Seven participants of the Central Bank of Ireland’s Innovation Sandbox Programme on ‘Combatting Financial Crime’ are:


1) AMLYZE is building an AML/CFT information-sharing framework that will use structured taxonomies and synthetic data to simplify detecting and preventing fraudulent activities.
​
2) Expleo Group has developed an anti-SMS fraud solution which installs on mobile phones to combat SMS fraud.

3) Forward Emphasis and Pasabi’s joint innovation will develop and test a Motor Insurance Application Fraud Analytics solution, leveraging AI-driven behavioural analytics, machine learning, and pattern recognition to detect fraud in the pre-sales process.

4) Roseman Labs enables secure, GDPR-compliant collaboration and analysis on sensitive data for regulated industries.

5) Sedicii (hello Rob Leslie) and PTSB Sedicii has partnered with PTSB to create a secure and private collaboration using zero knowledge proofs to verify names and addresses, in real-time, as part of their customer KYC process, using ESB Networks as the authority for address data in Ireland in full compliance with GDPR and which involves no sharing of personal data.

6) TrustElevate.com offers a privacy-preserving solution for verifying parental responsibility and child age.

7) Vidos.Id is developing digital identity verification solutions to help financial institutions verify digital identity documents and wallet-based credentials.

There are many familiar names here and a couple we hadn't encountered at www.moneylaundering.ie and www.fintechireland.com. Since this all very serious hashtag#regtech, we better dust off the www.regtechireland.com website!

All the best to the cohort.

First posted here

Combatting Financial Crime Theme

The theme of the Innovation Sandbox Programme is:
“Combatting Financial Crime – Through the use of innovative technology, foster and develop innovative solutions that minimise fraud, enhance KYC/AML/CFT frameworks, and improve day-to-day transaction security for consumers.”

The programme will encourage collaboration across the ecosystem to support the fight against financial crime. Programme outputs will include inter alia the documentation and sharing of learnings in fraud prevention and detection. The programme also aims to facilitate the development of new ventures and new business models that solve challenges identified in this sandbox theme and facilitate the faster and safer deployment of substantially new technologies, products, or services.

The Sandbox Programme framework comprises:

• A structured programme of workshops
  Each month participants will engage in workshops on specific topics relevant to the theme of Combatting Financial Crime. The topics will be relevant to participants and tailored to their needs and requirements as much as possible.
  
  
• Ongoing bespoke engagement with dedicated Sandbox Relationship Managers
  Each participant will engage regularly with their dedicated Sandbox Relationship Manager, who will act as their point of contact to oversee and coordinate participation throughout the programme. The Sandbox Relationship Manager will also liaise with a broad range of Central Bank teams – from across the pillars of Consumer and Investor Protection, Financial Regulation, and Monetary and Financial Stability – to provide regulatory advice and support as required.
  
  
• Access to Data Platform
  Each participant can avail of access to a Data Platform offering data sets and tools relevant to the theme of Combatting Financial Crime. This will allow participants to test and develop their innovation.

The methodology and delivery of this programme will be subject to continual assessment and impact review.

Read more here

Linkedin Post:  

Three weeks ago our Peter Oakes posted the news that Mary-Elizabeth McMunn (formerly Director of Banking, Payments and Credit Unions) at the Central Bank of Ireland was appointed, effective 1 January 2025, as Deputy Governor Financial Regulation at the Central Bank.  This followed news that now former Deputy Governor, Sharon Donnery, had accepted appointment by the European Central Bank to be its representative of the Supervisory Board.

Over the past few weeks various bits and pieces of news about other moves within the Central Bank executive team has dripped into the media.  As at the start of January 2025 we now have official confirmation of those movements.  These are:

• Colm Kincaid becomes Director of Enforcement. Colm was previously Director of Consumer Protection.
• Seána Cunningham becomes Director of Insurance. Seána was previously Director of Enforcement & AML Supervision*
• Gerry Cross, becomes Director of Capital Markets & Funds. Gerry was previously Director of Financial Regulation, Policy & Risk.
• Domhnall Cullinan becomes Director of Banking & Payments. Domhnall was previously Director of Insurance.
• Patricia Dunne becomes Director of Horizontal Supervision*. Patricia was previously Director of Securities & Markets Supervision.
• Adrian Varley becomes Director of Supervisory Risk, Analytics & Data*.  Adrian was previously Director of Prudential Analysis & Inspections.

​
* See below for details of changes to Directorates

In addition to the points raised above arising from the changes to the operating structure at the Central Bank of Ireland, it is worth noting/amplifying that:

• Consumer Protection and AML Supervision have not disappeared.  They have been embedded into relevant sectoral teams across the Central Bank of Ireland's functions.
• while the name 'Credit Unions' is no longer shows in the name of the Banking & Payments Directorate, there is no change to its activities or prominence with the new operating model.
• there is no identification about where the new Fitness and Probity Unit will sit within the Central Bank.  This new unit was announced on 19 December 2024 
• Governance & Operational Resilience Resilience moves to the Horizontal Supervision Directorate from the former Prudential Analysis & Inspections Directorate
• Supervisory Risk & Horizontal moves to the Horizontal Supervision Directorate from the former Financial Regulation - Policy & Risk Directorate.
• 'Enforcement Investigations' is renamed 'Regulatory Investigations' and 'Enforcement Activity' is now replaced by Enforcement Market Abuse & Oversight.
• dropping of word 'Supervision' from the names of the Banking & Payments and Insurance Directorates.

Sources / Further reading:

1. Great to read the news that Mary-Elizabeth McMunn currently Director of Banking, Payments and Credit Unions at the Central Bank of Ireland has been appointed, effective 1 January 2025, as Deputy Governor Financial Regulation at the Central Bank (11 December 2024) - https://www.linkedin.com/posts/peteroakes_deputy-governor-financial-regulation-appointment-activity-7272670698152636417-LyRg?utm_source=share&utm_medium=member_desktop
2. Deputy Governor Financial Regulation Appointment (11 December 2024) - https://www.centralbank.ie/news/article/deputy-governor-financial-regulation-appointment-press-release
3. Transforming Regulation and Supervision - https://www.centralbank.ie/regulation/transforming-regulation-and-supervision
4. Central Bank establishes dedicated Fitness and Probity Unit (19 December 2024) - https://complireg.com/blogs--insights/central-bank-of-ireland-establishes-dedicated-fitness-and-probity-unit
5. Central Bank decision to disband consumer protection unit fuels fears customers will be weakened (7 September 2024) - https://www.independent.ie/business/personal-finance/central-bank-decision-to-disband-consumer-protection-unit-fuels-fears-customers-will-be-weakened/a964031703.html 
6. Central Bank of Ireland: Firms will hear ‘one consistent voice’ following model change (18 November 2024) - https://www.businesspost.ie/news/central-bank-of-ireland-firms-will-hear-one-consistent-voice-following-model-change/

Repeat of News Release:

The Central Bank of Ireland has today (Thursday 19 December 2024) announced the establishment of a dedicated Fitness and Probity Unit.

The fitness and probity regime is a critical element of financial regulation; protecting the public interest by ensuring that people who work in key positions in a financial firm are competent and capable, honest, ethical and of integrity and financially sound.  Since 2020 the Central Bank of Ireland has approved appointments to more than 11,000 roles under the regime.

Speaking today, Governor of the Central Bank of Ireland Gabriel Makhlouf said: “The Enria report, published in July 2024, identified several key areas for improvement in our operation of the fitness and probity regime.  We accepted the findings of the report and have used them as a basis for implementing reforms to enhance the regime’s overall effectiveness. We also committed to implementing the reforms as early as possible and before end 2024.

“Today’s announcement of the establishment of our new dedicated Fitness and Probity Unit within the Bank is a key element of this programme of reform. 

“However, we recognise that this is only a first step towards delivering a fitness and probity gatekeeping process aligned with the spirit and approach of the report.  As such, work will continue in implementing and delivering a regime which supports supervisory judgement, while delivering robust, fair and transparent processes.

“The new unit will be staffed from within our existing complement by experienced regulators from across the Bank."

“Our strategic plan committed to transforming our approach to regulation and supervision – this process is ongoing and our new operating structure, including the dedicated fitness and probity team, will be in place from the start of the new year.”

​Source: https://www.centralbank.ie/news/article/central-bank-establishes-dedicated-fitness-and-probity-unit 

The Independent Review of the Fitness and Probity Regime by Mr Andrea Enria, the former Chair of ECB Supervisory Board has been published by the Central Bank of Ireland. 
 
Speaking for the Central Bank of Ireland, its Governor (Gabriel Makhlouf) has confirmed that all of the recommendations in the review are accepted by the regulator. One of the immediate actions arising from the recommendations is the creation of a new unit to bring together F&P activities that are currently dispersed across the Central Bank.

Those who called for an external decision making process should note the following view of Andrea Enria: "To externalise the decision making process would therefore likely not serve the objective of ensuring decisions are made in a more timely manner. This suggests that an appropriate balance is found, including elements of independent challenge within the structures of the Central Bank" at page 50.

Copy of the Review here
Extract of the Recommendations here

A summary of the 12 Recommendations appearing at Appendix 1, page 79 onwards, are as follows: 

Recommendation 1 – Fostering industry role in gatekeeping
- guidance should clearly outline the key, proportionate expectations of the Central Bank as regards the process that a regulated entity engages in prior to submitting an application for a PCF approval 
a) due diligence/screening
b) background checks
c) documentation and record keeping  
d) on-going monitoring


Recommendation 2 – Clear fitness and probity standards
-  recommendations made in following areas to further enhance the effectiveness of the fitness and probity standards and guidance issued by the Central Bank 
a) accessibility of the F&P standards 
b) enhance the F&P Standards
c) regularly review and update standards: establish a process for regularly reviewing and updating F&P standards
d) holistic consideration of complementary powers 


Recommendation 3 - Governance 
a) establishment of an F&P gatekeeping unit with responsibility for the entire gatekeeping process
b) enhanced implementation of a risk-based approach for F&P gatekeeping, with a reconsideration of the overall number of PCF roles and a possible adjustment in the approach to different sectors including to the funds sector, which is the largest contributor in terms of applications


Recommendation 4 – Decision making 
a) legal advice on any PCF Gatekeeper applications should only be provided by the in-house Legal Division. 
b) Minded to Refuse Letters to include a draft decision including and address all relevant concerns, relevant law and issues along with written responses to any arguments raised by the applicant 
c) a significant decisions committee would be established within the Central Bank
d) the Chair of the committee should have authority to decide upon composition based on the features of the underlying case  
e) legal advice at the decision making stage should only be provided by the General Counsel to the Central Bank


Recommendation 5 – Communication and IT platform 
a) the Central Bank should organise an annual information session open to both firms and potential candidates
b) ad hoc workshops should be organised to obtain feedback from firms on the functioning of the Online Portal for applications and other possible improvements


Recommendation 6 – Interview stage
a) interview notification 
b) duration of the interview
c) setting of interviews and comments on minutes (further, the setting for the interviews should remain conversational, rather than adversarial)
d) the Central Bank should adopt as a principle that it will provide feedback in all cases where an interview has been conducted


Recommendation 7 – Efficiency of interview process 
- two recommendations (a) recommended that “meet and greet” type interviews should not form part of the F&P gatekeeping process; and (b) the Central Bank should aim to conduct a single comprehensive interview to reduces potential for unnecessary duplication, such as conducting an initial assessment interview followed by a specific interview, particularly when a specific issue is known in advance 

Recommendation 8 – Withdrawals/feedback
 - Central Bank should adopt as a principle that it will always provide feedback to both the regulated entity and the individual after an interview. It is further recommended that such feedback be provided also in cases where a withdrawal occurs 

Recommendation 9 – Management information
a) clear and comprehensive service standards - to promote transparency and avoid confusion, service standards should be clear, comprehensive and cover all relevant aspects of the process
b) time limits - the Central Bank should commit to a set timeframe within which it will have processed to conclusion all F&P applications
c) reporting - the Central Bank should enhance transparency by publishing standardised information, with appropriate breakdowns, on at least an annual basis
d) reporting - Data Points
e) reporting - Qualitative points: In providing the above information the Central Bank should have regard to the following qualitative points


Recommendation 10 – Quality assurance
- a robust quality assurance mechanisms should be set in place.  This work should be conducted by staff of the Central Bank with the oversight of an externally appointed risk advisor to the Central Bank 

Recommendation 11 – Complaints procedure 
-  complaints process should be established specifically for the F&P gatekeeping process

Recommendation 12 - Training 
- develop a comprehensive training programme for the F&P gatekeeping process; the process to be adopted including any risk framework overlay, conduct of interviews and provision of feedback 

Copy of the Review here
Extract of the Recommendations here

​Firms looking to get authorised in Ireland as a CASP or registered in near future as a VASP should note the following extracts from a speech today by Gerry Cross, Director for Financial Regulation, Policy and Risk at Blockchain Ireland's excellent event this week (see link at end of article) 

•  authorisation is a two way process. A successful process depends crucially on the preparation and approach of the applicant.

 

• key aspects of a successful application, include:

 

1. TRANSPARENCY: (a) firms should act in a fully transparent and open manner with respect to their proposed application; (b) if an applicant is applying in multiple EU jurisdictions for a MiCAR activity the CBI says the firm must disclose this in its application;
2. PREPARATION: (a) firms should prepare well and be appropriately resourced to engage with the CBI 'in a comprehensive and timely manner throughout the assessment process'; (b) preparation also means that firms understand the local regulatory environment.
3. SUPERVISIBILITY: authorised firms should operate with strong local autonomy and be accountable for all aspects of the local entity. Where we identify obstacles to firm’s meeting this expectation, they will not be authorised.
4. CONSUMER FOCUS: firms should ensure that securing customer interests is at the core of their business. This is particularly the case for retail facing business models. [and remember, a 'consumer' are not just people; it covers certain legal persons too].

Source: Technological innovation and financial regulation – a maturing relationship - Remarks by Gerry Cross, Director for Financial Regulation, Policy and Risk, Wednesday 29th May 2024

​Linkedin Post:  https://www.linkedin.com/posts/peteroakes_micar-virtualasset-activity-7201513163152834560-N6m7

Sign up to the Fintech Ireland Newsletter here.​
​

• Need assistance with an emoney or payments authorisation or an account information service provider or virtual asset services provider registration application, contact CompliReg.com at [email protected].
• Check out Fintech Ireland and CompliReg's handy authorisation guides at https://fintechireland.com/fintech-authorisations.html.  

This blog and others are joint efforts between Fintech Ireland and CompliReg.

​First Published Tuesday 9th April 2024

Before we dive into the detail contained in the new (issued 9 April 2024) "Central Bank Expectations for Authorisation as a Payment Institution or Electronic Money Institution, or Registration as an Account Information Service Provider", a couple of things to note:
​

1. the format, look and feel of the new webpage on the CBI's website;
2. the links from How We Regulate leading to the Authorisation Page, regardless if you clicked on Payments Institutions, Electronic Money Institutions, Small Electronic Money Institutions or Account Information Service Providers redirect you to the same page. That page ends in payment-authorisation.  Seems that from a pragmatic and practical stance, the CBI is getting ready for the merging of the e-money and payment services regimes under the current PSD3 legislative proposal;
3. although buried away at the bottom of the CBI's webpage, there is this very welcome statement about how long it may take to get authorised. "Experience suggests that it can take over 12 months for firms to provide all of the information necessary to enable a decision to be made" ;
4. each proposed Applicant must meet with the CBI before an Application is filed;
5. currently, there is no fee for submitting an Application (but there is of a course the separate Industry Funding Levy);
6. Dormancy Policy - the CBI's dormancy policy applies when an applicant has not provided an adequate response within 60 working days following the issuance of comments. A “Minded to Deem Withdrawn” letter is sent to the applicant after 50 working days of comments issued, notifying the applicant that it has 10 working days to provide all outstanding documentation or the application will be considered withdrawn. If the applicant does not respond within the 10 working days, a “Deemed Withdrawn” letter is sent and the application is not considered further by the CBI.

Interested in the Central Bank of Ireland's internal and often called 'opaque' fitness and probity assessment process? In which case take the time to read this decision (link below) by the Irish Financial Services Appeals Tribunal - an independent body - to which appeals lay from Central Bank decisions.
 
The Appeal involved a finding by the Central Bank that: "in its “opinion”, the Appellant was “unfit” to hold the two positions in question.". The Appellant, identified as AB, was applying for (as it was then) PCF2 (NED) and PCF3 (Chairman). While the identity of the Appellant is not made known, we know the person is male and he held "similar roles to those which he was applying for in Redhedge and other regulated entities in the same sector."

The crux of the order appears at para 325 on page 79 of the decision (here):

"We are unable to conclude that the decision reached was the correct and preferable decision. There were fundamental procedural flaws which were to be found at all three stages of the process. The Tribunal is satisfied that taken cumulatively – or even individually – the various procedures adopted by the Central Bank did not comply with the requirements of Constitutional and natural justice; including the necessity for fair notice; the duty to give reasons; and the observance of the principle of audi alterem partem." [[Latin for "hear the other side"]

The impugned decision was one which had serious legal consequences, where fundamental legal and constitutional principles had to be applied in the course of performing the statutory functions 

​The Central Bank called the Appellant to what is known as an “assessment interview” and then a “specific interview”. These made adverse findings. There followed a “minded to refuse” letter to the ultimate decision-maker. She largely confirmed these adverse findings and held the Respondent [i.e. the Central Bank] entitled to refuse the applications.
 
 
There is a lot here for the Central Bank to consider and take stock of. And hopefully it does.

​Summary of certain facts

In summary (all the below are direct quotes from decision**):

• the Tribunal finds that the Central Bank’s decision-making process was flawed.
• the Appellant was denied fair procedures at each stage of the process.
• the Appellant was not given full or fair notice of the issues which were intended to be explored.
• the identities of a number of bank officials who were involved in the decision-making process are redacted, although the Tribunal may not adopt this approach in future.
• the impugned decision was flawed as it was based on a flawed preliminary process, because it did not observe the principle of audi alterem partem [Latin for "hear the other side"], and because it did not give reasons, so as to comply with what was required in law. 
• [the Central Bank's decision maker] was reliant on the information which emerged from a previously flawed interview process. The procedural flaws identified in the first two stages of the process fed into the impugned decision.
• the flaws from the Assessment interview fed into and were reflected in this [specific] interview. While there was the appearance of fair procedure, there was an absence of its substance. 
• this Tribunal must find that the decision was, in law, “incorrect” and remit the matter to the Central Bank for reconsideration.
• at the assessment interview, there was an absence of fair notice sufficient to conclude that this part of the process fell below the standard of constitutional fairness. 
• it cannot be said the Central Bank’s submissions were fully correct on the powers of the Tribunal and the Central Bank’s obligations
• the impugned decision was one which had serious legal consequences, where fundamental legal and constitutional principles had to be applied in the course of performing the statutory functions. 

Costs:

• the Appellant should be entitled to his costs; such costs including each of the days of the hearing, for the submissions, pleadings and correspondence subsequent to the impugned decision and any legal costs of the proceedings which gave rise to this Appeal. However the Appellant for reasons noted above is awarded 50% of the costs of the directions hearing.
• the Appellant will be awarded one half of the costs of the directions hearings. 

 
** to ensure that you are aware of the context from which the above quotes are extracted, do read the decision for yourself.
 
A copy of the decision is located here

Linkedin Post here. Do check out the Linkedin page as it contains lots of additional information.

The Central Bank of Ireland issued a statement on its website saying:

• IFSAT found a number of issues in how the Central Bank handled this application [that is putting it very lightly]. 
  
• Accordingly, the Tribunal has returned the application to the Central Bank for reassessment.
  
• We will immediately conduct a reassessment of the application, in accordance with the Tribunal’s directions.
  
• The Central Bank has therefore decided to commission an independent review of the F&P approval process

Of the many points made by ESMA in its letter, the following ones caught our eye.

 

1. NCAs (national competent authorities) need to establish as early as possible their supervisory procedures related to the authorisation regimes set out in the MiCA Regulation, including simplified authorisation procedures for entities already authorised to provide crypto-asset services under national law.
2. each Member State to designate without delay the NCAs responsible for carrying out the functions and duties provided for in the MiCA Regulation.
3. that NCAs are granted adequate powers and resources to exercise their supervisory, investigative and enforcement responsibilities.
4. ESMA is concerned that an extensive use of the grand-fathering clause for entities already providing crypto-asset services would weaken the effectiveness of the MiCA rulebook. This is because the clause may allow these entities to continue operating for up to 18 months in accordance with applicable national laws.

• Copy of ESMA 17 October 2023 letter - HERE
  
• Linkedin Post - HERE

Australia to regulate digital asset platforms

Regulating digital asset platforms - Australia
​
What is this about?
The Australian government intends to introduce a regulatory framework to address consumer harms in the crypto ecosystem while supporting innovation.

The introduction of a regulatory framework for entities providing access to digital assets and holding them for Australians and Australian businesses is an important step in the government’s approach to crypto reform in the Australian context.

The proposed regulatory framework would apply to digital asset platforms that present similar risks to entities that operate in the traditional financial system. It proposes to leverage the Australian financial services framework to regulate digital asset platforms to ensure consistent oversight and safeguards for consumers.

The government seeks views from interested parties on the proposed framework for regulating digital asset platforms. Specific consultation questions are outlined within the paper.

Responding
You can submit responses to this consultation up until 01 December 2023. Interested parties are invited to comment on this consultation.
While submissions may be lodged electronically or by post, electronic lodgement is preferred. For accessibility reasons, please submit responses sent via email in a Word or RTF format. An additional PDF version may also be submitted.


All information (including name and address details) contained in submissions will be made available to the public on the Treasury website unless you indicate that you would like all or part of your submission to remain in confidence. Automatically generated confidentiality statements in emails do not suffice for this purpose. Respondents who would like part of their submission to remain in confidence should provide this information marked as such in a separate attachment.

Legal requirements, such as those imposed by the Freedom of Information Act 1982, may affect the confidentiality of your submission.

Key Documents

• Proposal paper:  PDF Format - WORD Format 
• Factsheet:  PDF Format - WORD Format 

How To Respond

• Email - [email protected]

 

• Post - Address written submissions to:

Director, Crypto Policy Unit
Financial System Division
Treasury
Langton Cres
Parkes ACT 2600

Further Reading: https://treasury.gov.au/consultation/c2023-427004