Please ensure Javascript is enabled for purposes of website accessibility

Expertise

Services

We have the expertise to handle the most demanding transactions. Our commercial understanding and experience of working with leading financial institutions, professional advisers and regulatory bodies means we add real value to clients’ businesses.

Sectors

Our sector approach relies on smart collaboration between teams who have a deep understanding of related businesses and industry dynamics. The specific combination of our highly informed experts helps our clients to see around corners.

Services

We have the expertise to handle the most demanding transactions. Our commercial understanding and experience of working with leading financial institutions, professional advisers and regulatory bodies means we add real value to clients’ businesses.

View all Services

Legal

Corporate and Fiduciary

Consulting

Legal

View all Legal

Banking and Finance

Corporate

Dispute Resolution

Employment and Immigration

Intellectual Property

Investment Funds

Listing Services

Local Legal Services

Private Wealth

Property law

Regulatory

Relocation Services

Restructuring and Insolvency

Tax

Employment and Immigration

Employment and Immigration overview

Intellectual Property

Intellectual Property overview

Listing Services

Listing Services overview

Restructuring and Insolvency

Restructuring and Insolvency overview

Business Services Team

Business Services Team overview

Executive Team

Executive Team overview

German Desk

German Desk overview

French desk

French desk overview

Corporate and Fiduciary

View all Corporate and Fiduciary

Accounting and Financial Reporting Services

Cayman Islands AML/CFT training

Corporate Services

Debt Capital Markets

Fund Services

Governance Services

Investor Services

Ogier Connect

Private Wealth Services

Real Estate Services

Regulatory and Compliance Services

Accounting and Financial Reporting Services

Accounting and Financial Reporting Services overview

Cayman Islands AML/CFT training

Cayman Islands AML/CFT training overview

Corporate Services

Corporate Services overview

Debt Capital Markets

Debt Capital Markets overview

Governance Services

Governance Services overview

Investor Services

Investor Services overview

Ogier Connect

Ogier Connect overview

Private Wealth Services

Private Wealth Services overview

Real Estate Services

Real Estate Services overview

Regulatory and Compliance Services

Regulatory and Compliance Services overview

Ogier Global

Ogier Global overview

Consulting

View all Consulting

Ogier Regulatory Consulting

Sustainable Investment Consulting

Sustainable Investment Consulting overview

Business Services Team

View all Business Services Team

Sectors

Our sector approach relies on smart collaboration between teams who have a deep understanding of related businesses and industry dynamics. The specific combination of our highly informed experts helps our clients to see around corners.

View all Sectors

Aviation and Marine

BVI Law in Europe and Asia

CAYLUX

Energy and Natural Resources

Family Office

Foreign direct investment (FDI)

Funds Hub

Private Equity

Real Estate

Regulatory, Investigations and Enforcement

Restructuring and Insolvency

Sports

Structured Finance

Sustainable Investing and ESG

Technology and Web3

Trusts Advisory Group

BVI Law in Europe and Asia

BVI Law in Europe and Asia overview

Energy and Natural Resources

Energy and Natural Resources overview

Family Office

Family Office overview

Foreign direct investment (FDI)

Foreign direct investment (FDI) overview

Funds Hub

Funds Hub overview

Private Equity

Private Equity overview

Real Estate

Real Estate overview

Regulatory, Investigations and Enforcement

Regulatory, Investigations and Enforcement overview

Restructuring and Insolvency

Restructuring and Insolvency overview

Structured Finance

Structured Finance overview

Sustainable Investing and ESG

Sustainable Investing and ESG overview

Technology and Web3

Technology and Web3 overview

Trusts Advisory Group

Trusts Advisory Group overview

Locations

Ogier provides practical advice on BVI, Cayman Islands, Guernsey, Irish, Jersey and Luxembourg law through our global network of offices across the Asian, Caribbean and European timezones. Ogier is the only firm to advise on this unique combination of laws.

All locations

Beijing

British Virgin Islands

Cayman Islands

Dubai

Guernsey

Hong Kong

Ireland

Jersey

London

Luxembourg - Legal Services

Luxembourg - Corporate and Fund Services

Shanghai

Singapore

Tokyo

News and insights

Keep up to date with industry insights, analysis and reviews. Find out about the work of our expert teams and subscribe to receive our newsletters straight to your inbox.

Fresh thinking, sharper opinion.

All news and insights

Brochures

Cases

Deals

Events

Guides and factsheets

Insights

News

Newsletters

Videos

About us

We get straight to the point, managing complexity to get to the essentials. Our global network of offices covers every time zone. 

About us

Corporate social responsibility (CSR)

Diversity, equity and inclusion

Information security

Innovation

Sustainability

Operational resilience: the Central Bank of Ireland’s review of MiFID firms

Insight

06 February 2026

Ireland

3 min read

ON THIS PAGE
Headshot Dave Nolan

Dave Nolan

Team: Jennifer Dobbyn, Michelle McDermott

ON THIS PAGE

RELATED

Regulatory

Investment Funds

Regulatory, Investigations and Enforcement

Funds Hub

Save as PDF

In 2021, the Central Bank of Ireland published their Cross Industry Guidance on Operational Resilience detailing how the financial services sector and businesses within it can effectively prepare for, respond to and recover from disruptions that impact the delivery of business services to keep impact of such disruptions to a minimum.

The Cross Industry Guidance on Operational Resilience (guidance) was updated in 2025 to ensure alignment with the EU's Digital Operation Resilience Regulation and Directive (DORA). DORA requires strict compliance in ICT risk management, incident reporting, digital operational resilience testing, ICT third-party management and informational sharing. Although there was no specific focus on DORA in the recently published thematic assessment, DORA compliance remains a key focus for the Central Bank of Ireland as published in their 2025-2027 strategy.

The Central Bank of Ireland's guidance can be examined in detail here.

Since 2024, the Central Bank of Ireland (CBI) has carried out thematic assessments on several MiFID firms to determine whether:

  • firms' operational resilience frameworks (frameworks) aligned with the guidance

  • the boards and senior management in the selected MiFID firms were responsible and held accountable for operating effective frameworks

The findings from the Central Bank of Ireland's thematic assessment can be found here.

The CBI conducted its most recent operational resilience assessment (assessment) in two phases:

  • Phase 1: a survey was carried out by MiFID firms to determine the maturity of their frameworks. Once survey information and framework documentation was gathered, a desk-based review was conducted by the CBI and the results were compared to self-assessments carried out by MiFID firms in 2022.

  • Phase 2: based on the output from phase 1 of the assessment, the CBI selected a number of firms for a formal in-person inspection to understand and review the respective frameworks in more detail

The Central Bank of Ireland's findings

The assessment found that frameworks have matured and are largely in line with the guidance. However, the levels of maturity varied. In many instances, MiFID firms' boards were found to be responsible for operational resilience, with functional responsibility being with senior management.

The Central Bank of Ireland has identified several areas for enhancement:

  • Identification and mapping of critical business services: firms should ensure effective identification of critical / important business services and improve mapping of service delivery. The CBI highlighted that some frameworks lacked the necessary levels of precision in their documentation and mapping of people, processes, information, technology, facilities and third-party service providers.

  • Scenario testing: firms should ensure scenario testing is robust across both the level of detail and range of scenarios being considered. Adequate testing should be expanded and carried out to ensure compliance with CBI expectations.

  • Risk management framework alignment: it is crucial that MiFID firms align the frameworks with their risk management frameworks and procedures. The CBI detailed that an aligned and integrated approach is required.

Suggested enhancements by the Central Bank of Ireland

The Central Bank of Ireland asks that all MiFID firms revisit the Cross Industry Guidance on Operational Resilience to ensure adherence and continued compliance with the guidance, particularly since the updates of 2025 which incorporated DORA. Compliance, risk and operations teams should use this opportunity to assess existing systems and controls against CBI expectations, carry out a gap analysis and enhance their respective environments, reporting to the board with findings and enhancements. Documenting this process is important to evidence a strong and robust compliance and risk environment.

Notably, the CBI has stated that any firms not subject to DORA should still consider applying its regulations for good practice. The guidance lays out the CBI's expectations on MiFID firms' boards and senior management, regarding design and management of robust frameworks, placing an emphasis on operational resilience when making risk management and investment decisions.

To ensure frameworks meet the required standards as set out in the Cross Industry Guidance on Operational Resilience, the Central Bank of Ireland suggests that a top-down approach, integrating resilience in decision making is crucial.

The CBI highlighted that particular care and attention is afforded to:

  • Guideline 4:  identification of a firms critical or important business services

  • Guideline 7: understanding and mapping of delivery of critical or important business services

  • Guideline 8: mapping and capturing any third-party dependencies of critical or important business

Key takeaways

The Cross Industry Guidance on Operational Resilience has been introduced to ensure MiFID firms can prepare for and recover from operational difficulties or disruptions with as little impact as possible. Based off the assessment, the CBI has highlighted that some MiFID firms still have areas requiring enhancement for full compliance with the guidance and the Central Bank of Ireland's expectations.

How Ogier can help 

At Ogier, we can analyse your current frameworks against the guidance to ensure your firm is meeting its obligations. Where improvements or amendments are required, we can offer practical assistance in addressing these gaps. Our team is comprised of leading lawyers and experienced industry professionals across both non-contentious and contentious disciplines.

Ogier can also support you with the implementation of DORA and other risk management frameworks to ensure seamless and effective integration throughout your business.

For more information, contact our team via the contact details provided below.

Key contacts

About Ogier

Ogier is a professional services firm with the knowledge and expertise to handle the most demanding and complex transactions and provide expert, efficient and cost-effective services to all our clients. We regularly win awards for the quality of our client service, our work and our people.

Disclaimer

This client briefing has been prepared for clients and professional associates of Ogier. The information and expressions of opinion which it contains are not intended to be a comprehensive study or to provide legal advice and should not be treated as a substitute for specific advice concerning individual situations.

Regulatory information can be found under Legal Notice