Supervisory Expectations for CASPs

Supervisory Expectations for CASPs CASP Industry Briefing 10th March 2026

Purpose of Today 2 Reflections and lessons learned from 2025 An overview of Our Supervisory Framework and how it applies to the CASP sector An introduction to the Risk & Supervisory Outlook Report for 2026 Our prioritised risks & activities for 2026 - 2028 Our supervisory expectations for the CASP sector

Characteristics of Successful Authorisation 3 Sufficiently prepared and resourced to manage process Articulation of Business Model Understanding of applicability of MiCAR Meaningful engagement and responsiveness Willingness to reflect on feedback Demonstrate strong risk culture and values Substantive presence, robust governance & risk management Financially viable and operationally resilient Strong consumer protection measures Pre-Engagement During the Process Successful Outcome

Keynote Speech Gerry Cross, Director of Capital Markets & Funds

Our Supervisory Framework CASP Team

Our Supervisory Framework 6 Protection of Consumer & Investor Interests Safety & Soundness Financial Stability Integrity of The Financial System Financial Regulation Risk Based Judgement Led Forward Looking Outcomes Focused Firm Responsibilities Our Supervisory Framework is guided by our safeguarding outcomes and underpinned by our supervisory principles

7 For each sector, we follow the Sectoral Risk Prioritisation Process. This starts with horizon scanning, risk identification & prioritisation through to devising our strategic plans, applying our supervisory principles at each stage Engagement Intensity Close & Continuous Supervision Sectoral Supervision Sectoral Risk Prioritisation Process We identify and prioritise key risks for the sector. We incorporate these risks into our Sectoral & Firm Strategic Plans We share with you via the Risk & Supervisory Outlook Report Three Year Horizon

Prioritised Risks 2026 - 2028 8 Conflicts of Interest Custody of Crypto Assets Operational & Cyber Resilience Treatment of Customers Financial Integrity Market Abuse & Surveillance Artificial Intelligence  These priority risks inform our supervisory strategies for 2026 through to 2028  Not all risks will be addressed in Year 1 but spread over the 3-year period  Each year we will consider emerging risks/market developments & update our supervisory plans if needed Medium High Priority Risks High Priority Risk

Supervisory Strategy 2026 9 Custody of Crypto Assets Treatment of Customers Market Abuse & Surveillance Financial Integrity Operational & Cyber Resilience High Priority Medium High Priority Medium High Priority Medium High Priority Medium High Priority An absence of robust governance and controls over client crypto-assets arrangements could result in the loss, misuse or misappropriation of clients’ crypto-assets, or delays in their return in the event of firm failure The features of crypto and the complex business models of CASPs, including the sophisticated products offered, lead to a heightened risk of consumer and investor detriment Crypto markets pose detection challenges over and above traditional assets due to their borderless nature, pseudonymity, and novel complexities surrounding the structure and mechanics of DLT. The opaque nature of the market structures in the crypto asset sector can make detection and tracing of money laundering and terrorist financing activities difficult Crypto Markets & Service providers must ensure their systems and platforms remain available to serve best interests of investors and the wider market Supervisory Activities 2026 Post-Authorisation engagement to ensure compliance with custody/ safeguarding requirements Awareness and expectations setting through industry engagement Cross-Sectoral Thematic Review of Market Surveillance Systems and Controls Post-Authorisation Review AML REQ submission of DORA Remediation Plans Desk based monitoring through social media and website updates Continued engagement with ESMA on centralised surveillance Re-evaluation of AML Risk Ratings based on REQ submissions ESMA Common Supervisory Action on Cyber Resilience Cross-Sectoral Thematic Review of AML Control Framework

Supervisory Strategy: Three Year Horizon 10 2027 – 2028 Areas of Focus Artificial intelligence Custody Arrangements Operational Resilience & Recovery Consumer Protection Arrangements Climate Risk Management Conflicts of Interest Each year, we will provide further detail on our annual supervisory strategy via the RSO.

Upcoming Developments 11 Industry Funding Levy Levy for 2025 payable later this year. Regulatory Returns Deployment Regulatory Returns template to be made available in March, with first quarterly submission due in mid-May. ESA Engagement There are a number of questionnaires in circulation from ESMA and AMLA currently. We will also be engaging with ESMA on a Common Supervisory Action. Other Developments  From 2 April, applicant firms seeking a Crypto Asset Service Provider (CASP) license under MiCAR will be required to submit all application related documentation through the Central Bank Portal.  A system guide will be published by the 20 March, allowing applicant firms to familiarise themselves with the Central Back Portal, the new CASP application submission process in advance of the launch date.  Stay tuned to CBI MiCAR Communications & Publications page for Go Live updates. Authorisation Portal

Expectations 12 You act in best interests of your clients You have effective risk management You have a strong risk culture Your business model is sustainable You safeguarding your clients’ assets You proactively engage with your regulator You are financially resilient You are appropriately governed You are operationally resilient You have arrangements for recovery / orderly wind down What we expect from you… What you can expect from us We will engage early with you regarding involvement in planned supervisory activities. We will communicate clearly. We will address risks in a proportionate manner. We will adapt and evolve our supervisory strategies as required. We will supervise using a multi-disciplinary approach.

Panel Q&A

centralbank.ie Thank you Contact: CASPsupervision@centralbank.ie