Banking Regulation 2025

IRELAND Law and Practice Contributed by: Keith Robinson, Barry Tyrrell and Julia Mullin, Dillon Eustace LLP

The CBI, alongside the Irish government, sup - ports broader sustainability initiatives aimed at fostering a more sustainable economy. The CBI also announced the establishment of its Climate Risk and Sustainable Finance Forum, which seeks to bring stakeholders together to share knowledge and understanding of the implica - tions of climate change for the Irish financial system. The CBI continues to actively collaborate with the EBA on its Sustainable Finance Action Plan and working towards enhancing ESG risk disclo - sures and incorporating ESG risks in the super - visory and evaluation process. Irish Domestic Legislation Ireland has taken several domestic steps to enhance its regulatory approach to ESG in the banking sector. The Climate Action and Low Carbon Development (Amendment) Act 2021 sets ambitious targets for Ireland’s transition to a low-carbon economy. It provides for targets, yearly budgets and a commitment to achieve a net-zero carbon emissions for 2050. This legislation has implications for Irish banks, as there will be an increasing expectation to finance projects that support this transition.

to strengthen the IT security of financial entities including Irish banks to ensure that Irish banks will be resilient against operational disruptions. DORA introduced rules applicable to a wide range of regulated financial entities (including banks) regarding information and communica - tion technology (ICT) risk management, ICT- related incident management, classification and reporting, digital operational resilience testing, and managing of ICT third-party risk (including an oversight framework for critical ICT third- party service providers). Digital operational resilience means the ability of a financial entity to build, assure and review its operational integrity and reliability by ensur - ing, either directly or indirectly through the use of services provided by ICT third-party service pro - viders, the full range of ICT-related capabilities needed to address the security of the network and information systems which a financial entity uses, and which support the continued provision of financial services and their quality, including throughout disruptions. DORA entered into force on 16 January 2023 and will apply as of 17 January 2025. The appli - cation of DORA will be supplemented by techni - cal standards which were issued in two batches that provide regulatory guidance in respect of certain key areas under DORA. DORA applies to a board range of contracts which relate to the use of ICT services being digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis including hardware as a service and hardware services which include the provision of technical support via software or firmware updates by the hardware provider,

10. DORA 10.1 DORA Requirements

Given the development of digital banking, the Digital Operational Resilience Act (“DORA”) comprising Regulation (EU) 2022/2554 on digi - tal operational resilience for the financial sector and Directive (EU) 2022/2556 as regards digi - tal operational resilience for the financial sec - tor was published in the Official Journal of the EU on 27 December 2022. DORA is designed

259 CHAMBERS.COM

Powered by