The 6 Areas of EU Regulatory Compliance

Over the years, regulatory frameworks such as MiFID (Markets in Financial Instruments Directive) have undergone significant transformations to address emerging risks and market challenges. These regulations, which have effect within the European Union (EU), not only outline the rights and responsibilities of market participants but also establish standards for transparency, fairness, and investor protection. Central to maintaining regulatory compliance are National Competent Authorities (NCA).

In the case of Cyprus, the NCA is the Cyprus Securities and Exchange Commission (CySEC). These authorities play a crucial role in overseeing market activities, enforcing regulations, and safeguarding the interests of investors and stakeholders. This oversight is particularly important as the financial landscape evolves with market developments and emerging technologies.

Several regulatory developments are imminent and expected to reshape the financial landscape. Among these, the Markets in Crypto-Assets Regulation (MiCA) introduces obligations for Crypto-Asset Service Providers (CASP), providing an oversight in the cryptocurrency market. Additionally, amendments in Transaction Reporting, such as the European Market Infrastructure Regulation (EMIR) Refit, introduce new requirements seeking to enhance transparency and mitigate systemic risks in derivatives trading. These changes reflect a broader trend towards regulatory frameworks designed to address the complexities of modern financial markets.

In this commentary, the SALVUS Regulatory Compliance team lists the 6 main areas out of which most EU compliance requirements are coming from. At the end of this article, we indicate how SALVUS can be of value in identifying interdependencies of and synergies from all regulations and enhancing business through efficient practices and policies.

The 6 areas of regulatory compliance are:

1. Markets in Financial Instruments Directive (MiFID)
2. Markets in Crypto-Assets (MiCA)
3. Transaction Reporting
4. IFR/IFD framework and ICARA process
5. Anti-Money Laundering (AML) & TAX reporting
6. ICT and security risk management

We regularly share bite-sized insights on LinkedIn such as those found in this article

1. Markets in Financial Instruments Directive (MiFID)

Under MiFID, investment firms have several key responsibilities aimed at ensuring investor protection, transparency and market integrity.

Firms shall prioritize the interests of their clients, ensuring that products and services offered are suitable for the client’s needs and risk profile. This includes conducting thorough appropriateness and suitability assessments and providing clear, accurate information about the risks and benefits of the financial products offered.

Transparency is paramount under MiFID II. Firms are required to provide clients with information about the firm, its services, financial instruments, and associated risks. This information must be presented in a manner that is clear, fair, and not misleading, ensuring clients can make informed investment decisions.

Firms are obligated to follow best execution measures, which translates to taking all sufficient steps to obtain the best possible result for their clients when executing orders. This involves considering various factors such as price, costs, speed, likelihood of execution and settlement, size, nature, or any other consideration relevant to the execution of the order.

2. Markets in Crypto-Assets (MiCA)

The MiCA regulation which is expected to come to full force within December 2024, introduces a set of obligations for CASP. These rules intend to enhance market integrity, investor protection, and regulatory oversight. Key obligations under MiCA for CASP include:

Authorization and Registration: With MiCA, individual national permits for CASP registration will no longer exist. Instead, MiCA will introduce one authorization system to be used by all EU competent authorities. This includes meeting strict requirements related to capital reserves, governance structures, and operational resilience.

Prudential Requirements: CASP entities will be subject to prudential requirements designed to ensure their financial stability. These include maintaining adequate capital and liquidity buffers to resist market shocks and ensuring risk management frameworks are in place. Prudential requirements aim to mitigate systemic risks associated with the crypto-asset market.

Reporting and Transparency: CASP entities will be required to maintain thorough records of their activities and transactions and to report this information to regulatory authorities. This includes periodic financial reporting, transaction reporting, and disclosure of any significant operational changes.

3. Transaction Reporting

Key changes are also being observed in the sphere of Transaction Reporting. On the one hand, EMIR Refit, an update to the existing European Market Infrastructure Regulation (EMIR) on derivative transaction reporting, already took effect on April 29th, 2024. Firms with derivative exposure must comply with the new reporting rules.

On the other hand, the recently amended Markets in Financial Instruments Regulation (MiFIR) works in tandem with MiFID II to enhance the transparency and integrity of financial markets. Key changes under MiFIR impacting transaction reporting include:

  • Enhanced transparency requirements
  • Consolidated tape – Real-time trading data
  • Market structure improvements
  • Updating of algorithmic trading regulations
  • Strengthening of investor protection measures
  • Revised position limit framework for commodity derivatives
  • Data reporting simplifications

4. IFR/IFD framework and ICARA process

The Investment Firms Regulation (IFR) and Investment Firms Directive (IFD) introduced a new prudential framework tailored to the risks and business models of investment firms within the EU. Two key obligations within the IFR/IFD framework, can be considered the revised capital and liquidity requirements it introduces, and the Internal Capital Adequacy and Risk Assessment (ICARA) process.

Firstly, the IFR/IFD framework proposes enhanced capital requirements. This means that investment firms are required to hold sufficient capital to cover risks arising from their activities. The capital requirements are calibrated based on the size, complexity and risk profile of the firm. This ensures that firms have adequate financial resources to absorb losses and remail solvent during periods of financial stress.

In addition, ICARA makes mandatory the regular stress testing and scenario analysis to evaluate the impact of severe but plausible events on a firm’s capital and liquidity positions. These exercises help firms understand their vulnerabilities and enhance their preparedness for adverse market conditions.

5. Anti-Money Laundering (AML) & TAX reporting

The landscape of Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) is continuously evolving to counter new and sophisticated financial crimes. In conjunction, tax reporting obligations are being reinforced to enhance transparency and prevent tax evasion. Below, we list the key obligations within the AML/CFT on one hand, and tax reporting on the other hand.

AML/CFT key obligations:

  • Risk-Based Approach
  • Customer Due Diligence (CDD)
  • Suspicious Activity Reporting (SAR)
  • Record Keeping
  • Compliance Monitoring Programs
  • Sanctions Screening

Tax Reporting Obligations

6. Information and Communication Technology (ICT) and security risk management

As digital transformation advances, the focus on Information and Communication Technology (ICT) and security risk management becomes critical. Regulatory frameworks now mandate that firms implement broad systems’ assurance measures to protect against cyber threats and ensure the reliability and security of their IT infrastructure. Such measures include:

  • Robust cybersecurity controls
  • Regular risk assessments
  • Incident response planning
  • Data protection and privacy measures (GDPR)
  • Business continuity and disaster recovery
  • Compliance monitoring and reporting
  • Third-party risk management
  • Employee training and awareness

How can SALVUS support you? 

In the complex landscape of regulatory compliance, firms require expert guidance and customized support to achieve compliance and remain compliant. The SALVUS Regulatory Compliance Team offers bespoke solutions, including the development of policies, procedures tailored to the unique profiles and operational models of businesses. Our team stands ready to assist firms with the timely delivery of their regulatory reporting obligations to the regulator. By leveraging our expertise, firms can navigate confidently regulatory challenges, ensuring compliance while fostering trust and integrity in the financial markets.

Do not hesitate to contact us at info@salvusfunds.com or call us at +357 7000 7898  if you require additional information on achieving Regulatory Compliance or to discuss the needs of your firm.


The information provided in this article is for general information purposes only. You should always seek professional advice suitable to your needs.

Share this post