Remarks by Director of Horizontal Supervision, Patricia Dunne to the European Anti-Financial Crime Summit, Dublin

29 April 2026 Speech

Patricia Dunne

Safeguarding Financial Integrity – Central Bank of Ireland’s Approach to Financial Crime Prevention

Thank you for the invitation to speak at today’s event. This is an important opportunity for us to engage and share our experiences and approaches to deal with the global challenges and issues we are facing in financial crime.

Change, instability, flux, unpredictability - all words that I guarantee you will hear on multiple occasions throughout the day’s events. I will not be any different. We are living in a world where things are changing on a minute by minute basis, with uncertainty being the only thing we can be sure of.  When we look back on this period in the history books, this decade will be characterised as a period of extraordinary change, climate transition, geopolitical tensions, rapid technological transformation and shifting economic conditions. 

This instability brings increased risk for those of us working to combat financial crime. A paper published by the World Economic Forum in March1 notes that the shifts in the rules of the global economy are creating opportunities for criminals. Technological transformation is enabling the use of tools that were never meant to support financial crime, facilitating faster, more efficient ways to deceive and break through regulatory controls and systems causing significant harm to the system and to consumers.

So, as a risk based regulator, and a horizontal supervisor, our approach is not to focus on whether change will come, but the nature, degree and speed of that change and how we respond collectively. Resilience, adaptability and trustworthiness are the qualities that must define that response.

It is in this context that the Central Bank published its annual Regulatory and Supervisory Outlook Report. The report is one-part horizon scan, one-part an outline of the work we are undertaking to deliver on our mandate, and one-part what we expect firms to do in managing or guarding against these risks in the interest of their customers and the wider financial system.

Specifically, we have set out our views using three core themes. The first theme is “Macroeconomic and Geopolitical Drivers”, where among other things, we are talking about how rapid digitalisation is leading to new capabilities and benefits for consumers with easy and fast access to financial services, but it is also leading to an increase in the risk of fraud and financial crime.

The second theme is “How Firms Respond to Change”, which includes how firms manage operational resilience, including the growing incidence and sophistication of cyberattacks, the risks associated with ever increasing digitalisation and a growing volume and variety of data used by businesses.

The third theme is “Longer-Term Structural Forces”, which includes our view of financial crime risks, which we deem as significant to severe. This captures a number of elements, including insider dealing, the provision of unauthorised financial services, terrorist financing, money laundering and fraud and scams, which I’ll return to in a moment.

I would encourage anybody here who has not yet read the Regulatory and Supervisory Outlook Report to do so. It gives a clear sense of our regulatory and supervisory priorities, the priority risks we believe firms need to focus on, and our expectations in relation to them.

Financial Crime Risks

In relation to the Central Bank’s views and expectations on financial crime specifically, we regulate and supervise the financial system to identify financial crime risks and ensure that firms take necessary and appropriate action to mitigate those risks. This incorporates the risks of money laundering, terrorist financing, financial sanctions evasion, fraud and market abuse. By doing this we work to achieve one of our four identified safeguarding outcomes – the integrity of the financial system.

We sometimes refer to the “plumbing” of the financial system. Financial crime is like acid gushing through the pipes – deeply corrosive, dangerous and, at volume, capable of doing immense damage. There is the direct impact on the victims of this crime – and a wider, cumulative impact on trust in the system.

The speed of this impact is increasingly supported by technology. As Europol notes, “emerging technologies, such as artificial intelligence, accelerate crime and provide criminal networks with entirely new capabilities. These innovations expand the speed, scale, and sophistication of organised crime, creating an even more complex and rapidly evolving threat landscape…”.2

Ireland’s latest National Risk Assessment, which is nearing completion, will also give us a comprehensive overview of the current nature and scale of the money laundering and terrorist financing threat.

We know that responding to these risks is a collective task - at global, European and national level. It is a systemic challenge that requires a coordinated and agile response from law enforcement, regulators, financial institutions and technology companies. For our part in the Central Bank, we are addressing these challenges in an integrated, holistic way, through our integrated approach to supervision.

We also continue to work and coordinate efforts with peer supervisors and international authorities and groups. We form part of, and help to shape, the national and international AML frameworks – including, at European level, through AMLA.

Delivering our mandate to combat financial crime

I’ll now touch upon our work in two of those areas specifically – anti-money laundering and combatting fraud.

Money Laundering & Terrorist Financing

The Irish financial sector is large and diverse. We implement a risk-based approach to supervising money laundering and terrorist financing risks, with the level of supervisory engagement based on the risk profile of individual firms and sectors.

Unsurprisingly, the banking, payments and e-money sectors remain a priority focus for supervision, given they are inherently high risk from a money laundering/terrorist financing (ML/TF) perspective. We will also continue to closely supervise the investment fund sector given the nature and size of this industry in Ireland.

The banking sector’s AML/CFT frameworks are generally mature and well embedded due to the efforts made over the past decade. Given the important role banks play in combatting “dirty money” entering the financial system, they need to be particularly vigilant and responsive to criminals exploiting new technologies and practices to abuse the system, and firms within it.

Improvement is also needed by firms in ensuring that that AML/CFT frameworks keep pace with changes, and that they continue to be relevant for the risks faced, particularly with the emergence of new digital banking business models.

Boards and senior management in banks must be able to demonstrate an understanding of their key money laundering and terrorist financing risks and maintain risk management and control frameworks in line with national and European requirements, including those of AMLA.

In the payment and e-money sector, while some firms have taken positive steps to strengthen their AML/CFT risk management and control frameworks, much deeper work is required across the sector in this area. Firms’ governance arrangements, systems and controls, including reporting mechanisms, need to be effective and proportionate to the nature, scale and complexity of their business, and the risks to which they are exposed.

A key concern is these firms’ inadequate understanding of ML/TF risks and the need for adequate mitigating measures commensurate with the risks. This is particularly true of newer, emerging firms.

For the investment fund sector, financial crime continues to require attention. Funds can be exploited for money laundering and terrorist financing, with the funds sector in Ireland being the subject of international scrutiny from an AML/CFT perspective given its size and reach. It is a key area of focus for the Central Bank and in 2026 we will be undertaking a thematic review of suspicious transaction report (STR) reporting in the sector. Inadequate monitoring of these risks exposes the sector to potential abuse, including breaches of financial sanctions.

In the area of crypto, the opaque and rapidly evolving nature of the market structures in the crypto-asset sector can make detection and tracing of the ML/TF activities particularly challenging. We expect firms to maintain effective AML and fraud-prevention controls to mitigate financial crime risks, and this will be a key element of our supervisory focus in 2026.

Among our supervisory tools, we will use targeted inspections to assess whether firms are meeting their obligations and legal requirements. We will also be assessing how firms understand their ML/TF exposures, and whether their control frameworks are proportionate to those risks.

Across all key sectors, our enhanced Risk Evaluation Questionnaire (REQ) will be a critical tool in identifying firm-level, sectoral and cross-sectoral risk. These will capture detailed quantitative and qualitative information on ML/TF risks and on the quality of firms' controls.

This data will help us identify emerging threats, guide our supervisory strategy, and support the work of AMLA.

We will continue to roll out the REQ to all sectors over the course of the year.

Fraud & Scams

Fraud and scams is the element of financial crime that is the most visible to all of us as consumers and users of financial services. Its near constant presence is highlighted in the OECD Consumer Finance Risk Monitor 20263 which notes 85% of jurisdictions now report that financial scams and frauds are a top risk facing consumers. In Ireland total payment fraud reached €160m in 2024, with losses as a result reaching €66m.4

New research published by the Central Bank finds that of 3000 people surveyed, more than one in three respondents reported experiencing fraud, and almost two thirds of those who experienced fraud lost money as a result. The research shows that we must work faster and harder to combat fraud – based on a whole of system approach to improve public awareness and education, while also strengthening digital and financial system safeguards.

We know that combatting frauds and scams, and the negative impact on consumers, requires collaboration between financial services firms, technology companies, regulators and law enforcement. For our part the Central Bank has identified financial crime as one of our three areas of focus for consumer and investor protection.5 We expect this should also be a priority for all firms and agencies involved with financial services.

Our new Consumer Protection Code includes explicit requirements on firms to take steps to protect consumers against frauds and scams and that where they occur, consumers are supported. We are continuing our work to identify unauthorised providers of financial services, and to use our Trusted Flagger status to require the removal of criminal content online. We will also continue our work to raise consumer and investors’ awareness of how to protect themselves against frauds and scams through ongoing awareness campaigns.

In the area of supervision, we are undertaking a major cross-sectoral thematic review, focused on fraud controls in a number of sectors.

As part of this review, we will also be examining firms’ treatment of customers who fall victim to fraud - and we reiterate that firms must meet their liability obligations when customers fall victim to fraud.

Across all areas of financial crime, we expect firms to:

  • Understand your risks;
  • Invest in and enhance controls;
  • Report suspicious activity promptly and effectively;
  • Treat fraud victims fairly; and
  • Embrace technology with care, managing the risks to consumers and investors. 

Conclusion

What I have discussed today is a high level overview of the risks and challenges that we are dealing with in combatting financial crime. At the Central Bank, we will continue to implement our risk-based model of supervision, focusing on the highest risk sectors and seeking to ensure that firms are evolving their risk management frameworks to keep pace with emerging threats and mitigating the impact on their customers.

Understanding the need for a collective approach we will also continue to prioritise our engagement with international agencies, domestic organisations, regulated firms and the wider industry to understand emerging trends and risks and work together to raise standards.

And finally we will continue to be proactive in communicating our expectations to the firms we regulate recognising the first principle that regulated firms are responsible for identifying the financial crime to which they are exposed - and taking appropriate measures to mitigate those risks for the benefit of their customers.