AML REQ for Payment & E-money Institutions
The Risk Evaluation Questionnaire (REQ) for Payment Institutions (PIs) and Electronic Money Institutions (EMIs) is an annual AML/CFT/FS return issued by the Central Bank of Ireland.
The REQ collects information on:
A firm’s inherent ML/TF/FS risk exposure- How the firm assesses ML, TF and financial sanctions risk within its business model
- The AML/CFT/FS framework, governance and controls in place
- Customer, product, transaction and geographic risk data
The return must be submitted through the Central Bank Portal in XML format using the prescribed XSD schema. Excel files are provided for reference only and cannot be submitted.
What’s the scope?
Entities in scope
Payment and E-money Institutions regulated by the CBI must each submit their own REQ, with group and branch reporting determined by the institution’s legal structure.
Group & branch reporting
- Irish branches of institutions authorised by another European NCA should report Irish branch data only
- EU parent undertakings regulated by the Central Bank must aggregate EEA branch information, excluding non-EEA branch data
- Firms that are part of a group but are not the EU parent should report for the Irish institution only
Activity covered
The PI/EMI REQ captures data across payment and e-money activities, including PSD2 services, merchant acquiring, money remittance, payment accounts, currency exchange, virtual IBANs, prepaid products, correspondent relationships, onboarding channels, and transaction monitoring and sanctions controls.
Reporting dates
Standard reference date: 31 December of the preceding calendar year
First submission deadline: 13 February 2026
Reporting frequency
Annual reporting
File format
XML format only, aligned with the prescribed XSD schema and required XML wrapper. The XML file must be validated before upload to the Central Bank Portal.
Key data areas
The PI/EMI REQ requires information across:
- Legal structure and business model
- PSD2 activity and activity comments
- Integrated or partnered crypto-asset services
- Customer segments and customer risk ratings
- High-risk customers and sectors
- Transaction volumes and values
- Merchant acquiring activity
- Money remittance activity
- E-money products and digital accounts
- Prepaid cards and vouchers
- Payment accounts and virtual IBANs
- Currency exchange
- Cash deposits and withdrawals
- Crypto-asset related services, where applicable
- Lending and crowdfunding
- Correspondent relationships
- Funding methods and payment instruments
- BWRA, risk appetite and AML/CFT controls
- Policies, procedures, governance, audit and training
- Compliance with the Fund Transfers Regulation
Reporting considerations to keep in mind
- All questions are mandatory, even where a data point is not applicable
- Non-applicable fields must use the prescribed default values, such as 0, N/A, 2000-01-01 or the required default enumeration
- All values should be reported in euroCustomer risk ratings may be based on the rating as at the reference date, even if the rating changed during the year
- XML submissions must follow the required table structures and strict table ordering
- Incorrect XML structure or table order may result in rejection
- Firms must complete both the “Finalise” and “Sign-Off” steps in the Portal
- Material issues should still be raised through normal supervisory channels, not solely through the REQ
Steps to submission
A high-level overview of the key stages involved in preparing, validating and submitting the PI/EMI AML REQ return to the Central Bank of Ireland.
Determine reporting scope and legal structure
Confirm whether the return should cover the Irish institution only, Irish branch activity or aggregated EEA branch information.
Gather required AML/CFT, customer and transaction data
Collect the required data across customers, transactions, products, geographies, PSD2 activities, e-money activity and AML/CFT controls.
Map data to the required XML schema and REF fields
Align each data point to the prescribed XML taxonomy, including REF identifiers, enumerations, table structures and field formats.
Generate and validate the XML file
Create the XML return in line with the XSD schema and validate it against mandatory fields, formatting rules and table ordering requirements.
Upload the return via the Central Bank Portal
Submit the validated XML file through the Central Bank Portal and resolve any validation issues raised during upload.
Finalise and sign off the submission
Complete the Portal “Finalise” and “Sign-Off” steps to ensure the REQ is successfully completed and transmitted.