Technical Hub

Welcome to the latest edition of Technical Roundup.   In developments since the last edition, the UK Government announced that it is not progressing with the Audit and Corporate Governance Reform Bill. The Department of Enterprise, Tourism and Employment (DETE) has launched a public consultation seeking views on proposed legislative measures through the Consumer Protection, Competition and Enforcement Bill 2026 to strengthen consumer protection and enforcement in Ireland with a closing date for receipt of submissions of Friday, 27 February 2026.  The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have adopted a Joint Opinion on the European Commission’s Proposal for the ‘Digital Omnibus on AI’.  Read more on these and other developments that may be of interest to members below.   Financial Reporting   The European Financial Reporting Advisory Group (EFRAG) is hosting a webinar “Circular Economy Reporting in Focus: The Draft Simplified ESRS E5” on 3 February 2026. This webinar will discuss the role of the E5 standard and the key lessons learned from the first year of its application.  Richard Moriarty, Chief Executive of the Financial Reporting Council (FRC), has set out the regulator's priorities and focus for 2026. Within this document are five key focus areas;  underpinning investor confidence in UK plc  reducing unnecessary burdens on business while maintaining high standards  developing deep insight into the markets we oversee so our regulation is based on evidence and expertise  identifying future trends and innovations to support the health of the markets we oversee  supporting the skills and resilience of the professions we regulate  The UK Department for Business and Trade (DBT) has introduced new regulations requiring large companies to include information on their supplier payment practices, policies and performance within their directors’ report for financial years beginning on or after 1 January 2026. Full guidance on who must report and what information is required is available on the DBT website.  Auditing and Assurance   Accountancy Europe (AE) published analysis and findings regarding audit exemption thresholds in Europe.  The UK Government announced that it is not progressing with the Audit and Corporate Governance Reform Bill. In a letter to the Chair, Business and Trade Committee, the Minister for Small Businesses and Economic Transformation Blair McDougall stated that the government’s key priority is to promote growth and reduce administrative burdens, and that it would not be right to prioritise the introduction of measures that would increase costs on businesses. Whilst the Institute is generally supportive of simplification and proportionate regulation, uncertainty is bad for business. It is not clear whether some of the reform proposals included in the now abandoned bill might be brought forward in another way. The future role of the FRC also remains unclear. We will continue to engage with the UK Government and the FRC as this continues to evolve.   Insolvency   The Institute is hosting three in-person sessions which will provide an introduction to the new Creditor Voluntary Liquidation workbook. The workbook has been produced to assist Liquidators in complying with legislative and SIP requirements when conducting statutory meetings, reporting to creditors and approval of remuneration.  The sessions will also cover compliance matters and will include potential issues and problems that can arise and how to avoid or best navigate these. It will also include some practical examples and a Q&A session.  The sessions are targeted at professionals taking on insolvency appointments and acting as Liquidator, and those training or working in the insolvency sector looking to gain expertise in this area.     Each of these three-hour sessions are free to attend and will take place on the following dates:  Tuesday, 3 March at 1pm  Cork Book Now    Wednesday, 4 March at 9am  Galway  Book now   Thursday, 5 March at 9am Dublin  Book now  Sustainability   The European Securities and Markets Authority (ESMA) has published a second thematic note on sustainability-related claims focusing on ESG strategies. This publication offers practical guidance for making sustainability claims ensuring clear, fair and not misleading sustainability-related claims are made by market participants and also addressing greenwashing risks in support of sustainable investments.   The European Central Bank (ECB) announced that it has advanced its climate and nature work based on the 2024-2025 plan embedding climate and nature-related risks into its core work.  Anti-money laundering, Authorised Corporate Service Provider registration  On 1 January 2026, the European Banking Authority (EBA) and the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) completed the transfer of all AML/CFT mandates and functions from the EBA to AMLA. The handover concludes the EBA's stand-alone AML/CFT mandate that began in 2020 and is part of the new EU AML/CFT package, which established AMLA at the centre of an integrated, European system of AML/CFT supervision.  Chartered Accountants Ireland responded to HM Treasury’s Consultation regarding Anti Money Laundering /Counter Terrorist-Financing (AML/CTF) Supervision Reform: Duties, Powers and Accountability. The consultation response provided feedback on proposals to reform the supervision of anti-money laundering and counter-terrorist financing (AML/CTF) compliance among professional services businesses following the UK government’s announcement in 2025 that the Financial Conduct Authority (FCA) should take over responsibility for AML/CTF supervision of legal, accountancy, and trust and company service providers.  Readers may know UK Companies House had planned that that by Spring 2026 identity verification of presenters would be a compulsory part of filing any document with Companies House and that all third-party agents filing on behalf of UK companies would need to be registered as an ACSP with Companies House. Since March 2025, Trust and Company Service Providers (TCSPs) and other professional service providers (such as accountants and solicitors) who are registered for Anti Money Laundering purposes with a supervisor in the UK, have been able to register with Companies House to become Authorised Corporate Service Providers (ACSPs). In an announcement earlier this week, Companies House confirmed the delayed implementation of this Spring deadline for presenters and third-party filling agents to be registered with Companies House to at least November 2026.  Central Bank of Ireland (CBI)  The CBI published the results of its thematic assessment of operational resilience in the MiFID investment firm sector, finding evidence of maturing frameworks but identifying weaknesses in firms’ identification and mapping of critical or important business services, scenario testing, and integration of firms' operational resilience frameworks with existing risk management frameworks.  Gerry Cross, Director, Capital Markets and Funds, Central Bank of Ireland delivered a speech at the Compliance Institute AGM. The speech focused on 'Supervising for success: some themes for a time of change'. The speech covered a number of important topics of relevance to compliance professionals and regulators including the important objective of securing customers’ interests, individual accountability, simplification, resilience, leveraging technology, and the Central Bank’s evolving approach to supervision.  The CBI and Banca d’Italia launched the first joint Innovation Data Challenge designed to foster cutting-edge research and innovation in the retail payments sector.  The new Consumer Protection Code (CPC 2025) and related Standards for Business will come into effect on 24 March 2026. Alongside the publication of the Consumer Code 2025, the CBI has recently published General Guidance on the Consumer Protection Code to support firms in implementing the requirements.  Artificial Intelligence (AI)  The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) adopted a Joint Opinion on the European Commission’s Proposal for the ‘Digital Omnibus on AI’. The EDPB and EDPS support streamlining the European AI Act implementation but call for stronger safeguards to protect fundamental rights.  Cybersecurity   The European Commission plans to revise the 2019 Cybersecurity Act to strengthen the EU’s resilience and capabilities in the face of these growing threats.  The purpose is to strengthen the security of the EU’s information and communication technologies by reducing the risks from third-country suppliers and to ensure that digital products and services used are tested for security in a more efficient way.  The UK Government has published its new 'Government Cyber Action Plan (GCAP)', which aims to strengthen resilience across the UK particularly in the public sector. The GCAP outlines roles and relationships between organisations working with the public sector (including the UK's National Cyber Security Centre (NCSC) and the Department for Science, Innovation and Technology), setting clear milestones, strengthening governance, and providing centralised support that allows departments to focus on securing what matters most. The NCSC has published a summary of the new GCAP document on its website.  The UK's NCSC published new guidance setting out secure connectivity principles for Operational Technology (OT). These principles will help organisations design, review, and secure the connectivity within and to OT systems, transforming system understanding into positive cyber security action.  The UK's NCSC has also issued a warning over hacktivist groups disrupting UK organisations and online services. Organisations, particularly local government authorities and operators of critical national infrastructure, are being encouraged to review their defences and improve their cyber resilience by preparing and being able to respond to denial of service (DoS) attacks.   Digital Operational Resilience Act (DORA)  The European Supervisory Authorities and UK financial regulators signed a Memorandum of Understanding on oversight of critical ICT third-party service providers under DORA. The underlying details of the principles and key areas for cooperation and exchange of information between the ESAs and the UK Financial Authorities are included in the Memorandum of Understanding on DORA oversight of critical ICT third-party service providers in EU and UK.  Other News  Enterprise Ireland has created a new guide to support Irish SMEs on their sustainable export journey into the EU. It offers guidance on Navigating ESG Procurement - EU Export Guide for Germany, France, Spain and Italy to ensure continued competitiveness when competing for export opportunities to main EU markets including Germany, France, Spain and Italy.   The Government published its Legislation Programme for Spring 2026 setting out the Government’s priorities for the coming ten-week parliamentary session. It includes various areas of planned legislative changes including reference to heads in preparation of legislation for the transposition of the EU’s 6th Anti-Money laundering package that requires primary legislation. Work is ongoing on the National Cyber Security Bill (incorporating provisions to establish the National Cyber Security Centre on a statutory basis and provide for related matters), and heads are in preparation on the Regulation of Artificial Intelligence Bill giving full effect in Ireland to the EU Regulation on Artificial Intelligence, including the establishment of the national AI central office.  The UK's Information Commissioner's Office (ICO) published updated guidance on international transfers of personal information. This guidance supports businesses with understanding and complying with the transfer rules under UK GDPR.   The European Securities and Markets Authority (ESMA) published principles on risk-based supervision, which is a critical pillar for ESMA’s simplification and burden reduction efforts. These principles support a common and effective EU-wide supervisory culture to strengthen the EU single market.  The European Central Bank (ECB) published its latest economic bulletin covering the external environments, economic activity, prices and costs, financial market developments, financing conditions, credit and fiscal developments.   The Department of Enterprise, Tourism and Employment (DETE) launched a public consultation seeking views on proposed legislative measures through the Consumer Protection, Competition and Enforcement Bill 2026 to strengthen consumer protection and enforcement in Ireland. The closing date for receipt of submissions is 5pm on Friday, 27 February 2026.   Minister of State for Small Businesses, Retail and Employment at DETE has signed into law a revised Code of Practice on Access to Part‑Time Working . Prepared by the Workplace Relations Commission (WRC), the updated Code provides practical guidance to help employers and employees agree part‑time arrangements that support flexible, inclusive and modern workplaces.   The European Data Protection Board (EDPB) contributed to the European Commission’s evaluation of the application of the Data Protection Law Enforcement Directive (LED). In addition, the EDPB has updated recommendations on the application for Processor Binding Corporate Rules (BCR-P) covering the transfer tool that can be used by a group of undertakings or enterprises to transfer personal data outside the European Economic Area to processors within the same group to ensure compliance with GDPR. The updated recommendations will be open to public consultation until 2 March 2026.   CLS Chartered Secretaries has recently published its CLS “Top 10 Co Sec Points for 2026”. They write that each year they highlight some Company Law and Company Secretarial points to consider and some useful ones for 2026 including changes made to the audit exemption rules in 2025 and options if a company is late in filing.  For further technical information and updates please visit the Technical Hub on the Institute website.           This information is provided as resources and information only and nothing in the information purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the information. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of the information we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained herein.    

From the Professional Accountancy team…... In December 2025 the European Commission announced planned changes to the list of high-risk jurisdictions .Russia was added to the list in order to strengthen the international fight against financial crime. In addition, updates were also announced for the high-risk jurisdictions list following the decisions taken at the FATF and its list of ‘Jurisdictions under Increased Monitoring’ (‘grey list’), following the FATF Plenaries of June and October 2025. The EU has added new third-country jurisdictions to the list (Bolivia and the British Virgin Islands) and delisted a number of others (Burkina Faso, Mali, Mozambique, Nigeria, South Africa and Tanzania). The changes will not enter into force until published in the Official Journal.  For further information regarding the planned changes to the list of high-risk jurisdictions, please refer to European Commission webpage on high risk third countries . This information is provided as resources and information only and nothing in these pages purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the pages. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of these pages, we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained in these pages.

Welcome to the latest edition of Technical Roundup.  In developments since the last edition, Chartered Accountants Ireland, the Central Bank of Ireland and the EU Sanctions Helpdesk will hold an online webinar on 20 January at 10.30am, which will provide practical compliance support and guide participants through the essentials of EU sanctions compliance, the support available to Irish businesses, and how the EU Sanctions Helpdesk assists Small & Medium-sized Enterprises (SMEs). The International Federation of Accountants has announced the publication of the 2026 edition of the Handbook of International Education Standards. Read more on these and other developments that may be of interest to members below.  Financial Reporting   Chartered Accountants Ireland has issued its response to FRED 88 FRS 101 Reduced Disclosure Framework- 2025/26 cycle. The Financial Reporting Council (FRC) review FRS 101 each year to decide whether FRS 101 should provide exemptions from new disclosure requirements or whether other consequential amendments are required. In FRED 88, the FRC proposed that no amendments should be made to FRS 101 in this cycle. The Institute agreed with this proposal in its response. The European Financial Reporting Advisory Group (EFRAG) has published the report of its intangible assets workshop series which were held in November 2025. This report discusses many areas of relevance, including the information needs of users of specific types of intangible assets. Auditing and Assurance  IAASA has updated five ISAs (Ireland) to reflect the adoption of the new Irish Corporate Governance Code, which applies to Euronext Dublin–listed entities for periods beginning 1 January 2025. Revised standards: ISA (Ireland) 260, 570, 700, 701, and 720. The revisions do not introduce new auditor requirements; they mainly align the standards with the new Code and update references.  The revised standards are available on the IAASA website. The International Auditing and Assurance Standards Board (IAASB) has issued narrow‑scope amendments to several of its standards in response to changes introduced by the International Ethics Standards Board for Accountants (IESBA) through its Using the Work of an External Expert project. These revisions align with IESBA’s recent updates to the International Code of Ethics for Professional Accountants (including International Independence Standards), which now include explicit ethical requirements for using the work of external experts in audit, assurance, and non‑assurance engagements. The IAASB’s amendments ensure continued interoperability and reflect strong coordination between both standard‑setting boards. Impacted IAASB Standards The targeted amendments apply to the following standards: ISA 620 – Using the Work of an Auditor’s Expert ISRE 2400 (Revised) – Engagements to Review Historical Financial Statements ISAE 3000 (Revised) – Assurance Engagements Other than Audits or Reviews of Historical Financial Information ISRS 4400 (Revised) – Agreed‑upon Procedures Engagements The IAASB has also released a Basis for Conclusions providing background and rationale for the updates. Sustainability  The European Commission issued an update regarding the Carbon Border Adjustment Mechanism (CBAM) operational procedures. In addition, various documents have also been published to support businesses in scope of CBAM including the CBAM Compliance Essentials for Importers and Indirect Customs Representatives as from 1 January 2026, CBAM Quick Guide, and a list of National Competent Authorities for CBAM. The Environment Protection Agency (EPA) has been appointed as the national competent authority in Ireland. CBAM becomes fully operational on 1 January 2026, marking the end of the two-year transitional phase (2023-2025). Following the release of the draft simplified European Sustainability Reporting Standards (ESRS), EFRAG has published the following documents, which are aimed at supporting users of the standard; Basis for Conclusions Cost–benefit analysis Logs of amendments for the 12 standards and for Annex II (Aggregated acronyms and glossary of terms) Comparative table of texts (Set 1 / ED / Technical Advice) for the 12 standards and for Annex II (Aggregated acronyms and glossary of terms) Explanatory note on Article 29b and its Annex The International Sustainability Standards Board (ISSB) has issued its Q1 Implementation Insights Podcast. This episode highlights some of the resources available to support companies applying the ISSB standards. The European Supervisory Authorities (ESAs) including EBA, EIOPA and ESMA published Joint Guidelines on environmental, social, and governance (ESG) stress testing. These Guidelines provide national insurance and banking supervisors with clear guidance on how to integrate ESG risks into supervisory stress tests, both when using established frameworks and when conducting complementary assessments of ESG risk impacts. The Joint Guidelines apply from 1 January 2027. Anti-money laundering and sanctions  Chartered Accountants Ireland, the Central Bank of Ireland, and the EU Sanctions Helpdesk will hold an online webinar on 20 January at 10.30am, which will provide practical compliance support and guide participants through the essentials of EU sanctions compliance, the support available to Irish businesses, and how the EU Sanctions Helpdesk assists SMEs. Through real-world case studies, participants will gain valuable insights into how to navigate due diligence challenges. There will be a Q&A with the panel. Registration is available at the following link. The European Anti-Money Laundering Authority (AMLA) deepened its partnerships across the EU as the AMLA Chair concluded a Road Show of member states. Throughout the Road Show, the Chair held roundtable discussions with key stakeholders in each Member State. These roundtables were designed to encourage open dialogue and enable Financial Intelligence Units (FIUs), financial and non-financial supervisors, and the private sector to share their views. They exchanged perspectives on the new AML system, national risk landscapes, expectations, and perceived challenges, as well as trends in money laundering and terrorist financing.  The UK is moving to a single list for UK sanctions designations from 28 January 2026. Guidance has been issued by the UK's Foreign, Commonwealth & Development Office, HM Treasury, and Office of Financial Sanctions Implementation (OFSI) to help business and industry prepare to use the UK Sanctions List as the only source for UK sanctions designations after the closure of the OFSI Consolidated List of Asset Freeze Targets. The UK's Office of Trade Sanctions Implementation (OTSI) published an update providing an overview of OTSI activities within its first year of operation, 2024 to 2025, and a forward look at future priorities. The Restrictive Measures Guidelines issued by European Banking Authority (EBA) apply as of 30  December 2025. These guidelines outline internal policies, procedures and controls to ensure the implementation of Union and national restrictive measures (targeted financial sanctions and sectoral measures e.g., economic and financial measures). Although the guidelines are for financial institutions, the guidelines do provide useful guidance for establishing internal governance arrangements and the policies, procedures and controls, which entities should have in place to be able to comply with restrictive measures. The UK National Crime Agency issued its SARs Annual Report April 2024-March 2025 on 29 December 2025. Central Bank of Ireland (CBI) The CBI's Governor Gabriel Makhlouf published his final blog of 2025 reflecting on Ireland and the Euro area’s economic performance in 2025 and looking ahead to 2026, drawing on CBI's December 2025 Quarterly Bulletin and the latest Eurosystem projections. The blog highlights that the economic narrative in 2025 has been dominated by geopolitical events that are reshaping the global economy. As a small, open economy, Ireland is exposed to these developments including potential fallout from increasing US tariffs. In 2026, there will need to be a focus on preparing for the unexpected and building resilience in the local and the Euro area economy. The CBI's Governor Gabriel Makhlouf delivered a speech at the annual Economics Winter Workshop for 2025 gathering of the Irish economics community to connect economists and policymakers from diverse backgrounds. The aim of the annual workshop is to foster collaborations that sustain the value of shared inquiry and fact-based research and analysis. Artificial Intelligence (AI) The Financial Action Task Force (FATF) published its horizon scan providing a forward-looking perspective of current and potential Artificial Intelligence (AI) related risks and trends including risks associated with deepfakes. Artificial intelligence and deepfake technologies are reshaping the financial crime landscape, introducing both unprecedented risks and new opportunities for detection and prevention. The FATF’s horizon scan on this topic underscores the need for enhanced vigilance and continuous innovation. Cybersecurity  Ireland's National Cyber Security Centre (NCSC) published a vulnerability alert for MongoDB Server regarding unauthenticated information disclosure of secrets. The NCSC strongly recommends installing updates for vulnerable systems with the highest priority, after thorough testing. Affected organisations should review the latest release notes and install the relevant updates from MongoDB Inc. Further information regarding this vulnerability is available at the following link.  The UK's Information Commissioner's Office (ICO) issued a response to the Cyber Security and Resilience Bill welcoming its introduction and its aim to strengthen the UK’s cyber defences and build the resilience of essential services, infrastructure, and digital services. The changes in the Bill and the updates to the NIS regulations in the UK reflect the fact that the cyber threat landscape is constantly evolving. This response was published following the Secretary of State for the Department for Science, Innovation and Technology introducing the Cyber Security and Resilience (Network and Information Systems) Bill (the Bill) to UK's parliament in late 2025.  In December 2025, the European Commission updated resources regarding the Cyber Resilience Act (CRA) including a document regarding FAQs covering implementation of the CRA. The CRA entered into force on 10 December 2024, and the main obligations introduced by the Act will apply from 11 December 2027, with reporting obligations to apply as of 11 September 2026. The EU's CRA aims to make sure all digital products are safe from cyber threats and this rulebook will require that hardware and software are designed, updated, and maintained to protect users in an increasingly digital world. Ireland’s NCSC published a vulnerability alert for Net-SNMP regarding memory buffer overflow. The NCSC strongly recommends installing updates for vulnerable systems with the highest priority, after thorough testing. Affected organisations should review the latest release notes and install the relevant updates from Net-SNMP. Further information regarding this vulnerability is available at the following link. Other news  The European Council and Parliament agreed on an updated retail investment framework to empower and protect consumers when they invest. It aims to foster trust and increase competitiveness in the EU’s financial markets. This will also contribute to the EU’s savings and investments union (SIU) and to the simplification of financial services regulation - both priority initiatives to improve how the EU’s financial system channels savings into productive investments. The package takes the form of a directive containing targeted amendments to a number of other EU directives in the area of financial services such as the markets in financial instruments directive (MIFID), the Solvency II directive, the directive for undertakings for collective investment in transferable securities (UCITS) and the alternative investment and managers directive (AIFMD), and a regulation amending the packaged retail and insurance-based investment products (or ‘PRIIPs’ regulation). Northern Ireland’s Chief Charity Commissioner Gerard McCurdy has issued a New Year Message around Building trust, driving impact and shaping the future. In December 2025 the Institute responded to a consultation by the Irish Dept of Enterprise Tourism and Employment on proposed changes to the Companies Act 2014 and related legislation. The consultation related to access to the residential addresses of company officers. The Institute welcomes the proposed changes in relation to directors’ addresses and we understand that the changes will generally be welcomed by the company secretarial community. Similar proposed changes are suggested in the drafting of the Co-Operative Societies Bill and the Registration of Limited Partnership and Business Names Bill. Progress on both these pieces of draft legislation is awaited and hopefully will be advanced by the Government in 2026. The International Federation of Accountants (IFAC) has announced the publication of the 2026 edition of the Handbook of International Education Standards (IES). These Standards establish the principles, concepts and requirements that underpin high-quality accountancy education worldwide. Department of Enterprise, Tourism and Employment has published the Sectoral Capital Plan 2026-2030 as part of the government’s National Development Plan. The plan sets out how the department will spend €4.7 billion in capital investment over the next five years to strengthen Ireland’s enterprise and employment base, attract foreign direct investment, promote innovation and support tourism development across all regions. The EBA published its final draft Regulatory Technical Standards (RTS) on cooperation and colleges of supervisors for third country-branches. These standards are designed to enhance collaboration and information exchange among competent authorities supervising third-country branches in the EU. They also set out practical arrangements for organising colleges of supervisors, ensuring comprehensive supervision of all activities conducted by third-country groups within the Union. The UK's ICO signed a Memorandum of Understanding (MOU) with His Majesty's Government. This MOU sets out a shared understanding of working towards better government data security and use. For further technical information and updates please visit the Technical Hub on the Institute website.         This information is provided as resources and information only and nothing in the information purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the information. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of the information we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained herein.