Author: Galyna Podoprikhina, WH Partners

On 28 January 2026, ESMA issued its Guidelines on the assessment of knowledge and competence under MiCA. For crypto-asset service providers (“CASPs”) and applicants currently preparing their authorisation files, this is not background guidance; it is an operational requirement that will shape staffing models, HR frameworks and supervisory engagement.

The Guidelines apply from six months after the date of their publication on ESMA’s website, in all official EU languages, and target staff providing information or advice on crypto-assets or crypto-asset services. The distinction between these two functions is central and consequential.

A Clear Hierarchy: Information vs Advice

ESMA formally establishes that staff providing advice must meet a higher standard of knowledge and competence than those providing information.

For CASPs, this means role definitions must be precise. Blurred lines between “informational support” and “advisory interaction” will not withstand supervisory scrutiny. Internal job descriptions, onboarding processes and compliance manuals should already reflect this distinction.

What “Knowledge” Actually Means

The Guidelines go beyond generic crypto familiarity. Staff giving information must understand:

  • DLT functionality and protocol mechanics
  • Consensus mechanisms and transaction validation
  • Scalability and governance structures
  • Token economics (supply, distribution, validation incentives)
  • Market dynamics, volatility drivers and liquidity risks
  • Cybersecurity risks, private key risks and transfer errors
  • Differences between MiCA investor protection and MiFID II safeguards

For advisory staff, additional expectations include:

  • Suitability obligations under Article 81 MiCA
  • Portfolio construction and diversification principles
  • Full cost and charges transparency (including gas/network fees)
  • Valuation methodologies
  • Assessment of client-specific suitability and evolving circumstances

In practice, this aligns crypto advice more closely with MiFID-style financial advisory standards.

Qualification Pathways: Formal Thresholds

Before interacting with clients, staff must pass an assessment and meet minimum qualification and experience thresholds.

For staff providing information:

  • 80-hour professional qualification + six months supervised experience; or
  • One–year supervised experience.

For staff providing advice, one of four pathways applies, including:

  • A relevant three-year tertiary degree + one year supervised experience;
  • 160 hours professional formation + one year supervised experience;
  • Or prior MiFID II/IDD advisory experience supplemented with six months crypto-specific supervised experience.

CASPs cannot rely on informal experience alone going forward.

CPD is Mandatory and Testable

CASPs must implement annual continuous professional development (“CPD”) requirements, proportionate to product complexity.

The Guidelines indicate a minimum of:

  • 10 hours annually for staff providing information on less complex products;
  • 20 hours annually for staff providing advice.

Importantly, CPD must include verification of acquired knowledge; attendance is not enough.

For applicants, this means CPD structures should already be designed at the licensing stage.

AI and Automated Advisory

Where information or advice about crypto-assets or crypto-asset services is provided in an automated or semi-automated manner, CASPs should ensure that these Guidelines apply to staff responsible for determining the content of the information or advice delivered to clients.

Staff setting the parameters and deciding on the settings for such information or advice to be delivered should also have sufficient knowledge and competence to ensure that appropriate information or advice is provided accurately, in adequate circumstances and to the right recipients.

Supervision: A Four-Year Window with Real Accountability

Where staff lack full qualification or experience, they may operate under supervision for a maximum of four years. However, the supervisor must meet full competence standards; supervision must be tailored and documented and the supervisor assumes responsibility, including signing off suitability reports.