It is generally accepted that harmonisation has both market integration goals, aimed at removing barriers to cross-border trade, and regulatory goals, aimed at protecting consumers and strengthening their confidence in the internal market.¹ In EU securities law, harmonisation has gradually moved from liberalisation to regulation.² The traditional goals of securities regulation (protecting investors, ensuring the safety of individual firms and the stability of the financial system)³ have been re-orientated towards the ultimate goal of strengthening the internal market. The shift from liberalisation to regulation is well documented in the development of the EU conduct of business regime. The Investment Service Directive (ISD), adopted in 1993, introduced the single passport for investment firms and minimum conduct of business principles that had to be implemented by Member States. The MiFID I, adopted in 2004, while aimed at achieving market integration, introduced numerous conduct of business rules for investment firms to protect investors. In the same vein, the MiFID II, adopted ten years later, has tightened conduct of business rules, reaffirming the need to ensure an effective protection of investors.

MiFID II also harmonised supervisory and enforcement powers to sanction breaches of these rules of competent authorities and required Member States to strengthen extra-judicial mechanisms to compensate investors’ losses. However, like its predecessor, it did not harmonise rules on formation, performance, validity of that contract, nor the rules for remedies for its breach and avoidance.⁴ Therefore, these private law rules remain based on national law and are subject to the procedural autonomy of Member States.

As a consequence, conduct of business rules have grown as a comprehensive sectoral regulatory regime without formally replacing or interfering with general private laws enshrined in civil codes and common law. While investment firms should comply with both set of duties, the civil law effects of non-compliance with regulatory duties are not clarified by these directives. In particular, it is not clear if breaches of regulatory duties may give rise to general private law remedies, whether regulatory duties may produce horizontal effects and what the impact of EU law should be in shaping these civil law effects. In fact, the EU does not have its own body of general private law to supplement its sectoral requirements. However, the CJEU in preliminary ruling proceedings has developed several important principles to facilitate the private enforcement of EU derived rights and secure the effectiveness of EU law (ie that EU rules achieve their practical purpose).⁵

It is argued that the application of these judge-made principles (ie duty to conform interpretation, principle of equivalence and effectiveness) may have far-reaching consequences on national private law duties and remedies, namely by giving horizontal (direct and indirect) effects to regulatory duties and requiring national courts to provide effective remedies to ensure that these regulatory duties are effective.

This chapter aims to provide a conceptual framework to examine the potential civil law effects of conduct of business rules. It begins by illustrating the milestones of the EU investor protection regulation (ISD, MiFID I and MiFID II). It will then provide an account of the principles of EU law that may facilitate the private enforcement of conduct of business rules before national courts. Finally, it discusses the Europeanisation of national private law and identifies the normative models that may serve to identify the interactions between general private law and sectoral EU regulatory duties.

The first EU initiative specifically aimed at protecting investors in secondary market transactions is the European Code of Conduct Relating to Transactions in Transferable Securities adopted by the Commission in 1977. The code set out recommendations for financial intermediaries, including disclosure, conflict of interest and best execution rules, in order to promote the effective functioning of securities markets and to safeguard investors’ confidence in the fairness of the market.⁹

In the 1985 White Paper on the completion of the internal market, the Commission underlined the importance of facilitating the exchange of financial products across the European Community to achieve a greater integration in EU financial markets.¹⁰ To achieve this objective, firms who obtained authorisation in their home state, were allowed to provide services across the EU under the supervision of the home state’s authorities (‘single passport’). The single passport was first granted to collective investment schemes,¹¹ then to credit institutions¹² and eventually to investment firms, by the ISD.¹³

This directive was adopted, after long negotiations,¹⁴ with the main aim of fostering integration in investment services markets. In addition to the single passport and minimum authorisation requirements, the ISD laid down the first ‘EU generation’ of conduct of business rules. The final version of the ISD required Member States to draw up rules of conduct which investment firms would observe at all times and which implemented at least seven ‘conduct of business principles’, taking into account the professional nature of the person for whom the service was provided.¹⁵ Conduct of business principles remained under the supervision of the host country with the effect that cross-border transactions remained subject to 12 different conduct of business regimes.¹⁶ For this reason, and given that at the time of ISD’s adoption Member States had already put in place much more detailed conduct of business rules, the impact of the ISD on the harmonisation of national conduct of business rules was minimal.¹⁷

The content of the ISD’s conduct of business principles reflected that of the principles adopted by IOSCO in 1990.¹⁸ The general phrasing of the ISD’s principles aimed to avoid regulatory arbitrage and the risk of interfering with national private laws.¹⁹ Although the conduct of business principles apply to all investment firms irrespective of their business model, the broker-dealer business model, prevalent in continental Europe,²⁰ was eventually reflected in the directive. In fact, investment advice was not included among the financial services, contrary to the view of the the UK and the Commission,²¹ but among the ‘non-core services’, which were not passportable.

The FSAP underlined the urgent need to upgrade the ISD, ‘if it is to serve as the cornerstone of an integrated securities market’ and to reconsider the host country principle for conduct of business rules.²⁴ The Commission indicated in the ‘judicious ex ante harmonisation of conduct of business protection for retail investors, arrangements to facilitate the negotiation, conclusion and arbitration of cross-border contractual relationships’ the priorities for the revision of the ISD.²⁵ The revision of the ISD was also needed to harmonise the divergences arisen across Member States in the implementation of the ISD’s conduct of business principles.²⁶

MiFID I was adopted in 2004, two years after the Commission’s proposal,²⁷ in order to ‘create an integrated financial market, in which investors are effectively protected and the efficiency and integrity of the overall market are safeguarded’.²⁸ MiFID I introduced the notion of retail client and set out specific conduct of business rules, further detailed by the 2006 Commission MiFID I Directive,²⁹ to protect this type of client against misconduct, thus promoting a shift from the prudent saver who ‘invests’ into riskless bank deposits, to the retail client, who is willing to invest into more risky products.³⁰

To foster access to financial markets for investors, MiFID I removed the host state power to implement and supervise conduct of business rules and introduced an, in principle, maximum harmonisation standard for these rules.³¹ Building on the work of CESR,³² MiFID I introduced disclosure, distribution and general product governance rules. In particular, it extended the boundaries of the ISD’s services (by including investment advice) and instruments (by including financial derivatives), introduced differentiated categories of clients (retail, professional and eligible counterparties) and new conduct of business rules (in particular, the suitability and appropriateness rules) calibrated on the type of client, service (advised and non-advised) and financial instrument offered (complex and non-complex).

MiFID I also harmonised the supervisory powers of competent authorities, required Member States to lay d...