European regulations
We help clients meet their complex regulatory requirements through a combination of expertise, off-the-shelf assessments and our highly customisable Orbit Risk solution. Contact us to access tailor-made solutions for investment managers and depositary banks exposed to AIFMD and UCITS V, DORA and other European regulations.
Our Market Eligibility Due Diligence is specifically designed to simplify compliance with the EU's UCITS Directive and the UK Financial Conduct Authority's COLL 5.2 Eligible markets regime, and to support asset managers in meeting their UCITS requirements.
Risk and compliance
Investment management firms face a common set of risks, regulations and operational challenges. Orbit Risk’s comprehensive due diligence and monitoring capabilities makes it the perfect solution for assessing your asset managers, IT service providers and other third parties.
We safeguard clients and their communities
Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”
ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."
Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
Insights
5 Key Takeaways from a Deal Hacker: What PE Firms Should Look for When Doing Cyber Deal Due Diligence
Are your private equity deals safe from cybercriminals? The answer is very much ‘no’. Deals are being compromised, money is being lost, and reputations are being affected.
Why Cybersecurity Due Diligence is Critical to Deal Completion
It’s a common story: after months of meticulous financial, operational, and market analysis, a critical finding emerges in the final weeks before deal closure – threatening what seemed like a near-certain transaction with a three-month delay.
DORA Compliance Checklist: Practical Guidance for Q4 and 2026
Our structured, expert-led checklist, will help you to prioritise and demonstrate readiness to supervisors and regulators.
Ransomware at Europe’s Airports: Case for Community-Driven Third Party Risk Management
The recent ransomware attack on Collins Aerospace’s Muse software, which brought chaos to airports across Europe, serves as a stark reminder of a critical gap in how organisations approach Third Party Risk Management (TPRM).
Contact an expert
