Even without Brexit, FinTech is a significant growing area and technological innovations are developing rapidly. The Central Bank is particularly focused on new innovations in products and services, new delivery models, cyber security and IT resilience.

In this context, Colm Kincaid (the Central Bank’s Head of Consumer Protection: Policy and Authorisations) gave an informative speech to the FinTech and Payments Association of Ireland on 23 February 2017. In that speech, he set out details of the Central Bank’s policy and supervisory approaches, and its authorisation regime, for both PIs and EMIs.

Central Bank’s Policy Approach

In addition to the Central Bank’s role as competent authority under the EU-based legislative framework for PIs and EMIs, together with its work on the new payment accounts regime (see our recent Client Briefing here) and its work on the impending revised Payment Services Directive, the Central Bank is focusing on the following:

  • trends: examining, as part of its participation in FinCoNet, mobile and other emerging technologies, and the digitalisation of high-cost lending;
  • framework: continuing to ensure a strong consumer protection framework (the revised 2016 Code of Conduct on the Switching of Payment Accounts with Payment Service Providers was cited as an example of its work in this area);
  • innovation: planning to publish a discussion paper on how innovation and the consumer protection framework relate to the Central Bank’s codes of conduct;
  • research: continuing to use the outcomes of its research to inform discussion on consumer protection issues. Its publication in May 2016 of the results of its research on consumer perceptions of complaints handling in regulated firms was referenced as an example of its work in this area.

Central Bank’s Supervisory Approach

Colm Kincaid highlighted the following:

  • thematic reviews: the Central Bank will be conducting thematic reviews in 2017 of PIs safekeeping of client funds;
  • role of senior management/boards: there is still “some way to go” to ensure that consumers can be fully confident that firms are acting in their best interests. The importance of top-down emphasis on consumer protection was reiterated;
  • CPRA model: a Consumer Protection Risk Assessment (CPRA) model has been formulated by the Central Bank, details of which will be published by the end of March 2017. The CPRA model will help the Central Bank assess how consumer protection risk is being managed, and will help firms improve their consumer protection frameworks in areas such as culture, performance management, sales incentives and product oversight and governance.


Regarding applications for authorisation, the importance of advance preparation by applicants was emphasised, and the following key points were made:

  • careful review: applicants must carefully review the relevant regulatory requirements and information on the Central Bank’s website in advance of submitting an application;
  • PCFs: applicants will need to ensure that those who will hold pre-approval controlled functions, and qualifying shareholders, meet the Central Bank’s fitness and probity requirements;
  • useful advance meetings: if an applicant wants to avail of an optional pre-application meeting with the Central Bank, it should complete its application documents insofar as possible in advance, and carefully consider what questions it wants to ask at that meeting. That meeting is also a useful opportunity to glean information from the Central Bank regarding common drafting issues in applications;
  • process: the Central Bank wants the application process to be accessible and clear (its application process for PIs and its application process for EMIs were updated in October 2015);
  • timing: the key stages and timings involved in the application process are as follows:
Stage Timing
Acknowledgement The application will be acknowledged within 3 working days.
Key Information Check The Central Bank will confirm within 10 working days whether all key information and documents have been included with the application; if anything is missing, the Central Bank will indicate what that is, and the application will need to be re-submitted.
Assessment The Central Bank has committed to a 90 working day timeframe to assess the application and follow-up with the applicant on specific queries.  If it needs further information, the clock pauses until the information is received.

If the applicant doesn’t respond within 60 days to a request for further information, the Central Bank will stop considering the application.

Notification of Assessment If the assessment is favourable, the Central Bank will tell the applicant whether there are pre-conditions to authorisation, and whether any conditions will attach to the authorisation itself.  Applicants can make representations in relation to those conditions.

If the Central Bank is not satisfied with the application, it will give reasons to the applicant.

Notification of Decision Once the Central Bank is satisfied within any additional information it sought as part of the Notification of Assessment, it will aim to notify the applicant within 10 working days.

If the application is refused, the Central Bank will give the reasons for that refusal to the applicant, and indicate what steps the applicant should now take.

The Central Bank’s Regulatory Service Standards Performance Report for H2 2016 indicated that the Central Bank received one such application for authorisation in H2 2016 and that the above timelines were all met in that case.

The Central Bank’s focus on FinTech and its clear guidance on authorisation applications is very welcome, as Ireland is very well placed to attract FinTech firms looking for a new EU hub as a result of Brexit, and there is already a growing FinTech community in Ireland.