Under the Central Bank (Individual Accountability Framework) Act 2023, the Central Bank is empowered to prescribe Business Standards for all or specific classes of regulated entities. Draft ‘Standards for Business’ Regulations formed part of the Central Bank’s 2024 consultation on changes to the Consumer Protection Code (CPC, 1,887 KB). The final regulations were published yesterday (the Central Bank Reform Act 2010 (Section 17A) (Standards for Business) Regulations 2025 (Business Standards Regulations)) as part of the Central Bank’s publications relating to the revised CPC 2025.

The Business Standards Regulations will, as is the case with CPC 2025, apply from 24 March 2026.

For more details on the Central Bank’s CPC 2025 publications, read our insights here: CPC and Standards for Business: Central Bank launches two sets of regulations (to apply from 24 March 2026) – Arthur Cox LLP

Standards for Business and Supporting Standards for Business

The Business Standards Regulations are divided into Standards for Business and Supporting Standards for Business.

The Standards for Business require a regulated entity operating in Ireland to:

1. secure its customers’ interests
2. act with honesty and integrity;
3. act with due skill, care and diligence
4. act in the best interests of customers and treat them fairly and professionally
5. ensure that all information it provides to customers is presented in a way informs the customer effectively (the 2024 consultation had referred to “seeks to effectively inform the customer”)
6. control and manage its affairs and systems to counter the risks of financial abuse to customers to whom it is providing financial services within the scope of its regulated activities (the 2024 consultation had referred to “customers” more broadly – the change made in the final version of the Business Standards Regulations aims to clarify that this particular standard only applies to consumers to whom the regulated entity is providing services (and not to potential consumers of that regulated entity))
7. control and manage its affairs and systems sustainably, responsibly and in a sound and prudent manner
8. maintain adequate financial resources
9. engage and cooperate with the Central Bank and comparable competent authorities in good faith and without delay

Standards 1 and 6 above will only apply to regulated entities when doing business with individuals and small businesses (i.e. ‘consumers’ within the meaning of the revised CPC).  The Central Bank will, from 24 March 2026, increase the annual turnover threshold for a small corporate to be brought into scope of the CPC definition of “consumer” from €3m to €5m. The remaining Standards for Business will apply to their dealings with customers more broadly.

The Supporting Standards set more granular detail under each heading.  The General Guidance on the Consumer Protection Code (1,363 KB) also sets out (at Section 2) detailed guidance on the Business Standards Regulations.

Exclusions

These are broadly similar to those envisaged in the 2024 consultation (regulated entities providing MiFID services or crowdfunding services, and activities of credit unions) save that a credit union will be brought into scope when acting as an insurance intermediary, and reinsurance business has been specifically excluded.

However, for regulated entities providing MiFID services and for crowdfunding service providers, while the Business Standards Regulations don’t apply directly to them, the Central Bank’s Guidance on Securing Customers’ Interests (1,075 KB) sets some expectations for them, including that they consider and apply the guidance when fulfilling their obligation to “act honestly, fairly and professionally in accordance with the best interests of [their] clients” under the MiFID Regulations / EU Crowdfunding Regulations.

Individual Accountability Framework (IAF)

The Business Standards are in addition to the Common Conduct Standards (which apply to those who perform controlled functions in regulated entities) and the Additional Conduct Standards (which apply to those who perform either pre-approval controlled functions in a regulated entity or any other function by which the person may exercise a significant influence on the conduct of that regulated entity’s affairs) under the IAF.  The Common and Additional Conduct Standards have applied since 29 December 2023.

In responding to feedback received to the 2024 consultation, the Central Bank emphasised the distinction between those on whom the standards are imposed: individuals in the case of the Common and Additional Conduct Standards, and firms in the case of the Business Standards Regulations. The Central Bank also highlighted that the ‘reasonable steps’ concept that forms part of the Common and Additional Conduct Standards for individuals hasn’t been replicated in the Business Standards Regulations for firms because the Central Bank has provided those firms with various resources, and set out its expectations, regarding how their obligations under the Business Standards Regulations should be implemented in a way that secures customers’ interests.

To discuss the Business Standards Regulations publications in more detail, please get in touch with your usual contact in our Financial Regulation, Individual Accountability and SEAR, Asset Management and Investment Funds and Insurance groups.