The Central Bank has imposed a fine of €324,240 on BlueSnap Payment Services Ireland Limited, a US-based payment services provider operating in Ireland, for multiple breaches of the European Union (Payment Services) Regulations 2018.
Breaches Identified
The breaches occurred between January 2021 and December 2022. BlueSnap, authorised as a payment institution to offer merchant acquiring services, failed to adhere to key regulatory requirements:
- Customer Fund Safeguarding: The company did not deposit customer funds into its designated safeguarding account and improperly commingled customer funds with other monies.
- Delayed Reporting: BlueSnap delayed notifying the Central Bank upon discovering its failure to comply with safeguarding procedures outlined in its authorisation application.
The Central Bank attributed these failures to deficiencies in BlueSnap’s regulatory awareness, inadequate understanding of reporting obligations, and poor oversight and monitoring of its safeguarding processes.
Safeguarding Responsibilities
As a payment institution, BlueSnap is required to secure customer funds by adhering to stringent safeguarding rules. These include:
- Keeping customer funds in segregated accounts, separate from the institution’s own funds.
- Ensuring that customer funds are properly identified, managed, and protected at all times.
Merchant acquiring services, such as those offered by BlueSnap, enable businesses to accept payments for goods and services. Under safeguarding regulations, payment institutions must collect customer funds, secure them in segregated accounts, and remit them to the appropriate accounts without undue risk.
Central Bank’s Response
Seána Cunningham, Director of Enforcement and Anti-Money Laundering at the Central Bank, highlighted the seriousness of BlueSnap’s failings:
“Safeguarding customer funds is a fundamental requirement for any payment or e-money institution. The Central Bank has been explicit in its supervisory expectations regarding safeguarding obligations.”
Ms. Cunningham emphasized that authorised firms must comply with the commitments made during their application process and promptly inform the Central Bank of any material changes or failures.
“In this case, BlueSnap failed to comply with its safeguarding obligations, exposing customers to significant risk and delaying notification to the Central Bank regarding inaccuracies in its application information,” she added.
BlueSnap’s Response
BlueSnap admitted to the regulatory breaches and confirmed that it has since addressed the safeguarding deficiencies. The company has implemented measures to prevent future compliance lapses.
Comments