1. (1) Minister for Finance launches National Payments Strategy and (2) Remarks by Deputy Governor Derville Rowland at launch of National Payments Strategy
1. Minister for Finance launches National Payments Strategy
On 15 October 2024, Minister for Finance, Jack Chambers, launched the National Payments Strategy for Ireland (“Strategy”). The Strategy is the culmination of extensive engagement with various stakeholders and a dedicated consultation on the issue.
The Strategy's ultimate aim is to keep the Irish market up-to-date with modern technologies in an emerging cashless society while also protecting traditional forms of payment still relied upon by members of the public.
Overview of Strategy
The Strategy is underpinned by four overarching principles as follows:
- Access and Choice – promoting reasonable options for consumers and small business;
- Security and Resilience – of the payments system and system operators;
- Innovation and Inclusion – future focus that enhances interoperability and inclusion; and
- Sustainability and Efficiency – solutions that have regard to cost and benefit and to the environment.
The Strategy builds upon the forgoing and sets out four vision statements as follows:
- Consumers in Ireland will be able to make use of the most modern features and functionality available for payments, while retaining options for those who prefer more traditional means of payment;
- The Irish payments ecosystem will evolve, as a result of proactive participation by market players, so that the Irish payments system will keep pace with the European payments market and offer a similar experience to Irish consumers;
- Irish consumers will have the utmost trust in the reliability of their payment methods, and will freely adopt new payment methods without fear of being defrauded; and
- By 2030, there will be greater transparency and understanding of the Irish payments landscape with insights into the trends and use of payments types.
The vision statements are further broken down into future outcomes to realise those vision statements. The future outcomes are presented across six chapters, with the actions necessary to achieve the future outcomes detailed, as follows:
Future Role of Cash
- All Government departments and bodies under their aegis are to accept electronic and cash payments or facilitate cash payments where a public body levies fines or fees or where it provides goods or services for a charge;
- All sectors must be aware of the forthcoming EU legal tender regulations and their obligations regarding mandatory cash acceptance (if applicable) as well as any necessary adjustments to comply with the regulation; and
- A comprehensive overview of the national cash cycle will guide policy decisions relating to cash and payments.
Resilience of Payments
- System-wide contingency arrangements to prepare for and manage disruptions to payment services;
- Central Bank of Ireland ("Central Bank") will have authority to ensure relevant firms leave the market; and
- User-friendly EU-certified digital identity wallet will be made available.
Payment Fraud
- Greater anti - fraud information sharing in the Irish banking sector;
- Illegal online content flagged by the financial services industry will be prioritised for review by online platforms;
- Consumers will be less vulnerable to fraud via telecommunications channels;
- Technology, financial services and telecommunications sectors and their respective regulators will cooperate more closely on combatting payment fraud; and
- Greater awareness of fraud / fraud prevention among Irish consumers.
Account-to-Account Payments
- At least one ‘pay by account’ solution as a convenient and trusted alternative to cards and cash will be available;
- Greater awareness of open banking and account-to-account services among Irish payment service providers;
The Future of Payments
- Greater awareness among stakeholders of best practices and areas of opportunity across the payment ecosystem regarding sustainability.
Data Collection, Analysis and Sharing
- Greater transparency and understanding of the Irish payments landscape with insights on trends and usage of payment types.
Speaking at the launch of the Strategy, Minister Jack Chambers stated that:
“To ensure the Irish economy benefits from the advantages of emerging technologies and payment methods, while also taking into account the need to ensure the continued availability of more traditional forms of payments, this Strategy sets out a vision for the future of payments in Ireland."
2. Launch of the National Payments Strategy – Remarks by Deputy Governor Derville Rowland
On 15 October 2024, Deputy Governor of the Central Bank, Derville Rowland delivered a speech at the launch of the Strategy. Deputy Governor Rowland endorsed the Strategy as helping the Irish market remain up to date with modern technologies and parallel to the rest of Europe as well as allowing for initiatives that would strengthen the security of retail payments.
Reflecting on the need for a variety of actions to be taken to ensure a successful future landscape for the Irish payments ecosystem, Deputy Governor Rowland highlighted the need for “cooperation in the advancement of Pay-by-Account solutions built upon the effective implementation of instant payments and Open Banking” and a “Research and Insights Programme” which the Strategy states will be led by the Central Bank for tracking the evolution of the Irish payments ecosystem.
The Deputy Governor also honed in on the issue of fraud. Despite the low level of payments fraud in Ireland, she acknowledged its damaging effect on the public especially with the rise of social engineering tactics deployed by fraudsters. She addressed the need for businesses to be proactive and innovative in the wake of fraudulent activity in the payments ecosystem. The Central Bank has engaged with a number of large tech firms such as Google throughout the year with a view to encouraging consumer protection. She specified Google’s announcement last week that they will introduce a verification process for financial services advertisers and stated that “an effective financial services verification policy is a key disruptive tool in the fight against online financial scams.”
She welcomed the establishment of the Anti - Fraud Forum under the Strategy noting its objective of seeking to enhance the formal cooperation between the financial sector, telecoms, and social media companies, whose networks and platforms are often utilised to propagate fraudulent activity.
2. Central Bank of Ireland updated its Strategy
The Central Bank of Ireland (“Central Bank”) recently reviewed the implementation of its five-year Strategy (2022 –2026) to ensure, at its half way point, that it remained valid and responsive to the changes taking place within the economy and financial system. In short, the Central Bank has confirmed that its strategic direction remains valid. However, on the back of this review it has refreshed its published Strategy, which it now explains is effective up to the end of 2027.
In his foreword to the updated Strategy, Governor Makhlouf explains that “for the most part, the structural drivers of change underpinning our strategic direction are developing as we anticipated in 2021, albeit, in some cases, more quickly and with greater intensity than we originally expected.”
The updated Strategy confirms the Central Bank’s commitment to the four themes set out in 2021:
- future-focused;
- open and engaged;
- transforming; and
- safeguarding.
Some wording changes have been made to the themes’ descriptions but nothing of significance. The Central Bank has also taken the opportunity to update each theme with a section on the Central Bank’s implementation of the Strategy to date.
The section on “Public Sector Human Rights and Equality Duty” has been removed from the original Strategy document. The Central Bank conducted an assessment of the equality and human rights issues relevant to its purpose and functions and has published a separate action plan on what it is doing to meet its Public Sector Human Rights and Equality Duty.
3. ESAs issues opinion on Commission’s rejection of ITS on the registers of information under DORA
On 15 October 2024, the European Supervisory Authorities (“ESAs”) issued an opinion (“Opinion”) on the European Commission’s (“Commission”) rejection of the draft implementing technical standards (“ITS”) on the registers of information under the Digital Operational Resilience Act (“DORA”). The registers of information relate to all contractual arrangements on the use of ICT services provided by ICT third - party service providers under Article 28(9) of DORA.
On 3 September 2024, the Commission notified ESMA that it rejects the ITS due to the proposed mandatory use of the legal entity identifier (“LEI”) to identify ICT third - party service providers, on the basis that the Commission considers it necessary to give financial entities the choice to identify their EU - registered ICT third - party service providers via the use of the LEI or the European Unique Identifier (“EUID”).
In the Opinion, the ESAs state that the introduction of the EUID will add unnecessary complexity and expense which could lead to negative impacts as to the implementation of DORA by financial entities, competent authorities and the ESAs. Some of the reasons grounding this contention are as follows:
- the LEI is already established for reporting in the financial sector for several years and the ESAs consider that the mandatory use of the LEI would bring efficiencies, achieving international convergence in the area of global cyber security and operational resilience. In addition, many types of financial entities within the scope of DORA are already familiar with, use and obtain LEIs for non - financial entities in the area of supervisory reporting;
- although the EUID is free of charge to all European companies, its introduction as an identifier for ICT third – party service providers would require previously not planned implementation and maintenance efforts and costs for the financial entities due to the changes in the register templates and the need to collect and provide additional information. The limitations on the access to and verification of the respective information by the financial entities and competent authorities is also relevant;
- financial entities, competent authorities and the ESAs will lose the benefit of existing synergies with other financial and prudential reporting, requiring additional work to ensure consistency with standards used for master data in other reporting frameworks. It will also require the carrying out of data quality checks;
- the data at the ESAs disposal will not be up – to – date due to the fact that the EUID reference data cannot be downloaded on a daily basis, unlike the LEI, resulting in the coexistence of two identifiers bringing additional complexity that would negatively impact the quality of data used, and risk delays in the designation of critical ICT third - party service providers by the ESAs.
Annex 1 to the Opinion provides more details on the use of identifiers in financial reporting. The annex also expands on the impacts the ESAs foresee due to the Commission’s proposed introduction of the EUID into the ITS on registers of information and the designation of critical ICT third-party service providers.
Additional amendments
In addition to the changes required to incorporate the EUID and the LEI, the ESAs state that further amendments are necessary with the aim of:
- ensuring as much consistency as possible in data modelling and reporting already in place for some of the types of financial entities under DORA, which also fall under the sectoral prudential regulation (prudential reporting). These changes would allow for greater consistency among the different types of existing sectoral reporting frameworks and would reduce the implementation efforts for the respective types of financial entities;
- reflecting the practical feedback received from financial entities participating in the voluntary dry run exercise on reporting of registers of information the ESAs have carried out. These changes are mostly focused on the reporting instructions, with a view to improving understanding by the financial entities through additional clarifications or simplifications; and
- reinstating important provisions clarifying some requirements. In particular, Recital 7 has been amended with new drafting to avoid misinterpretation of the initial meaning.
Next Steps
The ESAs call for maintaining simplicity and efficiency in using the LEI as a common identifier. In any event, the ESAs are urging the Commission to make a final decision and to adopt the draft ITS as quicky as possible especially in light of the fact that the ESAs will be designating critical third – party service providers in 2025. Finally, the ESAs call on financial entities to increase their implementation efforts in order to be ready to submit their registers of information to the competent authorities in the first half of 2025.
Survey on LEIs
Separately, on 18 October 2024, the European Securities and Markets Authority (“ESMA”) published a survey (“Survey”) on the use of LEIs. The Survey has been launched against the background of the Opinion issued by the ESAs, discussed above.
The Survey is targeted at financial market participants who will be subject to record keeping requirements under the regulation on markets in crypto - assets (“MiCA”) and financial entities in scope of DORA. The purpose of the Survey is to gather their preferences and information regarding their use of legal identifiers in transaction reporting and record keeping obligations.
4. MiCA Updates (1) ESMA issues opinion on amendments to MiCA RTS and (2) EBA issues decision on procedure for classifying ARTs and EMTs as significant under MiCA
1. ESMA issues opinion on amendments to MiCA RTS on authorisation of CASPs and notifications by financial entities to provide crypto – asset services
On 16 October 2024, the European Securities and Markets Authority (“ESMA”) issued an opinion (“Opinion”) addressing the European Commission’s (“Commission”) amendments to regulatory technical standards (“RTS”) on authorisations and notifications under the regulation on markets in crypto – assets (“MiCA”).
In September 2024, the Commission sent two letters to ESMA informing them of the following:
- that it would adopt the two proposed regulatory technical standards (“RTS”) with amendments, which were included in an annex to the letters; and
- inviting ESMA to submit new draft RTS to the Commission reflecting these amendments.
In particular, the Commission stated that it considered that ESMA had gone beyond its mandate in requiring applicant crypto asset service providers (“CASPs”) to submit the results of a cybersecurity audit, carried out by a third-party auditor.
The Opinion sets out ESMA’s view on how the draft RTS on notifications and the draft RTS on authorisations should be amended in light of the alternative approach set out by the Commission in its letters to ESMA.
ESMA states that it takes note of the legal interpretation by the Commission. However, ESMA also reiterates the importance of the policy objectives pursued by its initial proposals, in particular the need to require a cybersecurity audit carried out by a third - party cybersecurity auditor. To ensure that CASPs are subject to a thorough screening process, including in relation to their ICT systems, before they enter the crypto-assets market, ESMA recommends that the Commission amends the level one text of the MiCA framework to include a requirement for a cybersecurity audit carried out by a third - party auditor at the time of the authorisation.
Next Steps
The Opinion has been communicated by ESMA to the Commission, the European Parliament and the European Council. The Commission may adopt the two RTS with the amendments it considers relevant or reject it. The European Parliament and the Council may object to an RTS adopted by the Commission within a period of three months.
2. EBA issues decision on procedure for classifying ARTs and EMTs as significant under MiCA
On 22 October 2024, the European Banking Authority (“EBA”) published issued a decision (“Decision”) as regards the procedure for the classification of asset - referenced tokens (“ARTs”) and e - money tokens (“EMTs”) as significant, and the transfer of supervisory powers and reporting on those tokens following the classification as significant, under the regulation on markets in crypto - assets (“MiCA”).
Articles 43(2) and 56(1) of MiCA set out that the EBA is responsible for classifying ARTs and EMTs as significant. Further, after such a decision is made, the relevant supervisory powers will generally be transferred to the EBA. Additionally, the EBA is required to reassess and make a decision as to whether significant ARTs (“s-ARTs”) and significant EMTs (“s-EMTs”) continue to meet the significance criteria. Accordingly, the EBA published this Decision in order to establish the rules of procedure for the significance assessment and in so doing aims to achieve the following objectives:
- enhance transparency on expected timelines, introducing a harmonised reporting calendar for national competent authorities (“NCAs”), clarifying reference periods and remittance dates;
- establish a structured approach to significance assessment;
- clarify the reporting obligations for issuers of s-ARTs and s-EMTs and the reporting of data relevant for establishing the supervisory colleges;
- set out the procedural arrangements and timeline to be followed for the consultation procedures with related parties when the EBA is to notify its draft and final decisions on significance assessment to the home NCA of the issuer, the issuer, the ECB and the national central bank, where relevant.
- ensure regularity and predictability of the process, while allowing for flexibility; and
- limit the risk of legal challenges to the EBA’s significance assessment.
Through publication of the Decision, the EBA also aims to establish a structured process to facilitate cooperation between the EBA and NCAs during the transfer of supervisory responsibilities and once such transfer has taken place, to ensure the continuity and effectiveness of the supervision of ART and EMT issuers.
The EBA has stated that the procedural rules set out in the Decision specify rules for all instances of the significance assessment.
The Decision contains a number of annexes which set out the different templates to be used in respect of the procedure detailed in the Decision.
Next Steps
Under article 149(3) of MiCA, the provisions relating to the voluntary classification of ARTs and EMTs as significant have been applicable since 30 June 2024 and accordingly, the EBA has stated that the Decision needs to enter into force with some urgency. The Decision shall enter into force on the day following its adoption.
5. EIOPA opens consultation on criteria for selecting insurers to run macroprudential analyses
On 17 October 2024, EIOPA opened a consultation (“Consultation”) on the criteria for selecting insurers to run macroprudential analyses.
The provisional agreement of the European co – legislators as to the amendments to the Solvency II Directive includes new requirements for insurance or reinsurance undertakings and groups regarding the inclusion of macroprudential analyses in the own risk and solvency assessment (“ORSA”) and in the prudent person principle (“PPP”).
The new requirements stipulate that:
- the supervisory authorities should analyse the ORSA report of undertakings that are requested to take macroprudential considerations into account within their jurisdictions, aggregate them and provide input to undertakings on the elements that should be considered in their future ORSA, particularly as regards macroprudential risks;
- when required by the supervisory authority, insurance and reinsurance undertaking shall take account of macroprudential concerns when they decide on their investment strategy; and
- member states should ensure that, where they entrust an authority with a macroprudential mandate, the outcome and the findings of macroprudential assessments by the supervisory authorities are shared with that macroprudential authority.
The Consultation paper sets out EIOPA’s proposal for the draft regulatory technical standards (“RTS”) on the applicability criteria to be taken into account by supervisory authorities when defining the insurance or reinsurance undertakings and groups which shall be requested to carry out macroprudential analyses in the ORSA and when applying the PPP
Next steps
The consultation closes on 9 January 2025. EIOPA will revise the proposal in view of the stakeholder comments received. EIOPA will publish a report on the consultation including the revised proposal and the resolution of stakeholder comments.