Irish MiFID investment firms are under fresh regulatory pressure after the Central Bank of Ireland (CBI) published its Thematic Assessment of the compliance function on 18 May 2026, according to a briefing from law firm Zeidler.
The assessment, which reviewed compliance arrangements across firms regulated under MiFID II, carries direct obligations rather than mere guidance. Zeidler notes that the CBI has instructed every MiFID investment firm to discuss the report at its next board meeting, with the discussion formally recorded in the minutes, and has warned it may follow up through supervisory activity.
The review measured firms against Article 22 of the MiFID II Delegated Regulation and the related ESMA Guidelines, focusing on the adequacy of the compliance framework, the effectiveness of planning, monitoring and testing, and the quality of reporting to boards. It was prompted by weaknesses in culture, governance and risk management flagged in the CBI’s 2025 and 2026 Regulatory and Supervisory Outlook reports.
On the positive side, Zeidler highlights that firms showed a generally sound grasp of their obligations. Strategic engagement was a standout strength, with compliance teams actively involved in new product and business line decisions, including voting seats on product approval committees. Most firms were adequately resourced, operated risk-based monitoring programmes, some including on-site inspections, and carried out horizon scanning to track regulatory change.
The shortcomings, however, are significant. Several firms could not demonstrate robust succession plans or contingency arrangements for compliance roles, a risk if a head of compliance departs unexpectedly. Training delivered wholly by HR or third parties, without compliance team involvement, was flagged as unlikely to embed regulatory awareness. Some risk assessments failed to review all identified risks regularly, compliance plans lacked detail, and board minutes did not always evidence genuine discussion or challenge of compliance matters.
The CBI now expects firms to ensure robust succession planning, active compliance involvement in training design and delivery, calibrated risk-based monitoring, prioritised horizon scanning, and board minutes that accurately capture debate and challenge.
Beyond the mandatory board discussion, Zeidler explains that firms must conduct a comprehensive self-assessment against the findings, Article 22 and the ESMA Guidelines, and consider how the compliance function can support the Consumer Protection Code’s standards on securing customers’ interests and protecting vulnerable consumers. Where gaps emerge, remedial action should be proactive and timely.
For more, read the full story here.
Copyright © 2026 FinTech Global
Copyright © 2018 RegTech Analyst





