MiFID II Articles 59 - 63
Authorisation procedures for data reporting services providers
Requirement for authorisation
1. Member States shall require that the provision of data reporting services described in Annex I, Section D as a regular occupation or business be subject to prior authorisation in accordance with this Section. Such authorisation shall be granted by the home Member State competent authority designated in accordance with Article 67.
2. By way of derogation from paragraph 1, Member States shall allow an investment firm or a market operator operating a trading venue to operate the data reporting services of an APA, a CTP and an ARM, subject to the prior verification of their compliance withthis Title. Such a service shall be included in their authorisation.
3. Member States shall register all data reporting services providers. The register shall be publicly accessible and shall contain information on the services for which the data reporting services provider is authorised. It shall be updated on a regular basis. Every authorisation shall be notified to ESMA.
ESMA shall establish a list of all data reporting services providers in the Union. The list shall contain information on the services for which the data reporting services provider is authorised and it shall be updated on a regular basis. ESMA shall publish and keep up-to-date that list on its website.
Where a competent authority has withdrawn an authorisation in accordance with Article 62, that withdrawal shall be published on the list for a period of 5 years.
4. Member States shall require data reporting services providers to provide their services under the supervision of the competent authority. Member States shall ensure that competent authorities keep under regular review the compliance of data reporting servicesproviders with this Title. They shall also ensure that competent authorities monitor that data reporting services providers comply at alltimes with the conditions for initial authorisation established under this Title.
Scope of authorisation
1. The home Member State shall ensure that the authorisation specifies the data reporting service which the data reporting servicesprovider is authorised to provide. A data reporting services provider seeking to extend its business to additional data reportingservices shall submit a request for extension of its authorisation.
2. The authorisation shall be valid for the entire Union and shall allow a data reporting services provider to provide the services, forwhich it has been authorised, throughout the Union.
Procedures for granting and refusing requests for authorisation
1. The competent authority shall not grant authorisation unless and until such time as it is fully satisfied that the applicant complieswith all requirements under the provisions adopted pursuant to this Directive.
2. The data reporting services provider shall provide all information, including a programme of operations setting out, inter alia, thetypes of services envisaged and the organisational structure, necessary to enable the competent authority to satisfy itself that thedata reporting services provider has established, at the time of initial authorisation, all the necessary arrangements to meet itsobligations under the provisions of this Title.
3. An applicant shall be informed, within six months of the submission of a complete application, whether or not authorisation hasbeen granted.
4. ESMA shall develop draft regulatory technical standards to determine:
(a) the information to be provided to the competent authorities under paragraph 2, including the programme of operations;
(b) the information included in the notifications under Article 63(3).
ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 3 July 2015.
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordancewith Articles 10 to 14 of Regulation (EU) No 1095/2010.
5. ESMA shall develop draft implementing technical standards to determine standard forms, templates and procedures for thenotification or provision of information provided for in paragraph 2 of this Article and in Article 63(4).
ESMA shall submit those draft implementing technical standards to the Commission by 3 January 2016.
Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph inaccordance with Article 15 of Regulation (EU) No 1095/2010.
Withdrawal of authorisations
The competent authority may withdraw the authorisation issued to a data reporting services provider where the provider:
(a) does not make use of the authorisation within 12 months, expressly renounces the authorisation or has provided no datareporting services for the preceding six months, unless the Member State concerned has provided for authorisation to lapse insuch cases;
(b) has obtained the authorisation by making false statements or by any other irregular means;
(c) no longer meets the conditions under which authorisation was granted;
(d) has seriously and systematically infringed the provisions of this Directive or of Regulation (EU) No 600/2014.
Requirements for the management body of a data reporting services provider
1. Member States shall require that all members of the management body of a data reporting services provider shall at all times be ofsufficiently good repute, possess sufficient knowledge, skills and experience and commit sufficient time to perform their duties. The management body shall possess adequate collective knowledge, skills and experience to be able to understand the activities ofthe data reporting services provider. Each member of the management body shall act with honesty, integrity and independence ofmind to effectively challenge the decisions of the senior management where necessary and to effectively oversee and monitormanagement decision-making where necessary.Where a market operator seeks authorisation to operate an APA, a CTP or an ARM and the members of the management body ofthe APA, the CTP or the ARM are the same as the members of the management body of the regulated market, those persons aredeemed to comply with the requirement laid down in the first subparagraph.
2. ESMA shall, by 3 January 2016, develop guidelines for the assessment of the suitability of the members of the management bodydescribed in paragraph 1, taking into account different roles and functions carried out by them and the need to avoid conflicts ofinterest between members of the management body and users of the APA, CTP or ARM.
3. Member States shall require the data reporting services provider to notify the competent authority of all members of itsmanagement body and of any changes to its membership, along with all information needed to assess whether the entity complieswith paragraph 1.
4. Member States shall ensure that the management body of a data reporting services provider defines and oversees theimplementation of the governance arrangements that ensure effective and prudent management of an organisation including thesegregation of duties in the organisation and the prevention of conflicts of interest, and in a manner that promotes the integrity of themarket and the interest of its clients.
5. The competent authority shall refuse authorisation if it is not satisfied that the person or the persons who shall effectively direct thebusiness of the data reporting services provider are of sufficiently good repute, or if there are objective and demonstrable grounds forbelieving that proposed changes to the management of the provider pose a threat to its sound and prudent management and to theadequate consideration of the interest of its clients and the integrity of the market.