* Republished from Vol: 29 Issue: 6 of Finance Dublin featuring an interview with partners Damien Barnaville and Shane Martin (August 2024)
The current agenda for Irish financial services firms includes two of the most significant EU regulatory initiatives in recent times – DORA and MiCAR - write Walker's Damien Barnaville and Shane Martin. They outline the EU's regulatory agenda, including fast-approaching developments in the areas of AML, payments, banking and funds, as well as non-financial specific changes such as the AI Act and CSRD. On the domestic front they highlight the Consumer Protection Code and the Central Bank's project to overhaul its operating structure.
With a backdrop of changes to the political landscape in the EU, UK and France, and ahead of the coming general election in Ireland, the international financial services sector in Ireland has a full slate of regulatory initiatives to grapple with in the short-medium term.
EU financial regulatory agenda
Two of the most significant EU regulatory initiatives in recent times are quickly appearing over the horizon. The Digital Operational Resilience Act ("DORA") will impact a broad range of financial services firms ("FS Firms") and comes into effect from January 2025. DORA imposes harmonised ICT risk management requirements on regulated firms to achieve a high level of digital operational resilience.
The requirements introduced by DORA should not be entirely novel for FS Firms as many of the themes were previously addressed in Central Bank of Ireland ("CBI") guidance on outsourcing, operational resilience and IT and cybersecurity risks. While focussed on ICT risks specifically, DORA's requirements nonetheless potentially apply in respect of a broader range of service providers than existing outsourcing rules and in practice require dedicated projects to achieve implementation. In addition, certain third-party technology service providers will be subject to oversight for the first time.
Firms operating in the crypto asset sector are meanwhile gearing up for the next phase of the introduction of the Markets in Crypto-Assets Regulation ("MiCAR"). Bearing similarities to the existing MiFID regime which regulates the provision of investment services, MiCAR introduces a harmonised regulatory framework for the provision of crypto-asset services and issuances across the EU. The authorisation process for crypto-asset service providers will commence from 30 December 2024 and crypto firms planning to launch in Ireland and passport services into the EU will be eagerly awaiting the imminent publication of details of the CBI's authorisation process.
In the area of financial crime, reform of the EU's anti-money laundering ("AML") system will gather pace as the new EU AML Authority in Frankfurt becomes operational during 2025. FS Firms will be commencing their own preparations for the introduction of the EU 'Single Rulebook' Regulation and the 6th EU AML Directive. It is also expected that there will be greater focus on supervision and enforcement of economic and financial sanctions, particularly with no sign of an end to the conflict in Ukraine.
The EU's Corporate Sustainability Reporting Directive, while not specifically directed towards FS Firms, will impact a broad spectrum of companies with the first reporting cycle due in 2025 based on data from fiscal year 2024, requiring disclosure of ESG impacts.
Looking further ahead, the third Payment Services Directive ("PSD3") and the Payment Services Regulation ("PSR") are expected to be implemented across the EU in 2026.A key focus of reforms under PSD3 and the PSR will be on combatting payment fraud, improving consumer rights and further levelling the playing field between banks and non-banks.
Non-EU banks operating within the EU will be closely monitoring the development of the Capital Requirements Directive 6 ("CRD6") which is expected to take effect by the end of 2026. Under CRD6, any non-EU bank providing "core banking services" (which includes lending) in the EU must establish an authorized local branch within the relevant jurisdiction or have an EU subsidiary capable of passporting into other EU Member States.
With the EU taking a lead in regulating the use of artificial intelligence ("AI") systems, FS Firms currently deploying AI systems or planning to do so will need to prepare for the introduction of the EU AI Act, which will be effective from August 2026. The Department of Enterprise, Trade and Employment recently closed a public consultation on the implementation of the Act, and Government will need to make decisions shortly to appoint regulators to enforce the Act.
There are also a number of regulatory developments in the regulated funds sphere (both with respect to retail (UCITS) and alternative investment funds (AIFs)). On the UCITS side, the European Securities and Markets Authority (ESMA) published a "Call for Evidence" on 7 May 2024 in respect of proposed updates to the Eligible Assets Directive. ESMA's focus appears to be on potentially tightening the types of assets that are eligible for investment by UCITS.Non-EU banks operating within the EU will be closely monitoring the development of the Capital Requirements Directive 6 ("CRD6") which is expected to take effect by the end of 2026. Under CRD6, any non-EU bank providing "core banking services" (which includes lending) in the EU must establish an authorized local branch within the relevant jurisdiction or have an EU subsidiary capable of passporting into other EU Member States.
For AIFs, the push for the so-called democratisation of private assets in the EU has been to the forefront in recent months with the implementation of the updated version of the European Long-Term Investment Fund (ELTIF 2.0). ELTIF 2.0 aims to make it easier for retail investors to access and invest in AIFs that invest in private assets, thereby harnessing the additional funding available from that cohort for infrastructure and sustainable projects throughout the EU. The changes introduced by ELTIF 2.0 are designed to make it a more attractive product for asset managers to launch and reverses some flaws that were evident when the ELTIF was initially rolled out in 2015.
The second iteration of the Alternative Investment Fund Managers Directive (AIFMD 2) also entered into force in April 2024. The original AIFMD was largely seen as a success and AIFMD 2 is considered more of a fine tune as opposed to an overhaul of the incumbent legislation. Most notably, AIFMD 2 aims to level the playing field in the EU in respect of direct lending / loan originating AIFs, a market that has been disjointed due to individual EU member states legislating for this type of product in isolation, to date.
Finally, the funds industry has spent the last number of years grappling with the product disclosure rules introduced pursuant to the Sustainable Finance Disclosures Regulation (the SFDR) and related requirements in the Taxonomy Regulation. This legislation was largely aimed at ensuring that fund products were not overstating their green credentials i.e. greenwashing. An ESMA opinion published on 24 July, setting out its long-term vision on the functioning of the Sustainable Finance Framework, indicates there could be a shift towards strict ESG product categorisation in the future, which will likely be welcomed by industry.
Domestic financial regulatory agenda
Closer to home, the CBI has embarked on an overhaul of its current operating structure with plans to establish three directorates responsible for sectoral supervision across banking and payments, insurance and capital markets and funds. There will also be a horizontal supervision directorate providing specialist input on key cross-sectoral risks such as conduct, behaviour and culture, AML, financial resilience, operational resilience and technology risks. The new operating structure is expected to be implemented in early 2025.The CBI has also committed to an end of year implementation of the recommendations contained in the recent independent review of its fitness and probity regime.
In the area of innovation, the CBI will be launching its Innovation Sandbox Programme in December 2024 with the initial theme of the Programme being combatting financial crime through the use of innovative technology.
FS Firms will await the outcome of the CBI's recent consultation on the existing Consumer Protection Code ("CPC") with interest particularly as the revised CPC will be reflected in new statutory regulations containing business conduct standards as envisaged under the broader Individual Accountability Framework.
Challenges and opportunities
As ever, regulatory change presents challenges but as an English-speaking, common-law jurisdiction with a thriving international financial services and tech ecosystem, Ireland should be well placed to attract new entrants and further investment from incumbent FS firms. While it may be premature to speculate on the impact of a newly constituted EU Commission and Parliament in terms of future EU financial regulatory initiatives, it is likely that there will be continued divergence between EU regulation and UK regulation over the coming years, both passively and actively.
Any such divergence should present further opportunities for Ireland to serve as a jumping off point for firms seeking to passport services across the EU.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.