More than one in three Irish financial organisations have identified the loosening of US data privacy and cybersecurity rules as the single biggest compliance risk to their business, according to new research by the Compliance Institute.
The survey, which polled around 110 compliance professionals working mainly in Ireland’s financial services sector, found that 36% of respondents see the softening of US regulations as the most significant threat. A further 23% pointed to US President Donald Trump’s tariffs and trade restrictions, while 15% highlighted the rollback of environmental, social and governance (ESG) standards as their primary concern.
Michael Kavanagh, chief executive of the Compliance Institute, said the findings reflect growing unease over recent developments in US policy. “We’ve seen a roll-back in the States on various regulatory fronts — reduced funding of agencies, a freeze on new rules, loosening of cybersecurity and anti-money laundering laws, even the dismantling of certain legislation,” he explained.
Kavanagh warned that uncertainty surrounding US data privacy standards was particularly problematic, as efforts to create a unified federal law have stalled, leaving businesses facing a patchwork of state-level rules. “On the data privacy front, there’s uncertainty — each state has its own laws and regulations,” he said.
He added that the weakening of US cybersecurity oversight poses a global risk. “Cybercriminals operate across jurisdictions, without borders. If one of the world’s major players steps back, that is a concern for everyone,” Kavanagh cautioned.
The rollback in ESG commitments in the US is also creating difficulties for Irish firms, many of which are legally bound by strict EU standards but face conflicting cultural and political pressures from American partners. “Some US firms have very publicly scaled back on their diversity, equity and inclusion targets, and that is proving problematic for compliance professionals here,” Kavanagh said.
The survey also found that 18% of Irish financial institutions believe none of the current US policy shifts present a compliance risk, likely reflecting businesses with little or no exposure to the US market.
Kavanagh acknowledged that regulatory pressures are also shifting closer to home. While some European rules have recently been eased, financial firms have complained about being overwhelmed by the volume of legislation introduced in recent years. “In the first quarter of this year, we saw a huge amount of new laws and regulations,” he noted. “But going to the other extreme — back to light-touch regulation — risks repeating the mistakes of the past.”
The survey underscores the challenges facing Irish compliance teams as they navigate diverging regulatory landscapes on both sides of the Atlantic, with US rollbacks creating as many uncertainties as Europe’s shifting approach.
