Empty Link Skip to Content

FIG Top 5 at 5 - 03/08/2023

DATE: 03/08/2023

1. Central Bank of Ireland publishes Engagement Update on the outcomes of the Discussion Paper on the Consumer Protection Code Review

On 31 July 2023, the Central Bank of Ireland ("Central Bank") published an Engagement Update on the outcomes of the Consumer Protection Code Review Discussion Paper ("Update"). The following is a brief overview of some of what the Central Bank details it has learned from the feedback it has received on the Discussion Paper, and what it intends to do next.


The publication of the Discussion Paper was followed by a six-month engagement programme. This involved the Central Bank meeting with over 30 stakeholders and hosting three roundtable sessions focused on:

  • “Securing Consumers’ Best Interests”;
  • “Change and Innovation”; and
  • “Availability and Choice

The period for consultation on the Discussion Paper closed on 31 March 2023 at which point the Central Bank had received 59 written response submissions. The Central Bank also had over 1200 responses to its online public survey launched at the same time as the Discussion Paper.

As the final step in the process, the Central Bank is now engaging in targeted consumer research on the public’s views of the consumer protection issues raised in the Discussion Paper. The Central Bank explains in the Update that this varied approach has "facilitated a broad spectrum of views to inform our policy considerations under the Code Review".

Emerging Themes:

While the Central Bank provides high level details of the responses received and the observations made relevant to the component parts of the Discussion Paper, namely the ten themes, it places particular emphasis on a number of key themes which it has identified as having general application across the CPC. These include:

  • Digitalisation is bringing greater choice and access for consumers, but it also brings potential risks and challenges to some consumers which need to be addressed;
  • Vulnerability arises in a wide range of circumstances and people may move in and out of states of vulnerability. This requires firms to consider how they can effectively identify and support people in vulnerable circumstances;
  • Disclosure requirements can result in information overload and may not ensure that consumers are well informed. Plain, simple, standardised information and language can assist consumers;
  • Financial education and related initiatives are strongly supported and are seen as a way to address a number of issues including fraud and scams, and the need to protect vulnerable consumers; and
  • It is important that consumers can clearly identify when a firm is regulated by the Central Bank. However, provision of unregulated products and services by regulated firms can create a lack of clarity on the regulatory status of those products.

Wider regulatory context

The Central Bank explains that, as it had anticipated, the feedback received on the Discussion paper confirms the cross over between the topics addressed in the CPC and other areas of regulation and upcoming initiatives. The Update helpfully includes a table entitled "Policy Priorities – under the Broader Domestic and EU Consumer Protection Framework" which maps the ten themes detailed in the Discussion Paper as against areas of cross over with other relevant areas of priority for the Central Bank, as well as additional domestic and European initiatives. Commentary from stakeholders, however, urges that any changes to the CPC should be consistent with these other areas to ensure a level playing fields across sectors and that Ireland doesn't adopt gold plated standards.

What will the Consumer Protection Code ("CPC") Review now entail?

The Central Bank explains that in light of the feedback it has received, the review of the CPC now moves to its next stage which is intended to achieve the following:

  • the existing CPC will be converted into Central Bank Regulations which will include General Business Standards, cross sectoral requirements and sector specific standards;
  • the existing standalone consumer protection codes and regulations, including the Code of Conduct on Mortgage Arrears, will be consolidated into the revised CPC – bringing domestic protections together in one place;
  • the scope of the CPC will be considered as to whether it should be extended to include sectors or services not currently covered by CPC provisions; and
  • the review will bring forward proposed enhancements to existing CPC requirements and new requirements to reflect the changes that are taking place in financial services.

Next Steps:

Given the feedback received and the Central Bank's intentions as regards what now needs to be achieved, the Central Bank has confirmed that "effective implementation" of the CPC can best be achieved through the introduction of a revised CPC in 2024, with further enhancements to follow in 2025. These further enhancements will reflect outcomes from Central Bank research and policy work and the expected implementation of the Retail Banking Review recommendations, as well as the review of PSD2.

This proposal differs somewhat from the original plan outlined on the publication of the Discussion Paper. The decision to proceed with a revised CPC in 2024 and an update to same in 2025 appears to have been largely influenced by the feedback received during the engagement programme and supports the Central Bank's decision to begin with a Discussion Paper rather than going straight to a consultation paper with set intentions and draft regulations.

The next step in the process is the publication of a consultation paper which the Central Bank has indicated will be published in December 2023. Once this has concluded, the revised CPC (in the form of regulations) will be published and work can commence on the further enhancements. These enhancements will ultimately also be addressed through a consultation process before being captured in additional regulations.

2. Central Bank of Ireland publishes Thematic Review of Trading Venue Operators' Compliance with Market Abuse Regulations

On 26 July 2023 the Central Bank of Ireland ("Central Bank") published its Thematic Review on Market Abuse Regulations ("MAR") requirements of trading venues to prevent, detect and report suspected market abuse ("Review"). The Review reflects the outcomes of the Themed Inspection ("Inspection") carried out throughout 2022, by the Central Bank to assess how effectively Trading Venue Operators ("TVOs") complied with MAR.

The TVO sector has expanded considerably, increasing the volume and variety of instruments trading in these entities. The Inspection examined how effectively TVOs maintained arrangements, as well as the systems and procedures in place to prevent and detect insider dealings and market manipulation. A number of failings were found including lack of awareness and accountability by the Board; weak quality assurance procedures; insufficient resource and poor alert closure and calibration governance.

In its 2021 Dear CEO letter and Securities Market Risk Outlook Report in 2021 and 2022, the Central Bank outlined its expectations of firms and their legal obligations. However, the Review clearly states that 'market surveillance is not a high priority for CEOs and their Boards'. Issues were identified in three key areas: Governance, Management Information ("MI") Reporting and Training; Prevention, Detection and Assurance and Suspicious Transaction Order Reports ("STORs").

Governance, MI Reporting and Training

The issues identified in this area included:

  • Inability of Boards, Senior Executive Management Teams and Second Line of Defence to demonstrate the necessary level of knowledge, accountability and ownership regarding surveillance systems;
  • An absence of Compliance, Risk or Internal Audit specific reviews on surveillance functions;
  • The MI produced on MAR was insufficiently detailed to show adequate escalation of issues, alert effectiveness, and trends regarding STORs submitted to the Central Bank;
  • Formal specific surveillance training was not provided to all staff including Board members.

Prevention, Detection and Assurance

The issues identified in this area included :

  • Several TVOs had no real time surveillance in place with respect to the market activity on the venue;
  • Surveillance functions were insufficiently resourced compared to the volume of trading on the Irish venue;
  • Surveillance functions gave minimal consideration to cross-market and cross-product manipulation;
  • Outsourced surveillance functions could not demonstrate sufficient understanding and expertise regarding the trading market structure in Ireland; and
  • The resources and expertise available in the Irish TVOs could not appropriately manage and oversee delegated surveillance functions.


In 2022, the Central Bank only received 1.3% of total STORs from TVOs. The issues identified during the Inspection include:

  • Compliance Officers had no formal role in producing and reviewing STORs other than receiving them and submitting them to the Central Bank.;
  • The Central Bank received STORs from multiple market participants on a specific issue, but not from TVOs regarding the same case;
  • No internal deadlines to ensure STOR submissions were made in a timely manner; and
  • The principle of confidentiality was not prescribed in detail in the relevant STOR policies and procedures.

Required Actions

The Central Bank has warned that it will use all supervisory tools necessary where circumstances of non-compliance arise, particularly where there are risks to the market and investors. The Central Bank requires that Chairpersons take responsibility for the findings of this Review and ensure that the contents of the letter are discussed, minuted and actioned and immediately commence a review of their trade surveillance arrangements.

3. Central Bank of Ireland releases a statement on the EBA EU-wide and ECB stress-test results

On 28 July 2023, the Central Bank of Ireland ("Central Bank") released a statement on the results of the European Banking Authority ("EBA") EU-wide stress test and the results of the European Central Bank ("ECB") Single Supervisory Mechanism ("SSM") stress test of banks directly supervised by the ECB, which were not included in the EBA stress test.

Irish entities

Within these two stress tests, Allied Irish Bank Group plc, Bank of Ireland Group plc, Barclays Bank Ireland plc and Citibank Holdings Ireland plc were assessed under the EBA stress test and Bank of America Europe Designated Activity Company was assessed under the SSM stress test.

The results of the stress test will feed into the 2023 Supervisory Review and Evaluation Process for banks. Director of Credit Institutions at the Central Bank, Mary-Elizabeth McMunn, commented that "though the scenario is on balance more severe, the impact of the stress test is less severe than the results from the 2021 exercise, reflecting the changed interest rate environment. While uncertainty is currently high, the benefits of resilience built up in recent years are evident, with banks having sufficient capital to absorb the impact of the severe scenario".

EBA Stress Test Results

70 banks from 16 EU and EEA countries, accounting for 75% of EU banking sector assets, were involved in the stress test which took place over a three year period. Despite a scenario combining severe recession, rises in interest rates, and higher credit spreads, the results of the stress-test illustrate that European banks remain resilient. Even with the combined loss of €496 billion, EU banks remain sufficiently capitalised to sustain the economy even during severe stress. In its press release announcing the results of the stress test, the EBA cautioned that "the high current level of macroeconomic uncertainty shows however the importance of remaining vigilant and that both supervisors and banks should be prepared for a possible worsening of economic conditions".

4. Updates on the Credit Servicers Directive

EBA publishes Consultation Paper on Draft Guidelines regarding the establishment and maintenance of national lists or registers of credit servicers under the Credit Servicers Directive

On 26 July 2023, the European Banking Authority ("EBA") launched a public consultation on draft guidelines for the maintenance and establishment of national lists or registers of credit servicers under Directive 2021/2167 ("Directive").

The proposed Guidelines ("Guidelines") will "specify the types of information to be included in the lists or registers in order to guarantee a level playing field across the Union and transparency for credit purchasers and for borrowers". It is the interests of both credit purchasers and borrowers which have determined the content of the Guidelines. The Guidelines outline the following:

  • the detail to be specified in the lists and registers;
  • how the lists and registers should be made accessible – free of charge and available 24/7 to anyone wishing to access them, without the requirement for registration;
  • the deadlines for updating lists and registers – for crucial updates, competent authorities have two working days to make the relevant updates and for regular updates, two weeks. In addition, the home competent authority must inform the host competent authority of the updates no later than when it updates the list or register, the same deadlines apply to the host authority to update its list or register;
  • facilitating borrower's access to information on complaint handling procedures; and
  • facility to share information between home and host competent authorities – the annex to the Guidelines includes a template which home competent authorities should use to inform the host competent authority about a credit servicers intention to provide crediting services in that country. The EBA also proposes that a list of mailing addresses for competent authorities  be provided to the EBA to create a non-public list that enables the rapid sharing of information between competent authorities.

Next Steps

The consultation will remain open until 3 October 2023.

Department of Finance Credit Servicers Directive Public Consultation

As previously noted in the Top 5 at 5 on 26 January 2023, the Department of Finance launched a consultation regarding the discretions which Member States are allowed to exercise in the context of the transposition of the Directive. The consultation period closed on 8 March 2023. The Department of Finance has now published the decisions it has taken following the submissions which it received. The following should be noted :

In line with domestic regulatory framework, public notaries, bailiffs and lawyers will not be exempt from the requirement to be authorised if they perform credit servicing activities (discretion not exercised);

  • Ireland will exercise its discretion to permit authorised credit servicers to receive and hold funds from borrowers;
  • Ireland will exercise its discretion to require credit service providers to keep and maintain relevant records for a period of six years;
  • Ireland will maintain the existing domestic regulatory regime for credit servicers and credit purchasers for matters which are not expressly covered by the Directive (discretion not exercised);
  • Ireland will maintain its position that a credit servicer must be a legal person (discretion not exercised);
  • Ireland considers that the Credit Reporting Act 2013 provides appropriate and effective reporting obligations and duties for all credit information providers in relation to the Central Credit Register (discretion not exercised);
  • Ireland will include all of the identified forbearance measures in Article 16a of the Directive in the statutory instrument which transposes the Directive (discretion not exercised);
  • Ireland will transpose the Directive to provide that
    • a creditor can impose a charge on a consumer arising from a consumer’s default but that any such charge, if imposed by a creditor, shall be no greater than is necessary to compensate the creditor for the cost it has incurred as a result of the default and
    • a creditor shall not be allowed to impose ‘additional’ charges on a consumer in the event of default (partial discretion exercised);
  • Ireland will transpose the amended Article 28 of the Mortgage Credit Directive to provide for all the forbearance measures (discretion not exercised); and
  • Ireland will exercise its discretion to provide that entities carrying out credit servicing activities under the Provision of Part V of the Central Bank Act 1997 will be recognised as authorised credit servicers.

5. Interview with Chairperson of EIOPA, Petra Hielkema

On 26 July 2023 the European Insurance and Occupational Pensions Authority ("EIOPA") published an interview whish the Chairperson of EIOPA, Petra Hielkema gave to Grupo Aseguranza . The interview discussed the biggest challenges within the insurance industry, what work needs to be done to improve consumer protection, systemic risks, protection gaps, and artificial intelligence. The Spanish insurance sector was also addressed in the interview.

Overview of Challenges facing the insurance industry

Ms Hielkema stated that overall the insurance industry was in good shape. She identified high inflation and rising insurance rates as potential challenges to the industry, but remained confident that the industry would be able to "weather the storm of the current macroeconomic environment".

Climate change was also identified as a key challenge. Ms Hielkema noted that the insurance industry has a key part to play in moving towards a greener economy and that insurers are adopting environmental, social and governance approaches.

A final challenge raised was the pace of digitalisation, and how quickly the industry can adapt. This is reflected in the amount of cross-sectoral regulation that is being introduced across the financial sector, such as the Artificial Intelligence Act ("AI Act"), the DORA and the Open Finance Framework.

Consumer Protection

Ms Hielkema stated that more needs to be done in designing and delivering products, aswell as monitoring and reviewing their progress. The cost of products must be justified and proportionate to ensure value for money for customers.

Recent data showed that over 60% of European consumers believe the advice is biased and over 70% find it difficult to understand the terms and conditions. Digital channels should provide transparent and fair advice and suit the consumer's needs, and more oversight is needed in this area.

Ms Hielkema noted that all consumers should be protected. She noted that there are still instances where women have less access to insurance protection, and loyal customers are penalised.

Insurance Gap

Ms Hielkema pointed to the recent discussion paper published with the European Central Bank about the climate insurance protection gap. She noted that they were considering actions to reduce catastrophe risks from climate change such as insurance coverage and adaption measures. However, she cautioned that these measures should be in addition to mitigation policies to tackle climate change and reduce related catastrophe risks, not as a substitute.

The focus is on using an evidence based decision making process. EIOPA's natural catastrophe risk dashboard is an example of this which focuses on collecting data on economic and insured losses. This functions both to raise awareness of the protection gap and uses a science based approach to policy making.

Ms Hielkema also cautioned that low price insurance is not the problem or a solution. She noted that insurance prices should act as a signal of risk. Insurance for climate risks is rising and therefore appropriate measures should be introduced to mitigate the risk and reduce the losses.

EU-wide Scheme

Private (re)insurance should be the first option to combat losses from natural disasters, and financial markets could be used to transfer risks via catastrophe bonds to support the reinsurance of these risks. However, policymakers need to put more sophisticated frameworks in place to deal with extreme weather and reduce future costs to taxpayers, such as public-private partnerships which exist in France and Spain.

Ms Hielkema also commented on a potential EU-wide scheme for addressing systemic risks, noting that private solutions alone are not sufficient, and "solutions require both public and private sector involvement".


Ms Hielkema noted that the cyber protection gap was growing alongside digitalisation. Consequently there is a larger risk of cyber-attacks, and evidence suggests that roughly 70% of European SMEs are not covered for cyber-attacks. EIOPA wishes to investigate the motivations for consumers not purchasing such policies and what influenced their decision.

Covid / War in Ukraine

EIOPA indicated that the insurance sector had recovered well post-pandemic. While consumers in some areas had seen reductions in motor insurance during the pandemic, others had to go to court to have their terms for business interruption insurance interpreted. This lack of clarity has also been seen in relation to the Russian war and increases in natural catastrophes, where Ms Hielkema observed that insurers quickly revised coverage to exclude certain risks. She noted that in response, EIOPA issued a supervisory statement and clear guidance on ensuring contract simplicity to remind the market that product reviews should consider the customer's expectations at the time the product was bought.

Artificial Intelligence

Ms Hielkema emphasised the importance of the AI Act in the sector. This is particularly due to the fact that data such as age or disability is allowed to be used by the insurance industry for underwriting purposes, and is not permitted in other sectors. EIOPA would like to have a greater role in the governance of the AI Act to ensure that the specificities of the insurance sector are adequately considered by decision-making bodies.

A main concern of AI is that of bias and discrimination which can lead to circumstances which disadvantage certain groups. In addition, there is a concern that increasingly accurate risk assessments carried out by AI systems, may make access to insurance more difficult for consumers categorised as higher risk or those less willing to share their personal data.


Ms Hielkema acknowledged that InsurTech start-ups and BigTech are entering the market both as competitors and as cooperation partners of incumbent insurers. The use of incumbent undertakings to provide quick access to new technologies and business models and the sharing of data on Application Programming Interfaces can create new opportunities for consumers and businesses. However, this creates potential risks to financial stability where a few companies are being used by a large number of firms within the financial sector, aswell as regulatory challenges.