Dublin – The Central Bank of Ireland has issued a strong warning to Irish banks and ATM operators regarding the potential risk of breaching international financial sanctions.
In its first financial crime bulletin, the regulator underscored the need for financial institutions and payment service providers (PSPs) to ensure all designated entities are fully blocked from operating within the Irish financial system. Failure to do so, the bulletin cautioned, poses a “heightened risk of breaching EU sanctions.”
Specific Sanctions Concerns
The Central Bank highlighted that it is already aware of specific instances of card transactions involving cards issued by the Belarusian bank, Belgazprombank. This bank has been subject to EU sanctions since early this year after it was found to be using the Central Bank of Russia’s financial messaging system to circumvent existing restrictions put in place following the 2022 invasion of Ukraine.
The core issue, according to the Central Bank, lies in how international card schemes—which use Bank Identification Numbers (BINs) to identify the issuing bank—operate.
“Due to the global nature of these schemes, cards issued by banks or entities subject to EU financial sanctions may still be used at EU ATMs unless those BINs are specifically blocked,” the bank stated.
Irish entities were specifically warned that they cannot solely rely on the compliance controls of international card schemes (like US card schemes), as these may only reflect US regulations (such as the Office of Foreign Assets Control) and not the full scope of EU sanctions.
Growing Threat of Digital Fraud and Scams
In addition to sanctions compliance, the Central Bank’s bulletin also addressed the escalating threat of financial crime driven by digitalization.
Michael Kavanagh, chief executive of the Compliance Institute, noted that cyber crime is advancing so rapidly that “organisations and legislators cannot keep up.” He stressed that the growing sophistication of fraudsters is making scams harder to spot, with technology being used to identify, target, and extract information from victims.
The warning comes as the Health Service Executive (HSE) announced compensation for up to 90,000 people affected by the devastating 2021 ransomware attack, which cost the HSE over €100 million.
The Central Bank affirmed that preventing fraud and scams is a “priority,” recognizing them as a major issue for consumers, businesses, and society.
