top of page

From MiFID II to “Trust Me Bro”: The Definitive Guide to P2P Regulatory Frameworks in Europe

  • Feb 26
  • 4 min read
From MiFID II to “Trust Me Bro”: The Definitive Guide to P2P Regulatory Frameworks in Europe - Samuel Lissnerr

By Samuel Lissner, BeyondP2P P2P platforms often advertise one headline feature: “We’re regulated.” It sounds reassuring, and it usually ends the discussion. But “regulated” is not a regulated term. In European P2P, there is a meaningful difference between frameworks built to protect investors and frameworks that mainly ensure the platform files its anti-money laundering paperwork.


Good regulation does not prevent losses. What it does is reduce avoidable failure modes: commingled client funds, undisclosed conflicts of interest, weak governance, vague documentation, and no realistic path for complaints or enforcement. If you are trying to understand whether a platform’s slick interface is backed by real oversight, the framework it chose matters.


The investor-protection ladder (strongest to weakest)


At a high level, European P2P investor protection tends to fall into this order:


  • MiFID II

  • ECSP (European Crowdfunding Service Provider, under ECSPR)

  • EMI + national P2P licences (legacy national frameworks)

  • Prudential lender supervision (borrower-focused)

  • AML-only registration

  • Unregulated


This is not a perfect hierarchy. ECSP, for example, can be stricter than MiFID II on certain conflicts of interest. Still, as a general signal of investor-facing oversight, the ladder holds.

A useful rule of thumb is this: platforms that voluntarily choose a stricter regime usually signal a preference for scrutiny. That does not make them “safe,” but it does reduce the space for shortcuts.


Strong frameworks: MiFID II and ECSP


MiFID II and ECSP are the two EU-level frameworks designed with retail investors in mind. Both typically include:

  • Segregation safeguards (keeping client money separate from platform funds)

  • Standardised disclosures

  • Basic investor checks (appropriateness-style assessments)

  • Regulatory recourse if things go wrong


Recourse matters more than many investors realise. Under both regimes, firms must have complaint-handling procedures. If that fails, you can escalate to an alternative dispute resolution body (often a financial ombudsman) without going to court. For cross-border disputes, FIN-NET helps connect national ADR schemes across the EU. You can also complain to the national regulator that licensed the firm. None of this guarantees recovery, but it is materially different from relying on contract law alone.


MiFID II: the “gold standard” (with trade-offs)


MiFID II is the same framework that governs traditional brokerages and investment firms. The barrier to entry is higher than ECSP, including notably higher minimum capital requirements. That tends to filter out undercapitalised operators.


Key investor-facing features include:


  • Client asset segregation as a requirement, often reinforced in practice by structures like SPVs (common on Latvian platforms), which aim to ring-fence individual loans or pools.

  • Conflict-of-interest management: MiFID II allows conflicts if they are identified, controlled, and disclosed, rather than banning them outright.

  • Investor compensation scheme up to €20,000 in cases where a licensed firm cannot return client assets (this is not protection against investment losses).

  • Fee transparency: upfront disclosure of fees, commissions, and inducements.

  • Documentation and record-keeping that strengthens accountability and reduces “disappear and relaunch” patterns after failures.


MiFID II also comes with a cultural impact. Management teams operating under it tend to be more cautious, because documentation, governance, and regulatory expectations make “move fast and fix later” difficult.


Why so many MiFID II P2P platforms are Latvian


A notable concentration of MiFID II-regulated P2P platforms sits in Latvia (including Mintos, Twino, and others). The explanation is not that Latvia has different MiFID rules, but that it developed early institutional experience with the P2P model. As P2P grew, the local regulator engaged with market participants and built workable interpretations for P2P-style instruments, while other jurisdictions often pushed platforms toward ECSP or treated loan-participation models as outside MiFID.


Latvia also offered practical advantages: a lower cost base, English-speaking talent, EU passporting, and an ecosystem of lawyers, auditors, and compliance specialists familiar with the model.


ECSP: targeted, proportionate investor safeguards


ECSP (under ECSPR, applicable since 10 November 2021) was built specifically for crowdfunding and P2P. Typical features include:


  • Key Investment Information Sheets (KIIS)

  • Risk warnings and loss-bearing capacity prompts, including explicit consent when investments exceed certain thresholds

  • A 4-day reflection period for non-sophisticated investors (a genuine protection MiFID II does not provide)

  • Minimum capital requirements lower than MiFID II, but still meaningful

  • Segregated payment flows via PSD2-authorised payment providers


ECSP is also stricter than MiFID II on some conflicts: it effectively prevents platforms from listing projects tied to their own group or insiders. Where MiFID manages conflicts, ECSP often bans them.


One important nuance: safeguarded uninvested cash held through payment institutions is typically not covered by bank deposit guarantee schemes. It is protected through safeguarding rules, not deposit insurance.


Legacy and lighter regimes: what they do (and don’t) protect


Some platforms operate under EMI licences plus legacy national P2P licences, notably in Lithuania. EMI safeguarding helps keep client funds separate, but it is not the same as being a protected bank depositor. The national P2P licence can provide an investor-protection framework similar in spirit to ECSP, depending on the jurisdiction.


Then there are prudential lending licences (consumer lender, credit provider, broker registrations). These regimes can reduce outright fraud risk through audits and fit-and-proper tests, but they focus on borrower protection and responsible lending, not on investor safeguards. You usually do not get investor compensation schemes, investor-specific disclosures, or investor-focused dispute mechanisms.


At the bottom sit AML-only registrations and unregulated platforms. AML tells you the platform is expected to screen for money laundering and terrorism financing. It tells you little about conflicts, disclosures, segregation, or investor recourse.


The key point: regulation is structure, not performance


Regulation can tell you what happens if things go wrong, and whether conflicts and fund handling are constrained. It cannot tell you whether a platform is competent, conservative, or well-managed. Regulated platforms can still have large portions of portfolios in recovery. Unregulated platforms can still perform well. PeerBerry is often cited as an outlier with a strong track record despite operating without an investor-facing licence, while other unregulated examples show how quickly things can deteriorate when oversight is absent.


The practical use is simple: treat regulation as a due-diligence shortcut, not a guarantee. If you cannot assess group structures, guarantees, conflicts, and fee extraction in detail, sticking to the strong tier (MiFID II or ECSP) is a rational constraint. And for platforms launching today, the absence of a credible licence is increasingly a choice, not an accident.


Regulatory Frameworks



 
 
bottom of page