On 19 October 2011, the Central Bank of Ireland (“Central Bank”) published a revised Consumer Protection Code (“Code”) which will, from 1 January 2012, replace the original Consumer Protection Code (which was issued in August 2006). The Central Bank consulted widely prior to the publication of the Code, including the publication of two consultation papers in January 2011 (CP 47) and July 2011 (CP 54).

Who is a consumer?

The Code distinguishes between different classes of consumer:

  • consumer” means any of the following:
    • a person or group of persons, but not an incorporated body with an annual turnover in excess of €3 million in the previous financial year. (Partnerships and other unincorporated bodies such as clubs, charities and trusts are considered as “consumers”.); or
    • incorporated bodies having an annual turnover of €3 million or less in the previous financial year (provided that it is not a member of a corporate group having a combined turnover greater than €3 million);
  • personal consumer” means a consumer who is a natural person acting outside his or her business, trade or profession; and
  • “vulnerable consumer” means a natural person who:
    • has the capacity to make his or her own decisions but who, because of individual circumstances, may require assistance to do so (for example, hearing/visually impaired persons); and/or
    • has limited capacity to make his or her own decisions and who requires assistance to do so (for example, persons with intellectual disabilities or mental health issues).  

Some of the provisions of the Code will only apply to personal and/or vulnerable consumers.  


The Code will apply to the regulated activities of regulated entities (such as banks, insurers and insurance intermediaries) operating in Ireland, including:  

  • financial service providers authorised, registered or licensed by the Central Bank; and
  • financial service providers authorised, registered or licensed in another EU or EEA member state when providing services in Ireland on a branch or cross-border services basis.

The Code will not apply to the provision of MiFID services in Ireland and will only apply to credit unions when acting as insurance intermediaries. In addition, only certain provisions of the Code will apply to regulated entities:

  • when providing credit under credit agreements that fall within the scope of the EC (Consumer Credit Agreements) Regulations 2010 (which implemented the 2nd Consumer Credit Directive into Irish law); and
  • that provide payment services and/or issue electronic money.

Requirements of the Code

The Code will increase protections for consumers in a number of key areas:

  • Arrears Handling: a regulated entity will be required to have written procedures in place for the handling of arrears, including arrears in the case of credit card accounts. The Code sets out the manner in which regulated entities must deal with personal consumers whose accounts fall into arrears, including limiting the number of unsolicited communications to a personal consumer in any monthly period. Regulated entities will be required to provide certain information to personal consumers whose account falls into arrears and will be required to provide detailed status updates if their account is in arrears for more than 31 days. These requirements are similar to those already contained in the Code of Conduct on Mortgage Arrears.
  • Contact with consumers: the Code contains prescriptive requirements in respect of personal visits made to consumers and telephone contact that may be made with consumers, eg a regulated entity will not be permitted to make a personal visit to a consumer who is an individual without the informed consent of such consumer.
  • Information about products: prior to offering, recommending, arranging or providing a product, a regulated entity will be required to provide information in writing to a consumer about the main features and restrictions of the product to assist a consumer in understanding the product.
  • Advertising: the Code contains more detailed requirements relating to advertising of financial products and services, including the presentation of “key information” - namely information that is likely to influence a consumer’s actions with regard to a product or service.
  • Mortgages: in relation to the provision of mortgages, a mortgage lender will be required to have sight of all original supporting documentation evidencing ability to repay. Self-certification by a personal consumer of income and/or ability to repay will no longer be acceptable. When assessing suitability of a mortgage product, a lender will be required to carry out an assessment of affordability, including ascertaining a personal consumer’s ability to repay the debt in the event of an increase in interest rates of 2%.
  • Knowing the consumer and suitability: new, prescriptive requirements will be introduced in relation to the information that a regulated entity will be required to gather in respect of a consumer, including details relating to the consumer’s financial needs and objectives, personal circumstances and financial situation.
  • Vulnerable Consumers: a regulated entity will be required to ensure that a vulnerable consumer is provided with such reasonable arrangements and/or assistance that may be necessary to facilitate the vulnerable person in his or her dealings with the regulated entity.
  • Product producers: the Code contains new requirements with which a product producer will have to comply. A product producer is any regulated entity that produces, manufactures or packages a product of a financial or investment nature and is not limited to a product producer as defined in the Investment Intermediaries Act 1995.
  • Errors and complaints handling: a regulated entity will be required to resolve all errors speedily and no later than six months after the date upon which the error was first discovered. A regulated entity will be required to inform the Central Bank of an error that affects consumers and which has not been resolved within 40 business days of the date upon the error was first discovered. A regulated entity will be required to keep an up-to-date log of all complaints from consumers and the log must contain specific information which is set out in the Code. Additionally, a regulated entity will be required, on a regular basis, to undertake an analysis of the patterns of complaints from consumers including whether complaints indicate an isolated issue or a more widespread one.

Compliance with the Code

The Code is issued pursuant to powers under various legislative enactments, including the Central Bank Act 1989, the Investment Intermediaries Act 1995 and the Insurance Act 1989. The Code provides that it is binding on regulated entities and must be complied with, at all times, when providing financial services. A regulated entity may be required by the Central Bank to provide records evidencing compliance with the Code.

The Code will apply from 1 January 2012. However, the Central Bank has stated that it recognises that compliance with some of the new and/or enhanced requirements of the Code will require regulated entities to introduce systems and procedural changes and to ensure that all their staff are properly trained to understand and implement the Code. Accordingly, the Central Bank will take account of this for the first six months of monitoring compliance with the provisions of the Code.