The Verification Gap: AFIR Compliance Gaps That Multi-Market Scaling Creates and Portfolio-Level Reviews Cannot Surface

Rapid multi-market expansion creates AFIR compliance gaps that portfolio-level compliance reviews cannot surface, this is not because the reviews are wrong, but because the gaps are market-specific and the review is not. This practitioner brief identifies where those gaps sit for growth-stage charge point operators scaling across multiple EU markets simultaneously. The brief is written for Chief Strategy Officers, Regulatory Directors, and Senior Operations Leadership at multi-market CPO operators. It assumes familiarity with AFIR (EU 2023/1804) and does not explain the regulation from first principles. Its purpose is to identify the specific points where a compliance architecture built and verified in a home market produces unverified exposure in expansion markets. Two primary gaps are identified as least likely to appear in a standard compliance review: hardware vintage segmentation by market, where a portfolio-wide ISO 15118-2 firmware compliance verification returns a pass rate dominated by newer hardware while non-compliant units concentrate in the oldest and highest-utilisation markets; and smart charging timing variation by market, where national DSO connection conditions in some member states predate the EU mandate date by 12-18 months, producing deployment friction that does not register as a compliance event but directly hits deployment targets. Three supporting gaps cover national transposition layers, which include the distinction between OCPI 2.2.1 compliance and the separate Mobi.E API integration required in Portugal, while including roaming bilateral verification failures at the ad-hoc payment session level, and pricing transparency hardware gaps in acquired estates where SPA technical warranties do not capture display firmware capability. A fourth section addresses infrastructure and platform decisions being made now that determine compliance and commercial position in 2028-2030: DATEX II data format compliance (enforcement from April 2026, already live), demand response interface architecture in CSMS platforms ahead of the ACER Network Code national enforcement expected in 2027, ISO 15118-20 specification at destination sites as the foundation for Vehicle-to-Grid revenue participation, and TEN-T connection upgrade application timing for the 600kW passenger vehicle power escalation and the separate 2,800kW heavy commercial vehicle obligation. Each gap is mapped to its business-level consequence, from financing covenant exposure, deployment target impact, regulatory relationship risk, and commercial position in 2030, rather than to its compliance programme cost. This brief is Document 5B in a practitioner series on EU EV charging regulatory and investment risk. It does not constitute legal advice. Asset-specific compliance gap assessment requires direct engagement with organisation-specific hardware audit data, CSMS configuration records, and national transposition documentation.