The Central Bank of Ireland’s increased focus on payments and electronic money institutions.

Since the beginning of the year, several articles and speeches from the Central Bank of Ireland (CBI) have singled out the Payments Institutions (PI) and Electronic Money Institutions (EMI) sector as being of increased risk, with concerns that an operational or financial failure could cause a significantly impact the European Economic Area (EEA) financial system.

The payments and e-money sector operating out of Ireland has experienced significant growth over the last seven years. According to the CBI, the number of firms expanded from 14 to 51, with safeguarded funds increasing from €726m to €7,820m from 2016 to 2023. This is by far the fastest-growing sector supervised by the CBI over the period.

From a supervisory standpoint, it is evident that the CBI is increasingly troubled by the level of deficiencies uncovered during supervisory reviews in this sector. In its January 2023 "Dear CEO" letter, the CBI outlined five key areas of concern that require attention across the sector.

The combination of rapid growth and supervisory apprehension has prompted the CBI to raise its overall rating for the sector. In a letter to the Department of Finance, the CBI Governor underscored the potential systemic implications of a firm failure within this sector for the EEA.

To reinforce the point, the CBI Director of Banking, Payments and Credit Unions Supervision, Mary-Elizabeth McMunn, in her speech to the sector on 29 February 2024, highlighted that the messages over the last few years remain unchanged, indicating that there has not been sufficient improvement in supervisory experience in line with the sector’s growth.

By openly and publicly expressing their concerns, the CBI aims to convey a clear message to firms: that while the sector is expanding, the governance framework, systems, and controls have not kept pace with this growth. The CBI's reiteration of key points—safeguarding, operational matters, governance, financial crime, and business model resilience—coupled with a more assertive supervisory tone, reflects their impatience with the lack of progress.

Firms should expect robust and intrusive regulatory scrutiny in the foreseeable future. Firms with previous supervisory contact that has resulted in risk mitigation plans or have self-identified issues as part of the Safeguarding Review should expect these areas to be targeted in any future review. Failure to adequately address these concerns may prompt the CBI to adopt a more stringent approach, potentially involving enforcement actions.

There are several actions that firms should be doing now if they have not already done so:

  • Ensure that all previously identified issues have been addressed, with supporting documentation readily available.
  • Review all areas highlighted in recent CBI letters and speeches to ensure the firm can adequately respond to all the priorities if asked.
  • Ensure regulatory engagement with the CBI is open and transparent. As highlighted in the 29 February speech, firms should reach out to their supervisors if they are unclear or need clarity on any matters.
  • Cultivate a firm mindset and culture that prioritises regulation and consumer protection at the heart of its strategy.

In summary, it is clear that the payments and electronic money sector is now a key supervisory concern for the CBI. Significant growth in the sector, combined with supervisory deficiencies has created an uncomfortable environment where a firm failure could risk a systemic issue across the EEA. It is evident that the CBI is actively seeking to avoid this. As the language has hardened, firms should expect supervisory contact to be more robust and intrusive over the coming year with little sympathy from the CBI for a failure to meet their expectations.

Join our mailing list banner-Mazars in Ireland