7 October 2025
A spotlight on payments and financial crime
CBI Regulatory and Supervisory Outlook
Earlier this year the Central Bank of Ireland (CBI) published their Regulatory & Supervisory Outlook Report for 2025 (Supervisory Outlook), which emphasised the increase in financial crime and its associated risks across the financial system.
According to the Supervisory Outlook, the most common forms of financial crime in Ireland continue to be fraud and the money laundering, but methods to perpetrate financial crime have increased in sophistication. The CBI noted that these methods now include imitation of financial platforms, retailers, investment firms and individuals by criminals, inducing unwitting consumers into an interaction, resulting in loss to the consumer. Current trends highlighted by FraudSMART (a fraud awareness initiative led by Banking & Payments Federation Ireland) include:
- new type of phone scam where bad actors claim to be from your bank, ‘alerting’ you to a suspicious transaction and requesting remote access to your laptop or desktop computer in order to cancel it;
- sophisticated and convincing text messages, emails, phone calls or online content purporting to be from a consumer's bank or soliciting confidential information; and
- email related scams targeting small and medium enterprises involving invoice redirection and CEO impersonation scams at a cost to the sector in excess of EUR17 million.
|
|
% Growth |
Period |
Value |
|---|---|---|---|
|
Card payments |
17% | 2023/2024 | EUR613 billion |
|
Fraud |
26% | 2022/2023 | EUR126 billion |
These figures demonstrate that the growth in value of fraud is outstripping the rate of growth in value of card payments.
Shortcomings
The CBI attributes the prevalence of financial crime to:- firms not fully understanding financial crime risk, and, in particular, the inherent risk posed by the nature, volume and international reach of Payments and E-Money services;
- the absence of effective risk-based financial frameworks; and
- the convergence of financial crime risk with other key risks (detailed below).
There has been rapid growth in the Payments and E-Money sector in Ireland, with increased volumes of cross-border financial transactions and expanded use of digital payments. This growth brings opportunities for business and innovation; however it also creates opportunities for bad actors, who take advantage of the lax controls that can accompany fast-paced technological change.
Other Key Risks
Other key risks identified in the Payments and E-Money sector include:
- Safeguarding of user funds – the CBI cited firms having ineffective control frameworks and concentration risk (due to a limited number of banks offering safeguarded accounts) as factors driving this risk;
- Culture, governance and risk management – the CBI highlighted that growth often exceeds the development of these capabilities, and sufficient authority and independence is required for risk management functions to be effective;
- Operational risks and resilience – the CBI state that growth outpacing operational infrastructure and controls is resulting in increased reliance on third party providers (including intra-group), which lack appropriate controls and effective oversight;
- Financial risk and resilience – the CBI comment that the uncertain macro-economic and geopolitical environment continues to challenge this sector.
Recent enforcement action
A recent example of enforcement in this area was the matter of BlueSnap Payment Services Ireland Limited, a payment institution which was investigated by the CBI for the following safeguarding failures:
- failing to deposit customer funds in an appropriate safeguarding account;
- processing customer funds from other Blue Snap entities through Irish safeguarding accounts (mixing customer and other funds); and
- delaying informing the CBI after Blue Snap became aware that safeguarding measures were not being followed.
Next Steps
The risks posed by financial crime have informed the CBI's regulatory and supervisory outlook for 2025, and resulted in the following actions:
- running awareness campaigns, empowering consumers and increasing CBI engagement with the public to help consumers avoid scams;
- using the Innovation Sandbox Programme 2025 to develop solutions to financial crime; and
- a review of the CBI's sector and entity-based approach to risk identification and supervision.
Conclusion
To prioritise the combat of fraud in the financial system, the CBI continues to work with law enforcement, other State agencies and peer regulators to lead criminal investigations and prosecutions. European efforts to combat financial crime will be strengthened by the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA). The AMLA will aim to ensure the correct and consistent application of EU rules, enhance supervision within the EU and improve coordination and co-operation between national authorities and financial intelligence units.
However, Payment Institutions, E-Money Institutions and all other financial service providers facilitating payments will continue to play a fundamental role in maintaining the integrity of the wider financial ecosystem. These institutions will remain responsible for addressing the risks noted by the CBI and proactively identifying and mitigating vulnerabilities.
Please reach out to our Financial Services Regulatory team if you have any questions or we can assist you in reviewing your risk management, compliance framework or operational policies and procedures.