S.I. No. 80/2025 - Central Bank Reform Act 2010 (Section 17A) (Standards for Business) Regulations 2025
Notice of the making of this Statutory Instrument was published in | ||
“Iris Oifigiúil” of 25th March, 2025. | ||
In exercise of the powers conferred on the Central Bank of Ireland (the “Bank”) by section 17A(2) the Central Bank Reform Act 2010 (No. 23 of 2010) (the “Act”), the Bank, having consulted the Minister for Finance and such other persons as the Bank considers appropriate to consult in the circumstances in accordance with section 17A(5) of the Act, hereby makes the following regulations: | ||
Part 1 | ||
PRELIMINARY AND GENERAL | ||
Citation and commencement | ||
1. (1) These Regulations may be cited as the Central Bank Reform Act 2010 (Section 17A) (Standards for Business) Regulations 2025. | ||
(2) These Regulations shall come into operation on 24 March 2026. | ||
Scope and application | ||
2. (1) Subject to paragraphs (2) and (3), these Regulations apply to a regulated entity in the conduct of its affairs. | ||
(2) These Regulations do not apply to a regulated entity insofar as it engages in one or more of the following: | ||
(a) any service or activity set out in the Schedule 1 to the MiFID Regulations 2017, but not including any service or activity of a person to whom such Regulations do not apply by virtue of Regulation 4(3) of the MiFID Regulations 2017; | ||
(b) credit union activities, other than when the credit union is acting as an insurance intermediary; | ||
(c) the activities of a Crowdfunding Service Provider, within the meaning of Regulation 2(1) of Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937; | ||
(d) reinsurance business. | ||
(3) Regulation 4(1)(a), Regulation 4(1)(f), Regulation 5 and Regulation 10, apply only in respect of a customer who is a consumer. | ||
Definitions | ||
3. (1) In these Regulations - | ||
“Act of 2010” means the Central Bank Reform Act 2010 (No. 23 of 2010); | ||
“Bank” means the Central Bank of Ireland; | ||
“consumer” means, subject to paragraph (3), a customer that is - | ||
(a) a natural person, | ||
(b) a group of natural persons, including a partnership, club, charity, trust or other unincorporated body, or | ||
(c) an incorporated body, that is not – | ||
(i) an incorporated body that had an annual turnover in excess of €5 million in the previous financial year, or | ||
(ii) an incorporated body that is a member of a group of companies having a combined turnover greater than €5 million; | ||
“customer” means, subject to paragraph (2) - | ||
(a) any person to whom a regulated entity provides or offers financial services, | ||
(b) any person who requests the provision of financial services from the regulated entity, | ||
(c) a relevant borrower in a case where a regulated entity undertakes credit servicing in respect of the credit agreement concerned, or | ||
(d) a hirer in a case where a regulated entity undertakes credit servicing in respect of the consumer-hire agreement or hire-purchase agreement concerned, | ||
and shall include, where appropriate, a potential “customer” and former “customer” within the meaning above; | ||
“financial abuse” means any of the following: | ||
(a) the wrongful or unauthorised taking, withholding, appropriation, or use of a customer’s money, assets or property; | ||
(b) any act or omission by a person, including through the use of a power of attorney, guardianship, or any other authority regarding a customer, to – | ||
(i) obtain control, through deception, intimidation or undue influence, over the customer’s money, assets or property, or | ||
(ii) wrongfully interfere with or deny the customer’s ownership, use, benefit or possession of the customer’s money, assets or property; | ||
“financial services” include financial products; | ||
“group” includes, unless otherwise specified, a company, its parent and its subsidiaries and any associated undertaking or related undertaking; | ||
“high cost credit provider” and “high cost credit” have the meaning assigned to them in section 2 of the Consumer Credit Act 1995 (No. 24 of 1995); | ||
“key information” means any information which is likely to influence a customer’s actions with regard to a financial service; | ||
“MiFID Regulations 2017” means the European Union (Markets in Financial Instruments) Regulations 2017 ( S.I. No. 375 of 2017 ); | ||
“person” means, unless otherwise specified, a natural person or a legal person; | ||
“regulated activities” means the provision of financial services that are provided in the State by a regulated entity and which are subject to the regulation of the Bank and a “regulated activity” is the provision of any one such financial service; | ||
“regulated entity” means a financial services provider authorised, registered or licensed by- | ||
(a) the Bank, | ||
(b) a state (other than the State) that is a member of the European Union, or | ||
(c) a state (other than the State) that is a contracting party to the Agreement on the European Economic Area signed at Oporto on 2 May 1992, as adjusted by all subsequent amendments to that agreement, | ||
that is providing regulated activities in the State; | ||
“unregulated activities” means the provision of services of a financial nature, which are not otherwise regulated activities, to consumers in the State. | ||
(2) For the purposes of the definition of “customer” in paragraph (1), “relevant borrower”, “credit servicing”, “credit agreement”, “consumer-hire agreement”, “hire-purchase agreement” and “hirer” have the same meaning as in Part V of the Central Bank Act 1997 (No. 8 of 1997). | ||
(3) Where a high cost credit provider is engaged in the activity of providing high cost credit, “consumer” means a consumer within the meaning of the Consumer Credit Act 1995 . | ||
Part 2 | ||
STANDARDS FOR BUSINESS | ||
Standards for business | ||
4. (1) A regulated entity shall at all times: | ||
(a) secure its customers’ interests; | ||
(b) act honestly and with integrity; | ||
(c) act with due skill, care and diligence; | ||
(d) act in the best interests of customers and treat them fairly and professionally; | ||
(e) ensure that all information it provides to customers is presented in a way that informs the customer effectively; | ||
(f) control and manage it affairs and systems to counter the risks of financial abuse to customers to whom the regulated entity is providing financial services within the scope of its regulated activities; | ||
(g) control and manage its affairs and systems sustainably, responsibly and in a sound and prudent manner; | ||
(h) maintain adequate financial resources; | ||
(i) engage and cooperate with the Bank and comparable competent authorities in good faith and without delay. | ||
(2) The systems referred to in paragraph (1)(g) include a regulated entity’s risk management systems, internal control mechanisms and governance arrangements. | ||
Part 3 | ||
SUPPORTING STANDARDS FOR BUSINESS | ||
Securing customers’ interests | ||
5. Without prejudice to the generality of Regulation 4(1)(a), a regulated entity shall secure its customers’ interests, including by: | ||
(a) ensuring that its culture, strategy, business model, decision-making, systems, controls, policies, processes and procedures take into account its customers’ interests; | ||
(b) acting in accordance with the reasonable expectations of its customers; | ||
(c) taking into account the interests of its customers when designing financial services, and the methods of delivery; | ||
(d) ensuring that its financial services are not designed to unfairly exploit the behaviours, habits, preferences or biases of customers leading to customer detriment; | ||
(e) resolving any complaints received from customers efficiently, fairly and in a timely manner; | ||
(f) resolving errors and mistakes affecting customers efficiently, fairly and in a timely manner, and disclosing errors and mistakes to customers affected in a timely manner; | ||
(g) ensuring errors and mistakes identified for one customer that may reasonably have affected other customers are resolved for all affected customers efficiently, fairly and in a timely manner; | ||
(h) clearly distinguishing for customers between the entity’s regulated activities and its unregulated activities including by taking all appropriate steps to mitigate the risk that a customer will understand an activity to be, or to carry the protections of, a regulated activity where this is not the case; | ||
(i) delivering fair outcomes for customers. | ||
Acting with honesty and integrity | ||
6. Without prejudice to the generality of Regulation 4(1)(b), a regulated entity shall act honestly and with integrity, including by: | ||
(a) operating without bias and preventing, or identifying and appropriately managing, conflicts of interest; | ||
(b) not exerting pressure or influence on a customer so as to limit his or her ability to make an informed choice in relation to any financial service; | ||
(c) not misusing or misappropriating any assets or information of the regulated entity or its customers. | ||
Acting with due skill, care and diligence | ||
7. Without prejudice to the generality of Regulation 4(1)(c), a regulated entity shall act with due skill, care and diligence, including by: | ||
(a) ensuring that persons who are responsible for managing the activities of the regulated entity have appropriate knowledge of the activities and associated risks that apply in the conduct of its affairs; | ||
(b) complying with all financial services legislation applicable to the conduct of its affairs; | ||
(c) operating in compliance with standards of market conduct and trading venue rules to which the regulated entity is subject by law and any market codes that apply to the affairs of the regulated entity. | ||
Acting in the best interests of customers and treating them fairly and professionally | ||
8. Without prejudice to the generality of Regulation 4(1)(d) a regulated entity shall act in the best interests of customers and treat them fairly and professionally, including by: | ||
(a) ensuring that customers are informed in a clear manner of relevant information of which they ought to be aware; | ||
(b) communicating relevant information to customers in a timely manner having regard to the urgency of any matter and the time required by the customer to consider that relevant information; | ||
(c) seeking from customers information relevant to the financial services requested; | ||
(d) assessing the needs and circumstances of customers, including their level of knowledge and experience of financial services, their financial circumstances and the range of options that the regulated entity is able to make available to them; | ||
(e) ensuring that customers are not misled as to the advantages or disadvantages of any financial service; | ||
(f) ensuring that any advice or recommendation provided to customers is appropriate and tailored to meet their financial services needs and circumstances; | ||
(g) not acting in a manner that is unfair to customers; | ||
(h) without prejudice to the pursuit of its legitimate commercial aims, not unreasonably preventing access by a customer to financial services. | ||
Informing effectively | ||
9. Without prejudice to the generality of Regulation 4(1)(e), a regulated entity shall inform its customers effectively, including by: | ||
(a) ensuring that information is provided to a customer in such a way that the material features of the financial service in question can reasonably be understood by the customer; | ||
(b) ensuring that all information that it provides to a customer is clear, accurate, up to date, and written in plain language; | ||
(c) avoiding the unnecessary use of technical terms; | ||
(d) providing information to a customer on a timely basis; | ||
(e) bringing key information to the attention of the customer. | ||
Financial abuse | ||
10. Without prejudice to the generality of Regulation 4(1)(f), a regulated entity shall control and manage it affairs and systems to counter the risks of financial abuse to customers to whom it is providing financial services within the scope of its regulated activities, including by: | ||
(a) putting reasonable systems and controls in place in the context of the provision of its financial services, to mitigate the risk to its customers of financial abuse; | ||
(b) appropriately monitoring financial abuse trends relevant to its customers or the sector more generally; | ||
(c) carrying out ongoing monitoring in respect of potential vulnerabilities in the services and distribution channels, and ensuring appropriate escalation processes where there is increased risk to its customers of financial abuse; | ||
(d) notifying its customers through clear and timely communication of any digital frauds or deception connected to its affairs, or specifically relevant to the sector in which the regulated entity is operating, and of which it is aware; | ||
(e) communicating the supports available to its customers, and the actions that customers can take in the event of financial abuse, directly connected to the regulated entity’s affairs. | ||
Controlling and managing its affairs | ||
11. Without prejudice to the generality of Regulation 4(1)(g), a regulated entity shall control and manage its affairs and systems sustainably, responsibly and in a sound and prudent manner, including by: | ||
(a) having and employing appropriate resources and implementing effective governance of policies and procedures, systems and control checks, including compliance checks, to ensure that the regulated entity complies with its obligations under financial services legislation; | ||
(b) providing appropriate staff training on the legal and regulatory framework relevant to the performance of those functions, including any legal obligations or standards that are imposed by or under financial services legislation; | ||
(c) ensuring that if delegating tasks, that those tasks are assigned to an appropriate person with effective oversight within the regulated entity; | ||
(d) managing its outsourced activities effectively to identify, monitor and manage its outsourcing risk; | ||
(e) arranging adequate protection for assets held by the regulated entity on behalf of a customer. | ||
Adequate financial resources | ||
12. Without prejudice to the generality of Regulation 4(1)(h), a regulated entity shall maintain adequate financial resources, including by: | ||
(a) complying with its obligations under financial services legislation; | ||
(b) establishing and implementing systems and controls, processes, policies and procedures for the purpose of ensuring that it maintains adequate financial resources. | ||
Disclosure and cooperation | ||
13. Without prejudice to the generality of Regulation 4(1)(i), a regulated entity shall engage and cooperate with the Bank and comparable competent authorities in good faith and without delay, including by: | ||
(a) disclosing to the Bank promptly, and in a manner appropriate to the circumstances, any matter relating to the regulated entity of which the Bank would reasonably expect notice including information relevant to, or giving rise to, a suspicion or expectation of any of the following: | ||
(i) commission of an offence by the regulated entity or a person performing a controlled function in relation to it; | ||
(ii) commission of a prescribed contravention or any other breach of obligations under financial services legislation by the entity or a person performing a controlled function in relation to it; | ||
(iii) concealment or deliberate destruction of evidence relating to a matter referred to in subparagraph (i) or (ii); | ||
(iv) provision of false or misleading information to the Bank relating to a matter referred to in subparagraph (i) or (ii); | ||
(v) obstruction or impeding of an investigation relating to a matter referred to in subparagraph (i) or (ii); | ||
(vi) commencement of legal proceedings by or against the regulated entity arising from its obligations under financial services legislation; | ||
(vii) commencement of legal proceedings against the regulated entity which may impact on its ability to continue to trade; | ||
(viii) anything that may otherwise interfere significantly with the operation of the regulated entity or its compliance with its obligations under financial services legislation; | ||
(ix) a decision by the regulated entity to cease to provide financial services of a particular description; | ||
(b) facilitating appropriate reporting to the management of the regulated entity and to the Bank, including: | ||
(i) reporting of information relevant to, or giving rise to a suspicion of, the commission of a prescribed contravention or contravention of any other obligation or standard imposed on the regulated entity by or under financial services legislation; | ||
(ii) any matter otherwise adversely affecting the activities or interests of customers, the regulated entity, its related undertakings, or the financial services system; | ||
(iii) any information of which the Bank would reasonably expect notice in respect of the affairs of the regulated entity; | ||
(c) responding to requests and requirements under financial services legislation in an open and timely manner; | ||
(d) disclosing information or records when required to do so under financial services legislation; | ||
(e) ensuring that persons performing functions for the regulated entity attend meetings and interviews when required to do so under financial services legislation; | ||
(f) not providing false, inaccurate or misleading information, records or explanations; | ||
(g) not destroying, hiding or putting beyond reach information or records that it is reasonable for the person to expect to be required to be disclosed under financial services legislation; | ||
(h) not engaging in evasive, misleading or obstructive conduct. | ||
Systems and controls. | ||
14. A regulated entity shall establish and implement systems and controls, processes, policies and procedures for the purpose of ensuring that it, and any agent acting on its behalf on the basis of an outsourcing arrangement, complies with these Regulations. | ||
Signed for and on behalf of the CENTRAL BANK OF IRELAND, | ||
19 March 2025 | ||
GABRIEL MAKHLOUF, | ||
Governor of the Central Bank of Ireland | ||
EXPLANATORY NOTE | ||
(This note is not part of the Instrument and does not purport to be a legal interpretation.) | ||
These Regulations give effect to Section 17A of the Central Bank Reform Act 2010 by prescribing Standards for Business for the purpose of ensuring that in the conduct of its affairs a financial service provider: | ||
(a) acts in the best interests of customers and of the integrity of the market, | ||
(b) acts honestly, fairly and professionally, and | ||
(c) acts with due skill, care and diligence. |