, eliminate fragmentation, and promote fair competition regardless of home Member State. For clients, the direct benefits include higher-quality information and advice, enhanced protection, and reduced risk of investor detriment.

ESMA considered two policy options: Option 1a (criteria guidance without minimum standards) and Option 1b (criteria with minimum standards). Option 1b was chosen as more effective for ensuring adequate investor protection, especially given crypto-assets’ extreme volatility and MiCA’s relatively limited investor protections compared to traditional financial services frameworks.

Implementation Timeline and Next Steps for CASPs

The implementation timeline for the MiCA knowledge competence guidelines follows a structured rollout that gives CASPs a reasonable preparation window.

Publication and translation: Following the July 11, 2025 publication of the Final Report, the guidelines (Annex III) will be translated into all official EU languages and published on the ESMA website. This triggers the compliance notification period.

NCA notification period (2 months): National competent authorities have 2 months from translation publication to notify ESMA whether they comply, intend to comply, or do not comply with the guidelines. CASPs are not required to report their own compliance status.

Application date (6 months after translation publication): The guidelines apply from 6 months after translation publication — an extension from the originally proposed 2 months, reflecting ESMA’s acknowledgment of implementation challenges. This gives CASPs approximately 6-8 months from today to build and implement compliant training programs.

Action Items for CASPs

1. Audit existing staff: Map all client-facing roles against the information/advice distinction and assess current knowledge levels against Guideline 2 and 3 requirements.
2. Design training programs: Develop or procure 80-hour (information) and 160-hour (advice) qualification programs covering all required topics, especially DLT protocol understanding and crypto-specific risks.
3. Build assessment frameworks: Create internal assessment mechanisms or partner with external bodies to verify staff knowledge and competence before they begin providing services.
4. Establish CPD programs: Set up annual continuous professional development frameworks meeting the 10-hour (information) and 20-hour (advice) minimums with examination components.
5. Document transitional staff: Identify existing staff eligible for transitional provisions and prepare demonstration materials for their grandfathered status.
6. Implement record-keeping: Establish systems to maintain knowledge and competence records that can be submitted to competent authorities on request.
7. Review role assignments: Ensure clear organizational distinction between information and advisory roles, with appropriate supervision structures for staff still in training.