- within Consumer Protection topic(s)
- in Australia
- within Consumer Protection, Corporate/Commercial Law, Government and Public Sector topic(s)
Background
On 24 March 2025, the Central Bank of Ireland (Central Bank) published a newly revised Consumer Protection Code (Revised Code) following a public consultation process.
The Revised Code will be fully operational from 24 March 2026 and will replace the existing Consumer Protection Code 2012.
Structure of the Revised Code
The Revised Code comprises:
- Central Bank Reform Act 2010 (Section 17A) (Standards For Business) Regulations 2025 (Standards for Business Regulations); and
- Central Bank (Supervision and Enforcement) Act 2013 (Section 48) (Consumer Protection) Regulations 2025 (Consumer Protection Regulations).
Standards for Business Regulations
The Standards for Business Regulations set out governance, resource and risk management requirements as well as the applicable conduct standards which must be complied with by in-scope firms. Additional detail on those obligations is set out in the Supporting Standards for Business as set out in Part 3 of the Standards for Business Regulations.
The Standards for Business Regulations apply to Irish financial services providers authorised, registered or licensed by the Central Bank and EEA financial services providers providing regulated services in Ireland. However, they do not apply to firms providing MiFID services1, credit unions2, crowdfunding service providers or any reinsurance businesses. They also do not apply to services provided to persons outside of Ireland.
Those standards relating to securing customer interests and implementing arrangements to protect customers against financial abuse only apply to the extent that the relevant firm is providing services to "consumers" within the meaning of the Revised Code which includes individuals and small businesses (Consumers).
Consumer Protection Regulations
The Consumer Protection Regulations set out cross-sectoral requirements applying across all sectors which include for example requirements relating to digitalisation, informing effectively, advertising and complaints resolution.
They also set out sector-specific requirements applying to the provision of consumer banking, credit and arrears, insurance and investments.
The Consumer Protection Regulations apply to Irish financial services providers authorised, registered or licensed by the Central Bank and EEA financial services providers when providing regulated services in Ireland on a branch or cross-border basis.
In addition, the Consumer Protection Regulations do not apply to firms providing MiFID services3, reinsurance businesses and credit unions4 or to services provided by regulated entities to persons outside of Ireland.
Importantly, these requirements only apply to firms in respect of business conducted with Consumers.
Supplementary Guidance
In addition, the Central Bank has published guidance to support firms in implementing the requirements contained in the Revised Code, including:
- General Guidance on the Consumer Protection Code, which incorporates and updates the existing guidance and includes new guidance on the changes under the Revised Code;
- Guidance on Securing Customers' Interests Guidance, which outlines the Central Bank's expectations of firms in meeting their obligations under the Standards for Business Regulations to secure customers' interests; and
- Guidance on Protecting Consumers in Vulnerable Circumstances, which sets out the approach adopted in respect of vulnerability under the revised Code, as well as the Central Bank's expectations of firms in this regard.
The Central Bank has advised that these documents should be considered in conjunction with its Guide to Consumer Protection Risk Assessment which sets out the requirements for in-scope firms in implementing or enhancing their frameworks for managing risks to Consumers.
What is Next
As the Revised Code will not be operational until March 2026, in-scope firms will have a 12-month period in which to prepare for the implementation of the new regime. The existing Consumer Protection Code 2012 will remain effective in the interim period.
Footnotes
1.With the exception of those firms which are regulated by the Central Bank but which are not subject to the Irish MiFID framework on the basis that they fall within the scope of an available exemption.
2. Save when such credit unions are acting as insurance intermediaries.
3. With the exception of those firms which are regulated by the Central Bank but which are not subject to the Irish MiFID framework on the basis that they fall within the scope of an available exemption.
4. Save when such credit unions are acting as insurance intermediaries.
Originally published 26 March 2025
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
