Part IIIC of the Central Bank Act 1942, as amended (the Act), provides the Central Bank of Ireland (Central Bank) with the power to administer sanctions in respect of prescribed contraventions by regulated financial service providers and by persons presently or formerly concerned in their management who have participated in the prescribed contravention.
Enforcement/Sanctions Regime
The Act provides that if the Central Bank suspects on reasonable grounds that a regulated entity or individual is committing or has committed a prescribed contravention, it may enter into a settlement agreement with the regulated entity or individual to resolve the matter. Failing this the Central Bank may refer the matter to an Inquiry pursuant to Part IIIC of the Act. Following an investigation, the Central Bank can then impose a number of sanctions ranging from a reprimand to a monetary penalty which varies depending on the severity of the contravention.
Key Themes
The overriding themes are as follows:
- Since 1 January 2016, the CBI has concluded 51 settlement agreements with regulated entities/individuals, resulting in the payment of almost €159m in fines
- Seven of the 51 settlement agreements were in respect of individuals (the rest being in respect of firms)
- Retail banks with predominantly consumer type customers attract the biggest fines
- Of the top ten biggest fines since 2016, six related to the handling of tracker mortgages
- Governance failures in firms providing services predominantly to consumers, attract significant penalties
- Breaches of the consumer protection code generally attract penalties
Top Ten Fines Imposed
| Fine | Date | Firm | Firm Type | Issue Identified by the Central Bank | |
| 1. | €83,300,000 | 22 June 2022 | Allied Irish Banks p.l.c. | Banking | Serious failings in the treatment of Tracker Customers |
| 2. | €37,774,520 | 25 March 2021 | Ulster Bank Ireland DAC | Banking | Serious failings in the treatment of Tracker Customers |
| 3. | €24,500,000 | 30 November 2021 | The Governor and Company of the Bank of Ireland | Banking | Failure to have a robust framework in place to ensure continuity of service for the Firm and its customers in the event of a significant IT disruption |
| 4. | €21,000,000 |
30 May 2019 | Permanent TSB plc | Banking | Serious failings in the treatment of Tracker Customers |
| 5. | €18,314,000 | 22 September 2020 | KBC Bank Ireland PLC | Banking | Serious failings in the treatment of Tracker Customers |
| 6. | €10,780,000 | 22 March 2022 | BNY Mellon Fund Services (Ireland) DAC | Fund Management | 16 regulatory breaches due to BNY Mellon Fund Services (Ireland) DAC’s failure: (1) to have in place an adequate outsourcing governance framework; (2) to comply with its regulatory obligations in respect of outsourcing; and (3) to engage openly and transparently with the Central Bank once breaches of its regulatory obligations were identified |
| 7. | €5,880,000 | 3 July 2019 | Wells Fargo International Unlimited Company | Banking | Serious failings in its regulatory reporting capability and compliance |
| 8. | €4,600,000 | 5 March 2020 | Ulster Bank Ireland DAC | Banking | Failings relating to regulatory returns that were required under the Mortgage Arrears Resolution Targets (MART) Framework |
| 9. | €4,500,000 | 24 November 2016 | Springboard Mortgages Limited trading as Springboard Mortgages | Banking | Serious failings in the treatment of Tracker Customers |
| 10. | €4,130,000 | 02 March 2021 | J&E Davy | Stockbroking | Four breaches of the European Communities (Markets in Financial Instruments) Regulations 2007 (the MiFID Regulations) that occurred over different intervals between July 2014 and May 2016 |
The (Re)Insurance Context
While the fines listed above evidence a stringent application of the Central Bank’s administrative sanctions regime, the impact on Insurers and Reinsurers has been minimal. The Banking sector was subject to most of the fines imposed by the Central Bank as five of the ten largest fines related to failings in the treatment of tracker mortgage customers.
Since the beginning of 2016 there have been twelve instances of settlement agreements relating to (Re)Insurers. Relative to credit institutions and other areas of the financial services sector, the number of insurance and reinsurance undertakings which have been sanctioned under the regime has been less severe and include the following:
| Fine | Date | Firm | Issue Identified by the Central Bank | |
| 1. | €8,400 | 1 March 2022 |
Insure4Less Teoranta t/a Kerry Insurance Group |
Three breaches of fitness and probity obligations by making PCF appointments without Central Bank approval under the Central Bank Reform Act 2010 on 1 March 2022 |
| 2. | €41,385 | 28 January 2021 |
Keystone Insurance Limited |
Six administrative breaches including overcharging 62 customers from April 2012 to December 2017 |
| 3. | N/A | July 2020 |
Mr Kevin Lunney (Quinn Insurance Limited) |
Former director of Quinn Insurance Limited (Under Administration) for participation in a suspected breach of Regulation 10(3) of the European Communities (Non-Life Insurance) Framework Regulations 1994 (S.I. 359/1994) by QIL. |
| 4. | N/A | December 2019 |
Mr Liam McCaffrey (Quinn Insurance Limited) |
Former director of Quinn Insurance Limited (Under Administration) for participation in a suspected breach of Regulation 10(3) of the European Communities (Non-Life Insurance) Framework Regulations 1994 (S.I. 359/1994) by QIL. |
| 5. | €70,000 fine and Disqualification from being a person concerned in the management of a regulated financial service provider for a period of 8 years 4 months | 9 June 2020 |
Mr Rory O’Connor (RSA Ireland Insurance Limited) |
Failure to maintain sufficient technical reserves from February 2010 to 30 September 2013 |
| 6. | €3,500,000 | 20 December 2018 | RSA Insurance Ireland DAC |
Failure to establish and maintain Technical Reserves in respect of all underwriting liabilities assumed by it Failure to have administrative and accounting procedures and internal control mechanisms which are sound and adequate Failure to have robust governance arrangements |
| 7. | €1,540,000 | 16 August 2018 | PartnerRe Ireland Insurance DAC and Partner Reinsurance Europe SE | Three breaches in respect of the: European Union (Insurance and Reinsurance) Regulations 2015, Commission Delegated Regulation (EU) 2015/35 of 10 October 2014 supplementing Directive 2009/138/EC of the European Parliament and of the Council on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (the Solvency II Delegated Regulations) and Corporate Governance Requirements for Insurance Undertakings 2015 (the Corporate Governance Requirements) |
| 8. | €1,470 | 04 December 2017 |
Albert Reilly t/a Albert Reilly Insurance and Financial Consultants |
Breaches of the European Communities (Insurance Mediation) Regulations 2005 by failing hold professional indemnity insurance from 31 May 2007 to 31 October 2015 and the Handbook of Prudential Requirements for Investment Intermediaries by failing to hold professional indemnity insurance from 1 October 2014 to 31 October 2015. |
| 9. | €1,000,000 | 23 November 2017 |
Intesa Sanpaolo Life DAC |
Four breaches of the Criminal Justice (Money Laundering & Terrorist Financing) Act, 2010 |
| 10. | €675,000 | 26 July 2016 |
AXA Insurance Limited |
Breaches of the Minimum Competency Requirements 2006, the Minimum Competency Code 2011 and the Consumer Protection Code 2012 |
| 11. | €650,000 | 13 July 2016 |
New Ireland Assurance Company plc |
Two breaches of the Consumer Protection Code 2012 |
| 12. | €275,000 | 15 March 2016 |
Arch Reinsurance Europe Underwriting DAC | Breaches of the Corporate Governance Code for Credit Institutions and Insurance Undertakings 2010 |
Core Failings leading to Sanctions for (Re)Insurers
In terms of fines and reputational damage, breaches of the Fitness & Probity regime and of the Consumer Protection Code can be the most detrimental to (re)insurance firms. In particular, breaches of the Fitness & Probity regime can provide the greatest scope for reputational damage for firms and for the Pre-Approved Control Function holders (PCFs) implicated. Although the financial sanctions are less severe(when compared to the banks), the consequential adverse effects on a firm’s day to day business in terms of reputational damage can be significant. Additionally the costs of upgrading a (re)insurer’s systems and controls and undertaking other measures such as an RMP can be costly.
Likewise, breaches of the Consumer Protection Code (CPC) or Corporate Governance Code, particularly where consumers are directly affected, are likely to attract Central Bank fines. This emphasises the importance of maintaining viable governance frameworks, ensuring compliance with the CPC and, for retail businesses, placing consumer protection at the forefront of decision making in order to avoid committing a sanctionable offence. This was highlighted in the Press Release of the most recent and most costly sanction to date which was imposed upon Allied Irish Banks p.l.c. where it was noted,
“The Central Bank expects firms to place the Consumer Protection Code at the forefront when making decisions which impact customers and that where failings are identified that firms engage with their customers, and act swiftly and thoroughly to address any failings.”
Next Steps
The current sanctions regime places an increased emphasis on the responsibilities of individuals and bodies corporate in taking a proactive approach when engaging with the Central Bank. A failure to do so can act as an aggravating factor during the assessment phase and such inaction could prove costly. This has been evidenced by a number of the larger fines that have been imposed.
Further William Fry coverage on the matter can be accessed here and here. Likewise, the incoming Individual Accountability and SEAR framework highlights the necessity of early and forthright engagement with the Central Bank. Further information on SEAR and the Individual Accountability Framework is available here.
Contributed by Frank Hanly
