IRELAND Law and Practice Contributed by: Niall Esler, Shane Martin, Laura Whitson and Coleen Wegmann, Walkers
Investment Services/Asset Management Depending on the services provided, a fintech firm providing investment services or asset management solutions may be subject to regulation. For example, if the activities constitute “investment services” in respect of “financial instruments” for the purposes of the European Union (Markets in Financial Instruments) Regulations 2017 (MiFID Regulations), an investment firm authorisation will be required, unless an exemp - tion applies. The MiFID Regulations implement Direc - tive 2014/65/EU (MiFID II) into Irish law. Firms appointed to manage a collective investment undertaking (such as a UCITS fund or an alternative investment fund) will require authorisation under the European Communities (Undertakings for Collective Investment in Transferable Securities) Regulations 2011 or the European Union (Alternative Investment Fund Managers) Regulations 2013, as appropriate, unless an exemption applies. Crowdfunding The operation of a loan or investment-based crowd - funding platform is a regulated activity under Regula - tion (EU) 2020/1503 (Crowdfunding Regulation). Blockchain and Crypto-Assets Entities providing certain crypto-asset services with - in the EU are required to be authorised as CASPs. CASPs authorised under MiCAR will be subject to a range of obligations, including the prudential and conduct-of-business requirements under MiCAR as well as other requirements, such as in relation to anti- money laundering. MiCAR also applies to offerors and persons seek - ing admission to trading of crypto-assets in the EU, including stablecoin issuers. In relation to the applica - tion of MiCAR to CASPs, stablecoin issuers and offer - ors/person seeking admission to trading of crypto- assets, please see 10. Blockchain . Passporting Depending on the regulatory framework, entities may passport their authorisation into Ireland form other EEA countries or passport out of Ireland to EEA coun - tries, subject to relevant notifications. For example, a passporting framework is available under the Capital
Requirements Directive, MiFID II, PSD2 and EMD2, the Crowdfunding Regulation and MiCAR. Anti-Money Laundering (AML) The applicability of AML rules, including customer due diligence and ongoing monitoring requirements, will depend primarily on whether a fintech company falls within the categories of “designated persons” under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, as amended (CJA 2010). Desig - nated persons include a wide range of financial ser - vices companies as well as certain other entities – eg, casinos, or persons trading or acting as an intermedi - ary in the trade of works of art. The Transfer of Funds Regulation (Regulation (EU) 2023/1113) (TFR) became applicable on 30 December 2024 and extends the obligation to include informa - tion about the originator and beneficiary (the so-called “travel rule”) to CASPs. The EBA has also issued guidelines expanding on the TFR requirements and guidelines addressed to CASPs on effectively manag - ing exposure to money laundering and terrorist financ - ing risks and on compliance with restrictive measures/ sanctions. Digital Operational Resilience Act The EU Digital Operational Resilience Act (DORA) applies to certain financial entities, with the objec - tive of ensuring that entities operating in the EU financial services industry can withstand, respond to and recover from all types of disruptions and threats relating to information and communication technol - ogy (ICT). DORA also applies to critical ICT third-party service providers to the financial services industry and provides a framework for the oversight of such entities by the European Supervisory Authorities (ESAs). Security Requirements Fintech firms will also need to be aware of and com - ply with specific security requirements introduced under PSD2 (eg, strong customer authentication) if they provide payment services, and, more broadly, cross-industry and industry-specific guidance from the Central Bank and EU regulators in relation to ICT and cyber-risks.
418 CHAMBERS.COM
Powered by FlippingBook