(fra kommisjonsforordningen) 

(1) Requirements for the arrangements, procedures and systems that persons professionally arranging or executing transactions in crypto-assets are to have in place for the reporting of orders, transactions and other aspects of the functioning of distributed ledger technology (DLT), including the consensus mechanism, where there might exist circumstances indicating that market abuse has been committed, is being committed or is likely to be committed are necessary. Such requirements are critical and should assist in the prevention and detection of market abuse. Those requirements should also assist in ensuring that reports concerning reasonable suspicions on orders, transactions and other aspects of the functioning of distributed ledger technology (STOR) submitted to competent authorities are meaningful, comprehensive, and useful. 

(2) To ensure that prevention and detection of market abuse is effective, appropriate systems should be in place to monitor orders, transactions and other aspects of functioning of the DLT, in accordance with the scale, size and nature of the business activity of the person professionally arranging or executing transactions. Such systems should provide for human analysis carried out by appropriately trained staff based on objective information at the disposal of the reporting entity. The entity should collect additional personal data, only to ensure appropriate human analysis. To allow for further analysis of potential insider dealing or market manipulation or attempted insider dealing or market manipulation, the systems for monitoring market abuse should be capable of producing alerts in line with specified parameters. The access to such alerts should be recorded to ensure that they are only used for detecting market abuse. The whole process is likely to require some level of automation. 

(3) To analyse whether the arrangements, systems and procedures to prevent and detect market abuse are appropriate, it is necessary to assess the impact that the person that professionally arranges or executes transactions may have on the market. As part of that assessment, such persons should assess whether they have a significant or dominant position in any crypto-asset market asset segment in which case those arrangements, systems and procedures should be proportionate to their position. 

(4) The prevention and detection of market abuse requires an ongoing monitoring of all orders and transactions arranged or executed by persons that professionally arrange or execute transactions, irrespective of whether those orders and transactions are executed on the distributed ledger (‘on-chain’) or outside the distributed ledger (‘offchain’), including transfers of crypto assets to or from accounts of clients of the same crypto-asset service provider. 

(5) To facilitate and promote a consistent approach and practices across the Union in relation to the prevention, detection and sanctioning of market abuse, it is necessary to lay down detailed provisions harmonising the content of, the template for and the timing of the reporting of suspicious orders and transactions and other aspects of the functioning of DLT. 

(6) To share resources, to centrally develop and maintain monitoring systems, and to build expertise in the context of monitoring suspicious orders and transactions, persons that professionally arrange or execute transactions in crypto-assets should be able to delegate the prevention and detection of such orders, transactions and other aspects of the functioning of DLT within a group, or to delegate the data analysis and the generation of alerts, subject to appropriate conditions. Such delegation should neither prevent the competent authorities from assessing at any time, whether the arrangements, systems and procedures of the person to whom the functions are delegated are effectively in line with the obligation to prevent and detect market abuse. The obligation to report and the responsibility to comply with this Regulation and with Article 92 of Regulation (EU) No 2023/1114 should remain with the delegating person. 

(7) Crypto asset service providers operating a trading platform should have appropriate trading rules that contribute to the prevention of market abuse. Those entities should also have facilities to replay the order book in order to analyse the trading activity. A single and harmonised template for electronically submitting a suspicious transaction and order report (“STOR”) should facilitate the efficient sharing of information on suspicious orders and transactions between competent authorities in cross-border investigations. 

(8) The information fields in such a STOR template, where completed clearly, comprehensively, objectively and accurately, should assist the competent authorities to promptly assess such suspicious orders and transactions and take the necessary action. Such STOR template should therefore enable the persons submitting the STOR to provide the information that competent authorities consider relevant about suspicious orders, transactions or other aspects of the functioning of the distributed ledger technology reported and to explain the reasons for the suspicion. The STOR template should also enable the persons submitting the STOR to provide personal data that would make it possible to identify the persons involved in the suspicious activity and assist the competent authorities in their investigations. Such information should be provided at the outset, so that the integrity of the investigation is not compromised by the potential necessity for a competent authority to revert during an investigation to the person who submitted the STOR. Any processing of personal data under this Regulation should be carried out in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The data minimisation principle in particular should be complied with where personal data are collected to ensure compliance with this Regulation. 

(9) To facilitate the submission of a STOR, the template should allow for the attachment of documents and materials that are necessary to support the notification made, including in the form of an annex that lists the suspicious orders or transactions and detailing their prices and volumes. In addition, the STOR template should allow for the reporting of suspicious behaviours connected to the functioning of the DLT. 

(10) Persons professionally arranging or executing transactions in crypto-assets should not notify all orders received or transactions conducted that have triggered an internal alert. Such a requirement would be inconsistent with the requirement to assess on a case-by-case basis whether there are reasonable grounds for suspicion. 

(11) The analysis of orders, transactions or other aspects of the functioning of the DLT should factor in not only the internal information of the person professionally arranging or executing transactions in crypto-assets, but all the information publicly available, including information about transactions embedded in a public ledger system. 

(12) The STORs should be submitted to the competent authority without delay once a reasonable suspicion about the existence of market abuse has been formed. The analysis as to whether a given order or transaction is to be considered suspicious should be based on facts, not speculation or presumption and should be carried out as quickly as practicably possible. Delaying the submission of a report to incorporate further suspicious orders, transactions or other aspects of the functioning of the DLT or accumulating several STORs would be irreconcilable with the obligation to act without delay, where a reasonable suspicion has already been formed. In any case, persons professionally arranging or executing transactions in crypto-assets should assess on a case-by-case basis whether several orders, transactions or other aspects of the functioning of the DLT could be reported in a single STOR. 

(13) There might be circumstances where a reasonable suspicion of market abuse is formed after the suspected activity occurred, due to subsequent events or available information. That should not be a reason for not reporting the suspected activity to the competent authority. To demonstrate compliance with the reporting requirements in those specific circumstances, the person submitting the STOR should be able to justify the time discrepancy between the occurrence of the suspected activity and the formation of the reasonable suspicion of market abuse having been committed, being committed or likely to be committed. 

(14) To assist persons professionally arranging or executing transactions in crypto-assets in exercising their judgement when considering subsequent suspicious orders or transactions, they should be able to recall and review the analysis of STORs which have been submitted, and of those suspicious orders, transactions and behaviours connected to the functioning of the DLT which were analysed, but in relation to which the competent authority concerned concluded that the grounds for suspicion were not reasonable. 

(15) To prevent market abuse to the maximum extent possible, persons professionally arranging or executing transactions in crypto-assets should be able to refine their surveillance systems and to detect patterns of repeated behaviour, the aggregate of which could, considered as a whole, result in a reasonable suspicion of market abuse. Those persons should therefore be required to analyse suspicious orders, transactions, behaviours and other aspects connected to the functioning of the distributed ledger technology which did not lead to a STOR and record such analyses. Such records should also assist such persons in evidencing compliance with Article 92 of Regulation (EU) 2023/1114 and should facilitate the performance by competent authorities of their supervisory, investigatory and enforcement functions under Article 92 of Regulation (EU) 2023/1114. 

(16) Considering that markets in crypto-assets are inherently cross-border, it is necessary to specify coordination procedures between the competent authorities for the detection and sanctioning of market abuse in case of cross-border market abuse situations. Such coordination procedures should ensure that there are no conflicting investigations or enforcement activities. In that context, cross border market abuse situations should include cases in which suspicious transactions are carried out in a Member State concerning a crypto-asset that is admitted to trading in another Member State and cases in which the crypto-asset service provider concerned is operating in more than one Member State. 

(17) It is necessary to lay down provisions for the transmission of STORs among competent authorities. Such requirements are critical, in the absence of a transaction reporting regime, to ensure efficient market supervision and enforcement while preventing the transmission of a massive flow of information that would not be useful for the receiving authority. 

(18) This Regulation is based on the draft regulatory technical standards submitted by the European Securities and Markets Authority to the Commission (‘ESMA’). 

(19) ESMA has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the advice of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and the Council, 

(20) The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 and delivered their opinion on 22 January 2025.