Banking Regulation 2021 Comparisons

Last Updated December 10, 2020

Contributed By Walkers

Law and Practice


Walkers is a leading international law firm that provides legal, corporate, fiduciary and compliance services to global corporations, financial institutions, capital markets participants and investment fund managers. Walkers has 119 partners and 921 staff, and clients include Fortune 100 and FTSE 100 companies, as well as many of the most innovative global financial services firms. Walkers Ireland's dedicated Financial Regulatory Group consists of two partners, one of counsel and two associates. The Group advises financial institutions on all aspects of financial regulation and data privacy, including recently advising on the establishment of a new Irish bank under the EU Single Supervisory Mechanism. Walkers Ireland's tax, employment, insolvency, litigation and corporate teams complement practice areas including regulatory, asset finance, funds and capital markets finance. Walkers delivers clear and practical advice on the laws of Bermuda, the British Virgin Islands, the Cayman Islands, Guernsey, Jersey and Ireland from ten global offices.

Banking business in Ireland is regulated under both domestic legislation and the legislation of the EU, which is either directly applicable in Ireland or has been transposed into Irish law by domestic provisions. New laws and regulations applicable to Irish banks are primarily driven by developments at the EU level.

Domestic Legislation

The primary domestic legislation establishing the framework for the regulation of banking activities in Ireland is the Central Bank Acts 1942-2018 (Central Bank Acts). The Central Bank Act 1942 originally established the Central Bank of Ireland (CBI) as a central bank. Following the introduction of the Central Bank Reform Act 2010 (2010 Act), the CBI is also the primary Irish financial regulatory body.

The Central Bank Act 1971 (1971 Act) establishes the requirement for persons carrying on "banking business" to hold a banking licence, and sets out certain requirements applicable to banks.

The CBI is empowered under the Central Bank Acts to issue codes of practice and regulations to be observed by banks. The CBI has issued several such codes in areas such as corporate governance, related party lending, mortgage arrears and consumer protection.

European Legislation

Irish banks are also subject to extensive regulatory requirements driven by EU initiatives regulating the activities of "credit institutions" (the terms "credit institution" and "bank" are used interchangeably). These include the Fourth Capital Requirements Directive (2013/36/EU) (CRD IV), the Capital Requirements Regulation ((EU) 575/2013) (CRR) and the Bank Recovery and Resolution Directive (2014/59/EU) (BRRD). CRD IV is transposed into Irish law by the European Union (Capital Requirements) Regulations 2014 (CRD IV Regulations), while the CRR, as an EU regulation, is directly applicable. BRRD is implemented in Ireland by the European Union (Bank Recovery and Resolution) Regulations 2015 (BRRD Regulations).

CRD IV has recently been amended by Directive (EU) 2019/878 (CRD V), and amendments to the CRR will be introduced by Regulation (EU) 2019/876 (CRR II) (see 10 Horizon Scanning).

Regulation (EU) 1024/2013 (SSM Regulation) establishes the Single Supervisory Mechanism (SSM), which is responsible for banking supervision in the participating Member States, such as Ireland. Under the SSM, the European Central Bank (the ECB) has exclusive competence in respect of certain aspects of the prudential regulation of Irish banks, including the granting and withdrawal of banking licences and the assessment of notifications of the acquisition and disposal of qualifying holdings in banks (except in the case of a bank resolution). The ECB also directly supervises "significant" banks (SIs), while the CBI directly supervises "less significant" banks (LSIs), subject to ECB oversight. The SSM sets out criteria for determining SIs and LSIs.

Other Regulatory Bodies

Other regulatory bodies that are also relevant to Irish banks include the Office of the Director of Corporate Enforcement, the Competition and Consumer Protection Commission, which regulates competition and consumer affairs, the Data Protection Commission, which enforces data protection legislation in Ireland, and the Financial Services and Pensions Ombudsman, which handles complaints from consumers of financial services.

Banking Business

Section 7(1) of the 1971 Act prohibits the carrying on of "banking business" or accepting deposits or other repayable funds from the public without a banking licence. The definition of "banking business" is any business that consists of or includes receiving money on the person's own account from members of the public either on deposit or as repayable funds and the granting of credits on own account (subject to certain exceptions).

While the 1971 Act does not define "repayable funds", section 2(2) of the Central Bank Act 1997 defines "deposit" for the purposes of the Central Bank Acts as "a sum of money accepted on terms under which it is repayable with or without interest whether on demand or on notice or at a fixed or determinable future date."

A person may apply for a banking licence to be granted under Section 9 of the 1971 Act. Since the introduction of the SSM, the ECB is the competent authority for the granting of the licence.

It is also possible to apply for authorisation under Section 9A of the 1971 Act for an Irish branch of a bank that is authorised in a third country (ie, a non-EEA country).

Holding oneself out as a banker

Section 7(1) of the 1971 Act also restricts persons from holding themselves out or representing themselves as a banker, or from carrying on banking business unless appropriately authorised.

The 1971 Act provides that, where a person carries out business under a name that includes the words "bank", "banker" or "banking", or any word which is a variant, derivative or translation of or is analogous to those words, or uses any advertisement, circular, business card or other document that includes such words, he holds himself out or represents himself as conducting or being willing to conduct banking business.

Permitted Activities

A banking licence permits the holder to engage in a broad range of business, including deposit taking, lending, issuing e-money, payment services and investment services and activities regulated by the Markets in Financial Instruments Directive (2014/33/EU) (MiFID II).

Application Process

In practice, the application process for a bank licence typically begins with a preliminary engagement phase, whereby the applicant will often have meetings or calls with the CBI and submit a detailed proposal for their application.

Following this, the applicant will prepare its formal application. The application pack requires extensive detail regarding all material areas of the applicant's proposed business, as set out in the CBI's "Checklist for completing and submitting Bank Licence Applications under Section 9 of the Central Bank Act 1971", which is available on the CBI's website.

The information required includes:

  • details of the applicant company's parent or group and beneficial ownership;
  • objectives and proposed operations;
  • details of the proposed bank's "Heart and Mind" being in Ireland;
  • details of internal controls;
  • capital and solvency;
  • details of information technology and business continuity planning; and
  • details of recovery and resolution planning.

Following the receipt of the application, the CBI will assess the application, in conjunction with the ECB. The process is iterative and typically involves multiple rounds of extensive comments and queries from the regulators.

Following the completion of the iterative query stage, the ECB will determine whether to grant a licence. The timeline for this entire process generally takes between 12 and 18 months. Where a licence is granted, it may be subject to specific conditions.

There is no fee for submitting a bank application, but banks are subject to a number of ongoing levies.


Under the CRD IV mutual recognition provisions, Irish banks can both provide services on a freedom of services basis and establish a branch on a freedom of establishment basis across the EEA, subject to completing the necessary passporting processes.

Requirements Governing Change in Control

The requirements in relation to the acquisition and disposal of interests in banks are set out in Chapter 2 of Part 3 of the CRD IV Regulations. The CRD IV Regulations provide that the prior approval of the ECB is required in advance of any proposed acquisition of a qualifying holding in a bank.

A "qualifying holding" is defined as a direct or indirect holding in an undertaking which represents 10% or more of the capital or of the voting rights, or which makes it possible to exercise a significant influence over the management of that undertaking. Notification is also required in respect of direct or indirect holding increases above a prescribed percentage of 20%, 33% or 50%.

There are no restrictions on private ownership or geographical restrictions on foreign ownership of Irish banks. However, the CBI has expressed preferences in the past that banks not be owned or controlled by single private individuals or that ownership of banks should not be "stacked" under insurance undertakings. Prior ownership experience of banks or other financial institutions will be an advantage in applying for approval of an acquisition of a qualifying holding.

The CRD IV Regulations provide that an application to the Irish High Court may be made to remedy a situation where a qualifying holding was inadvertently acquired without the prior approval of the ECB.

The Nature of the Regulatory Filings

Notification of the proposed acquisition of a qualifying holding is made to the CBI using the CBI's Acquiring Transaction Notification Form (ATNF). The CBI, in turn, will liaise with the ECB, which is the competent authority under the SSM for the approval of acquisitions of or increases in qualifying holdings in respect of Irish authorised banks.

The maximum total period for assessment of an acquiring transaction notification is 90 working days from the receipt of a complete application. The CBI can reject notifications as not complete at the outset of the process, and so in practice this process can take longer. The CBI advises that pre-application engagement and the submission of notification and supporting documentation in draft form can help minimise the risk of a notification being deemed "incomplete", thereby delaying the approval process.

The CBI also requires any proposed acquirers to take note of the content of the May 2017 Joint Committee of the European Supervisory Authorities (which includes the European Banking Authority – EBA) "Joint Guidelines on the prudential assessment of acquisitions and increases of qualifying holdings in the banking, insurance and securities sectors".

The content required to complete an ATNF includes details of:

  • the proposed acquisition and impact on the target;
  • the proposed acquirers and financing of the proposed acquisition;
  • the rationale for the proposed acquisition; and
  • details of the new proposed group structure and any impact on supervision.

A business plan for the target entity may also be required with the notification, detailing the proposed acquirers' expected activities/performance and financial projections over three years.

The CBI may also seek comfort from a proposed acquirer of a majority stake in an Irish bank that the proposed acquirer will provide such financial support as is necessary for the Irish bank to continue to meet its regulatory obligations.

The corporate governance requirements applicable to Irish banks include those set out in the CBI Corporate Governance Requirements for Credit Institutions 2015 (CBI Requirements) and the CRD IV provisions in respect of corporate governance.

CBI Requirements

The CBI Requirements provide that all Irish banks must have robust governance arrangements, including a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks to which they are or might be exposed, and adequate internal control mechanisms. The governance structure put in place must be sufficiently sophisticated to ensure that there is effective oversight of the activities of the institution, taking into consideration the nature, scale and complexity of the business being conducted.

The CBI Requirements are prescriptive, imposing minimum standards in relation to corporate governance, including the composition, role and conduct of the board of directors and the establishment of certain board committees, and also setting out requirements in relation to risk management.

An Irish bank is required to have at least five directors (seven if it is designated as having a High Impact under the CBI's Probability Risk and Impact System (PRISM)). The board is required to have a majority of independent non-executive directors (INED), although where a bank is part of a group, the majority of the board may also be composed of group directors, provided that the bank has at least two INEDs (or three INEDs where the bank is designated as High Impact).


The CRD IV Regulations set out a number of high-level rules in relation to the governance of banks. The EBA has built upon these requirements in its Guidelines on internal governance (EBA/GL/2017/11) (EBA IG Guidelines). The EBA IG Guidelines are stated to specify the internal governance arrangements, processes and mechanisms that banks and investment firms must implement in accordance with Article 74(1) of CRD IV to ensure effective and prudent management of the institution.

The EBA IG Guidelines apply in relation to governance arrangements such as organisational structure, lines of responsibility, risk identification and management and the internal control framework. Guidance is given in relation to the role of the management body and its responsibilities, as well as the role of board committees and internal control functions. Arrangements in relation to risk management, outsourcing and business continuity are also addressed.

Recent Developments

Corporate governance continues to be an area of focus for the CBI. This has been evident in recent publications and supervisory focuses on areas including behaviour and culture, conduct risk, outsourcing and individual accountability.

The Irish Bank Culture Board was also established in 2019 by the five retail banks operating in Ireland, with the aim of rebuilding trust in the sector by demonstrating a change in behaviour and overall culture.

Fitness and Probity Regime

The CBI's Fitness and Probity regime (F&P Regime), which was established under the 2010 Act, applies to persons in certain senior positions in Irish regulated financial service providers (RFSPs), including banks.

Controlled Functions

The F&P Regime applies to persons performing certain prescribed "controlled functions" (CFs) and "pre-approval controlled functions" (PCFs). PCFs are a sub-set of CFs and include directors, chairs of the board and committees, the chief executive and heads of certain internal control functions, amongst other functions.

An RFSP must not permit a person to perform a CF or PCF unless it is satisfied on reasonable grounds that the person complies with the CBI's Standards of Fitness and Probity (Standards) and the person has agreed to comply with the Standards. The Standards require a person: (a) to be competent and capable; (b) to be honest and ethical, and to act with integrity; and (c) to be financially sound. In order to be satisfied the person complies with the Standards, due diligence must be undertaken by the RFSP.

Irish banks are also subject to the Joint ESMA and EBA Guidelines on the assessment of the suitability of members of the management body and key function holders (Suitability Guidelines), as well as CRD IV requirements.

Pre-approval for PCFs

A person cannot be appointed to a PCF position unless the appointment has been approved by the CBI. For SIs, the approval of the ECB is required for members of the management body. This is also the case for members of the management body of any new bank.

PCF applicants are required to submit an individual questionnaire (IQ) to the CBI, which sets out details of their professional qualifications and employment history, and includes various confirmations from both the applicant individual and the RFSP. The CBI/ECB may interview candidates for certain PCF roles and this is increasingly becoming the norm for bank board members and certain other senior PCFs.

The ECB has published a Guide to Fit and Proper Assessments for its fitness and probity assessments, which are conducted in accordance with the Suitability Guidelines.


CF and PCF holders may be the subject of an investigation or required to comply with an evidentiary notice, or may be the subject of a suspension notice or a prohibition under the 2010 Act. Applicants for PCF roles are also not guaranteed to receive approval.

The CBI operates an administrative sanctions regime in order to take enforcement actions in relation to RFSPs. Persons involved in the management of an RFSP may be subject to sanctions in certain circumstances.

The CBI has proposed reforms that would strengthen its toolkit in relation to individual accountability (see 10 Horizon Scanning).

Irish banks are subject to remuneration rules under both the CBI Requirements and the CRD IV Regulations, and must comply with certain principles in a manner and to the extent that is appropriate to their size and internal organisation and to the nature, scope and complexity of their activities.

The EBA "Guidelines on sound remuneration policies under Articles 74(3) and 75(2) of CRD IV" (EBA Remuneration Guidelines) also apply to banks, covering issues including the governance process for remuneration policies and the application of remuneration requirements in a group context. The CBI issued a policy statement on 31 January 2017 on the CBI's approach to proportionality relating to the payout process applicable to variable remuneration, confirming its intention to comply with the EBA Remuneration Guidelines and future European developments.

Banks that are classified as SIs are required to have a remuneration committee that complies with the requirements of the CRD IV Regulations. Banks with a High Impact PRISM rating are required to have a remuneration committee that complies with the CBI Requirements.

The CRD IV Regulations require banks to have a remuneration policy that is in line with its business strategy, objectives and long-term interests, is consistent with and promotes sound and effective risk management, and does not encourage risk-taking that exceeds the level of tolerated risk of the institution. The board is responsible for overseeing the implementation of the remuneration policy and should periodically review its general principles. Banks should review their remuneration policies at least annually. The CRD IV Regulations also impose disclosure requirements relating to remuneration policies and practices.

Banks should also ensure that the remuneration of "control function" employees (note this is distinct from CF as defined in 4.2 Registration and Oversight of Senior Management) is not linked to the performance of any business areas they control, and that the remuneration of senior risk and compliance employees is suitably overseen. In respect of certain employees whose professional activities have a material impact on the risk profile of the institution, including senior management, risk takers and heads of control functions, banks are subject to extensive rules regarding variable remuneration. These rules include a "bonus cap", which limits variable remuneration at 100% of fixed remuneration (or 200% with shareholder approval).

Breach of the CBI Requirements and/or the CRD IV Regulations is an offence and may be grounds for an enforcement action by the CBI under its administrative sanctions regime, which can result in fines being imposed.

The upcoming implementation of CRD V will introduce additional remuneration requirements (see 10 Horizon Scanning).

Legal Framework

The primary anti-money laundering (AML) and counter-terrorist financing (CTF) legislation applicable to Irish banks is the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (CJA 2010), which transposed the Third EU Anti-Money Laundering Directive (2005/60/EC) and the Fourth EU Anti-Money Laundering Directive ((EU) 2015/849) into Irish law. Draft legislation to amend the CJA 2010 for the purposes of implementing the Fifth EU Anti-Money Laundering Directive (2018/843/EU) (5AMLD) was published in September 2020 and is pending (see 10 Horizon Scanning).

The CJA 2010 imposes a range of obligations on banks, including obligations to:

  • conduct a business risk assessment;
  • conduct risk-sensitive due diligence on customers and their beneficial owners both at on-boarding and on an ongoing basis;
  • report suspicious activity to the relevant authorities – ie, the Financial Intelligence Unit Ireland (the Irish police) and the Irish Revenue Commissioners;
  • implement internal policies, controls and procedures to prevent and detect the commission of money laundering (ML) and terrorist financing (TF);
  • provide AML/CTF training to persons involved in the conduct of the bank's business; and
  • keep records in relation to business risk assessments, customer due diligence and customer transactions.

The CBI published its AML/CTF Guidelines for the Financial Sector (AML Guidelines) in September 2019 to assist firms in understanding their obligations under the CJA 2010. The AML Guidelines set out the expectations of the CBI regarding the factors that firms should take into account when identifying, assessing and managing ML and TF risks, and also emphasises the importance of firms having regard to AML/CTF guidance published by the Financial Action Task Force and European supervisory authorities.

In addition to the CJA 2010, Irish banks are also required to comply with the various international financial sanctions that emanate from the EU and the United Nations, and with Regulation (EU) 2015/847, which deals with information requirements regarding wire transfers.

Regulatory Supervision and Enforcement

Under the CJA 2010, the CBI is the relevant competent authority in Ireland for the monitoring and supervision of banks' compliance with AML/CTF obligations. The CBI implements a risk-based approach to AML/CTF supervision such that the extent of supervision of a given firm is commensurate with the CBI's assessment of ML/TF risk within the firm. The retail banking sector is considered by the CBI to be a high-risk sector, with the non-retail banking sector considered to be a medium-high risk sector. An individual firm's ML/TF risk rating will be informed by the CBI's risk rating of the sector and its supervisory engagements with the firm, such as inspections.

The CBI is empowered to take measures that are reasonably necessary to ensure that firms comply with the provisions of the CJA 2010. This may include the CBI issuing a risk mitigation programme to a firm to address identified shortcomings in the firm's AML/CTF framework. The CBI also has the power to administer sanctions against banks for breaches of the CJA 2010 under its administrative sanctions regime, which can result in fines being imposed.

Ireland has transposed the Deposit Guarantee Schemes Directive (2014/49/EU) (DGS Directive) into domestic law through the European Union (Deposit Guarantee Schemes) Regulations 2015 (DGS Regulations), which govern the operation of a deposit guarantee scheme (DGS) for "eligible deposits" at Irish banks. Irish banks are not allowed to accept deposits without being members of the DGS.

The CBI is the designated authority for the purposes of the DGS Directive, and is responsible for the maintenance and ongoing supervision of the DGS and for ensuring that it has sound and transparent governance practices in place. The CBI is required to produce an annual report on the activities of the DGS.

The DGS provides protection to eligible deposits, which includes deposits belonging to individuals, companies, partnerships, clubs and associations. The eligible deposits that may be protected by the DGS include current accounts, savings accounts, demand, notices and fixed-term deposit accounts and share accounts. The deposit element of structured deposits/tracker bonds may also be eligible if the deposit element is repayable at par.

Certain specified categories are not eligible deposits. These include deposits of "financial institutions" as defined under the CRR – and including insurance undertakings, collective investment schemes, MiFID II investment firms and other banks (subject to certain conditions). Deposits of public authorities, debt securities issued by banks and liabilities arising out of its own acceptances and promissory notes are also not eligible deposits, and a bank's "own funds" for the purposes of the CRR are also not covered.

The coverage level for aggregate eligible deposits for each depositor is EUR100,000. In certain specified circumstances, a depositor may be covered for aggregate deposits up to a level of EUR1 million as a "temporary high balance". The DGS Regulations set out detailed provisions as to how a depositor's aggregate deposits are to be calculated.

Examples of circumstances that give rise to increased "temporary high balance" cover include where monies are deposited in preparation for the purchase of – or which represent the proceeds of a sale of – a private residential property, where the monies deposited represent certain insurance or compensation payments, or where funds are held by a depositor in his or her capacity as the personal representative of a deceased person for the purpose of realising and administering the deceased's estate. Subject to certain exceptions, this higher level of cover will be available to depositors for a period of six months after the relevant amount has been credited or from the moment when such deposits become legally transferable.

The DGS Regulations provide that the DGS is funded by participating banks. As the designated authority, the CBI is responsible for ensuring that it has adequate systems in place to determine the potential liabilities of this fund. The CBI identifies a target level for the fund and requires all banks that hold eligible deposits to pay contributions to the fund. The fund must hold at least 0.8% of the amount of eligible deposits of all banks authorised in the State.

A bank's required contribution to the DGS is calculated primarily by reference to the proportion of eligible deposits it holds, and the DGS Regulations set out prescriptive provisions regarding how these obligations are to be calculated and levied.

The Irish DGS protects eligible deposits held at EEA branches of Irish banks. Deposits held with other EEA banks should be protected under the relevant other EEA bank's home country deposit protection scheme.

In November 2015, the European Commission proposed a European Deposit Insurance Scheme, which, if established, would form part of the third pillar of the EU's Banking Union. However, this proposal is subject to ongoing political debate.

Irish banks owe a duty of confidentiality to their customers. The duty of confidentiality has its origins in the common law and is an implied term in all contracts between banks and their customers. For the purpose of this duty, "customers" includes both natural and legal persons. There has also been limited judicial commentary to the effect that the Irish constitutional right to privacy may encompass a right to confidentiality in relation to banking affairs.

The duty of confidentiality is a broad one and provides that, once a contractual relationship exists between a bank and a customer, the bank must not divulge to third parties any information acquired by the bank during, or by reason of, its relationship with the customer, without the express or implied consent of the customer. Banks must also ensure that their employees and agents do not breach the duty.

In practice, the duty of confidentiality applies to information related to the state of the customer’s account or the amount of the balance, the securities offered to and held by the customer, the extent and frequency of transactions and any information obtained by the bank as a consequence of its relationship with the customer. The duty of confidentiality continues to apply when the account is closed or ceases to be active.

Given the wide and increasing range of services offered by banks and RFSPs, where any business of a kind normally carried on by a bank is carried out, it is prudent to presume the imposition of this duty of confidentiality.

The duty of confidentiality is not absolute and the Irish courts have confirmed the existence of a number of qualifications and exemptions to the duty of confidentiality, including where:

  • disclosure is under compulsion of law;
  • there is a duty to the public to disclose;
  • the interests of the bank require disclosure; or
  • the disclosure is made by the express or implied consent of the customer.

Irish statutes contain a number of express statutory exceptions to the duty of confidentiality. These exemptions are included in the Companies Act 2014, the CJA 2010, criminal justice legislation and credit reporting legislation, as well as the law of evidence, including court rules providing for discovery orders.

A court or judge may authorise a member of the Irish police force to inspect bank records to investigate an indictable offence, where the court or judge is satisfied that there are reasonable grounds for believing that such an offence has been committed and the relevant material is likely to be of substantial value to the investigation.

In addition, by virtue of their statutory powers, the CBI and the Revenue Commissioners have the ability to inspect customer accounts in certain circumstances.

Where the customer consents to disclosure, the duty may be dis-applied; this is relatively common where a third party seeks a reference or statement from a bank with the customer's consent. It is best practice to obtain the customer's prior written authorisation in these circumstances.

Where the duty of confidentiality is breached, the customer is entitled to seek damages, which may include aggravated damages.

The prudential requirements applicable to Irish banks, including in relation to capital and liquidity, emanate from EU legislation that is itself heavily influenced by international standards.

The current prudential requirements applicable to Irish and other EEA banks are set out in CRD IV and the CRR, as well as secondary EU legislation. This framework largely addresses the requirements of the "Basel III" reforms that were finalised in December 2010. More recent standards of the Basel Committee on Banking Supervision and the Financial Stability Board (FSB) will be implemented by CRD V and the CRR II (see 10 Horizon Scanning). The EU rules also contain bespoke requirements to address particular concerns of the EU Member States.

Initial Capital

Under the 1971 Act, Irish banks must hold initial capital of at least EUR5 million before the CBI will propose to the ECB that a banking licence should be granted. In some cases, initial capital can instead be a minimum of EUR1 million.

Capital Requirements – Pillar I

The CRR sets out the requirement for banks to maintain a minimum quantity of regulatory capital and rules governing the quality of that capital. The quality of regulatory capital is considered by reference to two categories:

  • Tier 1 Capital, which is divided into (a) Core Equity Tier 1 (CET1) and (b) Additional Tier 1 Capital; and
  • Tier 2 Capital.

CET1 includes ordinary shares and reserves, and is the highest quality capital. There are eligibility criteria and deductions that must be followed to calculate the instruments that qualify for each tier.

The minimum capital requirement is a percentage of a bank's risk weighted assets (RWAs). The calculation of a bank's RWAs involves allocating a weighting to the value of an asset relative to the risk of incurring losses. Banks can use the Standardised Approach (with standardised weightings) or the Internal Ratings Based approach (where the bank calculates its own risk weights, subject to approval) in assessing credit risk and calculating risk weights.

The CRR requires maintenance of the following minimum capital ratios:

  • regulatory capital of 8% of RWAs;
  • CET1 of 4.5% of RWAs; and
  • Tier 1 Capital of 6% of RWAs.

Capital Buffers

The following four buffers are provided for under CRD IV:

  • a capital conservation buffer, which requires banks to hold CET1 equal to a further 2.5% of RWAs, in addition to CET1 amounting to 4.5% of RWAs referenced above. There are restrictions on distributions where the buffer is not maintained;
  • a counter-cyclical buffer (CCyB), based on total risk weighted exposures of a bank and the CCyB rates applicable to those exposures in the jurisdiction where they are located. This also comes with capital maintenance requirements. The CCyB rate for Irish exposures is set quarterly by the CBI and applies to all EU banks with exposures to Irish counterparties. The CCyB aims to make the banking system more resilient and less pro-cyclical, and to support the supply of credit during a downtown, at times when the CCyB is released;
  • a buffer applicable to global systemically important institutions (G-SIIs) and one applicable to other systemically important institutions (O-SIIs). Six banks regulated by the CBI and the ECB are currently subject to an O-SII buffer ranging from 0.5% to 1.5% (CBI's 2019 assessment); and
  • a systemic risk buffer – the CBI has requested that the Irish legislature adopt this national discretion so that it would be available in Ireland, but implementing legislation is currently outstanding.

Pillar II Capital

The CBI has the power to apply additional capital requirements to Irish banks on a case-by-case basis. Any additional requirements will be based on the CBI's assessment under its supervisory review and evaluation process, which looks at the specific risks of the firm. Non-binding guidance may also be issued to a bank in respect of further capital it is expected to hold. CRD V will make amendments to the process for the imposition of capital under Pillar II.


The CRD IV/CRR framework provides for two liquidity ratios. The liquidity coverage ratio (LCR) requires banks to hold high-quality unencumbered liquid assets, which must be sufficient to meet net cash outflows under a 30-day stress scenario.

A separate net stable funding ratio (NSFR) has been introduced under the CRR to address liquidity mismatches. This aims to ensure that the level of stable funding available to a bank is aligned with the level of funding it requires over the longer term, based on the liquidity risk profiles of assets and off-balance sheet exposures. CRR II amendments to the CRR will set out a minimum level of stable funding for the first time.


Currently, under BRRD banks must comply with a minimum requirement for own funds and eligible liabilities (MREL). This is a requirement to ensure a bank can continue to perform certain critical functions even after a resolution event – the MREL should assist the bank in absorbing losses and restore its capital so that the bail-in resolution tool can be applied effectively. Under BRRD II, a number of changes will be introduced to align MREL with the FSB's standard relating to total loss absorbing capacity (TLAC). In addition, the CRR II will amend the CRR to implement the TLAC standard and apply it to G-SIIs.


The CRD IV Regulations and the CRR provide other measures to address risks applicable to banks. These include measures in relation to credit valuation adjustment, a leverage ratio, disclosure requirements, reporting requirements, governance and remuneration requirements, credit risk adjustment and the ability of regulatory authorities to impose stricter macro-prudential measures.

The CBI has also issued a Policy on Management of Country Risk, August 2013, and a regulatory document entitled "Impairment Provisions for Credit Exposures – 26 October 2005", with which banks are required to comply.

COVID-19 Flexibility Measures

The CBI and the ECB have made a number of announcements in relation to the application of capital and liquidity requirements in light of the COVID-19 pandemic.

The legal and regulatory framework governing the insolvency, recovery and resolution of banks in Ireland has undergone significant development since the global financial crisis of 2007/8, when Ireland hastily implemented emergency legislation to address issues affecting domestic institutions. Since then, the EU has adopted BRRD and the Single Resolution Mechanism (SRM) Regulation (806/2014) (SRM Regulation), which provide an EU framework for the recovery and, where necessary, resolution of EU banks.


One of the ways in which a failing bank can be addressed is through a liquidation process. In its document entitled "Central Bank of Ireland’s Approach to Resolution for Banks and Investment Firms (First Edition) April 2019" (Approach Paper), the CBI comments that, in fact, the most likely method for the majority of failing institutions is through a CBI-involved winding-up (liquidation) procedure.

The Central Bank and Credit Institutions (Resolution) Act 2011 (Resolution Act) provides that the Irish Companies Acts will apply to the winding-up of an Irish bank. However, the CBI has an important role under the Resolution Act. No person other than the CBI can present a petition to the High Court to wind up a bank, unless they have given the CBI notice and the CBI has confirmed that it does not object. In the latter case, the CBI will be a notice party to court applications and may make representations in court.

The Resolution Act sets out a number of specific grounds under which the CBI may present a petition for a winding-up order, such as where:

  • it would be in the public interest;
  • the bank is unable to meet obligations to creditors;
  • the bank has failed to comply with a CBI direction;
  • the bank's licence has been revoked; or
  • it is in the interests of depositors.

Under the Resolution Act, only a liquidator approved by the CBI may be appointed. Objectives for the appointed liquidators are set out in the legislation, with the protection of eligible depositors under the DGS being a priority.

Recovery and Resolution

BRRD and the SRM Regulation set out an alternative mechanism to resolve failing banks in a more orderly way, and seek to implement the original "Key Attributes of Effective Resolution Regimes for Financial Institutions" published by the FSB. BRRD provides authorities with tools to intervene at an early stage and in a swift manner in relation to a failing institution, to ensure the continuity of critical functions and minimise the impact of the institution's failure on the economy and financial system.

As Ireland is part of the SSM, the SRM is applicable to Irish banks, and the SRM Regulation is directly applicable in Ireland.

The CBI is designated as the national resolution authority under the SRM and the national competent authority under the SSM. Broadly speaking, the Single Resolution Board (SRB) has responsibility in relation to the resolution of SIs or institutions subject to direct ECB oversight, and the CBI will have responsibility for the key resolution processes for LSIs, subject to SRB oversight.

Resolution Tools and Powers

The framework includes the following elements:

  • in order to prepare for or prevent failure:
    1. recovery plans are to be prepared by banks, setting out measures to be taken by the institution to restore its financial position following a significant deterioration of its financial position;
    2. resolution plans are to be prepared by resolution authorities, setting out the resolution options for the particular institution; and
    3. powers are available to remove impediments to resolution;
  • powers for authorities to take steps at an early stage, including requiring the implementation of recovery plans or replacing management; and
  • where certain conditions are met, the availability of resolution tools to manage the resolution of a failing institution, including the sale of business tool, the bridge institution tool, the asset separation tool and the bail-in tool. The resolution tools and associated resolution powers available are subject to procedural requirements.

Resolution authorities are also afforded write-down and conversion powers in respect of certain capital instruments. These can be implemented as part of a resolution action or separately, where certain conditions are met.

In its Approach Paper, the CBI has commented that resolution tools would generally be used where, for example, a bank's failure could cause financial instability or disrupt critical functions. Resolution tools would be used by the CBI where there is no viable alternative supervisory or private sector solution and the CBI considers resolution to be in the public interest.

Resolution funds have been established in Ireland and at the EU level, in order to provide funding for the cost of resolution.

Protection for Depositors

The DGS protects eligible depositors in the event of a bank authorised by the CBI being unable to repay deposits. Objectives related to the protection of deposits eligible under the DGS are also built into both the liquidation and resolution frameworks.

DGS eligible deposits up to an amount of EUR100,000 are exempted from bearing losses in a resolution process. Eligible deposits of natural persons and small and medium enterprises exceeding EUR100,000 receive a preferred status over certain other senior unsecured liabilities in a resolution process. Amendments have also been made to the Irish Companies Act 2014 to provide for preference to certain depositors in a liquidation of a BRRD institution so as to implement the Bank Creditor Hierarchy Directive ((EU) 2017/2399).

Looking Forward

Directive (EU) 2019/879 (BRRD II) is to be transposed into Irish law by 28 December 2020 and extensively amends BRRD (see 10 Horizon Scanning).

Senior Executive Accountability Regime

Culture within the Irish financial services industry has been a key issue for the CBI and RFSPs in the wake of a number of instances of banks and firms engaging in practices and activities that did not meet the standards expected of the sector, such as overcharging customers. In 2018, the CBI published a report entitled "Behaviour and Culture of the Irish Retail Banks", which identified that consumer-focused cultures in banks remained underdeveloped.

To support positive cultural changes, the CBI recommended the introduction of an Individual Accountability Framework comprising a Senior Executive Accountability Regime (SEAR), standards of conduct for RFSPs and their staff, and enhancements to the existing F&P Regime and to the existing administrative sanctions regime. While draft legislation was expected this year, this remains outstanding.

The introduction of SEAR will require firms and those acting in senior executive functions (SEFs) to take a number of steps in order to ensure compliance. The CBI has indicated that SEFs will include board members, executives reporting directly to the board and heads of critical business areas.

The CBI indicates that SEFs would be similar to PCFs within the existing F&P Regime. Certain SEF roles may be mandatory while others would be discretionary and applied to firms on a case-by-case basis. The list of responsibilities of a firm would be determined based on the nature, scale and complexity of each firm. Each SEF would have particular responsibilities, with the CBI prescribing mandatory functions and responsibilities to be fulfilled by a SEF within an in-scope firm.

Under the SEAR proposals, in-scope firms would also be required to produce a "Responsibility Map" detailing the key management and governance arrangements within the firm. Statements of Responsibilities would also be required, setting out where responsibility lies amongst SEFs for fulfilling the prescribed obligations of firms. The Statements of Responsibilities would be required to be submitted to the CBI, which would assist the CBI in monitoring compliance and assessing the fitness and probity of SEFs within in-scope firms.

The CBI's reform proposals also include the consolidation into one single legislative act of the “full suite of relevant inspection and investigations powers” of regulatory agencies to assist in the elimination of issues caused by the currently fragmented nature of the framework. Furthermore, it is recommended that provision be made for the CBI to “pursue individuals directly for their misconduct rather than only where they are proven to have participated in a firm’s wrongdoing” and that, “as with other requirements, a breach of the Conduct Standards would be subject to direct enforcement action.”

Fifth Anti-Money Laundering Directive

5AMLD requires EU Member States to implement its provisions into domestic law by 10 January 2020. Ireland did not meet this deadline, and 5AMLD has not yet been implemented into Irish law. On 8 September 2020, the Irish Government published draft legislation that seeks to transpose 5AMLD into Irish law by amending the CJA 2010 (2020 Bill).

As currently drafted, the 2020 Billproposes to make a number of amendments to the CJA 2010 that are of relevance to banks operating in Ireland, certain of which are set out below.

Beneficial ownership verification

The 2020 Bill seeks to introduce requirements for designated persons (which includes banks) to verify the beneficial ownership of customers that are subject to beneficial ownership disclosure requirements.

Enhanced customer due diligence

The 2020 Bill provides elaboration on designated persons’ enhanced customer due diligence obligations in respect of customers in high-risk non-EEA jurisdictions.

Designated persons must obtain additional information on the customer and beneficial owner (including source of funds and source of wealth), the intended nature of the business relationship and reasons for the intended or performed transactions. Senior management approval is also required for establishing or continuing the business relationship, and designated persons must conduct enhanced monitoring of the business relationship by increasing the number and timing of controls applied and selecting patterns of transactions that need further examination.

Politically exposed persons

The 2020 Bill requires designated persons to monitor any politically exposed person (PEP) “for as long as is reasonably required to take into account the continuing risk posed by that person and until such time as that person is deemed to pose no further risk specific to politically exposed persons.”

The 2020 Bill also expands the definition of a PEP to include “any individual performing a prescribed function.” The 2020 Bill allows for the Irish Government to issue guidelines to the relevant authorities, to which those authorities must have regard in respect of functions in the State that may be considered to be prominent public functions.

Correspondent banking relationship

The 2020 Bill modifies the restrictions on financial institutions entering into correspondent relationships with non-EEA financial institutions, subject to certain requirements being met, to apply to correspondent relationships “involving the execution of payments.”


CRD V and the CRR II were published in June 2019 and form part of the banking reform package proposed by the EU Commission in November 2016.

CRD V must be transposed into Irish law by 28 December 2020, and has staggered implementation dates: certain provisions are to be applied from 28 December 2020, 28 June 2021 and 1 January 2022 respectively. While CRD V has amended CRD IV, Ireland has not yet amended the CRD IV Regulations to implement CRD V into Irish domestic law.

The CRR II substantially amends the CRR and also amends the European Markets Infrastructure Regulation (648/2012/EU). The majority of the provisions of the CRR II are applicable from 28 June 2021, with certain provisions applicable both before and after that date. CRD V and the CRR II mandate that, as part of their implementation, the EBA is to develop certain implementing and regulatory technical standards and guidelines.

The CRR II introduces two new categories of institutions – "large institutions" and "small and non-complex institutions" – and sets out criteria for determining these categories. Certain flexibility in respect of the provisions that apply to various categories of institutions is included in the CRR II, to ensure that the relevant requirements are applied in a more proportionate way.

CRD V and the CRR II implement various international prudential standards in the EU agreed as part of the Basel III package, including on areas such as the leverage ratio, net stable funding ratio, TLAC and large exposures. CRD V and the CRR II also introduce EU-specific amendments that are not driven by Basel III or other international standards, including on topics such as encouraging lending to small and medium enterprises, remuneration and information sharing between competent authorities for AML supervision purposes.

The CRD V amendments to the CRD IV remuneration provisions include additional requirements relating to gender-neutral remuneration. CRD V amends CRD IV to include a definition of gender-neutral remuneration policy as "a remuneration policy based on equal pay for male and female workers for equal work or work of equal value."


In addition to the introduction of CRD V, as a further element of the EU banking reform package, BRRD will be amended by BRRD II, which entered into force on 27 June 2019 and must be transposed into Member State law by 28 December 2020.

The SRM Regulation will also be amended by Regulation (EU) 2019/877 (SRM Regulation II), which will apply from 28 December 2020.

Certain transitional periods will apply in relation to specific requirements relating to the application of the revised requirements introduced by these changes. The deadline for in-scope banks to comply with the revised MREL requirements is 1 January 2024, although certain requirements for G-SIIs and "top-tier" banks will be introduced earlier, on 1 January 2022.

Under BRRD II, the MREL requirement (see 8.1 Capital, Liquidity and Related Risk Control Requirements) will be substantially revised in order to reflect the FSB's standard relating to TLAC. The SRM Regulation II amends the SRM Regulation for the same purpose. The CRR II will also amend the CRR to adopt the TLAC.

In addition, BRRD II introduces new requirements around resolution planning on a "resolution group" and "resolution entity" basis, and introduces additional powers for resolution authorities, including a moratorium power for bank liabilities.

Other changes include amendments to Article 55 of BRRD, which requires certain contracts to include a provision recognising the bail-in powers under BRRD and the introduction of the contractual recognition of resolution stay powers. The resolution toolkit for resolution authorities is also extended to include a moratorium tool.


The Exchange
George's Dock
Dublin 1

+353 1 470 6600

+353 1 470 6601
Author Business Card

Law and Practice in Ireland


Walkers is a leading international law firm that provides legal, corporate, fiduciary and compliance services to global corporations, financial institutions, capital markets participants and investment fund managers. Walkers has 119 partners and 921 staff, and clients include Fortune 100 and FTSE 100 companies, as well as many of the most innovative global financial services firms. Walkers Ireland's dedicated Financial Regulatory Group consists of two partners, one of counsel and two associates. The Group advises financial institutions on all aspects of financial regulation and data privacy, including recently advising on the establishment of a new Irish bank under the EU Single Supervisory Mechanism. Walkers Ireland's tax, employment, insolvency, litigation and corporate teams complement practice areas including regulatory, asset finance, funds and capital markets finance. Walkers delivers clear and practical advice on the laws of Bermuda, the British Virgin Islands, the Cayman Islands, Guernsey, Jersey and Ireland from ten global offices.