Insurance Licence Authorisation: Part II - The Application Process

In Part I of this five-part series, we explored why authorisation in Ireland is fundamentally a strategic decision rather than a regulatory formality. Part II of the series builds on that foundation by setting out how the authorisation process works in practice — from early engagement with the regulator through to formal approval — and highlighting the points at which applications most often slow or stall.

Authorisation Process Overview

Under the European Union (Insurance and Reinsurance) Regulations 2015 (the ‘Regulations’), the commencement of insurance or reinsurance business is subject to prior authorisation from a Member State supervisory authority.

The process typically begins with an initial exploratory discussion with the Central Bank of Ireland (‘CBI’). At this stage, the regulator seeks to understand the applicant’s business model, target markets, and rationale for selecting Ireland as a base. This dialogue helps to define the scope of the application and ensures that expectations are clear on both sides.

The formal authorisation application is comprehensive and requires submission of a detailed business plan, financial projections, governance framework, and evidence that the applicant can meet the requirements of the EU’s Solvency II regime. This includes demonstrating robust risk management systems, strong internal controls, and sufficient capital to support the proposed business lines.

Key individuals also play a critical role in the process. Senior management and board members who will hold Pre-Approval Controlled Functions (‘PCFs’) must be vetted by the regulator for their experience, fitness, and probity. Ireland’s deep pool of experienced insurance professionals makes it easier for new entrants to identify high-calibre candidates locally, although international executives are equally welcomed, provided they meet the necessary standards.

Authorisation Process Stages

Preliminary Meeting

The preliminary meeting serves as a crucial first step in the authorisation process. During this meeting, the applicant firm is expected to present its proposed high-level business plan and articulate the rationale for choosing Ireland as its base of operations. The CBI uses this opportunity to clarify any initial queries regarding the scope and nature of the proposed activities. This early engagement allows the regulator to offer tailored guidance on the required documentation and standards, helping the applicant anticipate and address potential regulatory concerns from the outset.

The preliminary meeting also establishes the foundation for ongoing communication between the applicant and the CBI. It enables both parties to set clear lines of contact and ensures that the application process proceeds efficiently.

Complete Application Documentation

The formal application stage involves the preparation and submission of a comprehensive suite of documents in accordance with the CBI requirements. This is the most labour-intensive and time-consuming stage of the process for the applicant.

The documentation typically includes the applicant’s detailed business plan, governance and risk management frameworks, financial projections, and information on key personnel. The application must demonstrate compliance with all relevant legal and regulatory standards. Supporting documents often include constitutional documents, policies on outsourcing and internal controls, and evidence of capital resources.

During this phase, the applicant may be asked to clarify or supplement aspects of their submission in response to queries from the CBI, ensuring that all regulatory expectations are fully addressed before the application progresses to the next stage.

Formal Application

Once the preliminary meeting has concluded and all preparatory steps have been completed, the applicant proceeds to submit the formal application pack to the CBI. This pack must be assembled in strict accordance with the prescribed checklists and guidance notes, ensuring that every regulatory requirement is met. The submission typically includes all documentation prepared during the earlier phase, such as the business plan, governance arrangements, risk management policies, capital adequacy details, and information regarding key function holders.

CBI Review

Upon submission of the formal application, the CBI undertakes a two-step review process. Initially, the Bank will assess the application and all accompanying documentation to ensure completeness. If any information or documents are missing, the applicant will be promptly notified and required to provide the outstanding materials. Only when the CBI is satisfied that every required item has been received will the application be deemed complete and moved to the substantive review stage.

The next phase involves a detailed evaluation of the quality of the application and its supporting documentation. Once a fully completed application has been received, the typical timeline for authorisation is three months; however, in some cases, this may extend to as much as six months.

Additionally, the CBI may seek references from other supervisory authorities where applicable. Enquiries may be directed to overseas regulators, particularly in jurisdictions where the applicant’s parent company or group has a significant presence.

Authorisation in Principle

At this stage of the process, the applicant will address matters such as the introduction of capital, finalisation of the company name and objects, and provide confirmation that it will be able to comply with its conditions of authorisation within 21 days of the date of the authorisation in principle letter. The applicant should ensure that all documentation relating to capitalisation and corporate establishment is fully in order, including evidence of paid-up share capital, completed constitutional documents, and any necessary board resolutions.

Once these steps have been completed and the CBI is satisfied that all conditions set out in the authorisation in principle letter have been met, formal authorisation is issued. At this point, the entity can proceed to initiate operational activities and prepare for ongoing regulatory supervision.

Finalise Company Formation

Following the issue of the authorisation in principle letter, the applicant must promptly finalise the company formation process. This includes incorporation with the Companies Registration Office and that all statutory filings are up to date. The applicant should also confirm that its registered office, directors, and company secretary appointments comply with both statutory and regulatory requirements.

In addition, the applicant should put in place robust internal policies and operational structures that reflect the business plan submitted to the CBI. It is important to establish effective governance frameworks, appoint key function holders, and ensure that all necessary systems and controls are operational before commencement of business.

Authorisation Granted

Once the CBI is satisfied that the applicant has met all conditions, it will issue the formal grant of authorisation. This marks the official commencement of the undertaking’s regulated activities. The company will receive an authorisation certificate, and its details will be entered onto the CBI’s public register of authorised firms.  

Post Authorisation Supervision

From this point, the firm is subject to the ongoing supervisory framework of the CBI and must adhere to all relevant regulatory requirements and reporting obligations. Post authorisation supervision is addressed further in Part V of this series.

Where Authorisation Projects Commonly Slow or Stall

Delays in the authorisation process are rarely caused by technical misunderstandings of the regulatory framework. More often, they arise from weaknesses in how the proposed undertaking is structured, governed, or explained.

One frequent cause is insufficient clarity around the business model. Where financial projections, underwriting strategy, reinsurance arrangements, and capital planning are not clearly aligned, the regulator will seek further explanation. This can quickly become iterative if the underlying strategy has not been fully thought through or agreed internally.

Governance is another common pressure point. Applications often underestimate the level of scrutiny applied to board composition, role clarity, and the allocation of responsibilities. Where decision-making authority appears fragmented, overly centralised at group level, or insufficiently anchored within the Irish entity, further engagement is inevitable.

Capital and ORSA credibility also feature prominently. Financial projections that appear optimistic, insufficiently stressed, or overly reliant on assumptions that cannot be substantiated tend to attract challenge. In such cases, the process slows not because the regulator is obstructive, but because it is unconvinced that the undertaking could operate safely under less favourable conditions.

Finally, projects stall when responses to regulatory queries are slow, defensive, or incomplete. The authorisation process is inherently iterative. Firms that struggle to accept challenge, or that treat regulatory feedback as an obstacle rather than an input, often experience prolonged timelines as issues are revisited multiple times.

What Effective Engagement with the Regulator Looks Like

While the authorisation process is demanding, it is not adversarial. Effective engagement with the regulator is characterised by openness, responsiveness, and a willingness to engage constructively with challenge.

Strong applications demonstrate a clear narrative that connects the business model, governance framework, and financial projections. Where questions arise, responses are timely, proportionate, and supported by evidence. Importantly, firms are prepared to refine their proposals where weaknesses are identified, rather than defending positions that cannot be sustained.

From the perspective of the Central Bank of Ireland, the quality of engagement is a meaningful signal. Firms that show they understand their own risks, acknowledge limitations, and take ownership of remedial actions are more likely to progress efficiently through the process.

It is also notable that effective engagement typically involves senior decision-makers, not just advisors. While external expertise is valuable, the regulator expects to see that the board and executive team genuinely understand and stand behind the application. This reinforces confidence that the undertaking will be capable of managing regulatory relationships and supervisory expectations on an ongoing basis.

Substance Over Form

A well-managed process is essential to achieving authorisation, but it is not, in itself, decisive. The outcome ultimately turns on regulatory judgement.

The regulator is not assessing whether an applicant can follow a process. It is assessing whether the proposed undertaking can operate as a well-governed, financially resilient insurer under continuous supervision. This assessment is informed by how the firm responds to challenge, how coherently it explains its strategy, and how credibly it demonstrates substance within the Irish entity.

Firms that focus exclusively on timelines, checklists, or minimum requirements often miss this point. By contrast, those that approach authorisation as an exercise in demonstrating long-term viability tend to find that the process, while rigorous, is navigable.

This distinction becomes even more important once authorisation is granted. The standards applied during the application phase do not disappear; they form the basis for ongoing supervisory expectations.

In the next part of this series, we move beyond process and into substance, examining what the regulator actually cares about when assessing an undertaking — and how those priorities shape supervision long after approval.

Part II Summary

While a disciplined process is essential, it is not determinative. Outcomes ultimately depend on regulatory judgement — how credible the business model is, how risks are understood, and how convincingly substance is demonstrated within the Irish entity.

Part III of this series turns to those judgements directly, examining what the regulator actually focuses on when assessing an application, and the recurring themes that drive supervisory challenge.