IRELAND Law and Practice Contributed by: Niall Esler, Shane Martin, Laura Whitson and Coleen Wegmann, Walkers
for breaching its anti-money laundering and counter- terrorist financing transaction monitoring obligations as required by the CJA 2010 between 2021 and 2025. 2.11 Implications of Additional, Non- Financial Services Regulations Firms will need to ensure that they operate in accord - ance with non-financial services requirements in Ire - land, including data protection laws, cybersecurity requirements, consumer protection legislation, com - pany law and intellectual property law. The Digital Services Act (Regulation (EU) 2022/2065) (DSA) and the DMA form a single set of rules to cre - ate a fairer digital space for users. The DMA applies to online gatekeepers that reach certain turnover vol - umes, while the DSA regulates online intermediaries and platforms. 2.12 Review of Industry Participants by Parties Other Than Regulators Where companies are required to produce audited financial statements, their statutory auditors will review their financial accounts. In 2023, the Central Bank required Irish payment and e-money firms to obtain a safeguarding audit. As part of its supervisory expectations, the Central Bank expects CASPs to ensure that independent third-party assurance is provided on an annual basis, confirming that the safeguarding frameworks CASPs have in place are compliant with requirements. A broad range of authorities may be relevant during a firm’s life cycle, including tax authorities, the Office of the Director of Corporate Enforcement, exchanges and the Financial Services and Pensions Ombuds - man. 2.13 Conjunction of Unregulated and Regulated Products and Services For the most part, it is possible for a regulated entity to offer regulated and unregulated services, unless it is restricted by its financial services licence. Under both the PSR and EMR, the Central Bank is empowered to require firms that undertake additional activities to establish separate entities.
In their Joint Report on recent developments in cryp - to-assets, the EBA and ESMA highlighted examples of regulated entities providing both regulated and unregulated services. 2.14 Impact of AML and Sanctions Rules The applicability of AML rules will depend primarily on whether a fintech company falls within the categories of “designated persons” under the CJA 2010. Where a fintech firm is regulated by the Central Bank, it will typically be a designated person. EU and Irish financial sanctions rules will apply to all fintech firms regardless of authorisation status. 2.15 Financial Action Task Force (FATF) Standards Ireland has been a member of the FATF since 1991. The AML and sanctions rules in Ireland closely follow the laws issued by the EU, which in turn are heavily influenced by the FATF standards. 2.16 Reverse Solicitation The legislative framework under MiFID II and MiCAR provides for a reverse solicitation regime. MiFID II Under the MiFID Regulations, a third-country firm, as defined, will generally need to establish a branch in Ireland and obtain prior authorisation from the Central Bank before providing investment services or activi - ties to retail clients and opted-up professional clients. However, there is an exemption where retail clients or opted-up professional clients initiate the provision of an investment service by a third-country firm, at their own exclusive initiative. Where a third-country firm solicits clients or potential clients in the EU, including through an entity acting on its behalf or having close links with it, it is not deemed a service provided at the own exclusive initiative of the client. Reverse solicita - tion does not entitle the third-country firm to market new categories of investment products or investment services to that individual. The Markets in Financial Instruments Regulation (MiFIR) requires third-country firms that deal with certain “per se” professional clients or eligible coun - terparties to register with ESMA, unless the service
421 CHAMBERS.COM
Powered by FlippingBook