How to Stay Compliant with Evolving MAR Regulations

The regulatory landscape is undergoing a significant transformation. The Market Abuse Regulation (MAR) is expanding its reach, encompassing cryptocurrency transactions, alternative data sources, and off-channel communications. This evolution reflects a broader shift towards more comprehensive oversight in financial markets.

Recent actions by regulatory bodies underscore this proactive approach. For instance, in 2023, over 970 administrative sanctions and measures were imposed across EU Member States in the financial sector under ESMA’s purview, amounting to more than €71 million in fines. Notably, the highest amounts of administrative fines were imposed under MAR and MiFID II, highlighting the increasing focus on market abuse enforcement.

These developments signal a clear message: compliance frameworks must evolve in tandem with regulatory expectations. Firms can no longer rely on static systems; instead, they need agile, forward-looking strategies to navigate the complexities of modern compliance.

In this article, we delve into MAR’s future trajectory, exploring anticipated regulatory changes and offering insights on how compliance leaders can stay ahead of these evolving obligations.

The future of MAR regulation updates: What’s coming next?

As financial markets continue to evolve, regulators are looking to keep pace and, in some areas, accelerate by expanding the scope of MAR. For compliance leaders, the question isn’t if obligations will increase but when and how quickly.

Expanding the scope of insider trading

For years, insider trading has been the bane of regulators, but recent MAR regulation updates aim to close enforcement gaps. While relatively easy to identify in theory, successful prosecutions have proved more difficult. As a means of expanding the reach, ESMA is considering expanding the definition of insider trading under MAR to include ‘shadow trading’- where individuals trade securities of economically linked companies using insider information.

This would represent a shift from MAR’s current focus on specific securities and related instruments, aligning EU rules with the approach taken by the SEC in the landmark Panuwat case.

The FCA is also exploring whether to broaden enforcement powers by targeting ‘information chains’ - extending liability beyond direct insiders to those indirectly passing on insider information. This would expand MAR enforcement beyond its current focus on primary insiders and recipients, capturing those facilitating insider trading through multi-level information sharing.

Regulators are also assessing whether algorithmic trading strategies that execute pre-programmed trades influenced by insider knowledge should fall under MAR’s insider trading prohibitions. This would represent an extension of MAR’s current scope, which does not explicitly cover algorithm-driven trades derived indirectly from inside information. If the scope of insider trading is officially expanded, firms will need to monitor “connected” securities, not just issuer securities.

Crypto and digital asset integration

ESMA is working to align crypto-asset oversight with MAR principles by issuing guidelines under the Markets in Crypto-Assets Regulation (MiCA). While MAR itself has not yet been formally extended to cover crypto-assets, these guidelines signal a potential future integration. Expanding MAR-style market abuse monitoring into crypto trading on regulated platforms, where no such coverage previously existed.

While the concept of crypto and digital assets revolves around decentralised ledgers, regulators plan to use digital wallets as market abuse monitoring tools. Compliance systems will need to ingest blockchain transaction data alongside traditional market information to meet regulatory obligations. As a means of controlling trading in crypto and digital assets, there is likely to be significant cross-border cooperation between the UK, EU, and US regulators as future MAR regulation updates increasingly target digital assets.

Communication surveillance tightening

On numerous occasions, FCA Market Watch 79 has helped flag several shortcomings in communication surveillance systems, especially around data gaps, failure to monitor all relevant channels, and thoroughly tested logic. Consequently, the FCA has increased scrutiny of business-related communications on encrypted messaging apps like WhatsApp, Signal, and Telegram, signalling a tightening interpretation of MAR’s communication surveillance obligations.

While no new binding rules have been introduced, this heightened expectation effectively expands enforcement under existing MAR provisions. This requires firms to ensure such channels are captured and monitored, where previously oversight may have been narrower.

We will likely see more enforcement risk under existing MAR provisions where firms fail to capture/retain the relevant communications, both internal and external. There is also a growing focus on BYOD (bring your own device) policies, with the expectation that firms will ensure that communications are recorded for compliance.

In high-risk areas, technology is shifting towards real-time monitoring of communications. Post-event reviews may no longer be enough. This has created a compliance challenge for many companies, integrating a wide range of communication platforms into unified surveillance systems.

Why staying ahead matters: Risk of falling behind

Staying ahead of the compliance curve - especially as MAR regulation updates increase obligations - has many benefits, including reduced risk, less chance of censorship, and more time focusing on client-facing services. Cutting-edge RegTech solutions ensure you are not just up-to-date with your regulatory obligations but also planning for the future.

Upcoming MAR amendments

There is no doubt that MAR is being used as a broad canvas to enhance and increase regulatory protection for clients and markets. This will mean increased reporting obligations for firms, who must prepare systems for today and tomorrow.

AI-driven monitoring

Automated surveillance tools are integral to market abuse detection, leading to faster and more precise enforcement actions. The increasing use of AI and data analytics is making a huge difference, and with machine learning effectively “learning on the job”, this impact will only increase.

Risk of non-compliance

As the regulatory burden increases and market abuse detection systems continually improve, the dangers of non-compliance are growing. Those failing to maintain their internal regulatory framework, leading to non-compliance, can trigger a loss of investor trust, higher regulatory scrutiny and increased audit frequency.

The combined effect is significant, but the financial impact of losing investor trust is far more damaging. There are also other issues to take into consideration, such as:-

• The increase in enforcement penalties
• Management’s responsibility to incorporate “reasonable procedures”
• Failure to automate compliance will give competitors a significant advantage

One of the unsung advantages of today’s RegTech solutions is scalability, the ability to maintain strong compliance as your business grows.

The challenges faced by compliance leaders

Historically seen as removed from everyday business, under an “us and them” shadow, compliance teams are now an integral part of daily activity. They must work closely with colleagues in all departments to create strong foundations and a sustainable regulatory framework.

Keeping pace with regulatory change

It is becoming more evident that legacy systems can have significant limitations, lacking the flexibility to adapt swiftly to regulatory changes. This makes timely updates challenging and often reliant on manual processing. Aside from the obvious time disadvantage, human error can cause serious problems and hinder the adoption of new regulations.

Many companies are also experiencing budgetary pressures, with existing staff often pushed to the limit. This reduces the necessary resources required to fund and carry out upgrades and improvements to existing systems.

Data and communications integration

When creating the growing array of regulatory and compliance reports, a typical compliance team will need to pull data from multiple systems, including:-

• Trading platforms
• Communication surveillance tools
• Market data sources
• Fragmented information silos

This is the price of detached legacy systems, which lack the flexibility and scalability of modern RegTech solutions.

Manual surveillance and alert fatigue

A lack of nuance in legacy surveillance systems often results in high numbers of false positives. This can quickly overwhelm compliance teams, meaning they need to divert attention away from genuine threats to false alerts.

In an area with significant human oversight, the constant influx of alerts can often lead to desensitisation amongst compliance staff. The knock-on effect is the risk of missing critical issues, which could trigger regulatory intervention and deeper investigations. Automating a significant element of the regulatory process improves operational efficiency and accuracy.

How to stay compliant: Proactive strategies for a moving target

Balancing the need to focus on business operations while being acutely aware of growing regulatory liabilities is a challenge, even considering the latest RegTech solutions. However, a proactive approach ensures you are prepared for your obligations today and tomorrow, looking ahead as far as possible.

There are three fundamental pillars which allow compliance teams to navigate the dynamic regulatory landscape, including:

Automated trade and market surveillance

For many companies, trade and market surveillance automation is taken for granted. The ability to adjust thresholds based on market volatility, thereby reducing false positives, is especially important during hectic, turbulent periods.

Many clients leverage our eflow TZTS trade surveillance system, which facilitates conditional parameters tailored to specific trading activities, thereby improving detection accuracy. The key here is to contextualise each firm’s broader regulatory responsibilities, maximising operational efficiency while maintaining full compliance.

Integrated communication surveillance

RegTech systems can now process structured and unstructured data, which is excellent for integrating communication surveillance into existing systems. A unified platform consolidating real-time data from various communication channels, such as email, WhatsApp, Teams, etc., is now possible.

Advanced analytics, such as natural language processing, can also identify sentiment in structured and unstructured data, flagging potentially suspicious behaviour. Technological breakthroughs now make it possible to link specific communications with relevant trades, providing a holistic view of potential market abuse.

Future-ready compliance reporting

Gone are the days of reading through huge regulatory folders to appreciate forthcoming regulatory changes. Implementing systems that automatically update report formats in accordance with ESMA and FCA minimises manual intervention and ensures your systems stay up-to-date.

Another element often overlooked is data enrichment, which can put vital information into context. This ensures the accuracy and completeness of regulatory reports, which can be automatically dispatched to the relevant bodies. Integrating new RegTech solutions with existing systems ensures efficient data management and reporting processes, thereby minimising errors.

By focusing on these three pillars, firms can enhance their compliance posture, reduce operational risks, and stay ahead in a rapidly changing regulatory environment.

Practical next steps for firms

It’s critical to adopt a proactive approach in the face of evolving MAR to ensure full compliance and operational resilience. The following is a basic checklist which outlines actionable steps which will allow you to future-proof your compliance framework:

• Conduct a MAR gap analysis: It’s essential to regularly assess your compliance positioning against the latest ESMA and FCA guidelines, allowing you to address any deficiencies. Our RegTech solutions ensure that your systems are updated with the latest regulatory changes as they are confirmed.
• Map data flows: The seamless integration of order management systems, execution management systems, communication platforms, and market data sources is critical to facilitating comprehensive surveillance.
• Transition to adaptive surveillance systems: Historically, compliance systems have been founded on static rule-based analysis. Today’s RegTech solutions have moved towards more adaptive platforms that can evolve with market conditions and regulatory changes, thereby reducing false positives.
• Establish internal protocols: In addition to ongoing staff training, firms must develop clear escalation and documentation procedures to address suspected market abuse. This ensures that any incidents can be considered promptly and effectively responded to.

Compliance with ever-changing regulations is ongoing and effectively a moving target. However, implementing the above steps can significantly enhance your firm’s compliance capabilities, improve operational efficiency, and give you more time for client-facing services.

Conclusion

Regulators aren’t standing still, and neither can you, as Market Abuse Regulation expands to cover crypto-assets, alternative data, and off-channel communications. One thing is clear: Compliance is no longer a static checkbox exercise; it’s a moving target, and only firms with adaptive, future-ready systems will be able to stay ahead.

The firms winning in this environment aren’t those adding more manual checks or scrambling to retrofit outdated systems. They’re embracing platform-based compliance, reducing false positives, integrating trade and communication surveillance, and updating rules in days, not months.

You’re not just reducing regulatory risk by shifting from reactive to proactive compliance. You’re safeguarding your firm’s reputation, operational resilience, and competitive edge in a world where regulators use AI and data analytics to spot issues faster than ever.
Contact eflow today to discover how our dynamic compliance platform helps you stay ahead of evolving MAR obligations and MAR regulation updates, with less complexity, lower risk, and greater agility.