European Supervisory Authority Guidelines

ESMA Guidelines on MiFID II Product Governance Requirements ... on Product Oversight and Governance Arrangements for Retail Banking Products (Guidelines) ... Home Regulation ConsumerProtection EuropeanSupervisoryAuthorityGuidelines EuropeanSupervisoryAuthorityGuidelines,Recommendations&Opinions EuropeanBankingAuthority TheEuropeanBankingAuthority(EBA)publishesalistofitsconsumerprotectionandfinancialinnovationrelatedTechnicalStandards,Guidelines,Recommendations,Opinions,Reports,andotherpublicationshere. EuropeanInsuranceandOccupationalPensionsAuthority TheEuropeanInsuranceandOccupationalPensionsAuthority(EIOPA)publishesitsconsumerprotectionandfinancialinnovationrelatedGuidelinesandotherpublicationshere EuropeanSecuritiesandMarketsAuthority TheEuropeanSecuritiesandMarketsAuthority(ESMA)publishesitsGuidelinesandTechnicalStandardshere.ReadtheCentralBank'sMarketsUpdate. GuidelinesonCertainAspectsoftheMiFIDIISuitabilityRequirements On6November2018,ESMApublishedGuidelinesoncertainaspectsoftheMiFIDIIsuitabilityrequirements.ThepurposeoftheseguidelinesistoclarifytheapplicationofcertainaspectsoftheMiFIDIIsuitabilityrequirementsinordertoensurethecommon,uniformandconsistentapplicationofArticle25(2)ofMiFIDIIandofArticles54and55oftheMiFIDIIDelegatedRegulation.ESMAexpectstheseguidelinestopromotegreaterconvergenceintheinterpretationof,andsupervisoryapproachesto,theMiFIDIIsuitabilityrequirements,byemphasisinganumberofimportantissues,andtherebyenhancingthevalueofexistingstandards.Byhelpingtoensurethatfirmscomplywithregulatorystandards,ESMAanticipatesacorrespondingstrengtheningofinvestorprotection.TheCentralBankofIrelandcomplieswiththeseguidelinesandincorporatesthemintoitson-goingsupervisorypracticesandprocesses.Firmsareexpectedtocomplywiththeseguidelinesfrom8March2019. GuidelinesonCross-SellingPractices On11July2016,ESMApublishedGuidelinesoncross-sellingpractices.Theguidelinesapplyinrelationtocross-sellingpracticeswithinthemeaningofsubparagraph42ofArticle4(1)ofMiFIDII.Inparticular,theguidelinesapplytotheofferingofaninvestmentservicetogetherwithanotherserviceorproductaspartofapackageorasaconditionforthesameagreementorpackage.TheCentralBankofIrelandcomplieswiththeseguidelinesandincorporatesthemintoitson-goingsupervisorypracticesandprocesses.Firmsareexpectedtocomplywiththeseguidelinesfrom3January2018. ESMAGuidelinesfortheAssessmentofKnowledgeandCompetence On3January2017,ESMApublishedtheGuidelinesfortheassessmentofknowledgeandcompetence.ThepurposeoftheseguidelinesistospecifythecriteriafortheassessmentofknowledgeandcompetencerequiredunderArticle25(1)ofMiFIDII,inaccordancewithArticle25(9)ofthesameDirective.Theguidelinesapplyfrom3January2018.MiFIDfirmsandpersonsactingonbehalfofsuchfirmsarecurrentlysubjecttotheMinimumCompetencyCode2011(MCC)whencarryingoutcertainMiFIDactivities.TheMCChasbeenamendedtoreflecttheGuidelines.RegulatedfirmsandpersonsactingontheirbehalfareexpectedtocomplywiththeESMAGuidelinesfrom3January2018. ESMAGuidelinesonComplexDebtInstrumentsandStructuredDeposits On4February2016,ESMApublishedGuidelinesoncomplexdebtinstrumentsandstructureddeposits.Thepurposeoftheseguidelinesistospecifythecriteriafortheassessmentof(I)debtinstrumentsincorporatingastructurewhichmakesitdifficultfortheclienttounderstandtheriskinvolvedand(ii)structureddepositsincorporatingastructurewhichmakesitdifficultfortheclienttounderstandtheriskofreturnorthecostofexitingtheproductbeforeterm.ESMAexpectstheseguidelinestostrengtheninvestorprotectionandtopromotegreaterconvergenceintheclassificationof“complex”or“non-complex”financialinstrumentsorstructureddepositsforthepurposesoftheappropriatenesstest/execution-onlybusinessinaccordancewithArticle25(3)and25(4)ofMiFIDII.TheCentralBankofIrelandcomplieswiththeseguidelinesandincorporatesthemintoitson-goingsupervisorypracticesandprocesses.Firmsareexpectedtocomplywiththeseguidelinesfrom3January2018. ESMAGuidelinesonMiFIDIIProductGovernanceRequirements On5February2018,ESMApublishedGuidelinesonMiFIDIIproductgovernancerequirements.ThepurposeoftheseguidelinesistoprovidemoreclarityontheproductgovernanceobligationsforfirmssetoutinMiFIDII.Inparticular,theyconcernthemanufacturingordistributionofinvestmentproducts.TheCentralBankofIrelandcomplieswiththeseguidelinesandincorporatesthemintoitson-goingsupervisorypracticesandprocesses.Firmsareexpectedtocomplywiththeseguidelinesfrom3January2018. GuidelinesonCertainAspectsoftheMiFIDIIComplianceFunctionRequirements On5June2020,theEuropeanSecuritiesandMarketsAuthority(ESMA),publishedtheFinalReportontheGuidelinesoncertainaspectsoftheMiFIDIIcompliancefunctionrequirements.TheESMAGuidelinesreplacetheexistingMiFIDComplianceFunctionGuidelines.TheESMAGuidelinesareaimedathelpingfirmstoincreasetheeffectivenessofthecompliancefunction.TheESMAGuidelinesalsotakeintoaccountnewrequirementsunderMiFIDIIandtheresultsofsupervisoryactivitiesconductedbynationalcompetentauthorities(NCAs)ontheapplicationofthecompliancefunctionrequirementsinaccordancewithMiFIDIItheMiFIDIIDelegatedRegulation.TheCentralBankofIrelandcomplieswiththeseguidelinesandincorporatesthemintoitson-goingsupervisorypracticesandprocesses.Firmsareexpectedtocomplywiththeseguidelinesfrom6June2021. JointCommitteePublications GuidelinesonComplaints-HandlingfortheSecurities(ESMA)andBanking(EBA)Sectors InJune2014,theJointCommitteeGuidelinesoncomplaintshandlingforthesecuritiesandbankingsectorswerepublished.TheseGuidelinesareaddressedtocompetentauthoritiesandseekto: Clarifyexpectationsrelatingtofirms’organisationrelatingtocomplaintshandling; Provideguidanceontheprovisionofinformationtocomplainants; Provideguidanceonproceduresforrespondingtocomplaints; Harmonisethearrangementsoffirmsforthehandlingofallcomplaintstheyreceive;and Ensurethatfirms’arrangementsforcomplaintshandlingaresubjecttoaminimumlevelofsupervisoryconvergenceacrosstheEU On31July2018,therevisedGuidelinesoncomplaintshandlingforthesecuritiesandbankingsectorswerepublished.TherevisedGuidelinesextendthescopeoftheGuidelinestoauthoritiescompetentforsupervisingthenewinstitutionsundertherevisedPaymentServicesDirective(PSD2)andtheMortgageCreditDirective(MCD).Theseinstitutionsareasfollows: PaymentInitiationServiceProviders(PISPs) AccountInformationServiceProviders(AISPs) Non-creditinstitutioncreditorsunderMCD MortgageCreditIntermediaries TherevisedGuidelineswilltakeeffectfrom1May2019. EuropeanBankingAuthorityPublications EBAGuidelinesonLoanOriginationandMonitoring 30November2020  On29May2020,theEBApublisheditsGuidelinesonLoanOriginationandMonitoring (the“Guidelines”).TheEBAhasdescribedtheGuidelinesasfollows:“Theguidelinesspecifytheinternalgovernancearrangementsforgrantingandmonitoringofcreditfacilitiesthroughouttheirlifecycle.Theyintroducerequirementsforborrowers’creditworthinessassessmentandbringtogethertheEBA’sprudentialandconsumerprotectionobjectives.Theguidelinesaimtoensurethatinstitutionshaverobustandprudentstandardsforcreditrisktaking,managementandmonitoring,andthatnewlyoriginatedloansareofhighcreditquality.Theguidelinesalsoaimtoensurethattheinstitutions’practicesarealignedwithconsumerprotectionrulesandAMLrequirements.” TheGuidelinesapplytoinstitutions,asdefinedinpoint3ofArticle4(1)ofRegulation(EU)No575/2013.WhentheloanfallsunderthescopeofDirective2014/17/EU(theMortgageCreditDirective,MCD),Section5appliestocreditors,asdefinedinArticle4(2)ofthisdirective.WhentheloanfallsunderthescopeofDirective2008/48/EC(theConsumerCreditDirective,CCD),Section5appliestocreditors,asdefinedinpoint(b)ofArticle3ofthatdirective. Theexisting2015EBAGuidelinesonCreditworthinessAssessment (asrelatedtotherequirementsintheMortgageCreditDirective(Directive2014/17/EU))havebeenincorporatedintotheGuidelinesandarethusrepealedfromthedateofapplicationoftheGuidelines. TheCentralBankhasconfirmedtotheEBAitintendstocomplywiththeGuidelines.TheGuidelinesapplyfrom30June2021,withthefollowingtransitionalarrangementsalsoprovidedfor: 1) Theapplicationoftheguidelinestothealreadyexistingloansandadvancesthatrequirerenegotiationorcontractualchangeswithborrowerswillapplyfrom30June2022;and 2) Institutionswillbeallowedtoaddresspossibledatagapsandadjusttheirmonitoringframeworksandinfrastructureuntil30June2024.   Inaccordancewiththediscretionprovidedforinparagraph10oftheGuidelines,theCentralBankwillapplySections6and7toretailcreditfirms,andSection6tomoneylenders,ascreditorsthatfallwithinthescopeofDirective2014/17/EUandDirective2008/48/EUand,arenotcreditinstitutions,fromthedateofapplicationoftheGuidelines.ItisalsotheCentralBank’sexpectationthatcreditservicingfirmsauthorisedbytheCentralBankwillapplytherequirementsofSection7(Valuationofimmoveableandmovableproperty)oftheGuidelines,whenundertakingvaluationsofmovableandimmovablepropertyinthecourseofcarryingoutcreditservicingactivities. EBAGuidelinesonICTandSecurityRiskManagement 2September2020 On28December2019,theEuropeanBankingAuthority(EBA)publishedGuidelinesonICTandsecurityriskmanagementunderDirective(EU)2015/2366.TheseGuidelinesestablishrequirementsforcreditinstitutions,investmentfirmsandpaymentserviceproviders(PSPs)onthemitigationandmanagementoftheirinformationandcommunicationtechnology(ICT)andsecurityrisksandaimtoensureaconsistentandrobustapproachacrosstheSinglemarket.TheseGuidelineshavebuiltonandreplacedthoseonsecuritymeasuresforoperationalandsecurityrisks(EBAGL/2017/17),whichhavenowbeenrepealed. InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywithguidelines.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsongoingsupervisorypracticesandprocessesforPSPs.FirmsareexpectedtocomplywiththeGuidelines.TheGuidelinesareeffectivefrom30June2020. EBAGuidelinesontheConditionstoBenefitFromanExemptionFromtheContingencyMechanismUnderArticle33(6)ofRegulation(EU)2018/389(RTSonSCA&CSC) 10April2019 On4December2018,theEuropeanBankingAuthority(EBA)publishedGuidelinesontheconditionstobenefitfromanexemptionfromthecontingencymechanismunderArticle33(6)ofRegulation(EU)2018/389(RTSonSCA&CSC).TheseGuidelinesspecifytheconditionstoexemptaccountservicingpaymentserviceproviders(ASPSPs)thathaveoptedforadedicatedinterfacefromtheobligationtosetupthecontingencymechanismdescribedinArticle33(4)oftheRTSonSCA&CSC.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywithguidelines.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsongoingsupervisorypracticesandprocessesforASPSPs.TheCentralBankexpectsASPSPsseekingtoavailofanexemptionfromtherequirementtoestablishacontingencymechanismtocomplywiththeGuidelines.TheGuidelinesapplyfrom1January2019. EBAGuidelinesonAuthorisationUnderPSD2 26February2018 On11July2017,theEuropeanBankingAuthority(EBA)publishedGuidelinesontheinformationtobeprovidedfortheauthorisationofpaymentinstitutionsande-moneyinstitutionsandfortheregistrationofaccountinformationserviceprovidersunderDirective2015/2366(PSD2).TheGuidelinessetouttheinformationtobeprovidedbyapplicantsintendingtoobtainauthorisationaspaymentinstitutionsandelectronicmoneyinstitutionsaswellastoregisterasaccountinformationserviceprovidersunderPSD2.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywithguidelines.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsauthorisationprocessforpaymentinstitutionsande-moneyinstitutionsanditsregistrationprocessforaccountinformationserviceproviders.TheGuidelinesareeffectiveforapplicantfirmsfrom13January2018. EBAGuidelinesonProceduresforComplaintsofAllegedInfringementsofPSD2 26February2018 On13October2017theEuropeanBankingAuthority(EBA)publishedGuidelinesonproceduresforcomplaintsofallegedinfringementsunderDirective(EU)2015/2366(PSD2)tobefollowedbycompetentauthorities(CAs)tomonitoreffectivecompliancebypaymentserviceproviders(PSPs)underDirective(EU)2015/2366(PSD2).TheGuidelinesgoverntheprocessthroughwhichpaymentserviceusersandotherinterestedpartiescansubmitcomplaintstoCAswithregardtoallegedinfringementsofPSD2byPSPs.Inparticular,theseGuidelinesspecifytherequirementsforthechannelstobeusedbycomplainantstofiletheircomplaints,theinformationCAsshouldrequestfromcomplainantswhencomplaintsaresubmittedtothem,andtheinformationCAsshouldincludeintheirresponsestocomplaints.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesmustmakeeveryefforttocomplywithguidelines.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsProtectedDisclosuresprocedure.TheGuidelinesareeffectivefrom13January2018. EBAGuidelinesonMajorIncidentReportingUnderPSD2 26February2018 On27July2017theEuropeanBankingAuthority(EBA)publishedGuidelinesonmajorincidentreportingunderDirective(EU)2015/2366(PSD2).TheGuidelinessetoutthecriteria,thresholdsandmethodologytobeusedbypaymentserviceproviders(PSPs)todeterminewhetherornotanoperationalorsecurityincidentshouldbeconsideredmajorand,therefore,benotifiedtothecompetentauthority(CA)inthehomeMemberState.Inaddition,theseGuidelinesestablishthetemplatethatPSPswillhavetouseforthisnotificationandthereportstheyhavetosendduringthelifecycleoftheincident,includingthetimeframesforsubmittingthosereports.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywithguidelines.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsongoingsupervisorypracticesandprocessesforPSPs.FirmsareexpectedtocomplywiththeGuidelinesfromtheireffectivedateof13January2018. EBAPublishesOpinionontheTransitionFromPSD1toPSD2 TheEBAhaspublishedanOpinioninrelationtothetransitionfromthefirstPaymentServicesDirective(PSD1) totherevisedPaymentServicesDirective(PSD2)whichbecameeffective13January2018.TheEBAopinionclarifiesanumberofissuesidentifiedbymarketparticipantsandcompetentauthorities,includingwithregardtothetransitionalperiodforeseenunderPSD2,includingthetransitionalarrangementsthatapplytoaccountinformationserviceprovidersandpaymentinitiationserviceproviders. EBAGuidelinesonRemunerationPoliciesforSalesStaff 13February2017 OnDecember13th2016,theEuropeanBankingAuthority(EBA)publishedGuidelinesonremunerationpoliciesandpracticesrelatedtotheprovisionandsaleofretailbankingproductsandservices.InaccordancewithArticle16(3)ofRegulation(EU)No.1093/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeguidelines.Theguidelinesapplyfrom13January2018. Theguidelinesapplytoremunerationpaidtostaffemployedbycreditinstitutions,mortgagecreditintermediaries,retailcreditfirms,paymentinstitutions,electronicmoneyinstitutionsandcreditunionswhenprovidingdeposits,paymentaccounts,paymentservices,electronicmoney,residentialmortgages,andotherformsofcredittoconsumers. Theguidelinesincludedetailedrequirementson(1)thedesignandmonitoringofremunerationpoliciesandpractices,whichshouldtakeintoaccounttherightsandinterestsofconsumers;(2)documentation,notificationandaccessibilityoftheremunerationpoliciesandpractices;(3)approvalofandresponsibilityfortheremunerationpoliciesandpractices;andfinally(4)monitoringofcompliancewiththeguidelines. Inadditiontoexistingrequirementsonremuneration,firmsareexpectedtocomplywiththeseguidelinesbytheireffectivedate,13January2018.TheseguidelineswillbeincorporatedintotheCentralBank’son-goingsupervisorypracticesandprocesses. EBAGuidelinesonArrearsandForeclosure 29March2016 On1June2015,theEBApublishedGuidelinesonArrearsandForeclosure.TheguidelinesprovideadditionaldetailtotherequirementsinArticle28oftheMortgageCreditDirective(Directive2014/17/EUoncreditagreementsforconsumersrelatingtoresidentialimmovableproperty).InaccordancewithArticle16(3)oftheEBARegulation(Regulation(EU)no1093/2010),competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeseguidelines.Theguidelinesareeffectivefrom21March2016. TheguidelinesapplytocreditorsinIrelandthatprovidecreditthatfallswithinthescopeoftheMortgageCreditDirective,i.e.creditinstitutions,retailcreditfirmsandcreditunions. TheCentralBankofIrelandintendstocomplywiththeseguidelines,andwillincorporatethemintoitson-goingsupervisorypracticesandprocessesforthefirmsthatfallwithinthescopeoftheMortgageCreditDirectiveinIreland.Firmsareexpectedtocomplywiththeseguidelinesfrom21March2016. EBAGuidelinesonCreditworthinessAssessment 30November2020 Update:TheseGuidelineshavebeenincorporatedintotheEBAGuidelinesonLoanOriginationandMonitoringandarethusrepealedfromofthedateofapplicationoftheGuidelines(30June2021). On1June2015,theEBApublishedGuidelinesonCreditworthinessAssessment.TheguidelinesprovideadditionaldetailtotherequirementsinArticles18and20(1)oftheMortgageCreditDirective(Directive2014/17/EUoncreditagreementsforconsumersrelatingtoresidentialimmovableproperty).InaccordancewithArticle16(3)oftheEBARegulation(Regulation(EU)no1093/2010),competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeseguidelines.Theguidelinesareeffectivefrom21March2016. TheguidelinesapplytocreditorsinIrelandthatprovidecreditthatfallswithinthescopeoftheMortgageCreditDirective,i.e.creditinstitutions,retailcreditfirmsandcreditunions. TheCentralBankofIrelandintendstocomplywiththeseguidelines,andwillincorporatethemintoitson-goingsupervisorypracticesandprocessesforthefirmsthatfallwithinthescopeoftheMortgageCreditDirectiveinIreland.Firmsareexpectedtocomplywiththeseguidelinesfrom21March2016. DecisionoftheEBASpecifyingtheBenchmarkRateUnderAnnexIItoDirective2014/17/EU(MortgageCreditDirective) 22March2016 On21March2016,theEBApublisheditsdecisionspecifyingthebenchmarkrateundertheMortgageCreditDirective Incertaincircumstances,assetoutinSchedule2oftheEuropeanUnion(ConsumerMortgageCreditAgreements)Regulations2016(S.I.No.142of2016),creditorsmustusethisbenchmarkratetocalculatetheillustrativeexampleoftheAnnualPercentageRateofChargeandanillustrationofamaximuminstalmentamount.TheseillustrationsmustbeprovidedtotheconsumerintheEuropeanStandardisedInformationSheet. EBAGuidelinesonProductOversightandGovernance 9December2015 On15July2015,theEBApublishedguidelinesonProductOversightandGovernanceArrangementsforRetailBankingProducts(Guidelines)whichsetoutrequirementsformanufacturersanddistributorswhendesigningandbringingtothemarketretailbankingproductssuchasmortgages,personalloans,deposits,paymentaccounts,paymentservicesandelectronicmoney.InaccordancewithArticle16(3)ofRegulation(EU)No1093/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeguidelines. Theguidelinesaredividedintotwoparts: Thefirstpartsetsoutrequirementsformanufacturersofretailbankingproductsontheirinternalcontrolfunctions;theidentificationofthetargetmarket;producttesting;disclosure;productmonitoring,remedialactions,anddistributionchannels. Thesecondpartoftheguidelinessetsoutrequirementsforthedistributorsofretailbankingproductsontheirgovernancearrangements,theidentificationandknowledgeofthetargetmarket,andinformationrequirements. TheCentralBankofIrelandwillapplytheguidelinestoconsumersasdefinedintheguidelinesandwillnotextendthatdefinitiontoincludemicro-enterprisesandsmallandmedium-sizedenterprises. Theguidelinesapplytoallproductsbroughttothemarketaftertheimplementationdateoftheguidelinesaswellastoexistingproductsonthemarketthataresignificantlychangedaftertheimplementationdateoftheguidelines.TheCentralBankofIrelandwillnot,atthistime,extendtheapplicationoftheguidelinestoproductsthatarebroughttothemarketbeforetheimplementationdateoftheguidelines.However,thiswillnotprecludetheCentralBankofIrelandfromraisingapotentialproductoversightandgovernanceissuewitharegulatedentityregardinganexistingproductwherethereareconcernsrelatingtoactualorpotentialconsumerdetriment.TheCentralBankofIrelandwillkeepthematterofapplicationtosomeorallexistingproductsunderreview. TheCentralBankofIrelandintendstocomplywiththeguidelinesandwillincorporatethemintoitsongoingsupervisorypracticesandprocesses.TheCentralBankofIrelanddoesnot,atthispoint,proposeamendmentstothelegalframework. TheGuidelineswillapplyfrom3January2017. EBAGuidelinesontheSecurityofInternetPayments 11June2015 On19December2014,theEBApublishedGuidelinesontheSecurityofInternetPayments(Guidelines)whichsettheminimumsecurityrequirementsforPaymentServiceProviders(PSPs)intheEuropeanUnion.TheseGuidelinesseektostrengthenrequirementsforthesecurityofinternetpaymentsacrosstheEUandweredevelopedinresponsetoconcernsabouttheincreaseinfraudulentactivityrelatedtointernetpayments.InaccordancewithArticle16(3)ofRegulation(EU)No1093/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeguidelines. Amongotherthings,PSPswillberequiredtocarryoutstrongcustomerauthenticationinordertoverifythecustomeridentitybeforeproceedingwithanon-linepayment.PSPswillalsoberequiredtoprovideassistanceandguidancetotheircustomersinrelationtothesecureuseofinternetpayments.Inparticular,theywillhavetoinitiatecustomerawarenessprogrammessoastoensuretheirusersunderstandpotentialrisksandbestpracticesininternetpayments. TheCentralBankofIrelandintendstocomplywiththeguidelines,andwillincorporatethemintoitson-goingsupervisorypracticesandprocessesforPSPs.Allfirmswithinthescopeoftheseguidelinesareexpectedtocomplyfrom1August2015. EuropeanInsuranceandOccupationalPensionsAuthority EIOPAGuidelinesonInformationandCommunicationTechnologySecurityandGovernance 7June2021       On12October2020,theEuropeanInsuranceandOccupationalPensionsAuthority(“EIOPA”)publishedGuidelinesonInformationandCommunicationTechnology(ICT)SecurityandGovernance.TheseGuidelinesprovideguidanceonhowinsuranceandreinsuranceundertakings(collectively“undertakings”)shouldapplythegovernancerequirementsinthecontextofICTsecurityandgovernance.TheobjectiveoftheseGuidelinesistoprovideclarificationandtransparencytomarketparticipantsontheminimumexpectedinformationandcybersecuritycapabilities,toavoidpotentialregulatoryarbitrage,andtofostersupervisoryconvergenceregardingtheexpectationsandprocessesapplicableinrelationtoICTsecurityandgovernanceasakeytoproperICTandsecurityriskmanagement. TheseGuidelineshavebuiltontheSolvencyIIDirective(Directive2009/138/EC),theDelegatedRegulation(CommissionDelegatedRegulation(EU)No2015/356),theEIOPAGuidelinesonsystemofgovernanceandtheEIOPAGuidelinesonoutsourcingtocloudserviceproviders.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsarerequiredtomakeeveryefforttocomplywithguidelinesandrecommendations.TheCentralBankcomplieswiththeGuidelinesandhasincorporatedthemintoitsongoingsupervisorypracticesandprocesses.FirmsareexpectedtocomplywiththeGuidelines.TheGuidelinesareeffectivefromthe1July2021. EIOPAGuidelinesUndertheInsuranceDistributionDirectiveonInsurance-basedInvestmentProductsThatIncorporateaStructureWhichMakesitDifficultfortheCustomertoUnderstandtheRisksInvolved On4October2017,EIOPApublishedGuidelinesundertheInsuranceDistributionDirectiveoninsurance-basedinvestmentproducts(IBIPs)thatincorporateastructurewhichmakesitdifficultforthecustomertounderstandtherisksinvolved.TheseGuidelinesweredevelopedinlinewithArticles30(7)and(8)oftheInsuranceDistributionDirective(IDD).TheyprincipallyaddresstheissueoftheidentificationofcontractualstructuresorfeatureswhichcanmakeitdifficultforthecustomertounderstandtherisksinvolvedinanIBIP.However,theyalsoconcernanumberofotherissuesrelevanttotheassessmentofthecomplexityofIBIPs. TheIDDallowsforaderogationfromtherequirementtoassesssuitabilityorappropriatenessprovidedcertaincriteriaaremet,includingthattheproductsarenon-complex. Whereproductsaresoldonan‘execution-only’basis,theGuidelinessetoutaprocessfortheassessmentofcomplexity,i.e.,IBIPsthatincorporateastructurethatmakesitdifficultforthecustomertounderstandtherisksinvolved.  TheseGuidelinesaredividedintwosections: Thefirstsectionsetsoutrequirementsthatapplytocontractswhichonlyprovideinvestmentexposuretofinancialinstrumentsdeemednon-complexunderMiFIDII(Article30(3)(a)(i)oftheIDD). Thesecondsectionsetsoutrequirementsthatapplyto'othernon-complexinsurance-basedinvestmentproducts'(Article30(3)(a)(ii)oftheIDD). TheCentralBankofIrelandintendstocomplywiththeGuidelinesandwillincorporatethemintoitsongoingsupervisorypracticesandprocesses.TheCentralBankofIrelanddoesnot,atthispoint,proposeamendmentstothelegalframework.FirmswithinscopeareexpectedtocomplywiththeGuidelines. EIOPAPreparatoryGuidelinesonProductOversightandGovernance 29July2016 On13April2016,theEIOPApublishedpreparatoryguidelinesonProductOversightandGovernanceArrangementsbyInsuranceUndertakingsandInsuranceDistributors(Guidelines)whichsetoutrequirementsformanufacturersanddistributorswhendesigningandbringingtothemarketinsuranceproducts.InaccordancewithArticle16(3)ofRegulation(EU)No1094/2010,competentauthoritiesandfinancialinstitutionsmustmakeeveryefforttocomplywiththeguidelines. Theguidelinesaredividedintotwoparts: Thefirstpartsetsoutrequirementsformanufacturersofinsuranceproductsontheestablishmentandreviewofproductoversightandgovernancearrangements;theidentificationofthetargetmarket;skills,knowledgeandexpertise;producttesting;productmonitoring,remedialactions,anddistributionchannels. Thesecondpartoftheguidelinessetsoutrequirementsforthedistributorsofinsuranceproductsontheestablishmentandreviewofproductdistributionarrangements;obtaininginformationaboutthetargetmarket;distributionstrategy;andtheprovisionofsaleinformationtothemanufacturer. Theguidelinesapplytoallproductsbroughttothemarketaftertheimplementationdateoftheguidelinesaswellastoexistingproductsonthemarketthataresignificantlychangedaftertheimplementationdateoftheguidelines.TheCentralBankofIrelandwillnot,atthistime,extendtheapplicationoftheseguidelinestoproductsthatarebroughttothemarketbeforetheimplementationdateoftheguidelines.However,thiswillnotprecludetheCentralBankofIrelandfromraisingapotentialproductoversightandgovernanceissuewitharegulatedentityregardinganexistingproductwherethereareconcernsrelatingtoactualorpotentialconsumerdetriment.TheCentralBankofIrelandwillkeepthematterofapplicationtosomeorallexistingproductsunderreview. TheCentralBankofIrelandintendstocomplywiththeguidelinesandwillincorporatethemintoitsongoingsupervisorypracticesandprocesses.TheCentralBankofIrelanddoesnot,atthispoint,proposeamendmentstothelegalframework. TheGuidelineswillapplyfrom3January2017. InthisSection HowWeRegulate Industry&MarketSectors CentralBankofIrelandPortal COVID-19-PrudentialRegulatoryFlexibilityMeasures Anti-MoneyLaunderingandCounteringtheFinancingofTerrorism ConsumerProtection ComplianceMonitoring Legislation AdvisoryGroups CentralCreditRegister ConsumerProtectionOutlookReport ConsumerProtectionCodesandRegulations EuropeanSupervisoryAuthorityGuidelines ConsumerProtectionDirectorate-ContactUs ConsumerProtectionResearch MarketsUpdate ProtectedDisclosures&Whistleblowing UnauthorisedFirms Enforcement PSD2 CentralSecuritiesDepositoryRegulation(CSDR) OutsourcingRegisters