Regulatory Requirements and Guidance for Payment Institutions
Consumer Protection Requirements
Where regulated entities are providing payment services and/or issuing electronic money which fall within the scope of the European Communities (Payment Services) Regulations 2018 (“the Payment Services Regulations 2018”) and/or the European Communities (Electronic Money) Regulations 2011 (as amended) (“the Amended Electronic Money Regulations 2011”), the following conduct of business requirements apply:
Please refer to the legislation page for details.
Where regulated entities are providing credit under credit agreements which fall within the scope of the European Communities (Consumer Credit Agreements) Regulations 2010 (“the Consumer Credit Agreements Regulations 2010”), the following conduct of business requirements apply:
The Consumer Credit Act, 1995 will continue to apply to the granting of credit that does not fall within the scope of the Consumer Credit Agreements Regulations 2010, including credit for amounts under €200 and over €75,000.
[On 19 October 2011 the Central Bank published the revised Consumer Protection Code which came into effect from 1 January 2012. The 2012 Code sets out that where regulated entities are providing payment services, issuing electronic money or providing credit agreements, certain provisions will apply.]
Payment Account Regulations
It should also be noted that authorised Payments Institutions that fall under the remit of the European Union (Payment Accounts) Regulations 2016 - S.I. 482 of 2016 are therefore subject to The Code of Conduct on the Switching of Payment Accounts with Payment Service Providers .
EBA Guidelines on Product Oversight and Governance
On 15 July 2015, the EBA published guidelines on Product Oversight and Governance Arrangements for Retail Banking Products (Guidelines) which set out requirements for manufacturers and distributors when designing and bringing to the market retail banking products such as mortgages, personal loans, deposits, payment accounts, payment services and electronic money. In accordance with Article 16(3) of Regulation (EU) No 1093/2010, competent authorities and financial institutions must make every effort to comply with the guidelines.
The guidelines are divided into two parts:
- The first part sets out requirements for manufacturers of retail banking products on their internal control functions; the identification of the target market; product testing; disclosure; product monitoring, remedial actions, and distribution channels.
- The second part of the guidelines sets out requirements for the distributors of retail banking products on their governance arrangements, the identification and knowledge of the target market, and information requirements.
The Central Bank of Ireland will apply the guidelines to consumers as defined in the guidelines and will not extend that definition to include micro-enterprises and small and medium- sized enterprises.
The guidelines apply to all products brought to the market after the implementation date of the guidelines as well as to existing products on the market that are significantly changed after the implementation date of the guidelines. The Central Bank will not, at this time, extend the application of the guidelines to products that are brought to the market before the implementation date of the guidelines. However, this will not preclude the Central Bank from raising a potential product oversight and governance issue with a regulated entity regarding an existing product where there are concerns relating to actual or potential consumer detriment. The Central Bank will keep the matter of application to some or all existing products under review.
The Central Bank intends to comply with the guidelines and will incorporate them into its ongoing supervisory practices and processes. The Central Bank does not, at this point, propose amendments to the legal framework.
The Guidelines apply from 3 January 2017
Anti-Money Laundering and Countering the Financing of Terrorism
Please refer to the Anti-Money Laundering and Countering the Financing of Terrorism page for more detail.
Industry Presentations
Recent presentation on Revised Payment Service Directive (PSD2):
"Preparing for applications under PSD2 and regulatory implications stemming from Brexit".
EBA Guidelines on Professional Indemnity Insurance under PSD2
On 7 July 2017, the European Banking Authority published Guidelines on the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee under Article 5(4) of Directive (EU) 2015/2366 (PSD2). The Guidelines specify criteria and indicators for competent authorities on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee to be held by firms seeking authorisation or registration to provide either payment initiation services (PIS) and account information services (AIS) or both.
The Central Bank intends to comply with the Guidelines and will incorporate them into its on-going supervisory practices and processes for Payment Institutions and E-Money Institutions.
Firms seeking to provide either PIS and AIS or both will be required to obtain professional indemnity insurance or a comparable guarantee as a condition of their authorisation or registration.
The Guidelines will apply from 13 January 2018.
EBA Guidelines on outsourcing arrangements
On 25 February 2019, the EBA published guidelines on outsourcing
arrangements (Guidelines), which became effective for payment institutions and electronic money institutions from 30 September 2019.
Under the Guidelines, payment institutions are required to inform the Central Bank of Ireland (the Central Bank) of material changes to outsourcing arrangements that relate to a function which is critical or important. Please review the Amendments Processing and Forms pages for the outsourcing notification form.
All outsourcing arrangements, including existing arrangements, should be consistent with the Guidelines, at all stages of the outsourcing life cycle.
Separately, the Central Bank published Cross-Industry Guidance on Outsourcing in December 2021.
Operational Resilience
Additional information on Cross Industry Guidance on Operational Resilience published by the Central Bank can be found via the Operational Resilience and Cyber webpage.
Please also note the Cross Industry Guidance in respect of Information Technology and Cybersecurity Risks.