The Central Bank of Ireland (the “Central Bank”) published its Thematic Assessment: Compliance Function in the MiFID Investment Firm Sector1 on 18 May 2026 (the “Thematic Assessment”).
The Thematic Assessment focuses on the MiFID investment firm sector and outlines a number of key findings and is intended to remind firms of the requirements applicable to their compliance function and the Central Bank's expectations of firms.
Regulatory focus
In recent months, regulators at both national and EU level have been engaged in supervisory actions to ensure firms are adhering to sectoral requirements applicable to their compliance function. In particular, ESMA published its Final Report 2025 CSA on compliance and internal audit functions of fund managers in May 2026 (the "ESMA CSA") which centred on fund managers authorised under AIFMD and the UCITS Directive.2
Key findings
Overall, the Thematic Assessment observed that firms have a good understanding of their obligations in relation to their compliance function and identified a number of good practices. However, a number of weaknesses were also identified.
The Central Bank also remarked that a visible and active compliance function reinforces the importance of compliance and regulatory obligations across all business areas and organisational levels and signals senior management commitment to compliance and setting the "tone from the top".
Good practices
Responsibilities and strategic involvement: Firms' compliance functions demonstrated an understanding of their advisory and assistance responsibilities and were actively involved in decision making processes relating to new business lines and new financial products. The compliance function was also a voting member of firms' product approval committees and had appropriate committee representation across the organisation.
Resourcing: Compliance functions were adequately resourced (proportionate to the nature, scale and complexity of firms' activities).
Compliance monitoring: Most firms adopted risk-based compliance monitoring programmes. The Central Bank welcomed the extension of monitoring programmes beyond desk-based assessments to include on-site inspections of business areas to verify the effective implementation of policies and procedures.
Training: To be effective, the Central Bank expects firms to ensure their compliance function is actively engaged in the design and delivery of compliance training which will help embed a compliance culture at all levels. With that said, regular training was provided by firms, along with follow-up activities to assess training effectiveness. In certain instances, compliance monitoring findings were used to identify targeted training needs.
Horizon scanning: While horizon scanning is in place in most firms, the Central Bank expects all firms to prioritise horizon scanning as this will enable the compliance function to maintain robust compliance frameworks and fulfil regulatory obligations effectively.
Board reporting: Firms regularly provided compliance reports to their boards and sub-committees. Reports were generally well documented, addressed all relevant business units, and contained relevant information.
Weaknesses
Succession plans / contingency arrangements: Some firms were unable to demonstrate robust succession plans and contingency arrangements for compliance function roles.
Qualifications and training: Some firms were unable to provide evidence of comprehensive skills assessments and development plans for compliance teams, and instances were observed where limited direct compliance-led training was delivered by compliance teams.
Compliance risk assessment: Not all identified risks were subject to regular review in accordance with the ESMA Guidelines On certain aspects of the MiFID II compliance function requirements (the "ESMA Guidelines"),3 and compliance plans and the documented compliance universe lacked sufficient detail.
Board minutes: The Central Bank observed that board minutes contained insufficient evidence of substantive discussion or challenge of compliance related matters. In particular, board minutes did not consistently demonstrate challenge or scrutiny of compliance reports and recommendations presented to governance forums. The Central Bank also found insufficient evidence that board and committee engagement with compliance related matters was sufficiently robust to ensure effective oversight and accountability. The Central Bank expects all firms to ensure that board and committee minutes accurately capture the discussions and challenges raised at board and committee meetings.
Next steps for firms
The Central Bank expects all MiFID investment firms to consider the contents of the Thematic Assessment and carry out a comprehensive self-assessment of their compliance function against the findings of the Thematic Assessment, the MiFID II Delegated Regulation ((EU) 2017/565) and the ESMA Guidelines. Where any gaps or weaknesses are identified, firms should develop and implement action plans to address these in a proactive and timely manner.
The Central Bank expects firms to discuss the Thematic Assessment at its next board meeting and for this discussion to be recorded in the meeting minutes.
The Central Bank has also taken the opportunity to reminded firms of the revised Consumer Protection Code, the Guidance on Securing Customers' Interests and the Guidance on Protecting Consumers in Vulnerable Circumstances, and its expectations for firms providing MiFID services in the context of fulfilling their obligation to act honestly, fairly and professionally in accordance with the best interests of clients pursuant to Regulation 31 of the MiFID Regulations (S.I. 375/2017).
Simmons & Simmons: Supporting clients across Ireland and Europe
At Simmons & Simmons, our Irish and pan-European teams are at the forefront of advising clients on all regulatory matters, including establishing and maintaining an effective compliance function that aligns with both local and EU regulatory expectations.
Simmons & Simmons can support firms with implementing the findings of both the Thematic Assessment and the ESMA CSA through targeted and practical assistance, including gap analysis, remediation plans, reviewing compliance training programmes, and horizon scanning.
For further insights or to discuss how Simmons & Simmons can support your firm's journey, please contact our Dublin or European Financial Service Regulatory teams.
1 Compliance Function Assessment Industry Report 2026
2 ESMA34-1436284137-2305 Final Report on the Common Supervisory Action on Compliance and Internal Audit Functions
3 Guidelines_on_certain_aspects_of_mifid_ii_compliance_function_requirements.pdf
_11zon.jpg?crop=300,495&format=webply&auto=webp)
_11zon.jpg?crop=300,495&format=webply&auto=webp)
.jpg?crop=300,495&format=webply&auto=webp)
_11zon.jpg?crop=300,495&format=webply&auto=webp)
