Global tensions raise financial risks
The expanding use of AI, digital money, and tokenisation is to be one of the Central Bank’s five key areas of focus for regulation in the coming year.
The regulator’s outlook for 2026 sets out its latest assessment of the risks facing the financial sector, as well as the supervisory work it plans to carry out in response.
The bank’s Regulatory & Supervisory Outlook 2026 says that operational risks remain “very high” for the financial sector, due to current geopolitical tensions, advancing digitalisation, and increasingly complex operating models.
“Relative to last year, asset-valuation and market risks are judged to have increased, as have the risks associated with data, models, and AI,” the report states, though it adds that risks from inflation and interest rates have eased.
Central Bank Governor Gabriel Makhlouf said that global economic shifts and rapid technological change were reshaping the financial system.
“While many of these developments provide clear opportunities, they have the potential to introduce or expose vulnerabilities,” he stated.
Many AI risks ‘not new’
The outlook states that AI-driven conduct and operational risks require close monitoring by firms and regulators, citing evidence suggesting that the safeguards built into providers’ AI models can be “brittle”.
It adds, however, that many of the risks associated with AI are not new and are already covered by existing regulations and standards.
The Government has designated the Central Bank as a regulator under the AI Act for the financial services under its remit.
The other key areas of focus for the Central Bank will be:
- Maintaining and building resilience to geopolitical risks and macro-financial uncertainties,
- Securing consumer interests,
- Helping to address long-term environmental and societal transitions – including areas such as protection gaps, retail investment, and payments, and
- Enhancing how it regulates and supervises.
Infrastructure vulnerability
The report says that geopolitical and security developments in recent months have highlighted specific risks and vulnerabilities for Ireland.
“For example, Ireland hosts a significant share of EU’s data sub-sea cables. Infrastructure vulnerability could raise concerns about the operational resilience of the financial system and firms,” it states.
Increased political fragmentation also raises the likelihood of cyber and other disruptive events, according to the report, “compounded by the rapid rise in cloud computing and growing reliance on a small number of technology providers and infrastructure for critical services”.
‘Gaps’ in digital practice
The regulator highlights the EU-wide Digital Operational Resilience Act (DORA), aimed at strengthening the resilience of financial firms’ digital operations, which went live in January 2025.
“There are common gaps in firms’ practices when assessed against DORA, and firms need to demonstrate that they are systematically addressing those gaps,” the Central Bank says.
It describes services resilience and effective ICT risk management as “non-negotiable requirements” for firms’ commitment to maintain critical services for consumers and investors.
The report says that the regulator will continue to focus on how firms are supporting their customers as financial services continues to digitalise.
“We will also play our part in ensuring digitalisation does not outpace the needs of society – including our work related to access to cash,” it states.