MiFID II: authorisation and variation of permissions

MiFID II applies from 3 January 2018, less than four months away. It widens the scope of MiFID by capturing some financial entities that did not previously require authorisation. Some firms who are already authorised may also need new authorisations or a Variation of Permission (VoP) to carry out activities from next year.

In previous statements we indicated that firms requiring new authorisations or a VoP under MiFID II needed to submit a complete application to us by 3 July 2017. After that date, we could not guarantee to determine applications in time for new permissions to be in place for 3 January 2018.

Good progress has been made. We have received applications from a significant number of firms seeking to operate a trading venue or become a Data Reporting Services Provider (DRSP). We have already determined a number of applications from DRSPs authorised to provide Approved Publication Arrangements.

What you need to do

If you have not yet applied at all, you urgently need to submit an application with all the information we require. You may find it helpful to consult legal or compliance professionals familiar with the MiFID II regime and our expectations of authorisation applications to ensure your application is complete.

If you have already sent an application and we have subsequently been in contact to tell you that it is not complete, you need to provide the missing information as soon as possible. Without this, we cannot assess your application.

If you are unsure whether you need new permissions you should take action now. Start by consulting our application and notification user guide (PDF) and consider whether you need professional support to get back on track.

Any firm which needs new permissions under MiFID II and has not submitted a complete application needs to take immediate action. Given that firms can only carry out MiFID II activities for which they have the appropriate regulatory permissions, this will need to include contingency planning for the event that new permissions are not in place by 3 January 2018.

Proprietary traders and those providing them with market access

We want to highlight that some proprietary traders who are not authorised may need to be authorised under MiFID II.

For example, if you are an unregulated proprietary trader who uses a form of direct electronic access[1] provided by a regulated firm to access trading venues (a ‘DEA client’), you may need authorisation from 3 January 2018. Further guidance is available in the application and notification user guide (PDF) and our Handbook (PDF). You need to confirm urgently whether you will need authorisation and, if so, make an application.

If you are a firm or venue providing your clients with direct electronic access to trading venues (a ‘DEA provider’) you will have a duty under MiFID II to carry out due diligence on your prospective DEA clients. You should therefore work closely with your clients to ensure they are aware of the potential need to be authorised and be authorised on time.


  1. ^ ‘Direct electronic access’ means an arrangement where a member or participant or client of a trading venue permits a person to use its trading code so the person can electronically transmit orders relating to a financial instrument directly to the trading venue. This includes arrangements which involve the use by a person of the infrastructure of the member or participant or client, or any connecting system provided by the member or participant or client, to transmit the orders (direct market access) and arrangements where such an infrastructure is not used by a person (sponsored access).

Page updates

: Link changed Broken Link fixed