​We appreciate when people and companies use the information we produce. Thank you.  What we ask is that when doing so, you ensure that we are credited in a prominent part of your post or visual (not in a comment or at the end of the post). 

​Yesterday we blogged about the release by Fintech Ireland of its Regulated Fintechs (EMoney, Payments & AISPs) in EEA Visual (repeated below).  That Visual presented the top 10 EEA jurisdictions for regulated payment services as at 30 September 2025 and comprised of authorised emoney institutions, authorised payments institutions and registered account information services providers (but not CASPs/VASPs).

In yesterday's post we promised to publish more information including data on the number of crypto-asset service providers authorised in the EU (& EEA) and also a combination of the two datasets to give a clear picture of the Top 10 EU Jurisdictions for the licensing of these innovative firms.

Firstly, here is a reminder of yesterday's Visual to set the context:

From the Visual above we see that the top 10 jurisdictions for Regulated Fintech (being authorised emoney, authorised payments and registered AISPs) are: Lithuania (106), France (102), Germany (94), The Netherlands (88), Spain (80), Sweden (78), Malta (58), Ireland (57), Poland (56) and Italy (55).

You can find yesterday's blog here and the associated Linkedin Post here.

The total number of authorised crypto-asset services providers in the EU (and the EEA) is 64 as at 29 September 2025 spread across 12 member states. The eagle-eyed amongst you may note that ESMA's register contains 65 entries.  However on closer inspection, when one looks at the data recorded for German CASPs, one will note the name and LEI of one entity being repeated (i.e. Crypto Finance (Deutschland) GmbH). When stripped out that means that Germany (BaFIN) has authorised 19 entities as CASPs (not 20). 

In the next Visual immediately below one will see the EU (and EEA) jurisdictions where a CASP is authorised. Germany sets the pace with 19 CASP authorisations and is immediately followed by The Netherlands with 14.  These two countries are the only ones where there are more than 10 CASPs authorised and they represent more than 50% of total authorised CASPs. Thereafter we have France with 7, Malta with 6 and 3 each in Spain, Cyprus Luxembourg and Finland.  The final 4 countries making up list are Ireland and Austria with 2 CASPs each and Lithuania and Slovenia with 1 each.  

Since the last time we examined the number of authorised CASPs in the EU - back on 1 April - the number of authorisations reported to ESMA by NCAs increased 400% (albeit from a low base 😉 ). And Ireland authorised two CASPs in that period - both being entities within the Kraken crypto group (not a duplication!).

A special blog is needed to examine the present position in Lithuania.  Lithuania is home to literally hundreds of virtual asset services providers (VASPs). Is it not thus surprising that only one CASP has been authorised in Lithuania despite a massive VASP base?

​If we combined the number of CASP authorisations with Payments authorisations (i.e. authorised emoney, authorised payments and AISP registrations) we land at the following table.

​From the table above, by combining both payments and CASPs into one dataset produces a new Top 10 of EU Jurisdictions. 

Germany comes out as the clear leader with a combined number of 113.  Lithuania, which is in No. 1 for payments & emoney drops to 3rd place with a combined tally of 107.  France comes in at No. 2 with 109. The larger number of authorised CASPs in Germany and France, 19 and 7 respectively, far exceeding the single CASP authorisation in Lithuania. The Netherlands has also accelerated its authorisation of CASPs, hitting 15 such authorisations bringing its combined total up to 103. Spain and Sweden come in at 5th and 6th place with 83 and 78 respectively. As we head down the chart, we find that Malta continues to cement its place as a leading fintech hub with a combined total of 64.  Since the last time we examined in detail ESMA's CASP authorisation data back on 1 April 2025, Malta has only increased by (net) one authorisation. After Malta we find Ireland in 8th place at 59, then Poland with 56 in  9th place and closing the Top 10 with a respectable figure of 55 is Italy.  You probably noted that Sweden, Poland and Italy make-up the Top 10 without a single CASP between them.

In the past 6 months (from 1 April to 30 September 2025) ESMA's records of authorised CASPs jumped 400% from 16 to 64.  Back on 1 April the only countries that had notified ESMA of having authorised a CASP were Malta, the Netherlands, Cyprus, Luxembourg, Spain and Germany.  In the past 6 months the following countries commenced authorising CASPs France, Lithuania, Ireland, Finland, Austria, Slovenia. As we head closer to the end of transitional periods in Europe through which VASPs seek to become authorised CASPs, we should expect to see dozens of new CASPs being authorised in Europe.

​If you found this information useful, you know what to do.  Please go visit the Likedin Post and like the post, reshare the post and/or comment.

​​

• Sign up to our Newsletter here.
• Need assistance with an emoney or payments authorisation or an account information service provider or virtual asset services provider registration application, check out Fintech Ireland and CompliReg's handy authorisation guides at https://fintechireland.com/fintech-authorisations.html. 

We appreciate when people and companies use the information we produce. Thank you.  What we ask is that when doing so, you ensure that we are credited in a prominent part of your post or visual (not in a comment or at the end of the post). 

​Introduction
Fintech Ireland is delighted to present the top ten EEA for regulated payment services (“Regulated Fintech”) as at 30 September 2025. To be more specific, this definition captures authorised emoney institutions, authorised payments institutions and registered account information services providers (but not CASPs/VASPs).  Over the coming days we will be releasing more data on fintech authorisations/licences in the EEA, but for today we concentrate on the traditional payment services market.

We like to thank CompliReg a leading provider of advice to firms seeking emoney, payments and MiCAR authorisations for helping pull this information together.  Its extensive experience working across Europe and the UK is a big help in finding people to discuss our reports before they are released.  Read the full blog at https://complireg.com/blogs--insights.html

The last occasion we looked at the top 10 Regulated Fintechs was back on the 1 April this year.  It was very interesting to look at developments in the EEA market over the past six months.  What we have seen is static growth - just a 1% increase from 1,169 in April to 1,181 in September.  The net difference of 12 Regulated Fintechs comprises of a net increase of 3 x emoney, 12 x payments and decrease of 3 x AISPs.  This leaves us with 337 authorised emoney firms, 747 authorised payments firms and 97 registered AISPs.

Who makes up the top 10?
The top 10 jurisdictions based on the number of Regulated Fintech in order are: Lithuania (106), France (102), Germany (94), The Netherlands (88), Spain (80), Sweden (78), Malta (58), Ireland (57), Poland (56) and Italy (55). 

These countries comprise circa 65.5% of the total number of Regulated Fintechs in the EEA.
While the countries comprising the top 10 remains the same, the rankings within the 10 has changed. Lithuania, France and Germany stay at #1, #2 and #3 respectively.  The Netherlands has leapfrogged Spain taking the #4 position.  The biggest mover within the top 10 is Malta, which rose from #10 position to #7.  If you are reading this post and saying to yourself that you know you read of certain countries announcing new authorisations/registrations in the past 6 months, don’t forget that some firms also have their authorisations revoked or voluntarily withdrawn.  Without analysing too much detail, one reason why Poland slipped from 7th to 9th is because of the large number of AISPs which were de-registered there in the past half year.

Is there any threat to the current status quo of the Top 10?
Sitting outside the top 10 and not quite within striking distance are Finland #11 (44), Cyprus #12 (41), Norway #13 (38), Belgium #14 (37) and in equal 15th both Czech Republic and Denmark with 33 each.
We like to thank CompliReg a leading provider of advice to firms seeking emoney, payments and MiCAR authorisations for helping pull this information together and our friends at our Family of Fintech Nations for supporting this initiative (FintechLithuania.com, FrenchFintech.com, NetherlandsFintech.com, FintechEspana.com, FintechMalta.com, FintechIreland.com, FintechCyprus.com, FintechLatvia.com.  No doubt over the coming days each of these will promote their own jurisdictions based on this report and again when we release some new MiCAR Authorisation facts and figures.

If you found this useful, you know what to do.  Please go https://www.linkedin.com/posts/peteroakes_fintech-micar-activity-7379541156264566784-mdPy and like the post, reshare the post and/or comment.

The spread of emoney versus payments institutions
Of Lithuania’s total of 106 Regulated Fintechs 70% (71) comprises emoney firms, with 32 payments firms and just 3 AISPs.  In the past 6 months Lithuania’s population of emoney firms and payments firms has decreased by (net) 3 and 1 respectively.  Meanwhile France’s bevy of Regulated Fintechs is skewered towards payments institutions.  These make up 67% (68) of its total of 102.  While Lithuania has the largest number of emoney firms authorised, Germany has the largest number of payments firms at 83, representing 88% of its total of 94.

It is difficult to see the logic of why there is a somewhat less evenness of the emoney and payments firm split across all member states.  There appears to be a lack of consistency across the EEA on defining when a company should be an emoney firm versus a payments firms.

Malta
Malta certainly stands out as a jurisdiction growing its Regulated Fintech base.  It now sits at position #7.  Yet while jumping three places from number 10 in the past 6 months it did so by merely increasing the number of net emoney firms from 34 to 37 – that’s right, by authorising 3 firms.   When one throws in the number of MiCAR authorised firms into the definition of ‘Regulated Fintech’ expect to see Malta reach far loftier heights.  Fintech Malta is working on a new Map for issue shortly. See www.FintechMalta.com and check out the event planned for 23 October 2025!

Cyprus
Cyprus saw a net increase of one firm.  Fintech Cyprus is working on a new Map for issue shortly. www.FintechCyprus.com

The Netherlands
The Netherlands increase the number of Regulated Fintech by a net increase of 4 x emoney firms and 5 payments firms. Its website will be updated shortly with its first Fintech Map.  Keep an eye on it.  www.NetherlandsFintech.com

Luxembourg
Luxembourg’s overall net number of Regulated Fintech stayed steady 25.  However it has commenced to authorise crypto-asset service providers.  It is updating it Fintech Luxembourg Map, so keep an eye on www.FintechLuxembourg.com

Ireland
Ireland has arguably been viewed as one of the toughest jurisdictions within the EEA to obtain a fintech licence. Its regulator makes no apology for that and is arguably concerned about regulatory arbitrage across the EEA and in the past a race to the bottom by certain Member States in their approach to authorisations. Fintech Ireland recently released its Map of 88 fintechs which have a licence in Ireland.  That Map includes emoney, payments, crowdfunding, VASPs and CASPs.  Find that Map at https://fintechireland.com/news-insights/irelands-central-bank-has-issued-88-fintechs-licences-new-map-released-thanks-to-compliregcom.  And don’t forget Fintech Ireland is hosting its 2nd Annual Fintech Ireland Summit on Thursday 27th November 2025.  It is a great opportunity for the indigenous and international fintechs to gather under one roof. Get your tickets at www.fintechirelandsummit.com

Seven participants of the Central Bank of Ireland’s Innovation Sandbox Programme on ‘Combatting Financial Crime’ are:


1) AMLYZE is building an AML/CFT information-sharing framework that will use structured taxonomies and synthetic data to simplify detecting and preventing fraudulent activities.
​
2) Expleo Group has developed an anti-SMS fraud solution which installs on mobile phones to combat SMS fraud.

3) Forward Emphasis and Pasabi’s joint innovation will develop and test a Motor Insurance Application Fraud Analytics solution, leveraging AI-driven behavioural analytics, machine learning, and pattern recognition to detect fraud in the pre-sales process.

4) Roseman Labs enables secure, GDPR-compliant collaboration and analysis on sensitive data for regulated industries.

5) Sedicii (hello Rob Leslie) and PTSB Sedicii has partnered with PTSB to create a secure and private collaboration using zero knowledge proofs to verify names and addresses, in real-time, as part of their customer KYC process, using ESB Networks as the authority for address data in Ireland in full compliance with GDPR and which involves no sharing of personal data.

6) TrustElevate.com offers a privacy-preserving solution for verifying parental responsibility and child age.

7) Vidos.Id is developing digital identity verification solutions to help financial institutions verify digital identity documents and wallet-based credentials.

There are many familiar names here and a couple we hadn't encountered at www.moneylaundering.ie and www.fintechireland.com. Since this all very serious hashtag#regtech, we better dust off the www.regtechireland.com website!

All the best to the cohort.

First posted here

Combatting Financial Crime Theme

The theme of the Innovation Sandbox Programme is:
“Combatting Financial Crime – Through the use of innovative technology, foster and develop innovative solutions that minimise fraud, enhance KYC/AML/CFT frameworks, and improve day-to-day transaction security for consumers.”

The programme will encourage collaboration across the ecosystem to support the fight against financial crime. Programme outputs will include inter alia the documentation and sharing of learnings in fraud prevention and detection. The programme also aims to facilitate the development of new ventures and new business models that solve challenges identified in this sandbox theme and facilitate the faster and safer deployment of substantially new technologies, products, or services.

The Sandbox Programme framework comprises:

• A structured programme of workshops
  Each month participants will engage in workshops on specific topics relevant to the theme of Combatting Financial Crime. The topics will be relevant to participants and tailored to their needs and requirements as much as possible.
  
  
• Ongoing bespoke engagement with dedicated Sandbox Relationship Managers
  Each participant will engage regularly with their dedicated Sandbox Relationship Manager, who will act as their point of contact to oversee and coordinate participation throughout the programme. The Sandbox Relationship Manager will also liaise with a broad range of Central Bank teams – from across the pillars of Consumer and Investor Protection, Financial Regulation, and Monetary and Financial Stability – to provide regulatory advice and support as required.
  
  
• Access to Data Platform
  Each participant can avail of access to a Data Platform offering data sets and tools relevant to the theme of Combatting Financial Crime. This will allow participants to test and develop their innovation.

The methodology and delivery of this programme will be subject to continual assessment and impact review.

Read more here

Linkedin Post:  

Three weeks ago our Peter Oakes posted the news that Mary-Elizabeth McMunn (formerly Director of Banking, Payments and Credit Unions) at the Central Bank of Ireland was appointed, effective 1 January 2025, as Deputy Governor Financial Regulation at the Central Bank.  This followed news that now former Deputy Governor, Sharon Donnery, had accepted appointment by the European Central Bank to be its representative of the Supervisory Board.

Over the past few weeks various bits and pieces of news about other moves within the Central Bank executive team has dripped into the media.  As at the start of January 2025 we now have official confirmation of those movements.  These are:

• Colm Kincaid becomes Director of Enforcement. Colm was previously Director of Consumer Protection.
• Seána Cunningham becomes Director of Insurance. Seána was previously Director of Enforcement & AML Supervision*
• Gerry Cross, becomes Director of Capital Markets & Funds. Gerry was previously Director of Financial Regulation, Policy & Risk.
• Domhnall Cullinan becomes Director of Banking & Payments. Domhnall was previously Director of Insurance.
• Patricia Dunne becomes Director of Horizontal Supervision*. Patricia was previously Director of Securities & Markets Supervision.
• Adrian Varley becomes Director of Supervisory Risk, Analytics & Data*.  Adrian was previously Director of Prudential Analysis & Inspections.

​
* See below for details of changes to Directorates

In addition to the points raised above arising from the changes to the operating structure at the Central Bank of Ireland, it is worth noting/amplifying that:

• Consumer Protection and AML Supervision have not disappeared.  They have been embedded into relevant sectoral teams across the Central Bank of Ireland's functions.
• while the name 'Credit Unions' is no longer shows in the name of the Banking & Payments Directorate, there is no change to its activities or prominence with the new operating model.
• there is no identification about where the new Fitness and Probity Unit will sit within the Central Bank.  This new unit was announced on 19 December 2024 
• Governance & Operational Resilience Resilience moves to the Horizontal Supervision Directorate from the former Prudential Analysis & Inspections Directorate
• Supervisory Risk & Horizontal moves to the Horizontal Supervision Directorate from the former Financial Regulation - Policy & Risk Directorate.
• 'Enforcement Investigations' is renamed 'Regulatory Investigations' and 'Enforcement Activity' is now replaced by Enforcement Market Abuse & Oversight.
• dropping of word 'Supervision' from the names of the Banking & Payments and Insurance Directorates.

Sources / Further reading:

1. Great to read the news that Mary-Elizabeth McMunn currently Director of Banking, Payments and Credit Unions at the Central Bank of Ireland has been appointed, effective 1 January 2025, as Deputy Governor Financial Regulation at the Central Bank (11 December 2024) - https://www.linkedin.com/posts/peteroakes_deputy-governor-financial-regulation-appointment-activity-7272670698152636417-LyRg?utm_source=share&utm_medium=member_desktop
2. Deputy Governor Financial Regulation Appointment (11 December 2024) - https://www.centralbank.ie/news/article/deputy-governor-financial-regulation-appointment-press-release
3. Transforming Regulation and Supervision - https://www.centralbank.ie/regulation/transforming-regulation-and-supervision
4. Central Bank establishes dedicated Fitness and Probity Unit (19 December 2024) - https://complireg.com/blogs--insights/central-bank-of-ireland-establishes-dedicated-fitness-and-probity-unit
5. Central Bank decision to disband consumer protection unit fuels fears customers will be weakened (7 September 2024) - https://www.independent.ie/business/personal-finance/central-bank-decision-to-disband-consumer-protection-unit-fuels-fears-customers-will-be-weakened/a964031703.html 
6. Central Bank of Ireland: Firms will hear ‘one consistent voice’ following model change (18 November 2024) - https://www.businesspost.ie/news/central-bank-of-ireland-firms-will-hear-one-consistent-voice-following-model-change/

Repeat of News Release:

The Central Bank of Ireland has today (Thursday 19 December 2024) announced the establishment of a dedicated Fitness and Probity Unit.

The fitness and probity regime is a critical element of financial regulation; protecting the public interest by ensuring that people who work in key positions in a financial firm are competent and capable, honest, ethical and of integrity and financially sound.  Since 2020 the Central Bank of Ireland has approved appointments to more than 11,000 roles under the regime.

Speaking today, Governor of the Central Bank of Ireland Gabriel Makhlouf said: “The Enria report, published in July 2024, identified several key areas for improvement in our operation of the fitness and probity regime.  We accepted the findings of the report and have used them as a basis for implementing reforms to enhance the regime’s overall effectiveness. We also committed to implementing the reforms as early as possible and before end 2024.

“Today’s announcement of the establishment of our new dedicated Fitness and Probity Unit within the Bank is a key element of this programme of reform. 

“However, we recognise that this is only a first step towards delivering a fitness and probity gatekeeping process aligned with the spirit and approach of the report.  As such, work will continue in implementing and delivering a regime which supports supervisory judgement, while delivering robust, fair and transparent processes.

“The new unit will be staffed from within our existing complement by experienced regulators from across the Bank."

“Our strategic plan committed to transforming our approach to regulation and supervision – this process is ongoing and our new operating structure, including the dedicated fitness and probity team, will be in place from the start of the new year.”

​Source: https://www.centralbank.ie/news/article/central-bank-establishes-dedicated-fitness-and-probity-unit 

The Independent Review of the Fitness and Probity Regime by Mr Andrea Enria, the former Chair of ECB Supervisory Board has been published by the Central Bank of Ireland. 
 
Speaking for the Central Bank of Ireland, its Governor (Gabriel Makhlouf) has confirmed that all of the recommendations in the review are accepted by the regulator. One of the immediate actions arising from the recommendations is the creation of a new unit to bring together F&P activities that are currently dispersed across the Central Bank.

Those who called for an external decision making process should note the following view of Andrea Enria: "To externalise the decision making process would therefore likely not serve the objective of ensuring decisions are made in a more timely manner. This suggests that an appropriate balance is found, including elements of independent challenge within the structures of the Central Bank" at page 50.

Copy of the Review here
Extract of the Recommendations here

A summary of the 12 Recommendations appearing at Appendix 1, page 79 onwards, are as follows: 

Recommendation 1 – Fostering industry role in gatekeeping
- guidance should clearly outline the key, proportionate expectations of the Central Bank as regards the process that a regulated entity engages in prior to submitting an application for a PCF approval 
a) due diligence/screening
b) background checks
c) documentation and record keeping  
d) on-going monitoring


Recommendation 2 – Clear fitness and probity standards
-  recommendations made in following areas to further enhance the effectiveness of the fitness and probity standards and guidance issued by the Central Bank 
a) accessibility of the F&P standards 
b) enhance the F&P Standards
c) regularly review and update standards: establish a process for regularly reviewing and updating F&P standards
d) holistic consideration of complementary powers 


Recommendation 3 - Governance 
a) establishment of an F&P gatekeeping unit with responsibility for the entire gatekeeping process
b) enhanced implementation of a risk-based approach for F&P gatekeeping, with a reconsideration of the overall number of PCF roles and a possible adjustment in the approach to different sectors including to the funds sector, which is the largest contributor in terms of applications


Recommendation 4 – Decision making 
a) legal advice on any PCF Gatekeeper applications should only be provided by the in-house Legal Division. 
b) Minded to Refuse Letters to include a draft decision including and address all relevant concerns, relevant law and issues along with written responses to any arguments raised by the applicant 
c) a significant decisions committee would be established within the Central Bank
d) the Chair of the committee should have authority to decide upon composition based on the features of the underlying case  
e) legal advice at the decision making stage should only be provided by the General Counsel to the Central Bank


Recommendation 5 – Communication and IT platform 
a) the Central Bank should organise an annual information session open to both firms and potential candidates
b) ad hoc workshops should be organised to obtain feedback from firms on the functioning of the Online Portal for applications and other possible improvements


Recommendation 6 – Interview stage
a) interview notification 
b) duration of the interview
c) setting of interviews and comments on minutes (further, the setting for the interviews should remain conversational, rather than adversarial)
d) the Central Bank should adopt as a principle that it will provide feedback in all cases where an interview has been conducted


Recommendation 7 – Efficiency of interview process 
- two recommendations (a) recommended that “meet and greet” type interviews should not form part of the F&P gatekeeping process; and (b) the Central Bank should aim to conduct a single comprehensive interview to reduces potential for unnecessary duplication, such as conducting an initial assessment interview followed by a specific interview, particularly when a specific issue is known in advance 

Recommendation 8 – Withdrawals/feedback
 - Central Bank should adopt as a principle that it will always provide feedback to both the regulated entity and the individual after an interview. It is further recommended that such feedback be provided also in cases where a withdrawal occurs 

Recommendation 9 – Management information
a) clear and comprehensive service standards - to promote transparency and avoid confusion, service standards should be clear, comprehensive and cover all relevant aspects of the process
b) time limits - the Central Bank should commit to a set timeframe within which it will have processed to conclusion all F&P applications
c) reporting - the Central Bank should enhance transparency by publishing standardised information, with appropriate breakdowns, on at least an annual basis
d) reporting - Data Points
e) reporting - Qualitative points: In providing the above information the Central Bank should have regard to the following qualitative points


Recommendation 10 – Quality assurance
- a robust quality assurance mechanisms should be set in place.  This work should be conducted by staff of the Central Bank with the oversight of an externally appointed risk advisor to the Central Bank 

Recommendation 11 – Complaints procedure 
-  complaints process should be established specifically for the F&P gatekeeping process

Recommendation 12 - Training 
- develop a comprehensive training programme for the F&P gatekeeping process; the process to be adopted including any risk framework overlay, conduct of interviews and provision of feedback 

Copy of the Review here
Extract of the Recommendations here

​Firms looking to get authorised in Ireland as a CASP or registered in near future as a VASP should note the following extracts from a speech today by Gerry Cross, Director for Financial Regulation, Policy and Risk at Blockchain Ireland's excellent event this week (see link at end of article) 

•  authorisation is a two way process. A successful process depends crucially on the preparation and approach of the applicant.

 

• key aspects of a successful application, include:

 

1. TRANSPARENCY: (a) firms should act in a fully transparent and open manner with respect to their proposed application; (b) if an applicant is applying in multiple EU jurisdictions for a MiCAR activity the CBI says the firm must disclose this in its application;
2. PREPARATION: (a) firms should prepare well and be appropriately resourced to engage with the CBI 'in a comprehensive and timely manner throughout the assessment process'; (b) preparation also means that firms understand the local regulatory environment.
3. SUPERVISIBILITY: authorised firms should operate with strong local autonomy and be accountable for all aspects of the local entity. Where we identify obstacles to firm’s meeting this expectation, they will not be authorised.
4. CONSUMER FOCUS: firms should ensure that securing customer interests is at the core of their business. This is particularly the case for retail facing business models. [and remember, a 'consumer' are not just people; it covers certain legal persons too].

Source: Technological innovation and financial regulation – a maturing relationship - Remarks by Gerry Cross, Director for Financial Regulation, Policy and Risk, Wednesday 29th May 2024

​Linkedin Post:  https://www.linkedin.com/posts/peteroakes_micar-virtualasset-activity-7201513163152834560-N6m7

Sign up to the Fintech Ireland Newsletter here.​
​

• Need assistance with an emoney or payments authorisation or an account information service provider or virtual asset services provider registration application, contact CompliReg.com at [email protected].
• Check out Fintech Ireland and CompliReg's handy authorisation guides at https://fintechireland.com/fintech-authorisations.html.  

This blog and others are joint efforts between Fintech Ireland and CompliReg.

​First Published Tuesday 9th April 2024

Before we dive into the detail contained in the new (issued 9 April 2024) "Central Bank Expectations for Authorisation as a Payment Institution or Electronic Money Institution, or Registration as an Account Information Service Provider", a couple of things to note:
​

1. the format, look and feel of the new webpage on the CBI's website;
2. the links from How We Regulate leading to the Authorisation Page, regardless if you clicked on Payments Institutions, Electronic Money Institutions, Small Electronic Money Institutions or Account Information Service Providers redirect you to the same page. That page ends in payment-authorisation.  Seems that from a pragmatic and practical stance, the CBI is getting ready for the merging of the e-money and payment services regimes under the current PSD3 legislative proposal;
3. although buried away at the bottom of the CBI's webpage, there is this very welcome statement about how long it may take to get authorised. "Experience suggests that it can take over 12 months for firms to provide all of the information necessary to enable a decision to be made" ;
4. each proposed Applicant must meet with the CBI before an Application is filed;
5. currently, there is no fee for submitting an Application (but there is of a course the separate Industry Funding Levy);
6. Dormancy Policy - the CBI's dormancy policy applies when an applicant has not provided an adequate response within 60 working days following the issuance of comments. A “Minded to Deem Withdrawn” letter is sent to the applicant after 50 working days of comments issued, notifying the applicant that it has 10 working days to provide all outstanding documentation or the application will be considered withdrawn. If the applicant does not respond within the 10 working days, a “Deemed Withdrawn” letter is sent and the application is not considered further by the CBI.

Interested in the Central Bank of Ireland's internal and often called 'opaque' fitness and probity assessment process? In which case take the time to read this decision (link below) by the Irish Financial Services Appeals Tribunal - an independent body - to which appeals lay from Central Bank decisions.
 
The Appeal involved a finding by the Central Bank that: "in its “opinion”, the Appellant was “unfit” to hold the two positions in question.". The Appellant, identified as AB, was applying for (as it was then) PCF2 (NED) and PCF3 (Chairman). While the identity of the Appellant is not made known, we know the person is male and he held "similar roles to those which he was applying for in Redhedge and other regulated entities in the same sector."

The crux of the order appears at para 325 on page 79 of the decision (here):

"We are unable to conclude that the decision reached was the correct and preferable decision. There were fundamental procedural flaws which were to be found at all three stages of the process. The Tribunal is satisfied that taken cumulatively – or even individually – the various procedures adopted by the Central Bank did not comply with the requirements of Constitutional and natural justice; including the necessity for fair notice; the duty to give reasons; and the observance of the principle of audi alterem partem." [[Latin for "hear the other side"]

The impugned decision was one which had serious legal consequences, where fundamental legal and constitutional principles had to be applied in the course of performing the statutory functions 

​The Central Bank called the Appellant to what is known as an “assessment interview” and then a “specific interview”. These made adverse findings. There followed a “minded to refuse” letter to the ultimate decision-maker. She largely confirmed these adverse findings and held the Respondent [i.e. the Central Bank] entitled to refuse the applications.
 
 
There is a lot here for the Central Bank to consider and take stock of. And hopefully it does.

​Summary of certain facts

In summary (all the below are direct quotes from decision**):

• the Tribunal finds that the Central Bank’s decision-making process was flawed.
• the Appellant was denied fair procedures at each stage of the process.
• the Appellant was not given full or fair notice of the issues which were intended to be explored.
• the identities of a number of bank officials who were involved in the decision-making process are redacted, although the Tribunal may not adopt this approach in future.
• the impugned decision was flawed as it was based on a flawed preliminary process, because it did not observe the principle of audi alterem partem [Latin for "hear the other side"], and because it did not give reasons, so as to comply with what was required in law. 
• [the Central Bank's decision maker] was reliant on the information which emerged from a previously flawed interview process. The procedural flaws identified in the first two stages of the process fed into the impugned decision.
• the flaws from the Assessment interview fed into and were reflected in this [specific] interview. While there was the appearance of fair procedure, there was an absence of its substance. 
• this Tribunal must find that the decision was, in law, “incorrect” and remit the matter to the Central Bank for reconsideration.
• at the assessment interview, there was an absence of fair notice sufficient to conclude that this part of the process fell below the standard of constitutional fairness. 
• it cannot be said the Central Bank’s submissions were fully correct on the powers of the Tribunal and the Central Bank’s obligations
• the impugned decision was one which had serious legal consequences, where fundamental legal and constitutional principles had to be applied in the course of performing the statutory functions. 

Costs:

• the Appellant should be entitled to his costs; such costs including each of the days of the hearing, for the submissions, pleadings and correspondence subsequent to the impugned decision and any legal costs of the proceedings which gave rise to this Appeal. However the Appellant for reasons noted above is awarded 50% of the costs of the directions hearing.
• the Appellant will be awarded one half of the costs of the directions hearings. 

 
** to ensure that you are aware of the context from which the above quotes are extracted, do read the decision for yourself.
 
A copy of the decision is located here

Linkedin Post here. Do check out the Linkedin page as it contains lots of additional information.

The Central Bank of Ireland issued a statement on its website saying:

• IFSAT found a number of issues in how the Central Bank handled this application [that is putting it very lightly]. 
  
• Accordingly, the Tribunal has returned the application to the Central Bank for reassessment.
  
• We will immediately conduct a reassessment of the application, in accordance with the Tribunal’s directions.
  
• The Central Bank has therefore decided to commission an independent review of the F&P approval process