Estonia’s financial regulator has moved to tighten expectations around who can speak to clients about crypto products and services. On March 26, Finantsinspektsioon said it had adopted ESMA’s MiCA knowledge-and-competence guidelines as recommendatory guidance, making clear that crypto-asset service providers must ensure client-facing staff have the necessary qualifications and experience before providing services.
The development matters because it pushes MiCA supervision deeper into day-to-day staffing, training and governance. This is not a new crypto licensing round or a market-abuse rule. It is a supervisory clarification that tells licensed crypto firms regulators will look more closely at whether the people informing or advising clients are actually fit to do so.
Estonia is turning ESMA’s MiCA standards into a live supervisory benchmark
Finantsinspektsioon said the new guidance is based on ESMA’s rules for assessing the knowledge and competence of staff at crypto-asset service providers. The authority said the aim is to clarify what knowledge and skills are expected from CASP employees depending on whether they merely provide information to clients or actually give advice on crypto-assets and crypto-asset services.
The broader purpose is investor protection. ESMA said the guidelines are meant to help CASPs act in the best interests of clients, support supervisors in assessing compliance, and increase trust in crypto-asset markets. Estonia’s regulator echoed that point, saying the guidance should strengthen market credibility and improve investor protection.
Advice staff face a higher bar than information-only staff
One of the clearest takeaways is that not all client-facing roles will be treated the same. Finantsinspektsioon said employees who advise clients must have more knowledge and competence than staff who only provide information about crypto-assets or crypto-asset services. ESMA’s guidelines say the same thing explicitly, drawing a higher standard for advice than for information-only interactions.
That distinction matters for crypto firms because many businesses blur the line between product education, sales support and actual advice. Under the new framework, firms will need to be clearer internally about who is doing what, and whether those roles carry different qualification and competence requirements. This is an analytical inference based on the regulator’s distinction between information and advice roles.
The rules go beyond hiring and into ongoing supervision
This is not a one-time hiring check. Finantsinspektsioon said CASPs will have to assess at least once a year whether employees’ knowledge and skills still meet the required standard and must ensure continuous further training. ESMA’s published guidelines also say firms should review staff development needs at least annually, assess regulatory developments and maintain ongoing professional training, including ahead of any new crypto-asset or crypto service launch.
The governance burden goes higher than the front line. ESMA’s guideline text says the management body of the crypto firm should review, at least annually, the effectiveness of the policies and procedures used to comply with these knowledge-and-competence requirements. That pushes the issue into board- and senior-management territory, not just HR or compliance training checklists.
Qualifications, experience and records will matter more
ESMA’s framework says CASPs should assess staff through an appropriate qualification and appropriate experience relevant to the crypto services they provide to clients. It also says firms must keep records that can be provided to the competent authority on request so supervisors can assess and verify compliance.
That is a meaningful shift for firms still operating with startup-style staffing models. In practice, the new framework points toward more formal evidence of competence, clearer role descriptions and stronger documentation of how firms decide that a staff member is ready to interact with clients. This is a grounded inference from the qualification, experience and recordkeeping standards in the ESMA guidance.
Even automated crypto advice is pulled into scope
The guidelines are not limited to human conversations. ESMA says that where information or advice about crypto-assets or crypto-asset services is delivered in an automated or semi-automated way, the rules still apply to the staff responsible for determining that content and setting the parameters behind it.
That makes this more relevant for crypto firms using app-based prompts, chatbot flows, robo-style product suggestions or semi-automated client onboarding journeys. The implication is that firms cannot hide weak human oversight behind a digital interface if that interface is effectively informing or advising customers. This is an analytical conclusion based on ESMA’s explicit extension of the rules to automated and semi-automated delivery.
The clock is already running
Finantsinspektsioon says the guidelines will apply from July 28, 2026. ESMA said the rules would start applying six months after publication in all EU languages, and Estonia’s guidance page lists the same effective date.
That means this is no longer a distant policy signal. For MiCA-facing firms in Estonia, the transition period is short enough that hiring standards, internal training plans, role mapping and recordkeeping processes should already be under review now. This timing implication is an inference from the effective date and the operational scope of the rules.
Why it matters for crypto
- It shows MiCA supervision is moving beyond licensing and into staff-level competence, governance and client-interaction standards.
- It raises the compliance bar for exchanges, brokers, custodians and other CASPs whose staff speak to clients about crypto products or services.
- It makes “information” versus “advice” a more important legal and operational distinction for crypto firms. This is an inference based on the differing standards set out by Estonia and ESMA.
- It also extends into app-driven and semi-automated client journeys, meaning product teams and compliance teams may be pulled closer together. This is an inference based on ESMA’s explicit treatment of automated and semi-automated advice or information delivery.
What to watch next
- Whether other EU regulators adopt the same ESMA guidance as a live supervisory benchmark on a similar timeline.
- How aggressively supervisors test firms on qualifications, experience records and annual competence reviews after July 28. This is a forward-looking inference from the recordkeeping and review requirements.
- Whether crypto firms start restructuring sales, support and advisory roles more clearly to avoid crossing into higher-standard advice functions. This is an inference based on the distinction built into the guidance.
- Whether automated client-facing tools become a new inspection focus as regulators examine who designed them, what parameters they use and whether the responsible staff are competent under MiCA standards. This is an inference based on ESMA’s automated-delivery language.