Source: OJ L, 2025/885, 20.8.2025

Current language: EN

Annex STOR template

Please note that all fields in Sections 1-4 are mandatory. Where information cannot be provided for a specific field, please indicate ‘NA’ and briefly explain the reasons thereof.

SECTION 1 – IDENTITY OF ENTITY/PERSON SUBMITTING THE STOR

Persons professionally arranging or executing transactions in crypto assets – Specify in each case:

Name of the natural person

[First name(s) and surname(s) of the natural person in charge of the submission of the STOR within the submitting entity.]

Position within the reporting entity

[Position of the natural person in charge of the submission of the STOR within the submitting entity.]

Name of the reporting entity

[Full name of the reporting entity, including for legal persons:

  • the legal form as provided for in the register of the country pursuant to the law of which it is incorporated, where applicable, and

  • the Legal Entity Identifier (LEI) code in accordance with ISO 17442 LEI code.]

Address of the reporting entity

[Full address (e.g. street, street number, postal code, city, state/province) and country.]

Acting capacity of entity with respect to the orders, transactions or behaviours related to the functioning of the DLT that could constitute market abuse

[Description of the capacity in which the reporting entity was acting with regards to the order(s), transaction(s) or behaviour(s) related to the functioning of the distributed ledger technology that could indicate the existence of market abuse, e.g. executing orders on behalf of clients, operating a trading platform ...]

Type of trading activity (market making, arbitrage etc.) and type of crypto-asset traded by the reporting entity

[Description of any corporate, contractual or organisational arrangements or circumstances or relationships.]

Contact for additional request for information

[Person to be contacted within the reporting entity for additional request for information relating to this report (e.g. compliance officer) and relevant contact details, if not the same as person in charge of the submitting of the STOR:

  • first name(s) and surname(s),

  • position of the contact person within the reporting entity,

  • professional email address,

  • professional phone number.]

Have the facts already been reported to public authorities?

Please state whether the facts have already been reported to public authority (and in that case indicate the name of the authority).

SECTION 2 – TRANSACTION/ORDER/BEHAVIOUR AND OTHER ASPECTS RELATED TO THE FUNCTIONING OF THE DISTRIBUTED LEDGER TECHNOLOGY

Description of the crypto-asset:

Describe the crypto-asset(s) which is the subject of the STOR, specifying:

  • the full name (including Digital Token Identifier (DTI) in accordance with ISO 24165-2 or an equivalent unique identifier as referred to in Article 15 of Commission Delegated Regulation (EU) 2025/1140(1)Commission Delegated Regulation (EU) 2025/1140 of 27 February 2025 supplementing Regulation (EU) 2023/1114 of the European Parliament and of the Council with regard to regulatory technical standards specifying records to be kept of all crypto-asset services, activities, orders and transactions undertaken (OJ L, 2025/1140, 10.6.2025, ELI: http://data.europa.eu/eli/reg_del/2025/1140/oj). specifying records to be kept of all crypto-asset services, activities, orders and transactions undertaken) or description of the crypto-asset in the absence of DTI. Where the suspicious behaviour involves a trading pair, please list both crypto-assets in the pair,

  • the type of crypto-asset (asset-referenced token (ART), e-money token (EMT), other crypto-asset) and for ARTs and EMTs, the value, right or official currency (or combination thereof) which the crypto-asset references in order to maintain a stable value.

Name(s) of the distributed ledger(s):

[Provide the full name(s) of the distributed ledger(s) where the suspicious behaviour was observed]

Trading platform where order was placed or the transaction was executed

[Specify name and Market Identifier Code (MIC) in accordance with ISO 10383 to identify the trading platform where the order was placed or the transaction was executed.

Where the order/transaction was not identified in a trading platform, please mention ‘outside a trading platform’ and the LEI of the crypto-asset service provider that carried out the transaction where applicable.]

Location (country)

[Full name of the country and the ISO 3166-1 two-character country code.]

[Specify where:

  • the order is given

  • the transaction is executed,

  • the behaviour related to functioning of the distributed ledger technology takes place.]

Description of the order, transaction or suspicious behaviour related to the functioning of the DLT

[Describe at least the following characteristics of the order(s) transaction(s) or behaviour(s) reported:

  • date(s) and time(s) of the order(s), transaction(s) or behaviour(s). (Dates and times should be reported in UTC per the format in ISO 8601).

  • transaction reference number or order reference number or transaction hash.

  • settlement date and time,

  • purchase price/sale price,

  • volume/quantity of crypto-assets,

  • for orders only, the type of order (e.g. ‘buy with limit EUR x’)],

[Where there are multiple orders or transactions that could constitute market abuse the details on the prices and volumes of such orders and transactions can be provided to the competent authority in an Annex to the STOR.]

  • Information on the order cancellation or alteration including:

    • the nature of the alteration (e.g. change in price or quantity) and the extent of the alteration,

      [Where there are multiple orders or transactions that could constitute insider dealing, market manipulation or attempted insider dealing or market manipulation, the details on the prices and volumes of such orders and transactions can be provided to the competent authority in an Annex to the STOR.]

    • the means to alter the order (e.g. via email, phone, etc.).

In case of reporting a suspicious behaviour related to the functioning of the distributed ledger, please provide as much detail as possible, including the impact it had on the validation of transactions and the method used to alter the functioning of the DLT.

SECTION 3 – DESCRIPTION OF THE NATURE OF THE SUSPICION

Nature of the suspicion

[Specify the type of breach based on which the reported order(s), transaction(s), behaviour(s) related to the functioning of the DLT, could constitute market abuse].

Reasons for the suspicion

[Description of the activity (transactions and orders, way of placing the orders or executing the transaction and characteristics of the orders and transactions that make them suspicious, behaviours related to the functioning of the DLT) and how the matter came to the attention of the reporting person and specify the reasons for suspicion.

For crypto-assets admitted to trading on/traded on a trading platform, a description of the nature of the order book interaction/transactions that could constitute market abuse.]

SECTION 4 – IDENTIFICATION OF PERSON(S) RESPONSIBLE FOR THE ORDERS, TRANSACTIONS OR BEHAVIOUR RELATED TO THE FUNCTIONING OF THE DISTRIBUTED LEDGER TECHNOLOGY THAT COULD CONSTITUTE MARKET ABUSE (‘SUSPECTED PERSON’)

Name

[For natural persons: the first name(s) and the last name(s).]

[For legal persons: full name including legal form as provided for in the register of the country pursuant to the laws of which it is incorporated, where applicable, and Legal Entity Identifier (LEI) code in accordance with ISO 17442.]

National Identification Number

[Number and/or text].

[Where the National Identification Number is not applicable or known, provide a date of birth (for natural persons only) in the ISO 8601 format]

Address

[Full address (e.g. street, street number, postal code, city, state/province) and country.]

Information about the employment: – Place – Position

[Information about the employment of the suspected person, from information sources available internally to the reporting entity (e.g. account documentation in case of clients, staff information system in case of an employee of the reporting entity).]

Account number(s) and wallet address(es)

[Numbers of the cash account(s), any joint accounts or any Powers of Attorney on the account the suspected entity/person holds.

Wallet address(es) involved in the transaction or suspected behaviour]

Client identifier

[In case the suspected person is a client of the reporting entity.]

Relationship with the issuer of the crypto-asset concerned

[Description of any corporate, contractual or organisational arrangements or circumstances or relationships]

SECTION 5 – ADDITIONAL INFORMATION

Other information relevant to the report, depending on the activity

[The following list is indicative and not exhaustive. Other information deemed useful by the reporting person may be provided where relevant to the STOR.]

  • the position of the suspected person (e.g. retail client, institutions),

  • the nature of the suspected entity’s/person’s intervention (on own account, on behalf of a client, validator of transactions in a distributed ledger system, other).

  • Where the suspected behaviour is conducted on a DLT, other relevant information may include:

    • whether the transaction passed through a public or private (encrypted) queue of transactions (i.e. mempool) before it was validated on the DLT;

    • whether the DLT is public (permissionless) or private (permissioned);

    • potential interactions with smart contracts, including specification of the contract address and the function called;

  • the size of the suspected entity’s/person’s portfolio,

  • the date on which the business relationship with the client started if the suspected entity/person is a client of the reporting person/entity,

  • the type of activity of the trading desk, where available, of the suspected entity,

  • trading patterns of the suspected entity/person. For guidance, the following are examples of information that may be useful:

    • trading habits of the suspected entity/person,

    • comparability of the size of the reported order/transaction with the average size of the orders submitted/transactions carried out by the suspected entity/person for the past 12 months,

    • habits of the suspected entity/person in terms of crypto-assets it has traded for the past 12 months, in particular whether the reported order/transaction relates to a crypto-asset which has been traded by the suspected entity/person for the past year.

  • Other entities/persons known to be involved in the orders or transactions of which could constitute market abuse:

    • names,

  • activity (e.g. executing orders on behalf of clients, dealing on own account, operating a trading platform, validating transactions.)

SECTION 6 – DOCUMENTATION ATTACHED

[List the supporting attachments and material together provided with this STOR].

[Examples of such documentation are e-mails, recordings of conversations, order/transaction records, distributed ledger technology records, confirmations, broker reports, Powers of Attorney documents, and comment by media where relevant.

Where the detailed information about the orders/transactions/behaviours related to the functioning of the distributed ledger technology referred to in Section 2 is provided in a separate annex, indicate the title of that annex.]

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod