ESMA consults on investor protection topics linked to digitalization

The European regulator sets out its views on how firms should protect their customers in the age of digitization.

ESMA published a discussion paper (DP) on December 14, 2023 on the impact of digitalization on the MiFID II investor protection framework. This includes the increased use and reliance on social media and influencers by younger generations of investors.

The purpose of the DP is to consult stakeholders and consumers on whether the current legislative framework is still fit for purpose amidst new technological developments, or whether it needs adjusting in order to respond to the changes. The DP asks questions about a number of draft proposals connected to new and emerging practices such as layering, digital marketing communications, use of affiliates and finfluencers, digital engagement practices (eg nudging techniques), use of gamification techniques, push notifications and possible dark patterns.

It should be noted that the European Commission published its Retail Investment Strategy in May 2023 to respond to the impact of digitalisation on investor protection. That package includes the proposal, amongst others, to amend MiFID II on certain aspects with regard to digitalisation such as online disclosures and marketing practices. ESMA said that the DP is not intended to interfere in that process but instead will focus on the existing MiFID II framework and make recommendations on how this can be adjusted.

Who should read this discussion paper?

This paper will primarily interest competent authorities, firms that are subject to MiFID II and their clients. Because of its focus on investor protection issues entities that should consider reviewing and responding to it include investor and consumer organizations; investment firms and credit institutions providing investment services and activities; UCITS management companies and external Alternative Investment Fund Managers (AIFMs) when providing investment services; and any relevant trade association. The paper may also be of interest to firms that provide the digital engagement practices described in DP.

Investor protection draft proposals

The key areas the discussion paper covers are summarized below.


  • Layering involves organising information into different levels. Firms should present the most important and easily understandable information in the first layer. This should be followed by more detailed and technical content in subsequent layers and nodes eg through hyperlinks or QR Codes. This can help to reduce overload and make it easier for retail investors to understand complex financial instruments and services.
  • Layering should not be used to hide or disguise information and should always be used in the best interests of investors.

Accessibility and readability

  • Firms should take into account diverse respondent groups and test the reliability, usefulness, and understandability of their digital disclosures.
  • Accessibility and readability should not be affected depending on the system used by the clients to access the information eg using a tablet, phone or computer.
  • Firms are encouraged to use simple language and avoid the use of jargon.
  • Firms could consider making available visual aids to help (prospective) clients better understand technical information eg interactive graphics and tables.
  • Information should be available in downloadable and user-friendly formats, accessible and storable in real-time within the client’s login area.
  • All information provided to retail investors needs to be fair, clear and not misleading, regardless of the layer in which the information is provided.

Marketing communications and practices

  • Firms should ensure that (digital) marketing practices and advertisements remain compliant with relevant regulations by making certain that these messages are fair, clear and not misleading. One of the aspects of clear and fair presentation is comprehensible and clear wording and presentation of the investment firms’ offer, including with regard to financial instruments.
  • Marketing should not create a sense of urgency for investors to “act now” and vital information regarding financial instruments must not be omitted. 
  • Through the use of “targeted marketing”, firms have been able to increase the effectiveness of marketing to the target market with the personalized advertisements. For example, by gathering data on investors through the firm themselves but also by using third parties (and cookies). However, there can be a fine line between gathering data in the best interest of the client (getting the right advertisement to the right target market) and gathering data used to market more intensely and aggressively.
  • Instruments should always be noticeably labelled with the categories to which they belong and its labelling with the underlying cannot make it unclear that the instrument is a derivative. ESMA notes that poor display of products can constitute mis-selling.
  • Firms should not use marketing communications relating to financial instruments with high-risk features and/or the more complex financial instruments that are addressed to, or disseminated in such a way that they are likely to be received by, a broad range of retail clients (for example through mass-marketing).
  • Firms should adapt their marketing communications directed to vulnerable persons, for example by giving them the ability – throughout the entire process – to stop the digital process and continue it with human interaction. 

The use of affiliates/finfluencers

  • Firms may use different types of distribution channels. This includes using social media as well as using third parties (such as affiliates) to market their instruments and services. The firm is likely to have an agreement in place to pay commission to a person (natural or legal) which is based on business that is generated from referrals
  • Firms are and remain responsible for the accuracy of information provided to potential investors on behalf of the firm, including information provided through various distribution channels such as social media and finfluencers in the context of marketing communications.
  • Firms should have clear policies and procedures in place for working with affiliates, such as finfluencers, proper disclosure of their affiliations and possible conflict of interest in terms of eg remuneration. Firms should keep clear records of the contracts they have with affiliates. This includes policies and procedures in place for selecting and vetting influencers, as well as internal processes in place for reviewing and approving their content.
  • Whenever someone, such as a finfluencer, is remunerated to disseminate any type of marketing/advertising (or training) on behalf of the firm, this should be prominently stated in addition to being compliant with MiFID II requirements.

Digital engagement practices (DEPS)

  • Firms should have proper internal rules, policies, processes and tools for their use of DEPS including the use of behavioral techniques and gamification elements.
  • DEPs should not intentionally favor more costly products or products that are simply more remunerative for firms to distribute.
  • Firms should be wary of the trend of “socialisation” of investing. This has resulted in rise in popularity of so-called social or copy trading which includes providing investors with a tool to execute the same trades or invest in the same sets of financial instruments as other investors that shared their portfolios.


  • Firms using gamification techniques should focus on long-term investor outcomes depending on the investor’s profile and investment strategy (if known). Firms should not merely focus on high-risk investments, short-term outcomes and/or on individual transactions.
  • Firms should use DEPs and gamification techniques to encourage informed and sensible investment decisions which lead to well-diversified investment portfolios and long-term investing.
  • Use of gamification techniques that encourage investors to trade more should not be allowed in the case of risky products. This includes using techniques such as positive reinforcement immediately after financial transaction (such as messages to congratulate the investor/trader, use of confetti or badges).
  • Firms must allow the client to exit the process at any point, without having to complete the transaction. When firms use gamification techniques, firms should display a message that excessive trading may lead to financial harm to investors.
  • Firms should be neutral and unbiased.

Choice architecture and nudging techniques

  • Firms should design the choice architecture of their interface to enable and support investors to make informed and sensible investment decisions
  • Use of features likely to influence investor choice, such as setting levels of leverage by default to high amounts should be avoided as they are not in the client’s best interest.

Push notifications and dark Patterns

  • Firms should use the structure, design, function or manner of operation of their online interface in a way that encourages investors to make informed and sensible investment decisions.
  • Push notifications can significantly increase retail investor trading in a short period after receiving a notification compared to non-retail investor trading. If the push notification sent by the firm are uniform (all clients receive the same notification), the firm needs to assess beforehand whether the information contained in that notification is aligned with the target market.

What next?

The closing date for comments is March 14, 2024.

ESMA will use the feedback to develop a position on the use of digital engagement practices, such as gamification, as well as on the use of marketing practices (including social media and affiliates) by firms, and in particular to assess whether a regulatory response may be needed.