On 18 February 2025, the Government Legislation Programme for Spring 2025 was published (“Spring Programme”). The Programme identifies 21 bills to be prioritised for publication and 29 bills to be prioritised for drafting. Those of direct relevance to financial services are outlined below:

Legislation for Priority Drafting

• Co-operative Societies Bill  aims to place the co-operative model on a more favourable and clearer legal basis, thereby creating a level playing field with companies and encouraging the consideration of the cooperative model as an attractive formation option for entrepreneurs.  The Spring Programme indicates that work is ongoing.

All Other Legislation

• Regulation of Artificial Intelligence Bill  will give full effect to EU Regulation 2024/1689 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). The Bill will designate the National Competent Authorities responsible for implementing and enforcing the EU regulation and will provide for penalties for non-compliance. The Spring Programme indicates that the Heads of Bill are in preparation.
• Asset Covered Securities (Amendment) Bill will amend the Asset Covered Securities Act 2001 to facilitate the issuance of asset covered securities (covered bonds) either by specialist covered bond subsidiary entities under a specialist banking model or from non-specialist credit institutions operating under a universal banking model and related matters. The Spring Programme indicates that the Heads of Bill are in preparation.
• Restrictive Measures Bill will create a mechanism by which persons would be obliged to adhere to the asset freezing requirements of certain UN Security Council Resolutions in the period prior to their incorporation in an EU legislative act, i.e. a ‘bridging measure’, in order to meet Ireland’s international obligations and prevent sanctions evasion. The Spring Programme indicates that the Heads of Bill are in preparation.

Bills restored to the Dáil Order Paper

• Credit Review Bill 2024 is at  Committee Stage.                                               
• Finance (Provision of Access to Cash Infrastructure) Bill 2024 is at  Committee Stage.          
• Financial Services and Pensions Ombudsman (Amendment) Bill 2023 is at  Committee Stage.          

The FIG Top 5 at 5 will continue to monitor the progress of the legislative initiatives and updated clients when appropriate.

1. Second set of DORA Irish Regulations are published

On 14 February 2025,  S.I. No. 20 / 2025 - European Union (Digital Operational Resilience) (No. 2) Regulations 2025 was published in Iris Oifigiúil (“DORA Irish Regulations”). The DORA Irish Regulations give effect to the DORA Directive -  Directive (EU) 2022/2556 and specifically designate the Central Bank of Ireland (“Central Bank”) as the competent authority in Ireland for the purposes of Articles 26(9) and 32(5), respectively, of DORA.

Part 3 of the DORA Irish Regulations sets out that the Central Bank shall have all the powers necessary for the performance of its functions and duties under DORA and under the DORA Irish Regulations.

Part 4 of the DORA Irish Regulations sets out the powers that the Central Bank has as regards enforcement and sanctions, some of which are as follows:

• an order requiring the natural or legal person to cease conduct that is in breach of the DORA and to desist from a repetition of that conduct;
• the temporary or permanent cessation of any practice or conduct that the Central Bank considers to be contrary to the provisions of the DORA and to prevent repetition of that practice or conduct;
• the adoption of any type of measure, including of a pecuniary nature, to ensure that financial entities continue to comply with legal requirements; and
• the issuance of public notices, including public statements indicating the identity of the natural or legal person and the nature of the breach.

Where the breach is committed by a legal person, the Central Bank may apply the sanctions to members of the management body and to other individuals who under the provisions of any enactment are responsible for the breach.

Sanctions will be imposed following, either an inquiry under section 33AO or 33AR of the Central Bank Act 1942 (“1942 Act”), or  in accordance with section 33AR or 33AV of the 1942 Act. 

Amendment of 1942 Act

Part 5 sets out those parts of the 1942 Act that are amended by the DORA Irish Regulations.

Appeal

Any decision taken or sanction imposed under DORA or under the DORA Irish Regulations is an appealable decision for the purposes of Part VIIA of the 1942 Act.

Credit Unions

The DORA Irish Regulations shall not apply to credit unions until 17 January 2028.

2. ESAs publish roadmap towards designation of CTPPs under DORA

On 18 February 2025, the European Supervisory Authorities (“ESAs”) published a roadmap addressing the designation of critical ICT third – party service providers (“CTPPs”) under DORA.

In order to designate the CTPPs in 2025, the ESAs have set out the following steps with relevant timelines:

• Collection of the Registers of Information (“RoI”) - the ESAs will collect the RoI submitted to the competent authorities by financial entities by 30 April 2025. 
• Criticality assessments – the ESAs will perform criticality assessments and notify third – party service providers of their designation as critical by the end of July 2025.
• Hearing period – ICT third – party service providers may object to the assessment with a reasoned statement and supporting information by the first half of September 2025.
• Final Designation and engagement – the ESAs will have designated CTPPs, published the list of the CTPPs and will have started the oversight engagement by the end of 2025.

ICT third - party service providers not designated as critical may voluntarily request to be designated as critical once the list of CTPPs is published. The ESA have stated that details on how to do this will be provided soon.

Next Steps

The ESAs plan to hold an online workshop with ICT third - party service providers during the second quarter of 2025 with a view to providing clarity on preparatory activities, the designation process and the ESAs oversight process.

3. Commission adopts delegated regulation on RTS on threat - led penetration testing under DORA

On 13 February 2025, the European Commission (“Commission”) adopted a delegated regulation (“Regulation”) with regard to regulatory technical standards (“RTS”) specifying the criteria to be used for identifying financial entities required to perform threat - led penetration testing (“TLPT”) under DORA.

One of the objectives of DORA is to ensure that financial entities regularly test their ICT systems to assess the effectiveness of their preventive and resilience measures and to identify and address potential ICT vulnerabilities, as well as to reduce single market fragmentation and enable cross-border acceptance of testing results.

Accordingly, article 26 (11) of DORA mandates the ESAs, in agreement with the European Central Bank (“ECB”), to develop joint draft RTS in accordance with the ECB's European framework for threat intelligence - based ethical red teaming (“TIBER-EU framework”) in order to further specify the following:

• the criteria to identify financial entities required to perform TLPT – article 2;
• the requirements regarding test scope, testing methodology and results of TLPT – articles 3 - 14;
• the requirements and standards governing the use of internal testers – article 15; and
• the rules on supervisory and other cooperation needed for the implementation of TLPT and for mutual recognition of testing – articles 16 - 17.

Next Steps

The Regulation will enter into force 20 days after its publication in the Official Journal of the European Union.

On 11 February 2025, the European Commission (“Commission”) published its much anticipated work programme for 2025 (“25WP”). The 25WP was accompanied by a communication on implementation and simplification that articulates the Commission’s vision and how it will be achieved. In this update we consider the impact of the 25WP on financial services firms.

New Initiatives

The following initiatives have been identified by the Commission to address its areas of priority. The Commission has called on the European Parliament (“Parliament”) and Council of the EU (“Council”) to fast-track these initiatives to “provide maximum and swift clarity and relief to companies”:

• EU Competitiveness Compass – see FIG Top 5at 5 dated 6 February 2025;
• Omnibus package on sustainability – “ a far- reaching simplification in the fields of sustainable finance reporting, sustainability due diligence and taxonomy”;
• Omnibus package on investments – simplification – “facilitate……the deployment of InvestEU and the European Fund for Strategic Investments”;
• Review of the securitisation framework – simplification;
• Review of Sustainable Finance Disclosure Regulation – simplification;
• Digital Package – simplification;

Proposals in progress

Following a review of proposals that were awaiting adoption by Parliament and the Council at the end of the last Commission’s tenure, some 123 proposals have been retained. Those most relevant to financial services include proposals for:

• a Digital euro;
• Payment Services Regulation and Payment Services Directive;
• Financial Data Access Regulation;
• Retail Investment Strategy;
• Amendments to the Regulation on key information documents for packaged retail and insurance-based investment products;
• EU bank crisis management and deposit insurance framework reforms; and
• European Deposit Insurance Scheme.

Withdrawals

Following the review mentioned above, the Commission has decided to withdraw 37 current proposals, subject to approval by the Parliament and Council. Of relevance to financial services is the proposal for a directive on credit servicers, credit purchasers and the recovery of collateral.

Next Steps

The Commission must now present the 25WP to the General Affairs Council. The Commission, Parliament and Council will then establish a joint declaration on the EU’s legislative priorities for 2025. The Commission’s stated intention is that the new omnibus packages will be the first deliverables of the “simpler and faster” mandate. 

On 12 February 2025, the third meeting of the joint EU – UK Financial Regulatory Forum (“Forum”) took place in London. A joint statement ofthe Forum (“Statement”) was published on the same day.

The meeting was chaired by the HM Treasury Director General for Financial Services and the European Commission Director General for Financial Stability, Financial Services and Capital Markets Union. Participants attended from the following institutions:

• the Bank of England;
• the Financial Conduct Authority;
•  the European Central Bank;
• the European Supervisory Authorities; and
•  the EU Single Resolution Board.

The Statement sets out the following five themes that were the focus of the meeting:

• the policy outlook, and macroeconomic and financial stability outlook- the Forum considered policy priorities in the EU and the UK as regards supporting economic growth and emerging risks to financial stability. The importance of improving resilience was also discussed with a continued focus on long – term growth, technological advancement and sustainability.
• banking regulation – Basel III and resolution were discussed with all parties reaffirming the importance of high international standards in the context of global financial stability. The Forum highlighted the importance of ensuring that all aspects of the Basel III framework are fully implemented.
  
  Securitisation was also considered with an emphasis on effective regulation as regards ensuring that securitisation supports economic growth alongside the preservation of financial stability.
  
  As regards resolution,  open bank bail ‑ in operationalisation was discussed and the importance of effective cross border resolution frameworks was noted.

• digital and technology  - developments in AI applicable to the financial sector were discussed with an agreement being reached as regards continued cooperation in order to develop a common understanding of the risks and benefits associated with AI.
• markets reform – some of the areas considered by the Forum were as follows:
  • MiCA – the need to facilitate innovation and to provide regulatory certainty was noted. Acknowledging that MiCA has been fully applicable since 30 December 2024, the UK updated the Forum as regards its plans to bring forward legislation to create the UK regime;
  • T +1 securities settlement cycle – the benefit of coordination across Europe was acknowledged. To facilitate open sharing of information and technical progress, both sides noted that the chairs of the EU and UK industry taskforces will participate in their counterpart’s taskforce as observers;
  •  Benchmark rules in both the EU and the UK; and
  • the UK’s overseas funds regime, the progress in processing EU funds’ applications and the recent extension of the temporary marketing permissions regime.
• sustainable finance – support for the work of the G20 Working Group on Sustainable Finance, the International Platform on Sustainable Finance and the International Sustainability Standards Board was reaffirmed. The importance of minimising reporting frictions for internationally active firms was also highlighted.
  
  Disclosures were also considered, including UK sustainability disclosure requirements and the EU Sustainable Finance Disclosure Regulation. The EU highlighted its intention to introduce an omnibus simplification package focused on the reduction of the reporting burden for companies.  

1. ESMA consults on amendments to RTS on settlement discipline under CSDR

On 13 February 2020, the  European Securities and Markets Authority (“ESMA”) launched a consultation (“Consultation”) on settlement discipline under Regulation (EU) No 909/2014 on improving securities settlement in the European Union and on central securities depositories (“CSDR”).

CSDR Refit (Regulation 2023/2845) introduced certain amendments to Article 6(5) and 7(10) of CSDR requiring ESMA to develop draft regulatory technical standards (“RTS”) in relation to settlement discipline measures and tools to improve settlement efficiency. It is ESMA’s view that this requires an amendment of the existing RTS on settlement discipline, namely Commission Delegated Regulation (EU) 2018/1229 on settlement discipline.

The Consultation paper is primarily addressed to central securities depositories (“CSDs”), CSD participants, investment firms, credit institutions, and their professional clients.

The Consultation contains a set of proposals that amend the technical standards on settlement discipline that include:

• reduced timeframes for allocations and confirmations;
• the use of electronic, machine-readable allocations and confirmations according to international standards; and
• the implementation of hold and release and partial settlement by all central securities depositories.

ESMA has stated that it also wants to gather stakeholders' views on additional measures that could potentially enhance settlement efficiency, for which there are no specific policy proposals yet.

The Consultation takes account of the transition to T+1 in the European Union and the legislative proposal published by the European Commission (“Commission”) on 12 February 2025. ESMA have also stated that the Consultation is aligned with the roadmap set out in ESMA’s final report of 18 November 2024 on shortening the settlement cycle.

Next Steps

The Consultation is open for feedback until 14 April 2025. ESMA expects to publish a final report and submit the draft RTS to the Commission by October 2025.

2. Commission publishes proposal for a shortened settlement cycle under CSDR

On 12 February 2025, the European Commission (“Commission”) published a proposal (“Proposal”) that would shorten the settlement cycle for EU securities from two days to one.

The Commission makes this Proposal having considered the recommendations in the European Securities and Markets Authorities' (“ESMA”)  report, which was produced in conjunction with the European Central Bank (“ECB”).

The Proposal will amend the Central Securities Depositories Regulation (“CSDR”) by shortening the settlement cycle on securities, such as shares or bonds executed on EU trading venues, from two business days (“T+2”) to one after the trading takes place (“T+1”). Shortening the settlement cycle to T+1 aims to strengthen the efficiency and competitiveness of post - trade financial market services in the EU, which the Commission has stated are vital to a well-functioning Savings and Investments Union (“SIU”). In addition, the Proposal in intended to:

• promote settlement efficiency and increase the resilience of EU capital markets;
• develop deeper and more liquid capital markets – a key objective of the SIU;
• increased automation of post-trading processes - leading to more modern and efficient post- trading processes across the EU;
• avoid market fragmentation and costs linked to misalignment between EU and other global financial markets - contributing to the competitiveness of EU capital markets.

The Proposal has set 11 October 2027 as the date for the transition to T+1. It is considered that this timeframe will give market participants enough time develop, test and agree processes and standards to ensure an orderly and successful introduction of T+1 on EU capital markets.

Next Steps

The Proposal will be submitted to  the European Parliament (“Parliament”) and the European Council (“Council”) for their consideration and adoption. The changes in the Proposal will come into force when the Parliament and the Council have reached agreement on the publication and after it has been published in the Official Journal of the European Union.

3. Delegated Regulations under MiCA published in the OJEU

On 13 February 2025, eight delegated regulations under the Regulation on Markets in Crypto – Assets (“MiCA”) were published in the Official Journal of the European Union (“OJEU”), as follows:

1. Commission Delegated Regulation (EU) 2025/292 of 26 September 2024 with regard to regulatory technical standards (“RTS”) establishing a template document for cooperation arrangements between competent authorities and supervisory authorities of third countries;
2. Commission Delegated Regulation (EU) 2025/293 of 30 September 2024 with regard to RTS specifying the requirements, templates and procedures for the handling of complaints relating to asset referenced tokens;
3. Commission Delegated Regulation (EU) 2025/294 of 1 October 2024  with regard to RTS specifying the requirements, templates and procedures for the handling of complaints by the crypto-asset service providers;
4. Commission Delegated Regulation (EU) 2025/295 of 24 October 2024 with regard to RTS on harmonisation of conditions enabling the conduct of the oversight activities;
5. Commission Delegated Regulation (EU) 2025/296 of 31 October 2024 with regard to RTS specifying the procedure for the approval of a crypto-asset white paper;
6. Commission Delegated Regulation (EU) 2025/297 of 31 October 2024 with regard to RTS  specifying the conditions for the establishment and functioning of consultative supervisory colleges;
7. Commission Delegated Regulation (EU) 2025/298 of 31 October 2024 with regard to RTS specifying the methodology to estimate the number and value of transactions associated to uses of asset referenced tokens and of e-money tokens denominated in a currency that is not an official currency of a Member State as a means of exchange; and
8. Commission Delegated Regulation (EU) 2025/299 of 31 October 2024 with regard to RTS on continuity and regularity in the performance of crypto-asset services.

Background

The delegated regulations were adopted by the European Commission in September, October and November 2024. For more information please see FIG Top 5 at 5 dated 3 October 2024 and FIG Top 5 at 5 dated 7 November 2024. 

Next Steps

All of the delegated regulations, set out above, will enter into force on 5 March 2025, being 20 days after their publication in the OJEU.

4. ESMA launches consultation on criteria for assessment of knowledge and competence under MiCA

On 17 February 2025, the European Securities and Markets Authority (“ESMA”) launched a consultation (“Consultation”) on draft guidelines (“Guidelines”) on the criteria for  the assessment of knowledge and competence of crypto - asset service providers’ (“CASPs”) staff with regard to giving information or advice on crypto - assets or crypto - asset services, under the Regulation on Markets in Crypto Assets (“MiCA”).

ESMA is of the view that all CASPs, not just those engaged in providing advice, should ensure that natural persons giving information about crypto - assets or crypto - asset services possess the necessary knowledge and competence to fulfil their obligations. Further, ESMA has stated that the knowledge of market participants, particularly retail investors, about crypto - assets and related services still seems to be limited.

Accordingly, one of the main objectives of the Guidelines is to ensure that there is a minimum level of knowledge and competence in respect of the staff providing advice and information on crypto - assets or crypto - asset services to clients in order to enhance investor protection and foster investors’ trust in the crypto - asset markets.

Section 2 of the Consultation details the background to the Guidelines. Annex 1 sets out the questions posed by the Consultation and Annex II contains the full text of the Guidelines.

Next Steps

The Consultation is open for feedback until 22 April 2025.

ESMA has stated that it will consider the feedback received regarding the Consultation and expects to publish a final report in Q3 2025.

The Guidelines apply 60 calendar days from the date of their publication on ESMA’s website, in all official EU languages.