A US payment services company with operations here has been fined €324,240 by the Central Bank for breaches of regulations.
The regulator found BlueSnap Payment Services Ireland (Limited) broke the European Union (Payment Services) Regulations 2018 between January of 2021 and December of 2022.
The bank discovered that BlueSnap, which is authorised as a payment institution to provide merchant acquiring services, did not deposit its customers' funds in its designated safeguarding account.
It also mixed its customers’ funds with other funds.
The organisation also delayed informing the Central Bank once it became aware that it was not following the safeguarding procedures that it had set out in its application for authorisation.
The Central Bank said the failings arose due to deficiencies in regulatory awareness and understanding of reporting requirements.
They were also the result of inadequate oversight and monitoring by BlueSnap of safeguarding operations, it said.
The regulator said that BlueSnap admitted the contraventions and has confirmed it has remediated the safeguarding failures.
Companies that provide merchant acquiring services enable firms that sell products and services to accept payment for products and services sold.
When one of BlueSnap’s customers make a sale, it should collect the money, hold it securely in a segregated bank account and then pay it on to the customer’s account.
Under the regulations, there are specific safeguarding requirements for payment institutions that provide payment services like BlueSnap.
These include not mixing customer funds with a the institution’s own money and ensuring customer funds are identified, managed and protected.
"Payment and e-money firms are authorised to hold and transfer money on behalf of customers, and at the core of this is a requirement for them to safeguard this money," said Seána Cunningham, Director of Enforcement and Anti-Money Laundering, of the Central Bank.
"Safeguarding customer funds is a fundamental requirement for any payment or e-money institution and the Central Bank has made its supervisory expectations in this regard clear."
"When firms apply for authorisation, they need to demonstrate to the Central Bank how they will meet their regulatory obligations. It follows that they must then adhere to the commitments they have made at authorisation when they provide services as an authorised financial services provider."
Ms Cunnigham added that if information provided at authorisation is no longer accurate, firms must inform the Central Bank of this quickly and take any necessary remedial action.
"In this case, BlueSnap failed to comply with its safeguarding obligations, which exposed its customers to significant risk, and failed to inform the Central Bank promptly of changes to the accuracy of the information it provided in its application for authorisation," she said.
