Market Surveillance for MiCA Class 3 Operators: Eventus vs Trillium vs Solidus Labs (2026)

MiCA¹^[1] imposes market-integrity surveillance obligations on Class 3 operators — exchanges, custodians-with-trading, and any CASP operating an order book or matching engine. Article 78 mandates systems and controls to detect and prevent wash trading, layering, spoofing, front-running, insider dealing, and manipulative practices — the same regulatory perimeter that has applied to traditional MiFID II venues for a decade, now extended to crypto.

In practice, this means a Class 3 CASP must run a market-surveillance system that produces defendable alerts — alerts that hold up under regulator inspection, that scale with order-book volume, and that cover the specific manipulation typologies the supervisor cares about. Three vendors dominate this market for institutional crypto operators in 2026: Eventus, Trillium, and Solidus Labs. Each has a recognisable strength and a recognisable weakness.

This is the practitioner comparison: the regulatory framing under MiCA Article 78, the three vendors at a glance, vendor-by-vendor pros and cons, the detection-depth matrix, integration considerations, pricing models, and a decision tree.

Article 78 requires Class 3 CASPs operating a trading platform to:

• Maintain effective arrangements, systems and procedures to detect and report market abuse.

• Run automated surveillance with alerting calibrated to typology-specific thresholds.

• Maintain an STOR (Suspicious Transaction and Order Report) regime — discoverable, reportable to the home NCA without delay.

• Retain order, trade and surveillance data for a minimum of five years, in a format inspectable by the supervisor.

• Document tuning rationale: every threshold change, every alert dismissal pattern, every typology calibration.

ESMA² technical standards underpin the supervisory expectations. The substance test is whether the surveillance regime is materially equivalent to the MAR-aligned surveillance running at any MiFID II venue, adapted to the trading microstructure of crypto markets.

Eventus³^[3] — the institutional incumbent. The Validus platform serves traditional exchanges, broker-dealers, and a growing roster of regulated crypto venues. Strongest brand recognition with regulators, deepest detection-typology library inherited from equities and futures markets, and the most mature institutional sales motion of the three. Headquartered in Austin, Texas, with European presence in London.

Trillium⁴^[4] — the surveillance arm of Trillium Management, with the Surveyor platform. New York-headquartered, with deep equities-market lineage. Strong on detection-quality and analyst tooling; the platform is built around the surveillance analyst's workflow rather than around configurable rules-engine depth. Smaller crypto footprint than Eventus or Solidus but a credible institutional alternative for hybrid venues running both equities and crypto.

Solidus Labs⁵^[5] — the crypto-native challenger. New York-headquartered, founded 2018, built for digital-asset markets from the ground up. Strongest on cross-venue and on-chain detection, deepest crypto-specific typology library, and the most aggressive cadence of typology releases. The right fit when crypto-native depth is decisive; the trade-off is a thinner equities-market track record than the other two.

Self-trading, related-party trading, circular volume that creates the appearance of liquidity. All three vendors detect this. Solidus has the strongest cross-account and on-chain wash-detection because of native blockchain integration; Eventus has the most-tested typology calibration from years of equities and futures markets; Trillium provides the cleanest analyst review surface.

Order placement intended to influence price without intention to execute. Eventus and Trillium both bring extensive layered-detection from equities markets; Solidus has built crypto-specific calibration that handles the materially different microstructure (24/7, fragmented liquidity, lower order density). At Class 3 venues with tight spreads and high order-book churn, calibration matters more than typology library size.

All three vendors handle pattern-detection on order-flow precedence. The crypto-specific challenge is detecting front-running across venues — particularly when the upstream signal is on-chain (token-listing announcement, large wallet movement) rather than off-chain. Solidus has the strongest cross-venue and on-chain integration; Eventus and Trillium are catching up but require the venue to feed external signals into the platform.

Coordinated buying or selling intended to create false price signals. The crypto-specific dimension is social-media coordination (Telegram pump groups, Discord channels) that operates outside the venue's data feeds. Solidus integrates third-party social-signal feeds; Eventus and Trillium typically rely on the venue's own ingestion.

Activity at venue A intended to manipulate prices at venue B. The detection requires correlated views across venues — typically through shared customer relationships or wallet-level on-chain linking. Solidus's clearest competitive advantage. Eventus and Trillium handle cross-venue with venue cooperation; Solidus handles it via on-chain forensics natively.

Eventus is the multi-asset surveillance platform of choice for traditional exchanges, broker-dealers and a growing roster of regulated crypto venues. The Validus platform brings 15+ years of typology development from equities, futures, FX and options markets, retrofitted progressively into crypto.

• Strongest regulator credibility — Eventus is recognised by ESMA, FCA, NFA, MAS, and the institutional alphabet of supervisory bodies.

• Deepest typology library inherited from multi-asset markets — over 100 detection scenarios across asset classes.

• Mature analyst workflow with strong case-management, evidencing, and STOR-generation tooling.

• Multi-asset coverage — right fit for hybrid venues running spot crypto + derivatives + traditional markets.

• Enterprise-grade SLAs, security certifications, and operational maturity.

• Crypto-specific calibration is a workstream — typologies were originally designed for equities and futures and require tuning for crypto microstructure.

• On-chain integration is shallower than Solidus — feasible but requires the venue to bring in external on-chain feeds.

• Higher pricing tier; commercial structure favours larger venues with multi-asset complexity.

• Implementation timeline is longer than Solidus — expect 4–6 months from contract to production at full Class 3 coverage.

Trillium Surveyor is the surveillance arm of Trillium Management, with deep equities-market lineage and a sister broker-dealer business that informs typology design. The platform is purpose-built around the surveillance analyst's workflow rather than around configurable rules-engine depth — alerts are higher-quality on average, with lower false-positive rates than its competitors at comparable venue size.

• Best alert-quality ratio of the three — false-positive rates materially lower at comparable detection coverage.

• Excellent analyst-workflow tooling: case management, alert linkage, evidence collection, STOR-drafting all inline.

• Strong fit for venues already running equities or hybrid order-flow.

• Competitive pricing in the mid-tier — well below Eventus for comparable Class 3 coverage.

• Smaller crypto-venue track record than Eventus or Solidus.

• On-chain integration is the weakest of the three — minimal native blockchain forensics.

• Smaller European footprint and EU-supervisor brand recognition than Eventus.

• Cross-venue detection requires more customer-driven configuration than Solidus.

Solidus Labs was built crypto-native from inception in 2018 and is the platform of reference for many native digital-asset venues. The HALO platform integrates on-chain analytics, off-chain order-book surveillance, and cross-venue correlation in a single architecture. The trade-off is thinner traditional-markets pedigree — Solidus is a crypto-first vendor, not a multi-asset incumbent.

• Crypto-native by design — typologies calibrated for digital-asset microstructure from the start.

• Native on-chain integration — wallet-level forensics, cross-chain bridging analysis, smart-contract event monitoring.

• Strongest cross-venue manipulation detection — the architecture supports correlated detection across multiple CASPs natively.

• Faster typology release cadence than the more enterprise-bound competitors.

• Implementation timelines materially shorter — 8–12 weeks to production at full Class 3 coverage is achievable.

• Less institutional-incumbent brand recognition with traditional supervisors and bank counterparties — though this is shifting fast.

• Multi-asset coverage is narrower than Eventus — not a fit for hybrid venues with substantial equities or futures activity.

• Younger company; some larger venues prefer the operational track record of multi-decade incumbents.

• Pricing has tightened materially as the product has matured — early-stage cost advantage is narrowing relative to Trillium.

All three vendors integrate via FIX, kafka, REST, or proprietary streaming protocols. Practical considerations:

• Order and trade data feed: full event-level granularity, not aggregated. Time-stamp precision to microseconds.

• Customer reference data: account-level KYC linkage, related-account graphs, beneficial ownership where applicable.

• On-chain data feed: wallet linkage, deposit and withdrawal address attribution. Native at Solidus; partner-integration at Eventus and Trillium.

• Alert routing into existing case-management and SAR-filing workflows.

• Audit-trail retention: minimum five years, supervisor-inspectable.

All three vendors price on a combination of platform-licence fee + per-venue or per-trade-volume tier. Indicative annual ranges for a mid-sized Class 3 venue:

• Eventus: $300k–$800k+ annual depending on asset coverage and venue size; multi-year commitment standard.

• Trillium: $200k–$500k annual; flexible commercial structure on smaller venues.

• Solidus Labs: $180k–$450k annual; pricing has tightened as the product has matured.

These are indicative ranges only. Actual pricing varies by asset coverage, trade-volume tier, on-chain feed inclusion, and negotiated terms. Get firm written pricing on a defined trading-volume forecast before committing.

• Hybrid venue with significant traditional-markets activity, large EU institutional book, supervisor-credibility critical → Eventus.

• Mid-sized venue, alert quality and analyst-workflow are the priority, no significant on-chain detection requirement → Trillium.

• Crypto-native venue, on-chain forensics central, cross-venue manipulation is the dominant risk, fast deployment matters → Solidus Labs.

• Larger CASPs sometimes run hybrid: Eventus for the multi-asset surveillance + Solidus for on-chain typologies, with results consolidated into one case-management system.

Mandatory for Class 3 operators — those operating a trading platform under MiCA. Class 1 (advice/marketing) and Class 2 (execution/portfolio) CASPs have lighter obligations focused on order-handling rather than market integrity. The substance bar is determined by Article 78 and ESMA technical standards.

Technically possible, rarely sensible. The vendors have invested decades and hundreds of millions of dollars into typology libraries, calibration, and analyst tooling. Building equivalent depth in-house typically costs more than vendor fees and produces a worse outcome at supervisor inspection. The exception: very large, technically-sophisticated venues with dedicated quantitative-surveillance teams.

Market surveillance and AML transaction monitoring are separate functions. Surveillance focuses on market integrity (manipulation, insider dealing); TM focuses on AML/CTF (mixers, sanctions, structured deposits). Some vendors offer integrated platforms; most CASPs run separate vendors with consolidated case management.

A Suspicious Transaction and Order Report — filed to the home NCA without delay when the venue identifies suspected market abuse. The substance bar is documented suspicion; the venue is not the prosecutor. Filing cadence is one of the supervisor's clearest indicators that the surveillance function is operating; zero STORs in 12 months is itself a flag.

MAR⁶^[6] applies to crypto-assets that are also financial instruments — security tokens, tokenised funds, certain derivative products. MiCA's surveillance obligations are calibrated to be materially equivalent. CASPs handling both should treat the controls as a unified regime rather than two parallel ones.

• MiCA Compliance Guide for CASPs — the Class 3 authorisation framework that triggers Article 78 surveillance.

• AML Compliance for Crypto Firms — the parallel TM regime that runs alongside market surveillance.

• AML Audit for a Regulated Crypto Firm — the audit will increasingly score Article 78 surveillance alongside the AML programme.

• Bank Diligence File for a Regulated Crypto Firm — banks now expect Article 78 surveillance evidence in CASP diligence.

• Compliance Advisory — our service: surveillance vendor selection, threshold tuning, supervisor preparation.

Market surveillance is the most operationally demanding obligation a Class 3 CASP runs in 2026. The platform decision is foundational; the calibration decision is continuous. Pick the vendor whose strengths match the firm's risk profile, run a 60-day shadow-mode evaluation against real order flow, document every threshold change with rationale, and file STORs when the typology fires. The supervisor's question is not whether the vendor is best-in-class; it is whether the surveillance regime is materially effective at preventing market abuse on your venue.