Question 1 

“As a Senior Advisor for an Irish-based Consultancy, you have been tasked with advising a US-headquartered FinTech operating in Ireland (e.g., banking, cryptocurrency services, e-money payments, wealth management, insurance, or another financial service provider).

The FinTech’s Board is already briefed on the Central Bank of Ireland’s Cross-Industry Guidance on Operational Resilience (December 2021), which aligns with international best practices and is compatible with the recently enacted Digital Operational Resilience Act (DORA). However, they are aware of recent updates to the Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS) and wish to ensure that these updates are reflected in their DORA plan for critical business services.

Given the Central Bank of Ireland’s expectation for firms to address operational resilience vulnerabilities promptly and demonstrate actions and plans to comply with DORA by the end of 2024, the Board has requested your report to:

• Outline the key requirements of DORA and how it seeks to harmonize operational resilience across the financial sector;
• Analyze the relevance of the Central Bank of Ireland’s findings and recommendations concerning ICT risk management for your chosen financial service provider;
• Identify critical areas of the guidelines that the Board should prioritize;
• Provide advice on the most recent Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS) issued by the European Banking Authority (EBA);
• Assess your firm’s current level of operational resilience maturity based on the Central Bank of Ireland’s guidelines.”