Navigating the Complexities of Market Abuse Regulations in the EU and UK

The Market Abuse Regulation (MAR) is a critical framework designed to combat market manipulation and insider trading across the EU and UK. Find out how your firm can maintain ironclad compliance.

Across ever-evolving financial markets, regulatory compliance is the cornerstone for maintaining market integrity and investor trust. Understanding and adhering to regulations across various jurisdictions is essential for firms to operate transparently and avoid severe penalties. In the European Union (EU) and the United Kingdom (UK), the Market Abuse Regulation stands out as one of the most stringent — and important — frameworks designed to foster transparency and accountability in the financial services sector.

Overview of MAR

The Market Abuse Regulation (MAR) is a crucial piece of legislation in both the EU and the UK aimed at ensuring the integrity of financial markets and enhancing investor protection. MAR is intended to:

• Prevent market manipulation practices that can distort the pricing of financial instruments
• Increase transparency in financial markets to foster investor confidence
• Prevent insider trading based on material non-public information (MNPI)

Specific provisions within MAR serve to:

• Define various forms of market manipulation, including spreading false information and manipulative trading practices.
• Prohibit trading based on insider information and outline the responsibilities of insiders.
• Require that issuers of financial instruments disclose inside information promptly to the public.
• Require market participants to report suspicious activities to competent authorities.
• Provide protections for whistleblowers who report market abuse.

Above all, MAR provides a harmonised framework across EU member states to ensure consistency and avoid regulatory arbitrage. By preventing abusive practices, MAR is meant to create a level playing field for all market participants.

Key Compliance Obligations Under MAR

Under MAR, both organisations and individuals have multiple key obligations designed to prevent market abuse, ensure market integrity, and protect investors.

1. Prohibition of insider trading Individuals with access to inside information are prohibited from using that information to trade in financial instruments or to recommend or induce others to trade. This is to prevent unfair advantages in the market by banning trading activities based on MNPI. It includes restrictions on “tipping off” others unless it is within the scope of one’s professional duties.
2. Prohibition of market manipulation
   Engaging in practices that distort or manipulate the market price of financial instruments is strictly prohibited. Any form of market manipulation undermines the integrity of the market — this includes spreading false information or executing trades that create misleading impressions of market activity, thereby affecting the supply, demand, or price of financial instruments.
3. Disclosure of inside information Issuers of financial instruments (such as corporations, governments, or other organisations that create, register, and sell securities) must publicly disclose inside information as soon as possible. Timely disclosure ensures a level playing field, where all market participants have equal access to critical information that could influence their investment decisions.
4. Insider lists
   Organisations must maintain and regularly update lists of individuals who have access to inside information. These insider lists are vital for regulatory oversight, as they help authorities track who has access to sensitive information and ensure these individuals are held accountable for any wrongdoing.
5. Suspicious transaction and order reporting (STOR) Firms must report any perceived suspicious transactions or orders to the competent authority. This requires that robust systems be implemented to detect and promptly report activities that may constitute market abuse, ensuring timely intervention by regulatory authorities.
6. Managers’ transactions (PDMR dealing) Persons discharging managerial responsibilities (PDMRs) and persons closely associated with them must notify the issuer and the competent authority of their transactions in the issuer’s financial instruments. PDMRs must report transactions exceeding certain thresholds within a specific timeframe to maintain transparency and prevent conflicts of interest.
7. Public disclosure of transactions by PDMRs
   Transactions by PDMRs must be publicly disclosed by the issuer. Public disclosure provides transparency regarding the trading activities of key personnel, helping to maintain overall market integrity and investor confidence.
8. Whistleblowing mechanisms
   Firms must have systems in place for employees to report potential or actual violations of MAR. Effective whistleblowing mechanisms ensure that employees can report suspicious activities without fear of retaliation.
9. Training and awareness
   Firms must provide training and raise awareness about MAR compliance. Ongoing education and training help employees understand their obligations under MAR and learn to recognize and prevent market abuse.
10. Record keeping Firms must maintain records of transactions and communications that can be used to detect market abuse. Comprehensive record-keeping is essential for regulatory reviews, providing a clear audit trail that can be used to investigate and address potential instances of market abuse. These records must be easily accessible and retained for a period specified by law.

Notification Requirements For PDMR Transactions

PDMRs include individuals who are members of the administrative, management, or supervisory bodies or senior executives with regular access to inside information and the authority to make significant managerial decisions that influence the company’s business prospects. Under the EU MAR, PMDRs within an issuer have specific notification obligations regarding their transactions in the issuer’s financial instruments.

The scope of these notification requirements is comprehensive. PDMRs must report a wide range of transactions, including buying, selling, pledging, borrowing, lending, or any other form of acquisition or disposal of financial instruments linked to the issuer. This also includes derivative transactions and dealings in financial instruments connected to the issuer’s shares or debt instruments.

MAR sets a specific value threshold for when PMDRs must report transactions. Initially, PDMRs are required to notify transactions once their total value reaches or exceeds €5,000 within a calendar year. This threshold, however, can be adjusted by national regulators to a maximum of €20,000. Once a PDMR’s transactions hit this threshold, every subsequent transaction, regardless of its value, must be reported. This threshold mechanism ensures that even relatively minor transactions by PDMRs are tracked once they have crossed the reporting threshold.

The notification process is subject to strict deadlines. PDMRs and persons closely associated with them must notify both the issuer and the competent authority of every transaction within three business days of the transaction date. This notification must include detailed information, such as:

• the name of the PDMR or associated person;
• the reason for the notification;
• the name of the issuer;
• a description and identifier of the financial instrument;
• the nature of the transaction;
• the date and place of the transaction;
• and the price and volume of the transaction.

These detailed disclosures are essential for maintaining market transparency and ensuring that all relevant information is available to market participants and regulators.

Issuers also have obligations under MAR related to the public disclosure of these transactions. The issuer must make the transactions notified by PDMRs public within three business days of the transaction date. The disclosure must be made using a mechanism that ensures fast access to the information on a non-discriminatory basis. To enhance transparency, many issuers also publish this information on their websites.

Issuers must maintain and regularly update insider lists, which include PDMRs and any individuals with access to inside information. Records of all transactions must be kept for a minimum of five years, ensuring they are available for regulatory review if needed. Issuers are also responsible for establishing internal policies and training programs to ensure that PDMRs are fully aware of their obligations under MAR. Robust monitoring systems should be in place to track PDMR transactions and ensure that all necessary notifications and disclosures are made promptly.

Given the complexity and potential consequences of non-compliance, PDMRs are encouraged to seek legal advice if they are uncertain about their obligations. Both issuers and PDMRs must stay informed about any changes or updates to MAR that may affect their responsibilities.

Failure to comply with MAR can result in substantial fines for both PDMRs and issuers, damage to an issuer’s reputation, and, in severe cases, criminal prosecution, including imprisonment.

Insider Lists: Importance, Maintenance, And Legal Requirements

Insider lists are mandatory records that issuers — as well as any person acting on their behalf or account — must create and maintain to track individuals who have access to material non-public information. These lists help to uphold the fairness of financial markets and support regulatory authorities in investigating potential cases of market abuse.

Insider lists must be maintained separately for each piece of inside information that arises within an organisation. Each insider list must include:

• full names
• birth surnames (if different)
• home addresses
• professional and personal telephone numbers
• company name and address
• national identification numbers
• detailed explanations of why each person is on the list
• the date and time they gained and ceased to have access to the inside information.

This granular approach helps to ensure that each instance of inside information is appropriately safeguarded, with clear accountability for who has access at any given time. These lists are not static; they must be promptly updated whenever there is a change, such as when a new person gains access to inside information, when an individual no longer has access, or when there is a change in the reason for a person’s inclusion. Each update must clearly indicate the date and time of the change, ensuring that the record reflects the most current state of access.

Organisations are required to retain these lists for at least five years after their creation or the last update, ensuring that they are available for regulatory review upon request. This retention period allows regulators to trace back access to inside information over a significant period, which is crucial for investigating market abuse cases.

To comply with MAR, organisations must establish robust systems to monitor and ensure timely updates to these lists, whilst also implementing controls to restrict access to the lists themselves to those who need to know for compliance purposes. Given the sensitive nature of this personal data, insider lists must be handled with strict confidentiality and in compliance with data protection laws, such as the General Data Protection Regulation (GDPR) in the EU.

To ensure consistency and accuracy, organisations are encouraged to use a standard template for capturing all required information on insider lists. Automated systems can also be highly beneficial for managing and updating insider lists, reducing the risk of human error and improving overall efficiency. Regular audits of insider lists should be conducted to ensure ongoing compliance with MAR requirements and to identify any gaps or inaccuracies. Effective coordination between different departments, such as legal, compliance, and human resources, is essential for maintaining accurate and up-to-date insider lists, further enhancing an organisation’s commitment to regulatory compliance and market integrity.

Penalties For MAR Non-Compliance

Non-compliance with the EU MAR can lead to severe penalties for both individuals and organisations. The nature and severity of the penalties can vary based on the jurisdiction and the specifics of the non-compliance.

• Financial penalties: Organisations can be fined as much as €15 million or 15% of the total annual turnover, whichever is higher; individuals can be fined up to €5 million. Particularly severe cases of insider trading and market manipulation can attract even higher fines. Perpetrators may also be subject to disgorgement, which requires them to pay back any profits gained or losses avoided from the unlawful conduct.
• Criminal penalties: In some jurisdictions, severe breaches of MAR can lead to criminal prosecution and imprisonment. Criminal courts may also impose substantial fines on individuals and firms found guilty of market abuse.
• Regulatory sanctions: Regulatory authorities may issue cease and desist orders to stop the infringing behaviour immediately. Firms may have their authorisation to operate in the financial markets suspended or permanently withdrawn. Individuals may be banned from holding certain positions within financial institutions, either temporarily or permanently.
• Reputational damage: Regulatory authorities may publicly censure individuals or firms, leading to significant reputational damage. Public awareness of non-compliance can lead to a loss of trust among investors and clients, which can severely impact the firm’s market position.
• Operational consequences: Firms found non-compliant with MAR may face increased regulatory scrutiny and more frequent inspections or audits. They may also be required to undertake remedial actions, such as revising internal controls, enhancing compliance programs, and conducting additional training.
• Civil liability: Non-compliance with MAR can lead to civil lawsuits from investors or other stakeholders who suffer losses due to market abuse. Firms and individuals may be required to compensate affected parties for losses incurred as a result of their actions.

Specific penalties for different types of non-compliance are as follows:

• Insider trading: Fines and imprisonment, along with bans from professional roles.
• Market manipulation: Similar to insider trading penalties, with additional focus on compensation and disgorgement of profits.
• Failure to disclose inside information: Administrative fines and potential criminal charges, depending on the jurisdiction.
• Failure to maintain insider lists: Administrative fines and enhanced regulatory scrutiny.
• Non-compliance with PDMR notification requirements: Administrative fines and potential bans from professional roles for repeated non-compliance.

EU vs. UK MAR [Post-Brexit]

Following Brexit, the United Kingdom retained the MAR framework but adapted it to fit the specifics of the UK market. This version is commonly referred to as “UK MAR.”

Despite being separate from the EU MAR, UK MAR shares the same core objectives: preventing insider trading, market manipulation, and ensuring that financial markets operate fairly and transparently. Both regulations are designed to protect investors from market abuse, with stringent rules against insider trading and the manipulation of market prices.

While the key provisions of UK MAR mirror those of the EU MAR, there are some distinctions in oversight and enforcement. For example, in the EU, the European Securities and Markets Authority (ESMA) provides guidelines and oversees the implementation of MAR across member states; Post-Brexit, the Financial Conduct Authority (FCA) has taken on the role of monitoring compliance and enforcing UK MAR. Violations of MAR in both jurisdictions can lead to severe financial penalties, reputational harm, and long-term business implications for firms and individuals found guilty of market abuse.

EU vs. Post-Brexit UK MAR

	EU MAR	UK MAR
Enforcing Authorities	European Securities and Markets Authority (ESMA) National Competent Authorities (NCAs)	Financial Conduct Authority (FCA)
Scope and Applicability	Applies to all EU member states and covers financial instruments in EU-regulated markets, multilateral trading facilities (MTFs), and organised trading facilities (OTFs)	Applies within the UK, covering financial instruments on UK-regulated markets, MTFs, and OTFs
Insider Dealing and Market Manipulation	Prohibits insider dealing and market manipulation to ensure market integrity	Prohibits insider dealing and market manipulation, mirroring EU MAR provisions
Disclosure of Inside Information	Requires issuers to publicly disclose inside information promptly to ensure transparency	Requires prompt public disclosure of inside information, similar to EU MAR
Insider Lists	Issuers and relevant persons must maintain and update insider lists	Similar requirements for maintaining and updating insider lists
Managers’ Transactions (PDMR Notifications)	PDMRs and associated persons must notify transactions within three business days, and issuers must publicly disclose these transactions within the same timeframe	Identical notification and disclosure requirements for PDMRs
Suspicious Transaction and Order Reporting (STOR)	Firms must report suspicious transactions or orders to the NCA without delay	Firms must report suspicious transactions or orders to the FCA without delay
Penalties and Enforcement	Substantial fines, disgorgement of profits, temporary or permanent bans, and criminal sanctions. Penalties vary by member state.	Significant fines, bans, and similar penalties to ensure compliance, enforced by the FCA
Post-Brexit Adjustments	Continuously evolving with ESMA guidance and updates	Adapted to fit the UK regulatory framework, maintaining substantial similarity to EU MAR
Future Developments	Ongoing updates from ESMA to enhance effectiveness	Potential for FCA to diverge to better suit the UK market while currently maintaining high alignment with EU MAR

How to Maintain Compliance With MAR [10 tips]

Maintaining compliance with the EU MAR requires a strong proactive approach. The following are 10 practical tips for organisations and individuals to ensure they remain compliant:

1. Establish robust internal policies and procedures Create comprehensive policies covering all aspects of MAR, including insider dealing, market manipulation, and disclosure of inside information. Ensure policies are regularly updated to reflect any changes in MAR regulations or internal processes. Clearly communicate these policies to all relevant employees and stakeholders.
2. Implement training and awareness programs
   Conduct regular training sessions for employees, especially those in key compliance positions, to ensure they understand their obligations under MAR. Use real-life case studies to illustrate the consequences of non-compliance and reinforce learning. Provide periodic refresher courses to keep everyone up-to-date with any regulatory changes.
3. Maintain effective monitoring and surveillance systems
   Use advanced surveillance systems to monitor trading activities and detect potential market abuse. Set up automated alerts to flag suspicious transactions or behaviours for further investigation. Conduct regular audits and assessments of surveillance systems to ensure they are functioning correctly and effectively. In addition to traditional surveillance, leveraging solutions like StarCompliance’s Employee Conflict of Interest solution can enhance compliance efforts by automating the monitoring of personal trading, outside business activities, and other potential conflicts.
4. Maintain accurate insider lists
   Ensure insider lists are updated promptly whenever there are changes in personnel or access to inside information. Maintain detailed records of all individuals on the insider list, including reasons for their inclusion and the dates they were added and removed. Handle insider lists with strict confidentiality and in compliance with data protection laws.
5. Facilitate prompt and accurate disclosures
   Ensure inside information is disclosed to the public as soon as possible to avoid selective disclosure and market manipulation. Use reliable and widely accessible channels to disseminate information to the market. Implement pre-disclosure checks to ensure the accuracy and completeness of the information being disclosed.
6. Codify suspicious transaction and order reporting (STOR)
   Establish clear procedures for detecting, investigating, and reporting suspicious transactions or orders. Train employees on how to recognise and report suspicious activities. Keep detailed records of all reported suspicious transactions, including the rationale for the suspicion and any subsequent actions taken.
7. Monitor managers’ transactions (PMDR notifications)
   Establish procedures for PDMRs and persons closely associated with them to report their transactions within the required timeframe. Ensure these transactions are publicly disclosed promptly and accurately. Monitor transaction thresholds to ensure all reportable transactions are captured.
8. Implement whistleblowing mechanisms
   Provide mechanisms for employees to report potential violations anonymously. Implement policies to protect whistleblowers from retaliation. Ensure all reports are thoroughly investigated and appropriate actions are taken. With configurable workflows and robust case management features, StarCompliance’s Incident Management solution streamlines the reporting and investigation process, ensuring that all reported incidents are tracked, reviewed, and resolved efficiently.
9. Complete regular reviews and audits
   Conduct regular compliance audits to identify any gaps or weaknesses in your MAR compliance framework. Use audit findings to continuously improve compliance processes and controls. Consider engaging external experts for independent reviews and benchmarking against best practices.
10. Collaborate with legal and compliance experts
    Regularly consult with legal and compliance experts to ensure your understanding and implementation of MAR are up-to-date. Keep abreast of regulatory updates, guidance, and best practices through continuous learning and professional development. Establish a compliance committee or working group to oversee MAR compliance efforts and address any issues promptly.

Compliance with MAR is not just about avoiding penalties — it’s about fostering a culture of transparency and trust within financial markets. Implementing robust compliance software systems can streamline the complex MAR requirements, ensuring your organisation remains on the right side of the law. Discover how StarCompliance’s global solutions can help you maintain regulatory compliance and safeguard your firm’s reputation. Schedule a personalized demo here.

Andy Atkinson

Andy Atkinson joined StarCompliance in 2022 and is the Head of Product Management for Star’s Accountability & Competency solutions. Andy has over 25 years of experience in product management, business development, and business analysis. He’s dedicated more than 15 years of his career to the financial services sector, delivering solutions to support regulated entities in the UK for Training & Competency and the Senior Managers & Certification Regime (SMCR). As global accountability regimes continue to emerge, Andy is using his deep knowledge and understanding of SMCR to develop fit-for-purpose solutions that can meet the needs of accountability regimes around the globe. Prior to Star, Andy worked at Redland Business Solutions and Mutual Vision.

Read more