IRELAND Law and Practice Contributed by: Niall Esler, Shane Martin, James O’Doherty and Laura Whitson, Walkers
2.7 No-Action Letters The Central Bank does not issue “no-action” let- ters as part of its enforcement regime. Nonetheless, the ESAs have a legal basis to issue no-action letters if they consider that the application of one of the relevant legislative acts is liable to raise significant issues as provisions contained in such act may directly conflict with another relevant act, and if they have received relevant information and consider on the basis of that information that the application of the relevant provisions raises significant exceptional • consumer, customer or investor protection; • the orderly functioning and integrity of finan - cial markets or commodity markets; or • the stability of the whole or part of the finan - cial system in the EU. Where the ESAs issue a no-action letter stating that competent authorities should not prioritise any supervisory or enforcement action in relation to a certain legislative act, this may indirectly influence actions taken by the Central Bank. 2.8 Outsourcing of Regulated Functions If a regulated function is outsourced, the vendor is likely to require authorisation to provide that service, unless it can rely on an exemption. Separately, a number of rules and requirements may apply to already regulated firms that are engaged in the outsourcing of regulated and unregulated functions. These are generally sec - tor-specific – eg, the PSR and MiFID II contain outsourcing requirements that are relevant to in- scope firms. issues pertaining to: • market confidence;
By contrast, the Central Bank Cross-Industry Guidance on Outsourcing (the “CBI Outsourcing Guidance” ) applies across sectors to all regu - lated firms and must be considered alongside specific outsourcing rules under the various sec - toral legislation. The CBI Outsourcing Guidance is heavily influenced by the EBA Guidelines on outsourcing arrangements (the “EBA Outsourc- ing Guidelines” ), which are applicable to credit institutions, certain investment firms, payment institutions and electronic money institutions. ESMA has also implemented guidelines on out - sourcing to cloud service providers (the “ESMA Cloud Guidelines” ), which apply to a broad range of RFSPs falling under ESMA’s remit. The EIOPA has also published guidelines on outsourcing to cloud service providers (the “EIOPA Cloud Guidelines” ). In addition, DORA applies to in-scope financial entities and requires that all contracts between financial entities and ICT third-party service pro - viders for the use of outsourced ICT services must meet certain minimum contractual require - ments. 2.9 Gatekeeper Liability The extent to which any fintech provider is deemed “gatekeeper” for activities on its plat - form will depend on its activities or the services it provides. Fintech providers may be subject to various authorisation requirements or may fall within the scope of Irish AML legislation. The Criminal Justice Act 2011 imposes a report - ing obligation on a person who has information that said person “knows or believes might be of material assistance” in preventing or prosecuting “relevant offence” , who must disclose this infor - mation to the Garda Síochána (the Irish police force).
373 CHAMBERS.COM
Powered by FlippingBook