The Central Bank has fined Citibank Europe €1.33m and reprimanded it for six breaches of the Code of Practice on Lending to Related Parties after it said it had fallen far short of expectations.
Citibank Europe, which operates branches across Eastern Europe from its Dublin headquarters, admitted the breaches.
This code of practice requires banks to have the proper systems, controls, independent oversight and regulatory reporting processes in place to support their related party lending.
The banks are required to get board approval before entering into or varying loan transactions with related parties including directors, senior managers, significant shareholders of the firm and other connected parties.
It also requires banks and other credit institutions to introduce measures for reporting internally and to the Central Bank within specified timeframes.
The Central Bank said that Citibank breached certain provisions of the code from its introduction in January 2011 to 14 September 2016.
The breaches varied in duration - the shortest lasted one year and five months and the longest lasted for four years and six months.
However, the Central Bank said its investigation found no evidence that loans were granted to a related party on more favourable terms than loans to a non-related party.
It also said that Citibank has taken the necessary steps to rectify the deficiencies that gave rise to the breaches.
According to the Central Bank, Citibank failed to have the necessary policies and processes in place to give effect to the code, while it also failed to report certain related party exposures to the Central Bank.
The Central Bank's investigation also found that Citi failed to report certain deviations from the requirements of the Code to the Central Bank within prescribed time limits and it did not get approval of its own Related Party Lending Committee before granting or changing certain loans to related parties.
Citibank first told the Central Bank in September 2016 that it had identified breaches of the code in its reporting of related party loans to senior managers.
These came to light after the merger of Citibank and a UK affiliate - Citibank International Limited - in January 2016.
Seána Cunningham, the Central Bank's Director of Enforcement and Anti Money Laundering, said the code was introduced to create a formal framework for credit institutions to prevent abuses.
It was also introduced to address possible conflicts of interest by requiring all related party lending to be at arm's length and subject to management oversight and regular reporting to the Central Bank.
"The Central Bank’s investigation found that Citibank failed to put in place the necessary governance, policies and procedures to implement the regime until two years and eight months after the Code came into effect," Ms Cunningham said.
"Those deficiencies were followed by breaches of reporting and loan approval requirements. Citibank has fallen far short of the Central Bank’s expectations in this regard, which is wholly unacceptable," she said.
"We require the boards and management of regulated entities to take their regulatory responsibilities seriously and to fully implement all applicable regulatory requirements," she added.
Citibank Europe said in a statement that it was pleased to have resolved the matter and that it did not affect clients.
The Citibank fine is the Central Bank's 123rd settlement since 2006 under its Administrative Sanctions Procedure, bringing total fines imposed by the Central Bank to over €64m.