The Markets in Financial Instruments Directive 2014/65/EU (MiFID II), which will apply to all Member States in the EU by 3 of January 2018, introduces significant changes on this field, as it is amending Directives 2002/92/EC and 2011/61/EU.

The key points of this regulatory framework are summarized as follows:


The Financial Conduct Authority.

  • AIM:

MIFID II ensures the investors’ protection and scrutiny of the transparency, as both were exposed by the international financial crisis, with significant changes to pre/post trade transparency, transaction reporting, corporate governance, product governance, client categorization, execution, conflicts of interest, disclosure of costs – charges and investment research.

  • SCOPE:

MiFID II extends the scope of the existing Directive (MiFID I) as it:

  1. Extends the definition of investment services by creating a new MiFID investment service of operating an organized trading facility (OTF),
  2. Extends the definition of financial instruments by creating new financial instruments including emissions allowances and
  3. Restricts certain of the MiFID I exemptions by bringing more firms within scope as commodity firms and market makers.

MiFID II requires financial services companies to capture, archive and analyze any communications from digital exchanges or face to face meetings, which lead to a transaction, with strong supervisory technological systems.

  1. New customer – facing portals,
  2. Automated call recording, storage and retrieval of client’s interaction (e.g. SMS, e-mail etc.),
  3. Design of more transparent electronic exchanges,
  4. Enhanced data storage systems and
  5. Development of report process.

MiFID II is related to the Markets in Financial Instruments Regulation 600/2014 (MiFIR), which is amending the Regulation (EU) No 648/2012, and will apply from January 2018 throughout the European Union.


Greece has not transposed yet the MIFID II Directive (2014/65/EU) in the Greek legislation. The related draft law was submitted in the Greek Parliament by 14th of December 2017 and the voting of the same is pending.


Although, the regulatory measures of these two European initiatives might be presented as contradictory, financial firms shall accommodate both. In particular, MIFID II is a new legislation which data privacy managers must take into account, always in compliance with the G.D.P.R., in order to legally collect, store and access to personal data.

Moreover, on the one hand, MiFID II provides that all communications, which lead to a transaction (including calls on mobile devices), shall be recorded, stored and accessed for up to 7 years. On the other hand, G.D.P.R. is aiming to strengthen data protection and to support individual rights to privacy. As a result, clients and employees of a financial firm shall be informed about the record and storage of their personal data and be ensured that the period for which their personal data are stored is limited to a strict minimum.

In any case, MiFID II project managers need to consult with G.D.P.R. project managers about the technology required for any collection, storage and protection of personal data they may process.

In conclusion, the legislative framework for markets in financial instruments and protection of personal data across Europe seems to change and provide new legislative requirements but also new opportunities throughout the European Union.


Edited by Dimitra Panagidi