To print this article, all you need is to be registered or login on Mondaq.com.
On 27 July 2020, the Central Bank of Ireland (“Central
Bank”) fined The Governor and Company of the Bank of Ireland
(“BOI”) €1,660,000 for a range of regulatory
breaches in connection with cyber security failings at its former
subsidiary, Bank of Ireland Private Banking Limited
(“BOIPB”)1.
The Incident
The regulatory investigation arose from a 2014 cyber fraud
incident perpetrated on BOIPB resulting in a finding that BOIPB had
not applied adequate cyber security arrangements.
Administrative Sanctions Procedure
Under the Central Bank Act 1942, the Central Bank has the power
to sanction regulated financial service providers for committing
prescribed contraventions under its Administrative Sanctions
Procedure (“ASP”)2.
It can impose various sanctions (by way of settlement or on foot
of findings at an inquiry), ranging from reprimands to financial
penalties of up to €10 million or 10% of turnover on a
regulated financial service provider (whichever is the greater),
and fines of up to €1 million on individuals involved in…
