Does MiFID II require GPS for clock synchronization?

No. RTS 25 (Commission Delegated Regulation (EU) 2017/574) is technology-neutral: it sets a maximum divergence from UTC and a timestamp granularity, not a protocol or a hardware vendor. Article 1 explicitly allows synchronizing business clocks either to the UTC issued by the timing centres listed in the BIPM Annual Report on Time Activities, or to UTC disseminated by a satellite system (GNSS) provided any offset from UTC is accounted for and removed. GNSS is the common way to reach the strictest 100 microsecond tier, but it is a means, not a legal requirement.

What is the MiFID II 100 microsecond rule?

The 100 microsecond figure is the strictest of several tiers, not a blanket requirement. Under RTS 25 it applies to two cases: operators of trading venues whose trading-system gateway-to-gateway latency is 1 millisecond or less (Annex, Table 1), and members or participants using a high-frequency algorithmic trading technique (Annex, Table 2). In both cases the maximum divergence from UTC is 100 microseconds and the timestamp granularity must be 1 microsecond or better. Slower activities have looser tiers: 1 millisecond or even 1 second.

Who must comply with RTS 25?

RTS 25 binds two populations under Article 50 of MiFID II (Directive 2014/65/EU): operators of trading venues (regulated markets, MTFs, OTFs), governed by Table 1 of the Annex based on gateway-to-gateway latency; and the members or participants of those venues (investment firms trading on them), governed by Table 2 based on the type of trading activity. The applicable tier is determined per system or per activity, not per firm.

Is NTP enough for MiFID II clock synchronization?

It depends on the tier. RTS 25 does not name a protocol, so the question is whether your time distribution can demonstrably hold the divergence your tier requires. A well-engineered NTP/NTS deployment can reasonably hold the 1 second and 1 millisecond tiers. The 100 microsecond tier (HFT technique, or sub-millisecond-latency venues) is generally beyond software NTP over a shared LAN and typically requires PTP (IEEE 1588) and/or GNSS-disciplined sources with hardware timestamping. What matters legally is the documented, traceable proof of divergence, not the acronym.

How does RTS 25 differ from MiFID II transaction-reporting timestamps?

RTS 25 (2017/574) governs the accuracy of the business clock itself — how close it stays to UTC and how finely it stamps. The content and submission of timestamps is governed by other technical standards: RTS 22 (Commission Delegated Regulation (EU) 2017/590) for transaction reporting under Article 26 of MiFIR, and RTS 24 (Commission Delegated Regulation (EU) 2017/580) for the order record-keeping data that trading venues must maintain. RTS 25 is the foundation: if the clock is not traceable and within tier, every timestamp produced under RTS 22 and RTS 24 inherits that defect.

MiFID II Clock Synchronization | RTS 25 Business Clock Accuracy (2017/574)

Published 19 June 2026 · By Richard DEMONGEOT, RDEM Systems · Target audience: heads of trading technology, market-infrastructure compliance officers, CISOs and time-engineering teams at investment firms and trading venues subject to MiFID II.

1. Scope: who RTS 25 binds, and to which table

"RTS 25" is Commission Delegated Regulation (EU) 2017/574, the regulatory technical standard on the level of accuracy of business clocks. It supplements Directive 2014/65/EU (MiFID II), whose Article 50 requires that the business clocks used to record the date and time of reportable events be synchronized.

It binds two distinct populations, each governed by a different table of the Annex:

Operators of trading venues — regulated markets, MTFs and OTFs. Their tier (Annex, Table 1) is set by the gateway-to-gateway latency of each trading system.
Members or participants of a trading venue — the investment firms trading on those venues. Their tier (Annex, Table 2) is set by the type of trading activity.

2. The core obligation — traceable to UTC, within tier

The obligation has two measurable dimensions, set per applicable tier:

Maximum divergence from UTC — how far the business clock may drift from Coordinated Universal Time at the instant a timestamp is applied.
Granularity of the timestamp — the smallest time unit the recorded timestamp must resolve (1 second, 1 millisecond, or 1 microsecond).

Both are anchored to UTC, and the reference is specified in Article 1:

Operators of trading venues and their members or participants shall synchronise the business clocks they use to record the date and time of any reportable event with the Coordinated Universal Time (UTC) issued and maintained by the timing centres listed in the BIPM Annual Report on Time Activities. … may also synchronise … with UTC disseminated by a satellite system, provided that any offset from UTC is accounted for and removed from the timestamp. — Article 1, Reg. (EU) 2017/574

Two consequences follow directly. First, a free-running clock — however stable — is non-compliant: the requirement is divergence from UTC, an external reference, not internal stability. Second, if you derive time from GNSS, the GNSS-to-UTC offset must be documented and removed, not assumed to be zero.

3. The two tiered accuracy tables

These two tables, from the Annex of Reg. (EU) 2017/574, are the heart of the standard. Find your row, and you have your divergence budget and granularity.

Table 1 — Operators of trading venues (criterion: gateway-to-gateway latency)

Gateway-to-gateway latency of the trading system	Maximum divergence from UTC	Granularity of the timestamp
> 1 millisecond	1 millisecond	1 millisecond or better
≤ 1 millisecond	100 microseconds	1 microsecond or better

"Gateway-to-gateway latency" is the time a venue's matching system takes from receiving a message at one gateway to transmitting at another. A sub-millisecond matching engine pulls the venue into the 100 µs tier.

Table 2 — Members or participants (criterion: type of trading activity)

Type of trading activity	Maximum divergence from UTC	Granularity of the timestamp
Activity using a high-frequency algorithmic trading technique	100 microseconds	1 microsecond or better
Activity on voice trading systems	1 second	1 second or better
Activity on request for quote systems where the response requires human intervention or where the system does not allow algorithmic trading	1 second	1 second or better
Activity of concluding negotiated transactions	1 second	1 second or better
Any other trading activity	1 millisecond	1 millisecond or better

4. Traceability to UTC and the annual review

Hitting the number is not enough; you must be able to prove it on demand. Article 4 makes traceability and documentation a standing obligation:

Operators of trading venues and their members or participants shall establish a system of traceability to UTC. They shall be able to demonstrate traceability to UTC by documenting the system design, functioning and specifications. They shall be able to identify the exact point at which a timestamp is applied and demonstrate that the point within the system where the timestamp is applied remains consistent. … shall review the compliance … at least once a year. — Article 4, Reg. (EU) 2017/574

In practice, "traceability to UTC" means an unbroken, documented chain from your business clock back to a recognised realisation of UTC — a UTC(k) maintained by a national metrology institute, for example UTC(OP) at LNE-SYRTE, Observatoire de Paris, or UTC(PTB), UTC(NPL), UTC(NIST) — or to GNSS-disseminated UTC with the offset documented and removed. The chain, the timestamp-application point, and the measured divergence must all be written down, and the whole thing re-reviewed at least annually.

5. A compliant reference topology

The architecture that maps cleanly onto Article 4 is a supervised GNSS-disciplined Stratum 1 layer, a documented distribution layer, and a recorded accuracy budget end to end:

        ┌───────────────────────────────────────────────┐
        │  Reference: UTC realisation                    │
        │  ─────────────────────────────────────────────  │
        │  GNSS (multi-constellation) + PPS              │
        │  offset-to-UTC documented & removed            │
        │  cross-check vs UTC(k) national lab            │
        └─────────────────┬─────────────────────────────┘
                          │  PPS-disciplined, supervised
                          ▼
        ┌───────────────────────────────────────────────┐
        │  Stratum 1 time servers (redundant, peered)    │
        │  ─────────────────────────────────────────────  │
        │  hardware timestamping for the 100 µs tier     │
        │  NTS for authenticated software distribution   │
        └─────────────────┬─────────────────────────────┘
                          │  per-tier distribution
                          ▼
        ┌───────────────────────────────────────────────┐
        │  Timestamping points (the recorded clock)      │
        │  ─────────────────────────────────────────────  │
        │  Matching engine / OMS / gateway / capture     │
        │  divergence measured & logged continuously     │
        └───────────────────────────────────────────────┘

This is exactly the kind of supervised Stratum 1 infrastructure RDEM Systems operates and documents — a GNSS-disciplined, PPS-supervised reference with a recorded accuracy budget. The reference design and the server role are described on the hub: the RDEM time infrastructure and the Stratum 1 server reference. For the authenticated distribution layer, see NTS (RFC 8915).

6. Which protocol for which tier (NTP, NTS, PTP, GNSS)

RTS 25 names no protocol. It is deliberately technology-neutral — it sets an outcome (divergence + granularity) and demands proof. The engineering question is simply which distribution method can demonstrably hold your tier:

Tier	Typical realistic means	Notes
1 second	Software NTP / NTS	Comfortably achievable; the constraint is operational, not technical.
1 millisecond	Well-engineered NTP / NTS on a controlled LAN	Achievable with disciplined sources, low-jitter paths and continuous measurement. Authenticate the source with NTS.
100 microseconds	PTP (IEEE 1588) and/or GNSS with hardware timestamping	Generally beyond software NTP over a shared network; needs hardware timestamping and a tightly controlled path.

7. Evidence pack for the regulator

Assemble and keep current — Article 4 makes this a living file, reviewed at least annually:

System design document. The full traceability chain from business clock back to a UTC realisation, with the timestamp-application point identified.
Tier determination. For each system/activity, the applicable Table 1 or Table 2 row and the rationale (measured gateway-to-gateway latency, or the trading-activity classification).
Reference proof. The UTC source in use (UTC(k) lab or GNSS), and — for GNSS — documentation that the offset to UTC is accounted for and removed.
Divergence measurement. Continuous or sampled records showing measured divergence stays within tier, with the methodology.
Granularity proof. Evidence that recorded timestamps resolve to the required unit (1 s / 1 ms / 1 µs).
Annual review. Dated record of the at-least-annual compliance review and any corrective actions.
Source validation. Output of the Online NTP Validator against each external source — stratum, offset, refID, dual-stack reach — captured for the file.

8. RTS 25 vs RTS 22 / RTS 24 — don't confuse them

Three MiFID II / MiFIR technical standards touch "time", and regulators expect you to keep them distinct:

Standard	Regulation	What it governs
RTS 25	(EU) 2017/574	Accuracy of the business clock — divergence from UTC and granularity (this page).
RTS 22	(EU) 2017/590	Transaction reporting to the competent authority under Article 26 of MiFIR — including the trading date and time field.
RTS 24	(EU) 2017/580	Order record-keeping data that trading venues must maintain at the disposal of the competent authority.

RTS 25 is the foundation the other two stand on: RTS 22 and RTS 24 prescribe what timestamp to record and where to send it, but the timestamp is only as good as the clock that produced it. For the supervisory interpretation of the borderline cases, the ESMA Q&A on MiFID II and MiFIR market-structures topics is the reference. To position RTS 25 alongside ISO 27001, NIS 2, PCI-DSS and DORA in one place, use the NTP audit checklist; for the financial-sector resilience angle, see the companion DORA time-synchronization guide.

Different angle? Use the right tool:

Measure jitter, offset, latency → ntp-tester.eu
Diagnose firewall / port 123 / daemon → check-ntp.net
Enterprise reference architecture → ntp.rdem-systems.com