Consult: Regulatory Advisory

Regulation, from people
who build the systems.

MiFIR, MiFID II, MAR, DORA. The Ediphy Consult team combines ex-trading-desk, ex-regulator, and engineering backgrounds, advice grounded in operating the infrastructure itself.

At a glance

Why this matters now

Surveillance, post-trade transparency, resilience, concurrent regulatory obligations that require coordinated response.

The FCA's recent supervisory work has made plain that surveillance coverage is patchier than firms believe, entire venues, segments, or product lines escaping monitoring because the surveillance build never kept pace with the trading desk.

MiFIR post-trade and DORA add to the load. The work below is built for firms whose obligations are real, evolving, and concurrent, and who need a regulatory adviser who has designed and operated the surveillance and reporting systems the rules describe, not merely interpreted the requirements in isolation.

SUPERVISORY VIEW

An entire section of a firm's activity, such as a segment of business sent to a particular exchange, might not be monitored.

– FCA · Market Watch 79 (May 2024)

What it covers

Discovery, gap analysis, remediation roadmap.

A regulatory-advisory engagement starts with a structured discovery of the firm's current posture, which regimes bite, which obligations are addressed, which are implicit, and where the gaps sit.

From there a gap analysis scores exposure against each material requirement, and a remediation roadmap prioritises the work: what has to happen before the next reporting window, what can wait, and what needs a project team versus a policy update.

Deliverable-led and deadline-driven.

  • 01 Regime scopingMiFIR, MAR, DORA, host-state regimes. Which obligations bite at this firm's permissions and book?
  • 02 Obligation mappingEach material requirement mapped to the system, policy, or control that addresses it today.
  • 03 Evidence reviewReporting outputs, surveillance alerts, ICT-resilience artefacts, board papers. The artefacts a supervisor would ask for.
  • 04 Gap scoringExposure rated against a defined rubric, distinguishes cosmetic compliance from live risk.
  • 05 Remediation roadmapSequenced backlog: what must happen before the next reporting window, what can wait, what needs a project.
  • 06 Board packA document the audit committee can read, findings evidenced, recommendations costed.
Capabilities

Where we go deep.

Four practice areas where the team has direct build-and-operate experience in the regime infrastructure.

MIFIR

MiFIR post-trade

Post-trade transparency, APA selection, consolidated-tape obligations, and the MiFIR Review provisions as they settle into operational reality. Advice from the team that is managed-services partner for fairCT, the first ESMA-selected bond consolidated tape.

POST-TRADE · APA · CTP

MAR

MAR surveillance

Market abuse regime exposure; STOR obligations, surveillance-system calibration, and the interplay between AI-driven surveillance and supervisory expectations. Technology-literate advice on a technology-sensitive regime.

STOR · SURVEILLANCE

DORA

DORA operational resilience

Operational-resilience mapping, ICT third-party risk, testing regimes, and the board-reporting posture DORA demands. Practical guidance for firms sitting between investment-firm and market-infrastructure classifications.

ICT · TESTING · BOARD

CROSS-BORDER

UK, EU, and US crossover

Firms with cross-border activity across the UK, EU, and US carry exposure across divergent reporting, supervisory, and enforcement frameworks. We help firms build a coherent posture across all three, mapping where the regimes differ and advising on how those differences are likely to evolve.

UK · EU · US

The deliverable

A thorough gap-analysis report.

The headline output is a written gap-analysis report, scoped to the regimes in scope, scored against each material obligation, and evidenced from the artefacts the firm already produces. Designed to be readable by a board audit committee and defensible under supervisory scrutiny.

Every finding cites the artefact that evidences it. Every score points to the rubric that produced it. Every remediation item carries an owner, a sequencing dependency, and an effort indication. The firm owns the document outright.

SAMPLE DELIVERABLE · REGULATORY GAP ANALYSIS

MiFIR / MAR / DORA Gap Analysis, [Client name withheld]

Scored against rubric · Three regimes · Confidential to client
Document type Regulatory Gap-Analysis Report
Total length 40–70 pages
Sections Exec Summary, Regime Scope, Obligations Map, Findings, Scoring, Remediation
Scoring model Per obligation, 1–5 with rubric reference
Evidence Each finding cites the artefact that evidences it
Remediation Owner, dependency, effort estimate, deadline
Sign-off Engagement lead named

Why Ediphy

Advice from operators, not just counsel.

Most regulatory-advisory work is delivered by professional-services firms whose people have never built or run the systems the rules describe.

Our advantage is the inverse, the Consult team includes senior engineers who built the consolidated-tape infrastructure behind fairCT, ex-trading-desk principals who lived the MiFID II transition, and ex-regulator perspectives on what supervisors actually look for. That combination shows up in the deliverables: roadmaps that are buildable, gap analyses that distinguish cosmetic exposure from live risk, and an ability to say "here is what this rule means in code" rather than "here is what the rule says."

Ediphy Consult Big-4 advisory Law firm In-house compliance
Has built the systems the rules describe Variable
Ex-regulator perspective on supervisory expectations Partial Partial
Buildable remediation Partial
No multi-year audit-defence engagement model
Senior throughout, no junior layer Partial Variable