(1)

The information to be exchanged by competent authorities pursuant to Article 31(1) of Regulation (EU) 2020/1503 should allow those authorities to effectively carry out their investigation, supervision and enforcement activities under that Regulation. Consequently, it is necessary to specify the information that competent authorities are to exchange to be able to perform those tasks.

(2)

To ensure that competent authorities can effectively monitor crowdfunding service providers, competent authorities should exchange general background information and constituting documents, including national incorporation documents, or other documents that provide insight into the structure and operational activities of crowdfunding service providers. For the same reason, competent authorities should also exchange information about the authorisation process and the management bodies of crowdfunding service providers, including information on the suitability to manage a crowdfunding service provider and the reputation of the members of the management body, and information about shareholders, imposed penalties and administrative measures, enforcement actions and crowdfunding service providers’ relevant conduct and compliance history.

(3)

In order to discharge their supervisory duties in a comprehensive manner, competent authorities should also exchange relevant information on other natural or legal persons and crowdfunding related third parties that are of relevance for the provision of the services provided by the crowdfunding service providers, including information on third parties designated to perform operational functions in relation to the provision of crowdfunding services.

(4)

Exchange of information between competent authorities will be most useful in the circumstances where issues of regulatory concern may arise related to the entities subject to Regulation (EU) 2020/1503, including information about the initial application for authorisation of crowdfunding service providers, the on-going supervision of an entity’s compliance with that Regulation, and supervisory and enforcement actions which may impact the operations of an entity in another jurisdiction.

(5)

The exchange of information between competent authorities in relation to investigation, supervision and enforcement activities should be carried out in compliance with the right to protection of personal data of the persons concerned, as set out in Articles 7 and 8, respectively, of the Charter of Fundamental Rights of the European Union and must comply with Regulation (EU) 2016/679 of the European Parliament and of the Council (2).

(6)

This Regulation is based on the draft regulatory technical standards submitted to the Commission by the European Securities and Markets Authority (ESMA).

(7)

ESMA did not conduct open public consultations on the draft regulatory technical standards on which this Regulation is based, nor did it analyse the potential costs and benefits, as this would have been highly disproportionate in relation to the scope and impact of those standards, taking into account the fact that those standards principally concern competent authorities.

(8)

ESMA has requested the advice of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council (3).

(9)

The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (4) and delivered an opinion on 1 June 2022,

(a)

general information and documents relating to the crowdfunding service provider:

(b)

information about the natural persons responsible for the management of the crowdfunding service provider which was provided as part of the authorisation process, including:

(c)

information necessary to assess the good repute and suitability of the natural persons responsible for the management of the crowdfunding service provider, including, where available:

(d)

information about shareholders who hold 20 % or more of the share capital or voting rights of the crowdfunding service provider, including information on the absence of criminal records or administrative or civil sanctions and information about criminal investigations opened against such shareholders, in respect of infringements of national rules in the fields of commercial law, insolvency law, financial services law, anti-money laundering law, fraud law or professional liability obligations and a detailed description of any civil or administrative sanctions imposed;

(e)

information about the crowdfunding service provider’s organisational structure, operating conditions and compliance with the requirements set out in Regulation (EU) 2020/1503, which was provided as part of the authorisation process and as updated through the supervisory activities of the competent authority receiving the request for information, including but not limited to:

(f)

information about the authorisation as a crowdfunding service provider or the withdrawal of authorisation pursuant to Articles 12, 13 and 17 of Regulation (EU) 2020/1503;

(g)

information on any penalty, including criminal penalties, administrative measures or enforcement actions, imposed on the crowdfunding service provider;

(h)

any other information necessary for cooperating in investigation, supervision and enforcement activities pursuant to Article 31(1) of Regulation (EU) 2020/1503.