-
ESMA publishes supervisory briefing on triangular passporting
7 July 2026The European Securities and Markets Authority (ESMA) has published a new Supervisory briefing on triangular passporting under the EU Markets in Financial Instruments Directive (MiFID II), which aims to clarify the appropriate use of the practice, enhance certainty and improve supervisory consistency. It forms part of the EU’s wider simplification drive, seeking to reduce the burden of regulation by setting clear expectations for firms. Triangular passporting occurs where an investment firm authorised in one Member State (Member State A) uses a branch or tied agent in another Member State (Member State B) to provide investment services cross-border into a third Member State (Member State C), under the Article 34 freedom to provide services under MiFID II. The practice is not covered or prohibited under MiFID II, but ESMA recognises that this model can create: (i) compliance complexity for firms (which may need to comply with conduct of business rules in multiple Member States); (ii) investor protection risks (such as determining where complaints should be directed); and uncertainty over supervisory responsibilities.ESMA’s briefing does not create new legal obligations, is non-binding, and is not subject to a "comply or explain" mechanism, nor does it prescribe a single supervisory approach. However, investment firms using, or considering, triangular passporting may expect greater scrutiny of their approach to the practice, including by national supervisors. Notably, the European Banking Authority has not co-authored the supervisory briefing, so at this stage there is no new guidance on triangular passporting for firms within scope of the Capital Requirements Directive (CRD) or existing Payment Services Directive (PSD2). Currently, CRD and PSD2 make no explicit provision for triangular passporting, but support for it can be found in various supervisory publications, while Recital 56 of the European Commission’s proposal for the Payment Services Directive 3 explicitly acknowledges the possibility of triangular passporting.
Under the briefing, ESMA expects firms relying on triangular passporting to notify their home supervisor (in Member State A) and specify which authorised services and activities they intend to provide, using the relevant MiFID II templates related to Article 34. They should regularly review and, where necessary, carry out internal risk assessments of, the model. Firms relying on tied agents are expected to explicitly authorise the tied agent to provide cross-border services on behalf of the firm (given the tied agent’s separate legal personality). Firms should not use the structure to engage in “forum shopping” – for example, establishing a branch or tied agent in Member State B in order to passport services into Member State C may be considered to circumvent the MiFID II Article 35 branch establishment requirements. ESMA also expects firms to give clients clear information on who is providing the service, which authority supervises it, how complaints can be made, and which redress and compensation arrangements may be available. Clients will be entitled to submit complaints to either the head office or the branch/tied agent that is supplying the service.
On the supervisory side, ESMA expects the home Member State supervisor (in Member State A) to notify the supervisors in Member States B and C of the firm’s intention to rely on triangular passporting. ESMA provides some guidance on the responsibilities of the supervisors in Member States A-C but notes that a degree of supervisory cooperation will be required and refers to existing Level 2 measures under MiFID II (Commission Delegated Regulation (EU) 2017/586 and Commission Delegated Regulation (EU) 2017/980) which require supervisors to exchange information and cooperate in any cross-border supervisory activities.
Blog
