Handing down one of its largest ever penalties, the central bank on Thursday said that IT service continuity deficiencies were repeatedly identified in third-party reports from 2008 onwards but Bank of Ireland only started to address them in 2015, resolving matters four years later.
The lack of a robust framework and internal controls at Ireland's largest bank in terms of assets could have left it unable to ensure continuity of critical services and led to adverse effects on customers and the financial system, the central bank said.
Bank of Ireland admitted to five regulatory breaches over the 12-year period.
Its fine was reduced from 35 million euros in accordance with a settlement discount.
The central bank said steps taken by the lender since 2015 had improved its IT service continuity framework and internal controls.
Bank of Ireland said it fully acknowledged and sincerely apologised for each of the breaches and that it had invested heavily in IT service continuity to address the issues.
($1 = 0.8821 euros)
(Reporting by Padraic HalpinEditing by John Stonestreet and David Goodman)