AML REQ for Credit Institutions
The Risk Evaluation Questionnaire (REQ) for Credit Institutions is an annual AML/CFT/FS return issued by the Central Bank of Ireland.
The REQ collects information on:
A firm’s inherent ML/TF/FS risk exposure- How the firm assesses ML, TF and financial sanctions risk within its business model
- The AML/CFT/FS framework, governance and controls in place
- Customer, product, transaction and geographic risk data
The return must be submitted through the Central Bank Portal in XML format using the prescribed XSD schema. Excel files are provided for reference only and cannot be submitted.
What’s the scope?
Entities in scope
Credit Institutions regulated by the CBI must each submit their own REQ, with group and branch reporting determined by the institution’s legal structure.
Group & branch reporting
- Irish branches of institutions authorised by another European NCA should report Irish branch data only
- EU parent undertakings regulated by the Central Bank must aggregate EEA branch information, excluding non-EEA branch data
- Firms that are part of a group but are not the EU parent should report for the Irish institution only
Activity covered
The Credit Institutions REQ captures data across banking and financial activities, including customer risk, correspondent relationships, crypto-asset exposure, deposits, lending, investment and merchant services, onboarding channels, and transaction monitoring and sanctions controls.
Reporting dates
Standard reference date: 31 December of the preceding calendar year
First submission deadline: 27 February 2026
Reporting frequency
Annual reporting
File format
XML format only, aligned with the prescribed XSD schema and required XML wrapper. The XML file must be validated before upload to the Central Bank Portal.
Key data areas
The Credit Institutions REQ requires information across:
- Legal structure and international presence
- Statement of compliance
- Customer segments and customer risk exposure
- High-risk customers and sectors
- Correspondent relationships, including nesting and payable-through account exposure
- Crypto-asset products, trading, custody and wallet exposure
- Cash deposits, withdrawals and high-value cash activity
- Currency cash exchange
- Safe deposit boxes
- Virtual IBAN accounts
- Prepaid cards
- Lending, factoring and trade finance
- Investment services and activities
- Money remittance
- Physical presence, residence and establishment
- Beneficial owners
- Payment transactions and pooled accounts
- Geography of funds flow
- BWRA, risk appetite and AML/CFT controls
- Policies, procedures, governance, audit and training
- Compliance with the Fund Transfers Regulation
Reporting considerations to keep in mind
- All questions are mandatory, even where a data point is not applicable
- Non-applicable fields must use the prescribed default values, such as 0, N/A, 2000-01-01 or the required default enumeration
- All values should be reported in euro
- Customer risk ratings may be based on the rating as at the reference date, even if the rating changed during the year
- XML submissions must follow the required table structures and strict table ordering
- Incorrect XML structure or table order may result in rejection
- Firms must complete both the “Finalise” and “Sign-Off” steps in the Portal
- Material issues should still be raised through normal supervisory channels, not solely through the REQ
Steps to submission
A high-level overview of the key stages involved in preparing, validating and submitting the Credit Institutions AML REQ return to the Central Bank of Ireland.
Determine reporting scope and legal structure
Confirm whether the return should cover the Irish institution only, Irish branch activity or aggregated EEA branch information.
Gather required AML/CFT, customer and transaction data
Collect the required data across customers, transactions, products, geographies, credit institution activities and AML/CFT controls.
Map data to the required XML schema and REF fields
Align each data point to the prescribed XML taxonomy, including REF identifiers, enumerations, table structures and field formats.
Generate and validate the XML file
Create the XML return in line with the XSD schema and validate it against mandatory fields, formatting rules and table ordering requirements.
Upload the return via the Central Bank Portal
Submit the validated XML file through the Central Bank Portal and resolve any validation issues raised during upload.
Finalise and sign off the submission
Complete the Portal “Finalise” and “Sign-Off” steps to ensure the REQ is successfully completed and transmitted.