IRELAND Trends and Developments Contributed by: Christopher Martin, Derek Hegarty and Nicola Munnelly, KPMG Law
The fintech market in Ireland is currently on an upward trajectory with increased investment and regulation in the area. The regulatory framework for fintech in Ireland has been the subject of much change in the last few years, with 2025 looking to be no exception. As a response to the age of digital finance, the EU has been focused on improving regulation of financial service providers who operate in the digital sphere, as well as implementing and improving the regulation of new financial prod - ucts such as crypto-assets. The Irish financial regulator, the Central Bank of Ireland (Central Bank), is similarly focussed on ensuring that the Irish regulated market is ready for these new and upcoming regulatory changes. The fintech sector in Ireland includes a broad range of both regulated and unregulated provid - ers in the payments, e-money and virtual/crypto- assets space, as well as technical service and technology providers, who support the broader fintech ecosystems. It includes both traditional and established institutions that have expanded their services overtime to adapt to the chang - ing landscape, as well as new players entering the market. The sector has strong backing from the State, with the government and government agencies, such as the Industrial Development Agency (IDA Ireland) and Enterprise Ireland pro - viding various incentives and funding to start - ups. Legal and Regulatory Updates Operational resilience The Digital Operational Resilience Act (DORA) took affect across the EU on 17 January 2025. DORA includes both a Regulation (2022/2554) (DORA Regulation) and Directive (2022/2556) (DORA Directive). DORA brings in various new requirements for financial services providers in
terms of information and communications tech - nology (ICT), and the approach to risk manage - ment. The EU recognises that the financial services sector has become more digitised and that more stringent procedures and protections need to be put in place to prevent and respond to cyber- attacks and related incidents. In Ireland this is also supported by the Cross Industry Guidance on Operational Resilience, which the Central Bank published in 2021, and which comple - ments the measures under DORA, and includ - ing measures applicable outside of just digital operation resilience. The Central Bank has been actively engaging with industry in preparation for DORA, and will continue to work closely with regulated entities, including fintechs, to ensure its full implementa - tion. This has included the following. • Providing specific website updates for DORA Major ICT-related Incident and Significant Cyber Threat submissions, a template for submissions, and a system “How To” guide, to assist financial institutions. • Providing for the submission of Registers of Information (RoIs) for all contractual arrange - ments on the use of ICT services provided by ICT third-party service providers (institutions will need to submit RoIs to the Central Bank through its online portal during the window of 1 to 4 April 2025). • Engagement with a limited number of firms in respect of advanced Threat-Led Penetration Testing. In its communications on DORA implementation the Central Bank has been clear that:
390 CHAMBERS.COM
Powered by FlippingBook