EU Regulation 596/2014, the Market Abuse Regulation (MAR), is a complex legal framework, which requires substantial resources from the companies being regulated. We have produced a condensed 7-bullet checklist with some of the most important obligations that need to be fulfilled in order to be compliant with MAR. The checklist is valid irrespective of whether your MAR processes are managed manually through spreadsheets or if you use a qualified service for more efficient handling.

1. Document your decisions on inside information:
Create a process for how you make decisions on what constitutes inside information and how you document the justification to delay disclosure.

2. All versions should be retrievable in a digital format: 
Ensure that you can handle the insider list in a digital format and that all versions are readily available upon request from the National Competent Authority (NCA).

3. Gather personal information:
Establish routines for collection of insiders´ personal information to ensure your insider list is up to date.

4. Remind and chase insiders:
Find ways to remind insiders who have not confirmed their obligations and document all confirmations so that you can present them to the NCA in case of an investigation.

5. Personal data must be handled correctly:
Make sure all personal data collected for the insider list is treated with confidentiality, kept safe, and protected from undue disclosure.

6. Archive for 5 years:
Ensure you archive the insider list in a digital format for 5 years, including all versions, justifications and confirmations from insiders.

7. Maintain 2 separate lists:
Apart from the insider list, you are required to maintain an up to date list of persons discharging managerial responsibilities (PDMRs) and their persons closely associated (PCAs).

What happens if I fail to comply with the obligations?

There will normally be no immediate consequences. NCAs do not perform constant controls on all companies regulated under MAR but would rather act upon specific decisions of an NCA. In case of an investigation, an NCA would most likely detect any inadequacies and, as a result, evaluate the extent of the violation and decide on appropriate sanctions to impose. The MAR related sanctions are constructed to work as a strict deterrent and any sanctions imposed against a company are to be made public to have further discouraging effects – see the MAR sanctions summary.

Important Internet sources

MAR contains the current legal obligations for management of the insider list and the list for PDMRs, as well as the applicable sanctions:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32014R0596

ESMA MAR guidelines clarifies certain interpretations of MAR:
https://www.esma.europa.eu/document/mar-guidelines-delay-in-disclosure-inside-information