Leave an application

Legal services:

Comprehensive legal solutions for contracts, disputes, and compliance. Our expert team ensures legal protection and strategic guidance for your business.

More

AML consulting:

Specialised AML consulting to develop and maintain robust anti-money laundering policies. We assess risks, offer ongoing support and provide tailored AML services.

More

Obtaining a crypto license:

We offer licensing and ongoing support for your crypto-business. We also offer licences in the most popular jurisdictions.

More

Registration of legal entities:

Efficient legal entity registration support. We manage documentation and interaction with the authorities, ensuring a seamless process for establishing your business.

More

Opening bank accounts:

We facilitate the opening of bank accounts through our extensive network of partners (European banks). Hassle-free process, tailored to your business needs.

More

COREDO TEAM

Nikita Veremeev
Nikita Veremeev
CEO
Pavel Kos
Pavel Kos
Head of the legal department
Grigorii Lutcenko
Grigorii Lutcenko
Head of AML department
Annet Abdurzakova
Annet Abdurzakova
Senior Customer Success Manager
Basang Ungunov
Basang Ungunov
Lawyer at Legal Department
Egor Pykalev
Egor Pykalev
AML consultant
Yulia Zhidikhanova
Yulia Zhidikhanova
Customer Success Associate
Diana Alchaeva
Diana Alchaeva
Customer Success Associate
Johann Schneider
Johann Schneider
Lawyer
Daniil Saprykin
Daniil Saprykin
Head of Customer Success Department

Our clients

COREDO’s clients are manufacturers, traders and financial companies, as well as wealthy clients from European and CIS countries.

Effective communication and fast project realisation guarantee satisfaction of our customers.

Exactly
Unitpay
Grispay
Newreality
Chicrypto
Xchanger
CONVERTIQ
Crypto Engine
Pion

Blog

See all news
21.02.2026
Open Banking in 2026 changes in licensing

I have been leading COREDO since 2016 and see every day how Open Banking is changing the rules of the game for banks, fintechs and customers. Open banking APIs have moved from an idea to the infrastructure on which payment services, account aggregators, BaaS platforms and embedded finance are built. By 2026 the sector will enter a new phase, with the transition from PSD2 to PSD3, a review of payment services licensing, strengthened AML/CFT and unified API security standards. In this article I will share COREDO’s practice: how to prepare architecture, licenses and processes to not only comply with the changes but also build a sustainable business model.

The COREDO team has implemented dozens of projects to register legal entities in the EU, the UK, Singapore and Dubai, obtained licenses for PISP and AIS, helped launch e-money and payment institutions, and set up AML, SCA and GDPR. Our experience at COREDO has shown: success is formed at the intersection of licensing, technology and operational control. Below: a practical roadmap I use myself when evaluating projects.

How to prepare for Open Banking 2026

Illustration for the section “How to prepare for Open Banking 2026” in the article “Open Banking in 2026 licensing changes”

Open Banking regulation is accelerating. In the EU, the PSD3 draft and the accompanying payment regulation (PSR) aim for unified rules for access to accounts (XS2A), stricter requirements for customer authentication (SCA) and a clearer liability model for Third-Party Providers. At the same time, the transition to a single Open Finance license is unfolding – from payment accounts to investment products, insurance and pensions, which opens new streams of data and services.
Licensing of Open Banking is becoming more detailed. Regulators are clarifying the criteria for PISP and AIS licenses for 2026, introducing additional capital adequacy requirements for e-money providers and capitalization standards for PSPs in 2026. Teams are preparing for mandatory FAPI and OAuth standards in 2026, unified requirements for API governance and cross-jurisdictional audit.
Changes affect the Open Banking business model following the tightening of licenses. Profitability is now built on precise calculation of unit economics, sound pricing policy for APIs, SLAs and a scalable architecture. A solution developed at COREDO for one European fintech increased profitability by rebuilding pricing (subscription + per-call), optimizing rate limiting and introducing revenue share for partners.

From PSD2 to PSD3: Open Banking changes

Illustration for the section «PSD2 to PSD3: Open Banking changes» in the article «Open Banking in 2026 changes in licensing»

The transition from PSD2 to PSD3 in 2026 removes previous grey areas. Regulators solidify the status of TPPs, introduce clearer supervision and audit procedures for TPPs in 2026, and make consent management mechanisms with explicit consent receipts mandatory. Banks will receive clear obligations on account access, and refusals to connect for technical reasons will require documented justifications and KPIs on API availability.
What will change in PSD3 rules for Open Banking in practice? Strengthening SCA and API security, standardization of requirements for API versions, for logging and forensic readiness, as well as new regulations on customer data management in Open Banking. The regulator will tighten control over the allocation of liability between the bank and the TPP so that customers are not left hostage to complex contracts.
At the same time, a transition from PSD2 to a unified Open Finance license is taking shape. I expect a phased rollout: first payment and information services, then expansion to investments and insurance. This means a new level of Due Diligence for providers, a revision of DPIA and a re-evaluation of data disclosure risks.

Licensing PISP, AIS, e-money

Illustration for the section «Licensing PISP, AIS, e-money» in the article «Open Banking in 2026: changes in licensing»

At COREDO we often start with a licensing map: service model, jurisdiction, target markets, revenue sources and risks. banking license vs e-money license are fundamentally different in capital requirements, supervision and functionality. For many embedded finance models, e-money and/or registration of a payment institution in the EU in 2026 provide the optimal balance between speed to market and coverage.
How to obtain a license PISP in the EU after 2025? I recommend starting 6–9 months in advance: a legal entity in a suitable EU jurisdiction, a business plan with unit economics, an SCA policy, a description of API security, contractual framework with banks and processors, an AML/CTF framework, as well as operational resilience and BCM. COREDO’s practice confirms: a strong technology risk assessment and DPIA reduce regulator questions and speed up the review.
Regulators are introducing tiered licensing models and modular licensing. Limited activity / lite licenses allow testing unit economics in one market and then expanding. Sandbox licensing for Open Banking is a working tool in Singapore (MAS APIX), in certain EU countries and in the Middle East. It is important to consider regulatory sandboxes and exit criteria: clear KPIs for risks, reporting and a scaling plan.
Passporting and the ban on passporting after Brexit have changed go-to-market strategies. In the EU passporting for payment licenses retains value, while in the United Kingdom a separate FCA license is required. Equivalence regimes and mutual recognition of licenses between the EU and the CIS are applied only to a limited extent, so international Open Banking licensing almost always requires a local strategy and the structuring of cross-border data flows.

Requirements for Open Banking APIs

Illustration for the section “Requirements for Open Banking APIs” in the article “Open Banking in 2026 changes in licensing”

Requirements for Open Banking APIs in 2026 are consolidating around FAPI (Financial-grade API), OAuth 2.0 and OpenID Connect, as well as mTLS for mutual authentication. The mandatory nature of FAPI and OAuth standards in 2026 means rebuilding security profiles and reevaluating client SDKs. The COREDO team implemented similar profiles for an AIS provider: we implemented token binding, rotatable keys and strict scope management, which increased frictionless authorization rates and reduced incidents.
Interoperability will become a licensing requirement. Berlin Group and NextGenPSD2 define the API profile in the EU, and ISO 20022 affects payment integrations and message semantics. I recommend establishing API governance and versioning with explicit deprecation rules, and also introducing API SLAs, rate limiting and throttling to provide predictability for partners.
Security, not just encryption. Tokenization of payment data, encryption at rest and in transit, centralized secret management, mandatory logging, audit trails and forensic readiness — all of these are checked by regulators as part of prudential supervision. API security testing and pentest requirements are being embedded in licensing conditions; COREDO helps clients prepare for tests, implement bug bounties and formalize a Secure SDLC. For mature players, expectations of SOC 2 and ISO 27001 increase the chances of partnerships with banks.

Data privacy and GDPR

Illustration for the section «Data privacy and GDPR» in the article «Open Banking in 2026 changes in licensing»

GDPR compliance in Open Banking is foundational. Regulators require a Data Protection Impact Assessment (DPIA), data minimization mechanisms and privacy by design, clear procedures for data portability and interbank data. Consent management and consent receipts must be readable, and consent revocation should be quick, with clear legal consequences for stopping processing and deletion.
regulatory requirements for managing client data in Open Banking are tightening. I recommend appointing a data steward, documenting a retention and deletion policy, implementing DLP and data classification. Cross-border data flows and localization require data mapping and legal bases for cross-border transfers, especially when operating in Asia and the Middle East.
The role of digital identification eIDAS in Open Banking licensing is growing, and eIDAS 2 and digital identification of customers speed up onboarding and reduce fraud. W3C Verifiable Credentials and digital wallets provide a way to verify attributes without unnecessary data exchange. A solution developed at COREDO for a client in the EU integrated eID and VC into the KYC process, which reduced CAC and sped up account activation.

AML/CFT and risk management for TPP 2026

AML/CFT requirements for TPPs include a risk-based methodology, customer segmentation, risk ratings and monitoring scenarios. KYC/KYB automation and utilities for verifying beneficial ownership form the foundation for combating money laundering and sanctions risks. At COREDO we built multi-level scenarios for PISPs, including behavioral patterns, velocity rules and geo-risk.
Operational resilience and BCM, another focus. Regulators expect resilience plans, recovery testing, incident response and mandatory notifications to the regulator. Third-party risk management and vendor oversight are enshrined in policy; a vendor due diligence checklist helps select KYC providers, cloud platforms and processors in line with supervisory requirements.
Supervision and audit procedures for TPPs in 2026 cover regular reporting, independent AML audit and IT controls, as well as change control for APIs. The increase in AML risks with open banking in 2026 requires reliance on consortium fraud signals, sharing indicators of compromise and standardized formats for SAR/STR reports. COREDO’s practice confirms: early integration with regulatory portals reduces the burden on the compliance team.

Contracts and liability insurance

The TPP liability model must be reflected in agreements with banks and merchants. The allocation of liability between the bank and the TPP should take into account SCA, processing, API SLAs and error handling. Indemnity clauses and liability insurance (professional liability, cyber) cover tail risks and partners’ requirements for coverage limits.
Contract templates for API partnerships include sections on API SLAs, rate limits, maintenance windows, versioning, audits and security requirements. The legal consequences of a data breach via the Open Banking API are becoming stricter: in addition to GDPR fines partners build in contractual penalties and mechanisms for recourse claims. At COREDO we help establish the balance: achievable obligations and verifiable metrics.

Monetization and scaling

Market entry strategy for fintech with Open Banking combines licensing, pricing and partnerships with banks. Go-to-market for BaaS and embedded finance requires a clear role: license provider, technology orchestrator, or both at once. B2B2C and B2C API monetization differ in CAC, LTV and payback period; in the first case the focus is on corporate contracts and integrations, in the second on product and marketing.
Pricing models for APIs (per-call, subscription, revenue share) affect the unit economics of payment products. I recommend calculating ROI metrics: CAC, LTV, margin per transaction, fixed compliance costs and SLA expenses. Methods for calculating ROI of Open Banking projects with licensing costs should account for annual audits, pentest, insurance, regulator fees, as well as the budget for SOC 2/ISO 27001.
Scalability requires cloud-native and multi-region deployment, microservice architecture, an API gateway and an event-driven approach. How to scale BaaS amid new licensing requirements? Split stacks by jurisdiction, standardize security, centralize monitoring and logs, and simulate stress loads. The COREDO team implemented a similar architecture in two regions — the EU and Asia — with unified controls and localized data flows.

International markets and sandboxes

MAS APIX and Asian sandboxes allow testing products with banks and TPPs, practicing SCA and KYC in a controlled environment. Open Banking Nigeria is moving toward its own standards and local regulations, where data localization and exchange with the central bank are important. The Account Aggregator (India model) demonstrates how a consent architecture and standardized exchange create a scalable ecosystem.
Regulatory sandboxes and exit criteria (supervisory sandbox exit criteria) require clear KPIs, management reporting, and a plan for compliance with a full license. Which Asian markets are adapting new Open Banking licenses faster? Singapore and Hong Kong are moving rapidly; the UAE is accelerating requirements for BaaS and digital identity; some Southeast Asian markets are taking a phased approach, starting with payments pilots.
International licensing of Open Banking is inevitably linked to cross-border data flows. At COREDO we design localization matrices, sign standard contractual clauses and structure legal entities in the EU, the UK, Singapore and Dubai for lawful data exchange and processing.

COREDO Case Studies

Case 1: license for PISP and AIS in the EU. Client: a fintech focused on multibanking and real-time payments. The COREDO team handled payment institution registration, assembled the SCA and API security package, implemented FAPI, OAuth 2.0 and mTLS, configured a Berlin Group profile and ISO 20022 payments. In agreements with banks we secured allocation of liability, agreed API SLA and versioning. Result: license and connection to 30+ banks within 9 months.

Case 2: e-money + BaaS in the UK and EU after Brexit. The client required two licenses and separation of data flows. The solution developed at COREDO separated legal entities, standardized SOC 2/ISO 27001, implemented DPIA and privacy by design, and set up vendor oversight for KYC providers. Result – rapid rollout of embedded finance B2B2C products with a transparent revenue share model.

Case 3: Singapore and digital identification. For a local AIS/TPP we integrated eKYC, eID and W3C Verifiable Credentials, connected MAS APIX sandbox and completed sandbox licensing for Open Banking. After meeting KPIs the client moved to a full license, retaining all policies for BCM, incident response and regulatory reporting.

Case 4: M&A and due diligence checklist for Open Banking assets. An investor was considering the purchase of a provider with an AIS license. COREDO’s practice included verification of the license, capital requirements, API security posture, logs and audit trails, GDPR/DPIA, AML/CFT scenarios, insurance coverage, contracts with banks and allocation of liability. The buyer received a risk map and a 180-day integration plan.

Cost, timelines and compliance plan 2026

Question: how much does compliance with the new licensing rules cost? The estimate of the cost of complying with the new Open Banking licenses consists of the regulator’s initial fees, legal preparation, technology (FAPI, OAuth, mTLS, tokenization, logging), audits (IT/AML), pentest, insurance, SOC 2/ISO 27001 and staff expenses for compliance. In our observations, for PISP/AIS in the EU the first-year budget is often comparable to 12–18 months of burn-rate on compliance and security.
Question: what are the regulators’ timelines for implementing PSD3/analogs? In 2026 a transition period is expected, when old licenses remain valid but require upgrades for SCA, APIs and data. The transition periods to the new Open Banking licenses span several quarters; combined license-and-technical projects proceed faster.
Compliance roadmap 2026 and project plan should include: licensing (PISP/AIS/e-money/payment institution), technical API foundation, GDPR/DPIA and eIDAS, AML/CFT and scenarios, BCM and operational resilience, insurance, regulatory reporting and reporting format, as well as readiness for prudential supervision. The COREDO team recommends quarterly checkpoints so the regulator can see predictable progress.

Frequently Asked Questions from Clients

Question: how is liability allocated in fraud through a TPP? Liability is allocated according to contracts and regulator rules: if the TPP correctly applied SCA and complied with the SLA, the bank covers part of the losses; if the TPP violated SCA or processed the transaction without consent, liability shifts to the TPP. I insist on clear indemnity clauses and an investigation procedure.
Question: is it worth changing the jurisdiction of registration because of the new rules? Often there is no need to migrate if the market is key. It is far more productive to fine-tune licenses, strengthen API security, rebuild the DPIA and localize data for cross-border flows. In some cases, relocation for passporting in the EU or access to a sandbox in Asia can speed things up.
Question: can third-party KYC services be used to comply with the new licenses? Yes, subject to vendor due diligence, technical and legal SLAs, AML/CFT compliance checks and data protection. At COREDO we create a vendor due diligence checklist that includes sanctions screening, SLA stress tests and failover plans.
Question: what will change in PSD3 for Open Banking? SCA will be strengthened, API requirements will be standardized, liability will become clearer, and consent management will become central. The regulator will expand oversight of TPPs, and banks will receive clear obligations regarding access to accounts, which will simplify onboarding.
Question: how will the new licensing rules affect banks and fintechs? Banks will update APIs and security, strengthen vendor controls and standardize contracts. Fintechs will invest in security, AML and architecture, but will benefit from greater predictability and higher market trust.

XS2A and API Security Checklist 2026

XS2A (account access) in 2026 means: FAPI profile, OAuth 2.0, OpenID Connect, mTLS; SCA and API security; Berlin Group/NextGenPSD2 and ISO 20022; API governance and versioning; API SLA, rate limiting and throttling; tokenization, encryption at rest/in transit; logging, audit trails and forensic readiness; API security testing, pentest; SOC 2 and ISO 27001. At COREDO we turn this list into an actionable project plan with assigned owners and timelines.

BaaS and embedded finance: risks and growth

Banking-as-a-Service provides fast access to the market but carries operational risks. BaaS licensing and compliance require transparent allocation of responsibilities, supplier controls, regular audit procedures and stress-testing of processes. How to scale BaaS under new licensing requirements? Split responsibility at the contract level, embed security into the architecture and maintain unified logging and reporting standards.
Data monetization and privacy coexist if you use privacy by design, consents and data minimization. Pricing models for APIs – from per-call to subscription and revenue share – must take into account throttling, caching layers and ISO 20022 conversion, otherwise unit economics will be “eaten” by performance costs.

Bank and TPP agreements: changes to the rules

Bank and TPP agreements in 2026 are best structured using modular templates: licenses and compliance; API and security; SLA and versioning; liability and indemnity; data and GDPR; audit and supervision. Fix allocation of liability mathematically: coverage percentages, limits, and investigation procedures. Add liability insurance (cyber, professional liability), as well as clauses on mandatory notifications and recovery timeframes.
COREDO implements contract packages with appendices for API SLAs and security profiles to reduce negotiation cycles. This approach speeds up integrations and increases predictability for all parties.

Summary for executives and directors

Open Banking 2026 is about maturity: licensing, API security, GDPR, AML/CFT and operational resilience. The business model wins when licenses and technology work together: then ROI becomes predictable and growth manageable. The COREDO team helps guide the journey from registering a payment institution to international scaling, linking regulators’ requirements with real business metrics.
If you are planning a fintech license in the EU for 2026, preparing for PISP and AIS licenses in 2026, or combining BaaS and e-money, start with a requirements map: PSD3/PSR, GDPR and DPIA, FAPI/OAuth/mTLS, AML/CFT, BCM, reporting, insurance and contracts. Next, structure jurisdictions, budget for compliance, choose API standards and prepare the team for supervision.
I believe in Open Banking that creates transparency, competition and new services. And I know from COREDO’s experience: when licensing strategy, architecture and compliance align, the market responds with trust, and the product with growth.
Read more
20.02.2026
Public offer of the payment system under PSD3 and PSR

Since 2016 I’ve been leading COREDO through dozens of licensing processes, hundreds of registrations and thousands of pages of contracts. The greatest value for clients is not the mere fact of obtaining a license, but a stable contractual framework that lays out the rules of the game: it is the payment system’s public offer that determines user trust, the reliability of settlements and the protection of funds. Europe is now moving to a new regulatory architecture: PSD3 and PSR, and the public offer is becoming a critical document that affects the business model no less than code and processing.

The COREDO team has already adapted offers for PSPs, EMIs and technology providers in the EU, the UK, Singapore and Dubai. Our experience shows: a correct “PSD3 public offer” saves quarters of time, millions on compliance and reduces the likelihood of regulatory sanctions. In this article I provide a practical framework, examples and checklists that we use on projects, and explain how to turn the offer from a legal file into a working operational tool.

Update of the public offer for PSD3/PSR

Illustration for the section «Update of the public offer for PSD3/PSR» in the article «Public offer of the payment system under PSD3 and PSR»
PSD3 and the PSR (Payment Services Regulation) reallocate requirements between the directive and the regulation: some rules will become directly applicable, others will be harmonised through national competent authorities. This concerns client funds protection (safeguarding), strong customer authentication (SCA), open APIs for TPPs and operational resilience. The PSR public offer becomes the visible bearer of these requirements, and regulators view it not as a formality but as a reflection of risk management.

The main differences between PSD3 and PSD2 regarding the public offer: increased transparency of fees and risks, greater attention to SLAs for payment execution and incidents, as well as clear provisions on the allocation of responsibility between the PSP, the merchant and the TPP. EBA recommendations on public offers and the role of national competent authorities strengthen control over disclosures, consent mechanisms and the procedure for notifying changes to offer terms. In practice this means that the «PSD3 payment provider offer» must be synchronized with SCA, KYC/AML policies and operational procedures, rather than exist separately.

Public offer for PSP, EMI, e-money

Illustration for the section «Public offer for PSP, EMI, e-money» in the article «Public offer of a payment system under PSD3 and PSR»
I start the project by mapping risks and business processes. The solution developed at COREDO links each product feature to specific sections of the contract and internal policies. For EMI and e-money the offer must explicitly describe the funds protection regime, wallet types, limits and withdrawal operations, and the “e-money public offer and PSD3” must align with safeguarding accounts and insurance coverage.

Key blocks of the offer:

  • user consent and acceptance mechanics (click-wrap, eIDAS electronic signature where high legal enforceability is needed);
  • tariff transparency and the fee pricing model, including transaction margin and surcharges for cross-border payments;
  • SLA metrics: authorization time, settlement time, service availability, incident priority;
  • provisions on refunds and chargebacks, allocation of responsibility between PSP and merchant;
  • public offer and protection of client funds: segregation, insurance, annual safeguarding audits;
  • public offer and KYC/AML requirements: client’s obligations to provide data, blocking triggers, RBA;
  • privacy: processing of personal data and GDPR, cross-border data transfers and localization requirements.

PSD3 Offer: PSR Requirements

Illustration for the section «PSD3 Offer: PSR Requirements» in the article «Public offer of the payment system under PSD3 and PSR»

COREDO practice confirms: the «mandatory provisions of the PSD3 offer» are read by the regulator as a maturity checklist. In the offer we set out:
  • user rights and user protection in the PSD3 offer: clear information on risks, fees, limits, reimbursement rights;
  • SCA and exemptions: biometrics, trusted beneficiaries, low-risk transactions;
  • operational resilience and incident reporting: timeframes for notifying customers and the regulator, communication channels;
  • third-party outsourcing: SLAs and supplier liability, right to audit, critical dependencies;
  • independent audits, reviews and internal control: frequency, scope, remediation;
  • capital requirements for PSPs and requirements for electronic money issuers (EMIs): methodology, stress tests, buffer maintenance.

PSR requirements also strengthen disclosures on payment routing, multilateral correspondent models and access-to-account obligations under open banking. This should be reflected formally and operationally.

PISP/AISP/marketplace/white-label PSP

Illustration for the section «PISP/AISP/marketplace/white-label PSP» in the article «Public offer of the payment system under PSD3 and PSR»
For PISP and AISP the “public offer for PISP and AISP” must disclose third-party API access (TPP), the procedure for delegated consent, as well as the public offer in open banking conditions – who, when and how stores tokens, event logs and how to ensure users’ consent during API delegation. Our experience at COREDO has shown that unnecessary ambiguity here leads to complaints and loss of passporting.

For a payments marketplace, it is important to choose a model: custodian vs escrow. The public offer for a payments marketplace should explain segregation of sub-merchants’ funds, the settlement schedule and the terms for termination of service/transition of clients without the risk of funds “getting stuck”. In a white-label PSP we record the allocation of responsibilities between the licensed back-end provider and the brand, including Due Diligence when partnering with a PSP and the right to modernize the API without degrading the SLA.

AML/KYC and the risk-based approach in the offer

Illustration for the section «AML/KYC and risk-based approach in the offer» in the article «Public offer of a payment system under PSD3 and PSR»

A public offer and AML/KYC/CDD are not about copy-pasting from the compliance policy, but about clear rules for the client.

I set out risk-based approach (RBA): risk segments, CDD levels, triggers for enhanced due diligence, sanctions control and screening technologies. For transaction monitoring and SAR reporting, the offer establishes the right to suspend an operation, request documents, notify the FIU and national regulators.

We dedicate a separate section to data: retention periods, access, cross-border data transfers (EEA and beyond), legal bases and localization where individual countries require it. It is important for the client to understand that compliance is part of the service, not a separate obstacle. Such transparency reduces the likelihood of disputes and improves onboarding quality.

Security and technical requirements for the text

Public offer and API security: mandatory section. I recommend formalizing requirements for OAuth2, JWT, key management and HSM, as well as the minimum compliance requirements in the public offer for PCI-DSS (network perimeter, PAN data encryption, card tokenization). At the protocol level it is worth mentioning the migration to ISO 20022 and its impact on consent schemes and the format of payment details.

Incidents should be described clearly: priorities, RTO/RPO, business continuity and disaster recovery in the offer, escalation procedures. For instant payments (TIPS, RTP, FastPay) we define specific SLAs and the risks of irrevocability, as well as mechanisms for post-authorization review and anti-fraud filters. The solution developed by COREDO combines these technical standards with legal obligations without conflicts.

User Consent and Notices

User consent: the foundation. In the offer I describe the mechanics of notification and obtaining users’ consent, including logs, IP addresses, timestamps, and, where necessary: eIDAS and electronic signatures in user agreements. For TPP processes I separately define how to secure users’ consent during API delegation, token validity periods and revocation.

A notice of changes to the offer terms must include the channels (e-mail, in-app), minimum timeframes, the client’s right to terminate the agreement without penalties before the changes take effect, and the rules for handling “silent consent” where permitted. Such a design prevents disputes and increases resilience to audits.

SLA and operational metrics in the offer

SLA is the language of trust for the merchant. We establish:

  • authorization and confirmation times, the share of operations requiring re-authentication;
  • settlement time (D+0/D+1), cut-off, deduplication;
  • service availability (for example, 99.9%), maintenance window and the order of function degradation;
  • dispute management and customer support in case of chargeback: TAT, channels, escalations.

For instant-pay services it is useful to include separate SLAs: the share of payments <10 seconds, average finalization time, and fallback routes in case individual schemes are unavailable. Agreements with merchants and settlement SLAs are reasonable to place in an appendix so that metrics can be updated promptly without changing the base text.

Safeguarding and capital in the offer

The public offer, safeguarding and segregation of client funds (safeguarding) are areas of close attention. Models for safeguarding: bank accounts vs insurance, their combinations and reconciliation timelines. I specify the frequency of reconciliation, the client’s right to information about custodial banks and independent auditor confirmations.

The section on PSP capital requirements explains the calculation method, recapitalization triggers and the procedure for notifying the regulator. For marketplaces I add how to organize safeguarding for a marketplace: separate accounts for sub-merchants, escrow for disputes, temporary reserves and automatic unfreeze conditions.

Cross-border operations, passporting, banks

Passporting and restrictions on cross-border operations are a frequent source of misunderstanding.

In the offer we specify the geography of services, service currencies, country restrictions and the use of partner PSPs. Integration with correspondent banks and fees must be transparent: where correspondent banking fees may arise and who covers them.

The public offer for cross-border payments should take tax aspects into account: the public offer and taxation of payment services – who withholds taxes, how fees are treated for B2B and B2C. When operating in the EU, it is beneficial to reflect passporting and conditions for servicing non-residents; in Asia, the linkage to licenses by MAS, HKMA or DIFC/FSRA.

Disputes, refunds and chargebacks

Refund procedures and chargeback mechanics – not just links to a card scheme. I break it down step by step: timelines, required evidence, merchant’s role, allocation of PSP responsibility for infrastructure and routing errors. For A2A payments we set out separate error-resolution mechanisms, refunds at the initiative of the PISP and intervention by the account-holding bank.

Dispute resolution and an arbitration clause help avoid jurisdictional traps. Legal stipulations: applicable law and jurisdiction are chosen taking into account the license and domicile of safeguarded accounts. In the offer it is advisable to describe liability limits and indemnities: reasonable caps, exclusions for gross negligence and intent, and disclaimer in the public offer to the extent permitted by law.

Securing control in outsourcing

The public offer and the terms of subcontracting/outsourcing must specify that critical functions are transferred only to approved providers, with audit rights and security requirements. We specify third-party outsourcing: SLAs and provider liability, business continuity plans, compatible RTO/RPO. Clients must know that outsourcing does not diminish their rights, and the provider retains control.

For white-label and agency schemes and partnership models, we describe the separation between the storefront and the licensed entity, brand/license disclosure, passporting and the right to migrate to the ‘base’ provider upon termination.

Risks, TCO/ROI and compliance under PSD3

TCO and ROI assessment when adapting the offer for PSD3 is a mandatory management task. We calculate CAPEX/OPEX for API updates, legal reviews, resilience tests and independent audits. Potential fines and regulatory risks are correlated with incident probabilities and the impact on GMV and transaction margin.

Which offer terms increase merchants’ trust? Transparent SLAs, a clear responsibility matrix, flexible payment routing and clear chargeback rules. Which metrics should be tracked after updating the offer? CAC, LTV, GMV, share of successful authorizations, settlement speed, incident rate, merchants’ NPS, size of reserves and refunds.

PSD3 Roadmap: stages and timelines

The COREDO team implemented a standard roadmap for PSD3 compliance:
  1. Gap analysis: differences from the current offer affecting PSR requirements, EBA recommendations.
  2. Structure redesign: PSP public offer template, linkage to SCA, AML/KYC, BCP/DR policies.
  3. Tech and risk review: API security, PCI-DSS, OAuth2/JWT/HSM, ISO 20022, instant payments.
  4. Legal components: applicable law, jurisdiction, limits and indemnities, outsourcing, safeguarding.
  5. Communication testing: consent mechanics, notice of changes to the offer terms, UX screenshots.
  6. Internal training: operational runbooks and KRIs, compliance project KPIs and execution control.
  7. Pilot and release: independent audits, establishing SLAs, metric monitoring, adjustments.

Timelines depend on scope, but on average we typically complete within 8–16 weeks if backend policies are ready and security is confirmed.

Implementation case studies in Europe and Asia

In the EU the COREDO team adapted the public offer for PSPs in Central Europe with the move to instant payments and the launch of marketplace scenarios. We defined an SLA for TIPS, set escrow reserves, and delineated responsibilities between the platform and sub-merchants. After the release, GMV grew due to the trust of large merchants, and the incident rate dropped by one third thanks to clear procedures.

In Singapore, the solution developed by COREDO helped align the public offer for the payment infrastructure with MAS requirements and eIDAS-equivalent electronic signature standards. We integrated sanctions screening for Asian corridors and provided for cross-border data transfer with local replicas. The regulator approved the cybersecurity outsourcing model while retaining control with the licensed entity.

Public Offer Template for PSP

Example of a public offer for PSP as a “skeleton” of sections:

  • Terms and roles: PSP, merchant, user, TPP, PISP/AISP, marketplace and sub-merchants.
  • Scope of services and geography: channel/schemes, instant payments, limited jurisdictions.
  • Fees and commission model: transparent consumer information and disclosure, taxes.
  • User consent and eIDAS: acceptance mechanism, delegation via API.
  • SCA and risk management (PSD3): factors, exceptions, anti-fraud, KRI.
  • Safeguarding: bank accounts vs insurance, reconciliation, audits.
  • SLA for payment execution and settlement: metrics, service windows, degradation.
  • Refunds and chargebacks: timelines, evidence, allocation of PSP liability.
  • AML/KYC/CDD and sanctions: RBA, SAR, interaction with FIU.
  • Privacy and GDPR: cross-border data transfer and localization requirements.
  • Outsourcing and subcontracting: right to audit, security, reserves.
  • Operational resilience: incident reporting, business continuity and disaster recovery.
  • Payment routing and correspondents: fees, fallback channels.
  • Restrictions and limits: transactions, currencies, merchant categories.
  • Liability limits and indemnities, disclaimers in the public offer (within the law).
  • Termination and transition: key termination and client transition points, data export.
  • Applicable law, jurisdiction, dispute resolution and arbitration clause.
  • Mechanism for notifying changes to the terms of the offer.
This template speeds up the preparation of a “public offer for PSPs in the EU” and meets the expectations of regulators and merchants.

PSD3 Offer Verification Checklist

Checklist for PSD3 offer compliance:

  • All roles, channels and schemes are specified, including PISP/AISP and open banking.
  • SCA and exemptions are aligned with policies and UX flows.
  • Safeguarding is transparent: banks/insurance, reconciliations, independent audits.
  • SLAs are defined, KPIs are measurable, incidents are described.
  • Refunds/chargebacks are detailed by scheme.
  • AML/KYC/CDD RBA is clearly articulated, SAR and sanctions controls are reflected.
  • GDPR and cross-border data transfers are validated by the DPO.
  • Outsourcing: right to audit, API security, PCI-DSS.
  • Legal provisions: limits, applicable law, spoliation-safe logging of consents.
  • Notification and consent mechanisms are tested and logged.
  • Integration of ISO 20022/instant-pay is reflected in terms and SLAs.
  • National NCA requirements are considered, passporting is correctly described.

Assess ROI and reduce sanctions risks

How to assess the ROI of changing the public offer? We compare improvements in authorization conversion, reductions in disputed transactions, savings on incidents and audits, increased merchant trust, and lower CAC.
How to minimize the risk of fines when implementing PSD3? Link each requirement to metrics and responsible departments, establish independent reviews, and maintain a log of risk decisions.
Managing compliance costs as the business grows requires prioritization: first safeguarding and SCA, then SLAs and outsourcing, and only afterward rare jurisdictional nuances. This approach supports scaling a multi-currency infrastructure without straining the budget.

Impact of PSD3: tokenization of crypto services

The impact of PSD3 on crypto services and tokenization is reflected in requirements for KYC/AML, SCA, storage and transfer of value through the payment infrastructure. A public offer and PCI-DSS requirements are important for card tokenization and on/off-ramp scenarios. For card tokenization and payment data security, we establish the merchant’s PCI obligations and the role of the tokenization provider, as well as cybersecurity obligations for APIs, OAuth2, JWT, and HSM.

API access for third parties and the terms of the offer must eliminate ambiguities regarding data rights and revocation of access. Open banking affects contractual relationships, and the offer must be aligned with the agreement with merchants and the SLA for settlements.

Regulatory practice and sandboxes

Licensing payment providers in the EU and Asia remains different, but the ideology is the same: demonstrate risk control through contracts and procedures.

A regulatory sandbox for payment services in individual countries helps test a public offer for payment infrastructure with a limited set of customers. In our projects we often pilot the dispute resolution process, SLAs and safeguarding specifically in the sandbox to speed up subsequent certification.

The role of national competent authorities in supervising PSPs is strengthening, and the PSR public offer is the first point of contact for supervision with your «tone of compliance». The more precise the document, the easier it is to pass off-site and on-site inspections.

Practical wording: what merchants value

Which offer terms increase merchants’ trust? I clearly define responsibility for delays in settlements, a transparent discount matrix as turnover grows, and describe fallback routing of payments. Agreements with merchants often include KPIs for authorization, refund timeframes and support quality, as well as the right to early exit in case of SLA degradation. Such a balance of interests stabilizes GMV and reduces churn.

For a white-label PSP it’s appropriate to disclose “who is actually licensed” and where the client will be able to continue service if the white-label agreement is terminated. Key termination and client-transition points describe data export, token unpacking, and the timelines for fund migration.

Work on COREDO projects

Our experience at COREDO has shown: the perfect offer is impossible without synchronizing the legal text, technological standards and operational runbooks. The COREDO team implemented an interactive matrix where each item of the offer is mapped to ISO 27001/PCI-DSS controls, an antifraud procedure, KPIs in the SLA and the BCP regulation. This creates seamless control and facilitates independent audits.

When a client prepares «public offer for a white-label PSP», we check the partner’s due diligence, its backup capacity, routing, as well as subcontracting terms. As a result the offer reflects the real risk landscape and withstands reviews by both EBA-guidelines and local NCAs.

The offer as a strategic asset

A public offer for a payment service under PSD3 and PSR is not a legal formality. It is a strategic asset that protects users, reduces risks, and increases revenue through merchants’ trust and operational efficiency. When the document ties SCA, safeguarding, AML/KYC, SLA and API security to real processes, the business confidently scales across the EU, Asia and the CIS.

COREDO prepares «PSD3 payment provider offer» quickly and consistently, relying on audit practices and case studies across different jurisdictions. If your product needs «public offer for a PSP in the EU», «public offer when implementing instant payments» or «public offer template for PSP» for white-label and marketplace, the COREDO team will align the document with EBA requirements, the EU PSD3/PSR regulation draft and merchants’ expectations. I believe in a simple formula: a strong offer – fewer incidents, higher conversion, more sustainable growth.

Read more
20.02.2026
Tax incentives for funds in Ireland the ICAV regime

Since 2016 I have been leading COREDO through dozens of projects to register fund structures in the EU, Asia and the CIS, and during this time Ireland has consistently remained at the top for the combination of regulatory predictability, tax benefits for funds and high-quality provider infrastructure. When I receive a request for an international fund registration with subsequent licensing and comprehensive AML support, I first assess the applicability of the ICAV (Irish Collective Asset-management Vehicle) regime. This form was created specifically for investment funds and hedge funds and provides precise answers to founders’ pain points: speed of launch, the tax neutrality of ICAV for investment funds, flexibility of structuring and effective cross-border distribution.

COREDO’s practice confirms: ICAV is a tool for those who want controlled EU passporting under AIFMD or UCITS, a wide funnel of institutional investors and compliance that withstands Due Diligence by any global LP. In this article I have gathered strategic and practical aspects: differences between ICAV and Ltd and PLC, tax regimes and incentives, requirements of the central regulator, KYC/AML procedures, substance, as well as a step-by-step guide to registering an ICAV in Ireland and subsequent supervision by the Central Bank of Ireland.

How an ICAV differs from a Ltd company and a PLC

Illustration for the section «How ICAV differs from Ltd and PLC» in the article «Tax incentives for funds in Ireland – ICAV regime»
ICAV: it is a separate legal regime for collective asset management in Ireland, designed for investment purposes and compliant with AIFMD and UCITS. Unlike Ltd and PLC, it is not a corporate “universal” form, but a specialised fund vehicle operating as an investment undertaking with specific tax consequences and reporting. This positioning allows ICAV to obtain exemption from corporate tax at the fund level provided the legal requirements are met.

The key difference from Ltd and PLC is tax opacity in Ireland combined with “tax transparency” at the investor level in their home jurisdiction, if local law so requires. In other words, ICAV taxation is structured as a neutral link between the assets and the unit-holders, where the tax base is formed at the investor level rather than at the fund, and withholding taxes and the ICAV are examined through the prism of DTTs and domestic rules. Such a structure is critical for private equity, credit strategies, hedge structures and multi-asset solutions where investors are geographically diverse.
Umbrella ICAVs and sub-funds: another practical plus. A single “umbrella” platform allows an unlimited number of segregated sub-funds with separate share classes, risk isolation and different investment mandates. The COREDO team has implemented such umbrellas for clients ranging from Singapore to Dubai, using a single ManCo and a unified infrastructure of the depositary, administrator and custodian while maintaining separate reporting for sub-funds.

ICAV tax architecture

Illustration for the section «ICAV tax architecture» in the article «Tax incentives for funds in Ireland – ICAV regime»
My main guideline is to minimize the fund’s tax burden through an ICAV without resorting to aggressive structures. Ireland allows a fund to be exempt from corporate tax when it has investment undertaking status and is correctly registered, and it also provides mechanisms for exemption from Irish withholding tax on payments to non‑residents from the “white list” of jurisdictions when supporting documentation is available. Taxation of gains from the sale of assets in an ICAV generally does not arise at the fund level; capitalization of gains is passed through to the investor taking into account their domestic tax regime and DTT.

Withholding and exemptions from taxes on interest and dividends themselves depend on the source of income and the location of the assets. In real projects we developed documentary withholding tax relief procedures, including investor self‑certification forms, confirmations of tax residency, analysis of treaty‑shopping risks and the application of the Multilateral Instrument (MLI), which modifies specific provisions of double taxation agreements. Our experience at COREDO has shown: a properly constructed matrix of DTTs and local exceptions on withholding tax on interest/dividends significantly increases net returns.

An ICAV should take into account the impact of BEPS and ATAD: interest limitation rules, CFC rules at the investor level, anti‑hybrid rules and substance over form — this is the baseline. Anti‑hybrid rules are important for debt strategies and structures with SPVs across multiple countries: mismatches in the tax characterization of instruments in different jurisdictions can lead to denial of deductions or double inclusion of income. We apply transfer pricing for groups of fund‑servicing entities and prepare transfer pricing documentation requirements for fund groups to demonstrate the arm’s‑length nature of fees charged by the ManCo, the administrator and advisors.

The introduced Pillar Two (global minimum tax) is formally aimed at large groups. Nevertheless, funds with controlled holdings and service hubs must check the per‑jurisdiction effective tax rate and exemptions. The solution developed at COREDO models ETR by jurisdiction and carve‑out scenarios; this is especially relevant when using portfolio SPVs for transactions in Europe, Asia and Africa. Additionally, we assess GAAR, general anti‑avoidance rules — in Ireland and in investors’ countries — to confirm business purpose and real economic substance.

VAT treatment of fund management services in Ireland provides for VAT exemption for fund management services, but where services are mixed in nature (for example, IT outsourcing or analytics) some components may be taxable. We pre‑classify contracts and determine VAT on management services: when VAT applies and how to correctly document administration fees — tax recognition and deductions for providers. Such analysis reduces the risk of margin shifting at the operational level.

What Revenue and the regulator see

Illustration for the section “What Revenue and the regulator see” in the article “Tax benefits for funds in Ireland – ICAV regime”
The tax residency test for a fund in Ireland is built around the place of effective management and management and control (management and control). Economic substance for an ICAV: it’s not just an office and a nameplate on the door, but a set of corporate governance practices: directors’ meetings in Ireland, independent non‑executive directors with relevant expertise, a local secretary, a record of resolutions, contracts with Irish counterparties and risk controls at the depositary and ManCo level. I always emphasize: it is demonstrable management and control at the ICAV that addresses CFC issues and confirms tax neutrality.

  • A calendar of board meetings held with an Irish quorum and minutes.
  • Real‑time access for directors to portfolio information and risk reports.
  • Local agreements with the ManCo, the administrator, the depositary, and auditors.
  • Policies and procedures: asset valuation, conflicts of interest, valuation challenge.
  • A dossier on the place of effective management: business trips, minutes, working correspondence.

The role of the manager (ManCo) and tax obligations is a separate topic. Licensing and registration of a ManCo for an ICAV is carried out at the Central Bank of Ireland, and the quality of the ManCo affects not only AIFMD/UCITS supervision but also the perception of substance by regulators. In several projects the COREDO team conducted ManCo vendor selection and built an advance pricing agreement (APA) as a tool for legal certainty on intra-group pricing for the service companies supporting the fund.

Requirements for directors and independent board members of an ICAV include a balance of competencies: investments, risk, compliance, audit. Functions and fiduciary duties and director liabilities in tax disputes are not theoretical: we have supported cases when correct escalation to the depositary and the recording of a director’s dissenting opinion helped a fund pass an inspection without sanctions. Corporate governance practices for an ICAV are your insurance when dealing with questions from the Irish Revenue Commissioners and external auditors.

Registration of CRO, Central Bank, Revenue

Illustration for the section «Registration CRO, Central Bank, Revenue» in the article «Tax incentives for funds in Ireland – ICAV regime»
A step-by-step guide to opening an ICAV for non-residents includes three tracks: legal (Companies Registration Office, CRO), regulatory (Central Bank of Ireland) and tax (Revenue).

  • CRO: preparation of the ICAV constitution, information on directors, the company secretary and the RBO. The Companies Registration Office (CRO) registration procedure for an ICAV usually takes 5–10 business days with a complete submission.
  • Central Bank of Ireland: submission of documents for ICAV approval and, where necessary, a UCITS prospectus or AIF rules. Timelines depend on the fund category: there are fast routes for QIAIF; for UCITS, 6–8 weeks with quality preparation.
  • Irish Revenue Commissioners: registration of the tax status as an investment undertaking and obtaining an Irish tax clearance certificate for certain operations (for example, on distributions).
How long does ICAV registration in Ireland take? On average “turnkey”, from 8 to 12 weeks, if the ManCo and key providers are selected in advance and there are no amendments to the strategy’s risk profile. The registration and launch timeline is a checklist that the COREDO team tailors to each strategy, including concentration rule compliance tests for UCITS compatibility and structural liquidity requirements.

Choosing a depositary, administrator and custodian: the foundation. The depositary controls ownership of assets and compliance with investment restrictions, and depositary liability: practical cases and risk management show that proper allocation of functions between the depositary and the administrator reduces operational risks. When structuring SPVs and ICAVs for private credit and securitisation SPVs we take into account asset segregation and tax asset protection mechanisms so that cash flows and payment priorities are resilient to stress scenarios.

Passporting AIFMD: opportunities and limitations for ICAV, and UCITS compatibility — this is about distribution strategy. UCITS provides the widest possible access to retail investors in the EU, AIFMD: to professional investors in Europe. The impact of Brexit on choosing Ireland as a fund jurisdiction is clear: Dublin has become the “gateway” for EU-passported products while retaining an English-language legal environment and depth of the service provider market.

Compliance and reporting: AML, DAC6, AEOI

Illustration for the section «Compliance and reporting: AML, DAC6, AEOI» in the article «Tax incentives for funds in Ireland – the ICAV regime»
Anti-corruption KYC/AML for funds in Ireland is a set of policies, procedures and technologies. We build KYC/AML procedures when onboarding institutional investors, including sanctions screening and counterparty checks, identification of PEPs, adverse media and transaction monitoring. When suspicious transactions are detected there is an obligation to file SARs and reporting requirements for suspicious activity in accordance with Irish AML legislation.

CRS and FATCA for ICAV are standard. FATCA registration is required to obtain a GIIN, AEOI setup involves the technical steps for information exchange and annual filing through Irish ROS. Investor tax reporting requirements and forms depend on investor jurisdictions, but basic self-certification (W‑8BEN‑E/others) and periodic updates are mandatory. The Beneficial Ownership Register (RBO) and disclosures of the fund’s and ManCo’s ultimate beneficiaries must be accurate and timely.
DAC6 and reporting for ICAV funds is a sensitive area for cross-border transactions. We assess indicators of “arrangements” and prepare the reporting position to avoid late filing and penalties. The regulatory package (regulatory filings: the annual document package for an ICAV) includes filings to the Central Bank of Ireland, audit of financial statements, updating KIID/KID, as well as the tax reporting calendar: the main deadlines for funds taking into account the specifics of UCITS/AIF.

Choosing an auditor and audit requirements is not a formality. The auditor must understand valuation of Level 3 assets, NAV error escalation rules and the specifics of side pockets, otherwise the audit will be prolonged. The solution developed at COREDO provides an RfP process and a scorecard for auditors, administrators and depositaries taking into account the fund’s strategy, asset geography and investor requirements.

Redomiciliation of a fund to Ireland

Transferring a fund to Ireland: tax and operational steps begin with tax due diligence when entering an ICAV structure, analysis of BEPS issues during the reorganisation of international funds and review of CFC rules in investor jurisdictions. For assets we model transfer of assets in kind: tax consequences, possible stamp duties and capital gains recognition. Restructuring costs: how to account for expenses during a reorganisation – we record them in the fund’s accounting policy and with providers to avoid disputes over deductions.

ROI when moving the structure to ICAV mode is calculated through a set of KPIs: net return after withholding optimisations, savings on VAT and administration fees, speed of capital raising through passporting, reduction in compliance costs compared with offshore schemes. Key KPIs for managers when assessing ROI from redomiciliation include time-to-first-close, delta TER, % of investors from the EU, and the “cost of risk” from regulator audits. In practice, relocating to Ireland increases trust from LPs in Europe and Asia and simplifies cross-border distribution: tax barriers and solutions here are standardised.

Transition to ICAV: we mitigate compliance and tax audit risks through preliminary consultations with the Irish Revenue Commissioners, obtaining a tax clearance certificate where necessary, and via an APA for intra-group services. Risk mitigation strategies during tax audits and reviews include documenting the commercial purpose, comparability of ManCo fees and director independence. Practical steps to demonstrate substance to Revenue and the supporting evidence are documented in a ‘substance dossier’ with a calendar of meetings, minutes and correspondence.

Private strategies: PE/VC, hedge funds

ICAV for investment funds and hedge funds allows fine‑tuning of subscription/exit rules, hedge structures vs fund solutions and tax differences when using derivatives. For private equity we have embedded waterfall and carried interest within PE/VC fund structuring under ICAV: best practices suggest using separate sub‑funds for individual vintages and geographies to segregate risks and reporting. Tax aspects of private equity and ICAV often come down to managing capital gains treatment for non‑residents and investor‑level exemptions.

For credit strategies and securitisation SPV(s) we build a two‑tier architecture: an ICAV as the fund and an Irish or other EU SPV as the asset holder with its own “thin capitalization” and documented market rates. Such a setup supports asset protection through the ICAV and tax considerations, while preserving substance and the manageability of withholding. The COREDO team implemented credit umbrellas with sub‑funds for senior and mezzanine, as well as SPVs for synthetic securitisations, where anti‑hybrid rules were a critical part of the structuring.
We regularly compare the tax efficiency of the ICAV and Luxembourg fund schemes. In some cases Luxembourg wins for specific debt instruments and provider availability; nevertheless Ireland often offers a more direct tax neutrality, a simple operating model and a strong UCITS track record. choice of jurisdiction for the fund: Ireland vs offshore, for institutional LPs it is a question of trust and regulatory perimeter; Ireland with AIFMD/UCITS and supervision by the Central Bank of Ireland increases the quality of inbound due diligence by large investors.

Investor lifecycle: onboarding/holding/exit

At investor onboarding we set up KYC, the collection of self‑certifications for FATCA/CRS, tax residency checks and determine the applicability of withholding tax relief procedures and documentation. For US investors in an ICAV timely FATCA registration and the correct fund status for PFIC purposes at the investor level are critical; our experience at COREDO has shown that early engagement with their tax advisers reduces the risk of reporting surprises.

When making distributions it is important to consider withholding and exemptions on interest and dividends, apply DTTs and the relevant practical exceptions. Exit tax: modeling tax consequences on exit: a mandatory step at the subscription stage, especially for PE sub‑funds with a long horizon; investors should be able to see in advance scenarios for capital gains and possible exemptions, as well as investor tax reporting requirements and forms in their jurisdictions. We prepare clear memos on the tax treatment of distributions so the fund’s IR team can communicate transparently with LPs.
We discuss nominee arrangements and the related disclosure risks openly: in some jurisdictions nominee holders can complicate the application of DTTs and increase scrutiny from banks and depositaries. COREDO’s practice confirms: transparency of ownership structures and timely submission of data to the RBO reduce queries from administrators and auditors, thereby saving time and money.

Scalability, expenses and providers

Operating expenses of establishing an ICAV: forecasts and cost items include ManCo services, the administrator, depositary/custodian, auditor, legal support, listing (if required), directors’ insurance (D&O), IT infrastructure and KYC platforms. The cost of establishing and maintaining an ICAV depends on the strategy, liquidity and number of sub-funds; for an umbrella with two sub-funds and a professional ManCo we target a reasonable mid-market budget, which is detailed at the RfP stage.

Scalability: how the ICAV structure supports growth and capital raising – through an umbrella ICAV and sub-funds, passporting, unified policies, and a “live” ecosystem of Dublin providers. Tax incentives and opportunities for fund service providers in Dublin create competition and keep prices down, while service standards remain high. The COREDO team conducts KPI monitoring of administrators’ and depositaries’ SLAs, which directly affects NAV timing and the quality of investor reporting.

COREDO cases: EU, redomiciliation and taxes

Recently the COREDO team completed international fund redomiciliation cases to Ireland from offshore jurisdictions while retaining the investor base. We rolled out an umbrella ICAV with three sub-funds (public equities, private credit, Africa infrastructure), secured AIFMD passporting into key EU countries and coordinated cross-border distribution together with local counsel in Asia and Africa. Practical steps to demonstrate substance to Revenue and supporting evidence were incorporated into the corporate governance policy, and the Central Bank of Ireland approved the structure on schedule.

In another project our client was transferring a hedge strategy from a non-EU jurisdiction. After tax due diligence and analysis of BEPS issues we prepared an APA for the group’s service centre to close the transfer pricing risk. We also implemented sanctions screening and counterparty checks at the administrator level, and for DAC6 we developed an internal test preventing late reporting. Result – a fast first close and growth of the LP base from Europe and the Middle East.

Audit risks and their mitigation

Substance over form: the practice of tax audits in Ireland and the EU shows that formal indicia without real management in the country of residence no longer work. We help set meeting agendas, directors’ roles and ManCo control mechanisms to demonstrate the place of effective management. GAAR and anti‑hybrid rules are checked first; therefore profit allocation scenarios, SPV debt load and payment chains are documented in a memorandum before launch.

We discuss the impact of CFC rules on international investment structures with investors in advance, especially in Asia, where local CFC tests can bring the fund’s income into the tax base of the controlling persons. For such LPs we prepare individual certificates on the fund’s tax neutrality and the applicability of DTT, and also coordinate withholding tax relief procedures with their tax advisers. Regarding the Multilateral Instrument (MLI), we monitor updates to DTTs and promptly update self‑certification forms.

Why Ireland and ICAV now?

Choosing Ireland is a bet on the predictable supervision of the Central Bank of Ireland, the UCITS and AIFMD regimes recognized worldwide, and the infrastructure of world‑class service providers. Compared with offshore jurisdictions, investment status in the EU simplifies capital raising and reduces the compliance premium that investors often build into specific jurisdictions. For teams from Europe, Asia and the CIS this means process transparency, time savings and professional support at every stage — something COREDO handles daily.
The application of the ICAV regime in Europe, Asia and Africa in practice looks like a single platform with local SPVs to hold assets and a well‑designed DTT matrix. Our experience at COREDO has shown that with correct setup of substance and governance, ICAV withstands scrutiny by any institutional investor and auditor, and the ROI from redomiciliation is measured both by increased net returns and by the speed of fund closings.

Conclusions

ICAV is not just an “Irish form”, but a full-fledged operating platform: tax neutrality, the flexibility of umbrellas and sub-funds, oversight by the Central Bank of Ireland, passporting under AIFMD/UCITS, and predictable rules from the Irish Revenue Commissioners.

To obtain the full range of benefits — from exempting an ICAV from corporation tax to reducing withholdings and ensuring transparent AEOI reporting — it is important to link the legal, tax and operational axes into a single model of substance, governance and compliance.

The COREDO team has gone through this process with clients from the EU, Singapore, the UK, Cyprus, Estonia, the Czech Republic, Slovakia and Dubai and has built an approach that saves time and reduces risks. If you are considering registering an ICAV in Ireland, relocating a fund or optimizing an existing structure, I recommend starting with a roadmap: objectives, distribution strategy, tax model, providers, timeline, KPI.

The solution developed at COREDO makes it possible to combine strategic ambitions with operational delivery: from concept to first closings, without compromising on the quality of governance and investor trust.
Read more
See all news
LEAVE AN APPLICATION AND GET
A CONSULTATION

    By contacting us you agree to your details being used for the purposes of processing your application in accordance with our Privacy policy.

    +420 228 886 867

    K Cervenemu dvoru 3269/25a, Prague, 130 00, Czech Republic

    Sitemap    © 2026 Copyright © RES JUDICATA s.r.o. All rights reserved | llms.txt