knowledge 13 May 2026 |

Ireland as a Location for Payment Institutions 2026

Ireland is home to a substantial number of payment institutions, some home-grown, and others drawn to Ireland by its active and growing FinTech sector.

Aside from Ireland’s position as a FinTech hub, there are several advantages to being authorised in Ireland as a payment institution, including:

a strong regulatory framework with a credible and experienced regulator, the Central Bank of Ireland (“CBI”) which promotes innovation through measures such as its Innovation Hub;
a favourable passporting regime, with the ability to operate in other EEA Member States either on a branch or a cross-border services basis;
a competitive tax regime, due to a combination of a standard 12.5% corporate tax rate for businesses with revenues less than €750 million per year and an exceptionally extensive and comprehensive set of double tax agreements; and
access to a sophisticated financial services ecosystem with a deep pool of staff, managers, professional advisers, regulators and service providers including not only native English speakers but a sizeable international population.

Regulatory Framework

Payment institutions are regulated under the revised Payment Services Directive 2015/2366 (PSD2), as transposed into Irish law by the European Union (Payment Services) Regulations 2018 (“Payment Services Regulations”), and related measures. The European Commission has proposed a new Payment Services Regulation (“PSR”) and a third Payment Services Directive (“PSD3”), which are expected to come into force in the coming years and will introduce significant changes to the regulatory framework for payment services. The PSR and PSD3 will also impact the authorisation process for new entrants seeking to enter the payments sector. The current status of the new legislation is that a final text for both were made publicly available in April 2026.

The CBI is responsible for the authorisation, prudential regulation and supervision of payment institutions in Ireland.

Passporting

A payment institution authorised in Ireland can passport to other EEA Member States on either a freedom of services or cross-border establishment basis, subject to the fulfilment of certain notification requirements. A payment institution authorised in another EEA Member State can also passport into Ireland.

A payments business established outside of the EEA can obtain passporting rights either by establishing itself or a subsidiary in Ireland (or another EEA Member State) and obtaining authorisation as a payment institution from the CBI (or the relevant national competent authority in another EEA Member State), or by acquiring an existing authorised payment institution. Where an existing authorised payment institution is acquired, engagement with the CBI will be necessary.

Authorisation Requirements

An entity that wishes to become authorised as a payment institution under Irish law must fulfil a number of requirements. In particular, applicants will be expected to show that they will have substance in Ireland, have a viable business model, be adequately capitalised, have appropriate arrangements in place to run a payment institution and comply with fitness and probity requirements. These concepts are discussed in more detail below.

Authorisation Requirements
Substance	The CBI places considerable emphasis on ensuring that the applicant’s “heart and mind” will be located in Ireland. This essentially means that the CBI will need to be satisfied that the applicant will be properly run in Ireland and that the CBI will be able to supervise it effectively. Among other things, the CBI will expect to see present in Ireland: a senior management team with strength and depth overseen and directed by a strong board with input and challenge from independent directors; and an organisation structure and reporting lines which ensure there is appropriate separation and oversight of all activities. Regarding residency, individuals who are to fulfil the applicant’s core functions should operate in Ireland, with the expectation that virtually all of the senior personnel will be permanently based here. An Irish authorised payment institution can outsource/delegate certain activities to entities in other jurisdictions. However, overall responsibility for ensuring compliance with legislative requirements must stay in Ireland. In addition, a payment institution must notify the CBI when it intends to outsource critical or important functions (or when it intends to materially alter its existing outsourcing arrangements for such functions). The CBI expects a payment institution to comply with the European Banking Authority’s (“EBA”) Guidelines on Outsourcing (available here) as well as the CBI’s Cross-Industry Guidance on Outsourcing (available here), including with specific obligations related to the outsourcing of “critical and important” functions.
Capital Requirements	A payment institution must hold initial capital of between at least €20,000 and €125,000 at a minimum, depending on the types of payment services it provides. A payment institution which provides money remittance services (payment service 6) must have a minimum initial capital of €20,000. A payment institution providing payment initiation services (payment service 7) must have a minimum initial capital of €50,000. A payment institution providing payment services 1-5 (i.e. any of the other payment services as set out in the Schedule to the Payment Services Regulations, except account information services which do not have an initial capital requirement where it is the only payment service being applied for) must have a minimum initial capital of €125,000. However, these are minimum requirements and the actual amount of initial capital required for each individual firm will be notified to the firm by the CBI as part of the authorisation process and can vary depending on the nature, scale and complexity of the applicant’s business. In most cases, the initial capital that will be required will be higher than the minimum figures set out above.
Arrangements	An applicant will need to provide detailed information to the CBI regarding how it intends to function as a payment institution, including details of its: programme of operations; business plan; structural organisation; governance arrangements, internal control mechanisms, business continuity arrangements and procedures for dealing with security incidents.
Governance and Risk Management	An applicant is required to maintain governance arrangements, control mechanisms and procedures that are proportionate and appropriate to its business. This includes having sufficient resources, staff, a risk management framework, IT policies, and data protection policies. Applicants must use the EBA’s tool for calculating the professional indemnity insurance where applicable to them. In addition, an applicant must consider the composition (both number and skills) of its board and management team, to ensure they are sufficient to conduct the applicant’s business from Ireland. The board should have an appropriate balance of executive, non-executive and independent non-executive directors (“INEDs”). The INEDs must understand the business to a sufficient degree to be able to effectively contribute and provide an independent challenge to the executive directors of the board.
Conduct and Culture	An applicant is expected to have a consumer-focused culture with robust internal systems and controls, including well developed risk management frameworks. The applicant’s approach to engagement with the CBI, such as how long the applicant takes to reply to queries raised by the CBI, will be considered when assessing the firm’s corporate culture. In addition, the applicant will be expected to show that it has considered diversity and inclusion, particularly in forming its board and how the business will assist with the fight against climate change. In relation to conduct, the applicant must comply with the Central Bank (Individual Accountability Framework) Act 2023 once authorised as a payment institution, which includes compliance by senior role holders with the Common Conduct Standards and the Additional Conduct Standards but currently not the Senior Executive Accountability Regime (SEAR). All holders of senior positions will also be subject to the CBI’s Fitness and Probity regime, discussed below.
Safeguarding	An applicant must have a safeguarding risk framework, approved by its board, which ensures that relevant client funds are appropriately identified, managed and protected on a day-to-day basis.
Business Model, Strategy and Financial Resilience	An applicant is expected to have a capital accretive business model that is viable and sustainable and considers potential firm-specific and wider market stress scenarios. The CBI expects plausible projections covering a three-year period. While an applicant may operate as part of a larger group and be reliant on group strategic decisions to inform local strategy, there must be sufficient financial (capital and liquidity) and operational (resources, IT systems etc.) capacity and capability within the firm to execute that strategy.
Operational Resilience	The CBI expects an applicant to be able to respond to, recover and learn from operational disruptions. If an applicant is part of a wider group, the CBI will expect the applicant to operate sufficiently on a stand-alone basis to ensure the primacy of the legal entity authorised in Ireland. A payment institution is subject to the European Digital Operational Resilience Act (“DORA”) regime. DORA imposes a range of reporting, testing and risk-management obligations on financial services providers, including payment institutions, to ensure a minimum standard of cyber-security throughout EU financial infrastructure.
Financial Crime	As a designated firm, a payment institution must comply with the know-your-customer / anti-money laundering (“AML”) obligations set out in the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010. An applicant must have a strong AML control framework that specifically focusses on the money laundering and terrorist financing risks arising from the applicant’s business model. Where distributors and/or agents undertake preventative AML measures and controls, such as customer due diligence (“CDD”), on behalf of a payment institution, these must be completed in line with the payment institution’s own risk assessments and AML policies and procedures. Payment institutions must also exercise adequate oversight of their agents and distributors with an appropriate level of ongoing assurance conducted.
Resolution and wind-down	An applicant is expected to have an appropriate exit/wind-down strategy which is linked to its business and operational model and that ensures the return of customer funds as soon as is reasonably practical in an exit/wind-up scenario.
Fitness and Probity	Once an application has entered the assessment phase, the applicant will also need to ensure that all relevant individuals proposed to hold a Pre-Approval Controlled Function (“PCF”) role in the applicant entity (typically board members, senior management, key function holders) complete Fitness and Probity Individual Questionnaires. The CBI has confirmed in its “Expectations for Authorisation of Payment and Electronic Money Institutions and Registration of Account Information Service Providers” document (available here) that a proposal for a person to hold three or more PCF roles will not be approved. The CBI has published “Guidance on the Specific Requirements that apply to persons seeking approval for a Pre-Approval Controlled Function role in a Payment Institution or Electronic Money Institution” (available here).

Authorisation Process

All applications for authorisation as a payment institution in Ireland must be submitted to the CBI using the following form:

Authorisation as a Payment Institution (available here) (except where the firm only intends to provide account information services in which case a different application form should be used (available here)). There is no small payment institution regime in place in Ireland.

The CBI has also published a Guidance Note on completing authorisation/registration applications under the Payment Services Regulations (available here) and provides information about the regulatory requirements for payment institutions on its website (available here). The CBI published a document setting out the Central Bank of Ireland Expectations for Authorisation of Payment and Electronic Money Institutions and Registration of Account Information Service Providers (the “CBI Expectations Document”) (available here) which notes:

“Applicant firms should ensure that all submissions are of an appropriate standard, good quality, and have obtained all necessary approvals prior to submission. Submissions should also be provided in a timely manner.”

The CBI notes that common issues during the authorisation assessment are:

inadequate preparation and application completeness;
an applicant’s inability to clearly describe the proposed business model or changing its proposed business model during the process;
applicants failing to respond to the CBI’s queries in a timely manner;
applicants failing to prepare appropriate local risk frameworks; and
issues with proposed candidates for PCF roles.

In addition to the application form, an applicant must complete:

the Anti-Money Laundering, Counter-Terrorist Financing and Financial Sanctions Pre-Authorisation Risk Evaluation Questionnaire for Payment Institution and Electronic Money Institution Applicants (available here);
Qualifying Holder Application Forms (available here) as appropriate; and
Fitness and Probity Individual Questionnaires for all PCF roles.

Further guidance on applying to the CBI for authorisation as a regulated entity is available in the CBI’s document entitled ‘Guidance on expectations for applicants seeking authorisation from the Central Bank of Ireland to operate as a regulated Firm’ (available here).

The different stages in the process to obtain authorisation as a payment institution are set out in the table below.

Application Process Stage 1: Exploratory Stage
Phase 1: Initial meeting and Key Facts Document	Bespoke pre-application meetings are scheduled with all potential applicants to provide direction on application requirements and answer any specific questions applicants may have about the application process, service standards or completing the application form. All applicants will be required to return a ‘Key Facts Document’ to the CBI at least 5 working days prior to the pre-application meeting. The Key Facts Document is required to be between 15-20 pages in length. The CBI recommends applicants take into consideration all items discussed during the pre-application meeting prior to submitting an application. The CBI will usually raise concerns it has at this point but will not provide any legal advice. At this meeting the CBI can: provide greater clarity about the assessment process and the authorisation requirements; and identify any initial issues with the proposal which, if not addressed, would preclude the application from proceeding.
Phase 2: Submitting the Application Form and Acknowledgement	When applying for authorisation, an applicant must provide certain information to the CBI, including details of its: programme of operations setting out a step-by-step description of the payment service mechanism from start to finish; business plan; structural organisation; evidence of initial capital; governance arrangements and internal control mechanisms; process for dealing with sensitive payment data; business continuity arrangements; security policy document; AML/Countering the Financing of Terrorism (“CFT”) Internal Control Mechanisms; and identity and suitability assessments for persons with qualifying holdings in the applicant and senior managers. The CBI aims to acknowledge the submission of an application within 3 working days of receipt.
Phase 3: Key Information Check and Initial Assessment	The CBI confirms that the applicant has submitted all the key information and documentation. The CBI aims to establish whether or not this is the case, generally within 10 working days of receipt of the application. The CBI also carries out an initial assessment of the application to check whether the applicant is likely to meet the CBI’s expectations. There are two possible outcomes to this initial assessment: (a) Progression: The CBI will permit the application to proceed to the assessment stage. The CBI will assign a specific case manager as the primary point of contact for the applicant at this stage. The CBI acknowledges that applicants which make “the necessary senior appointments early in the process generally submit a more complete application” and tend to be authorised more quickly; or (b) Issues have been Identified Precluding Progression: This is where the CBI is of the view that the applicant cannot progress to the assessment stage. The CBI will identify the issues, and the applicant will have the opportunity to address them. This may be via written submissions or meetings (in person or online) with the CBI.
Stage 2: Assessment Stage
Stage 2: Detailed Assessment and ‘Minded to Letter’	The CBI assesses the application against the authorisation requirements and issues initial comments to the applicant followed by subsequent comments based on its review of the applicant’s responses. Additional information and detailed assessment meetings may be requested by the CBI. There are two possible outcomes: Positive Outcome (Minded to Authorise letter): If the applicant has shown it will meet all authorisation requirements, the CBI will issue a Minded to Authorise letter which will include requirements to be addressed prior to authorisation, conditions for post-authorisation, and the proposed level of capital to be held; or Negative Outcome (Minded to Refuse letter): If the CBI is not satisfied with the application, a Minded to Refuse letter will be issued. This letter will include the reason(s) for the proposed decision and specify the period within which the applicant may make submissions in writing to the CBI before a final decision is made. In 90% of cases, the CBI will complete the assessment phase within 90 working days, although the clock will be paused in certain circumstances, including when queries are raised by the CBI on the application.
Stage 3: Authorisation Decision
Stage 3: Authorisation/Registration Decision	The CBI notifies the applicant of the outcome of the assessment process. There are two possible outcomes: Positive Outcome (Letter Granting Authorisation): Subject to the pre-authorisation requirements in the ‘Minded to Authorise’ letter having been addressed, no new adverse information coming to the CBI’s attention in the interim, and agreement from the applicant as to the proposed conditions and capital, a letter granting authorisation will be issued, and the applicant firm will then be able to commence its regulated activities; or Negative Outcome (Letter of Refusal): Where a ‘Minded to Refuse’ letter has issued, the CBI will review any submissions made by the applicant. If the CBI is still not satisfied to approve an application following the review of any submissions to a ‘Minded to Refuse’ letter, it will issue a letter of refusal. In 90% of cases, the CBI will issue the final letter within 10 business days of receipt of a satisfactory response to matters detailed in the “Minded to Authorise/Register” letter.

Following its authorisation, the payment institution must comply with its ongoing responsibilities and supervisory requirements under relevant legislation, such as its obligations:

to safeguard customers’ funds;
to comply with ongoing capital requirements;
to comply with its obligations under the Payment Services Regulations, including the implementation of Strong Customer Authentication;
to comply with the AML/CFT legislation; and
to comply with the Consumer Protection Code 2025 which consists of the Central Bank (Supervision and Enforcement) Act 2013 (Section 48) (Consumer Protection) Regulations 2025 and the Central Bank Reform Act 2010 (Section 17A) (Standards for Business) Regulations 2025.

Authorised payment institutions are expected to, among other things, act honestly, fairly and professionally.

There is currently no fee for submitting an application. Once authorised, a firm is subject to an annual Industry Funding levy, which is calculated by reference to a minimum levy (€5,300 for the 2025/2026 period) and a variable levy calculated using the value of the applicant’s transactions.

How Can McCann FitzGerald LLP Help?

McCann FitzGerald LLP is a premier law firm in Ireland and advises on the full range of legal, tax and compliance activities undertaken by payment institutions in Ireland. We have substantial experience in successfully guiding applicants through the regulatory authorisation process and in helping them to comply with their legal obligations, once established. If you are considering setting up a payment institution authorised under Irish legislation, please contact us for further information as to how we can help.

This document has been prepared by McCann FitzGerald LLP for general guidance only and should not be regarded as a substitute for professional advice. Such advice should always be taken before acting on any of the matters discussed.