• High Level Standards

    • LR LR Licensing Requirements

      • LR-A LR-A Introduction

        • LR-A.1 LR-A.1 Purpose

          • Executive Summary

            • LR-A.1.1

              The Licensing Requirements Module sets out the Central Bank of Bahrain's ('CBB's) approach to licensing providers of regulated conventional banking services in the Kingdom of Bahrain.

              October 2007

          • Legal Basis

            • LR-A.1.2

              This Module contains the CBB's Regulations, Resolutions and Directive (as amended from time to time) relating to Licensing Requirements and is issued under the powers available to the CBB under Articles 37 to 42, 44 to 48 and 180 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). It also includes the requirements contained in Resolution No (1) of 2007 (as amended from time to time) with respect to determining fees categories due for licensees and services provided by the CBB. The Module also contains requirements under Regulation No (1) of 2007 pertaining to the CBB's regulated services issued under Article 39 of the CBB Law and those conditions of granting a license for the provision of regulated services as prescribed under Resolution No.(43) of 2011 and issued under the powers available to the CBB under Article 44(c). The Module contains requirements under Resolution No.(16) for the year 2012 including the prohibition of marketing financial services pursuant to Article 42 of the CBB Law. This Module contains the prior approval requirements for approved persons under Resolution No (23) of 2015. The Directive and Resolutions in this Module are applicable to all conventional bank licensees (including their approved persons).

              Amended: January 2016
              Amended: January 2013
              Amended: July 2012
              Amended: October 2011
              Amended: January 2011
              Amended: October 2010
              October 2007

            • LR-A.1.2A

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              Amended: January 2011

            • LR-A.1.3

              Persons wishing to undertake regulated banking services are required to be licensed by the CBB as a conventional bank licensee. Regulated banking services consist of two determinant activities undertaken in combination — deposit-taking and providing credit. In addition, various supplementary regulated activities may also be undertaken. These activities are defined in Rule LR-1.3.1.

              October 2007

            • LR-A.1.4

              In other words, persons wishing to undertake deposit-taking must also undertake the activity of providing credit. In addition, they may undertake any of the other activities falling within the definition of regulated banking services. Deposit-taking may not be undertaken on its own, without the activity of providing credit also being undertaken. Persons wishing to provide credit without undertaking deposit-taking may qualify as a finance company, a Category of specialised licensee (see separate regulations regarding these: they will fall under Volume 5 of the CBB Rulebook, when issued in the future).

              Amended: January 2013
              Amended: April 2011
              October 2007

          • License Categories

            • LR-A.1.5

              Conventional bank licensees are divided into two sub-categories: conventional retail banks and conventional wholesale banks. Certain specific regulatory requirements may differ between these two sub-categories, where appropriate to address their different risk profiles. (See Section LR-1.2.)

              Amended: January 2011
              October 2007

            • LR-A.1.6

              Conventional retail banks may undertake transactions in any currency, with both Bahraini residents and non-residents. To qualify as a conventional retail bank, the activity of providing credit must account for a significant portion of the institution's business (defined, broadly, as accounting for over 20% of an institution's assets — See Paragraphs LR-1.2.4LR-1.2.8).

              October 2007

            • LR-A.1.7

              Conventional wholesale banks may also undertake transactions without restriction, when dealing with the Government of Bahrain and its agencies; CBB bank licensees; and non-residents. However, they may only undertake transactions denominated in Bahraini Dinar and/or with a resident of the Kingdom of Bahrain, if these are wholesale in nature. Wholesale transactions are defined in terms of transaction size (broadly, BD 7 million or more for a credit or deposit transaction, and US$ 100,000 or more for an investment transaction — See Paragraphs LR-1.2.9LR-1.2.26).

              October 2007

            • LR-A.1.8

              Collectively, licensed providers of regulated banking services are called conventional bank licensees. Bahrain-incorporated conventional bank licensees are called Bahraini conventional bank licensees. Conventional bank licensees that are incorporated in an overseas jurisdiction and operate via a branch presence in the Kingdom of Bahrain are called branches of foreign conventional bank licensees. The same naming convention applies to the two sub-categories of conventional bank license: thus, Bahraini conventional retail bank licensees and Bahraini conventional wholesale bank licensees are those incorporated in Bahrain, whilst retail branches of foreign banks and wholesale branches of foreign banks are those incorporated in an overseas jurisdiction and operating in Bahrain via a branch presence.

              Amended: July 2017
              October 2007

            • LR-A.1.9

              Conventional bank licensees may not hold themselves out as an Islamic bank. They may nonetheless enter into Shari'a compliant transactions, subject to certain restrictions outlined in Section LR-1.4.

              October 2007

          • Licensing Conditions

            • LR-A.1.10

              Conventional bank licensees are subject to 8 licensing conditions, mostly specified at a high level in Module LR, and further expanded in underlying subject Modules (such as Module CA). These licensing conditions are broadly equivalent to the standards applied in other Volumes of the CBB Rulebook, to other license categories, and are consistent with international good practice, such as relevant Basel Committee standards.

              October 2007

            • LR-A.1.11

              The requirements contained in Chapter LR-2 represent the minimum conditions that have to be met in each case, both at the point of licensing and on an on-going basis thereafter, in order for licensed status to be retained.

              October 2007

          • Information Requirements and Processes

            • LR-A.1.12

              Chapter LR-3 specifies the processes and information requirements that have to be followed for applicants seeking a conventional bank license, as well as existing licensees seeking to vary the scope of their license, by adding new regulated activities. It also covers the voluntary surrender of a license, or its cancellation by the CBB.

              October 2007

          • Representative Offices, Finance Companies and Ancillary Service Providers

            • LR-A.1.13

              Representative offices of conventional banks, and providers of ancillary services in the financial sector are not covered in Volume 1 (Conventional Banks) of the Rulebook. Requirements covering representative offices (for all financial services firms) and providers of ancillary services to the financial sector are included in Volume 5.

              Amended: July 2017
              Amended: July 2012
              October 2007

            • LR-A.1.14

              Representative offices of conventional banks are subject to requirements contained in Volume 5 (Specialised Licensees), common Modules and specific Modules for representative offices. Until such time as all parts of Volume 5 (Specialised Licensees) of the CBB Rulebook is issued, providers of ancillary services to the financial sector remain subject to the requirements contained in the CBB's "Standard Conditions and Licensing Criteria".

              Amended: July 2017
              Amended: July 2012
              October 2007

            • LR-A.1.15

              This paragraph was merged with paragraph LR-A.1.13 above in October 2007]

            • LR-A.1.16

              This paragraph was merged with paragraph LR-A.1.14 above in October 2007]

            • LR-A.1.17

              This paragraph was deleted in October 2007.

        • LR-A.2 LR-A.2 Module History

          • Evolution of Module

            • LR-A.2.1

              This Module (Module LR — "Licensing and Authorisation Requirements") was first issued in July 2004, as part of the initial release of Volume 1 of the CBB Rulebook. It was subsequently reissued in full in July 2006 (and renamed "Licensing Requirements").

              October 2007

            • LR-A.2.2

              The reissued Module was one of several Modules modified to reflect the introduction of the CBB's new integrated license framework. Module LR was amended to reflect the new conventional bank licenses introduced by the framework, and to more closely align its presentation with that found in other CBB Rulebook volumes.

              October 2007

            • LR-A.2.3

              The reissued Module is dated July 2006. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made; Chapter UG-3 provides further details on Rulebook maintenance and version control.

              October 2007

            • LR-A.2.3A

              When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 1 was updated in October 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

              October 2007

            • LR-A.2.4

              A list of recent changes made to this Module is provided below:

              Module Reference Change Date Description of Changes
              LR-6 01/2005 New guidance on record-keeping.
              Whole Module 07/2006 Whole Module reissued to reflect integrated license framework: new license categories and updated licensing conditions introduced.
              LR-A.1.2 10/2007 New Rule LR-A.1.2 introduced, categorising this Module as a Directive.
              LR-1.4 10/2007 New section added on Shari'a Compliant Transactions
              LR-A.2.8 10/2007 Changes to provision of information requirements as result of CBB Law
              LR-3 10/2007 Revised requirements due to new CBB Law
              LR-4 10/2007 New Chapter LR-4 on application and license fees (incorporating material on fees previously contained in Module GR).
              LR-2.5.10 04/2008 Minimum daily cash reserve balance with the CBB increased from 5% to 7%.
              LR-1.2.16 04/2008 Lower threshold of $100,000 for investment business transactions for wholesale banks
              LR-2.5.10 07/2009 Minimum daily cash reserve balance with the CBB brought back to 5% from 7%.
              LR 10/2010 Various minor amendments to ensure consistency in formatting of CBB Rulebook.
              LR-A.1.2 10/2010 Revised legal basis.
              LR-1A 10/2010 New Chapter on Approved Persons moved from Section HC-1.2 and from Paragraphs in Section HC-1.5.
              LR-3.1.12A 10/2010 Added new paragraph, requiring capital to be injected prior to license being issued.
              LR-3.1.15 10/2010 Additional details pertaining to information required, within 6 months of a license being issued.
              LR-3.1.15A 10/2010 Transition rule added to comply with new requirement under Subparagraph HC-3.1.15(j).
              LR-4.2.13 10/2010 Amendment to guidance.
              LR 01/2011 Various minor amendments to ensure consistency in formatting of CBB Rulebook.
              LR-A.1.2 01/2011 Clarified legal basis.
              LR-3.1.5 and 3.1.5A 01/2011 Clarified the use of letters of guarantee as part of the licensing process.
              LR-4.2.9A 01/2001 Added the requirement for annual fees for SPV's to be in line with the requirements of Resolution No (1) of 2007.
              LR-A.1.4 04/2011 Corrected issue date.
              LR-3.1.3 04/2011 Clarified the appointment of a representative as part of the licensing process.
              LR-3.1.5(l) 04/2011 Deleted reference to Phase 1.
              LR-4.2.9A 04/2011 Clarified the payment of annual license fees for SPVs.
              LR-1.4.6 07/2011 Added Paragraph concerning Shari'a compliant financing contracts for the purchase of land and property.
              LR-2.8.1 07/2011 Updated language to reflect current terminology.
              LR-A.1.2 10/2011 New reference added to reflect the issuance of Resolution No.(43) of 2011.
              LR-3.3 10/2011 Clarified language on cancellation of a license or closure of a branch to be in line with other Volumes of the CBB Rulebook.
              LR-1A.1.23 04/2012 Last sentence of Paragraph deleted as cross reference no longer applies.
              LR-A.1.2 07/2012 Added reference to Regulation No 1 of 2007 pertaining to regulated services.
              LR-A.1.13 and LR-A.1.14 07/2012 Amended Paragraphs to reflect updates for Volume 5
              LR-B.1.3 07/2012 Corrected cross-reference.
              LR-1.2.10 07/2012 Reference to 'other banks' deleted.
              LR-1A.1.20 07/2012 Changed Guidance to Rule.
              LR-1A.2.4 07/2012 Added cross-reference.
              LR-1A.3.3 07/2012 Corrected cross-reference.
              LR-2.8.1 and LR-2.8.2 07/2012 Attributed reference to CBB Law to correct Paragraph.
              LR-3.1.18 07/2012 Corrected cross-reference.
              LR-4.2.9B 07/2012 Added guidance regarding annual fees of SPVs of Bahrain domiciled CIUs.
              LR-A.1.2 01/2013 Updated legal basis.
              LR-A.1.4 01/2013 Updated reference to when Volume 5 will be issued.
              LR-B.1.1 01/2013 Updated prohibition as per issuance of Resolution No.(16) for the year 2012.
              LR-1.1 01/2013 References added to requirements under Resolution No.(16) for the year 2012.
              LR-1.3.18 01/2013 Corrected typo.
              LR-1.3.36 to LR-1.3.39 01/2013 Updated reference to CIU to be aligned with Volume 7.
              LR-1A.1.3 01/2013 Clarified approval requirements for controlled functions for Bahrain operations.
              LR-4.2 07/2013 Amended due date and collection process for annual license fee.
              LR-1A.1 10/2013 Aligned controlled functions with Module TC.
              LR-4.2.9A 10/2013 Clarified annual license fees for newly established SPVs.
              LR-1.2.20 01/2014 Updated to refer to licensed exchange.
              LR-1A.1.3 01/2014 Correction made to clarify which controlled functions are in relation to Bahrain operations.
              LR-1A.1.17 01/2014 Amended requirement for notification for appointment of financial instrument trader and moved requirement to Paragraph BR-5.1.7.
              LR-2.8.1 01/2014 Corrected to refer to proper accounting standards.
              LR-1A.1 04/2014 Amended Rule on notification requirements dealing with approved persons.
              LR-1.4.5 04/2015 Corrected reference in Rule to 'customers'.
              LR-A.1.2 01/2016 Legal basis updated to reflect Resolution No (23) of 2015.
              LR-1.4.4 01/2016 Expanded the scope of Shari'a compliant investments allowed for the bank's own account.
              LR-1A 01/2016 Amended to reflect the issuance of Resolution No. (23) of the year 2015 dealing with approved persons.
              LR-1A.1.20B 04/2016 Clarified approval process for applicants for approved persons.
              LR-1A.1.18C 07/2016 Clarified Guidance on authorised representative for approval of controlled functions.
              LR-3.1.11 10/2016 Added definition of certification
              LR-2.5.2 04/2017 Deleted Paragraph on minimum paid up capital requirement.
              LR-2.5.2A 04/2017 Added new paragraph on minimum paid up capital requirement for locally incorporated retail banks.
              LR-2.5.2B 04/2017 Added new paragraph on minimum paid up capital requirement for locally incorporated wholesale banks.
              LR-2.5.6 04/2017 Amended paragraph to delete the requirement of endowment capital for overseas wholesale banks.
              LR-1A.1.7 07/2017 Amended paragraph.
              LR-2.2.2 07/2017 Amended paragraph.
              LR-3.4 07/2017 Added new Section on Publication of the decision to grant, cancel or amend a license.
              LR 07/2017 Changed the term "Overseas banks" to "branches of foreign banks".
              LR-1A.1.18 04/2018 Amended Paragraph.
              LR-3.1.1 04/2018 Amended Paragraph.
              LR-1.2.20A 10/2018 Added new Paragraph on Providing Trust Services.
              LR-1.2.23 10/2018 Amended Paragraph.
              LR-1.3.1 10/2018 Amended Paragraph adding—Providing Trust Services.
              LR-1.3.4 10/2018 Amended Paragraph.
              LR-1.3.54—LR-1.3.57 10/2018 Added new Sub-section on Providing Trust Services.
              LR-2.5.2A 10/2018 Amended paragraph on minimum total shareholders' equity maintained by retail bank licensees.
              LR-2.5.2B 10/2018 Amended paragraph on minimum total shareholders' equity maintained by wholesale bank licensees.
              LR-1.3.49A 04/2019 Added a new Paragraph on robo-advice.
              LR-3.1.1 07/2019 Amended Paragraph to remove references to hardcopy Form 1 submission to online submission.
              LR-3.2.4 10/2019 Changed from Rule to Guidance.
              LR-3.4.1 10/2019 Changed from Rule to Guidance.
              LR-1A.1.17 & LR-1A.1.18A 07/2020 Amended Paragraphs on online submission of Form 3.
              LR-1.3.1A 10/2020 Added a new Paragraph on compliance with AAOIFI Shari’a Standards.
              LR-1.3.1 07/2021 Amended Paragraph.
              LR-1.3.1B 07/2021 Added a new Paragraph on obtaining approval for services not included in its application.
              LR-1.3.58 – LR-1.3.61 07/2021 Added new Paragraphs on Account Information Service and Payment Initiation Services.
              LR-1.3.1C 01/2022 Added a new Paragraph on submission of information in relation to a bank wishing to undertake regulated banking services which were not included in its application for license.
              LR-2.5.8 10/2022 Amended Paragraph removing the requirement for agreeing a liquidity management policy with the CBB.

            • LR-A.2.5

              [This Paragraph was deleted in October 2007]

              Amended: January 2013

      • LR-B LR-B Scope of Application

        • LR-B.1 LR-B.1 Scope and Prohibitions

          • LR-B.1.1

            The licensing requirements in Chapter LR-1 have general applicability, in that they prevent any person from providing (or seeking to provide) regulated banking services within or from the Kingdom of Bahrain, unless they have been licensed as a conventional bank licensee by the CBB or marketing any financial services unless specifically allowed to do so by the CBB (see Rule LR-1.1.1).

            Amended: January 2013
            October 2007

          • LR-B.1.2

            In addition, no one may use the term 'bank' in their trading or corporate name, or otherwise hold themselves out to be a bank in Bahrain, unless they hold the appropriate license from CBB (see Rule LR-1.1.2).

            October 2007

          • LR-B.1.3

            The remaining requirements in Chapters LR-1 to LR-4 (besides those mentioned in Section LR-B.1 above) apply to all those licensed by the CBB as a conventional bank licensee, or which are in the process of seeking such a license. They apply regardless of whether the person concerned is incorporated in the Kingdom of Bahrain, or in an overseas jurisdiction, unless otherwise specified.

            Amended: July 2012
            October 2007

          • LR-B.1.4

            These remaining requirements prescribe the types of license offered; their associated operating conditions; the licensing conditions that have to be satisfied in order to secure and retain a license; and the processes to be followed when applying or varying a license, or when a license is withdrawn.

            October 2007

          • LR-B.1.5

            The Rules referred to above are supported by statutory restrictions contained in the CBB Law (cf. Articles 39 to 41 and 44 to 51).

            October 2007

        • LR-B.2 [This section was merged with section LR-B.1 in October 2007

      • LR-1 LR-1 Requirement to Hold a License

        • LR-1.1 LR-1.1 Conventional Bank Licensees

          • General Prohibitions

            • LR-1.1.1

              No person may:

              (a) Undertake (or hold themselves out to undertake) regulated banking services within or from the Kingdom of Bahrain unless duly licensed by the CBB;
              (b) Hold themselves out to be licensed by the CBB unless they have as a matter of fact been so licensed; or
              (c) Market any financial services in the Kingdom of Bahrain unless:
              (i) Allowed to do by the terms of a license issued by the CBB;
              (ii) The activities come within the terms of an exemption granted by the CBB by way of a Directive; or
              (iii) Has obtained the express written permission of the CBB to offer financial services.
              Amended: January 2013
              Amended: October 2010
              October 2007

            • LR-1.1.1A

              In accordance with Resolution No.(16) for the year 2012 and for the purpose of Subparagraph LR-1.1.1(c), the word 'market' refers to any promotion, offering, announcement, advertising, broadcast or any other means of communication made for the purpose of inducing recipients to purchase or otherwise acquire financial services in return for monetary payment or some other form of valuable consideration.

              Added: January 2013

            • LR-1.1.1B

              Persons in breach of Subparagraph LR-1.1.1(c) are considered in breach of Resolution No.(16) for the year 2012 and are subject to penalties under Articles 129 and 161 of the CBB Law (see also Section EN-10.3).

              Added: January 2013

            • LR-1.1.2

              According to Article 41(a) of the CBB Law, only persons licensed to undertake regulated banking services (or regulated Islamic banking services), may use the term 'bank' in their corporate or trading names, or otherwise hold themselves out to be a bank.

              October 2007

            • LR-1.1.3

              Licensees are not obliged to include the word 'bank' in their corporate or trading names; however, they are required to make clear their regulatory status in their letter heads, customer communications, website and so on.

              Amended: July 2012
              October 2007

            • LR-1.1.4

              For the purposes of Rule LR-1.1.2, persons will be considered in breach of this requirement if they attempt to operate as, or incorporate a bank in Bahrain with a name containing the word "bank" (or the equivalents in any language), without holding the appropriate CBB license or obtaining the prior approval of the CBB.

              October 2007

          • Licensing

            • LR-1.1.5

              Persons wishing to be licensed to undertake regulated banking services within or from the Kingdom of Bahrain must apply in writing to the CBB.

              October 2007

            • LR-1.1.6

              An application for a license must be in the form prescribed by the CBB and must contain:

              (a) A business plan specifying the type of business to be conducted;
              (b) Application forms for all controllers; and
              (c) Application forms for all controlled functions.
              Amended: October 2010
              October 2007

            • LR-1.1.7

              The CBB will review the application and duly advise the applicant in writing when it has:

              (a) Granted the application without conditions;
              (b) Granted the application subject to conditions specified by the CBB; or
              (c) Refused the application, stating the grounds on which the application has been refused and the process for appealing against that decision.
              Amended: October 2010
              October 2007

            • LR-1.1.8

              Detailed rules and guidance regarding information requirements and processes for license applications can be found in Section LR-3.1. As specified in Paragraph LR-3.1.14, the CBB will provide a formal decision on a license application within 60 calendar days of all required documentation having been submitted in a form acceptable to the CBB.

              October 2007

            • LR-1.1.9

              In granting new licenses, the CBB will specify the specific types of regulated banking service for which a license has been granted, and on what basis (i.e. conventional retail bank or conventional wholesale bank).

              October 2007

            • LR-1.1.10

              All applicants for conventional bank licenses must satisfy the CBB that they meet, by the date of their license, the minimum conditions for licensing, as specified in Chapter LR-2. Once licensed, conventional bank licensees must maintain these criteria on an on-going basis.

              October 2007

            • LR-1.1.11

              Conventional bank licensees must not carry on any commercial business in the Kingdom of Bahrain or elsewhere other than banking business and activities directly arising from or incidental to that business.

              October 2007

            • LR-1.1.12

              Rule LR-1.1.11 is intended to restrict bank licensees from undertaking any material non-financial business activities. The Rule does not prevent a bank undertaking commercial activities if these directly arise from their financial business: for instance, in the context of Islamic contracts, such as murabaha, ijara and musharaka, where the bank may hold the physical assets being financed or leased. Nor does it restrict a bank from undertaking commercial activities if, in the judgment of the CBB, they are incidental and do not detract from the financial nature of the bank's operations: for example, a bank may rent out spare office space in its own office building, and provide services associated with the rental (e.g. office security or cleaning).

              October 2007

            • LR-1.1.13

              Rule LR-1.1.11 applies to the legal entity holding the bank license. A bank may thus own subsidiaries that undertake non-financial activities, although the CBB generally does not support the development of significant commercial activities within a banking group. Capital invested in such subsidiaries by a bank would be deducted from the bank's capital base under the CBB's capital rules (see Module CA). In addition, the CBB may impose restrictions — such as dealings between the bank and its commercial subsidiaries — if it was felt necessary to limit the bank's exposure to non-financial risks.

              October 2007

        • LR-1.2 LR-1.2 License Sub-Categories

          • Retail vs. Wholesale

            • LR-1.2.1

              Depending on the nature of activities undertaken, conventional bank licensees must be licensed either as a conventional retail bank or as a conventional wholesale bank.

              October 2007

            • LR-1.2.2

              The nature of activities allowed under each license sub-Category is specified below (cf. Rule LR-1.2.4 and the following Paragraphs). The conventional retail bank Category replaces the Full Commercial Bank (conventional principles) Category that existed prior to July 2006; the conventional wholesale bank Category replaces the Offshore Banking Unit and Investment Bank License (conventional principles) categories.

              Amended: July 2012
              October 2007

            • LR-1.2.3

              Banks licensed prior to the introduction of these new license categories in July 2006 are not required to reapply for their license. Rather, their new license Category is to be confirmed by an exchange of letters with the CBB, and the issuance of a new license certificate. Where (prior to July 2006) the same legal entity holds multiple licenses, the CBB will agree transitional measures aimed at rationalizing the number of licenses held.

              October 2007

          • Conventional Retail Banks

            • LR-1.2.4

              Conventional retail banks are allowed to transact with both residents and non-residents of the Kingdom of Bahrain, and in both Bahrain Dinar and foreign currencies.

              October 2007

            • LR-1.2.5

              To qualify as a conventional retail bank, the person concerned must undertake (as a minimum), the activities of deposit-taking and providing credit (as defined in Rules LR-1.3.16 and LR-1.3.18). The activity of providing credit must be a significant part of the bank's business, relative to other activities.

              October 2007

            • LR-1.2.6

              When assessing the significance of credit-related activities, in the context of Rule LR-1.2.5, the CBB would normally expect to see loans and other credit-related activity (such as overdraft facilities, loan commitments, letters of credit, guarantees and other activities falling under the definition of providing credit), to constitute at least 20% of the total assets of the institution. Other activities and criteria may also be taken into account, if the CBB believes they are of a credit-related nature, and that such activities constitute a significant share of the bank's overall business.

              October 2007

            • LR-1.2.7

              In the case of new applicants, the above assessment is made based on the financial projections and business plan provided as part of the license application. Where existing licensees fail to satisfy the condition contained in Rule LR-1.2.5, the CBB will initiate discussion with the licensee as to the appropriateness of their license category: this may result in the licensee being required to change its license category. A branch of an overseas bank may nonetheless be allowed to hold a bank license in Bahrain, even if it fails to undertake the activities specified in Rule LR-1.2.5, providing that it undertakes other regulated banking services in Bahrain and its head office is licensed as a bank in its home country.

              October 2007

            • LR-1.2.8

              The purpose of Rule LR-1.2.5 is to ensure that, besides deposit-taking, the core banking activity of providing credit forms part of the definition of conventional retail banks, and accounts for a significant share of their business, in keeping with their intermediation function.

              October 2007

          • Conventional Wholesale Banks

            • LR-1.2.9

              Conventional wholesale banks are allowed to transact with residents of the Kingdom of Bahrain (irrespective of currency), and in Bahrain Dinar (irrespective of the location of the counterparty), subject to the conditions and exemptions specified in Rules LR-1.2.11, LR-1.2.13, LR-1.2.16 and LR-1.2.18. Foreign currency transactions with non-residents are not subject to these conditions.

              October 2007

            • LR-1.2.10

              The effect of Rule LR-1.2.9 is to limit the on-shore/Bahrain Dinar customer business of conventional wholesale banks to larger transactions. By definition, their on-shore client base is therefore wholesale in nature (i.e. large corporates and high net-worth individuals).

              Amended: July 2012
              October 2007

            • LR-1.2.11

              To qualify as a conventional wholesale bank, the person concerned must undertake (as a minimum), the activities of deposit-taking and providing credit (as defined in Rules LR-1.3.16 and LR-1.3.18).

              October 2007

            • LR-1.2.12

              The purpose of Rule LR-1.2.11 is to ensure that the core banking activities of deposit taking and providing credit form part of the definition of conventional wholesale banks. However, unlike conventional retail banks, there is no requirement that the activity of providing credit must be a significant part of the bank's business, relative to other activities. This is to allow conventional wholesale banks greater flexibility as to the nature of their activities; it also recognises that, because of the wholesale nature of their client base, there is less need to limit the scale of non-credit related risks to which their depositors may be exposed. Rule LR-1.2.11 does not in any way prevent conventional wholesale banks from developing the provision of credit as a major activity, should they wish to. The Guidance provided in Paragraph LR-1.2.7 with regards to overseas banks is also applicable to Rule LR-1.2.11.

              October 2007

            • LR-1.2.13

              Conventional wholesale banks may transact with residents of Bahrain and/or in Bahrain Dinar, with respect to the activities (a) to (e) listed in Rule LR-1.3.1, only where the individual transaction is BD 7 million or above (or its foreign currency equivalent).

              October 2007

            • LR-1.2.14

              To comply with Rule LR-1.2.13, the initial amount taken as a deposit must be BD 7 million or above (or its equivalent in foreign currency); however, subsequent additions and withdrawals from that deposit account may be for any amount. The initial amount taken as deposit may be split between different types of accounts (e.g. call, 3-month and 6-month accounts) — providing at least BD 7 million is taken from the customer on the same day and the bank's records can demonstrate this. Where subsequent withdrawals lead to a zero balance on an account (or the aggregate of accounts where more than one was originally opened), then a further BD 7 million must be deposited to re-start the 'wholesale' relationship, before additional deposits for smaller amounts may be made.

              October 2007

            • LR-1.2.15

              Similarly, with respect to credit-related transactions, the initial facility amount advised must be for BD 7 million or above (or its equivalent); but drawdowns (and repayments) under the facility may be for any amount, as may any subsequent changes to the facility amount. If the facility is fully repaid, then a further BD 7 million transaction must be agreed in order to re-start the 'wholesale' relationship.

              October 2007

            • LR-1.2.16

              Conventional wholesale banks may transact with residents of Bahrain and/or in Bahrain Dinar, with respect to the activities (f) to (l) listed in Rule LR-1.3.1, only where the individual transaction is US$ 100,000 or above (or its foreign currency equivalent).

              October 2007
              Amended: April 2008

            • LR-1.2.17

              With respect to activities (f) and (g) (dealing in financial instruments as principal / agent), the threshold refers to the individual transaction size. With respect to activities (h) and (i) (managing / safeguarding financial instruments), the threshold refers to the initial investment amount. With respect to activity (j) (operating a collective investment scheme), the threshold refers to the minimum investment required for participation in the scheme. With respect to activities (k) and (l) (arranging deals in / advising on financial instruments), the threshold refers to the size of the deal arranged or of the investment on which advice is being given.

              October 2007

            • LR-1.2.18

              Note that the threshold with respect to activities (h) and (i) applies to the initial investment amount: where a subsequent distribution to a client or a reduction in the mark to market value of the investment reduces the initial investment amount below US$ 100,000 it is still considered a wholesale transaction. The threshold in Rule LR-1.2.16 applies to a client even if the same client satisfies the BD 7m threshold in Rule LR-1.2.13, with respect to deposit/credit activities. Finally, the initial amount taken as an investment may be split between two or more investment products — providing at least US$ 100,000 is taken from the customer on the same day and the bank's records can demonstrate this.

              Amended: April 2008
              October 2007

            • LR-1.2.19

              Conventional wholesale bank licensees may only undertake activities (m) and (n) listed in Rule LR-1.3.1, on behalf of residents of Bahrain and/or in Bahrain Dinar, where the customer concerned meets either of the thresholds specified in LR-1.2.13 or LR-1.2.16 (in which case, activities (m) and (n) may be undertaken for any amount).

              October 2007

            • LR-1.2.20

              Notwithstanding Rules LR-1.2.13, LR-1.2.16 and LR-1.2.19, conventional wholesale banks are allowed to transact in Bahrain Dinar (or any other currency) for any amount with the Government of Bahrain, Bahrain public sector entities (as defined in the Guidelines for completion of the Prudential Information Reports), and CBB bank licensees. Conventional wholesale banks may also transact in Bahrain Dinar for any amount, where required to fund their normal operating expenses; or when investing for their own account in securities listed on a licensed exchange.

              Amended: January 2014
              October 2007

            • LR-1.2.20A

              Conventional wholesale bank licensees may undertake activity (o) listed in Rule LR-1.3.1, on behalf of residents and/or non-residents of the Kingdom of Bahrain and/or in Bahrain Dinar or foreign currency, where the customer concerned meets either of the thresholds specified in LR-1.2.13 or LR-1.2.16.

              Added: October 2018

            • LR-1.2.21

              Any transactions entered into prior to 1 July 2006 which may be in breach of the conditions specified in Rules LR-1.2.13, LR-1.2.16 and LR-1.2.19 must be notified to the CBB. These transactions will be allowed to mature.

              October 2007

            • LR-1.2.22

              Since the conventional wholesale bank regime represents an easing of the restrictions on on-shore business that previously applied to offshore bank licensees (i.e. OBUs and IBLs), there should be few transactions of the type specified in Rule LR-1.2.21 — they are likely to exist only where individual ad-hoc exemptions may have been previously granted by the CBB, and these exemptions went further than those now being applied across the Board to all conventional wholesale bank licensees.

              October 2007

            • LR-1.2.23

              Conventional wholesale banks must seek prior written CBB approval if they wish to undertake transactions of the type specified in Rules LR-1.2.13, LR-1.2.16, LR-1.2.19 and LR-1.2.20A if the transactions are below the thresholds mentioned in LR-1.2.13 or LR-1.2.16.

              Amended: October 2018
              Amended: October 2009
              October 2007

            • LR-1.2.24

              The approval requirement in Rule LR-1.2.23 only has to be made once, prior to the licensee starting to undertake such transactions. Its purpose is to allow the CBB to monitor the initiation of such business by conventional wholesale bank licensees, and to check that adequate systems and controls have been in place, so that such transactions are likely to be well managed. In addition, it is to allow, where relevant, for the necessary arrangements to be made to ensure that conventional wholesale banks comply with the CBB's reserve requirements (which apply to deposit liabilities denominated in Bahraini Dinars — see LR-2.5.10).

              October 2007

            • LR-1.2.25

              Conventional wholesale banks that are unclear about the interpretation of the conditions specified in Rules LR-1.2.13, LR-1.2.16 or LR-1.2.19 must consult the CBB prior to undertaking the transaction concerned.

              October 2007

            • LR-1.2.26

              The CBB may publish additional interpretative guidance on the above conditions, in response to licensees' queries. The minimum thresholds specified under Rules LR-1.2.13 and LR-1.2.16 will be kept under review by the CBB and may be amended in response to market developments.

              October 2007

          • Shari'a Compliant Transactions

            • LR-1.2.27

              Conventional bank licensees may not hold themselves out as an Islamic bank. Conventional bank licensees may only enter into activities (c) to (e) listed in Rule LR-1.3.1, in accordance with the conditions outlined in Section LR-1.4.

              October 2007

            • LR-1.2.28

              [This paragraph was deleted in October 2007]

            • LR-1.2.29

              Conventional bank licensees may freely deal in financial instruments or operate a collective investment scheme that happens to be Shari'a compliant (because of the nature of the financial instruments concerned).

              October 2007

        • LR-1.3 LR-1.3 Definition of Regulated Banking Services

          • LR-1.3.1

            Regulated banking services are any of the following activities, carried on by way of business:

            (a) Deposit-taking;
            (b) Providing Credit;
            (c) Accepting Shari'a money placements/deposits;
            (d) Managing Shari'a profit/loss sharing investment accounts;
            (e) Offering Shari'a Financing Contracts;
            (f) Dealing in financial instruments as principal;
            (g) Dealing in financial instruments as agent;
            (h) Managing financial instruments;
            (i) Safeguarding financial instruments;
            (j) Operating a Collective Investment Undertaking;
            (k) Arranging deals in financial instruments;
            (l) Advising on financial instruments;
            (m) Providing money exchange/remittance services;
            (n) Issuing/administering means of payment;
            (o) Providing Trust Services;
            (p) Providing account information services; and
            (q) Providing payment initiation services.
            Amended: July 2021
            Amended: October 2018
            Amended: October 2010
            October 2007

          • LR-1.3.1A

            Where licensees are undertaking regulated activities in accordance with Shari'a, all transactions and contracts concluded by conventional bank licensees must comply with Sharia standards issued by the Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI). The validity of the contract or transaction is not impacted, if at a later date, the relevant AAOIFI Sharia standards are amended.

            Added: October 2020

          • LR-1.3.1B

            A conventional bank licensee that wishes to undertake regulated banking services which were not included in its application for licence must obtain CBB’s written approval prior to offering such services. In such situations, CBB may impose additional conditions that it deems necessary for the provision of such services.

            Added: July 2021

          • LR-1.3.1C

            For the purposes of Paragraph LR-1.3.1B, conventional bank licensees must submit the following minimum information in relation to the provision of such services:

            a) Description of the services/products;
            b) Proposed fees and charges;
            c) Experience of resources responsible for such services and their details;
            d) Policies and procedures for such services;
            e) Enhancements to its risk management framework to capture, monitor, measure, control and report risks arising from the activity; and
            f) Relevant staff training plans.
            Added: January 2022

          • LR-1.3.2

            Upon application, the CBB may exclude specific transactions from the definition of regulated banking services.

            October 2007

          • LR-1.3.3

            The CBB will normally only consider granting such an exemption when a Bahrain resident is unable to obtain a specific product in Bahrain and it would be unreasonable to require the overseas provider of that product to be licensed for that specific transaction, and the provider has no intention of regularly soliciting such business in Bahrain.

            October 2007

          • LR-1.3.4

            For the purposes of Rule LR-1.3.1, carrying on a regulated banking service by way of business means:

            (a) Undertaking the regulated banking service of (a), plus any of the activities (b) to (o), as defined in Section LR-1.3, for commercial gain;
            (b) Holding oneself out as willing and able to engage in such activities; or
            (c) Regularly soliciting other persons to engage in transactions constituting such activities.
            Amended: October 2018
            Amended: October 2010
            October 2007

          • LR-1.3.5

            Licensees should note that they may still undertake activities falling outside the definition of regulated banking services, such as investing in physical commodities — subject to Rule LR-1.1.11. The fact that an activity is not included in the definition of regulated banking services does not mean that it is prohibited. In transitioning to the new licensing framework, the CBB will be closely liaising with licensees to ensure that no disruption occurs to their legitimate business activities.

            October 2007

          • LR-1.3.6

            Licensees should note that the same legal entity cannot combine regulated banking services with other regulated services, such as regulated insurance services. However, different legal entities within the same group may of course each hold a different license (e.g. banking and insurance).

            October 2007

          • General Exclusions

            • LR-1.3.7

              A person does not carry on an activity constituting a regulated banking service if the activity:

              (a) Is carried on in the course of a business which does not ordinarily constitute the carrying on of financial services;
              (b) May reasonably be regarded as a necessary part of any other services provided in the course of that business; and
              (c) Is not remunerated separately from the other services.
              Amended: October 2010
              October 2007

            • LR-1.3.8

              For example, the taking of a deposit in connection with the rental of a property would not be considered a regulated banking service, since it satisfies the criteria in Rule LR-1.3.7.

              October 2007

            • LR-1.3.9

              A person does not carry on an activity constituting a regulated banking service if the person is a body corporate and carries on that activity solely with or for other bodies corporate that are members of the same group.

              October 2007

            • LR-1.3.10

              A person does not carry on an activity constituting a regulated banking service if such person carries on an activity with or for another person, and they are both members of the same family.

              October 2007

            • LR-1.3.11

              A person does not carry on an activity constituting a regulated banking service if the sole or main purpose for which the person enters into the transaction is to limit any identifiable risks arising in the conduct of his business, providing the business conducted does not itself constitute a regulated activity.

              October 2007

            • LR-1.3.12

              For example, an industrial company entering into an interest rate swap to switch floating-rate borrowings for fixed rate borrowings, in order to manage interest rate risk, would not be considered to be dealing in financial instruments as principal, and would not therefore be required to be licensed as a conventional bank.

              Amended: October 2010
              October 2007

            • LR-1.3.13

              A person does not carry on an activity constituting a regulated banking service if that person enters into that transaction solely as a nominee for another person, and acts under instruction from that other person.

              October 2007

            • LR-1.3.14

              A person does not carry on an activity constituting a regulated banking service if that person is a government body charged with the management of financial instruments on behalf of a government or public body.

              October 2007

            • LR-1.3.15

              A person does not carry on an activity constituting a regulated banking service if that person is an exempt person, as specified by Royal decree.

              October 2007

          • Deposit-taking

            • LR-1.3.16

              Deposit-taking is defined as receiving a sum of money paid on terms under which it will be repaid in full, with or without interest or a premium, and either on demand or in circumstances agreed by the parties involved. It excludes sums referable to the giving of security or as a fee paid in advance for goods or services. It also excludes money received by a person in consideration for debt instruments issued by the same person, or money received by a person entering into a loan or other financing agreement.

              October 2007

            • LR-1.3.17

              The above definition, therefore, includes savings, current, notice, fixed and time deposits.

              October 2007

          • Providing Credit

            • LR-1.3.18

              Providing credit is defined as the provision of credit to a person in his capacity as borrower or potential borrower. This includes consumer and mortgage credit; and providing credit by way of finance leases, factoring, forfaiting, and reverse repo transactions. It also includes the issuance or endorsement of letters of credit; the issuance of letters of guarantee and other contingent credit activities (such as the underwriting of loans); the purchase on the secondary market of loans and other contracts of credit (that do not otherwise fall under the definition of financial instruments); and the provision of ancillary credit-related activities, such as advising on or arranging loans. It excludes money advanced to a person in consideration for debt instruments issued by the same person.

              Amended: January 2013
              October 2007

          • Accepting Shari'a Money Placements/Deposits

            • LR-1.3.19

              Accepting Shari'a money placements is defined as the acceptance of sums of money for safe-keeping ('al-wadia', 'q'ard') in a Shar'ia compliant framework, under which it will be repaid, either on demand or in circumstances agreed by the parties involved, and which is not referable to the giving of security.

              October 2007

          • Offering Shari'a Financing Contracts

            • LR-1.3.20

              Offering Shari'a financing contracts is defined as entering into, or making arrangement for another person to enter into, a contract to provide finance in accordance with Shari'a principles, such as murabaha, bay muajjal, bay salam, ijara wa iktina and istisna'a contracts.

          • Managing Shari'a Profit Sharing Investment Accounts

            • LR-1.3.21

              Managing a Shari'a profit sharing investment account is defined as managing an account, portfolio or fund, whereby a sum of money is placed with the service provider on terms that a return will be made according to an agreed Shari'a compliant profit-sharing arrangement, based either on a mudaraba or musharaka partnership.

              October 2007

          • Dealing in Financial Instruments as Principal

            • LR-1.3.22

              Dealing in financial instruments as principal means buying, selling, subscribing for or underwriting any financial instrument on one's own account.

              October 2007

            • LR-1.3.23

              Rule LR-1.3.22 includes the underwriting of equity and other financial instruments. The underwriting of loans comes under the activity of providing credit (see Rule LR-1.3.18). It also includes the temporary sale of a financial instrument through a repo transaction.

              October 2007

            • LR-1.3.24

              A person does not carry on an activity specified in Rule LR-1.3.22 if the activity relates to the person issuing his own shares/debentures, warrants or bonds.

              October 2007

          • Dealing in Financial Instruments as Agent

            • LR-1.3.25

              Dealing in financial instruments as agent means buying, selling, subscribing for or underwriting financial instruments on behalf of a client.

              October 2007

            • LR-1.3.26

              A licensee that carries on an activity of the kind specified by Rule LR-1.3.25 does not determine the terms of the transaction and does not use its own financial resources for the purpose of funding the transaction. Such a licensee may however receive or hold assets in connection with the transaction, in its capacity as agent of its client.

              October 2007

          • Managing Financial Instruments

            • LR-1.3.27

              Managing financial instruments means managing on a discretionary basis financial instruments on behalf of another person.

              October 2007

            • LR-1.3.28

              The activities included under the definition of Rule LR-1.3.27 include activities such as asset management.

              October 2007

          • Safeguarding Financial Instruments (i.e. Custodian)

            • LR-1.3.29

              Safeguarding financial instruments means the safeguarding of financial instruments for the account of clients.

              October 2007

            • LR-1.3.30

              A person does not carry on an activity specified in Rule LR-1.3.29 if the person receives documents relating to a financial instrument for the purpose of onward transmission to, from, or at the direction of the person to whom the financial instrument belongs; or else is simply providing a physical safekeeping service such as a deed box.

              October 2007

            • LR-1.3.31

              A person does not carry on an activity specified in Rule LR-1.3.29 if a third person, namely a qualifying custodian, accepts responsibility with regard to the financial instrument.

              October 2007

            • LR-1.3.32

              A "qualifying custodian" means a person who is:

              (a) A licensee who has permission to carry on an activity of the kind specified in Rule LR-1.3.29; or
              (b) An exempt person in relation to activities of that kind.
              Amended: October 2010
              October 2007

            • LR-1.3.33

              A person does not carry on an activity specified in Rule LR-1.3.29 if they are managing a central depository, which is part of an exchange recognised by the CBB.

              October 2007

            • LR-1.3.34

              The following are examples of activities, which when taken in isolation, are unlikely to be regarded as an activity of the kind specified under Rule LR-1.3.29:

              (a) Providing information as to the number of units or the value of any assets safeguarded; and
              (b) Converting currency.
              Amended: October 2010
              October 2007

            • LR-1.3.35

              A person undertaking an activity of the kind specified under Rule LR-1.3.29 may also be engaged in the administration of the financial instruments, including related services such as cash/collateral management.

              October 2007

          • Operating a Collective Investment Undertaking

            • LR-1.3.36

              Operating a collective investment undertaking ('CIU') means operating, establishing or winding up a collective investment undertaking.

              Amended: January 2013
              October 2007

            • LR-1.3.37

              For the purposes of LR-1.3.36, a CIU is defined in Volume 7 Paragraph ARR-B.1.1

              Amended: January 2013
              October 2007

            • LR-1.3.38

              [This Paragraph was deleted in January 2013].

              Deleted: January 2013

            • LR-1.3.39

              [This Paragraph was deleted in January 2013].

              Deleted: January 2013

          • Arranging Deals in Financial Instruments

            • LR-1.3.40

              Arranging deals in financial instruments means making arrangements with a view to another person, whether as principal or agent, buying, selling, or subscribing for, or underwriting deals in, financial instruments.

              October 2007

            • LR-1.3.41

              A person does not carry on an activity specified in Rule LR-1.3.40 if the arrangement does not bring about the transaction to which the arrangement relates.

              October 2007

            • LR-1.3.42

              A person does not carry on an activity specified in Rule LR-1.3.40 if a person's activities are limited solely to introducing clients to licensees.

              October 2007

            • LR-1.3.43

              The exclusion in Rule LR-1.3.42 does not apply if the agent receives from any person, other than the client, any pecuniary reward or other advantage, which he does not account to the client, arising out of his entering into the transaction. Thus, if A receives a commission from B for arranging credit or deals in investment for C, the exclusion in Rule LR-1.3.42 does not apply.

              October 2007

            • LR-1.3.44

              A person does not carry on an activity specified in Rule LR-1.3.40 merely by providing the means of communication between two parties to a transaction.

              October 2007

            • LR-1.3.45

              A person does not carry on an activity specified in Rule LR-1.3.40 if they operate an exchange, duly recognised and authorised by the CBB.

              October 2007

            • LR-1.3.46

              Negotiating terms for an investment on behalf of a client is an example of an activity which may be regarded as an activity of the kind specified in Rule LR-1.3.40.

              October 2007

            • LR-1.3.47

              The following are examples of activities, which when taken in isolation, are unlikely to be regarded as an activity of the kind specified in Rule LR-1.3.40:

              (a) Appointing professional advisers;
              (b) Preparing a prospectus/business plan;
              (c) Identifying potential sources of funding;
              (d) Assisting investors/subscribers/borrowers to complete and submit application forms; or
              (e) Receiving application forms for processing/checking and/or onward transmission.
              Amended: October 2010
              October 2007

          • Advising on Deals in Financial Instruments

            • LR-1.3.48

              Advising on financial instruments means giving advice to an investor or potential investor (or a person in his capacity as an agent for an investor or potential investor) on the merits of buying, selling, subscribing for or underwriting a particular financial instrument or exercising any right conferred by such a financial instrument.

              October 2007

            • LR-1.3.49

              The following are examples of activities, which may be regarded as an activity as defined by Rule LR-1.3.48:

              (a) A person may offer to tell a client when shares reach a certain value on the basis that when the price reaches that value it would be a good time to buy or sell them;
              (b) Recommendation on the size or timing of transactions; and
              (c) Advice on the suitability of the financial instrument, or on the characteristics or performance of the financial instrument concerned.
              Amended: October 2010
              October 2007

            • LR-1.3.49A

              For the purpose of Rule LR-1.3.48, advising on financial instruments includes giving digital financial advice also known as 'robo-advice' or 'automated advice' using a computer program and algorithm to generate the advice.

              Added: April 2019

            • LR-1.3.50

              A person does not carry on an activity specified in Rule LR-1.3.48 by giving advice in any newspaper, journal, magazine, broadcast services or similar service in any medium if the principal purpose of the publication or service, taken as a whole, is neither that of:

              (a) Giving advice of the kind mentioned in Rule LR-1.3.48; nor
              (b) Leading or enabling persons to buy, sell, subscribe for or underwrite a financial instrument.
              Amended: October 2010
              October 2007

            • LR-1.3.51

              The following are examples of activities, which when taken in isolation, are unlikely to be regarded as an activity as defined by Rule LR-1.3.48:

              (a) Explaining the structure, or the terms and conditions of a financial instrument;
              (b) Valuing financial instruments for which there is no ready market;
              (c) Circulating company news or announcements;
              (d) Comparing the benefits and risks of one financial instrument to another; and
              (e) Advising on the likely meaning of uncertain provisions in an agreement relating to, or the terms of, a financial instrument or on the effect of contractual terms and their commercial consequences or on terms that are commonly accepted in the market.
              Amended: October 2010
              October 2007

          • Providing Money Exchange / Remittance Services

            • LR-1.3.52

              Means providing exchange facilities between currencies, and the provision of wire transfer or other remittance services.

              October 2007

          • Issuing / Administering Means of Payment

            • LR-1.3.53

              Means the selling or issuing of payment instruments, or the selling or issuing of stored value (e.g. credit cards, travellers' cheques, electronic purses).

              October 2007

          • Providing Trust Services

            • LR-1.3.54

              Providing trust services is defined as:

              (a) Establishment of trusts;
              (b) Administration of trusts in accordance with the provisions of the trust deed;
              (c) Providing related ancillary services to trusts in accordance with the provisions of the trust deed; and
              (d) Providing financial advisory services to trust business clients only.
              Added: October 2018

            • LR-1.3.55

              The related ancillary services under sub-paragraph LR-1.3.54(c) include providing directorship services, company secretarial services, providing a registered address and/or acting as a shareholder to the company holding the assets of a trust.

              Added: October 2018

            • LR-1.3.56

              Conventional bank licensees must ensure that the trust services in Paragraph LR-1.3.54 are handled by an independent trust service department within the bank.

              Added: October 2018

            • LR-1.3.57

              Conventional bank licensees must comply with the legislative Decree No. (23) of 2016 with regards to Trust, and CBB's resolutions and directives issued in this regard.

              Added: October 2018

          • Account Information Service and Payment Initiation Services

            • LR-1.3.58

              Providing account information services (AIS) means the activity of obtaining access and the provision of information to customers about their transactions and account balances with other licensees (banks, financing companies or payment service providers) and the handling of communication or electronic documents between the customer and other licensees using an online portal, mobile devices or applications.

              Added: July 2021

            • LR-1.3.59

              Providing payment initiation services (PIS) means the activity of initiating payment or fund transfers for the customer from an account he holds with other licensees.

              Added: July 2021

            • LR-1.3.60

              Conventional bank licensees undertaking AIS and/or PIS activities must comply with the requirements in the Open Banking Module (OB Module) included in the CBB Rulebook Volume 5 – Ancillary Service Providers.

              Added: July 2021

            • LR-1.3.61

              Conventional retail bank licensees that wish to offer AIS or PIS services must ensure that an independent review is conducted prior to commencement of AIS or PIS services to confirm compliance with the Operational Guidelines, Security Standards and Guidelines, Open Banking Application Program Interface (API) Specifications and Customer Journey Guidelines included in the Bahrain Open Banking Framework available on the CBB website. Such a review must be conducted by a third-party consultant, other than the external auditor.

              Added: July 2021

        • LR-1.4 LR-1.4 Shari'a Compliant Transactions

          • General Requirements for all Conventional Banks

            • LR-1.4.1

              Conventional bank licensees may not hold themselves out as an Islamic bank. Conventional bank licensees are allowed to enter into activities (c) to (e) listed in Rule LR-1.3.1 under the conditions outlined in the remainder of this section, subject to the thresholds and conditions outlined in Section LR-1.2 (concerning facilities offered to Bahrain residents and facilities in Bahrain Dinar in particular).

              October 2007

            • LR-1.4.2

              Shari'a compliant financing facilities provided by conventional bank licensees are treated as normal risk-weighted assets in the PIR and are not subject to the risk-weighting treatment under Volume 2.

              October 2007

            • LR-1.4.3

              When offering any of the Shari'a compliant activities (c) to (e) listed in Rule LR-1.3.1, conventional bank licensees must have staff trained in Shari'a compliant banking business. The bank must also disclose in the notes to its Annual Report/Financial Statement all quantitative and qualitative disclosures on its Shari'a compliant business as required by AAOIFI accounting and auditing standards.

              October 2007

            • LR-1.4.4

              Conventional bank licensees may invest in Shari'a compliant financial instruments for their own account or make an investment in a Shari'a compliant syndication where the bank's role is limited to provide the funding for such investment and the bank has not participated in the structuring nor the preparation of any documentation in relation to this investment.

              Amended: January 2016
              October 2007

          • Additional requirements for conventional retail banks

            • LR-1.4.5

              Conventional retail bank licensees may provide Shari'a compliant activities (c) to (e) listed in Rule LR-1.3.1 in any amount and in any currency to customers subject to the following conditions:

              (a) Shari'a compliant financing and funding to be undertaken through a special counter or branch as deemed necessary by the bank;
              (b) The bank must maintain separate books for Shari'a compliant banking activities to ensure no co-mingling of conventional and Islamic funds;
              (c) The bank must have a dedicated treasurer or senior trader for Shari'a compliant business and must also have a Shari'a compliance reviewer; and
              (d) The bank must establish a Shari'a Supervisory Board with a minimum of three board members. The board may have global authority for all Shari'a compliant business or may have authority purely for Islamic business booked in Bahrain.
              Amended: April 2015
              April 2011
              October 2007

          • Additional Requirements for the Financing of Land or Property in Bahrain by way of Shari'a Compliant Financing Contracts

            • LR-1.4.6

              Retail bank branches of foreign banks may provide Shari'a compliant financing (activity (e) listed in Rule LR-1.3.1) in any amount and in any currency to customers for the purpose of purchasing land or properties in Bahrain subject to the conditions below:

              (a) The branch must secure the CBB's prior written approval for offering such financing;
              (b) The purpose of ownership of the concerned land or property by the bank must be for the purpose of the subsequent resale to the customer under a Shari'a compliant financing contract;
              (c) The period of legal ownership of the concerned land or property by the branch must be limited only to the financing phase of the Shari'a compliant financing contract; and
              (d) In the case of default by the customer and repossession by the branch, the land or property must be disposed of within one year of the date of the termination of the Shari'a compliant financing contract. Branches may approach the CBB to extend this period for a maximum of one additional year.
              Added: July 2011

      • LR-1A LR-1A Approved Persons

        • LR-1A.1 LR-1A.1 CBB Notification and Approval

          • General Requirement

            • LR-1A.1.1

              Conventional bank licensees must obtain the CBB's prior written approval for any person wishing to undertake a controlled function in a conventional bank licensee. The approval from the CBB must be obtained by the CBB prior to their appointment (subject to the variations contained in Rule LR-1A.1.3).

              Amended: January 2016
              Added: October 2010

            • LR-1A.1.2

              Controlled functions are those functions occupied by board members and persons in executive positions and include:

              (a) Board Member;
              (b) Chief Executive or General Manager and their Deputies;
              (c) Chief Financial Officer and/or Financial Controller;
              (d) Head of Risk Management;
              (e) Head of Internal Audit;
              (f) Head of Shari'a Review;
              (g) Compliance Officer;
              (h) Money Laundering Reporting Officer;
              (i) Deputy Money Laundering Reporting Officer; and
              (j) Heads of other Functions.
              Amended: January 2016
              Amended: October 2013
              Added: October 2010

            • LR-1A.1.3

              Prior approval is required for all controlled functions in relation to Bahrain operations. Controlled functions (g) and (h) may be combined, however (see also FC-4.1, regarding the MLRO function).

              Amended: January 2014
              Amended: October 2013
              Amended: January 2013
              Added: October 2010

          • Basis for Approval

            • LR-1A.1.4

              Approval under Rule LR-1A.1.1 is only granted by the CBB, if it is satisfied that the person is fit and proper to hold the particular position in the licensee concerned. 'Fit and proper' is determined by the CBB on a case-by-case basis. The definition of 'fit and proper' and associated guidance is provided in Sections LR-1A.2 and LR-1A.3 respectively.

              Added: October 2010

          • Definitions

            • LR-1A.1.5

              Board members collectively are responsible for the business performance and strategy of the conventional bank licensee, as outlined in more details in Section HC-1.2.

              Amended: October 2013
              Added: October 2010

            • LR-1A.1.6

              When taken as a whole, the board of directors of a conventional bank licensee must be able to demonstrate that it has the necessary skills and expertise, as outlined in Paragraph HC-1.2.10.

              Amended: October 2013
              Added: October 2010

            • LR-1A.1.7

              The Chief Executive or General Manager means a person who is responsible for the conduct of the licensee (regardless of actual title). The Chief Executive or General Manager must be resident in Bahrain. The scope of authority of the CEO and his deputies is outlined in more detail in Subparagraph HC-6.3.2 (a).

              Amended: July 2017
              Amended: October 2013
              Added: October 2010

            • LR-1A.1.8

              The head of risk management is responsible for the management and control of all risk exposures arising from the activities of the conventional bank licensee.

              Amended: October 2013
              Added: October 2010

            • LR-1A.1.9

              The head of internal audit is responsible for providing independent and objective review on the adequacy and effectiveness of the holistic internal control environment within the conventional bank licensee. The duties of the head of internal audit are outlined in more detail in Subparagraph HC-6.3.2 (d).

              Amended: October 2013
              Added: October 2010

            • LR-1A.1.9A

              The head of Shari'a review in a conventional bank licensee, dealing with Islamic products and services, is responsible for the examination of the extent of a conventional bank licensee's compliance, in all its activities, with the Shari'a. This examination includes contracts, agreements, policies, products, transactions memorandum and articles of association, financial statements, reports (especially internal audit and central bank inspection), circulars, etc. The objective of the Shari'a review is to ensure that the activities carried out by a conventional bank licensee do not contravene the Shari'a.

              Added: October 2013

          • Compliance Officer

            • LR-1A.1.10

              All banks must appoint a senior member of staff with responsibility for the management of compliance risk as their Compliance Officer/Manager.

              Added: October 2010

            • LR-1A.1.11

              The compliance function must be independent (i.e. it must not be placed in a position where its other duties or responsibilities may cause a conflict of interest with its compliance risk management responsibilities). Therefore the compliance function must be separate from the internal audit function. The compliance officer or manager may however, perform other limited related compliance roles (e.g. the MLRO or legal advisor), subject to the CBB's prior approval.

              Added: October 2010

            • LR-1A.1.12

              The compliance function must have adequate resources to carry out its functions effectively.

              Amended: January 2016
              Added: October 2010

            • LR-1A.1.13

              The bank must also outline how the compliance function fits into the bank's senior management reporting structure, and must give details of relevant reporting lines within the bank.

              Amended: January 2016
              Added: October 2010

            • LR-1A.1.14

              In the case of locally incorporated banks, the compliance officer/manager must have access to the Board of Directors in addition to the senior management.

              Added: October 2010

            • LR-1A.1.15

              Heads of other functions, where risk acquisition or control is involved, are responsible for tracking specific functional performance goals in addition to identifying, managing, and reporting critical organisational issues upstream. Certain functions require dealing directly with clients while others do not. Both categories of functions, however, require specific qualifications and experience to meet the objectives as well as compliance requirements of the conventional bank licensee.

              Amended: October 2013
              Added: October 2010

            • LR-1A.1.16

              Where a firm is in doubt as to whether a function should be considered a controlled function it must discuss the case with the CBB.

              Added: October 2010

          • Prior Approval Requirements and Process

            • LR-1A.1.17

              Conventional bank licensees must obtain CBB's prior written approval before a person is formally appointed to a controlled function; the request for CBB approval must be made by submitting to the CBB a duly completed Form 3 (Application for Approved Person status) and Curriculum Vitae after verifying that all the information contained in Form 3, including previous experience, is accurate. Conventional bank licensees must fill in the Application Form 3 (Application for Approved Person status) online, available on the CBB website under E-services/online Forms and must upload scanned copies of supporting documents listed in Paragraph LR-1A.1.18A, unless otherwise directed by the CBB.

              Amended: July 2020
              Amended: January 2016
              Amended: January 2014
              Added: October 2010

            • LR-1A.1.18

              When the request for approved person status forms part of a license application, the Form 3 must be marked for the attention of the Director, Licensing Directorate. When the submission to undertake a controlled function is in relation to an existing conventional bank licensee, the Form 3 must be marked for the attention of either the Director, Retail Banks Supervision or the Director, Wholesale Banks Supervision, as appropriate. In the case of the MLRO or DMLRO, Form 3 should be marked for the attention of the Director, Compliance Directorate.

              Amended: April 2018
              Amended: January 2016
              Added: October 2010

            • LR-1A.1.18A

              When submitting Form 3, conventional bank licensees must ensure that the Form 3 is:

              (a) Submitted to the CBB with a covering letter signed by an authorised representative of the conventional bank licensee, seeking approval for the proposed controlled function;
              (b) Submitted online on the CBB website under E-services/online Forms;
              (c) Submitted with a certified copy of the applicant's passport, certified copies of educational and professional qualification certificates (and translation if not in Arabic or English) and the Curriculum Vitae; and
              (d) Signed by an authorised representative of the conventional bank licensee and all pages stamped on with the conventional bank licensee's seal.
              Amended: July 2020
              Added: January 2016

            • LR-1A.1.18B

              Conventional bank licensees seeking to appoint Board Directors must seek CBB approval for all the candidates to be put forward for election/approval at a shareholders' meeting, in advance of the agenda being issued to shareholders. CBB approval of the candidates does not in any way limit shareholders' rights to refuse those put forward for election/approval.

              Added: January 2016

            • LR-1A-1.18C

              For existing conventional bank licensees applying for the appointment of a Board Director or the Chief Executive/General Manager, the authorised representative should be the Chairman of the Board or a Director signing on behalf of the Board. For all other controlled functions, the authorised representative should be the Chief Executive/General Manager, or a suitably senior representative of the bank.

              Amended: July 2016
              Added: January 2016

            • LR-1A.1.19

              [This Paragraph was deleted in January 2016.]

              Deleted: January 2016
              Added: October 2010

            • LR-1A.1.20

              [This Paragraph was moved to Paragraph LR-1A.1.18B in January 2016.]

              Amended: January 2016
              Amended: July 2012
              Added: October 2010

          • Assessment of Application

            • LR-1A.1.20A

              The CBB shall review and assess the application for approved person status to ensure that it satisfies all the conditions required in Paragraph LR-1A.2.6 and the criteria outlined in Paragraph LR-1A.2.7.

              Added: January 2016

            • LR-1A.1.20B

              For purposes of Paragraph LR-1A.1.20A, conventional bank licensees should give the CBB a reasonable amount of notice in order for an application to be reviewed. The CBB shall respond within 15 business days from the date of meeting all required conditions and regulatory requirements, including but not limited to, receiving the application complete with all the required information and documents, as well as verifying references and interviewing the applicant. The CBB will advise the conventional bank licensee once the application is considered complete.

              Amended: April 2016
              Added: January 2016

            • LR-1A.1.20C

              The CBB reserves the right to refuse an application for approved person status if it does not satisfy the conditions provided for in Paragraph LR-1A.2.6 and does not satisfy the CBB criteria in Paragraph LR-1A.2.7. A notice of such refusal is issued by registered mail to the conventional bank licensee concerned, setting out the basis for the decision.

              Added: January 2016

          • Appeal Process

            • LR-1A.1.21

              Conventional bank licensees or the nominated approved persons may, within 30 calendar days of the notification, appeal against the CBB's decision to refuse the application for approved person status. The CBB shall decide on the appeal and notify the conventional bank licensees of its decision within 30 calendar days from the date of submitting the appeal.

              Amended: January 2016
              Added: October 2010

            • LR-1A.1.21A

              When notification of the CBB's decision to grant a person approved person status is not issued within 15 business days from the date of meeting all required conditions and regulatory requirements, including but not limited to, receiving the application complete with all the required information and documents, conventional bank licensees or the nominated approved person may appeal to the Executive Director, Banking Supervision of the CBB provided that the appeal is justified with supporting documents. The CBB shall decide on the appeal and notify the conventional bank licensees of its decision within 30 calendar days from the date of submitting the appeal.

              Added: January 2016

          • Notification Requirements and Process

            • LR-1A.1.22

              Conventional bank licensees must immediately notify the CBB when an approved person, for whatever reason, ceases to hold the controlled function for which they have been approved (i.e. transferred to another function within the bank, or to another group entity, or else has resigned, been suspended or dismissed). The notification must include the reasons for the action taken.

              Amended: April 2014
              Added: October 2010

            • LR-1A.1.23

              [Rule moved to Paragraph BR-5.1.17 in April 2014.]

              Amended: April 2014
              Amended: April 2012
              Added: October 2010

            • LR-1A.1.24

              [This Paragraph was deleted in April 2014].

              Deleted: April 2014
              Added: October 2010

            • LR-1A.1.25

              If a controlled function falls vacant, the conventional bank licensee must appoint a permanent replacement (after obtaining CBB approval), within 120 calendar days of the vacancy occurring. Pending the appointment of a permanent replacement, the conventional bank licensee must make immediate interim arrangements to ensure continuity of the duties and responsibilities of the controlled function affected. These interim arrangements must be approved by the CBB.

              Added: October 2010

            • LR-1A-1.26

              Conventional bank licensees must immediately notify the CBB should they become aware of information that could reasonably be viewed as calling into question an approved person's compliance with CBB's 'fit and proper' requirement (see LR-1A.2).

              Added: October 2010

        • LR-1A.2 LR-1A.2 Approved Persons Conditions: 'Fit and proper' Requirement

          • LR-1A.2.1

            Conventional bank licensees seeking an approved person authorisation for an individual, must satisfy the CBB that the individual concerned is 'fit and proper' to undertake the controlled function in question.

            Amended: January 2016
            Added: October 2010

          • LR-1A.2.2

            Each applicant applying for approved person status and those individuals occupying approved person positions must comply with the following conditions:

            (a) Has not previously been convicted of any felony or crime that relates to his/her honesty and/or integrity unless he/she has subsequently been restored to good standing;
            (b) Has not been the subject of any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud;
            (c) Has not been adjudged bankrupt by a court unless a period of 10 years has passed, during which the person has been able to meet all his/her obligations and has achieved economic accomplishments;
            (d) Has not been disqualified by a court, regulator or other competent body, as a director or as a manager of a corporation;
            (e) Has not failed to satisfy a judgement debt under a court order resulting from a business relationship;
            (f) Must have personal integrity, good conduct and reputation;
            (g) Has appropriate professional and other qualifications for the controlled function in question (see Appendix TC-1 in Module TC (Training and Competency)); and
            (h) Has sufficient experience to perform the duties of the controlled function (see Appendix TC-1 in Module TC (Training and Competency)).
            Amended: January 2016
            Added: October 2010

          • LR-1A.2.3

            In assessing the conditions prescribed in Rule LR-1A.2.2, the CBB will take into account the criteria contained in Paragraph LR-1A.2.4. The CBB reviews each application on a case-by-case basis, taking into account all relevant circumstances. A person may be considered 'fit and proper' to undertake one type of controlled function but not another, depending on the function's job size and required levels of experience and expertise. Similarly, a person approved to undertake a controlled function in one conventional bank licensee may not be considered to have sufficient expertise and experience to undertake nominally the same controlled function but in a much bigger licensee.

            Amended: January 2016
            Added: October 2010

          • LR-1A.2.4

            In assessing a person's fitness and propriety, the CBB will also consider previous professional and personal conduct (in Bahrain or elsewhere) including, but not limited to, the following:

            (a) The propriety of a person's conduct, whether or not such conduct resulted in a criminal offence being committed, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;
            (b) A conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;
            (c) Any adverse finding in a civil action by any court or competent jurisdiction, relating to misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;
            (d) Whether the person, or any body corporate, partnership or unincorporated institution to which the applicant has, or has been associated with as a director, controller, manager or company secretary been the subject of any disciplinary proceeding, investigation or fines by any government authority, regulatory agency or professional body or association;
            (e) The contravention of any financial services legislation;
            (f) Whether the person has ever been refused a license, authorisation, registration or other authority;
            (g) Dismissal or a request to resign from any office or employment;
            (h) Whether the person has been a Director, partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners have been declared bankrupt whilst the person was connected with that partnership;
            (i) The extent to which the person has been truthful and open with supervisors; and
            (j) Whether the person has ever entered into any arrangement with creditors in relation to the inability to pay due debts.
            Added: January 2016

          • LR-1A.2.5

            With respect to Paragraph LR-1A.2.4, the CBB will take into account the length of time since any such event occurred, as well as the seriousness of the matter in question.

            Amended: January 2016
            Added: October 2010

          • LR-1A.2.6

            Approved persons undertaking a controlled function must act prudently, and with honesty, integrity, care, skill and due diligence in the performance of their duties. They must avoid conflicts of interest arising whilst undertaking a controlled function (refer to Chapter HC-2).

            Amended: January 2016
            Amended: July 2012
            Added: October 2010

          • LR-1A.2.7

            In determining whether a conflict of interest may arise, factors that may be considered include whether:

            (a) A person has breached any fiduciary obligations to the company or terms of employment;
            (b) A person has undertaken actions that would be difficult to defend, when looked at objectively, as being in the interest of the licensee; and
            (c) A person has failed to declare a personal interest that has a material impact in terms of the person's relationship with the licensee.
            Amended: January 2016
            Added: October 2010

          • LR-1A.2.8

            Further guidance on the process for assessing a person's 'fit and proper' status is given in Module EN (Enforcement): see Chapter EN-5.

            Amended: January 2016
            Amended: July 2012
            Added: October 2010

        • LR-1A.3 LR-1A.3 [This Section was deleted in January 2016.]

          Deleted: January 2016

          • LR-1A.3.1

            [This Paragraph was deleted in January 2016.]

            Deleted: January 2016
            Added: October 2010

      • LR-2 LR-2 Licensing Conditions

        • LR-2.1 LR-2.1 Condition 1: Legal Status

          • LR-2.1.1

            The legal status of a conventional bank licensee must be:

            (i) A Bahraini joint stock company (BSC); or
            (ii) A branch resident in Bahrain of a conventional bank incorporated under the laws of its territory of incorporation and authorised as a bank in that territory.
            Amended: October 2010
            October 2007

          • LR-2.1.2

            Where the conventional bank licensee is a branch of a foreign bank, in deciding whether to grant a license, the CBB will pay close regard to its activities elsewhere and how these activities are regulated. If the conventional bank licensee is not regulated elsewhere or in a jurisdiction not substantially compliant with Basel Core Principles or FATF standards, then an application for licensing can only be considered after exhaustive enquiries into the bank's shareholders, management structure and financial position.

            Amended: July 2017
            October 2007

        • LR-2.2 LR-2.2 Condition 2: Mind and Management

          • LR-2.2.1

            Conventional bank licensees with their Registered Office in the Kingdom of Bahrain must maintain their Head Office in the Kingdom. Branches of foreign conventional bank licensees must maintain a local management presence and premises in the Kingdom appropriate to the nature and scale of their activities.

            Amended: July 2017
            October 2007

          • LR-2.2.2

            In assessing the location of a conventional bank licensee's Head Office, the CBB will take into account the residency of its Directors and senior management. The CBB requires the majority of key decision makers in executive management — including the Chief Executive Officer — to be resident in Bahrain. In the case of branches of foreign bank licensees, the CBB requires the branch to have a substantive presence, demonstrated by a level of staff and other resources sufficient to ensure adequate local scrutiny and control over business booked in the Bahrain branch or subsidiary.

            Amended: July 2017
            October 2007

        • LR-2.3 LR-2.3 Condition 3: Controllers

          • LR-2.3.1

            Conventional bank licensees must satisfy the CBB that their controllers are suitable and pose no undue risks to the licensee. Conventional banks must also satisfy the CBB that their group structures do not prevent the effective supervision of the conventional bank licensee by the CBB and otherwise pose no undue risks to the licensee.

            October 2007

          • LR-2.3.2

            Chapter GR-5 contains the CBB's requirements and definitions regarding controllers.

            October 2007

          • LR-2.3.3

            In summary, controllers are persons who directly or indirectly are significant shareholders in a conventional bank licensee, or who are otherwise able to exert significant influence on the conventional bank licensee. The CBB seeks to ensure that controllers pose no significant risks to the licensee. In general terms, controllers are assessed in terms of their financial standing, their judicial and regulatory record, and standards of business and (where relevant) personal probity.

            October 2007

          • LR-2.3.4

            As regards group structures, the CBB seeks to ensure that these do not prevent adequate consolidated supervision being applied to financial entities within the group, and that other group entities do not pose any material financial, reputational or other risks to the licensee.

            October 2007

          • LR-2.3.5

            In all cases, when judging applications from existing groups, the CBB will have regard to the reputation and financial standing of the group as a whole. Where relevant, the CBB will also take into account the extent and quality of supervision applied to overseas members of the group and take into account any information provided by other supervisors in relation to any member of the group.

            October 2007

        • LR-2.4 LR-2.4 Condition 4: Board and Employees

          • LR-2.4.1

            Those nominated to carry out controlled functions must satisfy the CBB's approved persons requirements. This Rule is supported by Article 65 of the CBB Law.

            Amended: October 2010
            October 2007

          • LR-2.4.2

            The definition of controlled functions is contained in Paragraph LR-1A.1.2, whilst Section LR-1A.2 sets out the CBB's approved persons requirements.

            Amended: October 2010
            October 2007

          • LR-2.4.3

            The conventional bank licensee's staff, taken together, must collectively provide a sufficient range of skills and experience to manage the affairs of the licensee in a sound and prudent manner. Conventional bank licensees must ensure their employees meet any training and competency requirements specified by the CBB.

            October 2007

        • LR-2.5 LR-2.5 Condition 5: Financial Resources

          • Capital Adequacy

            • LR-2.5.1

              Conventional bank licensees must maintain a level of financial resources, as agreed with the CBB, adequate for the level of business proposed. The level of financial resources held must at all times meet the minimum risk-based requirements contained in Module CA (Capital Adequacy), as specified for the Category of banking license held.

              October 2007

            • LR-2.5.2

              This paragraph was deleted in April 2017.

              Deleted: April 2017
              October 2007

            • LR-2.5.2A

              All Bahraini conventional retail banks licensees must maintain a minimum total shareholders equity of BD 100 million.

              Amended: October 2018
              Added: April 2017

            • LR-2.5.2B

              All Bahraini conventional wholesale banks licensees must maintain a minimum total shareholders equity of US$ 100 million.

              Amended: October 2018
              Added: April 2017

            • LR-2.5.3

              Persons seeking a license as a conventional bank licensee must submit a 3-year business plan, with financial projections. Their proposed level of paid-up capital must be sufficient to cover expected regulatory capital requirements over that period, based on projected activities.

              October 2007

            • LR-2.5.4

              In practice, applicants seeking a conventional bank license are likely to be required to hold significantly more capital than the minimum paid-up capital specified in Rule LR-2.5.2.

              October 2007

            • LR-2.5.5

              Foreign bank applicants are required to provide written confirmation from their head office that the head office will provide financial support to the branch sufficient to enable it to meet its obligations as and when they fall due. Foreign bank applicants must also demonstrate that the bank as a whole is adequately resourced for the amount of risks underwritten, and that it and its group meet capital adequacy standards applied by its home supervisor.

              Amended: July 2017
              October 2007

            • LR-2.5.6

              For conventional retail bank licensees, deposit liabilities must not exceed 20 times their capital and reserves.

              Amended: April 2017
              October 2007

            • LR-2.5.7

              Factors taken into account in setting endowment capital for branches includes the financial strength of the parent company, the quality of its risk management, and the nature and scale of the Bahrain operations of the branch.

              October 2007

          • Liquidity

            • LR-2.5.8

              Conventional bank licensees must maintain sufficient liquid assets to meet their obligations as they fall due in the normal course of their business.

              Amended: October 2022
              October 2007

            • LR-2.5.9

              The CBB would normally expect the mark-to-market value of assets that could be readily realised at short-notice to exceed 25% of deposit liabilities at all times. Liquidity arrangements may vary, however, particularly for branches of foreign conventional banks, as agreed with the CBB and documented in the liquidity management policy.

              Amended: July 2017
              Amended: January 2011
              October 2007

          • Reserve Requirements

            • LR-2.5.10

              Conventional bank licensees must maintain a minimum daily cash reserve balance with the CBB set as a ratio of its total non-bank Bahrain Dinar deposits and Bahrain Dinar denominated Certificates of Deposit. The current required ratio is 5% and may be varied by the CBB at its discretion.

              Amended July 09
              Amended April 2008
              October 2007

        • LR-2.6 LR-2.6 Condition 6: Systems and Controls

          • LR-2.6.1

            Conventional bank licensees must maintain systems and controls that are, in the opinion of the CBB, adequate for the scale and complexity of their activities. These systems and controls must meet the minimum requirements contained in Modules HC, CM and OM.

            October 2007

          • LR-2.6.2

            Conventional bank licensees must maintain systems and controls that are, in the opinion of the CBB, adequate to address the risks of financial crime occurring in the licensee. These systems and controls must meet the minimum requirements contained in Module FC, as specified for the Category of license held.

            October 2007

          • LR-2.6.3

            Applicants will be required to demonstrate in their business plan (together with any supporting documentation) what risks their business would be subject to and how they would manage those risks. Applicants may be asked to provide an independent assessment of the appropriateness of their systems and controls to the CBB, as part of the license approval process.

            October 2007

        • LR-2.7 LR-2.7 Condition 7: External Auditor

          • LR-2.7.1

            Article 61 of the CBB Law requires that conventional bank licensees must appoint an external auditor, subject to the CBB's prior approval. The minimum requirements regarding external auditors contained in Module AU (Auditors and Accounting Standards) must be met.

            Amended: October 2010
            October 2007

          • LR-2.7.2

            Applicants must submit details of their proposed external auditor to the CBB as part of their license application.

            Amended: October 2010
            October 2007

        • LR-2.8 LR-2.8 Condition 8: Other Requirements

          • Books and Records

            • LR-2.8.1

              Article 59 of the CBB Law requires that conventional bank licensees must maintain comprehensive books of accounts and other records, and satisfy the minimum record-keeping requirements contained in Article 60 of the pre-mentioned Law and Module OM. Books of accounts must comply with the financial accounting standards issued by the International Financial Reporting Standards (IFRS)/International Accounting Standards (IAS), as updated from time to time.

              Amended: January 2014
              Amended: July 2012
              Amended: July 2011
              October 2007

          • Provision of Information

            • LR-2.8.2

              Article 58, 111, 114 and 163 of the CBB Law require that conventional bank licensees and their staff must act in an open and cooperative manner with the CBB. Conventional bank licensees must meet the regulatory reporting and public disclosure requirements contained in Modules BR and PD respectively. As per Article 62 of the CBB Law, audited financial statements must be submitted to the CBB within 3 months of the licensee's financial year-end.

              Amended: July 2012
              October 2007

          • General Conduct

            • LR-2.8.3

              Conventional bank licensees must conduct their activities in a professional and orderly manner, in keeping with good market practice. Conventional bank licensees must comply with the general standards of business conduct contained in Module PB, as well as the standards relating to treatment of customers contained in Modules BC and CM.

            • LR-2.8.4

              [This paragraph has been moved to chapter LR-4 in October 2007]

            • LR-2.8.5

              [This paragraph has been deleted in October 2007]

          • Additional conditions

            • LR-2.8.6

              Conventional bank licensees must comply with any other specific requirements or restrictions imposed by the CBB on the scope of their license.

              October 2007

            • LR-2.8.7

              Bank licensees are subject to the provisions of the CBB Law. These include the right of the CBB to impose such terms and conditions, as it may deem necessary when issuing a license, as specified in Article 45 of the CBB Law. Thus, when granting a license, the CBB specifies the regulated banking services that the licensee may undertake. Licensees must respect the scope of their license. LR-3.2 sets out the process for varying the scope of an authorisation, should a licensee wish to undertake new activities.

              October 2007

            • LR-2.8.8

              In addition, the CBB may impose additional restrictions or requirements, beyond those already specified in Volume 1, to address specific risks. For instance, a license may be granted subject to strict limitations on intra-group transactions.

              October 2007

            • LR-2.8.9

              Conventional retail bank licensees are subject to the deposit protection scheme of eligible deposits held with the Bahrain offices of the licensee (see Chapter CP-2). This Rule is supported by Article 177 of the CBB Law.

              Amended: October 2010
              October 2007

      • LR-3 LR-3 Information Requirements and Processes

        • LR-3.1 LR-3.1 Licensing

          • LR-3.1.1

            Applicants for a license must fill in the Application Form 1 (Application for a License) online, available on the CBB website under E-services/online Forms. The applicant must upload scanned copies of supporting documents listed in Paragraph LR-3.1.5, unless otherwise directed by the CBB.

            Amended: July 2019
            Amended: April 2018
            October 2007

          • LR-3.1.2

            [This paragraph was deleted in October 2007]

          • LR-3.1.3

            References to applicant mean the proposed licensee seeking authorisation. An applicant may appoint a representative — such as a law firm or professional consultancy — to prepare and submit the application. However, the applicant retains full responsibility for the accuracy and completeness of the application, and is required to certify the application form accordingly. The CBB also expects to be able to liaise directly with the applicant during the authorisation process, when seeking clarification of any issues.

            Adopted: April 2011

          • LR-3.1.4

            [This paragraph was deleted in October 2007]

          • LR-3.1.5

            Unless otherwise directed by the CBB, the following documents must be provided together with the covering letter referred in LR-3.1.1 above in support of a license application:

            (a) A duly completed Form 2 (Application for Authorisation of Controller) for each controller of the proposed licensee;
            (b) A duly completed Form 3 (Application for Approved Person status), for each proposed Director of the proposed licensee;
            (c) A comprehensive business plan for the application, addressing the matters described in LR-3.1.6;
            (d) For branches of foreign banks, a copy of the bank's current commercial registration or equivalent documentation;
            (e) Where the applicant is a registered institution, a copy of the applicant's commercial registration;
            (f) Any relevant Private Placement Memoranda or public offering documents (if funds are to be raised by external shareholders);
            (g) Where the applicant is a corporate body, a certified copy of a Board resolution of the applicant along with minutes of the concerned meeting, confirming the board's decision to seek a CBB conventional bank license;
            (h) In the case of applicants that are part of a regulated group, a letter of non-objection to the proposed license application from the applicant's home supervisor, together with confirmation that the group is in good regulatory standing and is in compliance with applicable supervisory requirements, including those relating to capital adequacy and solvency requirements;
            (i) In the case of branches of foreign banks applicants, a letter of non-objection to the proposed license application from the applicant's home supervisor, together with confirmation that the applicant is in good regulatory standing and is in compliance with applicable supervisory requirements, including those relating to capital adequacy requirements;
            (j) In the case of branch applicants, copies of the audited financial statements of the applicant (head office) for the three years immediately prior to the date of application; and
            (k) In the case of applicants for a licence for a locally incorporated bank, copies of the audited financial statements of the applicant's major shareholder and/or group (as directed by the CBB), for the three years immediately prior to the date of application;
            (l) A duly completed Form 3 (Application for Approved Person status), for each individual, (other than for Directors covered in item (b) above) applying to undertake controlled functions in the applicant; and
            (m) A draft copy of the applicant's (and parent's where applicable) memorandum and articles of association, addressing the matters described in LR-3.1.7.
            Amended: July 2017
            Amended: April 2011
            Amended: January 2011
            Amended: October 2010
            October 2007

          • LR-3.1.5A

            The CBB, in its complete discretion may ask for a guarantee from the applicant's controlling or major shareholders on a case by case basis as it deems appropriate/necessary as part of the required documents to be submitted as mentioned in Paragraph LR-3.1.5 above.

            Adopted: January 2011

          • LR-3.1.6

            The business plan submitted in support of an application should explain:

            (a) An outline of the history of the applicant and its shareholders;
            (b) The reasons for applying for a license, including the applicant's strategy and market objectives;
            (c) The proposed type of activities to be carried on by the applicant in/from the Kingdom of Bahrain;
            (d) The proposed Board and senior management of the applicant and the proposed organisational structure of the applicant;
            (e) An assessment of the risks that may be faced by the applicant, together with the proposed systems and controls framework to be put in place for addressing those risks and to be used for the main business functions; and
            (f) An opening balance sheet for the applicant, together with a three-year financial projection, with all assumptions clearly outlined, demonstrating that the applicant will be able to meet applicable capital adequacy and liquidity requirements.
            Amended: October 2010
            October 2007

          • LR-3.1.7

            The applicant's (and where applicable, its parent's) memorandum and articles of association must explicitly provide for it to undertake the activities proposed in the licensed application, and must preclude the applicant from undertaking other commercial activities, unless these arise out of its banking activities or are incidental to those.

            October 2007

          • LR-3.1.8

            In the case of a new bank's capital being financed by a private placement, the Private Placement Memorandum must also be submitted to the CBB for its approval.

            October 2007

          • LR-3.1.9

            The purpose of Rule LR-3.1.8 is to allow the CBB to verify that the contents of the Private Placement Memorandum are consistent with other information supplied to the CBB, notably in the business plan, and otherwise meets any applicable regulatory requirements with respect to PPM documents. The CBB's review of the PPM does not in any way constitute an approval or endorsement as to any claims it may contain as to the future value of the proposed bank.

            October 2007

          • LR-3.1.10

            [This paragraph was deleted in October 2007]

          • LR-3.1.11

            All documentation provided to the CBB as part of an application for a license must be in either Arabic or English language. Any documentation in a language other than English or Arabic must be accompanied by a certified English or Arabic translation thereof. Certification must be performed by an official of the concerned licensee (if already licensed), a lawyer, or a Government body such as an Embassy or Ministry. The certification must include the words "original sighted" together with a date and signature of the concerned authorised official (along with corporate stamp where applicable). The certifier's contact details should be clearly available (e.g. business card) with the certification.

            Amended: October 2016
            October 2007

          • LR-3.1.12

            Any material changes or proposed changes to the information provided to the CBB in support of an authorisation application that occurs prior to authorisation must be reported to the CBB.

            October 2007

          • LR-3.1.12A

            Before the final approval is granted to a licensee, confirmation from a retail bank addressed to the CBB that the licensee's capital (injected funds) — as specified in the business plan submitted under Rule LR-3.1.5 — has been paid in must be provided to the CBB.

            Added: October 2010

          • LR-3.1.13

            Failure to inform the CBB of the changes specified in LR-3.1.12 is likely to be viewed as a failure to provide full and open disclosure of information, and thus a failure to meet licensing condition LR-2.8.2.

            October 2007

          • LR-3.1.14

            As part of the application process, the CBB will provide a formal decision on a license application within 60 calendar days of all required documentation having been submitted in a form acceptable to the CBB, as specified in Article 44 (e) of the CBB Law. The applicant must submit within 6 months of the application date, all remaining requirements or otherwise has to submit a new application to the CBB.  Applicants are encouraged to approach the CBB to discuss their application at an early stage, so that any specific questions can be dealt with prior to the finalisation of the application.

            October 2007

          • LR-3.1.15

            Within 6 months of the license being issued, the new licensee must provide to the CBB:

            (a) A detailed action plan for establishing the operations and supporting infrastructure of the bank, such as the completion of written policies and procedures, and recruitment of remaining employees (having regard to the time limit set by Article 48 (c) of the CBB Law);
            (b) The registered office address and details of premises to be used to carry out the business of the proposed licensee;
            (c) The address in the Kingdom of Bahrain where full business records will be kept;
            (d) The licensee's contact details including telephone and fax number, e-mail address and website;
            (e) A description of the business continuity plan;
            (f) A description of the IT system that will be used, including details of how IT systems and other records will be backed up;
            (g) A copy of the auditor's acceptance to act as auditor for the applicant;
            (h) A copy of the applicant's notarised memorandum and articles of association, addressing the matters described in Paragraph LR-3.1.7;
            (i) A copy of the Ministry of Industry & Commerce commercial registration certificate in Arabic and in English;
            (j) A copy of the bank's business card and any written communication (including stationery, website, e-mail, business documentation, etc.) including a statement that the bank is licensed by the CBB, specifying whether it is licensed either as conventional wholesale or conventional retail bank; and
            (k) Other information as may be specified by the CBB.
            Amended: October 2010
            October 2007

          • LR-3.1.15A

            With respect to the requirement under Subparagraph LR-3.1.15(j), conventional bank licensees must ensure that they comply with this Rule by 31st March 2011.

            Added: October 2010

          • LR-3.1.16

            Applicants issued new licenses by the CBB must start operations within 6 months of the license being issued, as per Article 48 (c) of the CBB Law. Failure to comply with this rule lead to enforcement action being taken against the licensee concerned, as specified in Article 128 of the CBB Law. Conventional bank licensee must at all times keep an approved copy of the licence displayed in a visible place on the Licensee's premises in the Kingdom, as per Article 47 (b) of the CBB Law.

            Amended: April 2011
            October 2007

          • LR-3.1.17

            Applicants who are refused a license have a right of appeal under the provisions contained in Article 46 of the CBB Law, which shall not be less than thirty days from the date of the decision. The Central Bank will decide on the appeal made by the applicant and notify him of its decision within thirty days from the date of submission of the appeal.

            October 2007

          • LR-3.1.18

            Applicants may not publicise in any way the application for a licence for, or formation of, a bank before the formal decision referred to in Paragraph LR-3.1.14 is provided to the applicant or the concerned agent.

            Amended: July 2012
            October 2007

        • LR-3.2 LR-3.2 Variations to a License

          • LR-3.2.1

            As per Article 48 of the CBB Law, conventional bank licensees must seek prior CBB approval before undertaking new regulated banking services.

            October 2007

          • LR-3.2.2

            Failure to secure CBB approval prior to undertaking a new regulated activity may lead to enforcement action being taken against the concerned person. This is supported by Article 40 of the CBB law.

            October 2007

          • LR-3.2.3

            In addition to any other information requested by the CBB, and unless otherwise directed by the CBB, a conventional bank licensee requesting CBB approval to undertake a new regulated banking service must provide the following information:

            (a) A summary of the rationale for undertaking the proposed new activities;
            (b) A description of how the new business will be managed and controlled;
            (c) An analysis of the financial impact of the new activities; and
            (d) A summary of the due diligence undertaken by the Board and management of the conventional bank licensee on the proposed new activities.
            Amended: October 2010
            October 2007

          • LR-3.2.4

            The CBB may amend or revoke a licence in any of the following cases:

            (a) If the licensee fails to satisfy any of the license conditions;
            (b) If the licensee violates the terms of this regulation or any of the Volume's directives;
            (c) If the licensee fails to start business within six months from the date of the licence;
            (d) If the licensee ceases to carry out the licensed activity in the Kingdom; and
            (e) The legitimate interests of the customers or creditors of a licensee required such amendment or cancellation.
            Amended: October 2019
            Amended: October 2010
            October 2007

          • LR-3.2.5

            The CBB's procedures for amending or revoking a license is outlined in detail in the Enforcement Module (EN).

            October 2007

        • LR-3.3 LR-3.3 Withdrawal of a License or Closure of a Branch

          • Voluntary Surrender of a License or Closure of a Branch

            • LR-3.3.1

              In accordance with Article 50 of the CBB Law, all requests for the voluntary surrender of a license or closure of a branch are subject to the CBB's prior written approval, before ceasing such activities. Such requests must be made in writing to the Executive Director of Banking Supervision, setting out in full the reasons for the request and how the voluntary surrender of the license or branch closure is to be carried out.

              Amended: October 2011
              October 2007

            • LR-3.3.2

              Conventional bank licensees must satisfy the CBB that their customers' interests are to be safeguarded during and after the proposed voluntary surrender or closure of the branch. The requirements contained in Chapter GR-7 regarding cessation of business must be satisfied.

              Amended: October 2011
              October 2007

            • LR-3.3.3

              The CBB will only approve a voluntary surrender where it has no outstanding regulatory concerns and any relevant customers' interests would not be prejudiced. A voluntary surrender will not be accepted where it is aimed at pre-empting supervisory actions by the CBB. Also, a voluntary surrender will only take effect once the licensee, in the opinion of the CBB, has discharged all its regulatory responsibilities to customers.

              October 2007

          • Cancellation of a License by the CBB

            • LR-3.3.3A

              As provided for under Article 48 (c) of the CBB Law, the CBB may itself move to cancel a license. The CBB generally views the cancellation of a license as appropriate only in the most serious of circumstances, and generally tries to address supervisory concerns through other means beforehand. See also Chapter EN-9, regarding the cancellation or amendment of licenses, including the procedures used in such instances and the licensee's right to appeal the formal notice of cancellation issued by the CBB.

              October 2011

            • LR-3.3.4

              Cancellation of a license requires the CBB to issue a formal notice of cancellation to the person concerned. The notice of cancellation must describe the CBB's rationale for the proposed cancellation, as specified in Article 48(d) of the CBB Law.

              Amended: July 2012
              Amended: October 2011
              October 2007

            • LR-3.3.5

              [This Paragraph was deleted in October 2011].

              Deleted: October 2011
              October 2007

            • LR-3.3.6

              Where the cancellation of a license has been confirmed by the CBB, the CBB will only effect the cancellation once a licensee has discharged all its regulatory responsibilities to customers. Until such time, the CBB will retain all its regulatory powers with regards to the licensee, and will direct the licensee such that no new regulated banking services may be undertaken whilst the licensee discharges its obligations to customers.

              Amended: October 2011
              October 2007

        • LR-3.4 LR-3.4 Publication of the Decision to Grant, Cancel or Amend a License

          • LR-3.4.1

            In accordance with Articles 47 and 49 of the CBB Law, the CBB must publish its decision to grant, cancel or amend a license in the Official Gazette and in two local newspapers, one in Arabic and the other in English.

            Amended: October 2019
            Added: July 2017

          • LR-3.4.2

            For the purposes of Paragraph LR-3.4.1, the cost of publication must be borne by the Licensee.

            Added: July 2017

          • LR-3.4.3

            The CBB may also publish its decision on such cancellation or amendment using any other means it considers appropriate, including electronic means.

            Added: July 2017

      • LR-4 LR-4 License Fees

        • LR-4.1 LR-4.1 License Application Fees

          • LR-4.1.1

            With immediate effect, applicants seeking a conventional bank license from the CBB must pay a non-refundable license application fee of BD 100 at the time of submitting their formal application to the CBB.

            Amended: October 2010
            October 2007

          • LR-4.1.2

            There are no application fees for those seeking approved person status.

            October 2007

        • LR-4.2 LR-4.2 Annual License Fees

          • LR-4.2.1

            Conventional bank licensees must pay the relevant annual license fee to the CBB on 1st of December of the previous year for which the fees are due.

            Amended: July 2013
            October 2007

          • LR-4.2.2

            Conventional retail bank licensees must pay a variable annual licensing fee based on 1% of their total annual operating expenses by way of an annual license fee, subject to a floor of BD30,000 and a cap of BD240,000.

            Amended: July 2013
            October 2007

          • LR-4.2.3

            Bahraini conventional wholesale bank licensees must pay a variable annual licensing fee based on 0.5% of their total annual operating expenses by way of an annual license fee, subject to a floor of BD13,000 and a cap of BD100,000.

            Amended: July 2013
            October 2007

          • LR-4.2.4

            Wholesale branches of foreign bank licensees must pay a variable annual licensing fee based on 0.25% of their total annual operating expenses by way of an annual license fee, subject to a floor of BD13,000 and a cap of BD100,000.

            Amended: July 2017
            Amended: July 2013
            October 2007

          • LR-4.2.5

            The fees due on 1st December are those covering the following calendar year and are calculated on the basis of the conventional bank's latest audited financial statements for the previous calendar year: i.e. the fee payable on 1st December 2013 for the 2014 year (for example) is calculated using the audited financial statements for 2012, assuming a 31st December year end. Where a licensee does not operate its accounts on a calendar-year basis, then the most recent audited financial statements available are used instead.

            Amended: July 2013
            October 2007

          • LR-4.2.6

            Relevant operating expenses are defined as the total operating expenses of the licensee concerned, as recorded in the most recent audited financial statements available, subject to the adjustments specified in Rule LR-4.2.7.

            October 2007

          • LR-4.2.7

            The adjustments to be made to relevant operating expenses are the exclusion of the following items from total operating expenses:

            (a) Training fees;
            (b) Charitable donations;
            (c) Previous year's CBB fees paid; and
            (d) Non-executive Directors' remuneration.
            Amended: July 2013
            October 2007

          • LR-4.2.8

            For the avoidance of doubt, operating expenses for the purposes of this Section, do not include items such as depreciation, provisions, interest expense, and dividends.

            October 2007

          • LR-4.2.9

            The CBB would normally rely on the audited accounts of a licensee as representing a true and fair picture of its operating expenses. However, the CBB reserves the right to enquire about the accounting treatment of expenses, and/or policies on intra-group charging, if it believes that these are being used artificially to reduce a license fee.

            October 2007

          • LR-4.2.9A

            Conventional bank licensees must pay a fixed annual fee of BD 1,000 for each locally incorporated SPV in Bahrain which is under the control of and/or providing an actual business function, service or activity (whether actively or passively) for the bank and/or others at the bank's direction or having been established under the bank's direction for that purpose. The CBB approval for any new SPV will only be granted, once the annual fee has been paid. The full amount of the BD 1,000 annual fee is due in the year the SPV is set up and it is not prorated for the number of months remaining in the year.

            Amended: October 2013
            Amended: April 2011
            Adopted: January 2011

          • LR-4.2.9B

            Paragraph LR-4.2.9A does not apply to SPVs of Bahrain domiciled CIUs. In the case of Bahrain domiciled CIUs, banks should refer to the relevant Chapter in Module ARR of Volume 7, depending on the classification of the Bahrain domiciled CIU.

            Added: July 2012

          • LR-4.2.10

            Conventional Bank licensees must complete and submit Form ALF (Annual License Fee) to the CBB, no later than 15th October of the preceding year for which the fees are due.

            Amended: July 2013
            October 2007

          • LR-4.2.10A

            All conventional bank licensees are subject to direct debit for the payment of the annual fees and must complete and submit to the CBB a Direct Debit Authorisation Form by 15th September, available under Part B of Volume 1 (Conventional Banks) CBB Rulebook on the CBB Website.

            Added: July 2013

          • LR-4.2.11

            For new licensees, their first annual license fee is payable when their license is issued by the CBB. The amount payable is the floor amount specified for conventional bank licensees, reduced on a pro-rata basis such that they are charged only for the number of complete months left in the current calendar year.

            October 2007

          • LR-4.2.12

            For example, if a conventional retail bank is issued a license on 6 June 2007, then it would be asked to pay an annual license fee that same month, covering the remaining period left for the calendar year 2007. The fee would be calculated as BD 30,000 (the minimum amount payable by a conventional retail bank licensee, multiplied by 6/12 (the number of complete months left in the year, i.e. July to December inclusive, divided by the total number of months in the year), giving a fee liability of BD 15,000. For the following year (2008) annual fee, the licensee would submit a Form ALF by 15th October 2007, and calculate its fee as the floor amount. For future years, the licensee would submit a Form ALF by 15th October of the preceding year for which the fees are due and calculate its fee using its last audited financial statements (or alternative arrangements as agreed with CBB, should its first set of accounts cover an 18-month period).

            Amended: July 2013
            October 2007

          • LR-4.2.13

            Where a license is cancelled (whether at the initiative of the firm or the CBB), no refund is paid for any months remaining in the calendar year in question, should a fee have been paid for that year.

            Amended: October 2010
            October 2007

          • LR-4.2.14

            Conventional bank licensees failing to comply with this Section may be subject to financial penalties for date sensitive requirements as outlined in Section EN-6.2A or may have their licenses withdrawn by the CBB.

            Added: July 2013

    • PB PB Principles of Business

      • PB-A PB-A Introduction

        • PB-A.1 PB-A.1 Purpose

          • Executive Summary

            • PB-A.1.1

              The Principles of Business are a general statement of the fundamental obligations of all Central Bank of Bahrain ('CBB') conventional bank licensees and approved persons. They serve as a basis for other material in Volume 1 (Conventional Banks), and help address specific circumstances not covered elsewhere in the Rulebook.

              October 07

            • PB-A.1.2

              The Principles of Business have the status of Rules and apply alongside other Rules contained in Volume 1 (Conventional Banks). However, these other Rules do not exhaust the fundamental obligations contained in the Principles. Compliance with all other Rules, therefore, does not necessarily guarantee compliance with the Principles of Business.

              October 07

          • Legal Basis

            • PB-A.1.3

              This Module contains the CBB's Directive (as amended from time to time) relating to Principles of Business and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). The Directive in this Module is applicable to all conventional bank licensees (including their approved persons).

              Amended: January 2011
              October 07

            • PB-A.1.4

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              October 07

        • PB-A.2 PB-A.2 Module History

          • PB-A.2.1

            This Module was first issued in July 2004 by the BMA as part of the conventional principles volume. All regulations in this volume have been effective since this date. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made; Chapter UG-3 provides further details on Rulebook maintenance and version control.

            October 07

          • PB-A.2.2

            When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 1 was updated in October 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

            October 07

          • PB-A.2.3

            A list of recent changes made to this Module is provided below:

            Module Ref. Change Date Description of Changes
            PB-A.1 10/2007 New Rule PB-A.1.3 introduced, categorising this Module as a Directive.
            PB-1.1 10/2007 Small expansion of Principle 1 to refer to disclosure of all relevant information to customers, as required by CBB Regulations and Directives. Reordering and expansion of other Principles, although no substantive changes.
            PB-A.1.3 01/2011 Clarified legal basis.
            PB-B.1.5 01/2011 Corrected cross reference.
                 
            October 07

      • PB-B PB-B Scope of Application

        • PB-B.1 PB-B.1 Scope of Application

          • PB-B.1.1

            The 10 Principles of Business apply to all CBB conventional bank licensees, in accordance with Paragraph PB-B.1.2. Principles 1-8 also apply to all approved persons, in accordance with Paragraph PB-B.1.3.

            October 07

          • PB-B.1.2

            Principles 1 to 10 apply to activities carried out by the conventional bank licensee, including activities carried out through overseas branches (if any). Principles 9 and 10 also take into account any activities of other members of the group of which the conventional bank licensee is a member.

            October 07

          • PB-B.1.3

            Principles 1 to 8 apply to approved persons in respect of the controlled function for which they have been approved.

            October 07

          • PB-B.1.4

            Principles 1 to 8 do not apply to behaviour by an approved person with respect to any other functions or activities they may undertake. However, behaviour unconnected to their controlled function duties may nonetheless be relevant to an assessment of that person's fitness and propriety.

            October 07

          • PB-B.1.5

            The CBB's requirements regarding approved persons and controlled functions are located in Module LR (Licensing Requirements).

            Amended: January 2011
            October 07

        • PB-B.2 PB-B.2 Non-compliance

          • PB-B.2.1

            Breaching a Principle of Business makes the conventional bank licensee or approved person concerned liable to enforcement action. In the case of a licensee, this may call into question whether they continue to meet the licensing conditions (see Chapter LR-2). In the case of an approved person, this may call into question whether they continue to meet the 'fit and proper' requirements for the function for which they have been approved (see Section HC-2.2).

            October 07

          • PB-B.2.2

            Module EN (Enforcement) sets out the CBB's policy and procedures on enforcement action.

            October 07

      • PB-1 PB-1 The Principles

        • PB-1.1 PB-1.1 Principles

          • Principle 1 — Integrity

            • PB-1.1.1

              Conventional bank licensees and approved persons must observe high standards of integrity and fair dealing. They must be honest and straightforward in their dealings with customers, and provide full disclosure of all relevant information to customers, as required by the CBB's Regulations and Directives.

              October 07

          • Principle 2 — Conflicts of Interest

            • PB-1.1.2

              Conventional bank licensees and approved persons must take all reasonable steps to identify, and prevent or manage, conflicts of interest that could harm the interests of a customer.

              October 07

          • Principle 3 — Due Skill, Care and Diligence

            • PB-1.1.3

              Conventional bank licensees and approved persons must act with due skill, care and diligence.

              October 07

          • Principle 4 — Confidentiality

            • PB-1.1.4

              Conventional bank licensees and approved persons must observe in full any obligations of confidentiality, including with respect to customer information. This requirement does not over-ride lawful disclosures.

              October 07

          • Principle 5 — Market Conduct

            • PB-1.1.5

              Conventional bank licensees and approved persons must observe proper standards of market conduct, and avoid action that would generally be viewed as improper.

              October 07

          • Principle 6 — Customer Assets

            • PB-1.1.6

              Conventional bank licensees and approved persons must take reasonable care to safeguard the assets and deposits of customers for which they are responsible.

              October 07

          • Principle 7 — Customer Interests

            • PB-1.1.7

              Conventional bank licensees and approved persons must pay due regard to the legitimate interests and information needs of their customers and communicate with them in a fair and transparent manner. Conventional bank licensees and approved persons, when dealing with customers who are entitled to rely on their advice or discretionary decisions, must take reasonable care to ensure the suitability of such advice or decisions.

              October 07

          • Principle 8 — Relations with Regulators/Supervisors

            • PB-1.1.8

              Conventional bank licensees and approved persons must act in an open and co-operative manner with the CBB and other regulatory/supervisory bodies whose authority they come under. They must take reasonable care to ensure that their activities comply with all applicable laws and regulations.

              October 07

          • Principle 9 — Adequate Resources

            • PB-1.1.9

              Conventional bank licensees must maintain adequate human, financial and other resources sufficient to run their business in an orderly manner.

              October 07

          • Principle 10 — Management, Systems & Controls

            • PB-1.1.10

              Conventional bank licensees must take reasonable care to ensure that their affairs are managed effectively and responsibly, with appropriate systems and controls in relation to the size and complexity of their operations. Conventional bank licensees' systems and controls, as far as is reasonably practical, must be sufficient to manage the level of risk inherent in their business and ensure compliance with the CBB Rulebook.

              October 07

    • HC HC High-Level Controls

      • HC-A HC-A Introduction

        • HC-A.1 HC-A.1 Executive Summary

          • Purpose

            • HC-A.1.1

              The purpose of this Module is to:

              (a) Explicitly reinforce the collective oversight and risk governance responsibilities of the board;
              (b) Emphasise key components of risk governance such as risk culture, risk appetite and their relationship to a licensee’s risk capacity;
              (c) Delineate the specific roles of the board, board committees, senior management, chief financial officer, internal auditor, chief risk officer and head of compliance; and
              (d) Strengthen licensees’ overall checks and balances.
              Added: April 2023

            • HC-A.1.2

              All references in this Module to ‘he’ or ‘his’ shall, unless the context otherwise requires, be construed as also being references to ‘she’ and ‘her’.

              Added: April 2023

          • Legal Basis

            • HC-A.1.3

              This Module contains the CBB’s Directive (as amended from time to time) relating to high-level controls and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 (‛CBB Law’). The Directive in this Module is applicable to conventional bank licensees (including their approved persons).

              Added: April 2023

            • HC-A.1.4

              All Rulebook content that is categorized as a rule must be complied with by those to whom the content is addressed. Other parts of this Module are guidance paragraphs which are considered best market practices and licensees are encouraged to implement the same.

              Added: April 2023

          • Effective Date

            • HC-A.1.5

              The new requirements in this amended Module are effective from 1st October 2023 on which date the existing Module HC will become redundant, and any exemptions allowed under the existing Module will be subject to grandfathering requirements unless the relevant requirement has undergone change within this amended Module.

              Added: April 2023

        • HC-A.2 HC-A.2 Module History

          • HC-A.2.1

            This Module was first issued in June 2004 by the BMA and updated in October 2007 to reflect the switch to the CBB. Following the issuance of the Corporate Governance Code by the Ministry of Industry and Commerce in March 2010, the Module was amended in October 2010 to be in line with the new Corporate Governance Code and to include previous requirements that were in place in the originally issued Module HC. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            Added: April 2023

          • HC-A.2.2

            A list of recent changes made to this Module is detailed in the table below:

            Module Ref.Change DateDescription of Changes
            Full Module HC04/2023New restructured HC Module supersedes the previous version. The new Module is consistent with Corporate Governance Principles for banks Paper issued in July 2015 by the Basel Committee on Banking Supervision.
            Full Module HC01/2024Restructured Module HC containing Part 1 applicable to Bahraini bank licensees and Part 2 applicable to Branches of foreign banks.

      • HC-B HC-B Scope of Application

        • HC-B.1 HC-B.1 Scope of Application

          • HC-B.1.1

            This Module consists of two parts; Part one of this Module is applicable to Bahraini Conventional bank licensees whereas Part two is applicable to branches of foreign bank licensees.

            Amended: January 2024
            Added: April 2023

          • HC-B.1.2

            The implementation of the rules in this Module should be commensurate with the size, complexity, structure, economic significance, risk profile and business model of the licensee and the group to which it belongs, if any. DSIBs are expected to have in place the corporate governance structure and practices commensurate with their role and potential impact on national financial stability. In cases of certain licensees (e.g. smaller and limited scope Bahraini banks, Bahraini government owned banks, digital banks and any Bahraini bank wholly owned by another Bahraini bank) where CBB assesses that certain specific rules in this Module are less relevant or too cumbersome to apply, it will be willing to consider alternative governance arrangement.

            Amended: January 2024
            Added: April 2023

          • HC-B.1.3

            [This Paragraph has been deleted in January 2024].

            Deleted: January 2024
            Added: April 2023

          • HC-B.1.4

            [This Paragraph has been deleted in January 2024].

            Deleted: January 2024
            Added: April 2023

        • Part One: Bahraini Bank Licensees

          • HC-B.2 HC-B.2 Subsidiaries and Foreign Branches of Bahraini Islamic Bank Licensees

            • HC-B.2.1

              Bahraini conventional bank licensees must ensure that, as a minimum, the same or equivalent provisions of this Module apply to their subsidiaries and overseas branches. In instances where local jurisdictional requirements are more stringent than those applicable in this Module, the local requirements are to be applied.

              Added: April 2023

            • HC-B.2.2

              Where a conventional bank licensee is unable to satisfy the CBB that its subsidiaries and overseas branches are subject to the same or equivalent arrangements, the CBB will assess the potential impact of risks to the licensee arising from inadequate high-level controls. In such instances, the CBB may impose certain restrictions on the licensee. Where weaknesses in controls are assessed by the CBB to pose a major threat to the financial soundness of the licensee and/or the financial stability in the Kingdom, then its license may be called into question.

              Added: April 2023

          • HC-1 HC-1 Board’s Overall Responsibilities

            • HC-1.1 HC-1.1 Responsibilities of the Board

              • HC-1.1.1

                The board of directors (“Board”) of the licensee must:

                (a) Set the “tone at the top” and play a leading role in establishing the licensee’s corporate culture and values, and oversee management’s role in fostering and maintaining a sound corporate and risk culture;
                (b) Ensure that no individual or group of directors dominates the Board’s decision-making and no individual or group has unfettered powers of decision.
                (c) Approve and oversee the development of the licensee’s strategy, business plans and budget, and monitor their implementation. Bahraini conventional bank licensees must submit to the CBB for its review their proposed strategy and any major proposed changes to it;
                (d) Actively engage in the affairs of the licensee, keep up with material changes in the licensee’s business and the external environment and act in a timely manner to protect the long-term interests of the licensee;
                (e) Convene and prepare the agenda for shareholder meetings;
                (f) Approve, and oversee the implementation of, the licensee’s governance framework, risk management framework and all policies, and review the relevant parts of these as well as review key controls in case a new business activity is considered, or in case of material changes to the licensee’s size, complexity, business strategy, markets or regulatory requirements, or the occurrence of a major failure of controls;
                (g) Establish, along with senior management and the chief risk officer, the licensee’s risk appetite, considering the licensee’s strategy, competitive and regulatory landscape, the licensee’s long-term interests, risk exposure and ability to manage risk effectively, and oversee the licensee’s adherence to the risk appetite statement, risk policy and risk limits;
                (h) Ensure that:
                i. Adequate systems, controls, processes and procedures are implemented by senior management in line with the Board approved policies;
                ii. The licensee has adequate processes to ensure full compliance with the requirements of the CBB Law, other relevant laws and the pertinent rulebooks;
                iii. The licensee has a robust finance function responsible for accounting and financial data;
                iv. The risk management, compliance and internal audit functions are properly positioned, staffed and resourced and carry out their responsibilities independently, objectively and effectively; and
                v. Senior management maintains an effective and transparent relationship with the CBB;
                (i) Approve the annual and interim financial statements;
                (j) At minimum, approve the selection and oversee the performance of the chief executive officer (CEO), chief financial officer and heads of the risk management, compliance and internal audit functions;
                (k) Actively oversee, with the assistance and advise of the Remuneration Committee, the remuneration system’s design and operation for approved persons and material risk-takers and monitor and review executive compensation and assess whether it is aligned with the licensee’s remuneration policy, risk culture and risk appetite; and
                (l) Consider the legitimate interests of depositors, shareholders and other relevant stakeholders in their decision-making process.
                Added: April 2023

              • HC-1.1.2

                The Board may, where appropriate, delegate some of its functions, but not its responsibilities, to the Board committees.

                Added: April 2023

              • HC-1.1.3

                The members of the Board must exercise their fiduciary and other duties of care, candor and loyalty to the licensee in accordance with local laws and regulations.

                Added: April 2023

              • HC-1.1.4

                Each director must:

                (a) Understand the Board’s role and responsibilities pursuant to the CBB Rulebook, the Commercial Companies Law and any other laws or regulations that may govern their responsibilities from time to time;
                (b) Consider themselves as representing all shareholders and must act accordingly; and
                (c) Ensure that they receive adequate and timely information before each meeting and must study it carefully.
                Added: April 2023

            • HC-1.2 HC-1.2 Corporate Culture and Values

              • HC-1.2.1

                In order to promote a sound corporate culture, the Board must:

                (a) Approve an appropriate code of conduct/ ethics that must outline the acceptable practices that all Board members, senior management and other staff must follow in performing their duties, and the unacceptable practices/ conduct that must be avoided;
                (b) Set and adhere to corporate values that create expectations that the business must be conducted in a legal, professional and ethical manner, and oversee the adherence to such values by Board members, senior management and other employees;
                (c) Promote risk awareness within a strong risk culture, convey the Board’s expectation that it does not support risk-taking beyond the risk appetite and risk limits set by the Board, and that all employees are responsible for ensuring that the licensee operates within the established risk appetite and risk limits;
                (d) Ensure that the corporate values, professional standards and codes of conduct it sets, together with supporting policies, are adequately communicated throughout the licensee; and
                (e) Ensure that all directors, senior management and other staff are aware that appropriate disciplinary or other actions will follow unacceptable behaviour, practices and transgressions.
                Added: April 2023

              • HC-1.2.2

                Employees must be encouraged and be able to communicate, confidentially and without the risk of reprisal, legitimate concerns about illegal, unethical or questionable practices. This must be facilitated through a well communicated and Board approved whistleblowing policy and adequate procedures and processes, consistent with applicable laws. This includes the escalation of material concerns to the CBB.

                Added: April 2023

              • HC-1.2.3 HC-1.2.3

                The Board must:

                (a) Have oversight of the whistleblowing policy mechanism and ensure that senior management addresses legitimate issues that are raised;
                (b) Take responsibility for ensuring that staff who raise concerns are protected from detrimental treatment or reprisals, and that their rights are not undermined;
                (c) Approve and oversee how and by whom legitimate material concerns shall be investigated and addressed such as by an objective and independent internal or external body, senior management and/or the Board itself; and
                (d) Ensure that, after verifying the validity of the allegations, the person responsible for any misconduct is held accountable and is subjected to an appropriate disciplinary measure.
                Added: April 2023

                • HC-1.2.4

                  The Board must establish a conflict of interest policy on identifying and managing potential conflicts of interest related to all approved persons. The policy must include:

                  (a) An approved person’s duty to:
                  i. Avoid, to the extent possible, activities that could create conflicts of interest or the appearance of conflicts of interest. An approved person shall be considered to have a “personal interest” in a transaction with a company if they themselves, or a member of their family (i.e. spouse, father, mother, sons, daughters, brothers or sisters), or another company of which they are a director or controller, are a party to the transaction or have a material financial interest in the transaction or are expected to derive material personal benefit from the transaction (transactions and interests which are de minimis in value should not be included);
                  ii. Promptly disclose any matter that may result, or has already resulted, in a conflict of interest;
                  iii. Abstain from getting involved in or voting on any matter where they may have a conflict of interest or where their objectivity or ability to properly fulfil duties to the licensee may be otherwise compromised. Any decision to enter into a transaction in which an approved person appears to have a material conflict of interest must be formally and unanimously approved by the entire Board;
                  iv. Act with honesty, integrity and care for the best interest of the licensee and its shareholders and other stakeholders;
                  v. Not use properties of the licensee for their personal needs;
                  vi. Not misuse or misappropriate the licensee’s assets or resources;
                  vii. Not disclose confidential information of the licensee or use it for their personal profit or interest;
                  viii. Make every practicable effort to arrange their personal and business affairs to avoid a conflict of interest with the licensee;
                  ix. Not take business opportunities of the licensee for themselves; and
                  x. Not compete in business with the licensee or serve the licensee’s interest in any transaction with a company in which they have a personal interest.
                  (b) Examples of where conflict of interest may arise when serving as an approved person;
                  (c) A rigorous review and approval process for approved persons to follow before they engage in certain activities (such as serving on another Board) so as to ensure that such activity will not create a conflict of interest;
                  (d) Adequate requirements that transactions with related parties must be made on an arm’s length basis;
                  (e) Sufficient restrictions on and/or a robust and transparent process for the employment of relatives of approved persons;
                  (f) Requirements for properly managing and disclosing conflict of interest that cannot be prevented;
                  (g) Requirements for all approved persons to annually declare in writing all their other interests in other enterprises or activities (whether as a shareholder of above 5% of the voting capital of a company, a manager or other form of significant participation) to the Board or a designated Board committee; and
                  (h) The way in which the Board will deal with any non-compliance with the policy.
                  Added: April 2023

                • HC-1.2.5

                  Where there is a potential for conflict of interest, or there is a need for impartiality, the Board must assign a sufficient number of independent Board members capable of exercising independent judgement, to address the conflict.

                  Added: April 2023

                • HC-1.2.6

                  The CEO/General Manager of the licensee must disclose to the Board of directors on an annual basis those individuals who are occupying controlled functions and who are relatives of any approved persons within the licensee.

                  Added: April 2023

            • HC-1.3 HC-1.3 Oversight of Senior Management

              • HC-1.3.1

                The Board must exercise proper oversight of senior management against formal performance and remuneration standards consistent with the long-term strategic objectives and the financial soundness of the licensee. In doing so, the Board must:

                (a) Meet regularly with senior management;
                (b) Subject senior management to annual performance assessment and document such assessments;
                (c) Ensure that approved persons’ collective knowledge and expertise remain appropriate given the licensee’s nature of business and risk profile;
                (d) Ensure that senior management’s actions are in full compliance with applicable laws and regulations and consistent with the strategy, business plan and policies approved by the Board, including risk appetite;
                (e) Question, challenge and critically review the explanations and information provided by senior management; and
                (f) Ensure that appropriate succession plans are in place for all approved persons within senior management (provided that such plans are subject to review in case of any changes to approved persons within senior management).
                Added: April 2023

          • HC-2 HC-2 Board Formation

            • HC-2.1 HC-2.1 Board Composition

              • HC-2.1.1

                The Board must comprise of individuals with a balance of skills, diversity and expertise, who individually and collectively possess the necessary qualifications commensurate with the size, complexity and risk profile of the licensee. The Board must have a sufficient number of independent directors.

                Added: April 2023

              • HC-2.1.2

                In case of a Bahraini conventional bank licensee with a controller, at least one-third of the Board must be independent.

                Added: April 2023

              • HC-2.1.3

                If the Bahraini conventional bank licensee has a controller or a group of controllers acting in concert, such person(s) must recognise their specific responsibility to the minority shareholders as Board members have responsibilities to the licensee’s overall interests, regardless of who appoints them.

                Added: April 2023

              • HC-2.1.4

                At least half of a Bahraini conventional bank licensee’s Board should be non-executive directors and at least three of those persons should be independent directors.

                Added: April 2023

              • HC-2.1.5

                The CBB may call upon each independent director at its discretion to have a general discussion on the affairs of the Bahraini conventional bank licensee.

                Added: April 2023

            • HC-2.2 HC-2.2 Board Member Selection

              • HC-2.2.1

                The Board must have a clear and rigorous process for identifying, assessing and selecting Board candidates. The Board, and not management, must nominate the candidates for shareholders’ approval.

                Added: April 2023

              • HC-2.2.2

                Board candidates must:

                (a) Possess the knowledge, skills, experience and, particularly in the case of non-executive directors, independence of mind necessary to discharge their responsibilities on the Board in light of the licensee’s business and risk profile;
                (b) Have a record of integrity and good repute;
                (c) Have sufficient time to fully carry out their responsibilities;
                (d) Not have any conflicts of interest that may impede their ability to perform their duties independently and objectively and subject them to undue influence from:
                i. Other approved persons, controllers or other connected parties;
                ii. Past or present positions held; or
                iii. Personal, professional or other economic relationships with other approved persons (or with other entities within the group); and
                (e) Not have more than two directorships of Bahraini banks, bearing in mind that two directorships of licensees within the same license category (e.g. ‘Retail Bank’) are not permitted.
                Added: April 2023

              • HC-2.2.3

                Board candidates should not hold more than three directorships in public companies in Bahrain. In case such directorships exist, there must be no conflict of interest, and the Board must not propose the election or re-election of any director where such conflict of interest exists.

                Added: April 2023

              • HC-2.2.4

                Nominated directors of a Bahraini conventional bank licensee must possess the requisite experience and competencies specified in Module TC (Training and Competency).

                Added: April 2023

              • HC-2.2.5

                A CEO of a Bahraini conventional bank licensee who has resigned or retired, must not be appointed as an independent director of the same bank unless a period of three years has passed from the date of his/her resignation/ retirement. Additionally, where a CEO is terminated from his/her position, he/she must not be appointed or retained as a Board member of the same bank.

                Added: April 2023

              • HC-2.2.6

                Each proposal by the Board to the shareholders for election or re-election of a director must be accompanied by a recommendation from the Board, a summary of the advice of the Nomination Committee and the following specific information:

                (a) The term to be served, which may not exceed three years;
                (b) Biographical details and professional qualifications;
                (c) In the case of an independent director, a statement that the Board has determined that the applicable rules and criteria for independent director have been met;
                (d) Any other directorships held;
                (e) Particulars of other positions which involve significant time commitments; and
                (f) Details of relationships (if any) between:
                i. the candidate and the conventional bank licensee, and
                ii. the candidate and other approved persons of the conventional bank licensee.
                Added: April 2023

              • HC-2.2.7

                Newly appointed non-executive directors must be made aware of their duties before their nomination, particularly as to the time commitment required.

                Added: April 2023

            • HC-2.3 HC-2.3 Board Members’ Appointment and Induction

              • Board Members’ Appointment

                • HC-2.3.1

                  The chairperson of the Board must confirm to shareholders when proposing re-election of a director that, following a formal performance evaluation, the person’s performance continues to be effective and they continue to demonstrate commitment to the role.

                  Added: April 2023

                • HC-2.3.2

                  Where an independent director has served three consecutive terms on the Board, such director will lose his independence status and must not be classified as an independent director if reappointed.

                  Added: April 2023

                • HC-2.3.3

                  Bahraini conventional bank licensees must have a written appointment agreement with each director which recites the directors’ powers, duties and responsibilities, accountability, term, the time commitment envisaged, the committee assignment (if any), remuneration, expense reimbursement entitlement and their access to independent legal or other professional advice at the expense of the bank when needed to discharge their responsibilities as directors.

                  Added: April 2023

              • Board Members’ Induction

                • HC-2.3.4

                  The Board must ensure that:

                  (a) Sufficient time, budget and other resources are allocated annually for the Board members’ induction programmes;
                  (b) Each new director receives a formal and tailored induction and has access to ongoing training on relevant issues which may involve internal or external resources to ensure their effective contribution to the Board from the beginning of their term; and
                  (c) The induction programmes include meetings with senior management, visits to the conventional bank licensee’s facilities, presentations regarding strategic plans, significant financial, accounting and risk management issues, compliance programs, and meetings with internal and external auditors and legal counsel.
                  Added: April 2023

                • HC-2.3.5

                  Board members must understand their oversight and corporate governance role and be able to exercise sound, objective judgment about the affairs of the licensee.

                  Added: April 2023

                • HC-2.3.6

                  All continuing directors must be invited to attend orientation meetings and all directors must continually educate themselves as to the conventional bank licensee’s business and corporate governance.

                  Added: April 2023

          • HC-3 HC-3 Board’s Structure and Practices

            • HC-3.1 HC-3.1 Organisation and Assessment of the Board

              • HC-3.1.1

                The Board of a Bahraini conventional bank licensee must:

                (a) Adopt a formal Board charter specifying matters which are reserved for it, which must include, but are not limited to, the specific requirements and responsibilities of directors stipulated in this Module and the Commercial Companies Law;
                (b) Structure itself in terms of leadership, size and the use of committees so as to effectively carry out its oversight role and other responsibilities. This includes ensuring that the Board has the time and means to cover all necessary subjects in sufficient depth and have a robust discussion of key issues;
                (c) Maintain and periodically update its governance structure, organisational rules, by-laws and other similar documents setting out its organisation, rights, responsibilities and key activities; and
                (d) Carry out annual evaluation and assessments – alone or with the assistance of external experts – of the Board, its committees and individual Board members. This must include:
                i. Assessing how the Board operates in terms of the requirements of the CBB Rulebook and the Commercial Companies Law;
                ii. Evaluating the performance of each committee considering its specific purposes and responsibilities, which shall include review of the self-evaluations undertaken by each committee;
                iii. Reviewing each director's work, their attendance at Board and committee meetings, and their independence and constructive involvement in discussions and decision making;
                iv. Reviewing, based on the Nomination Committee’s advice and assessment, the Board’s current structure, size, composition as well as committees’ structures and composition in order to maintain an appropriate balance of skills, diversity and experience and for the purpose of planned and progressive refreshing of the Board; and
                v. Recommendations for new directors to replace long-standing members or those members whose contribution to the Board or its committees is not adequate.
                Added: April 2023

              • HC-3.1.2

                Where the Board has serious reservations about the performance or integrity of a Board member, or he ceases to be qualified, the Board must take appropriate action and inform the CBB accordingly.

                Added: April 2023

              • HC-3.1.3

                The Board must report to the shareholders, at each annual shareholder meeting, that evaluations have been done and report its findings.

                Added: April 2023

              • HC-3.1.4

                Executive directors must provide the Board with all relevant business and financial information within their knowledge and must recognise that their role as a director is different from their role as a member of management.

                Added: April 2023

              • HC-3.1.5

                Non-executive directors must be fully independent of management and must constructively scrutinise and challenge management and executive directors.

                Added: April 2023

              • HC-3.1.6

                The Board must maintain appropriate records of meeting minutes, including key points of discussions held, recommendations made, decisions taken and dissenting opinions (if any).

                Added: April 2023

              • HC-3.1.7

                The Board must meet at least four times a year to enable it to discharge its responsibilities effectively, and half of all Board meetings in any financial year must be held in the Kingdom of Bahrain.

                Added: April 2023

              • HC-3.1.8

                Individual Board members must attend at least 75% of all Board meetings in a given financial year, whether in-person or virtually (if needed) so as to enable the Board to discharge its responsibilities effectively (see table below). Voting and attendance proxies for Board meetings are prohibited.

                Meetings per year 75% Attendance requirement
                4 3
                5 4
                6 5
                7 5
                8 6
                9 7
                10 8
                Added: April 2023

              • HC-3.1.9

                The absence of Board members at Board and committee meetings must be noted in the relevant meeting minutes. In addition, Board attendance percentage must be reported during any general assembly meeting when Board members stand for re-election (e.g. Board member XYZ attended xx% of scheduled meetings this year).

                Added: April 2023

              • HC-3.1.10

                If a Board member has not attended at least 75% of Board meetings in any given financial year, the licensee must notify the CBB, within one month from its financial year-end, indicating which member has failed to satisfy this requirement, their level of attendance and the reason for non-attendance. The CBB shall then consider the matter and determine whether enforcement action pursuant to Article 65 of the CBB Law is appropriate.

                Added: April 2023

              • HC-3.1.11

                Board governance framework should require members to step down if they are not actively participating in Board meetings.

                Added: April 2023

              • HC-3.1.12

                Non-executive directors should have free access to the Bahraini conventional bank licensee’s management beyond that provided in Board meetings. Such access should be through the chairperson of the Audit Committee or the CEO. The Board should make this policy known to management to alleviate any management concerns about a director’s authority in this regard.

                Added: April 2023

            • HC-3.2 HC-3.2 Board Chairperson

              • HC-3.2.1

                The Chairperson of the Board of the Bahraini conventional bank licensee must:

                (a) Not be an executive director;
                (b) Not be the same person as the CEO. This applies also to the deputy chairperson;
                (c) Commit sufficient time to perform their role effectively;
                (d) Play a critical role in promoting mutual trust, efficient functioning of the Board, open discussion, constructive dissent from decisions and constructive support for decisions after they have been made;
                (e) Ensure that all directors receive an agenda, minutes of prior meetings and adequate background information on each agenda item in writing well before each Board meeting;
                (f) Encourage and promote critical and objective discussion and ensure that dissenting views can be freely expressed, discussed and recorded in the minutes of the Board meeting; and
                (g) Ensure that Board decisions are taken on sound and well-informed bases.
                Added: April 2023

              • HC-3.2.2

                The chairperson of a Bahraini conventional bank licensee should be an independent Board member.

                Added: April 2023

            • HC-3.3 HC-3.3 Board Committees

              • HC-3.3.1

                The Board of the Bahraini conventional bank licensee must establish Audit, Risk, Remuneration and Nomination Committees described elsewhere in this Module.

                Added: April 2023

              • HC-3.3.2

                Objectivity and independence must be ensured by the selection of appropriate Board members in each committee.

                Added: April 2023

              • HC-3.3.3

                Committees may be combined provided that no conflict of interest arises between the duties of such committees, and subject to the CBB’s prior approval.

                Added: April 2023

              • HC-3.3.4

                Every committee must have a formal written charter or other instrument which sets out its roles and responsibilities, how the committee will report to the Board, what is expected of committee members and any tenure limits for serving on the committee.

                Added: April 2023

              • HC-3.3.5

                Each committee must have the resources and the authority necessary to discharge its duties and responsibilities, including the authority to select, retain, terminate and approve the fees of external legal, accounting or other advisors as it deems necessary.

                Added: April 2023

              • HC-3.3.6

                Each Board committee must maintain appropriate records of their deliberations and decisions in their meeting minutes, including key points of discussions held, recommendations made, decisions taken (and update on their subsequent implementation) and dissenting opinions (if any).

                Added: April 2023

              • HC-3.3.7

                Each committee must prepare and review with the Board an annual performance evaluation of the committee and its members and must recommend to the Board any improvements deemed necessary or desirable to the committee’s charter or composition. The report must be in the form of a written report presented at any regularly scheduled Board meeting.

                Added: April 2023

              • HC-3.3.8

                Members of each committee must exercise judgment free from any personal conflicts of interest or bias.

                Added: April 2023

              • HC-3.3.9

                The Board should consider occasional rotation of membership and chair of the Board committees provided that doing so does not impair the collective skills, experience and effectiveness of these committees.

                Added: April 2023

            • HC-3.4 HC-3.4 Audit Committee

              • HC-3.4.1

                The audit committee of the Bahraini conventional bank licensee must have at least three directors of which the majority must be independent and have no conflict of interest with any other duties they have.

                Added: April 2023

              • HC-3.4.2

                The Chairperson of the audit committee must:

                (a) Be independent;
                (b) Not be the chairperson of the board, unless he is considered independent; and
                (c) Not be the chairperson of any other Board committee.
                Added: April 2023

              • HC-3.4.3

                The CEO and other senior management of the Bahraini conventional bank licensee must not be members of the audit committee.

                Added: April 2023

              • HC-3.4.4

                The audit committee members must have sufficient experience in audit practices, financial reporting and accounting.

                Added: April 2023

              • HC-3.4.5

                The audit committee must meet:

                (a) At least four times a year.
                (b) At least twice a year with the external auditor.
                (c) At least once a year in the absence of the CEO and any executive management, but in presence of the Head of Compliance, Internal Auditor and CRO.
                Added: April 2023

              • HC-3.4.6

                The audit committee must, at minimum:

                (a) Ensure that the licensee has effective and adequate policies covering all its business activities, internal audit, financial reporting, compliance, risk management, prevention of frauds and cyber security breaches, etc.;
                (b) Oversee the financial reporting process;
                (c) Oversee and interact with the licensee’s internal and external auditors;
                (d) Review the integrity of the conventional bank licensee’s financial statements;
                (e) Recommend to the Board, based on a Board approved objective criteria, the appointment, remuneration, dismissal and rotation of external auditors;
                (f) Review and approve the internal and external audit and compliance scope;
                (g) Receive internal and external audit and compliance reports and ensure that senior management is taking necessary corrective actions in a timely manner to address any control weaknesses, non-compliance with policies, laws and regulations, and other problems identified by auditors, the head of compliance and other control functions;
                (h) Assess once a year the extent to which the licensee is managing its compliance risk effectively;
                (i) Ensure that the agenda for their meetings includes compliance and internal audit issues at least every quarter;
                (j) Recommend the appointment and dismissal of the heads of internal audit and compliance functions. The licensee must also discuss the reasons for their dismissal with the CBB.
                (k) Make a determination, at least once a year, of the external auditor’s independence;
                (l) Commission every five years a quality review of the effectiveness and efficiency of the internal audit and compliance functions by a third-party consultant, other than the external auditor. The results of such independent review must be provided to the CBB by 30th September of the relevant year;
                (m) Review and supervise the implementation and enforcement of the licensee's code of conduct, unless such mandate is delegated to another committee such as the Governance Committee; and
                (n) Ensure that senior management establishes and maintains an adequate and effective internal control systems, procedures and processes for the business of the licensee.
                Added: April 2023

              • HC-3.4.7

                In case the licensee has a different board committee overseeing and monitoring compliance issues, then all of the above compliance-related requirements in Paragraph HC-3.4.6 can be handled by such committee instead.

                Added: April 2023

            • HC-3.5 HC-3.5 Risk Committee

              • HC-3.5.1

                The risk committee of the Bahraini conventional bank licensee must have at least three directors of which the majority must be independent. In addition, the committee members must have experience in risk management issues and practices and have no conflict of interest with any other duties they may have.

                Added: April 2023

              • HC-3.5.2

                The chairperson of the risk committee must:

                (a) Be independent;
                (b) Not be the chairperson of the Board, unless he is considered independent; and
                (c) Not be the chairperson of any other Board committee.
                Added: April 2023

              • HC-3.5.3

                The CEO and other senior management must not be members of the risk committee.

                Added: April 2023

              • HC-3.5.4

                The licensee must have a strong and appropriate risk governance framework which:

                (a) Includes a strong risk culture, and a well-developed risk appetite articulated through the risk appetite statement (RAS);
                (b) Outlines actions to be taken when the stated risk limits are breached, including disciplinary actions for excessive risk-taking, escalation procedures and notification to the Board; and
                (c) Includes well-defined organisational responsibilities for risk management.
                Added: April 2023

              • HC-3.5.5

                The Bahraini conventional bank licensee’s RAS must:

                (a) Include both quantitative and qualitative considerations;
                (b) Establish the individual and aggregate level and types of risks that the bank is willing to assume;
                (c) Define the boundaries and business considerations according to which the bank is expected to operate;
                (d) Be aligned with the bank’s strategic, capital and financial plans and compensation practices; and
                (e) Be communicated effectively throughout the bank, linking it to daily operational decision-making and establishing the means to raise risk issues and strategic concerns across the bank on a timely and proactive basis.
                Added: April 2023

              • HC-3.5.6

                Conventional Bank licensees must avoid organisational silos that can impede effective sharing of risk information across the organisation and can result in decisions being taken in isolation from the rest of the bank. Accordingly, the Board, senior management and control functions must re-evaluate established practices in order to encourage greater communication.

                Added: April 2023

              • HC-3.5.7

                The risk committee must, at minimum:

                (a) Recommend the appointment or removal of the Chief Risk Officer (CRO) or equivalent. The licensee must also discuss the reasons for removal with the CBB;
                (b) Discuss all risk strategies on both an aggregated basis and by type of risk and make recommendations to the Board, and on the risk appetite;
                (c) Ensure that:
                i. Risks are identified, measured, aggregated, controlled, mitigated, monitored and reported on an ongoing basis across all business lines, the licensee as a whole, its subsidiaries and overseas branches (if any);
                ii. Risk identification and measurement include both quantitative and qualitative elements;
                iii. Each key risk has a policy, process and controls;
                iv. The licensee has sufficient and robust management information system and policies, supported by appropriate control procedures and processes, designed to ensure that the licensee’s risk identification, measurement, aggregation, controlling, mitigation, monitoring and reporting capabilities are commensurate with the licensee’s size, complexity and risk profile. The sophistication of the licensee’s risk management information system and internal control infrastructure must keep pace with changes to the licensee’s risk profile, the external risk landscape and industry practices;
                v. The licensee’s risk management infrastructure, including a sufficiently robust data infrastructure, data governance and architecture and information technology infrastructure keeps pace with developments such as balance sheet and revenue growth, increasing complexity of the licensee’s business, risk configuration or operating structure, geographical expansion, mergers and acquisitions, or the introduction of new products or business lines;
                vi. Senior management has in place processes to promote the licensee’s adherence to the approved risk policies and risk appetite;
                vii. The licensee’s policies must determine the key management decisions that must be taken by more than one person;
                viii. The licensee has an adequate communication within the licensee about risk, both across the organisation and through reporting to the Board and senior management;
                ix. The licensee has a strong risk culture that promotes risk awareness and encourages open communication and challenge about risk-taking across the organisation as well as vertically to and from the Board and senior management; and
                x. The licensee has adequate escalation procedures on risks related matters.
                (d) Advise the Board on the licensee’s risk appetite, overseeing senior management’s implementation of the RAS, reporting on the state of risk culture in the licensee, and interacting with and overseeing the CRO;
                (e) Oversee the strategies for capital and liquidity management as well as for all relevant risks of the licensee, such as credit, market, operational, interest rate risk in the banking book and reputational risks, to ensure that they are consistent with the stated risk appetite;
                (f) Commission every five years a quality review of the effectiveness and efficiency of the risk management framework and function by a third-party consultant, other than the external auditor. The results of such independent review must be provided to the CBB by 31st May of the relevant year. More specifically, a conventional bank licensee must undertake reviews referred to above with regards to the following individual areas that are relevant to the risk management framework:
                i. ICAAP Framework referred to in Module IC;
                ii. Capital adequacy requirements under Module CA;
                iii. Recovery and resolution planning (RRP) and related documents referred to in Module DS;
                iv. Credit risk management framework and compliance with Module CM;
                v. Operational risk management framework and compliance with Module OM;
                vi. Stress testing framework included in Module ST;
                vii. Liquidity risk management framework and compliance with Module LM; and
                viii. Compliance with Module RR.
                (g) Receive regular reporting and communication from the CRO and other relevant functions about the licensee’s current risk profile, current state of the risk culture, utilisation against the established risk appetite and limits, limit breaches and mitigation plans.
                Added: April 2023

              • HC-3.5.8

                There must be effective communication and coordination between the audit committee and the risk committee to facilitate the exchange of information and effective coverage of all risks, including emerging risks, and any needed adjustments to the risk governance framework of the bank.

                Added: April 2023

            • HC-3.6 HC-3.6 Remuneration Committee

              • HC-3.6.1

                The remuneration committee of the Bahraini conventional bank licensee must have at least three directors.

                Added: April 2023

              • HC-3.6.2

                Members of the remuneration committee must be independent of any risk-taking function or committee.

                Added: April 2023

              • HC-3.6.3

                The remuneration committee should include only independent directors or, alternatively, only non-executive directors of whom a majority are independent directors and the chairperson should be an independent director.

                Added: April 2023

              • HC-3.6.4

                The remuneration committee should meet at least twice a year.

                Added: April 2023

              • HC-3.6.5

                The remuneration committee must, at minimum:

                (a) Recommend to the Board:
                i. An appropriate remuneration policy designed to reduce employees’ incentives to take excessive and undue risk, which must be approved by the shareholders; and
                ii. A fair and internally transparent remuneration system, which includes relevant performance measures and effective controls.
                (b) Ensure on an annual basis that the remuneration policy and its implementation:
                i. Are in full compliance with CBB requirements;
                ii. Are consistent with the licensee’s strategy, culture, long-term business objectives, risk appetite, performance and control environment; and
                iii. Are creating the desired incentives for managing risk, capital and liquidity.
                (c) Work closely with the risk committee in evaluating the incentives created by the remuneration system. The risk committee must, without prejudice to the tasks of the remuneration committee, examine whether incentives provided by the remuneration system take into consideration risk, capital, liquidity and the likelihood and timing of earnings;
                (d) Approve the remuneration package and amounts for each approved person and material risk-taker, as well as the total variable remuneration to be distributed based on the results of the performance evaluation system and taking account of total remuneration including salaries, fees, expenses, bonuses and other employee benefits;
                (e) Regularly review remuneration outcomes, risk measurements, and risk outcomes for consistency with Board’s approved risk appetite;
                (f) Question payouts for income that cannot be realised or whose likelihood of realisation remains uncertain at the time of payout;
                (g) Recommend Board member remuneration based on their attendance and in compliance with the Commercial Companies Law;
                (h) Evaluate practices by which remuneration is paid for potential future revenues whose timing and likelihood remain uncertain by means of both quantitative and qualitative key indicators. It must demonstrate that its decisions are consistent with the assessment of the licensee’s financial condition and future prospects; and
                (i) Obtain feedback on performance evaluation of the Chief Risk Officer, Chief Internal Auditor, Head of Compliance, Head of Internal Shari’a Audit, Shari’a Officer from the designated Board committee responsible for oversight of these functions.
                Added: April 2023

            • HC-3.7 HC-3.7 Nomination Committee

              • HC-3.7.1

                The nomination committee of the Bahraini conventional bank licensee must have at least three independent directors, or alternatively, three non-executive directors of whom the majority must be independent directors including its chairperson.

                Added: April 2023

              • HC-3.7.2

                The committee should meet at least twice a year.

                Added: April 2023

              • HC-3.7.3

                The nomination committee must, at minimum:

                (a) Assess and recommend to the Board from time to time the changes that the committee considers desirable to the size of the Board, any Board committee or management structure;
                (b) Regularly review the time commitment required from each non-executive director and require them to inform the committee before accepting any Board appointments to another company;
                (c) Recommend to the Board persons qualified to become members of the Board of directors or CEO and his deputies, chief financial officer, chief operating officer, chief investment officer, chief banking officer, corporate secretary and any equivalent or other senior management positions that the Board determines are subject to its approval. The exceptions are the appointments of the chief internal auditor, chief risk officer and head of compliance who must be recommended by other committees as prescribed in this module;
                (d) Assess the role and responsibilities of a Board member, the knowledge, experience and competence which the role requires;
                (e) Assess the Board’s and senior management’s effectiveness;
                (f) Recommend to the Board appropriate succession plans of approved persons within senior management;
                (g) Recommend to the Board, and oversee the implementation of, appropriate personnel or human resource policies; and
                (h) Recommend to the Board the prescribed title, authority, duties, accountability and internal reporting responsibilities for each approved person within senior management.
                Added: April 2023

            • HC-3.8 HC-3.8 Corporate Governance Committee

              • HC-3.8.1

                The Bahraini conventional bank licensee must assign to one of its senior management the role of a corporate governance officer who is responsible for the tasks of verifying the bank's compliance with corporate governance rules and regulations.

                Added: April 2023

              • HC-3.8.2

                The Board should establish a corporate governance committee for developing and recommending changes from time to time in the conventional bank licensee’s corporate governance policy framework. Such committee should have at least three directors of which the majority should be independent.

                Added: April 2023

              • HC-3.8.3

                The corporate governance committee should:

                (a) Oversee and monitor the implementation of the governance policy framework by working with the management and the Audit Committee; and
                (b) Provide the Board of directors with reports and recommendations based on its findings in the exercise of its functions.
                Added: April 2023

              • HC-3.8.4

                The responsibilities of the corporate governance officer may be assumed by the head of compliance and should include, at minimum:

                (a) Coordinating and following up on the licensee’s compliance with corporate governance requirements;
                (b) Ensuring that the corporate governance policies, their implementation and related internal controls are consistent with the regulatory and legal requirements;
                (c) Working closely with the Board and/or the relevant Board committee to improve the governance framework of the licensee; and
                (d) Reviewing the annual corporate governance disclosure to ensure that its contents are in conformity with the licensee’s internal policies and the CBB rulebook requirements.
                Added: April 2023

          • HC-4 HC-4 Shareholders’ Meetings

            • HC-4.1 HC-4.1 Shareholders’ Meetings

              • HC-4.1.1

                Bahraini conventional bank licensees must comply with the following with respect to any shareholders’ meeting:

                (a) Provide the draft agenda to the CBB, for its review and comment, at least 5 working days prior to communicating with the shareholders or publishing in the press;
                (b) Ensure that CBB’s prior approval has been obtained for any agenda items which require CBB’s approval under relevant regulations, prior to the meeting taking place;
                (c) Invite a representative of the CBB to attend the meetings at least 5 working days prior to the meeting taking place; and
                (d) Submit to the CBB a copy of the minutes of the meeting within 15 calendar days of the meeting.
                Added: April 2023

          • HC-5 HC-5 Group Structures

            • HC-5.1 HC-5.1 Governance of Group Structures

              • HC-5.1.1

                The Board of a Bahraini conventional bank licensee which acts as a parent must:

                (a) Have the overall responsibility for the group and exercise adequate oversight over subsidiaries and overseas branches while respecting the independent legal and governance responsibilities that might apply to subsidiary Boards;
                (b) Establish, subject to CBB’s approval, a group structure (including the legal entity and business structure) and a group corporate governance framework with clearly defined roles and responsibilities at both the parent bank’s and the subsidiaries’ level as may be appropriate based on the complexity, risks and significance of the subsidiaries;
                (c) Set adequate and comprehensive criteria for composing Boards at subsidiaries’ level;
                (d) Have a clear strategy and group policy for establishing new structures and legal entities, and ensure that they are consistent with the policies and interests of the group;
                (e) Have sufficient resources at group and subsidiaries levels to monitor risks and compliance at the level of the group and its subsidiaries;
                (f) Pay special attention and due care to any significant subsidiary based on its risk profile or systemic importance or due to its size relative to the parent bank;
                (g) Assess and discuss material risks and issues that might affect the group and its subsidiaries and overseas branches;
                (h) Establish effective group functions at the parent bank, including but not limited to, internal audit, compliance, risk management and financial controls to whom the relevant subsidiaries’ functions must report;
                (i) Maintain an effective relationship, through the subsidiary Board or direct contact, with the regulators of all subsidiaries and overseas branches; and
                (j) ensure that:
                i. The group has appropriate policies and controls to identify and address potential intragroup conflicts of interest, such as those arising from intragroup transactions;
                ii. The group is governed and operating under clear group strategies, business policies and specific set of group policies on risk management, internal audit, compliance and financial controls;
                iii. There are no barriers to exchanging information between the subsidiaries and the parent bank and that there are robust systems in place to facilitate the exchange of information to enable the parent bank to effectively supervise the group and manage its risks; and
                iv. Adequate authority is available to each subsidiary pursuant to local legislations.
                Added: April 2023

              • Subsidiaries’ Boards

                • HC-5.1.2

                  Boards and senior management of subsidiaries of Bahraini conventional bank licensees must remain responsible for developing effective governance and risk management framework for their entities and must clearly understand the reporting obligations they have to the parent bank.

                  Added: April 2023

                • HC-5.1.3

                  The strategy, business plan, policies, risk governance framework, corporate values and corporate governance framework of each subsidiary must align with group strategy and policies, and the subsidiary Board must make necessary adjustments where a group policy conflicts with an applicable legal or regulatory provision or prudential rule or would be detrimental to the sound and prudent management of the subsidiary.

                  Added: April 2023

                • HC-5.1.4

                  Material risk-bearing subsidiaries and overseas branches must be captured by the bank-wide risk management system and must be part of the overall risk governance framework.

                  Added: April 2023

              • Complex or Opaque Structures

                • HC-5.1.5

                  The Board and senior management of the parent bank must be cognisant of the challenges arising from operating under complex or opaque structures, including special purpose vehicles, and must act to avoid or mitigate these by:

                  (a) Avoiding setting up complicated structures that lack economic substance or business purpose;
                  (b) Continually maintaining and reviewing appropriate policies, procedures and processes governing the approval and maintenance of those structures or activities, including fully vetting the purpose, the associated risks and the bank’s ability to manage those risks prior to setting up new structures and initiating associated activities;
                  (c) Having a centralised process for approving the creation of new legal entities and subsidiaries based on established criteria, including the ability to monitor and fulfil each entity’s regulatory, tax, financial reporting, governance and other requirements and for the dissolution of dormant subsidiaries;
                  (d) Establishing adequate policies, procedures and processes to identify and manage all material risks arising from these structures, including lack of management transparency, operational risks introduced by interconnected and complex funding structures, intragroup exposures, trapped collateral and counterparty risk, etc. The bank must only approve structures if the material risks can be properly identified, quantified, monitored and mitigated; and
                  (e) Ensuring that the activities, controls and structures are subject to periodic reviews by compliance, internal audit and risk management functions as well as external audit to ensure effectiveness and consistency with Board-approved strategy and policies.
                  Added: April 2023

          • HC-6 HC-6 Remuneration of Approved Persons and Material Risk-Takers

            • HC-6.1 HC-6.1 Remuneration of Approved Persons and Material Risk-Takers

              • HC-6.1.1

                All approved persons and material risk-takers must be remunerated fairly and responsibly. More specifically, the remuneration must be sufficient to attract, retain and motivate persons.

                Added: April 2023

              • HC-6.1.2

                The performance evaluation and remuneration of senior management and staff of the conventional bank licensees must be based, among other factors, on their adherence to all relevant laws, regulations and CBB rulebook requirements, including but not limited to AML/CFT requirements in the FC module.

                Added: April 2023

              • HC-6.1.3

                For approved persons and material risk-takers whose total annual remuneration (including all benefits) is in excess of BD100,000:

                (a) An appropriate ratio between the fixed and variable components of total remuneration must be set to ensure that fixed and variable components of total remuneration are appropriately balanced and paid on the basis of individual, business-unit and bank-wide measures that adequately measure performance; and
                (b) The variable proportion of remuneration must increase significantly along with the level of seniority and/or responsibility. More specifically:
                i. at least 40% of the variable remuneration must be payable under deferral arrangements over a period of at least 3 years; and
                ii. for the CEO, his deputies and the other 5 most highly paid business line employees, at least 60% of the variable remuneration must be payable under deferral arrangements over a period of at least 3 years.
                Added: April 2023

              • HC-6.1.4

                As a minimum, 50% of total variable remuneration (including both the deferred and undeferred portions) must be awarded in shares or share-linked instruments or where appropriate, other non-cash instruments. The remaining portion of the deferred remuneration can be paid as cash remuneration vested over a minimum 3-year period.

                Added: April 2023

              • HC-6.1.5

                Remuneration, based on both quantitative measures and human judgement, must be adjusted for all types and magnitudes of risks, including intangible and other risks managed by the approved person and material risk-taker, and remuneration outcomes must be symmetric with risk outcomes.

                Added: April 2023

              • HC-6.1.6

                The mix of cash, equity and other forms of remuneration must be consistent with risk alignment. The mix will vary depending on the employee’s position and role and the licensee must document the rationale for its mix.

                Added: April 2023

              • HC-6.1.7

                Employees’ incentive payments must be linked to the contribution of the individual and business to such performance.

                Added: April 2023

              • HC-6.1.8

                Remuneration systems must link the size of the bonus pool to the overall performance of the licensee.

                Added: April 2023

              • HC-6.1.9

                Awards in shares or share-linked instruments must be subject to a minimum share retention policy of 6 months from the time the shares are awarded, unless the licensee’s policy requires a longer period.

                Added: April 2023

              • HC-6.1.10

                The only instance where deferred remuneration can be paid out before the end of the vesting period is in the case of the death of the employee where the beneficiaries would receive any unpaid deferred remuneration.

                Added: April 2023

              • HC-6.1.11

                Licensees must not provide any form of guaranteed variable remuneration as part of the overall remuneration package. Exceptional minimum variable remuneration must only occur in the context of hiring new staff and limited to the first year.

                Added: April 2023

              • HC-6.1.12

                For Bahraini conventional bank licensees, where fixed or variable remuneration include common shares, licensees must limit the shares awarded to an annual aggregate limit of 10% of the total issued shares outstanding of the licensee, at all times.

                Added: April 2023

              • HC-6.1.13

                For Bahraini conventional bank licensees, all share incentive plans must be approved by the shareholders.

                Added: April 2023

              • HC-6.1.14

                Approved persons and other staff of risk management, financial controls, internal audit, operations, internal Shari’a audit, Shari’a coordination and implementation, AML/ CFT, compliance, human resources, information technology and legal functions must be remunerated based principally on the achievement of the objectives and targets of their functions. As such the mix of fixed and variable remuneration for these functions’ personnel must be skewed toward fixed remuneration.

                Added: April 2023

              • HC-6.1.15

                The size of the variable remuneration pool and its allocation within the licensee must not compromise the financial soundness of the licensee and must take into account the full range of current and potential risks, including:

                (a) The cost and quantity of capital required to support the risks taken;
                (b) The cost and quantity of the liquidity risk assumed in the conduct of business; and
                (c) Consistency with the timing and likelihood of potential future revenues incorporated into current earnings.
                Added: April 2023

              • HC-6.1.16

                Existing contractual payments related to a termination of employment must be re-examined and kept in place only if there is a clear basis for concluding that they are aligned with long-term value creation and prudent risk-taking. Prospectively, any such payments must be related to performance achieved over time and designed in a way that does not reward failure.

                Added: April 2023

              • HC-6.1.17

                Licensees must have an appropriate compliance mechanism to ensure that their employees commit themselves not to use personal hedging strategies or remuneration- and liability-related insurance to undermine the risk alignment effects embedded in their remuneration arrangements.

                Added: April 2023

              • HC-6.1.18

                Bonuses must either be reduced or be deferred in the event of poor licensee, divisional or business unit performance. Subdued or negative financial performance of the licensee must lead to contraction of the licensee’s total variable remuneration, taking into account both current remuneration and reductions in payouts of amounts previously earned, including through malus and clawback arrangements. Recognition of staff who have achieved their targets or better, may take place by way of deferred compensation, which may be paid once the licensee’s performance improves.

                Added: April 2023

              • HC-6.1.19

                If the licensee and/or relevant line of business is incurring losses in any year during the vesting period, any unvested portions must be subject to malus. Accrual and deferral of variable remuneration does not oblige the licensee to pay the variable remuneration, particularly when the anticipated outcome has not materialised.

                Added: April 2023

              • HC-6.1.20

                Approved persons, including those appointed as members of the Board of special purpose vehicles or other operating companies, are not permitted to take any benefits (commission, fees, shares, consideration in kind, or other remuneration or incentives in respect of the performance of the project or investment) from any projects or investments which are managed by the conventional bank licensee or promoted to its customers or potential customers except for Board related remuneration linked to their fiduciary duties to the investors of the project/investment.

                Added: April 2023

              • HC-6.1.21

                Remuneration of non-executive directors must not include performance-related elements such as grants of shares, share options or other deferred stock-related incentive schemes, bonuses, or pension benefits.

                Added: April 2023

              • HC-6.1.22

                If a senior manager is also a director, his remuneration as a senior manager must take into account compensation received in his capacity as a director.

                Added: April 2023

          • HC-7 HC-7 Senior Management

            • HC-7.1 HC-7.1 Senior Management

              • HC-7.1.1

                The Board must establish an adequate organisational structure that promotes accountability and transparency and facilitates effective decision-making and good governance throughout the licensee. This includes clarity on the role, authority and responsibility of the various positions within senior management, including that of the CEO.

                Added: April 2023

              • HC-7.1.2

                Senior management must:

                (a) Be selected through an appropriate promotion or recruitment process which considers the qualifications and competencies required for the position in question;
                (b) Have the necessary experience, competencies, personal qualities and integrity to manage the businesses and employees under their supervision;
                (c) Be subject to regular training to maintain and enhance their competencies and stay up to date on developments relevant to their areas of responsibility;
                (d) Assess the training needs of staff across all levels throughout the organisation taking into account the existing skills and competencies and laws and regulations and ensure that such training is provided by competent and skilled personnel (whether internal or external);
                (e) Act within the scope of their responsibilities which must be clearly defined;
                (f) Independently assess and question the policies, processes and procedures of the licensee, with the intent to identify and initiate management action on issues requiring improvement;
                (g) Not interfere in the independent duties of the risk management, compliance and internal audit functions;
                (h) Carry out and manage the licensee’s activities in compliance with all laws and regulations, and in a manner consistent with the business strategy, risk appetite, business plans and remuneration and other policies approved by the Board;
                (i) Have a robust governance framework for all management committees;
                (j) Not primarily control the remuneration system in the licensee;
                (k) Actively communicate and consult with the control functions on management’s major plans and activities so that the control functions can effectively discharge their responsibilities; and
                (l) Provide the Board and its committees with timely, complete, accurate and understandable information and documents so that they are equipped for upholding their responsibilities, and keep them adequately informed and updated on a timely basis about material issues including:
                i. Changes in the implementation of business strategy, risk strategy and risk appetite;
                ii. The licensee’s performance and financial condition;
                iii. Breaches of risk limits or regulations;
                iv. Internal control failures, frauds and cyber-security incidents;
                v. Legal or regulatory concerns;
                vi. Customer complaints; and
                vii. Issues raised as a result of the licensee’s whistleblowing policy.
                Added: April 2023

              • HC-7.1.3

                Conventional bank licensee’s CEO and chief financial officer must state in writing to the audit committee and the Board that the conventional bank licensee’s interim and annual financial statements present a true and fair view, in all material respects, of the conventional bank licensee’s financial condition and results of operations in accordance with applicable accounting standards.

                Added: April 2023

          • HC-8 HC-8 Risk Management Function

            • HC-8.1 HC-8.1 Risk Management Function

              • HC-8.1.1

                Conventional bank licensees must have an effective and independent risk management function commensurate with the bank’s size, complexity and risk profile, under the direction of a chief risk officer (CRO) or equivalent, with sufficient stature, independence and skilled resources.

                Added: April 2023

              • HC-8.1.2

                Branches of foreign bank licensees have the choice of having an in-house risk management function in Bahrain, or subject to the CBB’s approval to outsource such role to their regional or head office.

                Added: April 2023

              • HC-8.1.3

                The risk management function must:

                (a) Be sufficiently independent of the business units, thus ensuring that it is not involved in revenue generation;
                (b) Be responsible for overseeing risk-taking activities across the licensee and must have authority within the organisation to do so;
                (c) Have procedures in place to identify and assess the possible increased reputational risk to the licensee if it offers products or carries out activities outside Bahrain;
                (d) Have access to all business lines that have the potential to generate risk to the licensee as well as to relevant risk-bearing subsidiaries, associated companies and overseas branches;
                (e) Challenge business units effectively regarding all aspects of risk arising from the licensee’s activities; and
                (f) Have a sufficient number of employees who possess the requisite experience and qualifications, including market and product knowledge as well as command of risk disciplines, and are subject to regular training.
                Added: April 2023

              • HC-8.1.4

                Key activities of the risk management function must include:

                (a) Implementing an enterprise-wide risk governance framework that includes appropriate policies, procedures and limits;
                (b) Identifying material individual, aggregate and emerging risks, including risks arising from potential mergers and acquisitions and hard to quantify risks, such as reputational risk;
                (c) Regularly and on an ad-hoc basis, evaluating the risks faced by the licensee and its overall risk profile. The risk assessment process must include ongoing analysis of existing risks as well as the identification of new or emerging risks. The results of such assessments must be reported to both the Risk Committee and senior management;
                (d) Ongoing monitoring of the risk-taking activities and risk exposures in line with the Board-approved risk policies and appetite;
                (e) Establishing an early warning or trigger system for breaches of the licensee’s risk appetite or limits;
                (f) Using risk measurement and modelling techniques in addition to qualitative risk analysis and monitoring;
                (g) Evaluating possible ways to mitigate risk exposures;
                (h) Reporting regularly to the risk committee and senior management on risks, including but not limited to, material exemptions and risk-mitigating actions;
                (i) Regularly comparing actual performance against risk estimates (i.e. Backtesting) to assist in judging the accuracy and effectiveness of the risk management process and making necessary adjustments; and
                (j) Challenging decisions that give rise to material risk.
                Added: April 2023

              • HC-8.1.5

                Licensees must have adequate risk management and approval processes for new or expanded products or services, lines of business and markets, outsourcing arrangements as well as for large and complex transactions. If such processes are not in place, a new product, service, business line or third-party relationship or major transaction must be delayed. There must also be a process to assess risk and performance relative to initial projections and to adapt the risk management treatment accordingly as the business matures. The risk management function must provide input on risks as part of such processes and on the outsourcer’s ability to manage risks and comply with legal and regulatory obligations. Such processes must entail the following:

                (a) A full assessment of risks under a variety of scenarios as well as an assessment of potential shortcomings in the ability of the licensee’s risk management and internal controls to effectively manage associated risks; and
                (b) An assessment of the extent to which the licensee’s risk management, legal and regulatory compliance, information technology, internal control and business functions have adequate tools and the expertise necessary to measure and manage related risks.
                Added: April 2023

              • HC-8.1.6

                Licensees must appoint a chief risk officer (CRO) or equivalent with an overall responsibility for the licensee’s risk management function.

                Added: April 2023

              • HC-8.1.7

                The CRO must:

                (a) Be actively engaged, together with management, in monitoring performance relative to risk-taking and risk limit adherence;
                (b) Manage and participate in key decision-making processes (e.g. Strategic planning, capital and liquidity planning, new products and services, compensation design and operation);
                (c) Be independent and have duties distinct from other executive function. This means that he must not have managerial or financial responsibility or approval authority related to any business lines or revenue-generating functions, and there must be no “dual hatting”, i.e. other approved persons within senior management must not serve as the CRO.
                (d) Have access to any information necessary to perform his duties;
                (e) Report directly to the risk committee without impediment, and administratively to the CEO;
                (f) Have the ability to interpret and articulate risk in a clear and understandable manner and to effectively engage the risk committee and senior management in a constructive dialogue on key risk issues;
                (g) Meet regularly with the non-executive directors, the board or its risk committee without executive directors and the CEO being present;
                (h) Keep the risk committee and senior management apprised of the assumptions used in and potential shortcomings of the licensee’s risk models and analyses;
                (i) Consistently remind all staff, through a regular process, under the sponsorship of the CEO, of the risk management requirements to ensure a common understanding of these requirements across the licensee; and
                (j) Ensure that:
                i. Risk reporting to the risk committee is carefully designed to convey bank-wide, individual portfolio and other risks in a concise and meaningful manner. Reporting must accurately communicate risk exposures and results of stress tests or scenario analyses and must provoke a robust discussion of, for example, the bank’s current and prospective exposures (particularly under stressed scenarios), risk/return relationships and risk appetite and limits. Reporting must also include information about the external environment to identify market conditions and trends that may have an impact on the bank’s current or future risk profile;
                ii. Material risk-related ad-hoc information that requires immediate decisions or reactions is promptly presented to senior management and, as appropriate, the risk committee, the responsible officers and, where applicable, the heads of control functions so that suitable measures and activities can be initiated at an early stage; and
                iii. The licensee has accurate internal and external data to be able to identify, assess and mitigate risks.
                Added: April 2023

          • HC-9 HC-9 Compliance

            • HC-9.1 HC-9.1 Compliance

              • HC-9.1.1

                The Board must:

                (a) Oversee the management of the licensee’s compliance risk;
                (b) Establish an independent compliance function and approve an appropriate compliance framework for the licensee based on its size and complexity of its operations;
                (c) Set priorities for the management of its compliance risk in a way that is consistent with its risk management strategy and structures;
                (d) Not outsource the compliance function; and
                (e) Approve the licensee’s compliance policy for identifying, assessing, monitoring, reporting and advising on compliance risk.
                Added: April 2023

              • HC-9.1.2

                The compliance function and the internal audit function must be separate.

                Added: April 2023

              • HC-9.1.3

                The Board, Audit Committee or the designated Board committee and senior management must:

                (a) Ensure that, based on an agreed remedial action plan, all compliance findings are resolved within a reasonable period of time to be set based on level and magnitude of risk;
                (b) Not restrict the compliance function from reporting any irregularities or breaches that are identified as a result of its work or investigations, and must ensure that such reporting can be done without fear of retaliation or disfavour from management, board members or other staff members;
                (c) Ensure that the head of compliance and his staff are not placed in a position where there is a possible conflict of interest between their compliance responsibilities and any other responsibilities they may have;
                (d) Not consider the compliance function as a cost center; instead it should be viewed as an activity that helps the licensee avoid enforcement action for non-compliance, enhances the licensee’s reputation and promotes the right environment for better financial performance; and
                (e) Ensure the compliance function’s right to:
                i. Have unrestricted access to any records or files necessary to carry out its responsibilities, and the corresponding duty of licensee staff to co-operate in supplying this information;
                ii. Conduct investigations of possible breaches of the applicable laws, regulations and the compliance policy; and
                iii. Appoint, subject to audit committee’s approval, outside experts to perform a specific task, if appropriate.
                Added: April 2023

              • HC-9.1.4

                Licensees must appoint a head of compliance with overall responsibility for the licensee’s compliance function.

                Added: April 2023

              • HC-9.1.5

                In banking groups:

                (a) The audit committee and senior management, with assistance of the group head of compliance, must ensure that adequate resources, commensurate with the scale and complexity of operations, are assigned for compliance activities at the head office, subsidiaries and overseas branches; and
                (b) The group head of compliance must ensure that:
                i. Adequate reports and information are received from subsidiaries and overseas branches on compliance related issues and must report the same to the audit committee; and
                ii. It conducts annual compliance testing on subsidiaries and overseas branches whose total revenue represents 20% or more of the group’s total revenue and every two years for other overseas operations.
                Added: April 2023

              • HC-9.1.6

                Subject to the CBB’s approval, the role of head of compliance may be combined with the head of risk if the size and nature of the conventional bank licensee justify the same.

                Added: April 2023

              • HC-9.1.7

                The head of compliance must:

                (a) Report to the Audit Committee or the designated Board committee and administratively to the CEO. In the case of branches of foreign bank licensees, the reporting must be to the Group or Regional Head of Compliance and administratively to the CEO/GM of the branch;
                (b) Establish the operating compliance procedures and processes for identifying, assessing, monitoring, reporting and advising on compliance risk;
                (c) Establish written guidance to the licensee’s staff on the appropriate implementation of laws and regulations;
                (d) Conduct, under the sponsorship of the CEO, awareness sessions for the licensee’s staff on compliance policy requirements and issues; and
                (e) Report to the Audit Committee:
                i. On a quarterly basis, the licensee’s management of its compliance risk, in such a manner as to assist committee members to make an informed judgment on whether the licensee is managing its compliance risk effectively; and
                ii. Immediately any material compliance failures as they arise (e.g. failures that may attract a significant risk of legal or regulatory sanctions, material financial loss, or loss of reputation).
                Added: April 2023

              • HC-9.1.8

                The compliance function must:

                (a) Have a formal status with sufficient authority within the licensee;
                (b) Carry out its responsibilities under a risk-based compliance programme that sets out its planned activities, such as the implementation and review of specific policies and procedures, compliance risk assessment and compliance testing;
                (c) Assess in cooperation with the relevant functions, in case of new regulations, the appropriateness of the licensee’s relevant policies as well as the compliance policy and related procedures and processes. It must promptly follow up regarding any identified deficiencies, and, where necessary, formulate proposals for amendments in cooperation with the relevant functions;
                (d) On a proactive basis, identify, measure, document and assess the compliance risks associated with the licensee’s business activities including the development of new products and business practices, proposed establishment of new types of business or customer relationships, or material changes in the nature of such relationships. If the licensee has a new products and services committee, the compliance function staff must be represented on the committee;
                (e) Monitor and test compliance by performing sufficient and representative compliance testing. The results of such testing must be reported to the Audit Committee;
                (f) Advise the audit committee and senior management on all relevant laws, regulations and standards in all jurisdictions in which the licensee conducts its business and inform them on developments on the subject;
                (g) Provide to the CBB a compliance assessment report on every application/request for approval to the CBB confirming that all related legal and regulatory requirements pertaining to the request have been thoroughly checked, including the impact of such request on the licensee’s financial position and compliance status, and a reference must be made to any previously approved arrangements by the CBB. In cases where the requests have a potential financial impact on the licensee, a report from the financial control function in consultation with external auditors must also be submitted as part of the compliance assessment report, whereas in case of any legal implication of such a request a legal opinion on the matter must be submitted;
                (h) Act as a contact point within the licensee for compliance queries from staff members; and
                (i) Have sufficient and appropriate resources to carry out its functions effectively, commensurate with the size and complexity of the licensee.
                Added: April 2023

              • HC-9.1.9

                The compliance function staff must:

                (a) Have the necessary qualifications, experience and professional and personal qualities to enable them to carry out their specific duties;
                (b) Have a sound understanding of applicable laws, regulations and standards and their practical impact on the licensee’s business activities and operations; and
                (c) Be subject to regular and systematic training to remain up-to-date with developments in laws, regulations and standards.
                Added: April 2023

              • HC-9.1.10

                The CBB may at its own discretion communicate directly with the Head of Compliance to discuss issues of material concerns related to compliance risk.

                Added: April 2023

          • HC-10 HC-10 Internal Audit

            • HC-10.1 HC-10.1 Internal Audit

              • HC-10.1.1

                Conventional bank licensees must establish an effective and independent internal audit function (IAF).

                Added: April 2023

              • HC-10.1.2

                The Audit Committee remains ultimately responsible for the IAF regardless of whether internal audit activities are outsourced.

                Added: April 2023

              • HC-10.1.3

                The Board, Audit Committee and senior management must:

                (a) Promote a strong and robust internal control environment within the licensee;
                (b) Provide the IAF staff full and unconditional access to all files, records, data, documents, systems, properties, subsidiaries and overseas branches of the licensee;
                (c) Require that all internal audit findings and recommendations are resolved within a reasonable period of time to be set based on level and magnitude of risk;
                (d) Allocate sufficient annual budget to support the IAF’s activities and plans; and
                (e) Inform the IAF of new developments, initiatives, projects, products and operational changes.
                Added: April 2023

              • HC-10.1.4

                All Bahraini conventional bank licensees must have an internal audit charter which must be drawn up and reviewed annually by the head of internal audit and approved by the Board or Audit Committee. It must be available to all internal stakeholders, and to external stakeholders in case of a listed bank.

                Added: April 2023

              • HC-10.1.5

                The internal audit charter must establish, at a minimum:

                (a) The IAF’s standing within the licensee, its authority, responsibilities and relations with other control functions in a manner that promotes the effectiveness of the function;
                (b) The purpose and scope of the IAF;
                (c) The obligation of the internal auditors to communicate the results of their engagements and a description of how and to whom this must be done (reporting line);
                (d) The criteria for when and how the IAF may outsource some of its engagements to external experts;
                (e) The terms and conditions according to which the IAF can be called upon to provide consulting or advisory services or to carry out other special tasks without creating a conflict with its core function;
                (f) The responsibility and accountability of the head of internal audit;
                (g) The requirement to comply with the international standard on internal audit issued by The Institute of Internal Auditor; and
                (h) Procedures for the coordination of the IAF with the external auditor.
                Added: April 2023

              • HC-10.1.6

                The IAF must:

                (a) Be independent of all functions;
                (b) Have sufficient standing and authority within the licensee;
                (c) Have sufficient skilled resources to be able to judge outcomes and make an impact at the highest level of the organization;
                (d) Be able to perform its assignments on its own initiative in all areas and functions of the licensee based on the audit plan established by the head of the IAF and approved by the audit committee;
                (e) Be free to report its findings and assessments internally;
                (f) Independently review and evaluate the effectiveness and efficiency of all functions, internal controls, risk management, internal risk and finance models, governance framework, policies, procedures, systems and processes, including the licensee’s outsourced activities and its subsidiaries (including SPVs) and local and overseas branches, and must ensure adequate coverage of matters of regulatory interest within the audit plan;
                (g) Develop an independent and informed view of the risks faced by the licensee based on its access to all licensee records and data, its enquiries and its professional competence;
                (h) Discuss its views, findings and conclusions directly with the audit committee and, if necessary, with the board of directors at their routine quarterly meetings; and
                (i) Not be involved in designing, selecting, implementing or operating specific internal control measures. However, the independence of the IAF must not prevent senior management from requesting input from the IAF on matters related to risk and internal controls. Nevertheless, the development and implementation of internal controls must remain the responsibility of management.
                Added: April 2023

              • HC-10.1.7

                Licensees must appoint a head of internal audit who shall:

                (a) Report directly to the Audit Committee and administratively to the CEO;
                (b) Demonstrate appropriate leadership and have the necessary personal characteristics and professional skills to fulfil his responsibility for maintaining the function’s independence and objectivity;
                (c) Inform senior management of all significant findings so that timely corrective actions can be taken, and subsequently, he must follow up with senior management on the outcome of those corrective measures;
                (d) Report quarterly to the Audit Committee the status of pending findings;
                (e) Arrange appropriate ongoing training for the internal audit staff to meet the growing technical complexity of the conventional bank licensee’s activities and the increasing diversity of tasks that need to be undertaken as a result of the introduction of new products and processes and other developments in the financial sector;
                (f) Establish an annual internal audit plan approved by the audit committee. The plan must be based on a robust risk assessment, including direct or indirect input from the board, audit committee and senior management;
                (g) Develop and maintain appropriate tools to assess the quality of the IAF; and
                (h) Define, in a banking group structure, the group’s internal audit strategy, determine the organisation of the internal audit function both at the parent’s and the subsidiary’s level (in consultation with these entities’ respective audit committees and in accordance with local laws) and formulate the internal audit principles, the audit methodology and quality assurance measures. He must also determine the audit scope for every internal audit exercise, by the parent’s internal audit function, for every subsidiary on an annual basis in compliance with local regulations and incorporate local knowledge and experience.
                Added: April 2023

              • HC-10.1.8

                The head of IAF should, whenever practicable and without jeopardising competence and expertise, periodically rotate internal audit staff within the internal audit function.

                Added: April 2023

              • HC-10.1.9

                The CBB may at its own discretion communicate directly with the head of the IAF to discuss issues of material concerns related to risks, compliance and internal controls.

                Added: April 2023

              • HC-10.1.10

                Internal audit reports must be provided to the audit committee without management filtering.

                Added: April 2023

              • HC-10.1.11

                All internal audit staff must:

                (a) Apply the care and skills expected of a reasonably prudent and competent professional. Due professional care does not imply infallibility. Internal auditors having limited competence and experience in a particular area must be appropriately supervised by more experienced staff;
                (b) Avoid conflicts of interest. Internal auditors appointed from within the licensee must not engage in auditing activities for which they have had previous responsibility before a one year “cooling off” period has elapsed;
                (c) Act with integrity (being straightforward, honest and truthful);
                (d) Be diligent in the protection of information acquired in the course of their duties and must not use it for personal gain or malicious action;
                (e) Adhere to the code of ethics of the licensee, the institute of internal auditors and any other relevant professional or standard setting body;
                (f) Collectively be competent to examine all areas in which the licensee operates; and
                (g) Adhere to international professional standards established by the institute of internal auditors.
                Added: April 2023

      • Part Two: Branches of Foreign Banks

        • HC-C Scope of Application (Branches of Foreign Banks)

          • HC-C.1 Scope of Application

            • HC-C.1.1

              This chapter applies to branches of foreign bank licensees who should satisfy the CBB that equivalent or similar arrangements are in place at either the branch or the parent entity level, and that such arrangements provide for effective high-level controls over activities conducted by the branch, commensurate with the size, complexity, nature and the risk profile of the branch. If the branch is unable to satisfy the CBB that the governance arrangements are equivalent, the CBB will assess the potential impact of risks and require that the licensee satisfies that compensating alternative arrangements are in place to address any risks relevant to the Bahrain operations.

              Added: January 2024

        • HC-11 Responsibilities, Corporate Culture and Values

          • HC-11.1 Overall Responsibilities, Corporate Culture and Values

            • HC-11.1.1

              The licensee must have in place:

              (a) A sound and proper corporate and risk culture and values;
              (b) Strategy, business plan and budget;
              (c) An appropriate framework of governance and risk management, inclusive of risk appetite, policies, procedures, systems and internal controls which must be reviewed in case a major new business activity is considered, or in case of material changes to the licensee’s size, complexity, business strategy, markets or regulatory requirements, or the occurrence of a major failure of controls;
              (d) Adequate processes to ensure full compliance with the requirements of the CBB Law, other relevant laws and the pertinent rulebooks;
              (e) A robust finance function responsible for accounting and financial data;
              (f) Properly positioned risk management, compliance and internal audit functions which are adequately staffed and resourced and carry out their responsibilities independently, objectively and effectively;
              (g) An effective and transparent relationship with the CBB;

              (h) An appropriate code of conduct/ethics that must:

              i. outline the acceptable practices that all senior management and other staff must follow in performing their duties, and the unacceptable practices/conduct that must be avoided;
              ii. include the corporate values that create expectations that the business must be conducted in a legal, professional and ethical manner, and oversee the adherence to such values by senior management and other employees;
              iii. promote risk awareness within a strong risk culture, that does not support risk-taking beyond the risk appetite and risk limits of the licensee, and that all employees are responsible for ensuring that the licensee operates within the established risk appetite and risk limits;
              iv. ensure that the code, corporate values and professional standards it sets, together with supporting policies, are adequately communicated throughout the licensee; and
              v. ensure that all senior management and other staff are aware that appropriate disciplinary or other actions will follow unacceptable behaviour, practices and transgressions.

              (i) An approved and well communicated whistleblowing policy and adequate procedures and processes, consistent with applicable laws. Such policy must encourage employees to communicate, confidentially and without the risk of reprisal, legitimate concerns about illegal, unethical or questionable practices, and must include the escalation process of material concerns to the CBB. The CEO of the Branch must:

              i. have oversight of the whistleblowing policy mechanism and ensure that senior management addresses legitimate issues that are raised;
              ii. take responsibility for ensuring that staff who raise concerns are protected from detrimental treatment or reprisals, and that their rights are not undermined;
              iii. approve and oversee how and by whom legitimate material concerns shall be investigated and addressed such as by an objective and independent internal or external body, senior management; and
              iv. ensure that, after verifying the validity of the allegations, the person responsible for any misconduct is held accountable and is subjected to an appropriate disciplinary measure.

              (j) A conflict of interest policy on identifying and managing potential conflicts of interest related to all approved persons. The policy must include:

              i. An approved person’s duty to:

              1. Avoid, to the extent possible, activities that could create conflicts of interest or the appearance of conflicts of interest. An approved person shall be considered to have a “personal interest” in a transaction with a company if they themselves, or a member of their family (i.e. spouse, father, mother, sons, daughters, brothers or sisters), or another company of which they are a director or controller, are a party to the transaction or have a material financial interest in the transaction or are expected to derive material personal benefit from the transaction (transactions and interests which are de minimis in value should not be included);
              2. Promptly disclose any matter that may result, or has already resulted, in a conflict of interest;
              3. Abstain from getting involved in or voting on any matter where they may have a conflict of interest or where their objectivity or ability to properly fulfil duties to the licensee may be otherwise compromised. Any decision to enter into a transaction in which an approved person appears to have a material conflict of interest must be formally approved by the Regional Office or Head Office;
              4. Act with honesty, integrity and care for the best interest of the licensee and its stakeholders;
              5. Not use properties of the licensee for their personal needs;
              6. Not misuse or misappropriate the licensee’s assets or resources;
              7. Not disclose confidential information of the licensee or use it for their personal profit or interest;
              8. Make every practicable effort to arrange their personal and business affairs to avoid a conflict of interest with the licensee;
              9. Not take business opportunities of the licensee for themselves; and
              10. Not compete in business with the licensee or serve the licensee’s interest in any transaction with a company in which they have a personal interest.
              ii. Examples of where conflict of interest may arise when serving as an approved person;
              iii. A rigorous review and approval process for approved persons to follow before they engage in certain activities so as to ensure that such activity will not create a conflict of interest;
              iv. Adequate requirements that transactions with related parties must be made on an arm’s length basis;
              v. Sufficient restrictions on and/or a robust and transparent process for the employment of relatives of approved persons;
              vi. Requirements for properly managing and disclosing conflict of interest that cannot be prevented;
              vii. Requirements for all approved persons to annually declare in writing all their other interests in other enterprises or activities (whether as a shareholder of above 5% of the voting capital of a company, a manager or other form of significant participation) to the Regional Office or Head Office;
              viii. The way in which the Licensee will deal with any non-compliance with the policy; and
              ix. The CEO/General Manager of the licensee must disclose to the Regional Office or Head Office on an annual basis those individuals who are occupying controlled functions and who are relatives of any approved persons within the licensee.
              Added: January 2024

          • HC-11.2 Senior Management

            • HC-11.2.1

              The licensee must have an adequate organisational structure that promotes accountability and transparency and facilitates effective decision-making and good governance. This includes clarity on the role, authority and responsibility of the various positions within senior management, including that of the CEO.

              Added: January 2024

            • HC-11.2.2

              Senior management must:

              (a) be selected through an appropriate promotion or recruitment process which considers the qualifications and competencies required for the position in question;
              (b) have the necessary experience, competencies, personal qualities and integrity to manage the business and the employees under their supervision;
              (c) be subject to regular training to maintain and enhance their competencies and stay up to date on developments relevant to their areas of responsibility;
              (d) assess the training needs of staff across all levels throughout the organisation taking into account the existing skills, competencies, laws and regulations and ensure that such training is provided by competent and skilled personnel (whether internal or external);
              (e) act within the scope of their responsibilities which must be clearly defined;
              (f) independently assess and question the policies, processes and procedures of the licensee, with the intent to identify and initiate management action on issues requiring improvement;
              (g) not interfere in the independent duties of the risk management, compliance and internal audit functions;
              (h) carry out and manage the licensee’s activities in compliance with all laws and regulations, and in a manner consistent with the business strategy, risk appetite, business plan and policies approved by the Regional Office/Head Office;
              (i) have a robust governance framework for all management committees;
              (j) not primarily control the remuneration system within the licensee;
              (k) actively communicate and consult with the control functions on management’s major plans and activities so that the control functions can effectively discharge their responsibilities; and

              (l) provide the Regional Office/Head Office with timely, complete, accurate and understandable information and documents so that they are equipped for upholding their responsibilities, and keep them adequately informed and updated on a timely basis about material issues including:

              i. Changes in the implementation of business strategy, risk strategy and risk appetite;
              ii. The licensee’s performance and financial condition;
              iii. Breaches of risk limits or regulations;
              iv. Internal control failures, frauds and cyber-security incidents;
              v. Legal or regulatory concerns;
              vi. Customer complaints; and
              vii. Issues raised as a result of the licensee’s whistleblowing policy.
              Added: January 2024

            • HC-11.2.3

              The licensee’s CEO and Chief Financial Officer must state in writing to the Regional Office/Head Office that the licensee’s interim (if any) and annual financial statements present a true and fair view, in all material respects, of the licensee’s financial condition and results of operations in accordance with applicable accounting standards.

              Added: January 2024

          • HC-11.3 Other Governance Requirements

            • HC-11.3.1

              Branches of foreign bank licensees are required to comply with chapters HC-6, HC-8, HC-9 and HC-10 of part 1 of this Module.

              Added: January 2024

    • AU AU Auditors and Accounting Standards

      • AU-A AU-A Introduction

        • AU-A.1 AU-A.1 Purpose

          • AU-A.1.1

            This Module presents requirements that have to be met by conventional bank licensees with respect to the appointment of external auditors. This Module also sets out certain obligations that external auditors have to comply with, as a condition of their appointment by conventional bank licensees.

            October 07

          • AU-A.1.2

            This Module is issued under the powers given to the Central Bank of Bahrain ('CBB') under Decree No. (64) of 2006 with respect to promulgating the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). It supplements Article 61 of the CBB Law, which requires licensees to appoint an external auditor acceptable to the CBB.

            October 07

          • Legal Basis

            • AU-A.1.3

              This Module contains the CBB's Directive (as amended from time to time) relating to auditors and accounting standards used by conventional bank licensees, and is issued under the powers available to the CBB under Article 38 of the CBB Law. The Directive in this Module is applicable to all conventional bank licensees.

              Amended: January 2011
              October 2007

            • AU-A.1.4

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              October 07

        • AU-A.2 AU-A.2 Module History

          • AU-A.2.1

            This Module was first issued as Module AU (Audit Firms) in July 2004, as part of the first release of Volume 1 (conventional banks) of the CBB Rulebook. It was subsequently reissued in full in July 2006 (and renamed 'Auditors and Accounting Standards').

            October 07

          • AU-A.2.2

            The reissued Module was one of several Modules modified to reflect the introduction of the CBB's new integrated license framework. Although the new framework did not change the substance of the requirements contained in this Module, the Module was re-issued in order to simplify its drafting and layout and align it with equivalent Modules in other Volumes of the CBB Rulebook.

            October 07

          • AU-A.2.3

            This Module is dated July 2006. Pages that are subsequently changed in this Module are updated with the end-calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            October 07

          • AU-A.2.4

            When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 1 was updated in October 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

            October 07

          • AU-A.2.5

            A list of changes made to this Module is provided below:

            Module Reference Change Date Description of Changes
            Whole Module July 2006 Module renamed as Module AU (Auditors and Accounting Standards). Text redrafted but substance of requirements left unchanged.
            AU-A.1 10/2007 New Rule AU-A.1.3 introduced, categorising this Module as a Directive.
            AU-1.2 10/2007 Rule AU-1.2.3 redrafted to clarify reporting obligation.
            AU-1.5 10/2007 Paragraphs AU-1.5.4 and AU-1.5.6 updated to reflect CBB Law requirements on auditor independence.
            AU-3.1 01/2009 Paragraph AU-3.1.1 updated in respect of agreed upon procedures report for review of PIR by external auditors.
            AU-5 01/2009 New Chapter inserted for the role of the reporting accountant.
            AU-5.1 10/2009 Clarification of fee arrangements for reporting accountants.
            AU-A.1.3 01/2011 Clarified legal basis.
            AU-1.1, AU-1.2, AU-1.5, AU-2.1, AU-3 and AU-5 01/2011 Various minor amendments made for consistency in formatting
            AU-3.5 01/2011 Added new Section on report on material differences to be in line with Volume 2.
            AU-3.3.2 04/2011 Added cross reference to Module FC and clarified due date of report.
            AU-3.5.1 04/2011 Corrected name of return.
            AU-3.2 10/2011 Clarification of existing requirement for the Agreed Upon Procedures Report and setting a deadline for the submission of the report.
            AU-5 10/2011 Chapter amended and content moved to Section BR-6.5 and retitled as Role of the Appointed Expert.
            AU-2.2.1 04/2012 Corrected cross reference.
            AU-1.3.1 07/2013 Removed potential exemption regarding audit partner rotation.
            AU-3.2.1 07/2013 Removed potential exemption for external auditor to review published financial disclosures prior to their publication.
            AU-3.3.1 07/2013 Clarified that an approved consultancy firm can also provide the report on compliance with financial crime rules required under Section FC-4.3.
            AU-4.1.2 07/2013 Corrected typo.
            AU-4.1.3 07/2013 Changed Guidance to Rule.
            AU-3.6 01/2014 New Section added dealing with the report on compliance with remuneration rules.
            AU-3.5.1 04/2014 Removed reference to monthly statements of assets and liabilities.
            AU-3.7 04/2014 New Section added on the Report on Eligible Accounts for the Deposits/Unrestricted Investment Accounts Protection Funds
            AU-1.1.1A 07/2014 Added guidance clarifying the information required when seeking the CBB's approval for appointment or re-appointment of the external auditor.
            AU-3.6 07/2014 Where a conventional bank licensee has no approved persons or material risk-takers whose total annual remuneration is in excess of BD100,000, the report on compliance with remuneration rules need not be completed by the external auditor.
            AU-1.5.4 10/2014 Clarified wording of guidance.
            AU-3.1.3 04/2015 Existing exemptions in respect of PIR review will cease as at 31st December 2014 for all Bahraini conventional bank licensees.
            AU-3.6.1 07/2015 Clarified that the external auditor or an approved consultancy firm can also provide the report on the bank's compliance with the remuneration Rules outlined in Chapter HC-5.
            AU-3.2.4 01/2016 Aligned as per the requirements of Module BR.
            AU-3.2.3 07/2017 Amended agreed upon procedures report submission deadline.
            AU-1.5.1 04/2019 Deleted Paragraph on Financial Transactions with Auditor.
            AU-B.1.2 04/2020 Amended Paragraph.
            AU-1.1.4 04/2020 Amended Paragraph.
            AU-1.5.5 04/2020 Amended Paragraph.
            AU-3.2.1 04/2020 Amended Paragraph.
            AU-4.1.1 04/2020 Amended Paragraph.
            AU-3.3.2 07/2021 Amended Paragraph.
            AU-1.1.1 10/2022 Amended Paragraph on auditor’s appointment period.

      • AU-B AU-B Scope of Application

        • AU-B.1 AU-B.1 Conventional Bank Licensees

          • AU-B.1.1

            The contents of this Module – unless otherwise stated – apply to all conventional bank licensees.

            October 07

          • AU-B.1.2

            The contents of Chapters AU-1 to AU-4 apply to both Bahraini conventional bank licensees and branches of foreign bank licensees.

            Amended: April 20
            Added: October 07

        • AU-B.2 AU-B.2 Auditors

          • AU-B.2.1

            Certain requirements in this Module indirectly extend to auditors, by virtue of their appointment by conventional bank licensees. Auditors appointed by conventional bank licensees must be independent (cf. Sections AU-1.4 and AU-1.5). Auditors who resign or are otherwise removed from office are required with their licensees to inform the CBB in writing of the reasons for the termination of their appointment (cf. Sections AU-1.2). Other requirements are contained in Sections AU-1.3 (Audit partner rotation) and AU-3 (Auditor reports).

            October 07

      • AU-1 AU-1 Auditor Requirements

        • AU-1.1 AU-1.1 Appointment of Auditor

          • AU-1.1.1

            Conventional bank licensees must obtain prior written approval from the CBB before appointing or re-appointing their auditor, within 4 months of their financial year-end.

            Amended: October 2022
            Amended: January 2011
            October 2007

          • AU-1.1.1A

            When seeking the CBB's approval for the appointment or re-appointment of the external auditor, the request for approval should specify the name of the audit firm, the name of the responsible partner, as well as the year which the responsible partner was initially appointed by the conventional bank licensee.

            Added: July 2014

          • AU-1.1.2

            As the appointment of auditors normally takes place during the course of the firm's annual general meeting, conventional bank licensees should notify the CBB of the proposed agenda for the annual general meeting in advance of it being circulated to shareholders. The CBB's approval of the proposed auditor does not limit in any way shareholders' rights to subsequently reject the Board's choice.

            Amended: January 2011
            October 2007

          • AU-1.1.3

            The CBB, in considering the proposed (re-) appointment of an auditor, takes into account the expertise, resources and reputation of the audit firm, relative to the size and complexity of the licensee. The CBB will also take into account the track record of the audit firm in auditing conventional bank licensees within Bahrain; the degree to which it has generally demonstrated independence from management in its audits; and the extent to which it has identified and alerted relevant persons of significant matters. Finally, the CBB will also consider the audit firm's compliance with applicable laws and regulations (including legislative Decree No. 26 of 1996; the Ministry of Industry and Commerce's Ministerial Resolution No. 6 of 1998; and relevant Bahrain Stock Exchange regulations).

            October 07

          • AU-1.1.4

            In the case of branches of foreign bank licensees, the CBB will also take into account who acts as the auditor of the parent firm. As a general rule, the CBB does not favour different parts of a banking firm or group having a different auditor.

            Amended: April 2020
            Amended: January 2011
            Added: October 2007

        • AU-1.2 AU-1.2 Removal or Resignation of Auditor

          • AU-1.2.1

            Conventional bank licensees must notify the CBB as soon as they intend to remove their auditor, or if their auditor intends to resign, with an explanation of their decision, or as soon as their auditor resigns.

            Amended: January 2011
            October 2007

          • AU-1.2.2

            Conventional bank licensees must ensure that a replacement auditor is appointed (subject to the CBB approval as per Section AU-1.1), as soon as reasonably practicable after a vacancy occurs, but no later than three months.

            October 07

          • AU-1.2.3

            In accordance with the powers granted to CBB under Article 63 of the CBB Law, auditors of conventional bank licensees and their licensees must inform the CBB in writing, should they resign or their appointment as auditor be terminated, within 30 calendar days, of the event occurring, setting out the reasons for the resignation or termination.

            October 07

        • AU-1.3 AU-1.3 Audit Partner Rotation

          • AU-1.3.1

            Conventional bank licensees must ensure that the audit partner responsible for their audit does not undertake that function more than five years in succession.

            Amended: July 2013
            October 07

          • AU-1.3.2

            Conventional bank licensees must notify the CBB of any change in audit partner.

            October 07

        • AU-1.4 AU-1.4 Auditor Independence

          • AU-1.4.1

            Article 61(d) of the CBB Law imposes conditions for the auditor to be considered independent. Before a conventional bank licensee appoints an auditor, it must take reasonable steps to ensure that the auditor has the required skill, resources and experience to carry out the audit properly, and is independent of the licensee.

            October 07

          • AU-1.4.2

            For an auditor to be considered independent, it must, among other things, comply with the restrictions in Section AU-1.5.

            October 07

          • AU-1.4.3

            If a conventional bank licensee becomes aware at any time that its auditor is not independent, it must take reasonable steps to remedy the matter and notify the CBB of the fact.

            October 07

          • AU-1.4.4

            If in the opinion of the CBB, independence has not been achieved within a reasonable timeframe, then the CBB may require the appointment of a new auditor.

            October 07

        • AU-1.5 AU-1.5 Licensee/Auditor Restrictions

          • [This Subsection was deleted in April 2019].

            • AU-1.5.1

              [This Paragraph was deleted in April 2019].

              Deleted: April 2019
              Amended: January 2011
              October 2007

          • Outsourcing to Auditor

            • AU-1.5.2

              Section OM-3.7 generally prohibits conventional bank licensees from outsourcing their internal audit function to the same firm that acts as their external auditor. However, the CBB may allow short-term outsourcing of internal audit operations to a conventional bank licensee's external auditor, to meet unexpected urgent or short-term needs (for instance, on account of staff resignation or illness). Any such arrangement will normally be limited to a maximum period of one year and is subject to the CBB prior approval.

              Amended: January 2011
              October 2007

          • Other Relationships

            • AU-1.5.3

              Conventional bank licensees and their auditor must comply with the restrictions contained in Article 217 (c) of the Commercial Companies Law (Legislative Decree No. (21) of 2001), as well as in Article 61(d) of the CBB Law.

              Amended: January 2011
              October 2007

            • AU-1.5.4

              Article 217(c) of the Commercial Companies Law prohibits an auditor from (i) being the chairman or a member of the Board of Directors of the company he/she audits; (ii) holding any managerial position in the company he/she audits; and (iii) acquiring any shares in the company he/she audits, or selling any such shares he/she may already own, during the period of his audit. Article 61(d) of the CBB Law prohibits an auditor from (i) being the chairman or a member of the Board of Directors of the company he/she audits; (ii) holding any managerial position in the company he/she audits; and (iii) acquiring any shares in the company he/she audits, or selling any such shares he/she may already own, during the period of his audit. Furthermore, the auditor must not be a relative (up to the second degree) of a person assuming management or accounting duties in the company.

              Amended: October 2014
              October 07

            • AU-1.5.5

              The restrictions in Paragraph AU-1.5.3 apply to branches of foreign bank licensees as well as Bahraini conventional bank licensees.

              Amended: April 2020
              Amended: October 2011
              Added: October 2007

            • AU-1.5.6

              A partner, Director or manager on the engagement team of auditing a conventional bank licensee may not serve on the Board or in a controlled function of the licensee, for two years following the end of their involvement in the audit, without prior authorisation of the CBB.

              October 07

            • AU-1.5.7 [deleted]

              [This Guidance was deleted in January 2011].

          • Definition of 'Auditor'

            • AU-1.5.8

              For the purposes of Section AU-1.5, 'auditor' means the partners, Directors and managers on the engagement team responsible for the audit of the conventional bank licensee.

              October 07

      • AU-2 AU-2 Access

        • AU-2.1 AU-2.1 CBB Access to Auditor

          • AU-2.1.1

            Conventional bank licensees must waive any duty of confidentiality on the part of their auditor, such that their auditor may report to the CBB any concerns held regarding material failures by the conventional bank licensee to comply with the CBB requirements.

            Amended: January 2011
            October 2007

          • AU-2.1.2

            The CBB may, as part of its on-going supervision of conventional bank licensees, request meetings with a licensee's auditor. If necessary, the CBB may direct that the meeting be held without the presence of the licensee's management or Directors.

            Amended: January 2011
            October 2007

        • AU-2.2 AU-2.2 Auditor Access to Outsourcing Providers

          • AU-2.2.1

            Rule OM-3.5.1 (c) on outsourcing agreements between conventional bank licensees and outsourcing providers requires licensees to ensure that their internal and external auditors have timely access to any relevant information they may require to fulfil their responsibilities. Such access must allow them to conduct on-site examinations of the outsourcing provider, if required.

            Amended: April 2012
            October 07

      • AU-3 AU-3 Auditor Reports

        • AU-3.1 AU-3.1 Review of Quarterly Prudential Information Returns

          • AU-3.1.1

            Conventional bank licensees must arrange for their auditor to review the licensee's quarterly Prudential Information Returns to the CBB, prior to their submission, unless otherwise exempted in writing by the CBB. The review must be made in the form of an Agreed Upon procedures Report (as outlined in BR-3).

            Amended January 2011
            Amended January 2009
            October 2007

          • AU-3.1.2

            Conventional bank licensees are required to submit a quarterly Prudential Information Return (PIR). Conventional bank licensees may apply in writing to CBB for an exemption from the requirement that the PIR be reviewed by the licensee's external auditor: this exemption would normally only be given where the licensee had established a track record of accurate and timely reporting, and there were no other supervisory issues of concern. Further details on the CBB's reporting and related requirements, including the precise scope of the auditor's review and attestation, are contained in Module BR (The CBB Reporting).

            Amended: January 2011
            October 2007

          • AU-3.1.3

            For Bahraini conventional bank licensees, all existing exemptions in respect of PIR review as at 31st December 2014 will cease.

            Added: April 2015

        • AU-3.2 AU-3.2 Review of Financial Disclosures

          • AU-3.2.1

            Conventional bank licensees that are required to publish financial disclosures in accordance with Chapters PD-2 and PD-3 must arrange for their external auditor to review these prior to their publication.

            Amended: July 2013
            Amended: January 2011
            October 2007

          • AU-3.2.2

            Chapter PD-2 requires branches of foreign bank licensees operating as retail banks to publish on a semi-annual basis summary information on their balance sheet and profit and loss account, in the same format as their annual audited accounts. Chapter PD-3 requires all locally incorporated conventional bank licensees to publish quarterly financial statements, in accordance with International Accounting Standard 34 (Interim Financial Reporting).

            Amended: April 20
            Added: October 07

          • AU-3.2.3

            Locally incorporated banks must arrange for their external auditor to review the annual disclosures required in Module PD, Section PD-1.3 and Chapter PD-6, prior to their submission to the CBB or their publication. This review must be in the form of an agreed- upon procedures report (see also PD-A.2.4). The report must be submitted to the CBB within 4 months of the year end of the concerned bank (see also Paragraph BR-1.1.3).

            Amended: July 2017
            Added: October 2011

          • AU-3.2.4

            Locally incorporated banks must arrange for their external auditor to review the disclosures in the half-yearly financial statements required by Module PD, Paragraph PD-3.1.6 prior to their submission to the CBB or their publication. This review must be in the form of an agreed upon procedure report. This report must be submitted to the CBB within 2 months of the end of the half-year reporting period of the concerned bank (see also Section BR-2.2).

            Amended: January 2016
            Added: October 2011

        • AU-3.3 AU-3.3 Report on Compliance with Financial Crime Rules

          • AU-3.3.1

            Conventional bank licensees must arrange for their external auditor or a consultancy firm approved by the CBB as per Paragraphs FC-4.3.2 and FC-4.3.2A, to report on the licensee's compliance with the requirements contained in Module FC (Financial Crime), at least once a year.

            Amended: July 2013
            Amended: January 2011
            October 2007

          • AU-3.3.2

            The report specified in Rule AU-3.3.1 must be in the form agreed by the CBB, and must be submitted to the Compliance Directorate at the CBB by the 30th of June of the following year (See Paragraph FC-4.3.5).

            Amended: July 2021
            Amended: April 2011
            Added: October 07

          • AU-3.3.3

            The context to the above requirement can be found in Section FC-4.3.

            October 07

        • AU-3.4 AU-3.4 Review and Validation of Internal Models

          • AU-3.4.1

            Conventional bank licensees seeking the CBB approval for their use of internal models for the calculation of regulatory capital requirements, must arrange for their external auditor to validate the soundness of the model concerned. This external review must be undertaken at least once a year, unless otherwise exempted in writing by the CBB.

            Amended: January 2011
            October 2007

          • AU-3.4.2

            Before granting its approval for Bahraini conventional banks to use internal models for the measurement of market risk in the context of regulatory capital calculations, the CBB requires such models to be validated by both the internal and external auditors of the bank (see Chapter CA-9). The CBB will review the validation procedures performed by the internal and external auditors, and may independently carry out further validation procedures.

            Amended: January 2011
            October 2007

          • AU-3.4.3

            The specific requirements and procedures for external validation of models are contained in Section CA-9.8.

            October 07

          • AU-3.4.4

            Exemptions from the external validation requirement are normally only given where a track record of satisfactory validations has been developed over several years, and where the CBB has no other material supervisory concerns regarding the licensee concerned.

            October 07

        • AU-3.5 AU-3.5 Report on Material Differences

          • AU-3.5.1

            Conventional bank licensees must arrange for their external auditor to provide to the CBB explanations for any material differences in data reported in the bank's audited or reviewed accounts and in the Prudential Information Returns (PIR).

            Amended: April 2014
            Amended: April 2011
            Added: January 2011

        • AU-3.6 AU-3.6 Report on Compliance with Remuneration Rules

          • AU-3.6.1

            Unless specifically excluded in accordance with Paragraph AU-3.6.3, conventional bank licensees must arrange for their external auditor or a consultancy firm approved by the CBB as per Paragraph BR-4A.3.2, to report on the bank's compliance with the requirements contained in Chapter HC-5, at least once a year.

            Amended: July 2015
            Amended: July 2014
            Added: January 2014

          • AU-3.6.2

            The report specified in Rule AU-3.6.1 must be in the form agreed by the CBB, and must be submitted by the bank to the supervisory point of contact at the CBB when the audited financial statements are submitted, i.e. within 3 months of the bank's year end (See Section BR-4A.3).

            Amended: July 2014
            Added: January 2014

          • AU-3.6.3

            Where a conventional bank licensee has no:

            (a) Approved persons; or
            (b) Material risk-takers

            whose total annual remuneration (including all benefits) is in excess of BD100,000, Paragraph AU-3.6.1 does not apply. In this instance, an annual notification must be sent to the CBB once it is determined that this situation applies.

            Added: July 2014

        • AU-3.7 AU-3.7 Report on Eligible Accounts for the Deposits/Unrestricted Investment Accounts Protection Funds

          • AU-3.7.1

            Conventional bank licensees must arrange for their external auditor to confirm the accuracy of the data reported on the Eligible accounts report for the deposits/unrestricted investment account protection funds (Appendix BR-16) as required under Paragraph BR-1.4.2.

            Added: April 2014

          • AU-3.7.2

            The report from the external auditor required under Paragraph AU-3.7.1 must be submitted to the CBB at the same time as the due date for Appendix BR-16, that is, two months after the financial year end.

            Added: April 2014

      • AU-4 AU-4 Accounting Standards

        • AU-4.1 AU-4.1 General Requirements

          • AU-4.1.1

            Conventional bank licensees must comply with International Financial Reporting Standards / International Accounting Standards.

            October 07

          • AU-4.1.2

            Branches of foreign bank licensees that do not, at the parent company level, apply IFRS/IAS are still required under Paragraph AU-4.1.1 to produce pro-forma accounts for the Bahrain branch in conformity with these standards. Where this requirement is difficult to implement, the overseas conventional bank licensee should contact the CBB in order to agree a solution.

            Amended: April 2020
            Amended: July 2013
            Added: October 07

          • AU-4.1.3

            Paragraph AU-4.1.1 requires conventional bank licensees that maintain Islamic 'windows' or units to apply relevant AAOIFI Financial Accounting Standards, depending on the type of Islamic finance contracts entered into. In particular, attention is drawn to AAOIFI Financial Accounting Standard 18, 'Islamic Financial Services Offered by Conventional Financial Institutions'.

            Amended: July 2013
            October 07

      • AU-5 AU-5 Role of External Auditor as Appointed Expert

        • AU-5.1 AU-5.1 General Requirements

          • AU-5.1.1

            In accordance with Articles 114 and 121 of the CBB Law, the CBB may appoint appointed experts to undertake on-site examinations or report by way of investigations on specific aspects of a bank's business. External auditors may be called upon to be appointed experts and should be aware of their role in that capacity by referring to Section BR-6.5.

            [The Rules and Guidance in this Section were moved to Section BR-6.5 in October 2011].

            Amended October 2011
            Added January 2009

          • AU-5.1.2

            The purpose of the contents of this chapter is to set out the roles and responsibilities of reporting accountants when appointed pursuant to Article 114 of the CBB Law (see EN-7.1.1). This Article empowers the CBB to assign some of its officials or others to inspect licensees' or listed companies' businesses.

            Added January 2009

          • AU-5.1.3

            The CBB uses its own inspectors to undertake on-site examinations of licensees as an integral part of its regular supervisory efforts. In addition, the CBB may commission reports on matters relating to the business of licensees in order to help it assess their compliance with CBB requirements, as contained in Article 114 of the CBB Law. Such inspections may be carried out either by the CBB's own officials, by duly qualified "Reporting Accountants" appointed for the purpose by the CBB, or a combination of the two. Article 111 requires licensees to make available to the CBB's inspectors, their books and other records, and to provide all relevant information within the time limits deemed reasonable.

            Amended January 2011
            Added January 2009

          • AU-5.1.4

            Banks must provide all relevant information and assistance to reporting accountants on demand as required by Articles 111 and 114 of the CBB Law. Failure by licensees to cooperate fully with the CBB's inspectors or reporting accountants, or to respond to their examination reports within the time limits specified, will be treated as demonstrating a material lack of cooperation with the CBB which will result in other enforcement measures being considered, as described elsewhere in EN Module. This rule is supported by Article 114(a) of the CBB Law.

            Amended January 2011
            Added January 2009

          • AU-5.1.5

            Article 163 of the CBB Law provides for criminal sanctions where false or misleading statements are made to the CBB or any person /reporting accountant appointed by the CBB to conduct an inspection on the business of the licensee or the listed company.

            Amended January 2011
            Added January 2009

          • AU-5.1.6

            The CBB will not, as a matter of general policy, publicise the appointment of reporting accountants, although it reserves the right to do so where this would help achieve its supervisory objectives. Both the reporting accountants and the CBB are bound to confidentiality provisions restricting the disclosure of confidential information with regards to any such information obtained in the course of the investigation.

            Added January 2009

          • AU-5.1.7

            Unless the CBB otherwise permits, reporting accountants should not be the same firm appointed as external auditors of the bank.

            Amended January 2011
            Added January 2009

          • AU-5.1.8

            Reporting accountants will be appointed in writing, through an appointment letter, by the CBB. In each case, the CBB will decide on the range, scope and frequency of work to be carried out by reporting accountants.

            Amended January 2011
            Added January 2009

          • AU-5.1.9

            Reporting accountants will report directly to and be responsible to the CBB in this context and will specify in their report any limitations placed on them in completing their work (for example due to the relevant bank's group structure). The report produced by the reporting accountants is the property of the CBB (but is usually shared by the CBB with the firm concerned). The cost of the reporting accountant's work must be borne by the licensee concerned.

            Amended January 2011
            Amended October 2009
            Added January 2009

          • AU-5.1.10

            Compliance by reporting accountants with the contents of this chapter will not, of itself, constitute a breach of any other duty owed by them to a particular bank (i.e. create a conflict of interest).

            Added January 2009

          • AU-5.1.11

            The CBB may appoint one or more of its officials to work on the reporting accountants' team for a particular bank.

            Amended January 2011
            Added January 2009

        • AU-5.2 AU-5.2 The Required Report

          [The Rules and Guidance in this Section were moved to Section BR-6.5 in October 2011].

          • AU-5.2.1

            Commissioned reporting accountants would normally be required to report on one or more of the following aspects of a bank's business:

            (a) Accounting and other records;
            (b) Internal control systems;
            (c) Returns of information provided to the CBB;
            (d) Operations of certain departments; and/or
            (e) Other matters specified by the CBB.
            Amended January 2011
            Added January 2009

          • AU-5.2.2

            Reporting accountants will be required to form an opinion on whether, during the period examined, the bank is in compliance with the relevant provisions of the CBB Law and the CBB's relevant requirements, as well as other requirements of Bahrain Law and, where relevant, industry best practice locally and/or internationally.

            Amended January 2011
            Added January 2009

          • AU-5.2.3

            The reporting accountants' report must follow the format set out in Appendix AU 1.

            Amended January 2011
            Added January 2009

          • AU-5.2.4

            Unless otherwise directed by the CBB or unless the circumstances described in section AU 5.3 apply, the report should be discussed with board of directors and/or senior management in advance of its being sent to the CBB.

            Amended January 2011
            Added January 2009

          • AU-5.2.5

            Where the report is qualified by exception, the report should clearly set out the risks which the bank runs by not correcting the weakness, with an indication of the severity of the weakness should it not be corrected. Reporting accountants will be expected to report on the type, nature and extent of any weaknesses found during their work, as well as the implications of a failure to address and resolve such weaknesses.

            Added January 2009

          • AU-5.2.6

            If the reporting accountants conclude, after discussing the matter with the bank, that they will give a negative opinion (as opposed to one qualified by exception) or that the issue of the report will be delayed, they must immediately inform the CBB in writing giving an explanation in this regard.

            Amended January 2011
            Added January 2009

          • AU-5.2.7

            The report should be completed, dated and submitted, together with any comments by directors or management (including any proposed timeframe within which the bank has committed to resolving any issues highlighted by the report), to the CBB within the timeframe applicable.

            Amended January 2011
            Added January 2009

        • AU-5.3 AU-5.3 Other Notifications to the CBB

          [The Rules and Guidance in this Section were moved to Section BR-6.5 in October 2011].

          • AU-5.3.1

            Reporting accountants should communicate to the CBB, during the conduct of their duties, any reasonable belief or concern they may have that any of the requirements of the CBB, including the criteria for licensing a bank (see Module LR), are not or have not been fulfilled, or that there has been a material loss or there exists a significant risk of material loss in the concerned bank, or that the interests of customers are at risk because of adverse changes in the financial position or in the management or other resources of a bank. Notwithstanding the above, it is primarily the bank's responsibility to report such matters to the CBB.

            Amended January 2011
            Added January 2009

          • AU-5.3.2

            The CBB recognises that reporting accountants cannot be expected to be aware of all circumstances which, had they known of them, would have led them to make a communication to the CBB as outlined above. It is only when reporting accountants, in carrying out their duties, become aware of such a circumstance that they should make detailed inquiries with the above specific duty in mind.

            Amended January 2011
            Added January 2009

          • AU-5.3.3

            If reporting accountants decide to communicate directly with the CBB in the circumstances set out in paragraph AU 5.3.1 above, they may wish to consider whether the matter should be reported at an appropriate senior level in the bank at the same time and whether an appropriate senior representative of the bank should be invited to attend the meeting with the CBB.

            Amended January 2011
            Added January 2009

        • AU-5.4 AU-5.4 Permitted Disclosure by the CBB

          [The Rules and Guidance in this Section were moved to Section BR-6.5 in October 2011].

          • AU-5.4.1

            Information which is confidential and has been obtained under, or for the purposes of, this chapter or the CBB Law may only be disclosed by the CBB in the circumstances permitted under the Law. This will allow the CBB to disclose information to reporting accountants to fulfil their duties. It should be noted, however, that reporting accountants must keep this information confidential and not divulge it to a third party except with the CBB's permission and/or unless required by Bahrain Law.

            Amended January 2011
            Added January 2009

        • AU-5.5 AU-5.5 Trilateral Meeting

          [The Rules and Guidance in this Section were moved to Section BR-6.5 in October 2011].

          • AU-5.5.1

            The CBB may, at its discretion, call for a trilateral meeting(s) to be held between the Central Bank and representatives of the relevant bank and the reporting accountants. This meeting will provide an opportunity to discuss the reporting accountants' examination of, and report on, the bank.

            Amended January 2011
            Added January 2009

    • GR GR General Requirements

      • GR-A GR-A Introduction

        • GR-A.1 GR-A.1 Purpose

          • Executive Summary

            • GR-A.1.1

              The General Requirements Module presents a variety of different requirements that are not extensive enough to warrant their own stand-alone Module, but for the most part are generally applicable. These include general requirements on books and records; on the use of corporate and trade names; and on controllers. Each set of requirements is contained in its own Chapter: a table listing these and their application to licensees is given in Chapter GR-B.

              October 07

          • Legal Basis

            • GR-A.1.2

              This Module contains the Central Bank of Bahrain's ('CBB') Regulation No.(31) of 2008 and Directive (as amended from time to time) governing bank control and general requirements and is issued under the powers available to the CBB under Articles 38 and 52 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). The Module also contains requirements pertaining to controllers as prescribed under Resolution No.(43) of 2011 governing the conditions of granting a license for the provision of regulated services and is issued under the powers available to the CBB under Article 44(c). The requirements of Resolution No.(33) for the year 2012 with respect to the issuance of the Regulation setting the procedures for processing applications of banks to transfer financial services business in the Kingdom of Bahrain are included in Chapter GR-4. The Regulation, Resolutions and Directive in this Module are applicable to all conventional bank licensees.

              Amended: October 2012
              Amended: October 2011
              Adopted: January 2011

            • GR-A.1.3

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              Adopted: January 2011

        • GR-A.2 GR-A.2 Module History

          • Evolution of Module

            • GR-A.2.1

              This Module was first issued in July 2006, with immediate effect, as a new Module aimed at aligning the structure and contents of Volume 1 with other Volumes of the CBB Rulebook. All subsequent changes to this Module are annotated with the end-calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

              Amended: January 2014
              October 07

            • GR-A.2.2

              The October 2007 version incorporates the requirements relating to controllers, previously contained in Chapter HC-2 of the High-Level Controls Module. It also expands on certain requirements contained in the Central Bank of Bahrain and Financial Institutions Law (Decree No. 64 of 2006).

              October 07

            • GR-A.2.3

              A list of recent changes made to this Module is detailed in the table below:

              Module Ref.Change DateDescription of Changes
              GR-4, GR-5.4, GR-710/2007Administrative changes due to implementation of CBB Law. Revised notification deadlines etc.
              GR-110/2007This Chapter has been relocated to OM Module.
              GR-810/2007CBB Fees Chapter has been transferred to Module LR.
              GR-504/2008New notification and approval requirements in respect of "Controllers"
              GR-5.301/2010Revised approval threshold for controllers which are financial institutions.
              GR01/2011Various minor amendments to ensure consistency in CBB Rulebook.
              GR-A.1.2 and A.1.301/2011Added legal basis.
              GR-3.1.104/2011Clarified Rule pertaining to announcement of dividend.
              GR-4.1204/2011Deleted reference to outsourcing.
              GR-4.107/2011Regulation under consultation.
              GR-A.1.2 and GR-5.3.5A10/2011New reference added to reflect the issuance of Resolution No.(43) of 2011, and reference made to controllers.
              GR-3.110/2011Clarified guidance Paragraphs on CBB's non-objection for dividends.
              GR-5.2.210/2011Clarified the definition of "associate".
              GR-710/2011Chapter redrafted to be consistent with other Volumes of the CBB Rulebook.
              GR-5.3.807/2012Percentage amended to be consistent with Paragraph GR-5.3.5.
              GR-A.1.210/2012Updated legal basis.
              GR-410/2012Amended to reflect the issuance of Resolution No.(33) of 2012.
              GR-4.2.301/2013Specified timeline for CBB preliminary assessment.
              GR-5.4.1 and GR-5.4.304/2013Changed Rules to Guidance.
              GR-507/2013Changes made to be in line with Regulation No.(31) for the year 2008.
              GR-A.2.101/2014Deleted repetitive sentence.
              GR-7.1.1210/2016Added additional requirements for cessation of business to be in line with all Volumes.
              GR-5.1.701/2017Consistency of notification timeline rule on Controllers with other Volumes of the CBB Rulebook.
              GR-4.2.607/2017Corrected cross reference.
              GR-3.1.310/2017Amended paragraph and changed from Guidance to Rule.
              GR-604/2019Added new Section on Open Banking.
              GR-B.1.204/2020Amended Paragraph.
              GR-B.1.304/2020Amended Paragraph.
              GR-2.1.204/2020Amended Paragraph.
              GR-4.1.504/2020Amended Paragraph.
              GR-4.3.2 (d)04/2020Amended sub-Paragraph.
              GR-5.1.104/2020Amended Paragraph.
              GR-5.1.1004/2020Amended Paragraph.
              GR-7.1.404/2020Amended Paragraph.
              GR-7.1.1204/2020Amended Paragraph.
              GR-901/2021Added a new Chapter on Prepaid Cards.
              GR-507/2021Deleted Chapter and superseded by Resolution No. 16 of 2021.
              GR-6.1.307/2021Amended Paragraph.
              GR-6.1.507/2021Amended Paragraph.
              GR-6.1.707/2021Amended Paragraph.
              GR-6.1.807/2021Added a new Paragraph on access to customer information and data.
              GR-6.2.107/2021Amended Paragraph.
              GR-6.2.307/2021Amended Paragraph.
              GR-6.2.607/2021Amended Paragraph.
              GR-6.3.807/2021Paragraph moved to GR-6.1.7.
              GR-6.3.1207/2021Amended Paragraph.
              GR-6.3.1307/2021Amended Paragraph.
              GR-6.3.1407/2021Amended Paragraph.
              GR-6.3.1507/2021Amended Paragraph.
              GR-6.4.107/2021Amended Paragraph.
              GR-6.4.207/2021Amended Paragraph.
              GR-6.507/2021Deleted Section.
              GR-2.1.101/2022Amended Paragraph.
              GR-6.1.504/2022Amended Paragraph on MCCs.
              GR-6.1.804/2022Amended Paragraph on payment data provided including MCCs.
              GR-6.2.504/2022Amended Paragraph on Bahrain Open Banking Framework Developer Portal.
              GR-307/2023Amended Chapter on Dividends and Profit Repatriation.
              GR-301/2024Amended Chapter on Dividends and Profit Repatriation.

          • Superseded Requirements

            • GR-A.2.4

              This Module supersedes:

              Circular / other reference Provision Subject
              Module LR (April 2006 version) LR-6: Record-keeping Keeping Record-keeping keeping requirements were moved to GR-1, and edited down to simplify and avoid duplication of record-keeping keeping requirements contained in Module FC.
              Module HC (April 2006 version) HC-2: 'Fit and Proper Requirement' Requirements relating to controllers were moved to GR-5. Remaining 'fit and proper' elements regarding Directors and key employees of licensees were retained in HC-2, in a re-drafted form.
              October 07

      • GR-B GR-B Scope of Application

        • GR-B.1 GR-B.1 Conventional Bank Licensees

          • License Categories

            • GR-B.1.1

              The requirements in Module GR (General Requirements) apply to both retail and wholesale conventional bank licensees.

              October 07

          • Bahraini and Branches of Foreign Bank Licensees

            • GR-B.1.2

              The scope of application of Module GR (General Requirements) is as follows:

              Chapter Bahraini bank licensees Branches of foreign bank licensees
              GR-2 Applies to the whole bank. Applies to the Bahrain branch only.
              GR-3 Applies to the whole bank. Doesn't apply.
              GR-4 Applies to the whole bank. Applies to the Bahrain branch only.
              GR-5 Applies to the whole bank. Applies to the whole bank..
              GR-6 Applies to the retail bank. Applies to all Banks.
              GR-7 Applies to the whole bank. Applies to the Bahrain branch only.
              Amended: April 2020
              Amended: April 2019
              Amended: December 2018
              Added: October 07

            • GR-B.1.3

              In the case of Bahraini bank licensees, certain requirements apply to the whole bank, irrespective of the location of its business; other requirements apply only in respect to business booked in Bahrain. In the case of branches of foreign bank licensees, the requirements of Module GR mostly only apply to business booked in the Bahrain branch.

              Amended: April 2020
              Amended: April 2019
              Added: October 07

      • GR-1 [This Chapter has been relocated to Module OM.]

      • GR-2 GR-2 Corporate and Trade Names

        • GR-2.1 GR-2.1 Vetting of Names

          • GR-2.1.1

            Licensees must obtain CBB’s prior written approval for any change in their legal name. Licensees must notify the CBB of any change in their corporate name at least one week prior to effecting the proposed change.

            Amended: January 2022
            Added: October 07

          • GR-2.1.2

            GR-2.1.1 applies to branches of foreign bank licensees only with respect to their Bahrain branch.

            Amended: April 2020
            Added: October 07

          • GR-2.1.4

            In approving a corporate or trade name, the CBB seeks to ensure that it is sufficiently distinct as to reduce possible confusion with other unconnected businesses, particularly those operating in the financial services sector. The CBB also seeks to ensure that names used by unregulated subsidiaries do not suggest those subsidiaries are in fact regulated.

            October 07

      • GR-3 GR-3 Dividends and Profit Repatriation

        • GR-3.1 GR-3.1 CBB Approval on Dividends

          • GR-3.1.1

            Bahraini conventional bank licensees must obtain CBB’s prior approval for any proposed cash or stock dividend before any public announcements or the Annual General Meeting.

            Amended: July 2023
            Amended: April 2011
            October 2007

          • GR-3.1.2

            [This Paragraph was deleted in July 2023].

            Deleted: July 2023
            Amended: October 2011
            October 07

          • GR-3.1.3

            For the purpose of Paragraph GR-3.1.1conventional bank licensees must:

            (a) Submit the following: 

            (i) The intended percentage and amount of proposed dividends;

            (ii) The impact of proposed dividends on: 

            (a) Capital Adequacy Ratio (CAR), Liquidity Coverage Ratio (LCR), Net Stable Funding Ratio (NSFR), and Leverage Ratio (LR) showing the ratios before and after the proposed dividends;
            (b) The cash flow position and shareholders’ equity level before and after the proposed dividends;
            (iii) Stress testing results evidencing that the proposed dividends would not lead to any breach of the regulatory requirements (CAR, LCR, NSFR and LR) in the last financial year and the next two years under normal and stressed scenarios.
            (b) Satisfy the CBB of the adequacy of impairment provisions during the review of the annual/interim financial statements;
            (c) Ensure that any unrealized gains arising from assets or liabilities fair value assessment are excluded from net income in the determination of the proposed dividends, given that CBB does not permit distribution of unrealised profit;
            (d) Ensure that the amount of realised profits included in the retained earnings as at the year-end is sufficient to cover the proposed dividend amount; and
            (e) Ensure that any negative fair value on assets held at amortised cost do not have any material adverse impact on the capital and liquidity positions where such assets may need to be liquidated before maturity to satisfy any financial obligations, including deposit withdrawals.
            Amended: January 2024
            Amended: July 2023
            Amended: October 2017
            Amended: October 2011
            October 07

        • GR-3.2 Repatriation of Profits by Retail Branches of Foreign Banks

          • GR-3.2.1

            Retail branches of foreign banks must comply with the following when repatriating profits to Head Office:

            (a) The gearing ratio stipulated in Paragraph CA-15.7.6 after repatriation;
            (b) Satisfy the CBB of the adequacy of impairment provisions during the CBB’s review of the annual financial statements;
            (c) Ensure that any unrealized gains arising from assets or liabilities fair value assessment are excluded from net income in the determination of the repatriation;
            (d) Ensure that the amount of realised profits included in the retained earnings (unremitted profits due to head office) as at the year-end is sufficient to cover the proposed profit repatriation amount; and
            (e) Ensure that any negative fair value on assets held at amortised cost do not have any material adverse impact on the capital and liquidity positions where such assets may need to be liquidated before maturity to satisfy any financial obligations, including deposit withdrawals.
            Amended: January 2024
            Added: July 2023

      • GR-4 GR-4 Business Transfers

        • GR-4.1 GR-4.1 CBB Approval

          • GR-4.1.1

            In accordance with the CBB Governor's Resolution No.(33) for the year 2012 issued pursuant to Article 66 of the CBB Law, a conventional bank licensee (transferor) must seek prior written approval from the CBB before transferring any regulated banking service to a person (transferee), except in the following circumstances:

            (a) Where the transferred business is limited to the assets and/or liabilities of the transferor and does not include any regulated banking services; or
            (b) Where the regulated service transferred accounts for less than 5% of the transferor's total assets and/or liabilities as recorded in the unconsolidated balance sheet of the financial quarter preceding the date of the transfer of business application.
            Added: October 2012

          • GR-4.1.2

            For purposes of Paragraph GR-4.1.1 (a), a business transfer refers to a transfer of the rights and obligations of one conventional bank licensee to a third party, so that the customers continue to be subject to the same terms and conditions as those originally agreed.

            Added: October 2012

          • GR-4.1.3

            In instances where Subparagraph GR-4.1.1(b) applies, conventional bank licensees must notify the CBB before transferring any regulated banking service to a transferee one month prior to the transfer taking place.

            Added: October 2012

          • GR-4.1.4

            Rule GR-4.1.1 is intended to apply to circumstances where a bank wishes to transfer all or part of its business (examples: credit card business, asset management business) to a third party, or is undertaking winding up proceedings.

            Added: October 2012

          • GR-4.1.5

            In the case of a Bahraini conventional bank licensee, Chapter GR-4 applies to its assets and liabilities booked in Bahrain. In the case of branches of foreign bank licensees, Chapter GR-4 applies only to assets and liabilities booked in the bank's Bahrain branch.

            Amended: April 2020
            Added: October 2012

        • GR-4.2 GR-4.2 Procedure with Respect to Applications

          • GR-4.2.1

            Conventional bank licensees wishing to transfer banking business in the Kingdom must apply to the Executive Director of Banking Supervision by submitting an application form along with the supporting documents as specified by the CBB (see Part B, Supplementary Information, Appendix GR-1). Unless otherwise directed by the CBB, the application must provide:

            (a) Full details of the business to be transferred including a detailed list of all liabilities or assets that will be transferred;
            (b) The rationale for the proposed transfer;
            (c) If applicable, an assessment of the impact of the transfer on any customers directly affected by the transfer, and any mitigating factors or measures;
            (d) If applicable, an assessment of the impact of the transfer on the transferor's remaining business and customers; and
            (e) Evidence that the proposed transfer has been duly authorised by the transferor (such as a certified copy of a Board resolution approving the transfer).
            Added: October 2012

          • GR-4.2.2

            Banks intending to apply to transfer a regulated service are advised to contact the CBB at the earliest possible opportunity, in order that the CBB may determine the nature and level of any documentation and/or the need for an auditor or other expert opinion to be provided. The CBB will grant its permission where the transfer will have no negative impact on the financial soundness of the bank, and does not otherwise compromise the interests of the bank's depositors and creditors. In all cases, the CBB will only grant its permission where the institution acquiring the regulated service holds the appropriate regulatory approvals and is in good regulatory standing.

            Added: October 2012

          • Preliminary Assessment

            • GR-4.2.3

              The CBB will make a preliminary assessment of whether the proposed transfer is of a type that could be considered for approval or not based on the receipt of the documents referred to in Paragraph GR-4.2.1. If rejected, the applicant will be informed accordingly. The CBB will approve/reject the transfer of business application form after the submission of all necessary documents within 14 calendar days of the date where all documents have been submitted.

              Amended: January 2013
              Added: October 2012

          • Publication of the Transfer of Business Application

            • GR-4.2.4

              In instances where the CBB is in favor of the transfer requested, and in accordance with Article 66(c) of the CBB Law, the transfer of business application will be published by the CBB in the Official Gazette and in two daily newspapers in the Kingdom of Bahrain (one in Arabic and one in English). The CBB notice will include a statement that written representations concerning the transfer of business application may be sent to the CBB within three months from the date of publication.

              Added: October 2012

            • GR-4.2.5

              If the liabilities are located in a jurisdiction outside Bahrain, the CBB may also publish such notice in the jurisdiction in which the risk is situated.

              Added: October 2012

            • GR-4.2.6

              In all cases, the costs of publication of the notices referred to in Paragraphs GR-4.2.4 and GR-4.2.5 must be met by the transferor.

              Amended: July 2017
              Added: October 2012

        • GR-4.3 GR-4.3 Determination of Application

          • GR-4.3.1

            The CBB will consider an application under Paragraph GR-4.2.1 if it is satisfied that:

            (a) Any objections received to the application to transfer the business following its publication in the Official Gazette and in two daily newspapers in the Kingdom of Bahrain (one in Arabic and one in English) as required under Article 66(d) have been reviewed and resolved by the CBB;
            (b) Except in so far as the CBB has otherwise directed, a copy of the notice has been sent to every affected customer and every other person who claims an interest in an asset or liability included in the proposed transfer (and has given written notice of his claim to the transferor);
            (c) Copies of a statement, approved by the CBB, setting out particulars of the transfer, have been available for inspection at one or more places in Bahrain for at least 30 days, from the date of publication of the notice specified in Paragraph GR-4.2.3; and
            (d) Where the proposed transfer includes any contract where the risk is situated in a jurisdiction other than Bahrain, a statement, approved by the CBB, setting out particulars of the transfer, has been available for inspection at one or more places in that jurisdiction for at least 30 days, starting with the date of publication of the notice specified in Paragraph GR-4.2.3.
            Added: October 2012

          • GR-4.3.2

            The CBB will not approve the transfer, under the terms of Paragraph GR-4.2.1, unless it is satisfied that:

            (a) The transferee is authorised to carry on regulated banking services in Bahrain or (where relevant) is authorised or otherwise permitted to carry on regulated banking services in the jurisdiction where any overseas risks are situated;
            (b) Every transaction or account or relationship included in the transfer evidences a contract which was entered into before the date of the application;
            (c) The transferee possesses the necessary solvency required by the regulatory authorities to which he is subject to, after taking the proposed transfer into account;
            (d) Where transactions, accounts, or customer relationships are being transferred from a foreign branch of a Bahraini conventional bank licensee, or the transferee is a branch of a foreign bank licensee, the relevant overseas regulatory authority has been consulted about the proposed transfer, the law of that jurisdiction provides for the possibility of such a transfer, and the relevant supervisory authority in that jurisdiction has agreed to the transfer;
            (e) The transfer will not breach any applicable laws and regulations, and will not create any supervisory concerns;
            (f) The business transferred is not prohibited by the CBB; and
            (g) There are no material adverse consequences from the transfer on the transferee or the security of customers and creditors and their rights and obligations are protected.
            Amended: April 2020
            Added: October 2012

          • GR-4.3.3

            In assessing the criteria outlined in Paragraph GR-4.3.2, the CBB will, amongst other factors, take into account the financial strength of the transferee; its capacity to manage the business being transferred; its track record in complying with applicable regulatory requirements; and (where applicable) its track record in treating customers fairly. The CBB will also take into account the impact of the transfer on the transferor, and any consequences this may have for the transferor's remaining customers.

            Added: October 2012

          • GR-4.3.4

            The CBB will review the application and any other documents or information requested by the CBB taking into consideration any objections received and conditions stated in Article 66 (d) of the CBB law.

            Added: October 2012

          • GR-4.3.5

            The CBB reserves the right to impose additional requirements if, in the opinion of the CBB, additional requirements are necessary to protect customer interests. In all cases where additional requirements are imposed, the CBB shall state the reasons for doing so.

            Added: October 2012

          • GR-4.3.6

            The CBB will communicate its final decision to the transferor within 5 working days of the expiry of the period for submitting objections to the CBB (see Paragraph GR-4.2.4).

            Added: October 2012

        • GR-4.4 GR-4.4 CBB Decision

          • GR-4.4.1

            In accordance with Article 67 (d) of the CBB Law and Article 8 of the Regulation issued pursuant to Resolution No.(33) of 2012, the CBB's decision regarding the application for transfer made under Section GR-4.2, will be published as a notice in the Official Gazette and in two local newspapers (one in Arabic and one in English) and will come into effect from this date.

            Added: October 2012

          • GR-4.4.2

            If the liabilities are located in a jurisdiction outside Bahrain, the CBB may also publish such notice in the jurisdiction in which the risk is situated.

            Added: October 2012

          • GR-4.4.3

            The costs of publication of the notices referred to in Paragraphs GR-4.4.1 and GR-4.4.2 must be met by the transferor.

            Added: October 2012

          • GR-4.4.4

            Article 67(e) of the CBB Law notes that where the application for business transfer has been turned down by the CBB or includes restrictions, the applicant may appeal to a competent court within 30 calendar days from the date of publication referred to in Paragraph GR-4.4.1 .

            Added: October 2012

      • GR-5 Controllers

        [This Chapter was deleted in July 2021 and superseded by Resolution No. (16) of 2021 with respect to promulgating the Regulation Pertaining to Control in Banks]

      • GR-6 GR-6 Open Banking

        • GR-6.1 GR-6.1 Access to PISPs and AISPs

          • GR-6.1.1

            The CBB has recognised the need to revise its rules in keeping with the following changes at a systemic level, both globally and regionally:

            a) market growth in e-commerce activities;
            b) increased use of internet and mobile payments;
            c) consumer demand to increasingly use smart device based payment solutions;
            d) the developments in innovative technology; and
            e) a trend towards customers having multiple account providers.

            This section sets forth the rules applicable to conventional retail bank licensees with regards to the new category of ancillary service providers described below.

            Added: April 2019

          • GR-6.1.2

            The CBB has established a Directive contained in "Module OB: Open Banking" in Volume 5 of the CBB Rulebook that deals with a new sub category of ancillary service providers who, under the terms of the CBB license, may provide "payment initiation services" and/or "account information services". Such licensees are termed "payment initiation service providers" or PISPs and "account information service providers" or AISPs. Banks and other licensees which maintain a customer account is referred to in the CBB Rulebook Volume 5 as "licensees maintaining customer accounts".

            Added: April 2019

          • GR-6.1.3

            Conventional retail bank licensees must:

            (a) grant ancillary service providers of the types referred to in Paragraph AU-1.2.1 (f) and (g) of Rulebook Volume 5: Ancillary Service Providers Authorisation Module, access to customer accounts on an objective, non-discriminatory and proportionate basis based on consents obtained from the customer;
            (b) provide the criteria that the conventional retail bank licensees apply when considering requests pursuant to sub-paragraph (a) above for such access; and
            (c) ensure that those criteria are applied in a manner which ensures compliance with sub-paragraph (a) above while ensuring adherence to Law No 30 of 2018, Personal Data Protection Law (PDPL) issued on 12 July 2018.
            Amended: July 2021
            Added: April 2019

          • GR-6.1.4

            Access to customer accounts granted pursuant to Paragraph GR-6.1.3 must be sufficiently extensive to allow the AISP and PISP access in an unhindered and efficient manner.

            Added: April 2019

          • GR-6.1.5

            Access to customer accounts granted pursuant to Paragraph GR-6.1.3 shall mean that at customer's direction, the licensees are obliged to share without charging a fee, all information that has been provided to them by the customer and that which can be accessed by the customer in a digital form. The obligation should only apply where the licensee keeps that information in a digital form. Furthermore, the obligation should not apply to information supporting identity verification assessment; which the licensees should only be obliged to share with the customer directly, not a data recipient. The information accessed and shared shall include transaction data, relevant Merchant Category Code information and product and services data that banks are required to publicly disclose, such as price, fees, and other charges should be made publicly available under open banking. Fees may be charged by banks to AISPs for sharing 'Value Added Data' and 'Aggregated Data' are not required to be shared. Value added data or derived data results from material enhancement by the application of insights, analysis, or transformation on customer data by the licensee. Aggregated data refers to data which is aggregated across the licensee’s customer segments for the purpose of analysis.

            Amended: April 2022
            Amended: July 2021
            Added: April 2019

          • GR-6.1.6

            If a conventional retail bank licensee refuses a request for access to such services or withdraws access to such services, it must seek approval of the CBB in a formal communication which must contain the reasons for the refusal or the withdrawal of access and contain such information as the CBB may direct. The CBB shall approve the request if it is satisfied that the impact of not giving access is minimal. If the request is rejected, the conventional retail bank licensee must adhere to the direction provided by the CBB.

            Added: April 2019

          • GR-6.1.7

            Conventional retail bank licensees must comply with each of the following requirements:

            (a) provide access to the same information from designated customer accounts made available to the customer when directly requesting access to the account information, provided that this information does not include sensitive payment data (such as customer security credentials or other personalised data, the holding of which or the use of which is not authorised by the customer; and data which may be used by the holder for unauthorised, fraudulent, illegal or activity or transactions);
            (b) provide, immediately after receipt of the payment order, the same information on the initiation and execution of the payment transaction provided or made available to the customer when the transaction is initiated directly by the latter;
            (c) upon request, immediately provide PISPs with a confirmation whether the amount necessary for the execution of a payment transaction is available on the payment account of the payer. This confirmation must consist of a simple ‘yes’ or ‘no’ answer.
            Added: July 2021

          • GR-6.1.8

            For the purposes of this Chapter, conventional retail bank licensees must provide access to and share information and data pertaining to customer account activity, including the Merchant Category Code information relevant to the payments from the customer account, and balances covering a period of 12 full months or 365 days at the time of access to the AISPs in respect of the following services/products offered by the licensee:

            (a) Savings accounts;
            (b) Current accounts;
            (c) Term and call deposits;
            (d) Foreign currency accounts;
            (e) Unrestricted investment accounts;
            (f) Restricted investment accounts;
            (g) Mortgage/housing finance products;
            (h) Auto loans;
            (i) Consumer loans/financing;
            (j) Overdrafts (personal);
            (k) Credit and charge cards;
            (l) Electronic wallets and prepaid cards; and
            (m) Other accounts which are accessible to the customer through e-banking portal or mobile device.
            Amended: April 2022
            Added: July 2021

        • GR-6.2 GR-6.2 Communication Interface for PISPs and AISPs

          • GR-6.2.1

            Conventional retail bank licensees that offer a customer account that is accessible online must have in place at least one interface which meets each of the following requirements:

            (a) AISPs and PISPs must identify themselves in sessions with conventional retail bank licensees;
            (b) AISPs and PISPs must communicate securely to request and receive information on one or more designated payment accounts and associated payment transactions; and
            (c) PISPs must communicate securely to initiate a payment order from the payer's payment account and receive information on the initiation and the execution of payment transactions.
            Amended: July 2021
            Added: April 2019

          • GR-6.2.2

            Conventional retail bank licensees must establish the interface(s) referred to in Paragraph GR-6.2.1 by means of a dedicated interface.

            Added: April 2019

          • GR-6.2.3

            For the purposes of authentication of the customer, the interfaces referred to in paragraph GR-6.2.1 must allow AISPs and PISPs to rely on the authentication procedures provided by the conventional retail bank licensee to the customer. In particular, the interface must meet all of the following requirements:

            (a) process for instructing and authentication by the conventional retail bank licensee;
            (b) establishing and maintaining authentication of communication sessions between the conventional retail bank licensee, the AISP, the PISP and the customer(s); and
            (c) ensuring the integrity and confidentiality of the personalised security credentials and of authentication codes transmitted by or through the AISP or the PISP.
            Amended: July 2021
            Added: April 2019

          • GR-6.2.4

            Conventional retail bank licensees must ensure that their interface(s) follows standards of communication which are agreed by the CBB and that the protocols are technology neutral. They must ensure that the technical specifications of the interface are documented and are made available to AISPs and PISPs when requested.

            Added: April 2019

          • GR-6.2.5

            Conventional retail bank licensees must establish and make available a testing facility, in accordance with the operational guidelines included in the Bahrain Open Banking Framework (see Section 4.1) to authorised AISPs and PISPs, companies operating in the CBB’s Regulatory Sandbox as open banking service providers and AISPs/PISPs granted in-principle confirmation to proceed with the CBB’s licensing process. No sensitive information must be shared through the testing facility. Licensees must display a link to the testing facility on their website.

            Amended: April 2022
            Added: April 2019

          • GR-6.2.6

            Conventional retail bank licensees must ensure that the dedicated interface established for the AISPs and PISPs offers the same level of availability and performance, including support, as well as the same level of contingency measures, as the interface made available to the customer for directly accessing its payment account online.

            Amended: July 2021
            Added: April 2019

          • GR-6.2.7

            For the purposes of GR-6.2.6, the following requirements apply:

            (a) Conventional retail bank licensees must monitor the availability and performance of the dedicated interface and make the resulting statistics available to the CBB upon their request;
            (b) where the dedicated interface does not operate at the same level of availability and performance as the interface made available to the conventional retail bank licensee's customer when accessing the payment account online, the bank must report it to the CBB and must restore the level of service for the dedicated interface without undue delay and take the necessary action to avoid its reoccurrence.
            (c) The report referred to in (b) above must include the causes of the deficiency and the measures adopted to re-establish the required level of service; and
            (d) AISPs and PISPs making use of the dedicated interface offered by conventional retail bank licensees must also report to the CBB any deficiency in the level of availability and performance required of the dedicated interface.
            Added: April 2019

          • GR-6.2.8

            Conventional retail bank licensees must include in the design of dedicated interface, a strategy and plans for contingency measures in the event of an unplanned unavailability of the interface and systems breakdown. The strategy must include communication plan to inform the relevant AISP/PISP making use of the dedicated interface in the case of breakdown, measures to bring the system back to 'business as usual' and a description of alternative options AISPs and PISPs may make use of during the unplanned downtime.

            Added: April 2019

        • GR-6.3 GR-6.3 Security of Communication Sessions and Authentication

          • GR-6.3.1

            Conventional retail bank licensees must ensure that communication sessions with PISPs and AISPs including merchants, relies on each of the following:

            (a) a unique identifier of the session;
            (b) security mechanisms for the detailed logging of the transaction, including transaction number, timestamps and all relevant transaction data;
            (c) timestamps which must be based on a unified time-reference system and which must be synchronised according to an official time signal.
            Added: April 2019

          • GR-6.3.2

            Conventional retail bank licensees must ensure secured identification when communicating with AISPs and PISPs.

            Added: April 2019

          • GR-6.3.3

            Conventional retail bank licensees must ensure that, when exchanging data via the internet, with PISPs and AISPs, secure encryption is applied between the communicating parties throughout the respective communication session in order to safeguard the confidentiality and the integrity of the data, using strong and widely recognised encryption techniques.

            Added: April 2019

          • GR-6.3.4

            PISPs and AISPs must keep the access sessions offered by conventional retail bank licensees as short as possible and they must actively terminate the session as soon as the requested action has been completed.

            Added: April 2019

          • GR-6.3.5

            When maintaining parallel network sessions with the PISPs and AISPs, conventional retail bank licensees must ensure that those sessions are securely linked to relevant sessions established in order to prevent the possibility that any message or information communicated between them could be misrouted.

            Added: April 2019

          • GR-6.3.6

            Conventional retail bank licensees' sessions with PISPs and AISPs must contain unambiguous reference to each of the following items:

            (a) the customer and the corresponding communication session in order to distinguish several requests from the same customer;
            (b) for payment initiation services, the uniquely identified payment transaction initiated;
            (c) for confirmation on the availability of funds, the uniquely identified request related to the amount necessary for the execution of the transaction.
            Added: April 2019

          • GR-6.3.7

            Conventional retail bank licensees must ensure that where they communicate personalised security credentials and authentication codes, these are not readable by any staff at any time.

            Added: April 2019

          • GR-6.3.8

            [This Paragraph was moved to GR-6.1.7].

            Amended: July 2021
            Added: April 2019

          • GR-6.3.9

            In case of an unexpected event or error occurring during the process of identification, authentication, or the exchange of the data elements, the conventional retail bank licensees must send a notification message to the relevant PISP or AISP which explains the reason for the unexpected event or error.

            Added: April 2019

          • GR-6.3.10

            Where the conventional retail bank licensee offer a dedicated interface, it must ensure that the interface provides for notification messages concerning unexpected events or errors to be communicated by any PISP or AISP that detects the event or error to the other licensees participating in the communication session.

            Added: April 2019

          • GR-6.3.11

            Conventional retail bank licensees must provide access to information from customer accounts to AISPs whenever the customer requests such information.

            Added: April 2019

          • Secure authentication

            • GR-6.3.12

              Conventional retail bank licensees must have in place a strong customer authentication process and ensure the following:

              (a) no information on any of the elements of the strong customer authentication can be derived from the disclosure of the authentication code;
              (b) it is not possible to generate a new authentication code based on the knowledge of any other code previously generated; and
              (c) the authentication code cannot be forged.

               

              Amended: July 2021
              Added: April 2019

            • GR-6.3.13

              Conventional retail bank licensees must adopt security measures that meet the following requirements for payment transactions:

              (a) the authentication code generated must be specific to the amount of the payment transaction and the payee agreed to by the payer when initiating the transaction;
              (b) the authentication code accepted by the licensee maintaining customer account corresponds to the original specific amount of the payment transaction and to the payee agreed to by the payer;
              (c) a SMS message must be sent to the customer upon accessing the online portal or application and when a transaction is initiated; and
              (d) any change to the amount or the payee must result in the invalidation of the authentication code generated.
              Amended: July 2021
              Added: April 2019

          • Independence of elements of strong authentication

            • GR-6.3.14

              Conventional retail bank licensees must establish adequate security features for customer authentication including the use of the following three elements:

              (a) an element categorised as knowledge (something only the user knows), such as length or complexity of the pin or password;
              (b) an element categorised as possession (something only the user possesses) such as algorithm specifications, key length and information entropy, and
              (c) for the devices and software that read, elements categorised as inherence (something the user is), i.e. algorithm specifications, biometric sensor and template protection features.
              Amended: July 2021
              Added: April 2019

            • GR-6.3.15

              Conventional retail bank licensees must ensure that the elements referred to in Paragraph GR-6.3.14 are independent, so that the breach of one does not compromise the reliability of the others, in particular, when any of these elements are used through a multi-purpose device, i.e. a device such as a tablet or a mobile phone which can be used for both giving the instruction to make the payment and for being used in the authentication process. The CBB will consider exempting from a 3 factor authentication on a case to case basis provided that the licensee is able to demonstrate to CBB that it has established robust controls to mitigate the relevant key risks.

              Amended: July 2021
              Added: April 2019

        • GR-6.4 GR-6.4 Standards for Program Interfaces and Communication

          • GR-6.4.1

            Conventional retail bank licensees must adhere to the Operational Guidelines, Security Standards and Guidelines, Open Banking Application Program Interface (API) Specifications and Customer Journey Guidelines included in Bahrain Open Banking Framework (see CBB website).

            Amended: July 2021
            Added: April 2019

          • GR-6.4.2

            Conventional retail bank licensees must ensure that compliance with standards and guidelines specified in Paragraph GR-6.4.1 is subject to independent review and tests, including testing in a test environment., by an independent consultant upon implementation.

            Amended: July 2021
            Added: April 2019

          • GR-6.4.3

            To remain technologically neutral the technical standards adopted by conventional retail bank licensees must not require a specific technology to be adopted by AISPs or PISPs. Authentication codes must be based on solutions such as generating and validating one-time passwords, digital signatures or other cryptographically underpinned validity assertions using keys and/or cryptographic material stored in the authentication elements, as long as the security requirements are fulfilled.

            Added: April 2019

        • GR-6.5 GR-6.5 [This Section was deleted in July 2021]

          • GR-6.5.1

            [This Paragraph was deleted in July 2021].

            Deleted: July 2021
            Added: April 2019

      • GR-7 GR-7 Cessation of Business

        • GR-7.1 GR-7.1 CBB Approval

          • GR-7.1.1

            As specified in Article 50 of CBB Law, a conventional bank licensee wishing to cease to provide or suspend any or all of the licensed regulated services, completely or at any of its branches, must obtain prior written approval from the CBB, setting out how it proposes to do so and, in particular, how it will treat any deposits that it holds.

            Amended: October 2011
            October 07

          • GR-7.1.2

            [This Paragraph was deleted in October 2011].

            Deleted: October 2011
            October 07

          • GR-7.1.3

            If the conventional bank licensee wishes to liquidate its business, the CBB will revise its license to restrict the firm from entering into new business. The licensee must continue to comply with all applicable CBB requirements until such time as it is formally notified by the CBB that its obligations have been discharged and that it may surrender its license.

            October 07

          • GR-7.1.4

            In the case of a Bahraini conventional bank licensee, Chapter GR-7 applies both to its business booked in Bahrain and the licensee's overseas branches. In the case of branches of foreign bank licensees, Chapter GR-7 applies only to business booked in the licensee's Bahrain branch.

            Amended: April 2020
            Added: October 2011

          • GR-7.1.5

            Licensees seeking to obtain the CBB's permission to cease business must apply to the CBB in writing, in the form of a formal request together with supporting documents. Unless otherwise directed by the CBB, the following information/documentation must be provided in support of the request:

            (a) Full details of the business to be terminated;
            (b) The rationale for the cessation;
            (c) How the conventional bank licensee proposes to cease business;
            (d) Notice of an extraordinary shareholder meeting setting out the agenda to discuss and approve the cessation, and inviting the CBB for such meeting;
            (e) Evidence that the proposed cessation has been duly authorised by the conventional bank licensee (such as a certified copy of a Board resolution approving the cessation);
            (f) Formal request to the CBB for the appointment of a liquidator acceptable to the CBB;
            (g) A cut-off date by which the conventional bank licensee will stop its operations;
            (h) If the conventional bank licensee wishes to cease its whole business, confirmation that the conventional bank licensee will not enter into new business with effect from the cut-off date;
            (i) If applicable, an assessment of the impact of the cessation on any customers directly affected by the cessation, and any mitigating factors or measures; and
            (j) If applicable, an assessment of the impact of the cessation on the conventional bank licensee's remaining business and customers, and any mitigating factors or measures.
            Added: October 2011

          • GR-7.1.6

            Conventional bank licensees intending to apply to cease business are advised to contact the CBB at the earliest opportunity, prior to submitting a formal application, in order that the CBB may determine the nature and level of documentation to be provided and the need for an auditor or other expert opinion to be provided to support the application. The information/documentation specified in Paragraph GR-7.1.5 may be varied by the CBB, depending on the nature of the proposed cessation, such as the materiality of the business concerned and its impact on customers.

            Added: October 2011

          • GR-7.1.7

            Approval to cease business will generally be given where adequate arrangements have been made to offer alternative arrangements to any affected customers. The CBB's approval may be given subject to any conditions deemed appropriate by the CBB. In all cases where additional requirements are imposed, the CBB shall state the reasons for doing so.

            Added: October 2011

          • GR-7.1.8

            A conventional bank licensee in liquidation must continue to meet its contractual and regulatory obligations to depositors, other clients and creditors.

            Amended: October 2011
            October 07

          • GR-7.1.9

            [This Paragraph was deleted in October 2011].

            Deleted: October 2011
            Amended: January 2011
            October 07

          • GR-7.1.10

            [This Paragraph was deleted in October 2011].

            Deleted: October 2011
            October 07

          • GR-7.1.11

            [This Paragraph was deleted in October 2011].

            Deleted: October 2011
            October 07

          • GR-7.1.12

            Upon satisfactorily meeting the requirements set out in GR-7.1.4, the conventional bank licensee must surrender the original license certificate issued by the Licensing Directorate at the time of establishment, and submit confirmation of the cancellation of its commercial registration from the Ministry of Industry, Commerce and Tourism.

            Amended: April 2020
            Added: October 2016

      • GR-8 CBB Fees

        [This Chapter has been transferred to Module LR.]

        October 07

      • GR-9 GR-9 Prepaid Cards

        • GR-9.1 GR-9.1 General Requirements

          • GR-9.1.1

            Conventional retail bank licensees must place any prepaid card which is inactive for a period of six months on the “dormant” list.

            Added: January 2021