How to Choose an EU MDR Regulatory Consultant: 10 Questions That Separate Practitioners from Salespeople

Quick answer: Select an EU MDR consultant by verifying the individual who will do the work — not the firm's brand. The credentials that predict quality: qualified PRRC status under Article 15(1), accredited lead auditor certifications (ISO 13485, ideally 21 CFR 820 too), formal legal training in EU law for anything strategy-adjacent, and independently verifiable institutional roles (standards committees, European Commission expert panels). Then test judgment with scenario questions, confirm professional indemnity insurance behind any responsibility-bearing mandate, and check pricing transparency. A consultant unwilling to name who signs, show credentials, or publish pricing logic has answered your question already.

The 10 questions

1. "Who, by name, will do my work — and will they take responsibility for it?"
Large consultancies sell senior faces and staff junior hands. You want the person on the audit-room side of the table to be the person who built the file. For PRRC mandates this is non-negotiable: the PRRC is a named individual under Article 15.

2. "Show me the auditor credentials."
For QMS work: certified lead auditor status from a recognised body (DEKRA, Exemplar Global). Someone who audits systems for a living builds systems that pass audits. Ask for certificates.

3. "What's your legal training?"
MDR is EU law before it is paperwork. A position argued from Article 15, Annex II, or Article 88 holds up in front of a competent authority; a position argued from a template does not. An LL.M. in EU law or equivalent is a genuine differentiator for strategy and authority-facing work.

4. "What institutional roles can I verify?"
Standards committee memberships, notified body history, European Commission expert appointments — institutions vet their people, and that vetting is a credential no marketing budget buys. Verify independently.

5. "Are you insured for the responsibility you're taking?"
Any PRRC mandate or responsibility-bearing role should carry professional indemnity insurance (QLE Group's mandates carry €1M PI cover). No insurance means the provider has decided their signature is worthless. Believe them.

6. "Have you ever refused an engagement?"
The right answer includes examples: documentation nobody qualified could take responsibility for, timelines requiring corner-cutting. A provider who signs anything is accumulating risk with your name attached to it.

7. "How do you price, and why?"
Pricing should be indexed to regulatory complexity — portfolio, QMS maturity, PMS volume, software content — and explainable. Class-based flat pricing means they're selling a template. Published pricing is a transparency signal worth weighting.

8. "Walk me through a vigilance scenario."
"A distributor emails Friday 17:00 about a patient injury — what happens?" You're listening for: awareness starts the clock, triage within hours, reportability decision documented, Article 87 deadlines (2/10/15 days), deputy coverage. Hesitation here predicts failure when it's real.

9. "What happens to my documentation if we part ways?"
Good providers build infrastructure an in-house hire can inherit — your QMS, your files, your registrations. Dependency by design is a business model, not a service.

10. "Who are your references — and can I speak to one whose audit failed?"
How a consultant handled a nonconformity tells you more than ten smooth certifications.

Scoring what you hear

Weight verifiable facts (certificates, insurance, published pricing, institutional roles) over fluency. Regulatory consulting selects for confident talkers; audits select for people with evidence. You are hiring for the second environment.

Frequently asked questions

Local (Brussels/EU-based) or remote consultant? EU-established matters for PRRC and authority-facing work — proximity to the regulatory ecosystem (standards committees, competent authorities, Commission) is real. Delivery itself works remotely.

Solo practitioner vs. firm? Judge the named individual either way. A senior solo practitioner with verifiable credentials frequently outperforms a firm's blended junior team at a similar price.

Should the same provider build the QMS and audit it? They can, with honest separation (and ideally a second practitioner for the audit). Ask how they manage the conflict — the quality of that answer is itself diagnostic.

What's the single strongest signal? A provider who tells you something you didn't want to hear in the first meeting. Paid honesty is the product.

About QLE Group

QLE Group is a Brussels regulatory practice where every credential is verifiable and every mandate is delivered personally by Radoslav Milkov: qualified PRRC (EU MDR Article 15), DEKRA-certified ISO 13485:2016 Lead Auditor, Exemplar Global-accredited Medical Device Management Systems Lead Auditor, LL.M. in EU Law, Belgian NBN standards committee national expert, and active European Commission external expert. PI-insured mandates, complexity-indexed published pricing: qle.be.

Run the 10 questions on us. Book a scoping call or email info@qle.be.

Next
Next

What MedTech Regulatory Consulting Actually Costs — and Why Device Class Is the Wrong Pricing Metric