AC Audio

In this episode of our resilience series, Siobhán McBean, Partner in our Asset Management and Investment Funds Groupand Vivian Spies, Senior Associate in our Technology and Innovation Group, explore the evolving challenges facing regulated firms as they navigate increasing ICT complexity, heightened cyber threats, and rising regulatory expectations. They share practical, experience‑driven guidance on strengthening resilience, from eliminating legacy systems to improving patching discipline, enhancing employee awareness, and ensuring boards maintain meaningful oversight. They also discuss the Central Bank of Ireland’s expectations around local accountability, including the growing emphasis on CIO and DPO roles.For more information on our Technology and Innovation Group, visit: https://www.arthurcox.com/services/technology-and-innovation/

In our latest podcast episode, Colin Rooney, Partner and Head of Technology and Innovation, and Michael Egan, Senior Director in Legal Technology, Governance and Consulting Services, discuss the rise of GenAI in legal services and how it is accelerating document‑heavy legal work such as investigations, cyber incident response and DSARs.
The conversation also highlights how GenAI is being applied to repeatable processes such as Data Protection Impact Assessments. By combining legal expertise, regulatory guidance and secure GenAI workflows, we have developed scalable solutions that significantly reduce time and cost, while preserving legal judgement and oversight. When embedded correctly, GenAI has the potential to transform how complex, data‑intensive legal work is delivered for clients. For more information, please visit arthurcox.com/legaltech

In our latest resilience episode, Ian Duffy, Partner in our Technology and Innovation Group, is joined by Denise Murray, Head of Financial Services, Compliance and Regulatory Relations, to explore how third‑party and intragroup arrangements are shaping operational resilience for regulated firms.With outsourcing deeply embedded across the financial services ecosystem, the conversation looks at:
• Why third‑party and sub‑outsourcing arrangements can significantly impact a firm’s resilience profile
• How regulators are increasing their focus on critical and important services under frameworks such as DORA and CBI guidance
• The importance of robust risk assessments, due diligence and ongoing oversight
• What firms should expect from vendors around resilience testing, business continuity and incident response
• Why contracts, governance and clear communication are critical when disruptions occurThe discussion also considers concentration risk, chain outsourcing, and the often‑overlooked challenges of intragroup service arrangements, including autonomy, conflicts of interest and exit planning.

In the latest episode from our Resilience series, Ciaran Flynn, Head of Governance and Consulting Services, is joined by Sarah Thompson, Partner and Head of our Financial Regulation Group, as they explore how increased regulatory scrutiny is reshaping financial resilience across the Irish market.

From stress testing and liquidity buffers to capital planning and ICAAP/ILAAP integration, the conversation covers need-to-know topics relating to financial resilience, including :
How ECB and CBI expectations are changing firm behaviour
The real-world impact on smaller and mid-sized firms
Why early detection, clear communication and regulator engagement are critical
How firms can better integrate resilience planning into day‑to‑day risk management

In this episode of our Resilience series, “How to respond to an ICT-related incident,” Denise Murray, Head of Financial Services Compliance and Regulatory Relations, is joined by Ian Duffy, Partner in our Technology and Innovation Group. They share practical insights on identifying and managing ICT incidents, from phishing attacks and supply chain compromises to large-scale cyber breaches. The discussion covers activating response plans, engaging stakeholders, and meeting relevant regulatory obligations including under DORA and GDPR. They also highlight why documenting decisions during fast-moving disruptions and conducting lessons-learned reviews are essential for an effective and compliant response to incidents. For more insights and to access our resilience playbook, visit arthurcox.com/resilience.