The Central Bank of Ireland has fined BlueSnap Payment Services Ireland Limited €324,240 for breaching requirements of the European Union (Payment Services) Regulations 2018 (the PSR 2018) between January 2021 and December 2022.
BlueSnap was authorised by the Central Bank as a payment institution under the PSR 2018 on 23 December 2020 to provide payment services. BlueSnap provides “merchant acquiring services” enabling its customers, which are businesses that sell products and services online, to accept payments for products and services sold. When an online sale is made by one of BlueSnap’s customers, BlueSnap should collect the money, hold it securely in a segregated bank account and then pay it onwards to the customer’s bank account.
The PSR 2018 contains specific safeguarding requirements for payment institutions that provide payment services, such as BlueSnap. Safeguarding of funds is a key regulatory protection for customers who use the services of Payment and E-Money institutions. The objective of safeguarding is to protect customers’ funds pending a payment being made and to ensure that if a firm becomes insolvent, funds are available to be returned fully and promptly to its customers. Safeguarding is particularly important as there is no compensation or deposit protection scheme applicable to the Payment and E-Money sector.
The business model of a payment institution is focused on enabling customers to make and receive payments. From a safeguarding perspective, this means that a payment institution must hold customers’ money securely for the duration of those transactions in a segregated bank account established for the sole purpose of holding customer funds, or have an insurance policy or comparable guarantee in place for an amount equal to the value of customer funds held.
When customer funds are held in a segregated bank account, such funds must not be mixed with the firm’s own funds or funds of other group entities and their customers. Customer funds must always be identified, managed and protected in this manner. This includes the clear segregation, designation and reconciliation of any customer funds held.
When a firm applies to the Central Bank for authorisation, the information it provides in its application is fundamental to whether the Central Bank deems it appropriate to authorise the firm to provide financial services.
BlueSnap breached the requirements of the PSR 2018 because it:
- Did not deposit its customers’ funds in BlueSnap’s designated safeguarding account.
- Mixed its customers’ funds with other funds.
- Delayed informing the Central Bank once it became aware that it was not following the safeguarding procedures that BlueSnap had set out to the Central Bank in its application for authorisation.
These failings arose due to deficiencies in regulatory awareness and understanding of reporting requirements, in addition to inadequate oversight and monitoring by BlueSnap of safeguarding operations which were provided by the BlueSnap group. BlueSnap has confirmed to the Central Bank that it has remediated the safeguarding failures which are the subject of the prescribed contraventions.
Today’s announcement follows the settlement reached between the Central Bank and BlueSnap on 19 November 2024.
BlueSnap has admitted the prescribed contraventions and has agreed to the undisputed facts set out in the Settlement Notice. As part of the settlement agreement reached between the Central Bank and BlueSnap, the Central Bank has determined that sanctions comprising a reprimand and monetary penalty in the amount of €463,200 are warranted.
The application of a 30% settlement scheme discount brings the amount to €324,240. The sanctions have been accepted by BlueSnap.
The sanctions are subject to confirmation by the High Court and will not take effect unless they are confirmed.
