• Home
  • About
    • Fintech Family
  • Authorisations
    • CASP (MiCAR)
    • Buying & Selling
    • Payments & Emoney >
      • Support Material
  • Crowdfunding
  • Services
    • Regulatory Licences
    • Interim Solutions
    • Training
  • Brexit
    • Brexit Updates
  • Blogs & Insights
  • News
  • Team
  • Contact
  • Fintech Ireland
  • Client Login
  • Home
  • About
    • Fintech Family
  • Authorisations
    • CASP (MiCAR)
    • Buying & Selling
    • Payments & Emoney >
      • Support Material
  • Crowdfunding
  • Services
    • Regulatory Licences
    • Interim Solutions
    • Training
  • Brexit
    • Brexit Updates
  • Blogs & Insights
  • News
  • Team
  • Contact
  • Fintech Ireland
  • Client Login
CompliReg
  • Home
  • About
    • Fintech Family
  • Authorisations
    • CASP (MiCAR)
    • Buying & Selling
    • Payments & Emoney >
      • Support Material
  • Crowdfunding
  • Services
    • Regulatory Licences
    • Interim Solutions
    • Training
  • Brexit
    • Brexit Updates
  • Blogs & Insights
  • News
  • Team
  • Contact
  • Fintech Ireland
  • Client Login

Blogs & Insights

    Author

    Peter Oakes is an experienced anti-financial crime, fintech and board director professional.

    He has served in senior roles at central banks (Ireland & Saudi Arabia) and financial regulators (UK and Australia).

    Peter is an experienced board director of regulated finserv & fintech firms and advisor to regtech firms.

    Archives

    July 2026
    April 2026
    October 2025
    January 2025
    December 2024
    July 2024
    May 2024
    April 2024
    February 2024
    October 2023
    July 2023
    June 2023
    May 2023
    April 2023
    February 2023
    January 2023
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    December 2021
    November 2021
    September 2021
    July 2021
    June 2021
    May 2021
    April 2021
    February 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    February 2020
    January 2020
    December 2019
    June 2019

    Categories

    All
    ACAMS
    AIB
    AML
    Anti Money Laundering
    Anti-money Laundering
    AUSTRAC
    Authorisation
    Bank Of England
    Bank Of Ireland
    Bank Of Lithuania
    BIS Innovation Hub
    Bitcoin
    Blockchain
    Brexit
    Capital Requirements
    CBDC
    Central Bank Of Ireland
    Chambers And Partners
    Compliance
    Consultation
    COVID-19
    Crypto
    CRYPTOASSETS
    Culture
    Cybercrime
    Cyberfraud
    Cyberrisk
    Cyprus
    Data Protection
    Dear CEO Letter
    Digital Assets
    Digital Currencies
    Digital Euro
    EBA
    EBS
    ECB
    EML
    Emoney
    Enforcement
    Equivalence
    ESMA
    FCA
    Financial Conduct Authority
    Financial Crime
    Finolita Unio
    FinTech
    FintechUK.com
    Fitness & Probity
    FIU Ireland
    FTX
    GDPR
    Individual Accountability
    Insider Dealing
    Insider Trading
    KBC Bank
    Law
    Lithuania
    Map
    MiCA
    MiFID
    Moneycorp
    Money Laundering
    Open Banking
    Payments
    Payments System Regulator
    RegTech
    Risk Management
    Sam Bankman-Freid
    Sandbox
    SARs
    SEAR
    Square
    STRs
    Terrorist Financing
    Tracker Mortgage
    Tracker Mortgages
    VASP
    Virtual Assets
    Westpac
    Wirecard

Back to Blog

Danske Bank A/S fined €1,820,000 and reprimanded by the Central Bank of Ireland for transaction monitoring failures in respect of anti-money laundering and terrorist financing systems

15/9/2022

 
Picture

ComplIReg: "The action will make the directors, both executive and non-executive at the relevant time of a prescribed contravention, of foreign incorporated financial services firms which operate in Ireland on a branch passported basis sit up and pay attention."

Danske Bank A/S fined €1,820,000 and reprimanded by the Central Bank of Ireland for transaction monitoring failures in respect of anti-money laundering and terrorist financing systems.

The fine would have been €2,600,000, but reduced by 30% to €1,820,000.

So what you might think? Another bank, another AML/CTF sanction. But in this case it isn't an Irish incorporated bank but for the first time a penalty has been imposed on a financial institution which is incorporated and supervised outside of Ireland (i.e. in Denmark). It operated in Ireland on a passported branch  basis. The same outcome could happen to any other firm which operate on a passport's branch basis. 

The action will make the directors, both executive and non-executive at the relevant time of a prescribed contravention, of foreign incorporated financial services firms which operate in Ireland on a branch passported basis sit up and pay attention. Such a regulatory action will need to be disclosed by them to regulators elsewhere. A regulatory enforcement action on a company where the directors may not be resident could damage their standing in, and income derived from, an overseas jurisdiction.

In a little bit chest-beating, the Central Bank also announced that this 150th enforcement outcome takes the total fines it has imposed to just under €300 million.  Which although is less than the total of the Ireland’s Data Protection Commissioner for a fraction of the number of its enforcement outcomes – not that it is a competition nor would anyone want it to be!

In probably a fairly well known rumour circulating this past while, on 13 September 2022, the Central Bank of Ireland (the Central Bank) reprimanded and fined Danske Bank A/S, trading in Ireland as Danske Bank, €1,820,000 pursuant to its Administrative Sanctions Procedure for three breaches of the Criminal Justice (Money Laundering & Terrorist Financing) Act 2010, as amended (the CJA) for three failures by Danske to ensure that its automated transaction monitoring system monitored the transactions of certain categories of customers of its Irish branch, for a period of almost nine years, between 2010 and 2019.  [This included a range of customers, including those categorised by Danske as banks, insurance, stockbrokers and specialised lending customers.]
The three breaches, all admitted by Danske,  comprised of failures by under the CJA relating to:

  1. Transaction Monitoring: Danske failed to ensure that its automated transaction monitoring system monitored the transactions of certain categories of customer for money laundering and terrorist financing risk at its Irish branch for a period of almost nine years.
  2. Enhanced Customer Due Diligence: In failing to conduct automated transaction monitoring in respect of certain categories of customers, Danske’s Irish branch did not take into consideration an important part of due diligence i.e. transaction monitoring data, which is necessary to identify and assess money laundering/terrorist financing risks specific to those customers and identify where any consequential additional measures might be required.
  3. Anti-money laundering / Countering the Financing of Terrorism policies, procedures and controls: The policies, procedures and controls put in place by Danske did not operate to identify the erroneous exclusion of certain categories of customers from automated transaction monitoring.
What led to the failures?
  • Root cause of failure was historic data filters that were applied within Danske’s automated transaction monitoring system, first implemented in 2005 and rolled out to the Irish branch in 2006. 
  • Danske failed to consider the appropriateness of these historic data filters within the system or make any adjustments to the system to take account of the specific requirements of the CJA when it came into force in Ireland in 2010. 
  • This led to the erroneous exclusion of certain categories of customers from transaction monitoring, including some customers rated by Danske as high and medium risk, which caused the three breaches of the CJA in this case.
  • In May 2015, Danske became aware, as a result of an internal audit report, of the inadequacies in its transaction monitoring system and the nature of the risks they posed, yet it failed to notify the Irish branch of these issues and to take adequate action for almost four years. 
  • Estimated that between 31 August 2015 and 31 March 2019, 348,321 transactions, equating to approximately one in forty or 2.43% of all transactions processed through the Irish branch were not monitored for money laundering and terrorist financing risk.

Below is a copy and paste from the remainder of the Central Bank of Ireland statement
The Central Bank’s Director of Enforcement and Anti-Money Laundering, Seana Cunningham, said: “The importance of transaction monitoring in the global fight against money laundering and terrorist financing cannot be overstated. It is imperative that firms implement robust transaction monitoring controls which are appropriate to the money laundering risks present and the size, activities, and complexity of their business. These controls must be applied to all customers, irrespective of their risk rating, as they enable firms to detect unusual transactions or patterns of transactions and where required apply enhanced customer due diligence to determine whether the transactions are suspicious.

The Central Bank recognises that while firms may rely on automated solutions for transaction monitoring, they must ensure that systems employed for this purpose are appropriately monitored, and calibrated correctly to take account of the actual money laundering or terrorist financing risk to which the firm is exposed. In this case, the transaction monitoring system used by the Irish branch was a Danske group wide automated system that had applied historic data filters which operated to erroneously exclude certain categories of customers from being monitored for a period of almost nine years. This led to the serious breaches in this case.

This case highlights the requirement for firms, including those operating in Ireland on a branch basis, to ensure that group systems, controls, policies and procedures are compatible with Irish legal requirements and to ensure that their governance framework and risk management measures operate effectively. These should be risk-based and proportionate, informed by firms’ business risk assessment of their money laundering and terrorist financing risk exposure.

Danske became aware that its automated transaction monitoring system erroneously excluded certain categories of customers in May 2015 but failed to rectify it or notify the Irish branch or the Central Bank of this issue. It was only in October 2018 when the Irish branch identified the issue that steps were taken to rectify it, which were completed in March 2019. However, the Central Bank was not informed of the issue until February 2019. The failures to rectify the issue and to notify the Central Bank promptly are aggravating factors in this case. The Central Bank expects firms to bring failures to its attention at the earliest opportunity and to act expediently to address identified errors. The Central Bank will hold firms, including those operating in Ireland on a passporting basis, fully accountable where they fail to take such actions.

Anti-money laundering and countering the financing of terrorism compliance is, and will remain, a key priority for the Central Bank. This case demonstrates our willingness to pursue enforcement actions and impose sanctions where firms fail in their anti-money laundering/countering the financing of terrorism compliance.”

Background
Danske is a credit institution incorporated in Denmark and authorised there by the Danish Financial Supervisory Authority (the Danish FSA). It is the largest bank in Denmark serving personal, business, corporate and institutional clients and operates in a number of other countries via a branch network.
Danske’s Irish branch operates on a ‘freedom of establishment’ basis i.e. because Danske is established and authorised in Denmark, it is entitled to ‘passport’ in to Ireland and establish a branch here. The Irish branch is not a separate legal entity to Danske, and it is for this reason that Danske is the named party in the enforcement action. Supervision of the Irish branch sits predominantly with the Danish FSA (as home regulator) but the Central Bank (as host country) regulates it for conduct of business rules and is responsible for supervision of compliance by Danske’s branch operations in Ireland with AML/CFT obligations under the CJA.

Danske’s Irish branch predominantly provides banking services to large corporate and institutional customers including the public sector in Ireland. Consequently, transaction volumes through the Irish branch, including cross-border funds transfers, are substantial. The Irish branch utilises a group wide automated transaction monitoring system that is implemented and managed by Danske from Denmark.

The Legislative Framework
The CJA requires a credit and financial institution to monitor any business relationship that it has with a customer to the extent reasonably warranted by the risk of money laundering/terrorist financing (ML/TF). ‘Transaction Monitoring’ forms part of a broader system of interconnected elements that comprise a firm’s defence against ML/TF and is an important method which assists firms in identifying high risk situations which may require enhanced due diligence on a customer.
Firms are also required to adopt and maintain a system of policies, procedures and controls in relation to AML/CFT, and to monitor compliance with those policies, procedures and controls. Such policies, procedures and controls include, inter alia, those dealing with the monitoring of transactions for the identification and scrutiny of any complex, large or unusual patterns of transactions.

The Investigation
The Central Bank’s investigation confirmed serious inadequacies within Danske’s automated transaction monitoring system. Historic filters were applied to Danske’s automated transaction monitoring system which erroneously excluded certain categories of customers from transaction monitoring. This led to Danske being in breach of certain obligations under the CJA which gave rise to the three breaches in this case (see below under Prescribed Contraventions for further detail).
The investigation found that the exclusion of certain categories of customers from transaction monitoring was first identified in a May 2015 internal audit report. The May 2015 internal audit report also identified inadequacies with Danske’s transaction monitoring policies for certain categories of customers. However, these internal audit findings were not communicated by Danske to either its Irish branch or the Central Bank. Steps were only taken to monitor the transactions of these customers in October 2018 when the Irish branch became aware of the issue, which were completed by the end of March 2019. The Central Bank was not informed of this issue until February 2019.

To illustrate the scale of the failure to monitor, it is estimated that, during the period from 2015 to 2019 when Danske was aware of the issue, 348,321 transactions, equating to approximately one in every forty or 2.43% of all transactions processed through the Irish branch were not monitored.

Danske has confirmed to the Central Bank that by the end of March 2019 it had fully deactivated the erroneous historic filters which gave rise to the breaches in this case. Danske has also confirmed that by April 2020, it completed a third party review exercise for the period 2016 to 2019. Danske has advised that the outcome of the review showed that the risk of suspicious transactions amongst those examined was very low.

Prescribed Contraventions
The Central Bank's investigation identified three breaches of the CJA, as set out below.

Breach by failure to conduct transaction monitoring
Between 15 July 2010 and 31 March 2019 Danske breached sections 30B(1)(a), 35(3) and 36A(1) (as applicable) of the CJA by failing to monitor the transactions of certain categories of customers for money laundering and terrorist financing risk. The failure meant that the Irish branch was not in a position to:
  • Scrutinise these customers’ transactions to the extent reasonably warranted by the risk of ML/TF;
  • Determine whether any of the unmonitored transactions were complex, unusually large, of an unusual pattern or whether they had an apparent economic or lawful purpose; or
  • Identify and assess the risk of ML/TF having regard to the relevant business risk assessment for the purposes of determining the extent of measures to be taken under section 35(3) of the CJA in relation to these customers.




Breach in relation to enhanced customer due diligence measures
Between 14 June 2013 and 31 March 2019 Danske breached section 39 of the CJA on the basis that by failing to conduct transaction monitoring on certain categories of customers, it did not take into consideration an important part of due diligence i.e. transaction monitoring data, which is necessary to identify and assess ML/TF risks specific to those customers and identify whether additional measures were required on these certain categories of customers.

Breach in adopting ML/TF policies and procedures
Between 15 July 2010 and 31 March 2019, Danske breached sections 54(1), 54(2) and 54(4) of the CJA on the basis that the policies, procedures and controls that were in place did not operate to identify the erroneous exclusion of certain categories of customers from transaction monitoring as set out above. The May 2015 internal audit report identified inadequacies with Danske’s transaction monitoring policies for certain categories of customers and Danske took some steps in 2015 to address this by introducing a new AML/CFT policy. Nonetheless, certain categories of customers continued to be excluded from transaction monitoring in the Irish branch.

Penalty Decision Factors
In deciding the appropriate penalty to impose, the Central Bank had regard to the Outline of the Administrative Sanctions Procedure, dated 2018 and the ASP Sanctions Guidance, dated November 2019. It considered the need to impose a level of penalty proportionate to the nature, seriousness and impact of the contraventions.

The following particular factors are highlighted in this case:

The Nature, Seriousness and Impact of the Contraventions
Two of the breaches were ongoing for almost nine years, and the other was ongoing for almost six years. The breaches represent serious weaknesses in Danske’s internal AML/CFT controls. Monitoring transactions, ensuring that an important part of due diligence is taken into consideration to identify where additional measures are required, and having effective policies, procedure and controls are critical parts of a firm’s internal AML/CFT framework. Danske’s failures in this regard in respect of certain categories of customers that transacted through its Irish branch reveal serious weaknesses in these controls.

From its May 2015 internal audit report, Danske became aware of the inadequacies in its transaction monitoring system, the nature of the ML/TF risks that they posed and that it was at risk of non-compliance with legal requirements. Despite this, Danske failed to take adequate action for almost four years or to inform the Irish branch of these internal audit findings. The breaches of the CJA after this point were reckless.

The Central Bank considers that the breaches in this case represent a serious departure from the required standard.

Two Aggravating Factors
Failure to Report and Failure to Remediate promptly
Danske was on notice of the inadequacies in its transaction monitoring system which erroneously excluded certain categories of customer from the time that they were uncovered in the May 2015 internal audit report but it did not report the matter to the Central Bank until February 2019, almost four years later. Furthermore, Danske continued to exclude certain categories of customers from transaction monitoring until March 2019.

The Central Bank views both of these failures as particularly aggravating given the context of increased supervisory engagement it initiated in July 2018 with Danske following media reports of AML/CFT concerns in other jurisdictions in relation to Danske.

Both of these failings are serious aggravating factors in this case.

Other Considerations
The following were also taken into consideration when determining the appropriate sanction:
  • The Irish branch’s financial position and the need to impose a proportionate level of penalty. The Central Bank notes Danske’s cooperation in this investigation and this enforcement action against Danske is now concluded.
  • The need to have an appropriate deterrent impact on Danske and the regulated financial services sector in general.
0 Comments
Read More
Back to Blog

UK Registered Cryptoasset Map Version 4.0 Tuesday 16th August 2022

16/8/2022

 
Picture
CompliReg, your first choice for regualtory authorisations, licences and registrations is proud to support Fintech UK and its endeavours to Map the FCA registered cryptoasset market in the UK.
Fintech UK is looking to partner with registered / regulated (or soon to be) cryptoasset firms on building out a cryptoasset section on our website.  If you are senior executive at a UK registered cryptoasset firm, please contact us here to discuss the proposed project.  Also happy to hear from senior executives at businesses which support crypto firms to support the project. See our CRYPTO page for more information

If you are are crypto firm seeking regulatory advice or director services, please contact CompliReg for assistance at the details appearing here and check out its VASP registration and other authorisation services here.

Hope you like the Map (Version 4.0)!
Welcome to the second edition (version 4.0) of Fintech UK's and CompliReg's (a leading provider of fintech consulting services to crypto asset firms) UK FCA registered Cryptoasset Firms Map.

There are now 37 registered Cryptoasset firms appearing on the Financial Conduct Authority's (FCA) website as at Tuesday 16th August 2022.  Welcome to Crypto.com.   The FCA register records Foris DAX UK LTD (aka Crypto.com) registration effective 16th August 2022.  

At the time Version 1.0 was released there were 218 (thereabouts) unregistered cryptoasset business listed on the UK FCA's website that appear, to the FCA, to be carrying on cryptoasset activity, that are not registered with the FCA for anti-money laundering purposes.  As of today (20 September 2022), that number has decreased by one to 247.  On both 18th and 28th July 2022 the figure was 248. 

Read more at Fintech UK on facts and figures about the cryptoasset firms appearing on Version 4.0.

0 Comments
Read More
Back to Blog

PUBLISHED - CENTRAL BANK (INDIVIDUAL ACCOUNTABILITY FRAMEWORK) BILL 2022

28/7/2022

 
Picture
If you wish to Partner with the S.E.A.R. Hub contact us at helloATsearhubDOTcom (replace AT and DOT with @ and .) and let us know what you do and which category of service you provide i.e. RegTech, Professional Services and/or Training and details of your track record working in the field of regulated financial services.  

Board directors & senior executives at regulated institutions in Ireland, big news today. 76 pages of big news! 

Central Bank (Individual Accountability Framework) Bill 2022 (Bill 75 of 2022) has been published - 
DOWNLOAD THE BILL HERE

What is the Bill about?  Go to
read SEAR Hub's blog.

Other ways to stay in contact include:
  • joining our SEAR email list
  • joining our SEAR Linkedin Group  
  • following our SEAR Linkedin Page


If you wish to Partner with the SEAR Hub contact us at helloATsearhubDOTcom. Let us know what you do & which category of service you provide i.e. RegTech, Professional Services and/or Training and & details of your track record working in the field of regulated financial services. 

Read the LinkedIN Post here
0 Comments
Read More
Back to Blog

UK Registered Cryptoasset Map Version 2.0 Monday 18th July 2022

18/7/2022

 
Picture
Click for larger image
Fintech UK is looking to partner with registered / regulated (or soon to be) cryptoasset firms on building out a cryptoasset section on our website.  If you are senior executive at a UK registered cryptoasset firm, please contact us here to discuss the proposed project.  Also happy to hear from senior executives at businesses which support crypto firms to support the project. See our CRYPTO page for more information

If you are are crypto firm seeking regulatory advice or director services, please contact CompliReg for assistance at the details appearing here and check out its VASP registration and other authorisation services here.

Hope you like the Map (Version 2.0)!


Don't forget to sign up to our Newsletter (we don't spam) by clicking here.  We use MailChimp, which means you can unsubscribe whenever you like.
Welcome to the second edition (version 2.0) of Fintech UK's and CompliReg's (a leading provider of fintech consulting services to crypto asset firms) UK FCA registered Cryptoasset Firms Map.

There are now 35 registered Cryptoasset firms appearing on the Financial Conduct Authority's (FCA) website as at Monday 18th July 2022.

The first 5 of these firms were registered in 2020. According to the FCA's records, the first registered Cryptoasset firm was Archax on 18 August 2020.  Then in 2021, the FCA registered 22 crypto firms.  Thus far in 2022, the FCA has registered 8 crypto firms.  The most recent to be registered is DRW (7 June 2021).

As we pointed out when we released Version 1.0 of the Map, 2021 saw a flurry of activity and especially in the last quarter of 2021 when 16 firms received their Cryptoasset registration from the FCA - that was a  whopping 60% of the total pool of registered firms at that time. At the current rate, the number of firms registered in 2022 may be less than that in 2021, unless the FCA registers a large pile of crypto firms in the second half of 2022.

As we continue to Map registered Cryptoasset firms, expect to see certain logos appear more than once as several brands will be registering several Cryptoasset firms for different purposes, such as - for example - services for (1) trading and (2) custody. 

At the time we released Version 1, there were 218 (thereabouts) unregistered cryptoasset business listed on the UK FCA's website that appear, to the FCA, to be carrying on cryptoasset activity, that are not registered with the FCA for anti-money laundering purposes.  As of today, that number has increased to 248.

The firms thus far registered by the FCA include:

2020: Archax Ltd, Gemini Europe Ltd, Gemini Europe Services Ltd, Ziglu Limited, Digivault Limited, 

2021: Fibermode Limited, Zodia Custody Limited, Ramp Swaps Limited, Solidi Ltd, Coinpass Limited, CoinJar UK Limited, Trustology Limited, Commercial Rapid Payment Technologies Limited, Iconomi Ltd, Skrill Limited, Paysafe Financial Services Limited, Crypto Facilities Ltd, Fidelity Digital Assets LTD, Payward Limited, Galaxy Digital UK Limited, BABB Platform Ltd, BCP Technologies Limited, Zumo Financial Services Limited, Baanx.com Ltd, Bottlepay Ltd, Genesis Custody Limited, Altalix Ltd, 

2022: X Capital Group Limited, Enigma Securities Ltd, Light Technology Limited, eToro (UK) Ltd, Uphold Europe Limited, Wintermute Trading LTD, Rubicon Digital UK Limited and  DRW Global Markets Ltd

When we released Version 1 we noted that there were 37 firms Cryptoasset firms with Temporary Registration.  You will see 39 on the previous list, but two of those firms were in fact registered - thus there seemed to be a timing issue of the records at the FCA. Regardless, some of the 37 achieved FCA registration in 2022 and others have dropped of the current list.  Revolut Ltd, as of today, is the only firm listed on the Temporary Registration list and it was listed on December 2021 list too.  Interestingly, in addition to a cryptoasset registration, the Revolut group hasn't achieved the obtaining of its much talked about bank authorisation in the UK either.  ​

We are looking forward to seeing how many more will be registered before the end of the year.
This post also appears at:
  • Fintech UK: https://fintechuk.com/fintech-uk-news/uk-registered-cryptoasset-map-version-20-monday-18th-july-2021 
  • LinkedIN: https://www.linkedin.com/posts/peteroakes_fintechuk-crypto-digitalasset-activity-6954800838179491840-lCjM?utm_source=linkedin_share&utm_medium=member_desktop_web
0 Comments
Read More
Back to Blog

Crypto firm Celsius Network files for Bankruptcy; meanwhile Central Bank says tech can't save us from risk

14/7/2022

 
Picture
Any surprises here?

In the same week that Bank of England, Deputy Governor for Financial Stability (John Cunliffe) said “Financial assets with no intrinsic value … are only worth what the next buyer will pay. They are therefore inherently volatile, very vulnerable to sentiment and prone to collapse,” we learn of yet another crypto firm filing for bankruptcy and the protection it affords.. 

Put another way: technology can’t remove all financial risks. 

Celsius Network, one of the world’s largest cryptocurrency lenders, filed for bankruptcy, following a wave of digital asset companies that have frozen assets and entered restructuring amid a sharp sell-off in cryptocurrencies thus far in 2022. 

Its business model was simple old-fashioned lending. Celsius took in customer deposits and lent out the funds at higher interest rates, making a profit from the difference. There is nothing innovative here, just as there is nothing innovative about Buy-Now-Pay-Later (laybuy on an app). In both cases it is simply technology putting a new spin on an old play. 

To lure investors, Celsius offered high-interest rates and claimed its risks were small. Yet according to a Financial Times investigation, Celsius took on increased financial risks in recent months as demand for loans from institutional investors waned. This is classic behaviour by financial firms when they finally see the writing on the wall. 

What do we learn from the filing? 

  • Chapter 11 bankruptcy filing comes roughly a month after it froze customer assets, trapping billions of dollars across more than a million accounts.
  • it listed between $1bn - $10bn in assets, the same amount in liabilities
  •  100,000 creditors
  • filing will be an “opportunity to stabilise its business” and undergo a restructuring “that maximises value for all stakeholders”.
  • had it not restricted withdrawals there would have been a run on its deposits operating on a first come, first served basis, leaving others with illiquid and less certain claims. 

A rather ironic outcome of the Celsius failure is that Alvarez & Marsal, a consultancy best known for unwinding failed investment bank Lehman Brothers after the 2008 financial crisis, is Celsius’s restructuring adviser.

Cunliffe is also reported saying "Cryptocurrencies may not be “integrated enough” into the rest of the financial system to be an “immediate systemic risk,” but he suspects the boundaries between the crypto world and the traditional financial system will “increasingly become blurred.”.

Now Celsius is not alone. We have also seen the implosion of a highly leveraged crypto hedge fund, Three Arrows Capital, which filed for bankruptcy in July 2022 too. Crypto lender Voyager Digital also filed for bankruptcy recently while other companies narrowly averted a similar fate by taking in emergency cash at fire sale prices.  BlockFi agreed to a rescue deal with crypto trading exchange FTX on July 1 that valued the lender at up to $240mn, far below an earlier valuation of $4bn.

What about investors?

I don't mean the customers but the backers. Celsius’s failure is poised to leave venture capital backers nursing large losses. In late 2021, it raised $750mn from WestCap and Quebec-based pension fund Caisse de dépôt et placement du Québec at a valuation of more than $3bn. Ouch - especially for current and future retirees of the pension fund. Did they sign up their money for such illiquid investments?

Further Reading:
  • https://www.ft.com/content/8d6dee7d-2cc9-4663-a0a2-e469686baca5
  • ​https://www.cnbc.com/2022/07/13/tech-cant-remove-all-financial-risks-crypto-regulation-needed-boe-.html
0 Comments
Read More
Back to Blog

Virtual Asset Service Provider applicants told to improve the quality of their applications and AML/CTF frameworks and knowledge by Central Bank of Ireland

11/7/2022

 
Picture
“All current and potential VASP applicants should review the content of the bulletin and take actions to rectify weaknesses, as relevant. Firms undertaking VASP activities are also reminded that a failure to register may result in significant criminal and/or administrative sanctions." Central Bank of Ireland
If you need assistance with your Virtual Asset Service Provider registration application, or other regulatory authorisation application such as emoney, payment services or MiFID, get in touch with Peter Oakes at CompliReg by CLICKING HERE.

Read more about the Virtual Asset Service Provider registration, emoney authorisation, payment institution authorisation and MiFID authorisation CLICK HERE.
Today (Monday 11 July 2022) the Central Bank of Ireland issued a press release highlighting weaknesses in Virtual Asset Service Providers’ (VASP) AML/CFT Frameworks.

As of today, according to the Central Bank's website, the total number of VASPs registered in Ireland is ZERO.  See image below.
Picture
Question: If there are no firms appearing on the register, does that mean that there are no VASPs operating lawfully in Ireland?  

Answer: No.  VASPs established in Ireland and carrying on business as a VASP immediately prior to the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021  coming into force, who applied to the Central Bank for registration before 23 July 2021 are permitted to continue to offer VASP services pending the outcome of their application ('transitional period'). 

While we have heard stories of firms operating as VASPs in Ireland in circumstances where they do not fall under the transitional period, such firms should be subject - if they came to the attention of the Central Bank -  to criminal and/or regulatory investigation.
​Accompanying today's press release is a bulletin in relation to Virtual Asset Service Providers (VASPs), seeking to assist applicant firms to strengthen both their applications for registration and their Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) Frameworks.

The Central Bank says 
while it seeks to anticipate and support innovation in the financial services industry, firms operating in novel areas must ensure their businesses will not be used to launder the proceeds of crime or to finance terrorism.  The Central Bank issued the bulletin to VASPs to assist them in strengthening their applications and frameworks.
Picture
Background: Since 23 April 2021, VASPs are required to comply with the relevant AML/CFT obligations under the Criminal Justice Act 2010 to 2021. Any firm wishing to conduct business as a VASP must apply to the Central Bank for registration. The Central Bank says it is currently progressing the assessment of registration applications, and has provided feedback to 90% of applicants on their proposed AML/CFT frameworks.

Findings: The Central Bank identified, in the vast majority of applications:
  • a lack of understanding and compliance with key AML/CFT obligations; and
  • significant control weaknesses.

See below for further details on the Central Bank's 'findings' observations.
​
The Central Bank reported that the lack of compliance, coupled with control weaknesses, resulted in a significant number of the applicant firms not being able to demonstrate that they could meet their AML/CFT obligations.

Actions: The Central Bank has reconfirmed that it will only register a firm when it is satisfied that the firm can meet its AML/CFT obligations on an ongoing basis. It has said that all current and potential VASP applicants should:
  • take actions to rectify weaknesses;
  • review the bulletin; and
  • be aware that if they fail to register they may face significant criminal and/or administrative sanctions.

The Central Bank also too the opportunity to remind that:
  • VASPs are supervised by it for AML/CFT purposes only, and that consumers do not enjoy the Central Bank’s consumer protection mandate in their dealings with VASPs.
  • as with all other supervised financial institutions, registered VASPs will be subject to a supervisory levy which will be driven by the level of resources applied to their supervision.

​Key Central Bank observations on registrations received and assessed to date

Incomplete Applications: A number of registration applications did not contain the required information and documentation and consequently such applications did not progress to the assessment phase.
  • some firms had submitted policies but no accompanying procedures.
  • a number of firms submitted a copy of the firm's internal risk register in place of a documented risk assessment.
  • majority of firms that did not progress to the assessment phase had not availed of the pre-application meeting and/or had not given consideration to the guidance documents issued by the Central Bank.

Assessment Phase: In undertaking its assessment of registration applications, the Central Bank noted recurring fundamental issues preventing approving of registration applications as the applicants could not meet their AML/CFT legislative obligations or the Central Bank’s expectations. The Central Bank communicated its concerns and expectations to the applicants for further consideration.

The Central Bank helpfully provided a couple of pages in its bulletin (pages 4 - 6) giving an overview of recurring issues identified during the assessment of VASP registration applications.  These are repeated below.

Money Laundering and Terrorist Financing (ML/TF) Risk Assessment: An effective AML/CFT control framework is built on an appropriate ML/TF risk assessment that focuses on the specific ML/TF risks arising from the firm’s business model. This risk assessment should drive the firm’s AML/CFT control framework such that it ensures there are robust controls in place to mitigate and manage the specific risks identified through the risk assessment. The Central Bank identified a significant number of issues with the ML/TF risk assessments conducted by VASP applicant firms, including: 
  • A number of firms had not assessed or documented the ML/TF risks as they pertain to the firm’s customers and business activities. The Central Bank expects a Risk Assessment to be specific to the firm and the specific risks that pertain to that firm’s activities and customers. 
  • Several VASP applicant firms did not document the inherent ML/TF risks that pertain to the firm or document how, after assessing the effectiveness/strength of the firm’s control environment, the firm had determined the residual risk rating for each of the risk factors as set out in the CJA 2010 to 2021.
  • A number of firms did not consider relevant information in the National Risk Assessment, CJA 2010 to 2021 and/or guidance on risk issued by the Central Bank, when documenting the firm’s risk assessment. This included consideration of inherent risk factors, such as Nature, Scale, Complexity, Geographical Risk, Products and Services risk, etc.

Policies and Procedures: When developing AML/CFT policies, controls and procedures (“AML/CFT P&Ps”), firms should maintain a detailed documented suite of AML/CFT P&Ps, which are:
  • supplemented by guidance
  • accurately reflect operational practices; and
  • fully demonstrate consideration of and compliance with all legal and regulatory requirements. 

The Central Bank identified a number of recurring issues with the AML/CFT P&Ps submitted by applicant firms including; 
  • Several firms submitted AML/CFT P&Ps that did not meet the Irish legislative and regulatory requirements, in many instance referring to legislative frameworks in other jurisdictions where parent/group entities are situated. Where firms rely on group policies and procedures, these must be sufficiently detailed, applicable to the Irish entity that is applying for VASP registration and meet the Irish legislative and regulatory requirements.
  • The Central Bank received several registration applications that included the firm’s policies but failed to include the firm’s procedures that document how the firm meet their legislative obligations. As detailed in the application guidance, applicant firms are required to submit AML/CFT P&P relating to Customer Due Diligence (“CDD”), Transaction Monitoring, Suspicious Transaction Reporting, Financial Sanctions, Record Keeping, Training and Assurance Testing

Customer Due Diligence (“CDD”): 
CDD involves more than just verifying the identity of a customer. Firms should collect and assess all relevant information in order to ensure that the firm:
  • Knows its customers, persons purporting to act on behalf of customers and their beneficial owners, where applicable;
  • Knows if its customer is a Politically Exposed Person (“PEP”)
  • Understands the purpose of the account and therefore understands the expected activity; and;
  • Is alert to any potential ML/TF risks arising from the relationship.

The Central Bank identified a number of recurring issues with the CDD AML/CFT P&Ps submitted by applicant firms including;
  • A number of applicant firms failed to demonstrate compliance with the legislative obligation to obtain information reasonably warranted by the ML/TF risk on the purpose and intended nature of the business relationship with a customer prior to the establishment of the relationship.
  • The Central Bank received several registration applications where the firm failed to demonstrate how screening is conducted for PEPs for both new and existing customers. A number of firms also failed to document how PEP customers are managed including documenting requirement for Senior Management approval, the application of Enhanced Due Diligence (“EDD”) measures to PEPs and enhanced on-going monitoring measures.
  • Several firms failed to document policies and procedures relating to the refresh of CDD documentation.

Financial Sanctions Screening: The Central Bank’s expectation is that firms have an effective screening system in place, appropriate to the nature, size and risk of their business. In addition to this, firms should have clear escalation procedures in place to be followed in the event of a positive match.
  • Several firms failed to document the frequency of Financial Sanctions screening, how the firm screens (including what, if any, software is used) and also the steps the firm would take in the case of a Financial Sanctions hit.

Outsourcing: A firm can outsource certain AML/CFT Functions, but are reminded that the firm remains ultimately responsible for compliance with its obligations under CJA 2010 to 2021. It is expected that, where firms outsource AML/CFT functions, a documented agreement is in place that clearly defines the obligations of the outsource service provider. Firms should also evidence that sufficient oversight is conducted on the outsourced activity.

A number of VASP applicant firms outsource certain AML/CFT functions to group-related parties and/or non-group related parties.
  • Several firms did not include their policies around outsourcing or submit their service level agreements
  • In addition to this, several firms have failed to demonstrate sufficient oversight of the outsourced activities or failed to evidence that appropriate regular assurance testing of the outsourced activities takes place.

Individual Questionnaires for proposed Pre-Approval Controlled Function role holders:
A number of firms have failed to or delayed in submitting Individual Questionnaires (IQs) for each of their proposed Pre-Approval Controlled Function (PCF) role holders. IQs should be submitted for each individual proposed to hold a PCF role as soon as practical.

The Central Bank’s expectation on a firm’s presence in Ireland.
In line with the principle of territoriality enshrined in the EU AML Directives and Section 25 of the CJA 2010 to 2021, the Central Bank expects a physical presence located in Ireland and for there to be at least one employee in a senior management role located physically in Ireland, to act as the contact person for engagement with the Central Bank. In addition, in accordance with Section 106 H of the CJA 2010 to 20212 , the Central Bank may refuse an application where the applicant is so structured, or the business of the applicant is so organised, that the applicant is not capable of being regulated to the satisfaction of the Central Bank. 

Further Reading: ​Press Release - Central Bank highlights weaknesses in Virtual Asset Service Providers’ AML/CFT Frameworks 11 July 2022 
0 Comments
Read More
Back to Blog

Largest Fine Ever Imposed by Irish Central Bank

23/6/2022

 
Picture

AIB fined €83.3mn and EBS fined €13,4mn

Just shy of €100mn, a total amount of fines of €96.7mn, were imposed by the Central Bank of Ireland against AIB and EBS for regulatory breaches affecting tracker mortgage customers.

In the case of:
  • AIB  - reprimanded and fined €83,300,000 pursuant to the Central Bank's Administrative Sanctions Procedure (“ASP”) for a series of significant and long-running failings in the treatment of its tracker mortgage customers holding 10,015 mortgage accounts between August 2004 and March 2022. AIB has admitted to 57 separate regulatory breaches.
  • EBS - reprimanded and fined €13,400,000, pursuant to its ASP for a series of significant and long-running failings in the treatment of its tracker mortgage customers, holding 2,830 mortgage accounts, between August 2004 and June 2020. EBS has admitted to 36 separate regulatory breaches.

Both fines are net of of a settlement discount procedure scheme, otherwise AIB's fine would have stood at €119,000,000 and EBS's fine at €19,143,000.

The Central Bank’s Director of Enforcement and Anti-Money Laundering, Seána Cunningham said:
  • AIB - “The Central Bank has imposed a significant fine on AIB in respect of serious and long running failings in meeting its obligations to its tracker mortgage customers. The consequences of AIB’s prolonged failings were serious and included significant financial strain and distress for those affected and their families. 
  • EBS - “The Central Bank has imposed a significant fine on EBS in respect of serious and long running failings in meeting its obligations to its tracker mortgage customers. Mortgage lending is the core of EBS’s business, yet this investigation identified serious deficiencies in EBS’s mortgage services and systems. These deficiencies meant that EBS did not comply with its obligations to customers and many customers lost their tracker product/interest rate margin as a result, and were overcharged for sustained periods of time

CBI Enforcement Publicity Statements:
  • AIB
  • EBS
  • Press Release
0 Comments
Read More
Back to Blog

'Wow' Factor argued by Central Bank of Ireland in a rare Irish Insider Dealing case

1/5/2022

 
Picture
Not often, in fact exceptionally rare, that there is news of insider dealing cases being brought in Ireland. But that is a topic for another day.
​
For today (1 May 2022), a Panel of Assessors has, according to reports in both the Sunday Business Post and The Sunday Times [see links #1 & #2 below] concluded that Philip Lynch had indeed traded on insider information, but that there were mitigating factors in the case.

The independent and expert panel concluded that Mr Lynch should receive a public caution, a penalty of €75,000; a disqualification for five years from being involved in any financial services provider; and that he should pay the Central Bank’s legal costs of €37,500. It is reported that Mr Lynch — who has been chief executive of two publicly listed companies in Ireland, One51 and IAWS — has accepted this outcome as punishment for contravening market abuse regulations while he was a director of C&C, which makes Bulmers cider.

The case relates to a ten plus year investigation / inquiry into Mr Lynch buying 200,000 shares in C&C in 2008, when it was searching for a new chief executive. John Dunsmore, who was previously the chief executive of Scottish & Newcastle, became CEO in November 2008.  The news sent shares in the company up over 26 per cent to €1.45. [see link #3 below] 

Last week, the Central Bank lodged High Court proceedings against the businessman as part of the enforcement process of its findings.  The Central Bank issued its finding on December 22 last year and told Mr Lynch it would apply to the High Court to confirm the sanctions.  The case is  listed for hearing on the advance warning list under Ms Justice Mary Irvine on 23 May 2022 according to court records.

Before the Panel of Assessor, the Central Bank had argued that Lynch ought to face a penalty of between €250,000 and €500,000, a public reprimand, and a period of disqualification for five years, because it argued the infringement was within the moderately serious range. The Central Bank's enforcement division argued that it was “beyond a reasonable doubt” that Mr Lynch was in possession of “inside information” when he bought shares in C&C on October 21, 2008. He was aware Dunsmore’s appointment would provide a “wow” factor in relation to the company’s share price.

Lynch’s lawyers argued the sanctions were disproportionate, saying while he was aware of negotiations with Dunsmore, he was not certain of his appointment when buying the shares. His lawyers argued that there was no possibility of him making a short-term gain due to a one-year embargo on directors selling shares.

Back in 2013 C&C was fined € 90,000 by the Central Bank for failing to keep up-to-date records on its “insider” list, the second time the financial regulator has taken action against a non-financial services firm. Between January 2nd, 2008 and January 29th, 2009, the Dublin- and London-listed firm was found to be in breach of the insider list requirements of the Market Abuse Directive. It failed to “regularly and promptly” update its insider list with the identity of people working for C&C who had access to inside information. It also failed to state on the list the date of each and every occasion on which it was updated. [see link #4].

If you are interested in reading about insider dealing case history in Ireland, although it is seven years old, see link #5, 'Lose lips and share flips'. 

Links below to source material:


  1. https://www.businesspost.ie/legal/central-bank-finds-philip-lynch-engaged-in-insider-trading-at-cc-ba308779
  2. https://www.thetimes.co.uk/article/ex-c-amp-c-director-hit-by-landmark-insider-deal-fine-5npwnz7qc
  3. https://www.irishtimes.com/business/markets/market-news/c-c-fined-90-000-by-financial-regulator-1.1254196
  4. https://www.irishtimes.com/news/c-c-shares-rise-as-dunsmore-appointed-ceo-1.831402​ 
  5.  https://www.independent.ie/business/loose-lips-and-share-flips-31118325.htmll 
0 Comments
Read More
Back to Blog

Central Bank reviews identify issues in marketing of complex investment products

22/4/2022

 
Picture
CompliReg is a leading provider of consultancy services to MiFID, Payments and Emoney firms.  Our founder, Peter Oakes is an independent non-executive director of two Central Bank regulated MiFID firms, an emoney firm and a payments firm.  Peter is a member of the Audit, Risk, Nomination, Remuneration and Internal Audit Committees of a number of firms. Read more about Peter's NED services and CompliReg's services.
If below post on the marketing of complex investment products is of interest, then you should also look at our post of 1 December 2021 on the Central Bank's review findings on firms providing investment services.  The Central Bank's found that there is a  need to improve suitability assessments.

​Central Bank reviews identify issues in marketing of complex investment products

Central Bank reviews identify issues in marketing of complex investment products
  • Retail investment market shifting towards increasingly complex products.
  • Review identified a number of poor practices and weaknesses in firms, which increase risks to investors.
  • Firms required to take specific actions to ensure investors are protected.
 
The Central Bank of Ireland has written to MiFID investment firms, outlining the findings from a series of targeted reviews of Structured Retail Products (SRPs). These reviews examined SRPs manufactured and distributed by investment firms in the MiFID investment sector. A number of areas were identified where further action is needed by firms to ensure their governance and oversight of SRPs keeps pace with an increasingly complex retail investment market, so that investors are appropriately protected.
 
The reviews found a number of poor practices and weaknesses in firms’ processes, which increase risks to investors. This includes failure by firms to consider potential difficulties investors may have in understanding the complex features involved in some SRPs; failing to present past performance information in a fair and balanced manner; and not including prominent capital at risk warnings in marketing materials.
 
Director of Consumer Protection, Colm Kincaid, said: “The retail investment market is changing rapidly, with an increasing shift away from traditional, capital protected products to more complex, capital at risk products. As complexity increases, so too do the risks to investors and the responsibilities regulated firms have to protect those investors’ best interests. Our recently published Outlook Report highlighted a number of risks for consumers from changing business practices and ineffective disclosures on investment products, as well as what we expect regulated firms to do to deal with those risks. The work we are publishing today builds on that Report.
 
“We carried out these reviews because we want to see that regulated firms meet high standards in how they design, manufacture and distribute complex investment products to retail investors. In particular, we want to see that complex investment products are designed with real investment needs in mind, that they are targeted only at investors with those needs and that the risks are properly explained. We are requiring firms to take action to improve their performance on each of these fronts, as well as highlighting good practices which we want to see emulated across the sector.”
 
The letter requires regulated firms to take action to identify a sufficiently granular target market for SRPs and to drive improvements in the quality and transparency of disclosures to investors of the risks relating to these products. In particular:

  • Given the increasingly complex nature of SRPs, it is essential that the assessment of the target market is done in a proportionate manner, one that considers the nature and complexity of the product. The more complex the SRP, the more onerous and granular the target market assessment must be.
  • Where complex features are proposed, firms must consider if they are appropriate for the retail market and whether they are likely to be understood by the target market. The approval of the use of such features should be subject to robust governance and challenge to ensure they are justified and in clients’ best interests and this should be clearly documented.
  • Where past performance (back-testing) information is presented, it must be fair and balanced, supported by clear narrative and context, and must not diminish the potential likelihood of capital loss. Care must be taken to avoid presenting an overly-optimistic or unbalanced picture of the likely investor outcomes.
  • Capital at Risk warnings must be in a prominent location in all marketing communications and advertisements.
  • In the case of complex products such as SRPs, special care is needed when designing and presenting marketing information to ensure that individual statements, as well as the tone and overall content when read together, remains clear, fair and not misleading. In particular, care must be taken to avoid presenting an overly-optimistic or unbalanced picture of the likely investor outcomes.
  • The risk that a product may be restructured must be disclosed to clients prior to sale.
 
The Central Bank expects firms to adhere to high standards of investor protection, acting in the best interests of investors at all times.  We continue to monitor developments in the retail investment market, and the findings of these reviews and the expectations set out in today’s letter will be considered as part of future supervisory engagements.
 
ENDS
Notes to Editors
  • The Markets in Financial Instruments Directive (MiFID II) governs the provision of investment services in financial instruments. It applies to investment firms, wealth managers, broker dealers, product manufacturers, and credit institutions authorised to carry out MiFID activities.
  • MiFID II Regulation 32(1)  requires firms that manufacture financial instruments to ensure those instruments are designed to meet the needs of an identified target market of end clients.
  • MiFID II Regulation 32(3) requires firms to ensure that all information addressed to clients is fair, clear and not misleading.
  • MiFID II Regulation 32(6) requires firms to ensure that information on financial instruments includes appropriate warnings of the risks associated with investing in those instruments.
  • MiFID II Commission Delegated Regulation Article 48 (1) requires that, where providing clients with information about financial instruments, firms should include information regarding the functioning and performance in different market conditions, including both positive and negative conditions.

Source: Central Bank of Ireland, 22 April 2022
0 Comments
Read More
Back to Blog

First Irish Funds to invest in CRYPTOASSETS

15/4/2022

 
Picture
This blog by Peter Oakes, Founder of Fintech Ireland and CompliReg.  Peter qualified as a lawyer in Australia, the UK and Ireland.  He is a director of a number of regulated innovative fintech and adviser to fintech and crypto firms and their professional service providers. Contact him here and follow him on Linkedin and Twitter (Fintech Ireland Twitter). 

A summary of this material appears at Linkedin here 
The first Irish regulated funds to take exposure to crypto-assets have been approved by the Central Bank of Ireland (CBI).

The funds, both Qualifying Investor AIFs (QIAIF), will obtain indirect exposure to Bitcoin, by acquiring cash-settled Bitcoin Futures traded on the Chicago Mercantile Exchange (CME). Before you get too excited looking to by some of the digital asset via the QIAIFs note that this channel of exposure is RESTRICTED TO PROFESSIONAL INVESTORS. [NB: As recently as March 2022 the the Central Bank has issued a warning on the risks of investing in crypto assets].  We have provided further details about the regulatory crypto investing landscape in Ireland under 'Further Reading' below.
 
Last month the CBI informed industry bodies that it had approved in principle at least one QIAIF with a low level of exposure to cash settled Bitcoin futures traded on the CME.
 
The two unnamed QIAIFs are the first type of such funds to provide indirect crypto exposure and approved by the CBI.
 
If you want your existing QIAIFs or you wish to establish a new QIAIF to obtain exposure to crypto assets, get in touch (details above).  I am asked on a regular basis by institutional investors and professional investors how they can get exposure to cryptocurrencies and other digitalassets via regulated products. Unless you are able to gain direct exposure via a virtual asset service provider (VASP), the Irish QIAIF model (non-UCITS) might be your avenue. Note however that the CBI has said it is highly unlikely to approve a UCITS proposing any exposure (either direct or indirect) to crypto assets. Thus retail investors wanting crypto exposure in Ireland need to turn to VASPs/Exchanges direct.

Through Fintech Ireland, CompliReg and the industry experts network, we know the lawyers, ManCos and depositories / custodians who can assist institutional/professional firms and funds promoters looking to gain exposure to the crypto markets.  Further, if you are seeking a registration as a virtual service asset provider or authorisation as a MiFID, emoney institution or payments institution to provide services to  institutional, professional and retail clients, check out our Authorisation Page.

Further reading:
  • ID1145 - Central Bank of Ireland 44th Edition (20 December 2021) of the Central Bank AIFMD Q&A

​Question. Can a RIAIF or a QIAIF invest either directly or indirectly in crypto-assets?

Answer. Crypto-assets are generally considered to be private digital assets that depend primarily on cryptography and distributed ledger or similar technology. However, the nature and characteristics of crypto-assets vary considerably. For example, crypto-assets that are tokenised traditional assets (whose value is linked to an underlying traditional asset or a pool of traditional assets (such as financial instruments or commodities)) may have a different risk profile when compared to other crypto-assets that are based on an intangible or non-traditional underlying. For the purposes of this Q&A “crypto-asset” is used to refer to the latter type of crypto-asset. The Central Bank must be satisfied that direct or indirect exposure to crypto-assets is capable of being appropriately risk managed. As of the date of publication of this Q&A, the Central Bank has not seen information which would satisfy it that direct or indirect exposure to crypto-assets is capable of being appropriately risk managed. Though crypto-assets do not all have uniform characteristics, the Central Bank has noted that they can present significant risks, including liquidity risk; credit risk; market risk; operational risk (including fraud and cyber risks); money laundering / terrorist financing risk; and legal and reputation risks. Taking into account the specific risks attached to crypto-assets and the potential that retail investors will not be able to appropriately assess the risks of making an investment in a fund which gives such exposures, the Central Bank is highly unlikely to approve a RIAIF proposing any exposure (either direct or indirect) to crypto assets. In the case of a QIAIF seeking to gain exposure to crypto-assets, the relevant QIAIF would need to make a submission to the Central Bank outlining how the risks associated with such exposures could be managed effectively by the AIFM. The Central Bank’s approach in relation to crypto-assets will be kept under review, continue to be informed by European regulatory discussions on the topic and may change should new information or developments emerge in the future
. 
​

  • ​​ID 1100  - Central Bank of Ireland 36th edition (20 December 2021) of the Central Bank UCITS Q&A

​Question.  Can a UCITS invest either directly or indirectly in crypto-assets?

Answer. Crypto-assets are generally considered to be private digital assets that depend primarily on cryptography and distributed ledger or similar technology. However, the nature and characteristics of crypto-assets vary considerably. For example, crypto-assets that are tokenised traditional assets (whose value is linked to an underlying traditional asset or a pool of traditional assets (such as financial instruments or commodities)) may have a different risk profile when compared to other crypto-assets that are based on an intangible or non-traditional underlying. For the purposes of this Q&A “crypto-asset” is used to refer to the latter type of crypto-asset. The Central Bank must be satisfied that assets in which a UCITS invests are capable of meeting the eligible asset criteria for UCITS and that indirect exposure to the assets is capable of being appropriately risk managed. As of the date of publication of this Q&A, the Central Bank has not seen information which would satisfy it that crypto-assets are capable of meeting the eligible asset criteria for UCITS or that indirect exposure to crypto-assets is capable of being appropriately risk managed. Though crypto-assets do not all have uniform characteristics, the Central Bank has noted that they can present significant risks, including liquidity risk; credit risk; market risk; operational risk (including fraud and cyber risks); money laundering / terrorist financing risk; and legal and reputation risks. Taking into account the specific risks attached to crypto-assets and the potential that retail investors will not be able to appropriately assess the risks of making an investment in a fund which gives such exposures, the Central Bank is highly unlikely to approve a UCITS proposing any exposure (either direct or indirect) to crypto assets. The Central Bank’s approach in relation to crypto-assets will be kept under review, continue to be informed by European regulatory discussions on the topic and may change should new information or developments emerge in the future. 


  • Central Bank of Ireland Warning (22 March 2022)
The Central Bank again emphasised that crypto assets are highly risky and speculative, and may not be suitable for retail customers. In particular people need to be alert to the risks of misleading advertisements, particularly on social media, where influencers are being paid to advertise crypto assets.  The Central Bank has published a plain English explainer for consumers on cryptocurrencies.

  • European Supervisory Authorities (EBA, ESMA and EIOPA Warning (17 March 2022)
The ESAs warned consumers that many crypto-assets are highly risky and speculative. The ESAs set out key steps consumers can take to ensure they make informed decisions.
0 Comments
Read More
<<Previous
Forward>>
© CompliReg.com   Dublin 2, Ireland  ph +353 1 639 2971 
|  www.complireg.com  |  officeATcomplireg.com [replace AT with @]

Picture
Photo from Got Credit