Empty Link Skip to Content

Financial Services Regulation

Setting the tone for the year ahead are the Central Bank of Ireland's ("Central Bank") key regulatory and supervisory priorities. Here we capture the significant and broad ranging, ongoing or anticipated developments which the Central Bank will be monitoring or introducing over the course of the year.

Boards and senior management should ensure that each of the priorities relevant to their business, is being considered and addressed by the necessary individuals and teams. Below we consider the publication of the priorities and two specifically named priorities which are of cross sectoral importance and interest to our financial services clients. 

Key Themes in Financial Services Regulation

Central Bank of Ireland – Key Regulatory and Supervisory Priorities for 2023

On three separate occasions in January and February this year, the Central Bank of Ireland ("Central Bank") publicly outlined its regulatory and supervisory priorities for 2023. These occasions included:

  1. on 25 January 2023, in a statement made by Gabriel Makhlouf, Governor of the Central Bank at the Joint Committee on Finance, Public Expenditure and Reform, and Taoiseach;
  2. in a letter also dated 17 January 2023, addressed to the Minister of Finance, Michael McGrath (published on 25 January 2023) and
  3. in a Dear CEO Letter dated 16 February 2023, addressed to the CEOs of all Regulated Financial Service Providers ("RFSP") ("Dear CEO Letter").

The Central Bank is clearly making an effort to be transparent with regard to its priorities which is welcomed by Matheson LLP.  We have actively communicated with our clients on all three occasions where the priorities have been detailed (please see the FIG Top 5 at 5 from 26 January, 2 February and 23 February for more details). In an ideal world these Central Bank priorities would be published in the final quarter of each year, in line with the approach taken by the European Supervisory Authorities ("ESAs") though we acknowledge that at least some of the Central Bank priorities will be driven by initiatives at EU level. Publishing priorities as early as possible greatly supports RFSPs in their regulatory and governance planning for the year ahead, particularly when it comes to identifying the areas where resources will need to be allocated.

Regarding the priorities themselves, there were no real surprises, much of what was detailed was expected. However, we would point out that the Dear CEO Letter did include one additional priority over and above the list detailed by the Governor and in the letter to the Minister for Finance. That was the inclusion of the provision of a " clear, open and transparent authorisation process". There has been some criticism of the Central Bank in this regard and the inclusion of this priority will be particularly welcomed by industry and other stakeholders.

The Central Bank (Individual Accountability Framework) Act 2023 - ready, steady go.

On 9 March 2023, the Central Bank (Individual Accountability Framework) Act 2023 ("IAF Act 2023") was signed into law by the President Michael D. Higgins, having completed all stages of Dáil Éireann ("Dáil") and Seanad Éireann ("Seanad") on 1 March 2023.

The Minister for Finance, Michael McGrath ("Minister"), having commended the Seanad amendments to the Dáil on 1 March 2023, acknowledged that getting the legislation to this point took "longer than anyone would have liked" but explained that "lengthy engagement with the Office of the Attorney General and the Central Bank" was necessary "to ensure that the legislation is effective and also constitutionally robust". 

Regarding commencement, the Minister confirmed that all sections of the legislation would be commenced as soon as possible following enactment, with the exception of Sections 3 – 6 and Section 10 which deal with the Senior Executive Accountability Regimen ("SEAR"), the conduct standards and the certification process. The Minister further advised that these sections would be commenced following completion of the Central Bank of Ireland's ("Central Bank") public consultation on these areas and that it is intended that the legislation, as enacted, would be fully implemented in the current year.  Fast forward to 13 March 2023 and the Central Bank has published the relevant consultation paper ("CP153") in which it proposes an altered implementation timeline, in so far as it pertains to the SEAR. CP 153 proposes an implementation date of July 2024 for impacted firms to comply with the SEAR requirements.

Impacted firms and industry groups will welcome this proposed extended implementation timeline, given that for a long time, the Central Bank suggested that little or no delay in implementation would be considered. Additionally as a result of this, we expect that industry groups will no longer look to lobby the Central Bank on this point and instead focus their attention on other issues.

In CP 153, the Central Bank explains that it will also issue guidance and regulations on the Fitness and Probity ("F&P") Investigative Process in March 2023 and confirms that there will be a further consultation paper in the summer on the changes to the Administrative Sanctions Procedures.  We would encourage firms to actively engage with these consultation processes and to take the opportunity to convey their views on the proposals and the challenges and difficulties which they anticipate in complying with them.

For further detail on CP153, please refer to the FIG Top 5 at 5 dated 16 March. If you have not subscribed to receive these updates, you can do so here.

For further details on the IAF and SEAR, please refer to our dedicated webpage, which can be found here.

 

 


 

    Digital Operational Resilience Act

    The new Digital Operational Resilience Act (Regulation (EU) 2022/2554) ("DORA") and the supporting directive ( Directive (EU) 2022/2556) entered into force on 16 January 2023. DORA, as a regulation, will be directly effective from 17 January 2025, while the supporting directive must be transposed by the same date. DORA forms part of the European Union's ("EU") Digital Finance Package, which includes, amongst other things, the proposal for a Regulation on Markets in Crypto-assets ("MiCA"), which was discussed in the Autumn 2022 Horizon Tracker.

    DORA represents the EU's first legislative framework focusing on digital operational resilience in the financial services sector. Its impact will be felt by most financial services firms. While a 24 month implementation period appears like a considerable length of time for firms to "get their house in order", the extent of the work to be completed in order to be fully compliant should not be underestimated. Additionally, while the Level 1 text is available, the Level 2 measures are yet to be confirmed, so impacted firms will need to monitor the development of these measures as they are proposed and adapted by the European Supervisory Authorities ("ESAs") over the coming 18 months. These measures will focus largely on how the rules will function in practice.  We would encourage firms to begin, as with any new piece of legislation, with a gap analysis to identify where changes are needed to their existing frameworks. Many firms can expect that there will be a need for investment in processes, procedures, systems and expertise to ensure effective implementation.

    As previously discussed in our Insight "Understanding the interaction between DORA and the Central Bank's Operational Resilience Guidance", many financial services entities are now querying the interplay between DORA and the Central Bank of Ireland's ("Central Bank") Cross Industry Guidance on Operational Resilience (the "Guidance") published in December 2021 (which requires full implementation by December 2023). Anticipating the adoption of DORA, the Central Bank noted in its feedback statement to the consultation paper on the draft Guidance, that same was "in line with international best practice and compatible with and complementary to DORA". Additionally, the Central Bank also committed to "continue to update and align the intended outcomes of our supervisory approach with relevant international operational resilience policy developments as they evolve" and "monitor international developments after the issuance of this Guidance, including any updates to ICT & Cyber Resilience best practices".

    Two points arise here. Firstly, on the face of it, any work being carried out by firms in preparation for the 1 December 2023 deadline for compliance with the Guidance, should be compatible and complementary to any work required to demonstrate compliance with corresponding obligations under DORA.  Secondly, where this is not the case, the Central Bank will likely update their guidance accordingly. In fact, given the extent of the changes introduced through DORA, additional communications and guidance from the Central Bank could potentially be provided as it looks to the integration of DORA into its own supervisory work. This has been described as one of its key priorities for 2023.

     

    Explore the Horizon Tracker

    FIG Top 5 at 5 - 23/02/2023

    Mar 2, 2023, 14:07 PM
    Title : FIG Top 5 at 5 - 23/02/2023
    Filter services i ds :
    Engagement Time : 7
    Insight Type : Article
    Insight Date : Feb 23, 2023, 00:00 AM

    1. Central Bank (Individual Accountability Framework) Bill 2022: Seanad Committee Stage and Report Stage

    Committee Stage:

    On 16 February 2023, the Central Bank (Individual Accountability Framework) Bill 2022 (the "Bill") was taken at Committee Stage, Seanad Éireann (the "Seanad").

    Government amendments

    As signalled by the Minister at Second Stage of the Seanad, the Government proposed two amendments at Committee Stage. The Minister noted that these amendments are transitional provisions and determine the extent to which an inquiry, that is already under way at the time the relevant provisions of the Bill are commenced, shall be affected by the provisions. Both amendments were accepted.

    Senator McDowell's amendments

    At the outset of the discussion, Senator Michael McDowell proposed amendments to Part 2 of the Bill to include

    • a general duty of disclosure on the Central Bank of Ireland (the "Central Bank") where an investigation has been initiated against a natural person; and
    • to provide for legal assistance for individuals under investigation, where the interests of natural justice require it.

    The amendments were discussed in detail but were not accepted. The responses from the Minister of State at the Department of Finance, Deputy Jennifer Carroll MacNeill, (the "Minister of State") are however, worth noting.

    Duty of Disclosure

    In response to Senator McDowell's proposed amendment, the Minister of State advised that "irrespective of this legislation, the Central Bank, as a public body, is obliged to act in a manner consistent with its obligations under administrative law and with the constitutional rights of individuals to fair procedure, including the right to be heard and to mount a defence, in the context of any investigation or inquiry".

    In addition, she advised that the duty of disclosure "has already been built into the Bill throughout each set of processes" and outlined a number of areas which include such provisions. She noted that there will be "new obligations on the bank, partly informed by the Supreme Court in the Zalewski case, to ensure a person who is subject to investigation by the bank, whether under the administrative sanctions procedures or the fitness and probity regime, will have access to all the information on the basis of which an enforcement decision may be based".

    Discontinuation of an investigation

    Responding to Senator McDowell's questions on the discontinuation of an investigation and the possible impact on an individual's professional reputation, the Minister of State noted that the reason for the discontinuation "will have to be provided as a matter of fairness to the individual". In relation to discontinuation for reasons of resources, she noted that although the Bill refers to "reasons of resources", the decision to discontinue may also be prompted by the availability of specialist investigators and not just by financial resources. She explained that the Central Bank may wish to divert those resources to a more important or urgent issue and the should have the discretion to do so.

    Legal assistance

    Regarding the proposed amendment on legal assistance, the Minister of State noted that there does "not appear to be any national or international comparators for a provision of this nature within such an administrative sanctions regime". Additionally, she explained that the issue of legal costs for an individual subject to enforcement action by the Central Bank was previously challenged in the courts without success in 2016[1].

    Other amendments

    A number of other amendments were proposed by senators which were not accepted including:

    • extending the obligations on financial service providers to act in the best interests of society;
    • requiring a report to the Oireachtas within two years of commencement of the legislation outlining how the regulations comply with due diligence obligations under European Union law;
    • extending certain obligations to include legislation outside of financial services;
    • taking into consideration whether a prescribed contravention has had a widespread impact on society and the State; and
    • requiring a report to the Oireachtas within two years of commencement of the legislation examining the implementation of the designation and identification of controlled functions ("CFs"), the potential to expand the range of CF functions and the extent to which individuals not designated as CFs are exerting significant influence on the performance of a CF and how this may be reflected in any future revision of the legislation.

    The remainder of the amendments were not moved or were withdrawn.

    Report Stage

    On 22 February, the Bill was taken at Report and Final Stage and ultimately passed by Seanad Eireann.

    At Report Stage, Senator Black proposed a number of amendments which arose from the Committee Stage proceedings. These were largely variations on the amendments originally proposed by the Senator at Committee Stage. In responding to the proposed amendments, the Minister of State explained that several of the amendments could not be supported due to the vagueness of the terms proposed. Additionally the Minister of State explained that much of what the Senator was seeking to achieve was in fact already captured by the legislation. The amendments were ultimately defeated and the Bill passed.

    Next Steps

    The Bill will now return to the Dáil for approval of the Committee Stage amendments and then to the President for signing. Once enacted by the President, we understand that the Central Bank will launch its consultation process on the relevant supporting regulations and guidance.

    2. Dear CEO on the Central Bank's Letter regulation and supervision priorities for 2023

    On 16 February 2023, the Central Bank of Ireland (the "Central Bank") issued a Dear CEO Letter outlining its key regulation and supervision priorities for 2023. This is the third occasion in the past month in which these priorities have been highlighted by the Central Bank ( please see the FIG Top 5 at 5 from 26 January and 2 February for more details).

    The only additional priority from the lists previously referenced is the intention to provide "a clear, open and transparent authorisation process".  The Central Bank explains that this will be achieved through "active and constructive engagement" with industry and other stakeholders.

    For your reference, the following is summary of the key priorities identified:

    • Providing a clear, open and transparent authorisation process;
    • Assessing and managing risks to the financial and operational resilience of firms (including the potential decline in asset quality arising from inflation, lingering effects from the pandemic and a slowdown in the UK economy);
    • Progressing actions on the systemic risks generated by non-banks (in particular advancing a macro-prudential framework for non-banks);
    • Continuing to oversee the consolidation of the Irish banking sector (including implementing new credit supervision mandates and continuing to monitor for emerging risks in distressed debt, investor protection and product governance);
    • Consulting and engaging on regulatory developments under the Consumer Protection Framework and Individual Accountability Framework;
    • Consulting on the Central Bank's approach to Innovation;
    • Focusing on the integrity of and preventing misuse of the financial system (through detecting and sanctioning market abuse, supervising firms’ compliance with Anti-Money Laundering/Combating the Financing of Terrorism obligations and administering and enforcing financial sanctions (working closely with An Garda Síochána and other relevant bodies in all these areas));
    • Ensuring that the EU’s Anti-Money Laundering Action Plan results in a consistent and robust EU-wide framework;
    • Contributing to progressing European regulation (particularly the review of the Payment Services Directive and the functioning of open banking);
    • Implementing the digital operational resilience and markets in crypto assets regulations; and
    • Strengthening the resilience of the financial system to climate change risks and its ability to support the transition to a climate-neutral economy (along with implementing the Sustainable Finance Disclosures Regulation).

    3. European Commission considers 10th package of sanctions against Russia

    On 15 February 2023, President of the European Commission (the "Commission") Ursula von der Leyen and High Representative of the Union for Foreign Affairs and Security Policy/Vice-President of the Commission Josep Borrell gave statements on the proposed 10th package of sanctions against Russia (the "Package").

    While the exact details of the Package are yet to be agreed, the following, which will be of relevance to financial services firms, have been flagged:

    • President von der Leyen noted in her statement that the Commission is proposing to include propagandists as well as additional military and political commanders to the lists of individual sanctions;

    Mr Borrell in his statement elaborated that the Package would include "tackling the banking sector". We understand that four additional Russian banks will be impacted, including the country's largest private bank, Alfa-Bank.

    • President von der Leyen advised that the Package introduces new measures to prevent circumvention. She explained that together with Member States, the Commission will set up an overview of all frozen assets of the Russian central bank held in the EU and will "track oligarchs trying to hide or to sell their assets to escape sanctions". Details of how this will be achieved are not yet known.

    Next Steps

    President von der Leyen called on the Member States to adopt this new package of sanctions swiftly and noted the Commission aims to have agreement in place by 24 February 2023.

    4. Proposal for a Directive on financial services contracts concluded at a distance

    On 16 February 2023, the Council of the EU published a compromise proposal (dated 18 January 2023) on the proposed Directive on financial services contracts concluded at a distance. The proposed Directive amends Directive 2002/65/EC (the "Distance Marketing of Financial Services Directive") to strengthen consumer rights and foster the crossborder provision of financial services.

    The rationale for the proposed Directive is that the market on financial services contracts concluded at a distance has significantly evolved since the Distance Marketing of Financial Services Directive with the overall digitalisation of the sector and the new types of financial services that have been developed. These developments have been further enhanced by the impact of COVID 19, which greatly contributed to an increase in online transactions.

    This is the fifth Presidency compromise proposal on the proposed Directive. The fourth Presidency compromise proposal was published on 31 January 2023 (dated 8 December 2022).

    5. European Commission call for advice to EBA and ESMA to evaluate IFR and IFD prudential framework

    On 20 February 2023, the European Commission ("Commission") published a call for advice to the European Banking Authority ("EBA") and European Securities and Markets Authority ("ESMA") to provide an evaluation on the prudential framework for investment firms that has applied since June 2021.

    In accordance with Article 60 of Regulation 2019/2033 (EU) ("IFR") and Article 66 of Directive 2019/2034 (EU) ("IFD") the Commission is required to submit, by 26 June 2024, two reports to the European Parliament and the Council on the prudential framework for investment firms. In preparing these reports, the Commission is required to consult with the EBA and ESMA.

    The Commission has acknowledged that the prudential framework for investment firms only entered into force relatively recently and that this may impact the ability of the EBA and ESMA to collect the necessary evidence on the topics in this Call for Advice. Therefore the Commission is requesting the EBA and ESMA to evaluate these topics "to the extent currently possible" and "identify those topics which are better suited for a future review when the prudential framework has been in place longer".

    The EBA and ESMA are also encouraged to make use of, and build on, analyses yet conducted (e.g. ESG risks, digitalisation and crypto assets).

    The Commission has requested generally that the assessment include:

    • information about the structure of the market, distinguishing between investment firms’ categories and business models;
    • the impact on the capital requirements of investment firms resulting from any change proposed to the current legislation; and
    • an estimate of the impact of any recommendation both in terms of changes to the own funds’ requirements and the operational and administrative costs incurred by investment firms.

    The Commission has requested that the assessment specifically consider:

    • the categorisation of investment firms;
    • interactions with Regulation 575/2013 ("CRR") and Directive 2013/36/EU ("CRD IV");
    • ESG Risks;
    • whether changes to the IFR/IFD are warranted due to the emergence of new market players/transformations of businesses as a result of digitalisation, the impact of crypto assets and the risks resulting from the interactions between investment firms and other financial activities; and
    • specific considerations on commodity and emission allowance dealers and on energy firms.

    The EBA and ESMA are also requested to include other issues or inconsistencies that competent authorities in the EU may have identified during the implementation of the IFR/IFD framework and any suggestions on how to rectify these issues.

    The EBA and ESMA are requested to deliver their joint report to the Commission by 31 May 2024.

    [1] Purcell v. Central Bank of Ireland 

    HoldingImage_558x245_Blue HoldingImage_450x200_Red
    Authors :
    Co Authors
    Services :
    Related Insights

    The Latest Financial Regulation Developments

    Read the Full Report