Legal Guidance and Research / Experts / Ian Duffy
Ian Duffy#14468

Ian Duffy

Arthur Cox LLP
Ian is a partner in the Technology & Innovation Group.
Ian specialises in advising a wide range of domestic and international clients on technology sourcing, digital transformation, operational resilience, commercial contracts, cyber security, data protection and information technology. Ian has significant experience in advising clients on complex and high value technology procurement projects and large scale regulatory compliance projects. He is also particularly adept at advising financial institutions and other regulated firms on the convergence between technology, outsourcing, cyber security and financial regulation. 

Practice Area

Panel

  • Contributing Author

Qualified Year

  • 2013

Membership

  • Member of the Law Society of Ireland
  • Member of the Society of Computers and Law

Qualifications

  • Admitted as a solicitor in Ireland (2013)
  • Admitted as a solicitor in England & Wales, (non-practising) (2015)

Education

  • BBLS (International), University College Dublin (2008)

1 Contributions by Ian Duffy

DORA in Ireland: Compliance Requirements, Irish Implementing Legislation, CBI Supervision and Penalties, SEAR Duties, and Operational Resilience Guidance
PRACTICE NOTES
DORA in Ireland: Compliance Requirements, Irish Implementing Legislation, CBI Supervision and Penalties, SEAR Duties, and Operational Resilience Guidance
This Practice Note provides practical direction on implementing the EU Digital Operational Resilience Act, Regulation (EU) 2022/2554 (DORA), in Ireland. On 17 January 2025, Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector took effect in Ireland and throughout the EU. This Practice Note offers a high-level overview of DORA’s principal obligations and sets out more detailed information on Irish implementing legislation connected to DORA, alongside Irish regulatory guidance, commentary, template documentation and expectations relevant to financial entities regulated in Ireland that fall within DORA’s scope. DORA key requirements DORA applies to the wide range of financial entities listed in Article 2(1) of Regulation (EU) 2022/2554. Its obligations are generally grouped under five pillars. ICT risk management framework: financial entities must establish an oversight and internal governance framework for ICT risk management that is comprehensive and thoroughly documented. In doing so, they should maintain suitable policies, procedures and strategies designed to preserve and support the entity’s ICT networks and systems. Financial entities must also deploy and maintain appropriate...
Ireland - Banking & Financial Services
Expert page AD
If you expected to see yourself on this page, click here.