ARTICLE
11 September 2025

FIG Top 5 At 5 - 21/08/2025

M
Matheson

Contributor

Matheson logo
Established in 1825 in Dublin, Ireland and with offices in Cork, London, New York, Palo Alto and San Francisco, more than 700 people work across Matheson’s six offices, including 96 partners and tax principals and over 470 legal and tax professionals. Matheson services the legal needs of internationally focused companies and financial institutions doing business in and from Ireland. Our clients include over half of the world’s 50 largest banks, 6 of the world’s 10 largest asset managers, 7 of the top 10 global technology brands and we have advised the majority of the Fortune 100.
Explore Firm Details
On 14 August 2025, the Central Bank of Ireland ("Central Bank") published the feedback statement ("Statement") on its December 2024 consultation ("Consultation") on proposed changes...
Ireland Finance and Banking
Darren Maher,Gráinne Callanan,Joe Beashel
+5 Authors
 Your Author LinkedIn Connections

1. Central Bank publishes feedback statement on proposed changes to the credit union lending regulations

On 14 August 2025, the Central Bank of Ireland ("Central Bank") published the feedback statement ("Statement") on its December 2024 consultation ("Consultation") on proposed changes to the Credit Union Lending Regulations ("Regulations").

Following a review of credit union sector lending, and the subsequent publication of a report on credit union lending in December 2024, the Central Bank considered that targeted changes to the lending framework were required to ensure its ongoing appropriateness together with providing flexibility for credit unions wishing to engage in business and house lending. The Consultation, which closed for submissions on 11 February 2025, set out these matters in detail.

Proposals

In the Consultation, the Central Bank proposed the following changes:

  • decouple the concentration limits for house and business lending to prescribe new separate concentration limits;
  • remove tiering such that all credit unions regardless of asset size may avail of the same concentration limits; and
  • adjust the lending capacity available to all credit unions for house and business lending, within the new concentration limits, as follows:
    • house lending – 30% of total assets; and
    • business lending – 10% of total assets.

Final Changes to the Regulations

The final changes made by the Central Bank, having taken feedback to the Consultation into account, are as follows:

  • the existing combined concentration limits for house and business lending will be uncoupled;
  • tiering will be removed with the effect that all credit unions will be able to use the same concentration limits;
  • as regards the lending capacity available to credit unions, the following applies:
    • house lending is at 30% of total assets – within this there is an inner 2.5% of total assets limit for non-principal private residence lending. Also, the definition of "house loan" will be amended to include loans for other residences and, in light of this expansion of the definition, clarification that loans to approved housing bodies will not come within the meaning of "house loan". Additionally, the property must be in the State; and
    • business lending limits have been increased from the proposed 10% of total assets to 15% of total assets;
  • as regards lending practices for specified categories of lending, regulation 16 of the Regulations will be removed with clear new guidance on reporting to the board of directors on the performance of loans to be developed and included in the Lending Chapter of the Credit Union Handbook;
  • the reporting requirements within the related parties lending regulations set out in Regulations 20(2) and Regulation 21(1) of the Regulations will be removed. The Central Bank will develop and include guidance on board reporting on related parties lending (including on related parties exempt exposures) in the Lending Chapter of the Credit Union Handbook; and
  • as regards the exempt exposures threshold for related parties lending, this will be increased from €2,000 to €10,000.

The draft amending regulations are set out in Appendix 1 to the Statement.

Consumer Protection

The Statement specially references consumer protection and the Central Bank expects credit unions to adopt a consumer focused culture, highlighting the following:

  • members should be treated fairly and sympathetically, with the objective of assisting the member to meet their lending obligations;
  • changes to the lending regulations must be accompanied by enhanced consumer protections for credit union members. In that regard, the Central Bank has stated that it intends to undertake further engagement with the sector on the extension of the revised Consumer Protection Code (including the Code of Conduct on Mortgage Arrears) to credit unions to ensure that credit union members are afforded the same protections as other consumers of financial services.

In a separate press release, the Minister for Finance, Paschal Donohoe TD and Minister of State with responsibility for Financial Services, Credit Unions, and Insurance, Robert Troy TD, welcomed the publication of the Statement.

Next Steps

The Statement emphasises that the Central Bank considers that the broad regulatory framework for credit unions is now stable and appropriate and encourages credit unions to focus on the prudent growth of their loan books.

Welcoming the publication of the Statement, Mary-Elizabeth McMunn, Deputy Governor, Financial Regulation at the Central Bank, stated:

"While considerable capacity remained for further lending within the previous lending limits, the updated framework aims to allow credit unions the ability to sustainably develop into the future – within the appropriate guardrails the limits provide and in the long term interests of their members...To address current and future challenges, credit unions must now take the opportunities provided to them in the regulatory framework so that they can continue to play their important role in delivering for their members, communities and the financial sector."

The amending regulations are expected to be commenced by the end of Q3 2025.

2. Central Bank publishes FAQs on interplay between MiCA and PSD2

On 28 July 2025, the Central Bank of Ireland ("Central Bank") published an FAQ document ("FAQ") on the interplay between the regulation on markets in crypto assets ("MiCA") and the second payment services directive ("PSD2").

The FAQ comes on foot of the publication of the European Banking Authority's ("EBA") "no action letter" ("Letter") on the overlap between PSD2 and MiCA on 10 June 2025 – for more information, see FIG Top 5 at 5 dated 12 June 2025.

Amongst other matters, the EBA's Letter provided advice to national competent authorities ("NCAs") in respect of the intervening period of two to three years during which PSD2 still applies until the application date of the future PSR and the transposition date of the future PSD3.

The FAQ sets out that the Central Bank will implement all the recommendations in the EBA's Letter, including the adoption of a streamlined approach to crypto asset service providers ("CASPs") that are seeking a payment institution authorisation.

Some of the matter covered by the FAQ are as follows:

  • the timeframe for firms for engaging with the Central Bank, stating that this should be done as soon as a decision is made that payment institution authorisation will be sought or a partnership arrangement will be entered into;
  • the fact that the Central Bank has produced a specific shorter-form application form for CASPs seeking a payment institution authorisation in order to conduct the electronic money token ("EMT") activities specified in the EBA's letter;
  • the documentation to be submitted by CASPs seeking a payment institution authorisation, highlighting that the payment institution application is confined only to the EMT activities specified in the EBA's letter;
  • whether CASPs seeking a payment institution authorisation will be required to provide additional capital / own funds in respect of the activities giving rise to the payment institution authorisation;
  • whether "dual hatting" of roles across the CASP and payment institution activities will be permitted, highlighting that the Central Bank will take a pragmatic approach on the basis that there will be a single legal entity holding both licences and that the pre-approval controlled function role holders have the expertise, knowledge, experience and capacity to undertake both the CASP and EMT activities. However, this will be assessed on as case by case basis;
  • the fact that payment institution authorisations issued in this context will include a condition which will restrict CASPs to the EMT activities specified in the EBA's Letter which the firm intends to undertake;
  • the supervision of firms with a dual CASP and payment institution authorisation; and
  • CASPs proposing to enter into partnership arrangements rather than seeking a payment institution authorisation in order to provide the EMT activities specified in the EBA's Letter.

3. Single Rulebook Q&As on DORA are updated

On 8 and 14 August 2025, the single rulebook Q&As on the digital operational resilience act ("DORA") were updated on the European Banking Authority's ("EBA) website.

The updated Q&As are as follows:

  • Question 2025_7388 deals with the obligation to maintain a register of information ("RoI") for financial entities which are exempt under article 16 of DORA;
  • Question 2024_7089 addresses the identification of ICT service providers in the context of any obligation to record ICT subcontractors of non-ICT service providers in the RoI;
  • Question DORA 187-3199 deals with out of scope financial entities, for example, whether a micro or SME insurance intermediary can be considered as an ICT third party provider if they provide ICT services that are described in Annex III of the ITS on RoI, to an in scope financial entity, such as an insurer;
  • Question DORA 188-3200 addressing the definition of appropriate information security standards and highest quality information security standards referred to in article 28(5) of DORA; and
  • Question 2025_7309 explores whether article 28(3) of DORA requires a separate and specific communication, in addition to the RoI, or whether the submission of the RoI is sufficient for the purposes of article 28(3).

4. EIOPA publishes opinion on AI governance and risk management

On 6 August 2025, the European Insurance and Occupational Pensions Authority ("EIOPA") published an opinion ("Opinion") on AI governance and risk management.

The Opinion highlights the application of the EU AI Act ("AI Act"), as of July 2024, and recognises the opportunities offered by AI to the insurance sector in terms of matters such as combatting fraud and the automation and efficiency as regards claims handling.

Referencing that the use of AI systems for risk assessment and pricing in relation to natural persons in the case of life and health insurance is identified as high risk by the AI Act, the Opinion clarifies that it is concerned with the remaining AI systems in insurance that are not prohibited AI practices and that are not considered to be high-risk.

Accordingly, the Opinion aims to provide clarity on the main principles and requirements foreseen in the insurance sectoral legislation that should be considered in relation to those insurance AI systems that are not considered as prohibited AI practices or high-risk under the AI Act.

Basis and Application

The Opinion is based on the following pieces of legislation:

  • articles 17, 20 and 25 of the Insurance Distribution Directive;
  • articles 41, 46 and 82 of Solvency II; and
  • articles 4, 5, 6, 7 and 11 of DORA.

The Opinion is addressed to competent authorities and covers the activities of insurance undertakings and intermediaries regarding their use of AI systems in the insurance value chain.

Content

The Opinion provides guidance on the interpretation of the various provisions of the existing insurance sectoral legislation in the context of AI systems which were either non-existent or not widely used when that legislation was approved.

Additionally, the Opinion contains high-level supervisory expectations regarding governance and risk-management systems that undertakings should develop, following a risk based and proportionate approach, to ensure the responsible use of AI systems. In that regard, the Opinion sets out the following areas that should be considered by undertakings:

  • fairness and ethics;
  • data governance;
  • documentation and record keeping;
  • transparency and explainability;
  • human oversight; and
  • accuracy, robustness and cyber security.

The Opinion emphasises that responsible use of AI systems is achieved by combining different risk management measures, as set out in the forgoing list.

Annex

There is an annex to the Opinion, which provides practical examples of impact assessment indicators, record-keeping and fairness metrics.

Next Steps

EIOPA has stated that, based on the proposed AI governance framework in the Opinion, it will develop more detailed analysis on specific AI systems or issues stemming from the use of AI systems in insurance, providing further guidance as appropriate.

Further, EIOPA will examine supervisory practices of competent authorities, in the context of an evaluation of supervisory convergence, two years after publication of the Opinion.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Darren Maher
Darren Maher
Photo of Gráinne Callanan
Gráinne Callanan
Photo of Elaine Long
Elaine Long
Photo of Joe Beashel
Joe Beashel
Photo of Caroline Kearns
Caroline Kearns
Photo of Niamh Mulholland
Niamh Mulholland
Photo of Ian O'Mara
Ian O'Mara
Photo of Claire Scannell
Claire Scannell
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More