On 25 March 2026, the Hungarian National Bank (MNB ) issued two recommendations on the crypto-asset market, addressing crypto-asset transfer services and the obligations of crypto-asset service providers regarding portfolio management and advisory services. These recommendations transpose ESMA guidelines into Hungarian practice. The MNB expects compliance with both from 1 October 2026, but neither recommendation is legally binding.
Recommendation No. 4/2026 (III.25.)
Transposing the ESMA 35-1872330276-2032 guideline, the MNB sets out three objectives: strengthening investor protection, increasing supervisory predictability, and promoting uniform application of the relevant legislation. The recommendation focuses on Article 82(2) of the MiCA Regulation and is addressed to service providers offering crypto-asset transfer services on behalf of clients. It centres on disclosure obligations both before the client gives an instruction (i.e. 'general information') and after the service provider receives a specific transfer instruction ('transaction-specific information').
Under general information, the service provider must inform the client about its own details, the service's main characteristics, rules on initiating, revoking or rejecting instructions, and the details of the proposed service. Appropriate policies and procedures must be established, kept accessible throughout the contractual relationship, and any changes must be communicated.
Under transaction-specific information, where the client has given an instruction but the transfer has not yet been executed, the key requirement is to notify the client if the transaction will be irreversible (or sufficiently irreversible in the case of probabilistic settlement), when irreversibility will occur and what costs apply. After execution, the service provider must inform the client of the initiator's and beneficiary's details, the quantity and type of crypto-assets transferred, value date, and costs. A reference enabling transaction identification must also be provided. Where an instruction is rejected, returned or suspended, the client must be informed of the reason, any possible remedy, and costs incurred.
Beyond disclosure, service providers must establish policies on daily cut-off times for transfer instructions, maximum execution times per crypto-asset, and the estimated time or block confirmations needed for irreversibility on each DLT network. The MNB also expects risk-based policies determining whether to execute, reject, suspend or return a transaction, in compliance with the TFR Regulation and the MNB's prior practice. Finally, service providers must adopt policies defining their liability towards clients for unauthorised or improperly executed transfers.
Recommendation No. 5/2026 (III.25.)
Transposing the ESMA 35-1872330276-2031 guideline, the MNB sets out the same three objectives as above. The recommendation addresses certain suitability requirements under the MiCA Regulation and the format of periodic statements for portfolio management. It is addressed to providers offering crypto-asset advisory or portfolio management services.
A central element is informing clients about the purpose and scope of the suitability assessment. The service provider must clearly communicate that conducting the assessment is its own responsibility and that the client does not decide on suitability. The service provider cannot limit or exclude its responsibility for the suitability assessment. If the client fails to provide adequate information, no advisory or portfolio management service can be rendered. Robo-advice providers must inform clients about the degree of human involvement, information sources, and data handling.
Regarding information gathering, the MNB expects providers to ask specific comprehensible questions and ensure consistent evaluation. The client's knowledge, experience, financial situation, investment objectives, and risk tolerance must all be assessed. Under the proportionality principle, the scope of information depends on the service type, crypto-asset type and the client's profile. More complex or high-risk crypto-assets require more detailed inquiries.
Particular attention is paid to assessing the client's crypto-asset knowledge. The provider must ensure the client understands DLT-related risks such as cyber-theft, hacks, and loss of private keys. Prior crypto-asset investments do not suffice to demonstrate understanding, and over-reliance on client self-assessment must be avoided. To mitigate the risk of clients overestimating their knowledge, providers should use questions designed to test actual understanding (e.g. using multiple-choice questions rather than asking clients whether they consider themselves sufficiently experienced).
The MNB expects providers to have tools ensuring data accuracy and consistency, and to contact clients to clarify inconsistencies. Client information must be regularly updated, and the suitability assessment must be reviewed at least every two years.
Providers must also understand the characteristics, risks, and costs of the crypto-assets they recommend and assess equivalent alternatives. The suitability assessment must consider the client's entire portfolio and appropriate diversification. Switching between investments requires a cost-benefit analysis, taking into account factors such as changes in the client's situation, shifts in market conditions, and the potential benefits of increased portfolio diversification.
The periodic statement must be provided over a durable medium and include the portfolio's content and valuation, performance for the period (including tokens received free of charge through staking rewards), the total fees and commissions charged, a comparison with any agreed performance benchmark, and the details of all transactions executed during the period. The MNB also expects adequate staff training and regular review of relevant algorithms.
Although not legally binding, the MNB monitors and evaluates compliance through its supervisory activities. Furthermore, it encourages service providers to transpose these recommendations into company bylaws.
This article was co-authored by Bendeguz Hunor Javorszki.
For more information on these recommendations and ESMA Guidelines in Hungary, contact your CMS client partner or the CMS experts who contribued to this article.
