The Companies (Corporate Enforcement Authority) Act 2021 contains a provision [1] which requires all directors of Irish companies to provide their Personal Public Service (PPS) numbers on certain documents submitted to the Companies Registration Office (CRO).

The purpose of this provision is to allow the CRO to verify a director's identity and thereby reduce the possibility of breaches of company law (for example, on limits on the number of directorships) as well as reduce the risk of identity theft.

The provision has yet to be commenced by the Minister for Enterprise, Trade and Employment but the CRO announced last week that, with effect from 23 April 2023, all directors of Irish companies will be required to provide their Personal Public Service (PPS) number to the CRO when filing the following forms:

  • Form A1 – Incorporation Application.
  • Form B1 – Annual Return.
  • Form B10 – Change of company officers or their particulars.
  • Form B69 – Notice of cessation of company officer where a company has failed to file the notice.

What will the CRO do with the PPS Numbers?

The CRO will verify the director's first name, surname, date of birth and PPS number submitted by crosschecking such information against the data held by the Department of Social Protection. In order for there to be a match between the two sets of data, the first name and surname submitted to the CRO must exactly match the names associated with that PPS number in the Department of Social Protection’s database.

The CRO has confirmed that it reserves the right to reject any submission where there are discrepancies between the information submitted and the information held by the Data of Social Protection. Such rejections could lead to late filing penalties, delays in meeting the Annual Return filing dates and possible loss of audit exemption. This discrepancy issue was evidenced when the Central Register of Beneficial Ownership (RBO) was established in 2019, with differences in information held by the RBO and the Department of Social Protection causing a number of submissions to be rejected. 

Will the CRO Store PPS Numbers?

When the PPS number filed with the CRO has been validated, it will be retained securely in an irreversible hashed/encrypted format and stored securely. PPS numbers will not be accessible by any employee of the CRO or any other party, and it will never be shared with any third party.

The CRO will then match the hashed/encrypted version of the PPS numbers to future filings and this should avoid duplication of director records.

No PPS Number?

If a director does not have an Irish PPS number, then he or she must apply for an Verified Identity Number (VIN) by completing a Form VIF (Declaration as to Verification of Identity) and submitting it to the CRO. The Form VIF must state the name, date of birth, nationality and address of the director and it must be sworn in the presence of a notary in the home country of the director. 

Once the Form VIF has been processed successfully, a VIN will be issued by the CRO. The VIN can then be used for all future CRO filings for any company to which that director is appointed.

Some good news - if a director does not have a PPS number but has previously been issued with an RBO number by the RBO, then the director can use their RBO number as their VIN for CRO filings.

What are the Sanctions for Non-Compliance?

If any person fails to comply with this new requirement, he or she shall be guilty of a category four offence which can result in the imposition of a fine of €5,000.

What is Next?

If they have not already done so, now is the time for companies to start collating the PPS numbers or RBO numbers of their directors and establish whether any of their directors will need to apply for a VIN in advance of 23 April 2023. The Form VIF will be available from the CRO CORE Portal shortly.

To avoid any unnecessary delays with filings, directors should undertake a review of the information held about them by the CRO (e.g. first name and surname) and identify any inconsistencies between such information and the data held by the Department of Social Protection.


[1] Section 35 of the Companies (Corporate Enforcement Authority) Act 2021

Lorna Osborne

Lorna Osborne

Partner, Corporate & Commercial
Dublin, Ireland

View profile