FIG Top 5 at 5 - 31/07/2025

1. Government publishes action plan for insurance reform

On 24 July 2025, the Government published the action plan for insurance reform 2025 - 2029 (“Plan”). The publication of the Plan follows on from the public consultation carried out by the Department of Finance (“Department”), for more information, see FIG Top 5 at 5 dated 1 May 2025.

The Plan recognises that prioritising Ireland’s competitiveness is essential, especially in the current geopolitical environment and the associated uncertainty. In this context, the Plan acknowledges the progress made since the publication of the first action plan on insurance reform in 2020, however it is noted that Ireland’s costs remain too high, when compared against international data.

The Plan sets out six key themes as follows:

Transparency and Affordability

Acknowledging the improvements, regarding oversight and identification of cost drivers, made by the National Claims Information Database (“NCID”), the Plan commits to the further enhancement of transparency with the aim of policyholders understanding how premiums are calculated and insurers being accountable.

As regards affordability, the Plan states that the Government will continue to work with regulators, consumer bodies and industry to ensure reforms are fully embedded and reflected in pricing practices, with the ultimate goal of a fairer and more accessible insurance system. 

Competitiveness and Availability

Some of the matters highlighted under this theme include:

• certain sectors, for example, childcare, have found it difficult to obtain cover, if at all;
• recent reforms have started to stabilise the market;
• recent new entrants to the market, such as Revolut and OUTsurance, signify a growing confidence in the market; and
• the Office to Promote Competition in the Insurance Market (“OPCIM”) is engaged in addressing barriers to market entry and collaborating with the IDA to attract new providers. 

Fraud

The Plan emphasises that the Government is committed to strengthening the tools available to identify, deter and prosecute fraud. Some of the measures highlighted include:

• enhancing data-sharing between insurers and law enforcement;
• legislative changes to support prosecution; and
• investment in fraud analytics and claims intelligence.

Innovation and Skills

The Plan notes Ireland’s global position in the insurance industry, the thriving fintech sector and the strong talent pool, and in that context sets out that Ireland is well positioned to lead the digital development of the insurance industry. The Plan states the intention to support further such growth by:

• promoting upskilling;
• facilitating collaboration between industry and third-level institutions; and
• backing emerging segments such as cyber insurance and parametric products.

The Plan emphasises the importance of regulatory flexibility as key to enabling innovation, however further emphasising that such flexibility must be in the context of the existence of strong safeguards and the maintenance of consumer protection.

Climate Protection Gap

Recognising that climate adaptation and risk mitigation are critical for long-term market stability, some of the matters highlighted under this key theme of the Plan include:

• a resilient insurance market should play a central role in reducing the protection gap and supporting Ireland’s transition to a more sustainable economy, while acknowledging that insurance cannot, of itself, address all such matters;
• the reduction of the climate protection gap requires collaboration between the Government, regulatory authorities, the insurance industry and home and business owners;
• the Government will work with EU and international partners to align capital frameworks with climate resilience;
• the Government will continue to integrate climate-related risks into supervisory and consumer protection frameworks; and
• insurers also have a role to play by developing new products / investing in green assets / supporting nature-based solutions.

Legal Reform

The Plan emphasises the progress made through the Personal Injuries Guidelines (“Guidelines”) and the duty of care reforms, however, goes on to state that further action is needed to create “a more efficient and proportionate legal environment.”

Some of the measures highlighted as regards legal reform are as follows:

• the continued reform of the litigation process, including enhanced use of mediation, digital processes, and cost transparency;
• the amendment of the Judicial Council Act 2019 to establish a more robust process for reviewing the Guidelines;
• strengthening the Injuries Resolution Board’s remit; and
• continued monitoring of the implementation of the Guidelines.

Priority Actions

The Plan also sets out the actions being led by Government ministers and their departments or bodies, as regards insurance reform, together with implementation timelines. There are 28 actions in the Plan, ten of which are categorised as priority actions, some of which are as follows:

• the enhancement of transparency in insurance premiums, with particular reference to motor insurance, through (a) working with the insurance industry to develop a transparency code and (b) conducting a feasibility study on how data collected by the Central Bank of Ireland (“Central Bank”) can be used to enhance transparency;
• the strengthening of the powers and remit of the Injuries Resolution Board through legislative reform, where necessary, including consideration of key areas identified;
• the conducting of a benchmarking exercise to examine levels of Irish personal injury awards versus UK and other European jurisdictions to determine if the Guidelines have enabled consistency in the awarding of general damages for personal injuries and to consider the implications for competitiveness;
• the consideration of, and the making of a recommendation to Government, on how a scale of fees, based on work of the Interdepartmental Group could be applied to wider civil litigation, in particular for personal injuries;
• expand and support the OPCIM to support and grow competition in the insurance industry;
• engaging with the Central Bank on its authorisation process for new entrants;
• exploring the introduction of tougher penalties and encourage intelligence sharing on insurance fraud, working with An Garda Síochána and the insurance industry; and
• the development of a long-term strategic approach to the provision of flood insurance, working with the Central Bank, Office of Public Works, the insurance industry, and other key stakeholders to create a sustainable response to the flood insurance protection gap.

In his foreword to the Plan, An Taoiseach, Micheál Martin TD, stated:

“Ireland is open for business, and we are ambitious about our place in the global insurance sector. With this Action Plan, we are setting out a clear path to build a stronger market that works for everyone and supports a fairer future for all.”

2. EBA publishes its 2025 opinion on ML / TF risks affecting EU financial sector

On 28 July 2025, the European Banking Authority (“EBA”) published its 2025 opinion (“Opinion”) on money laundering and terrorist financing (“ML / TF”) risks affecting the EU’s financial sector. This is the EBA’s fifth such opinion and covers data gathered from, amongst other sources, competent authorities (“CAs”) during the period from January 2022 to December 2024.

The EBA is required to issue such opinions every two years under article 6(5) of the fourth money laundering directive (“MLD4”). The Opinion is addressed to the European co-legislators and to AML / CFT CAs. 

The Opinion is divided into a number of sections with section 3 addressing cross sectoral ML / TF risks, some of which are as follows:

• FinTech firms appear to prioritise growth over compliance, with information provided by CAs pointing to the existence of a gap, which may be increasing, , between the evolving FinTech landscape and the effectiveness of FinTech providers’ AML / CFT systems and controls. 69% of CAs consider that the level of ML / TF risk associated with FinTech has remained high or has increased;
• White labelling creates challenges in terms of third-party oversight and AML / CFT supervision, referring to the practice whereby a firm (the partner) offers the financial products and services of a licensed financial institution (the provider) under its own brand.

Of note is the fact that CAs may be unaware of the extent of white labelling in their member state, as such agreements may not need to be notified to supervisory authorities unless they meet certain thresholds or conditions, such as involving agency under PSD2 or constituting a material change to the business model.

The EBA is currently assessing the risks associated with white labelling from a prudential, consumer protection and financial crime perspective. The report will be published in Q3, 2025.

• The risks and challenges associated with virtual IBANs with the Opinion stating that CAs consider the risk associated with virtual IBANs is high for payments institutions and credit institutions, though the nature of the risk varies by sector;
• The use of RegTech, without robust measures in place, creates ML / TF risks with CAs identifying outsourcing, automation without effective monitoring, and lack of in-house skills and experience as the three most significant ML / TF risks in relation to RegTech;
• ML / TF risks related to tax-related crimes are perceived as decreasing by some CAs, due to legislative changes and enhanced compliance efforts;
• Material weaknesses in relations to politically exposed persons continue, while corruption in the financial sector is insufficiently addressed;
• Risks as regards non-compliance with restrictive measures are increasing due to the complexity of successive sanctions measures; and
• Automation and AI are driving the rapid expansion of sophisticated fraud and cybercrime schemes.

Section 4 of the Opinion considers AML / CFT trends by sector, providing an overview of the main findings regarding risk levels in each of the sectors under the EBA’s remit. Some of the trends identified are as follows:

• Since 2021, the levels of inherent risk have remained broadly stable across most sectors. However, inherent risks have increased in the payment and e-money institutions, crypto asset service providers (“CASPs”) and life insurance undertakings;
• Controls are increasingly being put in place and are being assessed as adequate more often than was previously the case. Consequently, residual risk levels are improving, with marked reductions in the overall levels of residual risk in the credit institutions, investment funds and life insurance sectors in particular.

  The Opinion details that controls appear to be less effective in the e-money and credit provider sectors, as no marked reduction in risk levels was observed. As for payment institutions, bureaux de change and CASPs, the data suggests that levels of residual risk exceed inherent risks;

• Most AML / CFT breaches relate to customer due diligence (“CDD”) measures, across all sectors, however the nature of the breaches varies by sector; and

• Failures in the reporting of suspicious transaction affect investment firms in particular, followed by credit institutions, e-money institutions and payment institutions;
• Specifically, as regards CASPs, the Opinion notes that risks remain high, particularly given that the transition to the new regulatory framework is ongoing – a framework that the Opinion notes, is critical to address the challenges associated with the sector.

Conclusion

The Opinion notes that, overall, awareness of ML / TF risks is increasing but that the effectiveness of AML / CFT systems remains uneven. The Opinion states that its findings highlight the need for “continued regulatory clarity, and a more consistent application of risk-based approaches across the EU financial sector.”

3. EIOPA Updates: (1) EIOPA publishes follow up report to its 2022 peer review on outsourcing (2) EIOPA publishes statement on monitoring exercise on use of climate change scenarios in ORSA

1. EIOPA publishes follow up report to its 2022 peer review on outsourcing

On 24 July 2025, the European Insurance and Occupational Pensions Authority (“EIOPA”) published its follow up report (“Report”) to its 2022 peer review on outsourcing under the Solvency II framework (“Peer Review”).

The Peer Review contained 77 recommended actions that were targeted at enhancing consistency and effectiveness in the supervision of outsourced activities. The Report evaluates the implementation by national competent authorities (“NCAs”) of those 77 recommended actions.

The Report highlights the fact that outsourcing is an embedded and widespread practice in the (re)insurance industry and is of strategic importance to the sector. In this context, the Report emphasises the importance of effective and convergent supervisory oversight.

The Review notes that significant progress has been made by NCAs as regards strengthening outsourcing supervision. Out of the 77 recommended actions, 51 have been fulfilled, 22 partially fulfilled, while 4 remain unfulfilled. The Report details that the high rate as regards fulfilment, signifies the recognition that outsourcing is a critical supervisory matter.

The Report highlighted some positive actions taken by NCAs, such as:

• the development or refinement of regulatory instruments;
• the publication of detailed guidance;
• the improvement of internal procedures; and
• the enhancement of documentation and risk assessment requirements.

The Report also highlights that information management systems and internal registers, introduced since the 2022 Peer Review, are enabling a more data-driven and risk based approach to supervision.

Despite this, the Report does also highlight areas where further improvement is needed, such as:

• offsite supervision remains inconsistent across jurisdictions, with some authorities yet to fully implement structured, risk-based approaches; and
• there are also other issues as regards the embedding of internal procedures and the full operationalisation of supervisory tools.

The Report emphasises the importance of supervisory practices evolving beyond initial notifications such that they “become more dynamic, coordinated and forward-looking.”

The Report recommends that NCAs continue to focus and work on the supervision of outsourcing.

Ireland

Section 4.14 of the Report deals with Ireland’s progress as regards recommended actions in the Peer Review, of which there were two, as follows:

1. It was recommended that the Central Bank of Ireland (“Central Bank”) clarify, with the market, that the activity of an insurance intermediary, who is not an employee of the undertaking, under delegated authority to underwrite business or settle claims in the name and on the account of an undertaking, is subject to outsourcing requirements, and therefore may be subject to notification if considered a critical or important function or activity (guideline 61 of the EIOPA guidelines on the system of governance).

   The Central Bank was found to have addressed this recommendation by:

   • publishing a newsletter in September 2022 which included a detailed article on the outsourcing of delegated authority to underwrite and settle claims;
   • publishing an updated newsletter in December 2024 which further emphasised the importance of undertakings carrying out detailed due diligence to ensure that the service provider has the necessary ability to carry out the outsourcing function or activity; and
   • the development of a set of internal documents to guide supervisors when supervising firms' outsourcing of critical or important functions or activities to underwriting managing general agents (“MGAs”).
2. In the second recommendation, it was recommended that the Central Bank develop an internal register / database which would include information on outsourcing per undertaking, such as the key functions and other critical or important functions being outsourced as well as the relevant service providers.

The Central Bank was found to have fulfilled the recommended action by:

• developing an internal register / database to gather and aggregate firm-specific outsourcing data – such requirements are set out in the Central Bank’s 2021 cross industry guidance on outsourcing;
• the development of a template for recording all relevant outsourcing arrangements and for reporting purposes;
• the July 2023 publication of the “guidance note: outsourcing register template insurance; and
• the Report also states that the Central Bank has stated that further work is underway to align templates on outsourcing stemming from the different applicable regulations with the objective of reducing the reporting burden.

2. EIOPA publishes statement on monitoring exercise on use of climate change scenarios in ORSA

On 23 July 2025,the European Insurance and Occupational Pensions Authority (“EIOPA”) published a statement (“Statement”) on the results of its monitoring exercise (“Exercise”) on the use of climate change scenarios in the own risk and solvency assessment (“ORSA”).

The Exercise follows on from EIOPA’s 2021 opinion on the supervision of climate change risk scenarios in the ORSA and the application guidance on change materiality assessments and climate change scenarios in the ORSA, published in August 2022.

The Exercise, carried out by EIOPA in 2024, was targeted at assessing how undertakings have implemented the use of climate change risk scenarios in the ORSA. The Exercise also aimed to identify existing practices and identify areas where further progress is needed. The Statement also outlines how the Exercise could act as a starting point for potential future work, supporting EIOPA's broader sustainability-related supervisory priorities.

Progress

The results of the Exercise show that there has been a positive change in undertakings’ risk management of climate change, and it is being increasingly integrated into insurers’ risk management processes. Some of the matters highlighted in the Statement include:

• most insurers, who took part in the Exercise, now include climate change scenarios in their ORSA, addressing transition and physical risks. This is in contrast to what was observed by EIOPA in 2021;
• scenario analysis has become a key element in assessing the financial impact of these risks;
• the quality and depth of scenario analysis have improved; and
• in an increasing number of cases, climate change assessments are linked to defined management actions and are being taken into account in strategic decision making.

Challenges and Improvements Needed

Some of the challenges identified by the Exercise include:

• there is a significant variance in how climate change risks are assessed across jurisdictions and among undertakings. The Statement highlights that there quite different approaches to materiality assessments and scenario analysis which leads to material differences in the outcomes observed between countries;
• limited availability and quality of data to support climate risk assessments in the ORSA, particularly as regards a proper evaluation of exposures to physical and transition risks; and
• many undertakings find it difficult to extend their analysis beyond the typical ORSA time horizon, due to data gaps, modelling uncertainties, and misalignment with business planning practices.

The Statement emphasises the need for undertakings to continue to improve the use of climate change risk scenarios in the ORSA and to actively work to address the challenges identified.

Supervisory Authorities

The Statement details that many national competent authorities are enhancing their supervisory approaches as regards the supervision of the climate change risk assessments. The Statement notes varying levels of maturity in this regard and goes on to highlight examples of progress in this area, some of which are as follows:

• the development of methodologies;
• internal expertise; and
• engagement with undertakings.

Next Steps

The Statement details EIOPA’s commitment to supporting the consideration of climate change related risks in the financial system, further stating that the insights gained from the Exercise will inform its ongoing work with supervisors and stakeholders.

4. ECB SSM Updates: (1) ECB publishes revised guide to internal models (2) ECB publishes updated policies on options and discretions under SSM

1. ECB publishes revised guide to internal models

On 28 July 2025, the European Central Bank (“ECB”) published its revised guide to internal models (“Guide”). This version of the Guide reflects changes in regulatory requirements and the experience gained by the ECB in supervising internal models.

The aim of the Guide is to set out the ECB's understanding of the rules applicable under the Capital Requirements Regulation (“CRR”) where banks use internal models to calculate the amount of capital they need.

The following is a brief overview of some of the main changes in the Guide:

• There is a new section that specifies expectations for using machine learning in internal models, with the aim of ensuring that models using such methods are adequately explainable and that their performance justifies their complexity;
• The chapter on credit risk has updates as to roll-out and permanent partial use to align with requirements under CRR3. Further, expectations on internal validation and internal audit in line with the EBA’s supervisory handbook on the validation of internal ratings-based (“IRB”) rating systems have been refined.

  The credit risk chapter also clarifies the responsibilities of senior management and the management body regarding the readiness of applications concerning internal models that are to be submitted to the ECB.

  Additionally, expectations on the definition of default and the estimation of credit risk parameters have been refined.

• The topic of market risk has been divided into two chapters to present supervisory expectations for market risk models under both CRR2 and CRR3, reflecting the delay of the implementation of legislation on the Basel standards until the beginning of 2027, for more information, see FIG Top 5 at 5 dated 19 June 2025; and
• The chapter on counterparty credit risk has been updated to include more detail on how to model the risks of trades with partners, changes in exposure and updates on maturity under CRR3.

Next Steps

The ECB has stated that it expects that the updated Guide will improve its effectiveness and usefulness as regards the implementation and supervision of internal models. 

2. ECB publishes updated policies on options and discretions under SSM

On 25 July 2025, the European Central Bank (“ECB”) published updated policies on the exercise of options and discretions (“O&Ds”) when supervising banks.

This publication follows on from an ECB consultation (“Consultation”) on the application of O&Ds available to supervisory authorities under EU law, for more information, see FIG Top 5 at 5 dated 14 November 2024. 

The documents published are as follows:

• ECB Guide on O&Ds available in Union law, (“Guide”) setting out the ECB’s approach regarding the exercise of O&Ds provided for in the EU legislative framework, concerning the prudential supervision of credit institutions. The ECB also published a copy of this guide with draft revision marks included;
• Regulation ECB/2025/24 (“Regulation”) amending regulation (EU) 2016/445 on the exercise of O&Ds in EU law;
• Recommendation ECB/2026/26 (“Recommendation”), amending regulation ECB/2017/10 on common specifications for the exercise of some O&Ds available in EU law by national competent authorities in relation to less significant institutions; and
• Guideline ECB/2025/25 (“Guideline”) amending guideline (EU) 2017/697 on the exercise of O&Ds available in EU law by national competent authorities in relation to less significant institutions.

The ECB also published a feedback statement containing responses to the November 2024 Consultation.

Some of the changes in the final documents, when compared to the Consultation documents, include:

• how the ECB grants permissions to banks regarding how they calculate capital requirements for operational and market risks; and
• whether minority interests in subsidiaries can be included in the capital of a banking group.

The updated policies also clarify how the Danish compromise should be applied in the banking union, as regards banks being permitted to risk-weight their investments in insurance subsidiaries instead of deducting them from their capital. The ECB is granting a one-year transition period to banks affected by the updated guidance on deduction of insurance holdings.

Next Steps

The Guide appears to have immediate effect, as do the Recommendation and Guideline (although national competent authorities should comply with the Guideline from 1 January 2026). The revised Regulation will come into force 20 days after it is published in the official journal of the European Union.

5. ESMA announces change from DVCM to VCM under MiFIR

On 24 July 2025, the European Securities and Markets Authority (ESMA”) published a press release stating that, from 9 October 2025, the current double volume cap mechanism (“DVCM”) will be replaced with a single volume cap mechanism (“VCM”) under the regulation on markets in financial instruments (“MiFIR”).

Under article 5 of MiFIR, the VCM limits the trading under the reference price waiver at 7% (article 4(1)(a) of MiFIR) in an equity or equity-like financial instrument. If the limit is exceeded  trading venues will be required to suspend use of the waiver for the relevant instrument for three months.

ESMA have also published a dedicated VCM webpage – trading venues must base their decision to suspend the use of the waiver on the data published by ESMA on that VCM webpage.

ESMA will also set out the suspension start and end dates for any breaches of the limit, as well as the deadline for trading venues to issue suspensions.

Burden Reduction

In the interest of reducing the reporting burden, future VCM calculations will be based on transaction reporting data collected by national competent authorities. Accordingly, the DVCM reporting system will become obsolete in January 2026. In this context, ESMA sets out that it has submitted the necessary amendment to regulatory technical standard 3 (“RTS 3”), for adoption. The VCM switch will occur on 9 October 2025, even if RTS 3 is not yet in place.

Next Steps

ESMA encourages all interested parties to prepare for the new VCM becoming active in Q4 2025. The first VCM results will be published on 9 October 2025.