Retail crime in the UK has reached levels that can no longer be absorbed as a routine cost of trading. The British Retail Consortium’s most recent annual crime report recorded £1.8 billion in losses from customer theft alone, a figure that does not include staff theft, criminal damage, or the operational costs of managing incidents. For individual retailers, those losses translate directly into reduced margins, higher insurance premiums, and pressure on staff who deal with the consequences daily.

The most effective strategy for delivering measurable results in retail security is manned guarding London. Rather than relying on alarms, CCTV, or electronic article surveillance in isolation, businesses benefit from trained, SIA-licensed operatives who are physically present and operationally engaged. These professionals are uniquely capable of identifying and responding to criminal activity before a theft is even completed.

1. The Scale of UK Retail Crime

Understanding the financial scale of the problem is the starting point for any retail security conversation. The BRC’s 2023 crime survey recorded 16.7 million incidents of customer theft across UK retail, an average of 45,000 incidents per day. That figure represents a 26% increase on the previous year.

Beyond the headline figures, 3 specific trends characterise the current retail crime environment: a significant increase in organised retail crime groups operating across multiple locations, a marked rise in violence and abuse directed at retail staff during theft incidents, and a growing sophistication in the concealment and removal methods used by experienced offenders. Each of these trends demands a security response that goes beyond passive deterrence.

2. How Organised Retail Crime Differs from Opportunist Theft

Opportunist theft, an individual concealing an item and walking out, has always been part of the retail risk landscape. Organised retail crime is a different category entirely. Organised groups operate with assigned roles, predetermined targets, and practised concealment methods. They conduct reconnaissance visits before a theft operation. They identify which stores have trained security and which rely on technology alone.

The financial impact of a single organised retail crime operation can exceed £5,000 in a single visit  across electronics, clothing, spirits, and health and beauty categories that are consistently targeted. A store that experiences 3 or 4 such operations per month faces annual losses that exceed the entire cost of a full-time security operative.

3. What a Retail Security Operative Actually Does

A properly deployed retail security operative performs 5 functions that directly reduce losses: deterrence through visible presence, behavioural observation on the retail floor, access and egress management at entry points, incident management when theft is identified, and post-incident reporting that creates a record for insurance and law enforcement purposes.

The behavioural observation function is the most important and the most often underestimated. Trained operatives learn to identify the specific pre-theft behaviours, the reconnoitring pattern, the concealment preparation, and the distraction setup that precede the majority of organised retail theft operations. Identifying these behaviours and responding early prevents the theft.

4. The Staff Safety Dimension

The BRC’s 2023 survey recorded over 850 incidents of violence and abuse against retail workers every single day. Behind that number are individual members of staff who were threatened, physically assaulted, or verbally abused while doing their jobs.

A trained, SIA-licensed operative on the retail floor is the most effective mitigation for staff-directed violence. Their presence deters the category of offenders who become aggressive when challenged. Their conflict management training means that when aggression does occur, it is managed by someone qualified to manage it, not by a member of staff with no training and a legal obligation to stay safe.

5. Location-Specific Retail Crime Profiles

Retail crime does not have a uniform profile across the UK. City centre locations face different organised crime patterns from market towns. University towns face distinct seasonal peaks. High street locations face different risk profiles from out-of-town retail parks.

For retailers in smaller UK cities and market towns, working with providers who understand the local crime environment is as important as the quality of the operatives themselves. Providers experienced in manned guarding, for example, understand the seasonal footfall patterns driven by the student population and tourist trade, the specific organised retail crime activity in the city’s retail districts, and the response infrastructure of the local police.

6. Building a Retail Security Operation That Works

A retail security operation that delivers consistent loss reduction is built on 4 components: a site-specific risk assessment that identifies the actual threat profile, deployment of operatives matched to the store’s specific floor plan and risk areas, a digital reporting system that creates an evidence trail for every incident, and a regular review process that adjusts the deployment as the threat profile changes.

For retailers who want to move from a reactive to a preventative security model, Alpha Security Services provides retail loss prevention across UK high streets and shopping centres, with operatives trained specifically in retail crime identification and conflict management. Every retail deployment begins with a site assessment, and every incident is logged digitally and reported to the client within a defined timeframe.

It’s 3 am and your SOC just flagged a breach. Under the EU’s NIS 2 Directive you have 24 hours to send an early-warning notice, 72 hours for a fuller update, and 30 days for the root-cause report—miss the first window and fines can reach millions of euros.

Spreadsheets won’t save you. You need an automated compliance platform that detects the incident, gathers evidence, and drafts the notification as soon as the alert fires. This guide ranks the five strongest platforms, explains how we scored them, and helps you match a tool to your sector, stack, and budget, so you spend less time decoding regulations and more time closing vulnerabilities.

How we ranked the platforms and why it matters

Buying compliance software on instinct is risky, so we built a weighted scorecard that mirrors real-world pressure: prove compliance fast, control costs, and give auditors airtight evidence.

Our short-list process

1. Collected every vendor that publicly advertises NIS2 support.
2. Kept only those with live, template-level NIS2 content and visible automation, not “coming soon” slides.

Scoring framework (100-point scale)

• NIS2 coverage – 20 percent 
• Continuous automation – 15 percent 
• 24-hour incident workflow – 10 percent 
• Integration breadth – 10 percent 
• Multi-framework mapping – 10 percent 
• Hosting and data residency – 5 percent 
• Vendor certifications – 5 percent 
• Pricing transparency – 5 percent 
• User sentiment – 10 percent 
• Unique differentiators – 10 percent 

Each criterion receives a 1–10 raw score, multiplied by its weight, then rolled into a final percentage. In tie situations we favor the platform with the stronger user-review average.

You will see those numbers guide every platform profile that follows; the evidence leads, not sponsorship.

1. Vanta: best overall automated compliance platform for NIS2

Vanta is built for teams that need NIS2 readiness to run continuously, not as a quarterly sprint. Its September 2024 update added NIS2 support, and it pairs that content with deep, integration-led automation. In practice, that means you can connect the systems you already use and get a living view of where you stand against Articles 21–24, with evidence collection running in the background. Teams evaluating options in this category often start with Vanta’s automated compliance platform because it turns NIS2 evidence gathering into a continuous process rather than a quarterly scramble.

Vanta is strongest when you want compliance to “wake up” the moment your security tooling does. When a high-severity alert is raised in your SIEM or incident tooling, Vanta can kick off an incident workflow by creating tasks, assigning owners, timestamping activity, and running escalation reminders. The goal is simple: your team spends less time chasing approvals and more time getting the early-warning notification out on time.

Mapping depth and continuous automation

Vanta ships with a pre-built NIS2 framework mapped to concrete controls, tests, and policy templates, so you are not starting from a blank spreadsheet. On the technical side, Vanta runs 1,200+ automated tests across common cloud, identity, and endpoint stacks. Those checks run hourly, and Vanta positions that it can automate up to 65 percent of NIS2 controls out of the box (with the rest typically requiring process and policy work).

Cross-framework reuse

If you are dealing with NIS2 alongside other obligations, Vanta’s model is to help you reuse the work. It supports 35+ frameworks and maps shared controls across them, which reduces duplicate evidence requests when you also need ISO 27001, SOC 2, GDPR, DORA, or similar frameworks in parallel.

Integrations and speed to value

Vanta’s main advantage is ecosystem breadth. With 375+ native integrations, you can pull evidence directly from the tools you already trust (cloud, IAM, endpoint security, ticketing, HR systems) and keep it current without manual screenshots. Most teams can get meaningful visibility in weeks, not months, because the system starts producing control signals as soon as core integrations are connected.

EU fit, pricing, and what to watch

Vanta offers EU infrastructure options and is certified to SOC 2 Type II and ISO 27001. Pricing is comparatively straightforward for this category, it’s published and generally scales by framework and employee count, and it includes a free sandbox for proofs of concept.

Ideal for: mid-market to enterprise organizations (roughly 50 to 5,000+ employees) that want fast NIS2 coverage, strong automation, and broad integrations across their existing stack.

Limitations: Vanta is strongest in cloud and SaaS environments. If you run heavy OT, IoT, or hospital and plant networks, you will likely pair it with a specialist like Claroty for deep cyber-physical asset discovery.

Proof points: Vanta is rated 4.6/5 on G2 with 2,300+ reviews and is positioned as “trusted by 10,000+ companies,” which signals a mature product and a large peer set for buyer validation.

2. OneTrust: best for comprehensive GRC and privacy integration

OneTrust is the heavyweight option when NIS2 is not your only problem. If your organization is juggling security requirements alongside privacy obligations, vendor risk, and audit governance, OneTrust brings those threads into one program so you can manage NIS2 the same way you manage GDPR and other enterprise compliance work.

At the content level, OneTrust offers more than 12 integrated libraries spanning major regulations and standards, including GDPR, DORA, ISO 27001, and NIS2. The practical benefit is reuse. Instead of writing three policies and collecting three evidence sets, you can run a single control program and map it across regimes.

OneTrust’s strength here is orchestration and context. You can open an early-warning record, tie it to affected assets and suppliers, and capture any personal-data implications in the same workflow. From there, you can export a regulator-ready PDF or push the work into ServiceNow via API so the compliance record stays linked to the operational incident queue.

Mapping depth, plus cross-framework leverage

In the NIS2 workspace, Articles 21–24 are pre-mapped into assignable tasks with owners, due dates, and evidence fields. Because those controls also map to adjacent frameworks, OneTrust tends to pay off most when you want one “source of truth” for overlapping requirements, rather than a separate tool per directive.

Automation reality

Compared to compliance-automation-first platforms, OneTrust leans more heavily on workflow, evidence management, and governance. It does not publicly quantify technical test counts or test frequency for NIS2 in the way tools like Vanta do. That is not a flaw if your bottleneck is coordination across teams and geographies, but it matters if you are expecting hourly infrastructure checks out of the box.

Integrations, deployment, and cost

OneTrust supports enterprise integrations (including ServiceNow, Jira, and major identity and cloud systems), and it offers EU hosting along with ISO 27001 and SOC 2 Type II certifications. The trade-off is complexity. Standard rollouts are often 8–12 weeks with a certified partner, and global deployments can run longer. Pricing is not published. Based on expert research, enterprise subscriptions commonly land in the $50K–$200K+ per year range depending on which modules you buy and how broadly you deploy them.

Ideal for: global enterprises with established privacy and risk functions that want to unify NIS2 with GDPR, DORA, and broader GRC workflows.

Key limitations: longer implementation cycles, higher total cost of ownership, and a workflow-first approach that typically involves more manual evidence coordination than automation-led platforms. For many buyers, OneTrust is a great “program hub,” but it is rarely the fastest route to technical continuous control testing.

3. Thoropass: best for fast-growing teams that want audit support built in

Thoropass is a strong fit when compliance has to keep pace with engineering and when you want the audit itself included in the program, not bolted on at the end. If your team ships changes frequently and wants evidence to flow from the tools you already use, Thoropass’s model is to connect your cloud and DevOps stack, then maintain a continuously updated compliance view as repos, IAM roles, and tickets change.

Thoropass supports a lightweight, operations-friendly workflow for NIS2 reporting. When a high-severity incident is triggered in tools like PagerDuty, you can use that signal to open regulatory-reporting tasks automatically, assign owners, stamp timestamps, and start a 24-hour countdown. From there, the same workflow can notify stakeholders in Slack or route work into ServiceNow via webhooks, which helps keep compliance actions tied to the incident responders doing the work.

NIS2 mapping and cross-framework reuse

Thoropass offers NIS2 control mapping alongside common audit standards, so teams that already run SOC 2 or ISO 27001 can extend the program instead of starting over. That said, Thoropass’s NIS2 support is newer and less publicly documented in depth than some competitors, so it is worth validating exactly how Articles 21–24 are represented in your environment during a trial.

Automation depth and integrations

Thoropass automates evidence collection across connected systems, with an emphasis on connecting compliance work directly to its in-house audit practice. A key detail for NIS2 buyers is cadence. Based on expert research, Thoropass’s automated tests typically run on a daily cycle, which is often enough for audit readiness but can be a constraint if you want near-real-time control signals during fast-moving incidents. Integration coverage is solid for modern SaaS stacks, but it is not as broad as the largest automation-first platforms.

Timeline, EU fit, and cost considerations

Thoropass is designed for fast onboarding, with a clear emphasis on moving from kickoff to audit-ready in a predictable window. Treat any published timeline as directional, then confirm current expectations based on your scope and integrations. Thoropass is SOC 2 Type II certified, and EU hosting specifics are worth confirming with the vendor as part of your NIS2 data-residency diligence.

Pricing is also an area to pressure-test early. Compared to tools with published tiers, Thoropass’s pricing is generally less transparent, and expert research indicates buyers sometimes encounter add-ons and module costs that make budgeting harder than expected.

Ideal for: SaaS and tech scale-ups (roughly 50 to 1,000 employees) with developer-heavy teams that want compliance evidence to track engineering reality, not quarterly checklists, and that value a bundled audit experience.

Key limitations: daily (not hourly) test cadence, fewer integrations than the largest platforms, less-mature NIS2-specific depth in public documentation, and pricing that can be harder to predict for multi-framework programs. For OT operators or highly regulated financial institutions, expect additional tooling or customization.

4. ServiceNow Integrated Risk Management: best for enterprises already in ServiceNow

ServiceNow IRM is the pragmatic pick when your organization already runs IT operations on the Now Platform. Instead of introducing a separate compliance system, you extend the workflows you already trust—incident queues, approvals, asset inventory, and audit trails—into a NIS2 program.

The biggest advantage is operational alignment. When a significant incident is declared, you can drive NIS2 reporting from the same place you run outages and security operations. ServiceNow’s Digital Resilience Incident Reporting capabilities can be adapted to support NIS2-style reporting milestones, including the 24-hour early warning and the 72-hour update, by launching playbooks that create tasks, assign owners, and track status inside the incident record.

Article mapping and control structure

ServiceNow is powerful, but it is not typically “pre-mapped NIS2 out of the box” in the way purpose-built compliance automation tools are. In practice, NIS2 programs are commonly implemented using partner content packs and configuration. That gives you flexibility, but it also means you should plan for design work up front: which entities are in scope, which controls map to Articles 21–24, and which systems will produce evidence.

Automation and integrations

IRM can leverage CMDB context, SecOps data, and continuous monitoring, but the automation model is configurable. Your team (or partner) defines what “good” looks like and how controls are tested. Integration depth is excellent inside ServiceNow. For external SaaS connections, many organizations rely on IntegrationHub, which can add both licensing and implementation complexity. ServiceNow is also investing in Now Assist (GenAI) features for IRM use cases, which can help teams summarize and triage risk information, but it does not remove the need for a well-designed operating model.

Timeline, EU residency, and cost

This is enterprise software, and timelines reflect that. A first phase can land in 3–6 months, but full enterprise rollouts commonly stretch to 12–24 months once you account for scope, integrations, and customization. For sovereignty-sensitive NIS2 entities, ServiceNow’s protected-platform-for-EU positioning (2025) is a material benefit.

Pricing is not published. Based on expert research, IRM programs often price as an enterprise subscription with module-based licensing, and a realistic total cost of ownership can run $150K–$500K+ annually before professional services.

Ideal for:

• Large enterprises already standardizing on ServiceNow for ITSM, CMDB, and SecOps
• Organizations that need NIS2 reporting to live inside existing incident workflows
• OT-heavy environments evaluating ServiceNow’s OT modules alongside IRM

Key limitations: no default, turnkey NIS2 mapping, long deployment cycles, and higher cost and implementation effort than SaaS-first compliance platforms. If you need fast time-to-value for NIS2 evidence automation, ServiceNow can get you there, but only with deliberate configuration and the right partner support.

5. Hyperproof: best emerging challenger for unified dashboards

Hyperproof is a workflow-first GRC platform that stands out for one thing: cross-framework structure. If your main problem is not “we lack a policy template,” but “we are drowning in overlapping requirements,” Hyperproof’s approach can simplify the program by letting you manage one control set and reuse it across frameworks.

Hyperproof offers an out-of-the-box NIS2 template and a 2,500-domain control crosswalk, which is designed to reduce duplicate work when the same control needs to satisfy NIS2 plus ISO 27001, SOC 2, and other standards. Based on expert research, this NIS2 content is relatively new, so you should validate how deeply Articles 21–24 are broken down into tasks and evidence fields compared to its more-established frameworks.

Incident reporting workflow

Hyperproof’s incident experience is designed for speed and audit trail. When an incident crosses your defined severity threshold, the UI can prompt a “Notify regulator?” decision that starts a 24-hour timer and cascades tasks to owners. Evidence is versioned so you can show who changed what, and when, during the 24-hour and 72-hour reporting windows.

Automation and integrations

Hyperproof supports automated evidence collection via roughly 70 integrations. That covers many common cloud and DevOps systems, but it is a smaller ecosystem than the most integration-heavy compliance automation platforms. Expert research also suggests Hyperproof is generally stronger at compliance-workflow orchestration than deep, always-on automated testing, which matters if your goal is to continuously validate technical controls with minimal manual work.

Implementation, data residency, and pricing

Hyperproof is frequently positioned as fast to deploy, including a G2 “Fastest Implementation” badge and a reported seven-day median setup, which should be treated as self-reported. For NIS2 buyers, the bigger diligence items are commercial and residency related. Hyperproof is US-headquartered, and expert research could not confirm EU data-residency options from available sources, so treat this as a must-ask in procurement.

Pricing is also not publicly disclosed. Based on expert intel, costs can scale meaningfully as you add frameworks and users, so it is worth scoping your multi-framework roadmap before you commit.

Ideal for: mid-market organizations managing multiple frameworks that value clean dashboards, strong cross-mapping, and workflow coordination more than maximum integration breadth.

Key limitations: NIS2 support is newer and less battle-tested, integrations are fewer than automation-first competitors, EU data residency is not clearly confirmed in public sources, and automation depth may feel lighter if you are expecting extensive pre-built technical tests.

How to choose the right NIS2 compliance platform

The best tool is the one that reduces your risk fastest in the environment you actually run. Use the steps below to narrow your shortlist, then validate the “make or break” details in a demo—especially incident workflow, integrations, and hosting.

• Match the tool to your biggest NIS2 exposure.

1. 1. If supplier posture is where you lose sleep, prioritize vendor-risk depth (questionnaires, scoring, follow-ups, evidence trails).
   2. If your main risk is operational response under pressure, prioritize incident-workflow strength and how it supports the 24-hour and 72-hour reporting cadence.
2. Follow your data gravity.
   NIS2 reporting is only as fast as the systems feeding it. Pick a platform that connects cleanly to your existing SIEM, ticketing, IAM, and cloud stack so evidence and timestamps flow automatically instead of being reconstructed after the fact.
3. Run a time-plus-money equation (not just license price).
   SaaS platforms can reduce audit prep from months to under two weeks (based on G2-reported implementation data), but you pay for it in subscription cost. Open-source options reduce licensing costs, but you often “pay” in engineering time to wire evidence feeds, maintain upgrades, and build reporting workflows.
4. Decide how much hand-holding and operational maturity you want.
   Some teams want an advisor to sanity-check decisions and help interpret gray areas. Others want self-serve speed and minimal services. Either is fine, but be honest about your team’s bandwidth and experience.

A simple way to finalize your shortlist: write down four things next to the comparison grid above—your risk focus, your existing ecosystem, your budget (including internal time), and your operating culture. The tools that match all four are the ones worth piloting.

Conclusion

Selecting a NIS2 compliance platform is ultimately about aligning technology capabilities with your operational reality. Take the time to confirm hosting, integration depth, and incident-workflow fit before signing a contract. The platforms in this guide cover a range of needs—from open-source sovereignty to enterprise-scale automation—so there is a viable path no matter your size, budget, or industry.

Every time you buy or sell an asset on a trading platform, someone or something is on the other side of that trade. In traditional finance, large banks and specialist firms fill this role. In DeFi, the same function exists but operates differently, and it generates yield for the protocols and participants that provide it.

Market making is one of the oldest and most structurally sound ways to earn in financial markets. It does not require predicting price direction. It does not rely on token emissions or inflationary incentives. It earns from the basic mechanics of how markets function.

This post explains what market making is, how it works in DeFi, where the yield comes from, and why it is a core part of the strategy behind altura.trade

What Is Market Making?

A market maker is an entity that continuously quotes both a buy price and a sell price for an asset. By always being willing to buy at one price and sell at a slightly higher price, the market maker ensures that other traders can always find a counterparty when they want to trade.

The difference between the buy price and the sell price is called the bid-ask spread. This spread is the market maker’s compensation for providing liquidity and taking on the risk of holding an asset position between trades.

Here is a simple example. Suppose a market maker quotes Bitcoin at:

•       Bid: 60,000 USD (the price at which the market maker will buy)
•       Ask: 60,010 USD (the price at which the market maker will sell)

The spread here is 10 USD. If a trader buys at 60,010 and another trader sells at 60,000, the market maker earns 10 USD from the round trip. Multiply this across thousands of trades per day and the returns can be substantial, even though no directional bet on Bitcoin’s price was required.

How Market Making Works in DeFi 

In traditional finance, market making happens on centralised order book exchanges where a firm places limit orders on both sides of the market. In DeFi, market making takes two main forms.

Automated Market Makers (AMMs)

Most people who have used a decentralised exchange like Uniswap or Curve have interacted with an AMM. Instead of using a traditional order book, AMMs use liquidity pools. Traders swap assets against the pool rather than against another trader directly.

Liquidity providers (LPs) deposit pairs of assets into these pools and earn a share of the trading fees generated whenever someone swaps. This is a passive form of market making: you deposit capital, the protocol handles the matching, and you earn fees proportional to your share of the pool.

The challenge with passive AMM liquidity provision is impermanent loss. When asset prices move significantly, the value of an LP position can fall below what the depositor would have held by simply keeping the assets. This is the hidden cost of providing liquidity in a directional market. 

Active Market Making on Order Book Venues

Active market making involves placing and managing limit orders on both sides of an order book, adjusting quotes continuously as prices move. This is more complex than passive LP provision but can be significantly more efficient because the market maker has precise control over the prices at which they buy and sell.

On HyperEVM, which operates alongside Hyperliquid’s high-performance perpetuals infrastructure, active market making is both viable and efficient. Deep liquidity, fast execution, and a large volume of trading activity create a favourable environment for generating consistent spread income. 

Where the Yield Actually Comes From 

The yield from market making comes from two primary sources. 

Bid-Ask Spread Capture

Every time a trade executes at a price the market maker has quoted, the market maker earns the spread. In active liquid markets, this can happen thousands of times per day. The individual spread per trade may be small, but the cumulative effect across high volumes is meaningful.

Importantly, this yield is not derived from price appreciation. It is earned from the act of providing liquidity itself. A market maker quoting BTC/USDT earns whether BTC goes up or down, as long as both sides of the spread are being hit. 

Trading Fee Revenue

On AMM-style venues, liquidity providers earn a percentage of every trade that flows through the pool. This fee accrues automatically and is distributed proportionally to LPs based on their share of the pool.

Fee revenue is directly correlated with trading volume. High-volume markets generate more fee income for liquidity providers. This creates a natural alignment between the health of the market and the returns available to market makers. 

Why Market Making Is Considered Non-Directional 

The term non-directional means that the strategy does not require the asset price to move in a specific direction to generate returns. This is one of the defining characteristics of market making and what makes it a structurally different type of yield strategy compared to most DeFi farming approaches.

In practice, maintaining true market neutrality requires active management. A market maker who quotes prices but does not adjust them as the market moves will end up accumulating inventory on one side. For example, if Bitcoin’s price is falling steadily, traders will consistently sell to the market maker, who accumulates a long position. If the decline continues, that inventory position loses value.

Professional market making addresses this through inventory management. Positions are hedged, quotes are adjusted dynamically, and exposure is kept as close to neutral as possible. When done correctly, the yield is generated almost entirely from spread capture rather than from any directional price movement.

This is why market making, alongside funding rate arbitrage, is one of the strategies most suited to a yield protocol that wants to deliver returns regardless of market conditions.

The Risks Involved in Market Making

Like any yield strategy, market making carries risks that are important to understand before depositing capital.

Inventory Risk

If prices move sharply in one direction before the market maker can adjust positions, the inventory accumulated on one side of the book can generate losses. Fast-moving markets with large price gaps are the most challenging environment for market makers.

Impermanent Loss

For AMM-style liquidity provision, impermanent loss is the main risk. When asset prices diverge significantly from their values at the time of deposit, the LP position underperforms simply holding the assets. The trading fees earned need to outweigh this loss for the strategy to be net positive.

Execution and Latency Risk

Active market making requires fast and reliable execution. If quotes cannot be updated quickly enough or if orders fail to fill at the intended prices, the strategy can underperform. This is why the choice of execution environment matters. Protocols operating on high-performance chains with deep liquidity are better positioned to manage this risk.

Volume Risk

Fee revenue is tied to trading volume. In quiet or low-volatility markets, trading activity may drop, reducing the spread capture and fee income available. A well-diversified strategy accounts for this by drawing yield from multiple sources rather than relying on market making alone. 

How Altura Uses Market Making to Generate Yield

Market making and liquidity provision is one of three independent yield pillars inside the Altura vault. It operates alongside funding rate and basis arbitrage, and real-world asset strategies, creating a diversified yield engine where each source is uncorrelated with the others.

By combining these three pillars, Altura reduces the dependence on any single market condition. When trading volumes are high, market making contributes strongly. When perpetuals markets show elevated funding rates, the arbitrage pillar carries more of the load. When crypto markets are quiet, RWA strategies provide a stable baseline. The mix shifts automatically as conditions change, and yield is delivered consistently through a rising Price Per Share (PPS) on-chain.

The protocol operates on HyperEVM, which provides access to Hyperliquid’s high-activity perpetuals ecosystem. This is a meaningful advantage for a market making strategy because the volume and liquidity depth in that environment support consistent spread capture at a level that would not be available on lower-activity chains.

All strategy execution happens automatically. Depositors do not need to manage positions, adjust quotes, or monitor markets. Capital is deployed, strategies run, and yield accrues into the vault’s PPS without any action required from the depositor. 

Market Making vs Yield Farming: What Is the Difference?

It is worth drawing a clear distinction between market making as a yield source and the kind of yield farming most DeFi users are familiar with. 

Yield farming typically involves depositing assets into a protocol and receiving newly minted governance tokens as a reward. The APY can look impressive, but the value of those rewards depends on the token maintaining its price. If the token falls in value, the real yield falls with it. Many yield farming programs are essentially distributing future protocol ownership in exchange for current liquidity, and when the incentive program ends, the yield often collapses.

Market making yield does not work this way. The spread income earned from quoting prices in an active market is real economic value generated from real trading activity. There are no tokens being minted and no incentive programs scheduled to end. The yield exists as long as markets are active and the strategy is executing correctly.

This makes market making a more durable yield source over time, even if the headline APY may not always match the numbers advertised by incentive-driven farming protocols. 

The Bottom Line

Market making is one of the most structurally sound ways to earn yield in financial markets. It generates returns from the fundamental mechanics of how markets function rather than from token inflation, price speculation, or temporary incentive programs.

In DeFi, accessing this kind of yield has historically required either deep technical expertise or significant capital. Protocols like Altura change that by packaging professional-grade market making into a single vault that any depositor can access with a standard stablecoin deposit.

To learn more about how market making combines with funding rate arbitrage and RWA strategies inside Altura’s yield engine, visit altura.trade.