• High Level Standards

    • LR LR Licensing Requirements

      • LR-A LR-A Introduction

        • LR-A.1 LR-A.1 Purpose

          • LR-A.1.1

            The Licensing Requirements Module sets out the BMA's approach to licensing Islamic bank licensees.

          • LR-A.1.2

            The Module builds on the legal requirements contained in Decree Law No. (23) of 1973 (the BMA Law 1973). The Module is issued under legal powers granted to the BMA under the BMA Law 1973, notably Articles 56 to 69.

          • Licensing Requirement

            • LR-A.1.3

              Persons wishing to undertake regulated Islamic banking services are required to be licensed by BMA as an Islamic bank licensee. Regulated Islamic banking services consist of three determinant activities — the acceptance of Shari'a money placements/deposits, the managing of Shari'a profit sharing investment accounts, and the offering of Shari'a financing contracts. In addition, various supplementary activities may also be undertaken. All these activities are defined in Rule LR-1.3.1. Islamic bank licensees must operate all their operations in compliance with Shari'a economic principles; and only Islamic bank licensees may hold themselves out to be a fully Shari'a compliant institution.

            • LR-A.1.4

              In other words, to be licensed as an Islamic bank licensee, a person must undertake the activity of accepting Shari'a money placements/deposits, and/or managing Shari'a profit sharing investment accounts. In addition, the activity of offering Shari'a financing contracts must also be undertaken. In addition, they may undertake any of the other activities falling within the definition of regulated Islamic banking services, providing these are in conformity with Shari'a economic principles.

          • License Categories

            • LR-A.1.5

              Islamic bank licensees are divided into two sub-categories: Islamic retail bank licensees and Islamic wholesale bank licensees. Certain specific regulatory requirements may differ between these two sub-categories, where appropriate to address their different risk profiles.

            • LR-A.1.6

              Islamic retail bank licensees may undertake transactions in any currency, with both Bahraini residents and non-residents. To qualify as an Islamic retail bank licensee, the activity of offering Shari'a financing contracts must account for a significant portion of the institution's business (defined, broadly, as accounting for over 20% of an institution's assets).

            • LR-A.1.7

              Islamic wholesale bank licensees may also undertake transactions without restriction, when dealing with the Government of Bahrain and its agencies; BMA bank licensees; and non-residents. However, they may only undertake transactions denominated in Bahraini Dinar and/or with a resident of the Kingdom of Bahrain, if these are wholesale in nature. Wholesale transactions are defined in terms of transaction size (in summary, BD 7 million or more for the activities of taking Shari'a money placements/deposits, and offering Shari'a financing contracts, and US$ 250,000 or more for any of the other activities falling within the definition of regulated Islamic banking services).

            • LR-A.1.8

              Collectively, licensed providers of regulated Islamic banking services are called Islamic bank licensees. Bahrain-incorporated Islamic bank licensees are called Bahraini Islamic bank licensees. Islamic bank licensees that are incorporated in an overseas jurisdiction and operate via a branch presence in the Kingdom of Bahrain are called overseas Islamic bank licensees. The same naming convention applies to the two sub-categories of Islamic bank license: thus, Bahraini Islamic retail bank licensees and Bahraini Islamic wholesale bank licensees are those incorporated in Bahrain, whilst overseas Islamic retail bank licensees and overseas Islamic wholesale bank licensees are those incorporated in an overseas jurisdiction and operating in Bahrain via a branch presence.

          • Licensing Conditions

            • LR-A.1.9

              Islamic bank licensees are subject to 8 licensing conditions, mostly specified at a high level in Module LR, and further expanded in underlying subject Modules (such as Module CA). These licensing conditions are broadly equivalent to the standards applied in other Volumes of the BMA Rulebook, to other license categories, and are consistent with international good practice, such as relevant Basel Committee and IFSB (Islamic Financial Services Board) standards.

          • Retaining Licensed Status

            • LR-A.1.10

              The requirements contained in Chapter LR-2 represent the minimum conditions that have to be met in each case, both at the point of licensing and on an on-going basis thereafter, in order for licensed status to be retained.

          • Information Requirements and Processes

            • LR-A.1.11

              Chapter LR-3 specifies the processes and information requirements that have to be followed for applicants seeking an Islamic bank license, as well as existing licensees seeking to vary the scope of their license, by adding new regulated activities. It also covers the voluntary surrender of a license, or its cancellation by BMA.

          • Representative Offices and Ancillary Services Providers

            • LR-A.1.12

              Representative offices of overseas Islamic bank licensees are not covered in Volume 2 (Islamic Banks) of the Rulebook. Requirements covering Representative Offices (for all financial services firms) will instead be included in Volume 5, to be issued in 2007.

            • LR-A.1.13

              Until such time as Volume 5 (Specialised Activities) of the BMA Rulebook is issued, representative offices of overseas Islamic bank licensees remain subject to the requirements contained in the BMA's "Standard Conditions and Licensing Criteria" applicable to representative offices of foreign banks, and relevant existing Circulars.

            • LR-A.1.14

              Providers of ancillary services to the financial sector are not covered in Volume 2 (Islamic Banks) of the Rulebook. Requirements covering ancillary services providers will instead be included in Volume 5, to be issued in 2007.

            • LR-A.1.15

              Until such time as Volume 5 (Specialised Activities) of the BMA Rulebook is issued, ancillary services providers remain subject to the requirements contained in the BMA's "Standard Conditions and Licensing Criteria" applicable to providers of ancillary services to the financial sector, and relevant existing Circulars.

          • Updating the BMA Rulebook

            • LR-A.1.16

              Unless the context suggests otherwise, references elsewhere in Volume 2 to Full Commercial Bank should be taken as referring to Islamic retail bank licensees, and references to Offshore Banking Units and Investment Bank Licensees should be taken as referring to Islamic wholesale bank licensees. References to the previous bank license categories that applied prior to 1 July 2006 will be gradually updated over time, across the rest of Volume 2.

        • LR-A.2 LR-A.2 Module History

          • Evolution of Module

            • LR-A.2.1

              This Module (Module LR — "Licensing and Authorisation Requirements") was first issued in January 2005, as part of the initial release of Volume 2 of the BMA Rulebook. It was subsequently reissued in full in July 2006 (and renamed "Licensing Requirements").

            • LR-A.2.2

              The reissued Module was one of several Modules modified to reflect the introduction of the BMA's new integrated license framework. Module LR was amended to reflect the new Islamic bank licenses introduced by the framework, and to more closely align its presentation with that found in other BMA Rulebook volumes.

            • LR-A.2.3

              The reissued Module is dated July 2006. All subsequent changes were dated with the month and year when the change was made, at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.

            • LR-A.2.4

              A list of recent changes made to this Module is provided below:

              Module Reference Change Date Description of Changes
              Whole Module 07/2006 Whole Module reissued to reflect integrated license framework: new license categories and updated licensing conditions introduced.
                   

          • Superseded Requirements

            • LR-A.2.5

              The initial January 2005 version of this Module superseded various circulars and other requirements relating to licensing. Some of these circulars were combined in 1997 into a licensing folder ("Part 1: Licensing", which formed part of the three volume information pack, "The Establishment, regulations and supervision of banks and other financial institutions in Bahrain"). The requirements contained in these circulars were transposed into the initial January 2005 version of this Module unchanged, as follows:

              Circular Reference Date of Issue Module Ref.
              (July 2004 version)
              Circular Subject
              5/77 08/03/77 LR-B.1.1, LR-3.3 Permitted Business Transactions with residents
              OG/16/90 10/01/90 LR-2.3, LR-3.3 Dealing with Residents
              OG/192/98 16/06/98 LR-4 Financial Trust Regulation
              No reference 04/81 LR-5 Precious Metals and Commodities
              BS/07/04 06/05/04 LR-6 Record Keeping Requirements

      • LR-B LR-B Scope of Application

        • LR-B.1 LR-B.1 General Prohibitions

          • LR-B.1.1

            The licensing requirements in Chapter LR-1 have general applicability, in that they prevent any person from providing (or seeking to provide) regulated banking services within or from the Kingdom of Bahrain, unless they have been licensed as a Islamic bank licensee by the BMA (see Rule LR-1.1.1).

          • LR-B.1.2

            In addition, no one may use the term 'bank' in their trading or corporate name, or otherwise hold themselves out to be a bank in Bahrain, unless they hold the appropriate license from BMA (see Rule LR-1.1.2).

          • LR-B.1.3

            The Rules referred to above are supported by statutory restrictions contained in the BMA Law 1973 (cf. Articles 60 and 61).

        • LR-B.2 LR-B.2 Licensed Persons

          • LR-B.2.1

            The remaining requirements in Chapters LR-1 to LR-3 (besides those mentioned in Section LR-B.1 above) apply to all those licensed by BMA as an Islamic bank licensee, or which are in the process of seeking such a license. They apply regardless of whether the person concerned is incorporated in the Kingdom of Bahrain, or in an overseas jurisdiction, unless otherwise specified.

          • LR-B.2.2

            These remaining requirements prescribe the types of license offered; their associated operating conditions; the licensing conditions that have to be satisfied in order to secure and retain a license; and the processes to be followed when applying or varying a license, or when a license is withdrawn.

      • LR-1 LR-1 Requirement to Hold a License

        • LR-1.1 LR-1.1 Islamic Bank Licensees

          • General Prohibitions

            • LR-1.1.1

              No person may:

              (a) undertake (or hold themselves out to undertake) regulated Islamic banking services within or from the Kingdom of Bahrain unless duly licensed by the BMA; or
              (b) hold themselves out to be licensed by the BMA unless they have as a matter of fact been so licensed.

            • LR-1.1.2

              Only persons licensed to undertake regulated Islamic banking services (or regulated banking services), may use the term 'bank' in their corporate or trading names, or otherwise hold themselves out to be a bank.

            • LR-1.1.3

              Licensees are not obliged to include the word 'bank' in their corporate or trading names; however, they may be required to make clear their regulatory status in their letter heads, customer communications, website and so on.

            • LR-1.1.4

              For the purposes of Rule LR-1.1.2, persons will be considered in breach of this requirement if they attempt to operate as, or incorporate a bank in Bahrain with a name containing the word "bank" (or the equivalents in any language), without holding the appropriate BMA license or obtaining the prior approval of the BMA.

          • Licensing

            • LR-1.1.5

              Persons wishing to be licensed to undertake regulated Islamic banking services within or from the Kingdom of Bahrain must apply in writing to the BMA.

            • LR-1.1.6

              An application for a license must be in the form prescribed by the BMA and must contain:

              (a) a business plan specifying the type of business to be conducted;
              (b) application forms for all controllers; and
              (c) application forms for all controlled functions.

            • LR-1.1.7

              The BMA will review the application and duly advise the applicant in writing when it has:

              (a) granted the application without conditions;
              (b) granted the application subject to conditions specified by the BMA; or
              (c) refused the application, stating the grounds on which the application has been refused and the process for appealing against that decision.

            • LR-1.1.8

              Detailed rules and guidance regarding information requirements and processes for license applications can be found in Section LR-3.1. As specified in Paragraph LR-3.1.14, BMA will provide a formal decision on a Phase 1 license application within 60 calendar days of all required documentation having been submitted in a form acceptable to BMA.

            • LR-1.1.9

              In granting new licenses, BMA will specify the specific types of regulated Islamic banking service for which a license has been granted, and on what basis (i.e. Islamic retail bank licensee or Islamic wholesale bank licensee).

            • LR-1.1.10

              All applicants for an Islamic bank license must satisfy the BMA that they meet, by the date of their license, the minimum conditions for licensing, as specified in Chapter LR-2. Once licensed, Islamic bank licensees must maintain these criteria on an ongoing basis.

            • LR-1.1.11

              Islamic bank licensees must not carry on any commercial business in the Kingdom of Bahrain or elsewhere other than banking business and activities directly arising from or incidental to that business.

            • LR-1.1.12

              Rule LR-1.1.11 is intended to restrict bank licensees from undertaking any material non-financial business activities. The Rule does not prevent a bank undertaking commercial activities if these directly arise from their financial business: for instance, in the context of Islamic contracts, such as murabaha, ijara and musharaka, where the bank may hold the physical assets being financed or leased. Nor does it restrict a bank from undertaking commercial activities if, in the judgment of the BMA, they are incidental and do not detract from the financial nature of the bank's operations: for example, a bank may rent out spare office space in its own office building, and provide services associated with the rental (e.g. office security or cleaning).

            • LR-1.1.13

              Rule LR-1.1.11 applies to the legal entity holding the bank license. A bank may thus own subsidiaries that undertake non-financial activities, although the BMA generally does not support the development of significant commercial activities within a banking group. Capital invested in such subsidiaries by a bank would be deducted from the bank's capital base under the BMA's capital rules (see Module CA). In addition, the BMA may impose restrictions — such as dealings between the bank and its commercial subsidiaries — if it was felt necessary to limit the bank's exposure to non-financial risks.

        • LR-1.2 LR-1.2 License Sub-Categories

          • Retail vs. Wholesale

            • LR-1.2.1

              Depending on the nature of activities undertaken, Islamic bank licensees must be licensed either as an Islamic retail bank licensee or as an Islamic wholesale bank licensee. The same legal entity may not hold both types of license.

            • LR-1.2.2

              The nature of activities allowed under each license sub-category is specified below (cf. Rule LR-1.2.4ff). The Islamic retail bank licensee category replaces the Full Commercial Bank (Islamic principles) category that existed prior to July 2006; the Islamic wholesale bank licensee category replaces the Offshore Banking Unit and Investment Bank License (Islamic principles) categories.

            • LR-1.2.3

              Banks licensed prior to the introduction of these new license categories in July 2006 are not required to reapply for their license. Rather, their new license category is to be confirmed by an exchange of letters with BMA, and the issuance of a new license certificate. Where (prior to July 2006), the same legal entity holds multiple licenses, BMA will agree transitional measures aimed at rationalizing the number of licenses held.

          • Islamic Retail Bank Licensees

            • LR-1.2.4

              Islamic retail bank licensees are allowed to transact with both residents and non-residents of the Kingdom of Bahrain, and in both Bahraini Dinar and foreign currencies.

            • LR-1.2.5

              To qualify as an Islamic retail bank licensee, the person concerned must undertake (as a minimum), the activity of accepting Shari'a money placements/deposits, and/or managing Shari'a profit sharing investment accounts, as well as the activity of offering Shari'a financing contracts (as defined in Rules LR-1.3.16, LR-1.3.17 and LR-1.3.18). The activity of offering Shari'a financing contracts must be a significant part of the bank's business, relative to other activities.

            • LR-1.2.6

              When assessing the significance of Shari'a financing contracts, in the context of Rule LR-1.2.5, the BMA would normally expect to see such contracts constitute at least 20% of the total assets of the institution. Other activities and criteria may also be taken into account, if the BMA believes they are of a financing-related nature, and that such activities constitute a significant share of the bank's overall business.

            • LR-1.2.7

              In the case of new applicants, the above assessment is made based on the financial projections and business plan provided as part of the license application. Where existing licensees cease to satisfy the condition contained in Rule LR-1.2.5, the BMA will initiate discussion with the licensee as to the appropriateness of their license category; this may result in the licensee being required to change its license category.

            • LR-1.2.8

              The purpose of Rule LR-1.2.5 is to ensure that, besides the activity of accepting Shari'a money placements/deposits, and managing Shari'a profit sharing investment accounts, that the core banking activity of providing finance also forms part of the definition of Islamic retail bank licensees, and accounts for a significant share of their business, in keeping with their intermediation function.

          • Islamic Wholesale Bank Licensees

            • LR-1.2.9

              Islamic wholesale bank licensees are allowed to transact with residents of the Kingdom of Bahrain (irrespective of currency), and in Bahraini Dinar (irrespective of the location of the counterparty), subject to the conditions and exemptions specified in Rules LR-1.2.13, LR-1.2.15, LR-1.2.17 and LR-1.2.19. Foreign currency transactions with non-residents are not subject to these conditions.

            • LR-1.2.10

              The effect of Rule LR-1.2.9 is to limit the on-shore/Bahraini Dinar customer business of Islamic wholesale bank licensees to larger transactions. By definition, their on-shore client base is therefore wholesale in nature (i.e. other banks, large corporates and high net-worth individuals).

            • LR-1.2.11

              To qualify as an Islamic wholesale bank licensee, the person concerned must undertake (as a minimum), the activity of accepting Shari'a money placements/deposits and/or managing Shari'a profit sharing investment accounts (as defined in Rules LR-1.3.16 and LR-1.3.17), together with the activity of offering Shari'a financing contracts (as defined in Rule LR-1.3.18).

            • LR-1.2.12

              The purpose of Rule LR-1.2.11 is to ensure that the core Islamic banking activities of accepting Shari'a money placements/deposits, and managing Shari'a profit sharing investment accounts, form part of the definition of Islamic wholesale bank licensees. However, unlike Islamic retail bank licensees, there is no requirement that the activity of providing Shari'a financing contracts must be a significant part of the bank's business, relative to other activities. This is to allow Islamic wholesale bank licensees greater flexibility as to the nature of their activities; it also recognises that, because of the wholesale nature of their client base, there is less need to limit the scale of non-credit related risks to which their depositors and profit sharing investors may be exposed. Rule LR-1.2.11 does not in any way prevent Islamic wholesale bank licensees from providing Shari'a-compliant finance as a major activity, should they wish to.

            • LR-1.2.13

              Islamic wholesale bank licensees may transact with residents of Bahrain and/or in Bahrain Dinar, with respect to the activities (a) and (b) listed in Rule LR-1.3.1, only where the individual transaction is BD 7 million or above (or its foreign currency equivalent).

            • LR-1.2.14

              To comply with Rule LR-1.2.13, the initial amount taken as a placement/deposit must be BD 7 million or above (or its equivalent in foreign currency); however, subsequent additions and withdrawals from the account may be for any amount. The initial amount taken as deposit may be split between different types of accounts (e.g. call, 3-month and 6-month accounts) — providing at least BD 7 million is taken from the customer on the same day and the bank's records can demonstrate this. Where subsequent withdrawals lead to a zero balance on an account (or the aggregate of accounts where more than one was originally opened), then a further BD 7 million must be deposited to re-start the 'wholesale' relationship, before additional deposits for smaller amounts may be made.

            • LR-1.2.15

              Similarly, with respect to Shari'a-compliant financing transactions, the initial facility amount advised must be BD 7 million or above (or its equivalent); but drawdowns (and repayments) under the facility may be for any amount, as may any subsequent changes to the facility amount. If the facility is fully repaid, then a further BD 7 million transaction must be agreed in order to re-start the 'wholesale' relationship.

            • LR-1.2.16

              Islamic wholesale bank licensees may transact with residents of Bahrain and/or in Bahrain Dinar, with respect to the activities (c) to (j) listed in Rule LR-1.3.1, only where the initial transaction is US$ 250,000 or above (or its foreign currency equivalent), and where the financial instruments concerned are Shari'a compliant.

            • LR-1.2.17

              With respect to activity (c) (managing Shari'a profit sharing investment accounts), the threshold refers to the initial amount placed as an investment. With respect to activities (d) and (e) (dealing in financial instruments as principal / agent), the threshold refers to the individual transaction size. With respect to activities (f) and (g) (managing / safeguarding financial instruments), the threshold refers to the initial investment amount. With respect to activity (h), (operating a Collective Investment Undertaking), the threshold refers to the minimum investment required for participation in the scheme. With respect to activities (i) and (j) (arranging / advising on deals in financial instruments) the threshold refers to the size of the deal arranged or of the investment on which advice is being given.

            • LR-1.2.18

              Note that the threshold with respect to activities (c), (d) and (e) applies to the initial investment amount: where a subsequent distribution to a client, or a reduction in the mark to market value of the investment, reduces the initial investment amount below US$ 250,000, it is still considered a wholesale transaction. The threshold in Rule LR-1.2.16 applies to a client even if the same client satisfies the BD 7m threshold in Rule LR-1.2.13, with respect to money placement /financing activities. Finally, the initial amount taken as an investment may be split between two or more investment products — providing at least US$ 250,000 is taken from the customer on the same day and the bank's records can demonstrate this.

            • LR-1.2.19

              Islamic wholesale bank licensees may only undertake activities (k) and (l) listed in Rule LR-1.3.1, on behalf of residents of Bahrain and/or in Bahrain Dinar, where the customer concerned meets either of the thresholds specified in LR-1.2.13 or LR-1.2.16 (in which case, activities (k) and (l) may be undertaken for any amount).

            • LR-1.2.20

              Notwithstanding Rules LR-1.2.13, LR-1.2.16 and LR-1.2.19, Islamic wholesale bank licensees are allowed to transact in Bahraini Dinar (or any other currency) for any amount with the Government of Bahrain, Bahrain public sector entities (as defined in the guidelines for completion of the PIRI Form), and BMA bank licensees. Islamic wholesale bank licensees may also transact in Bahraini Dinar for any amount, where required to fund their normal operating expenses; when investing for their own account in securities listed on the Bahrain Stock Exchange.

            • LR-1.2.21

              Any transactions entered into prior to 1 July 2006, which may be in breach of the conditions specified in Rules LR-1.2.13, LR-1.2.16 and LR-1.2.19, must be notified to the BMA. These transactions will be allowed to mature.

            • LR-1.2.22

              Since the Islamic wholesale bank licensee regime represents an easing of the restrictions on on-shore business that previously applied to offshore bank licensees (i.e. OBUs and IBLs), there should be few transactions of the type specified in Rule LR-1.2.21 — they are likely to exist only where individual ad-hoc exemptions may have been previously granted by BMA, and these exemptions went further than those now being applied across the board to all Islamic wholesale bank licensees.

            • LR-1.2.23

              Islamic wholesale bank licensees wishing to undertake transactions of the type specified in Rules LR-1.2.13, LR-1.2.16 or LR-1.2.19 must seek prior written BMA approval.

            • LR-1.2.24

              The approval requirement in Rule LR-1.2.23 only has to be made once, prior to the licensee starting to undertake such transactions. Its purpose is to allow BMA to monitor the initiation of such business by Islamic wholesale bank licensees, and to check that adequate systems and controls have been in place, so that such transactions are likely to be well managed. In addition, it is to allow, where relevant, for the necessary arrangements to be made to ensure that Islamic wholesale bank licensees comply with the BMA's reserve requirements (which apply to deposit liabilities denominated in Bahraini Dinars — see LR-2.5.10).

            • LR-1.2.25

              Islamic wholesale bank licensees unclear about the interpretation of the conditions specified in Rules LR-1.2.13, LR-1.2.16 and LR-1.2.19 must consult the BMA, prior to undertaking the transaction concerned.

            • LR-1.2.26

              BMA may publish additional interpretative guidance on the above conditions, in response to licensees' queries. The minimum thresholds specified under Rules LR-1.2.13 and LR-1.2.16 will be kept under review by BMA and may be amended in response to market developments.

        • LR-1.3 LR-1.3 Definition of Regulated Islamic Banking Services

          • LR-1.3.1

            Regulated Islamic banking services are any of the following activities, carried on by way of business:

            (a) Accepting Shari'a money placements/deposits
            (b) Offering Shari'a Financing Contracts
            (c) Managing Shari'a profit sharing investment accounts
            (d) Dealing in Shari'a compliant financial instruments as principal
            (e) Dealing in Shari'a compliant financial instruments as agent
            (f) Managing Shari'a compliant financial instruments
            (g) Safeguarding Shari'a compliant financial instruments
            (h) Operating a Shari'a compliant Collective Investment Undertaking
            (i) Arranging deals in Shari'a compliant financial instruments
            (j) Advising on Shari'a compliant financial instruments
            (k) Providing money exchange/remittance services
            (l) Issuing/ administering means of payment.

          • LR-1.3.2

            Upon application, the BMA may exclude specific transactions from the definition of regulated Islamic banking services.

          • LR-1.3.3

            The BMA will normally only consider granting such an exemption when a Bahrain resident is unable to obtain a specific product in Bahrain and it would be unreasonable to require the overseas provider of that product to be licensed for that specific transaction, and the provider has no intention of regularly soliciting such business in Bahrain.

          • LR-1.3.4

            For the purposes of Rule LR-1.3.1, carrying on a regulated Islamic banking service by way of business means:

            (a) undertaking for commercial gain, at a minimum, either or both of the activities of accepting Shari'a money placements/deposits and managing Shari'a profit sharing investment accounts, together with the activity of offering Shari'a financing contracts; in addition, any of the remaining activities specified in Rule LR-1.3.1 may also be undertaken;
            (b) holding oneself out as willing and able to engage in such activities; or
            (c) regularly soliciting other persons to engage in transactions constituting such activities.

          • LR-1.3.5

            Licensees should note that they may still undertake activities falling outside the definition of regulated Islamic banking services, such as investing in physical commodities — subject to Rule LR-1.1.11. The fact that an activity is not included in the definition of regulated Islamic banking services does not mean that it is prohibited. In transitioning to the new licensing framework, BMA will be closely liaising with licensees to ensure that no disruption occurs to their legitimate business activities.

          • LR-1.3.6

            Licensees should note that the same legal entity cannot combine regulated Islamic banking services with other regulated services, such as regulated insurance services. However, different legal entities within the same group may of course each hold a different license (e.g. banking and insurance).

          • General exclusions

            • LR-1.3.7

              A person does not carry on an activity constituting a regulated Islamic banking service if the activity:

              (a) is carried on in the course of a business which does not ordinarily constitute the carrying on of financial services;
              (b) may reasonably be regarded as a necessary part of any other services provided in the course of that business; and
              (c) is not remunerated separately from the other services.

            • LR-1.3.8

              For example, the holding of money as a rent-guarantee in connection with the rental of a property would not be considered a regulated Islamic banking service, since it satisfies the exemptions in Rule LR-1.3.7.

            • LR-1.3.9

              A person does not carry on an activity constituting a regulated Islamic banking service if the person is a body corporate and carries on that activity solely with or for other bodies corporate that are members of the same group.

            • LR-1.3.10

              A person does not carry on an activity constituting a regulated Islamic banking service if such person carries on an activity with or for another person, and they are both members of the same family.

            • LR-1.3.11

              A person does not carry on an activity constituting a regulated Islamic banking service if the sole or main purpose for which the person enters into the transaction is to limit any identifiable risks arising in the conduct of his business, providing the business conducted does not itself constitute a regulated activity.

            • LR-1.3.12

              For example, commercial companies entering into bay salam or istisna transactions in order to protect themselves against future fluctuations in the price of their products, would not be considered to be dealing in financial instruments as principal, and would not therefore require to be licensed as an Islamic bank licensee.

            • LR-1.3.13

              A person does not carry on an activity constituting a regulated Islamic banking service if that person enters into that transaction solely as a nominee for another person, and acts under instruction from that other person.

            • LR-1.3.14

              A person does not carry on an activity constituting a regulated Islamic banking service if that person is a government body charged with the management of financial instruments on behalf of a government or public body.

            • LR-1.3.15

              A person does not carry on an activity constituting a regulated Islamic banking service if that person is an exempt person, as specified by Royal decree.

          • Accepting Shari'a money placements/deposits

            • LR-1.3.16

              Accepting Shari'a money placements is defined as the acceptance of sums of money for safe-keeping ('al-wadia', 'q'ard') in a Shari'a compliant framework, under which it will be repaid, either on demand or in circumstances agreed by the parties involved, and which is not referable to the giving of security.

          • Managing Shari'a profit sharing investment accounts

            • LR-1.3.17

              Managing a Shari'a profit sharing investment account is defined as managing an account, portfolio or fund, whereby a sum of money is placed with the service provider on terms that a return will be made according to an agreed Shari'a compliant profit-sharing arrangement, such as a mudaraba or musharaka partnership.

          • Offering Shari'a Financing Contracts

            • LR-1.3.18

              Offering Shari'a financing contracts is defined as entering into, or making arrangement for another person to enter into, a contract to provide finance in accordance with Shari'a principles, such as murabaha, bay muajjal, bay salam, ijara wa iktina and istisna'a contracts.

          • Dealing in Shari'a compliant financial instruments as principal

            • LR-1.3.19

              Dealing in Shari'a compliant financial instruments as principal means buying, selling, subscribing for or underwriting any Shari'a compliant financial instrument on own account.

            • LR-1.3.20

              Rule LR-1.3.22 includes the underwriting of equity and other financial instruments. It also includes the temporary sale of a financial instrument through a repo transaction.

            • LR-1.3.21

              A person does not carry on an activity specified in Rule LR-1.3.19 if the activity relates to the person issuing his own financial instrument.

          • Dealing in Shari'a compliant financial instruments as agent

            • LR-1.3.22

              Dealing in Shari'a compliant financial instruments as agent means buying, selling, subscribing for or underwriting Shari'a compliant financial instruments on behalf of a client.

            • LR-1.3.23

              A licensee that carries on an activity of the kind specified by Rule LR-1.3.22 does not determine the terms of the transaction and does not use its own financial resources for the purpose of funding the transaction. Such a licensee may however receive or hold assets in connection with the transaction, in its capacity as agent of its client.

          • Managing Shari'a Compliant Financial Instruments

            • LR-1.3.24

              Managing Shari'a compliant financial instruments means managing on a discretionary basis Shari'a compliant financial instruments on behalf of another person.

            • LR-1.3.25

              The activities included under the definition of Rule LR-1.3.24 include activities such as asset management.

          • Safeguarding Shari'a Compliant Financial Instruments (i.e. Custodian)

            • LR-1.3.26

              Safeguarding Shari'a compliant financial instruments means the safeguarding of Shari'a compliant financial instruments for the account of clients.

            • LR-1.3.27

              A person does not carry on an activity specified in Rule LR-1.3.26 if the person receives documents relating to a financial instrument for the purpose of onward transmission to, from or at the direction of the person to whom the financial instrument belongs; or else is simply providing a physical safekeeping service such as a deed box.

            • LR-1.3.28

              A person does not carry on an activity specified in Rule LR-1.3.26 if a third person, namely a qualifying custodian, accepts responsibility with regard to the financial instrument.

            • LR-1.3.29

              A "qualifying custodian" means a person who is:

              (a) a licensee who has permission to carry on an activity of the kind specified in Rule LR-1.3.26; or
              (b) an exempt person in relation to activities of that kind.

            • LR-1.3.30

              A person does not carry on an activity specified in Rule LR-1.3.26 if they are managing a central depository, which is part of an exchange recognised by BMA.

            • LR-1.3.31

              The following are examples of activities, when taken in isolation, are unlikely to be regarded an activity of the kind specified under Rule LR-1.3.26:

              (a) providing information as to the number of units or the value of any assets safeguarded; and
              (b) converting currency.

            • LR-1.3.32

              A person undertaking an activity of the kind specified under Rule LR-1.3.26 may also be engaged in the administration of the financial instruments, including related services such as cash/ collateral management.

          • Operating a collective investment undertaking

            • LR-1.3.33

              Operating a collective investment undertaking means operating, establishing or winding up a collective investment undertaking.

            • LR-1.3.34

              For the purposes of LR-1.3.33, a collective investment undertaking means any arrangements, authorised by or registered with the BMA, with respect to property of any description, including money, the purpose or effect of which is to enable persons taking part in the arrangements to participate in or receive profits or income arising from the acquisition, holding or disposal of the property or sums paid out of such profits or income.

            • LR-1.3.35

              A person does not carry on an activity specified in Rule LR-1.3.33 if the activity relates to the person establishing or winding up a collective investment undertaking, and that activity may be reasonably regarded as necessary in the course of providing legal services or providing accounting services.

            • LR-1.3.36

              Collective investment undertakings of the kind specified in Rule LR-1.3.33 may be open-ended (i.e. with shares continuously issued and redeemed to meet investor demand) or closed-ended (where there is a single issue of shares and investors can only realise their investments on the winding-up of the fund).

          • Arranging deals in Shari'a compliant financial instruments

            • LR-1.3.37

              Arranging deals in Shari'a compliant financial instruments means making arrangements with a view to another person, whether as principal or agent, buying, selling, subscribing for or underwriting deals in Shari'a compliant financial instruments.

            • LR-1.3.38

              A person does not carry on an activity specified in Rule LR-1.3.37 if the arrangement does not bring about the transaction to which the arrangement relates.

            • LR-1.3.39

              A person does not carry on an activity specified in Rule LR-1.3.37 if a person's activities are limited solely to introducing clients to licensees.

            • LR-1.3.40

              The exclusion in Rule LR-1.3.39 does not apply if the agent receives from any person, other than the client, any pecuniary reward or other advantage, for which he does not account to the client, arising out of his entering into the transaction. Thus, if A receives a commission from B for arranging credit or deals in investment for C, the exclusion in Rule LR-1.3.42 does not apply.

            • LR-1.3.41

              A person does not carry on an activity specified in Rule LR-1.3.37 merely by providing the means of communication between two parties to a transaction.

            • LR-1.3.42

              A person does not carry on an activity specified in Rule LR-1.3.37 if they operate an exchange, duly recognised and authorised by the BMA.

            • LR-1.3.43

              Negotiating terms for an investment on behalf of a client is an example of an activity which maybe regarded as activities of the kind specified in Rule LR-1.3.37.

            • LR-1.3.44

              The following are examples of activities, when taken in isolation, are unlikely to be regarded as an activity of the kind specified in Rule LR-1.3.37:

              (a) appointing professional advisers;
              (b) preparing a prospectus/business plan;
              (c) identifying potential sources of funding;
              (d) assisting investors/subscribers/borrowers to complete and submit application forms; or
              (e) receiving application forms for processing/checking and/or onward transmission.

          • Advising on deals in Shari'a compliant financial instruments

            • LR-1.3.45

              Advising on Shari'a compliant financial instruments means giving advice to an investor or potential investor (or a person in his capacity as an agent for an investor or potential investor) on the merits of buying, selling, subscribing for or underwriting a particular Shari'a compliant financial instrument or exercising any right conferred by such a financial instrument.

            • LR-1.3.46

              The following are examples of activities, which may be regarded as an activity as defined by Rule LR-1.3.45:

              (a) a person may offer to tell a client when shares reach a certain value on the basis that when the price reaches that value it would be a good time to buy or sell them;
              (b) recommendation on the size or timing of transactions; and
              (c) advice on the suitability of the financial instrument, or on the characteristics or performance of the financial instrument or credit facility concerned.

            • LR-1.3.47

              A person does not carry on an activity specified in Rule LR-1.3.45 by giving advice in any newspaper, journal, magazine, broadcast services or similar service in any medium if the principal purpose of the publication or service, taken as a whole, is neither:

              (a) that of giving advice of the kind mentioned in Rule LR-1.3.45; nor
              (b) that of leading or enabling persons to buy, sell, subscribe for or underwrite a financial instrument.

            • LR-1.3.48

              The following are examples of activities, when taken in isolation, are unlikely to be regarded as an activity as defined by Rule LR-1.3.45:

              (a) explaining the structure, or the terms and conditions of a financial instrument or credit facility;
              (b) valuing financial instruments for which there is no ready market;
              (c) circulating company news or announcements;
              (d) comparing the benefits and risks of one financial instrument to another; and
              (e) advising on the likely meaning of uncertain provisions in an agreement relating to, or the terms of, a financial instrument or on the effect of contractual terms and their commercial consequences or on terms that are commonly accepted in the market.

          • Providing money exchange / remittance services

            • LR-1.3.49

              Means providing exchange facilities between currencies, and the provision of wire transfer or other remittance services.

          • Issuing / administering means of payment

            • LR-1.3.50

              Means the selling or issuing of payment instruments, or the selling or issuing of stored value (e.g. credit cards, travellers' cheques, electronic purses).

      • LR-2 LR-2 Licensing Conditions

        • LR-2.1 LR-2.1 Condition 1: Legal Status

          • LR-2.1.1

            The legal status of an Islamic bank licensee must be:

            (i) a Bahraini joint stock company (BSC); or
            (ii) a branch resident in Bahrain of an Islamic bank incorporated under the laws of its territory of incorporation and authorized as a bank in that territory.

          • LR-2.1.2

            Where the Islamic bank licensee is a branch of an overseas bank, in deciding whether to grant a license, the BMA will pay close regard to its activities elsewhere and how these activities are regulated. If the Islamic bank licensee is not regulated elsewhere or in a jurisdiction not substantially compliant with Basel Core Principles or FATF standards, then an application for licensing can only be considered after exhaustive enquiries into the bank's shareholders, management structure and financial position.

        • LR-2.2 LR-2.2 Condition 2: Mind and Management

          • LR-2.2.1

            Islamic bank licensees with their Registered Office in the Kingdom of Bahrain must maintain their Head Office in the Kingdom. Overseas Islamic bank licensees must maintain a local management presence and premises in the Kingdom appropriate to the nature and scale of their activities.

          • LR-2.2.2

            In assessing the location of an Islamic bank licensee's Head Office, the BMA will take into account the residency of its Directors and senior management. The BMA requires the majority of key decision makers in executive management — including the Chief Executive — to be resident in Bahrain. In the case of overseas Islamic bank licensees, the BMA requires the branch of a foreign company to have a substantive presence, demonstrated by a level of staff and other resources sufficient to ensure adequate local scrutiny and control over business booked in the Bahrain branch, as well as the General Manager of the branch to be resident in Bahrain.

        • LR-2.3 LR-2.3 Condition 3: Controllers

          • LR-2.3.1

            Islamic bank licensees must satisfy the BMA that their controllers are suitable and pose no undue risks to the licensee. Islamic bank licensees must also satisfy the BMA that their group structures do not prevent the effective supervision of the Islamic bank licensee by the BMA and otherwise pose no undue risks to the licensee.

          • LR-2.3.2

            Chapter GR-5 contains the BMA's requirements and definitions regarding controllers.

          • LR-2.3.3

            In summary, controllers are persons who directly or indirectly are significant shareholders in an Islamic bank licensee, or who are otherwise able to exert significant influence on the Islamic bank licensee. The BMA seeks to ensure that controllers pose no significant risks to the licensee. In general terms, controllers are assessed in terms of their financial standing, their judicial and regulatory record, and standards of business and (where relevant) personal probity.

          • LR-2.3.4

            As regards group structures, the BMA seeks to ensure that these do not prevent adequate consolidated supervision being applied to financial entities within the group, and that other group entities do not pose any material financial, reputational or other risks to the licensee.

          • LR-2.3.5

            In all cases, when judging applications from existing groups, the BMA will have regard to the reputation and financial standing of the group as a whole. Where relevant, the BMA will also take into account the extent and quality of supervision applied to overseas members of the group and take into account any information provided by other supervisors in relation to any member of the group.

        • LR-2.4 LR-2.4 Condition 4: Board and Employees

          • LR-2.4.1

            Those nominated to carry out controlled functions must satisfy BMA's approved persons requirements.

          • LR-2.4.2

            The definition of controlled functions is contained in HC-2.1, whilst HC-2.2 sets out BMA's approved persons requirements.

          • LR-2.4.3

            The Islamic bank licensee's staff, taken together, must collectively provide a sufficient range of skills and experience to manage the affairs of the licensee in a sound and prudent manner. Islamic bank licensees must ensure their employees meet any training and competency requirements specified by the BMA.

        • LR-2.5 LR-2.5 Condition 5: Financial Resources

          • Capital Adequacy

            • LR-2.5.1

              Islamic bank licensees must maintain a level of financial resources, as agreed with the BMA, adequate for the level of business proposed. The level of financial resources held must at all times meet the minimum risk-based requirements contained in Module CA (Capital Adequacy), as specified for the category of banking license held.

            • LR-2.5.2

              Islamic bank licensees must maintain a minimum level of paid-up capital of BD 20,000,000 (or its equivalent in foreign currency, where legally permitted and agreed with BMA).

            • LR-2.5.3

              Persons seeking a license as an Islamic bank licensee must submit a 3-year business plan, with financial projections. Their proposed level of paid-up capital must be sufficient to cover expected regulatory capital requirements over that period, based on projected activities.

            • LR-2.5.4

              In practice, applicants seeking an Islamic bank license are likely to be required to hold significantly more capital than the minimum paid-up capital specified in Rule LR-2.5.2.

            • LR-2.5.5

              Overseas banking applicants are required to provide written confirmation from their head office that the head office will provide financial support to the branch sufficient to enable it to meet its obligations as and when they fall due. Overseas banking applicants must also demonstrate that the bank as a whole is adequately resourced for the amount of risks underwritten, and that it and its group meet capital adequacy standards applied by its home supervisor.

            • LR-2.5.6

              For Bahraini Islamic bank licensees, funds placed with the bank by way of call and/or unrestricted investment accounts (or similar) must not exceed 20 times their capital and reserves. For overseas Islamic wholesale bank licensees, endowment capital may be required.

            • LR-2.5.7

              Factors taken into account in setting endowment capital for branches includes the financial strength of the parent company, the quality of its risk management, and the nature and scale of the Bahrain operations of the branch.

          • Liquidity

            • LR-2.5.8

              Islamic bank licensees must maintain sufficient liquid assets to meet their obligations as they fall due in the normal course of their business. Islamic bank licensees must agree a liquidity management policy with the BMA.

            • LR-2.5.9

              The BMA would normally expect the mark-to-market value of assets that could be readily realized at short-notice, to exceed 25% of deposit liabilities at all times. Liquidity arrangements may vary, however, particularly for overseas conventional banks, as agreed with BMA and documented in the liquidity management policy.

          • Reserve Requirements

            • LR-2.5.10

              Islamic bank licensees must maintain a minimum daily cash reserve balance with the BMA, equivalent to 5% of its total non-bank Bahraini Dinar funds, whether placed by way of call or unrestricted investment accounts (or similar), as well as taken through the issuance of Bahraini Dinar denominated Islamic investment certificates.

        • LR-2.6 LR-2.6 Condition 6: Systems and Controls

          • LR-2.6.1

            Islamic bank licensees must maintain systems and controls that are, in the opinion of the BMA, adequate for the scale and complexity of their activities. These systems and controls must meet the minimum requirements contained in Modules HC and OM.

          • LR-2.6.2

            Islamic bank licensees must maintain systems and controls that are, in the opinion of the BMA, adequate to address the risks of financial crime occurring in the licensee. These systems and controls must meet the minimum requirements contained in Module FC, as specified for the category of license held.

          • LR-2.6.3

            Applicants will be required to demonstrate in their business plan (together with any supporting documentation) what risks their business would be subject to and how they would manage those risks. Applicants may be asked to provide an independent assessment of the appropriateness of their systems and controls to the BMA, as part of the license approval process.

        • LR-2.7 LR-2.7 Condition 7: External Auditors

          • LR-2.7.1

            Islamic bank licensees must appoint external auditors, subject to BMA's prior approval. The minimum requirements regarding auditors contained in Module AU (Auditors and Accounting Standards) must be met.

          • LR-2.7.2

            Applicants must submit details of their proposed external auditors to the BMA as part of their license application.

        • LR-2.8 LR-2.8 Condition 8: Other Requirements

          • Books and Records

            • LR-2.8.1

              Islamic bank licensees must maintain comprehensive books of accounts and other records, and satisfy the minimum record keeping requirements contained in Module GR. Books of accounts must comply with the Financial Accounting Standards issued by the accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI), or with International Financial Reporting Standards (IFRS) / International Accounting Standards (IAS), where no relevant AAOIFI standard exists. Audited accounts must be submitted to the BMA within 3 months of the licensee's financial year-end.

          • Provision of Information

            • LR-2.8.2

              Islamic bank licensees must act in an open and cooperative manner with the BMA. Islamic bank licensees must meet the regulatory reporting and public disclosure requirements contained in Modules BR and PD respectively.

          • General Conduct

            • LR-2.8.3

              Islamic bank licensees must conduct their activities in a professional and orderly manner, in keeping with good market practice. Islamic bank licensees must comply with the general standards of business conduct contained in Module PB, as well as the standards relating to treatment of customers contained in Modules BC and CM.

          • License fees

            • LR-2.8.4

              Islamic bank licensees must comply with any license fee requirements applied by the BMA.

            • LR-2.8.5

              The BMA's license fees are set out in Chapter GR-8.

          • Additional Conditions

            • LR-2.8.6

              Islamic bank licensees must comply with any other specific requirements or restrictions imposed by the BMA on the scope of their license.

            • LR-2.8.7

              Bank licensees are subject to the provisions of the BMA Law 1973. These include the right of the BMA to impose such terms and conditions, as it may deem necessary when issuing a license. Thus, when granting a license, the BMA specifies the regulated banking services that the licensee may undertake. Licensees must respect the scope of their license. LR-3.2 sets out the process for varying the scope of an authorisation, should a licensee wish to undertake new activities.

            • LR-2.8.8

              In addition, the BMA may impose additional restrictions or requirements, beyond those already specified in Volume 2, to address specific risks. For instance, a license may be granted subject to strict limitations on intra-group transactions.

            • LR-2.8.9

              Islamic retail bank licensees are subject to the deposit protection scheme of eligible deposits held with the Bahrain offices of the licensee, with respect to certain of their liabilities (see Chapter CP-2).

      • LR-3 LR-3 Information Requirements and Processes

        • LR-3.1 LR-3.1 Licensing

          • LR-3.1.1

            The application process for an Islamic bank license consists of two parts: Phase 1 and Phase 2. For Phase 1, applicants for a license must submit a duly completed Form 1 (Phase 1) (Application for a License), under cover of a letter signed by an authorized signatory of the applicant marked for the attention of the Director, Licensing and Policy Directorate. The application must be accompanied by the documents listed in Paragraph LR-3.1.5, unless otherwise directed by the BMA.

          • LR-3.1.2

            If, after submission of a duly completed Form 1 (Phase 1) and associated documents, an applicant is granted a conditional (in principle) approval for a license, the applicant must submit Form 1 (Phase 2), together with the documents referred to in Paragraph LR-3.1.10.

          • LR-3.1.3

            When referring to the applicant, reference is made to the proposed licensee seeking an Islamic bank license. The applicant may choose to have an authorized representative, acting on its behalf. In instances where the applicant uses an authorized representative, the application form should provide all details regarding the authorized representative and is to be signed by both the applicant and authorized representative.

          • LR-3.1.4

            Islamic bank licensees, who were licensed prior to the publication of the new LR Module of Volume 2, do not need to resubmit an application for a license. Their license category, and the scope of their authorization, will be confirmed in an exchange of letters, and by re-issuing their license certificate.

          • LR-3.1.5

            Unless otherwise directed by the BMA, the following documents must be provided as Part of Phase 1 in support of a license application:

            (a) a duly completed Form 2 (Application for Authorisation of Controller) for each controller of the proposed licensee;
            (b) a duly completed Form 3 (Application for Approved Person status), for each proposed Director of the proposed licensee;
            (c) a comprehensive business plan for the application, addressing the matters described in LR-3.1.6;
            (d) for overseas banks, a copy of the bank's current commercial registration or equivalent documentation;
            (e) where the applicant is a registered institution, a copy of the applicant's commercial registration;
            (f) where the applicant is a corporate body, a certified copy of a Board resolution of the applicant, confirming its decision to seek a BMA Islamic bank license;
            (g) in the case of applicants that are part of a regulated group, a letter of non-objection to the proposed license application from the applicant's home supervisor, together with confirmation that the group is in good regulatory standing and is in compliance with applicable supervisory requirements, including those relating to capital adequacy and solvency requirements;
            (h) in the case of overseas branch applicants, a letter of non-objection to the proposed license application from the applicant's home supervisor, together with confirmation that the applicant is in good regulatory standing and is in compliance with applicable supervisory requirements, including those relating to capital adequacy requirements;
            (i) in the case of branch applicants, copies of the audited financial statements of the applicant (head office) for the three years immediately prior to the date of application; and
            (j) in the case of other applicants, copies of the audited financial statements of the applicant's major shareholder and/or group (as directed by the BMA), for the three years immediately prior to the date of application.

          • LR-3.1.6

            The business plan submitted in support of an application should explain:

            (a) an outline of the history of the applicant and its shareholders;
            (b) the reasons for applying for a license, including the applicant's strategy and market objectives;
            (c) the proposed type of activities to be carried on by the applicant in/from the Kingdom of Bahrain;
            (d) the proposed Board and senior management of the applicant and the proposed organisational structure of the applicant;
            (e) an assessment of the risks that may be faced by the applicant, together with the proposed systems and controls framework to be put in place for addressing those risks and to be used for the main business functions; and
            (f) an opening balance sheet for the applicant, together with a three-year financial projection, with all assumptions clearly outlined, demonstrating that the applicant will be able to meet applicable capital adequacy and liquidity requirements.

          • LR-3.1.7

            The applicant's memorandum and articles of association must explicitly provide for it to undertake the activities proposed in the licensed application, and must preclude the applicant from undertaking other commercial activities, unless these arise out of its banking activities or are incidental to those.

          • LR-3.1.8

            In the case of a new bank's capital being financed by a private placement, the Private Placement Memorandum must also be submitted to BMA for its approval as part of the Phase 2 documentation.

          • LR-3.1.9

            The purpose of Rule LR-3.1.8 is to allow BMA to verify that the contents of the Private Placement Memorandum are consistent with other information supplied to BMA, notably in the business plan, and otherwise meets any applicable regulatory requirements with respect to PPM documents. The BMA's review of the PPM does not in any way constitute an approval or endorsement as to any claims it may contain as to the future value of the proposed bank.

          • LR-3.1.10

            As part of Phase 2 of the licensing application process, unless otherwise directed by the BMA, the following documents and information must be provided:

            (a) a duly completed Form 3 (Application for Approved Person status), for each individual, (other than for Directors, submitted as part of Phase 1) applying to undertake controlled functions in the applicant;
            (b) a draft copy of the applicant's memorandum and articles of association, addressing the matters described in LR-3.1.7;
            (c) a letter of guarantee from the applicant's major shareholder, confirming its willingness to support the proposed licensee in case of need; and
            (d) in the case of overseas branch applicants, a letter of guarantee from the applicant's head office, confirming responsibility for all of the liabilities of the proposed branch, together with evidence of the power to give such a guarantee.

          • LR-3.1.11

            All documentation provided to the BMA as part of an application for a license must be in either the Arabic or English languages. Any documentation in a language other than English or Arabic must be accompanied by a certified English or Arabic translation thereof.

          • LR-3.1.12

            Any material changes or proposed changes to the information provided to the BMA in support of an authorisation application that occurs prior to authorisation must be reported to the BMA.

          • LR-3.1.13

            Failure to inform BMA of the changes specified in LR-3.1.12 is likely to be viewed as a failure to provide full and open disclosure of information, and thus a failure to meet licensing condition LR-2.8.2.

          • LR-3.1.14

            As part of the Phase 1 review of application process, the BMA will provide a formal decision on a license application within 60 calendar days of all required documentation having been submitted in a form acceptable to the BMA. Once an "in principal" approval has been granted for Phase 1, the applicant must submit within 6 months of the "in principal" approval, all requirements for Phase 2 as outlined in Paragraph LR-3.1.10. The BMA will provide a final decision within 30 calendar days of all Phase 2 documentation having been submitted in a form acceptable to the BMA. Applicants are encouraged to approach the BMA to discuss their application at an early stage, so that any specific questions can be dealt with prior to the finalisation of the application.

          • LR-3.1.15

            Within 6 months of the license being issued, the new licensee must provide to the BMA:

            (a) a detailed action plan for establishing the operations and supporting infrastructure of the bank, such as the completion of written policies and procedures, and recruitment of remaining employees (having regard to the time limit set by Article 66 of the BMA Law 1973);
            (b) the registered office address and details of premises to be used to carry out the business of the proposed licensee;
            (c) the address in the Kingdom of Bahrain where full business records will be kept;
            (d) the licensee's contact details including telephone and fax number, e-mail address and website;
            (e) a description of the business continuity plan;
            (f) a description of the IT system that will be used, including details of how IT systems and other records will be backed up;
            (g) a copy of the auditor's acceptance to act as auditor for the applicant;
            (h) a copy of the Ministry of Industry & Commerce commercial registration certificate; and
            (i) other information as may be specified by the BMA.

          • LR-3.1.16

            Applicants issued new licenses by the BMA must start operations within 6 months of the license being issued, as per Article 66 of the BMA Law 1973.

          • LR-3.1.17

            Applicants who are refused a license have a right of appeal under the provisions contained in Article 68 of the BMA Law 1973.

        • LR-3.2 LR-3.2 Variations to a License

          • LR-3.2.1

            Islamic bank licensees must seek prior BMA approval before undertaking new regulated Islamic banking services.

          • LR-3.2.2

            Failure to secure BMA approval prior to undertaking a new regulated activity may lead to enforcement action being taken against the licensee concerned.

          • LR-3.2.3

            In addition to any other information requested by the BMA, and unless otherwise directed by the BMA, an Islamic bank licensee requesting BMA approval to undertake a new regulated Islamic banking service must provide the following information:

            (a) a summary of the rationale for undertaking the proposed new activities;
            (b) a description of how the new business will be managed and controlled;
            (c) an analysis of the financial impact of the new activities; and
            (d) a summary of the due diligence undertaken by the Board and management of the Islamic bank licensee on the proposed new activities.

        • LR-3.3 LR-3.3 Withdrawal of a License

          • Voluntary Surrender

            • LR-3.3.1

              All requests for the voluntary surrender of a license are subject to BMA approval. Such requests must be made in writing to the Executive Director of Banking Supervision, setting out in full the reasons for the request and how the voluntary surrender is to be carried out.

            • LR-3.3.2

              Islamic bank licensees must satisfy BMA that their customers' interests are to be safeguarded during and after the proposed voluntary surrender.

            • LR-3.3.3

              The BMA will only approve a voluntary surrender where it has no outstanding regulatory concerns and any relevant customers' interests would not be prejudiced. A voluntary surrender will not be accepted where it is aimed at pre-empting supervisory actions by the BMA. Also, a voluntary surrender will only take effect once the licensee, in the opinion of the BMA, has discharged all its regulatory responsibilities to customers.

          • Cancellation

            • LR-3.3.4

              Cancellation of a license requires BMA to issue a formal notice of cancellation to the person concerned. The notice of cancellation must describe the BMA's rationale for the proposed cancellation.

            • LR-3.3.5

              Failure to meet the relevant conditions contained in Chapter LR-2 can lead to cancellation of a license. The BMA generally views cancellation of a license as appropriate only in the most serious of circumstances, and generally tries to address supervisory concerns through other means beforehand. Further guidance is contained in Module EN (Enforcement), regarding BMA's approach to enforcement and on the process for issuing a notice of cancellation and the recipient's right to appeal the notice.

            • LR-3.3.6

              Normally, where cancellation of a license has been confirmed by BMA, BMA will only effect the cancellation once a licensee has discharged all its regulatory responsibilities to customers. Until such time, BMA will retain all its regulatory powers with regards to the licensee, and will direct the licensee such that no new regulated banking activity may be undertaken whilst the licensee discharges its obligations to customers.

    • PB PB Principles of Business

      • PB-A PB-A Introduction

        • PB-A.1 PB-A.1 Purpose

          • PB-A.1.1

            The principles are a general statement of the fundamental obligations of all banks.

          • PB-A.1.2

            This module requires banks to establish an adequate system and procedures to ensure:

            (a) compliance with the guidance set forth in this module, and
            (b) that the personnel responsible for maintaining such systems and controls are adequately qualified and competent in discharging their duties.

          • PB-A.1.3

            This module provides support to all regulations provided in this Rulebook.

        • PB-A.2 PB-A.2 Module history

          • PB-A.2.1

            This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.

          • PB-A.2.2

            A list of most recent changes made to this module are detailed in the table below:

            Summary of changes

            Module Ref. Change Date Description of Changes
                 
                 
                 
                 
                 

      • PB-B PB-B Non-compliance with the principles

        • PB-B.1 PB-B.1 Non-compliance

          • PB-B.1.1

            A breach of the principles outlined in this module may call into question whether the Board and management of a licensee with a BMA license are still fit and proper, and whether the licensee may continue to be licensed.

          • PB-B.1.2

            Breaching a principle makes a licensee liable to disciplinary sanctions. In determining whether a principle has been breached it is necessary to look to the standard of conduct required by the principle in question. The BMA will determine, after collating all the relevant information required (through its regulatory reporting authority), whether a licensee is in breach of these principles.

      • PB-1 PB-1 Principles

        • PB-1.1 PB-1.1 Integrity

          • PB-1.1.1

            All relevant persons should be straightforward and honest in their services and conduct. Integrity is not just limited to honesty but also includes fair dealing and full disclosure of all relevant information. Banks' management must safeguard not only the interests of shareholders of the bank, but also those of the Profit Sharing Investment Account (PSIA) holders.

        • PB-1.2 PB-1.2 Objectivity

          • PB-1.2.1

            All relevant persons should be fair and should not allow prejudice, bias, conflict of interest or influence to override their objectivity. Again the bank's management must bear in mind the interests of shareholders and PSIA holders.

        • PB-1.3 PB-1.3 Competence, skill care and due diligence

          • PB-1.3.1

            All relevant persons should perform services with competence, due care and diligence and have a continuing duty to maintain professional knowledge and skill at a level required to ensure that a client or employer receives the advantage of competent professional services based on up-to-date developments in practice, legislation and techniques.

        • PB-1.4 PB-1.4 Confidentiality

          • PB-1.4.1

            All relevant persons should treat client information with the strictest of confidentiality unless disclosure is warranted under specific authority or there is a legal or professional duty to disclose.

        • PB-1.5 PB-1.5 Management and control

          • PB-1.5.1

            The Board of Directors and Shari'a Board (where applicable) and management must take reasonable care to organise and control the affairs of the licensee responsibly and effectively with adequate risk management systems. The organisational structure should be clearly delineated and reporting lines completely transparent to promote full disclosure.

        • PB-1.6 PB-1.6 Market conduct

          • PB-1.6.1

            All relevant persons should observe proper standards of market conduct. In particular, the Agency requires that banks comply with all AAOIFI issued accounting standards as well as the Shari'a pronouncements issued by the Shari'a Board of AAOIFI.

        • PB-1.7 PB-1.7 Communications with client

          • PB-1.7.1

            All relevant persons must pay due regard to the information needs of their clients and communicate information to them in a manner which is clear, fair and not misleading.

        • PB-1.8 PB-1.8 Relationship of trust

          • PB-1.8.1

            All relevant persons must take reasonable care to ensure the suitability of their advice and discretionary decisions for any customer who is entitled to rely upon their judgment.

    • HC HC High Level Controls

      • HC-A HC-A Introduction

        • HC-A.1 HC-A.1 Purpose

          • HC-A.1.1

            This Module presents requirements that have to be met by Islamic bank licensees with respect to:

            (a) the role and composition of their Boards and Board Committees; and
            (b) related high-level controls and policies.

          • HC-A.1.2

            In addition, this Module contains requirements for the notification and pre-approval of individuals, undertaking certain designated functions with respect to Islamic bank licensees. These functions (called "controlled functions"), include Directors and members of senior management. The controlled functions regime supplements the BMA's corporate governance requirements by ensuring that key persons involved in the running of Islamic bank licensees are fit and proper. Those approved by the BMA to undertake controlled functions are called approved persons.

          • HC-A.1.3

            Finally, this Module contains certain notification and approval requirements regarding the use of Special Purpose Vehicles ("SPVs"; see Section HC-1.5).

          • HC-A.1.4

            This Module supplements various provisions relating to corporate governance contained in Legislative Decree No. 21 of 2001, with respect to promulgating the Commercial Companies Law ("Commercial Companies Law 2001"). In case of conflict, the Commercial Companies Law shall prevail. The Module also supplements (for companies listed on the Bahrain Stock Exchange), Stock Exchange regulations that are relevant to corporate governance and high-level controls. Compliance with this Module does not guarantee compliance with either the Commercial Companies Law 2001 or the BSE regulations.

        • HC-A.2 HC-A.2 Key requirements

          • Corporate governance

            • HC-A.2.1

              The Chairman of the Board must be non-executive and independent. The role of Chairman and Chief Executive may not be exercised by the same person. (See Rule HC-1.3.9.)

            • HC-A.2.2

              The Board must approve a code of conduct for itself, senior management and employees, and define the responsibilities of itself and senior management. This should include procedures for dealing with conflicts of interest, and a prohibition on insider trading. (See Paragraphs HC-1.2.9 to HC-1.2.13.)

            • HC-A.2.3

              The Board must meet at least four times per year (see Rule HC-1.3.3).

            • HC-A.2.4

              Boards must have an adequate number of members that are "independent" and "non-executive" to serve the interests of minority shareholders and other stakeholders. (See Paragraphs HC-1.3.5 and HC-1.3.6.)

            • HC-A.2.5

              The Board should consider the setting up of committees to assist it in fulfilling its responsibilities. The setting up of an Audit Committee and a Shari'a Committee is mandatory. (See Paragraphs HC-1.3.10 to HC-1.3.13.)

            • HC-A.2.6

              All licensees must submit their organisational structure as approved by the Board of Directors. All licensees must establish independent functions for Internal Audit and Risk Management.

            • HC-A.2.7

              Islamic bank licensees are required to notify the BMA, in writing, of all major changes (regardless of type and/or effect) proposed to the strategy and/or corporate plan of the bank prior to implementation, as well as of any Special Purpose Vehicle they intend to establish as a subsidiary, or with respect to which they intend to act as sponsor or manager (see Section HC-1.5).

          • Approved Persons

            • HC-A.2.8

              Islamic bank licensees are required to secure prior BMA approval for those persons wishing to undertake a controlled function. Such persons are assessed against BMA's "fit and proper" requirements. Islamic bank licensees must also notify the BMA of any changes in their approved persons. (See Chapter HC-2)

          • Compliance officer/manager

            • HC-A.2.9

              Islamic bank licensees must appoint a senior member of staff with responsibility for compliance. The Compliance Officer is a controlled function. (See Chapter HC-3.1.)

        • HC-A.3 HC-A.3 Module history

          • Evolution of the Module

            • HC-A.3.1

              This Module was first issued in January 2005, as part of the initial release of Volume 2 of the BMA Rulebook. It was dated January 2005. All subsequent changes to this Module are shown with the month and year in which the change was made, at the base of the relevant page and in the Table of Contents. Chapter UG-3 provides further details on Rulebook maintenance and version control.

            • HC-A.3.2

              A list of recent changes made to this Module is shown below:

              Module Ref. Change Date Description of Changes
              HC-1.5 01/07/05 Transparency requirements formalised
              HC-1.6 01/07/05 Notification concerning senior positions/controllers
              HC-1.1, HC-1.2 & HC-1.4 01/10/05 High level controls
              HC-1.5 01/10/05 New SPV requirements
              HC-3.1HC-3.2 01/10/05 Revised compliance function requirements
              HC-1.5.3, HC-1.5.5, & HC-4.1 01/01/06 Revised notification requirements for SPVs and dealing staff
              HC-2, HC-3 and HC-4 01/07/06 Requirements relating to controllers moved to Module GR; Remaining requirements relating to 'fit and proper' re-drafted to ensure consistent terminology and procedures with other Rulebook Volumes (without changing the substance of the previous 'fit and proper' requirements); Requirements relating to dealers incorporated into the 'fit and proper' requirements.

          • Superseded Requirements

            • HC-A.3.3

              Prior to the development of this Rulebook, the BMA issued various circulars covering different aspects of corporate governance. These circulars were consolidated into the first version of this Module as shown below:

              Circular Ref. Date of Issue Module Ref.
              (July 2004 version)
              Circular Subject
              BC/23/99 8 Nov 1999 HC-1 'Enhancing Corporate Governance in Banking Organisations'
              BC/904/95 24 Jul 1995 HC-1.6 Notification to, and approval from the Agency for certain matters
              ODG/329/03 10 Sep 2003 HC-1.6 Corporate Governance Reporting
              BC/11/98 27 Jul 1998 HC-2 Terms and Definitions Applying to the Management of Banks and Financial Institutions
              BC/8/00 24 May 2000 HC-2 Controllers of, and holdings and transfers of significant ownership or controlling interests in, Agency licensees
              BC/13/99 15 Jun 1999 HC-3 Compliance, Risk Management and Internal Controls
              BMA/1287/94 6 Nov 1994 HC-4 Foreign Exchange, Securities and Other Dealers

            • HC-A.3.4

              The contents in this Module are effective from the dates depicted in HC-A.3.2 and HC-A.3.3, from which the requirements are compiled. Section HC-1.3 is effective from January 2007.

      • HC-B HC-B General guidance and best practice

        • HC-B.1 HC-B.1 Guidance provided by other international bodies

          • Basel Committee: Enhancing Corporate Governance in Banking Organisations and High Level Controls for Banks

            • HC-B.1.1

              These papers (see www.bis.org/publ/bcbs56.pdf) issued in September 1998 and September 1999 provide guidance on corporate governance and high-level controls in banks. These papers form part of an ongoing effort by the Committee to strengthen procedures for risk management and disclosure in banks.

            • HC-B.1.2

              The papers draw on supervisory experience with corporate governance problems at banking organisations and suggest the types of practices that could help to avoid such problems. They identify a number of practices as critical elements of any financial institution's corporate governance process.

            • HC-B.1.3

              The Agency draws banks' attention to the Basel papers as benchmarks of best practice for corporate governance standards and high-level controls to be followed by banks operating in the Kingdom of Bahrain.

        • HC-B.2 HC-B.2 Enforceability

          • HC-B.2.1

            The requirements of Chapter 1, Sections HC-1.1HC-1.4 are binding requirements which banks and their Boards should follow on an "apply or explain" basis. If a Board or a bank elects not to follow these requirements, they must explain why to the Agency and document the reasons for not applying the concerned requirements in the Minutes of the Board. The remaining chapters are binding requirements except where shown as guidance.

          • HC-B.2.2

            This Module and Chapter 1 in particular supplements various provisions relating to Corporate Governance contained in Legislative Decree No. 21 of 2001 with respect to promulgating the Commercial Companies Law. In any cases of potential conflict, the Commercial Companies Law shall prevail. Compliance with this Module does not guarantee compliance with the Commercial Companies Law.

      • HC-1 HC-1 Corporate governance

        • HC-1.1 HC-1.1 Scope

          • HC-1.1.1

            The contents of this Chapter are applicable to locally incorporated banks. Bahrain branches of foreign banks must satisfy the Agency that equivalent arrangements are in place at the parent level and that these arrangements provide for effective high-level controls over activities conducted under the Bahrain license.

          • HC-1.1.2

            This Chapter covers the high-level controls aspects of corporate governance of banks, and therefore focuses on the functions of the constituent parts of high-level controls, starting with the respective roles and responsibilities of the Board and senior management.

          • HC-1.1.3

            This Chapter therefore does not cover matters of corporate governance relating to the Commercial Companies Law (e.g. General Meetings, the role of shareholders and other administrative matters) or Listing Requirements.

          • HC-1.1.4

            The BMA has historically pursued a "best practice" guidance approach to high-level controls and corporate governance, rather than a prescriptive rules-based approach. The Agency has chosen to notify licensees of international best practice standards, and allowed banks to interpret these, according to the scope of operations of the concerned bank. This Chapter blends a best practice-based approach with minimum requirements.

          • HC-1.1.5

            Banks must satisfy the BMA that financial services activities conducted in subsidiaries and other group members including foreign branches are subject to the same or equivalent arrangements for ensuring effective high-level controls over their activities. In instances where local jurisdictional requirements are more stringent than those applicable in this Module, the local requirements are to be applied.

          • HC-1.1.6

            Where a bank is unable to satisfy the BMA that its subsidiaries and other group members or foreign branches are subject to the same or equivalent arrangements, the BMA will assess the potential impact of risks — both financial and reputational — to the bank arising from inadequate high-level controls in the rest of the group of which it is a member. In such instances, the BMA may impose restrictions on dealings between the bank and other group members. Where weaknesses in controls are assessed by the BMA to pose a major threat to the stability of the bank, then its authorisation may be called into question.

        • HC-1.2 HC-1.2 The Board of Directors — Its Functions and Responsibilities

          • Strategy

            • HC-1.2.1

              In most banks, shareholders, creditors, employees, depositors and investment account holders ("stakeholders") are unable to closely monitor management, its strategies and the bank's performance due to a lack of information and resources. A key responsibility of the Board is to fill the gap between uninformed stakeholders to whom it owes a duty of care, and the more fully informed executive management by monitoring management closely on behalf of stakeholders.

            • HC-1.2.2

              The Board is ultimately accountable and responsible for the affairs and performance of the bank. The Board must establish the objectives of the bank and develop the strategies that direct the ongoing activities of the bank to achieve these objectives. The strategies should be communicated throughout the bank, and be disclosed publicly (e.g. via the website or in the annual report in an abbreviated form as applicable). In its strategy document, the Board must demonstrate that it is able to proactively identify and understand the significant risks that the bank faces in achieving its business objectives through its business strategies and plans.

            • HC-1.2.3

              The precise functions reserved for the Board, and those delegated to management and committees will vary, dependent upon the business of the institution, its size and ownership structure. However, at a minimum, the Board must establish and maintain a statement of its responsibilities for:

              (a) The adoption and annual review of strategy;
              (b) The adoption and review of management structure and responsibilities;
              (c) The adoption and review of the systems and controls framework; and
              (d) Monitoring the implementation of strategy by management.

            • HC-1.2.4

              In its strategy review process, the Board should:

              (a) Review the bank's business plans and the inherent level of risk in these plans;
              (b) Assess the adequacy of capital to support the business risks of the bank.
              (c) Set performance objectives;
              (d) Review the performance of executive management; and
              (e) Oversee major capital expenditures, divestitures and acquisitions.

            • HC-1.2.5

              The BMA expects the Board to have effective policies and processes in place for:

              (a) Ensuring a formal and transparent Board nomination process;
              (b) Appointing senior managers, and ensuring that they have the necessary integrity, technical and managerial competence, and experience;
              (c) Overseeing succession planning and replacing key executives when necessary, and ensuring appropriate resources are available, and minimising reliance on key individuals;
              (d) Reviewing the remuneration and incentive packages of the executive management and members of the Board of Directors and ensuring that such packages are consistent with the corporate values and strategy of the bank;
              (e) Effectively monitoring and making formal (annual) evaluations of senior management's performance in implementing agreed strategy and business plans;
              (f) Approving budgets and reviewing performance against those budgets and key performance indicators; and
              (g) The management of the bank's compliance risk.

          • Risk Recognition and Assessment

            • HC-1.2.6

              The Board is responsible for ensuring that the systems and controls framework, including the Board structure and organisational structure of the bank is appropriate for the bank's business and associated risks (see HC-1.2.3 (c)). The Board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which the bank is exposed in its business activities.

              In assessing the systems and controls framework, the BMA expects the Board to demonstrate that the bank's operations, individually and collectively:

              (a) Are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of the bank's activities. The Board should ensure that senior management have put in place appropriate systems of control for the business of the bank and the information needs of the Board; in particular, there should be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the bank, and compliance with applicable laws, regulations and best practice standards. The systems should produce information on a timely basis; and
              (b) Are supported by an appropriate control environment. The compliance, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The Board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as ongoing monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment should maintain necessary client confidentiality and ensure that the privacy of the bank is not violated, and ensure that clients rights and assets are properly safeguarded.

            • HC-1.2.7

              In its review of the systems and controls framework, the Board should:

              (a) Effectively make use of the work of internal and external auditors. The Board should ensure the integrity of the bank's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings should be used as an independent check on the information received from management about the bank's operations and performance and the effectiveness of internal controls; and
              (b) Identify any significant issues related to the bank's adopted governance framework, processes and practices and ensure that appropriate and timely action is taken to address identified adverse deviations from the requirements of this Module.

              The determinations under HC-1.2.6 and this paragraph might be made through the use of self-assessments, stress/scenario tests, and/or independent judgments made by external advisors. The Board may appoint supporting committees, and engage senior management to assist it in the oversight of risk management, but the Board may not delegate its ultimate responsibility to ensure that an adequate, effective, comprehensive and transparent corporate governance process is in place.

          • Corporate Ethics, Conflicts of Interest and Code of Conduct

            • HC-1.2.8

              Banks are subject to a wide variety of laws, regulations and codes of best practice that directly affect the conduct of business. Such laws involve the Bahraini Stock Exchange Law, the Labour Law, the Commercial Companies Law, occupational health and safety, even environment and pollution laws, as well as codes of conduct and regulations of the Agency. The Board sets the "tone at the top" of a bank, and has a responsibility to oversee compliance with these various requirements. The Board should ensure that the staff conduct their affairs with a high degree of integrity, taking note of applicable laws, codes and regulations.

            • HC-1.2.9

              The Board should establish corporate standards for itself, senior management, and employees. This requirement should be met by way of a documented and published code of conduct or similar document. These values should be communicated throughout the bank, so that the Board and senior management and staff understand the importance of conducting business based on good corporate governance values and understand their accountabilities to the various stakeholders of the licensee. Banks' Boards, senior management and staff must be informed of and be required to fulfil their fiduciary responsibilities to the bank's stakeholders.

            • HC-1.2.10

              An internal code of conduct is separate from the business strategy of a bank. A code of conduct should outline the practices that Directors, senior management and staff should follow in performing their duties. Banks may wish to use procedures and policies to complement their codes of conduct. The suggested contents of a code of conduct are covered below:

              (a) Commitment by the Board and management to the code. The code of conduct should be linked to the objectives of the bank, and its responsibilities and undertakings to customers, shareholders, staff and the wider community (see HC-1.2.8 and HC-1.2.9). The code should give examples or expectations of honesty, integrity, leadership and professionalism;
              (b) Commitment to the law and best practice standards. This commitment would include commitments to following accounting standards, industry best practice (such as ensuring that information to clients is clear, fair, and not misleading), transparency, and rules concerning potential conflicts of interest (see HC-1.2.11);
              (c) Employment practices. This would include rules concerning health and safety of employees, training, policies on the acceptance and giving of business courtesies, prohibition on the offering and acceptance of bribes, and potential misuse of company assets;
              (d) How the company deals with disputes and complaints from clients and monitors compliance with the code; and
              (e) Confidentiality. Disclosure of client or bank information should be prohibited, except where disclosure is required by law (see HC-1.2.6 (b)).

            • HC-1.2.11

              The Board must establish and disseminate to its members and management, policies and procedures for the identification, reporting, disclosure, prevention, or strict limitation of potential conflicts of interest. It is senior management's responsibility to implement these policies. Rules concerning connected party transactions and potential conflicts of interest may be dealt with in the Code of Conduct (see HC-1.2.9). In particular, the Agency requires that any decisions to enter into transactions, under which Board members or any member of management would have conflicts of interest that are material, should be formally and unanimously approved by the full Board. Best practice would dictate that a Board member or member of senior management should:

              (a) Not enter into competition with the bank;
              (b) Not demand or accept substantial gifts from the bank for himself or his associates;
              (c) Not misuse the banks' assets;
              (d) Not use company privileged information or take advantage of business opportunities to which the company is entitled for himself or his associates;
              (e) Report to the Board any (potential) conflict of interest in their activities with, and commitments to other organisations. In any case, all Board members and members of senior management must declare in writing all of their other interests in other enterprises or activities (whether as a shareholder of above 5% of the voting capital of a company, a manager, or other form of significant participation) to the Board (or the Nominations or Audit Committees) on an annual basis; and
              (f) Absent themselves from any discussions or decision-making that involves a subject where they are incapable of providing objective advice, or which involves a subject or (proposed) transaction where a conflict of interest exists.

            • HC-1.2.12

              The Agency expects that the Board and its members individually and collectively:

              (a) Act with honesty, integrity and in good faith, with due diligence and care, with a view to the best interest of the bank and its shareholders and other stakeholders (see paragraphs HC-1.2.8 to HC-1.2.11);
              (b) Act within the scope of their responsibilities (which should be clearly defined — see HC-1.3.7 and HC-1.3.8 below) and not participate in the day-to-day management of the bank;
              (c) Have a proper understanding of, and competence to deal with the affairs and products of the bank and devote sufficient time to their responsibilities;
              (d) To independently assess and question the policies, processes and procedures of the bank, with the intent to identify and initiate management action on issues requiring improvement. (i.e. to act as checks and balances on management).

            • HC-1.2.13

              All Directors whether non-executive or executive should exercise independence in their decision-making. To facilitate independence, the Board should agree procedures whereby the Board or its individual members (or committees) may take independent professional advice at the bank's expense.

        • HC-1.3 HC-1.3 Board Composition and the Role of Committees

          • Board Composition & Frequency of Meetings

            • HC-1.3.1

              To fulfil its responsibility for the review of the systems and controls framework (HC-1.2.3 (c)), the Board must periodically assess its composition and size and, where appropriate, reconstitute itself and its committees by selecting new Directors to replace long-standing members or those members whose contribution to the bank or its committees (such as the audit committee) is not adequate.

            • HC-1.3.2

              No Board member may have more than one directorship of a Full Commercial Bank and an Offshore Banking Unit or Investment Bank. This would mean an effective cap of a maximum of two directorships of financial institutions inside Bahrain. Two directorships of licensees within the same category (e.g. "OBU") would not be permitted. Banks may approach the Agency for exemption from this limit where the directorships concern banks or financial institutions within the same group.

            • HC-1.3.3

              The Board must meet sufficiently often to enable it to discharge its responsibilities effectively, taking into account the bank's scale and complexity. The full Board should meet preferably no less than four times per year. The Agency recommends that meetings should take place once every quarter to address the Board's responsibilities for management oversight and performance monitoring.

            • HC-1.3.4

              Board rules should require members to step down if they are not actively participating in Board meetings.

          • Independent and Non-Executive Directors

            • HC-1.3.5

              Where there is the potential for conflict of interest, or there is a need for impartiality, the Board must assign a sufficient number of independent non-executive Board members capable of exercising independent judgment. The Board should outline its criteria and materiality thresholds in the annual report for the definition of "independence". The Directors should be identified in the annual report as executive, non-executive, and independent non-executive, as follows:

              (a) Executive Director (or "Managing Director" under the Commercial Companies Law "CCL") — A person who is involved in the day-to-day management and/or is in full-time employment of the bank and/or any of its affiliates or subsidiaries or parent companies. An executive Director may not occupy the post of "Chairman";
              (b) Non-Executive Director — A person not involved in the day-to-day management and/or is not a full-time salaried employee of the bank and/or any of its affiliates, or subsidiaries or parent companies; and
              (c) Independent Non-Executive Director — A non-executive Director (as defined above), who also:
              •  Is not a "controller" of the bank (see Section HC-2.1).
              •  Is not an Associate (see paragraph HC-2.1.4(g)) of a Director or a member of senior management of the bank.
              •  Is not a professional advisor to the bank or group (A partner or member of senior management of an accountancy or law firm that provides services to the bank would not be perceived by the Agency as an independent non-executive Director).
              •  Is not a large depositor with, or large borrower from the bank (i.e. whose deposits or credit facilities exceed 10% of the capital base of the bank).
              •  Has no significant contractual, or business relationship with the bank or group which could be seen to materially interfere with the person's capacity to act in an independent manner.

            • HC-1.3.6

              Independent non-executive Directors should be permitted to meet periodically (for example at separate meetings from the main Board) without executive management present.

          • Checks and Balances

            • HC-1.3.7

              To ensure a clear segregation of duties, the Board should clearly define, document and enforce its own responsibilities, including those of its Chairman, as well as the delegated authorities, responsibilities and accountabilities of the Board and management committees, the bank's Chief Executive and senior management to the stakeholders of the bank.

            • HC-1.3.8

              In particular, the Board should issue formal letters of appointment both to senior management and Board members, outlining their specific responsibilities and accountabilities. Wherever possible, these documents or a summary of responsibilities should be disclosed publicly, for example in the annual report. Letters of appointment facilitate better understanding of the respective accountabilities of the Board and management.

          • Responsibilities of the Chairman

            • HC-1.3.9

              The Chairman is responsible for the leadership of the Board, and for the efficient functioning of the Board. The Chairman is responsible for ensuring that Board members are adequately briefed in sufficient time for issues arising at Board meetings; therefore it is vital that the Chairman commit sufficient time to perform his role effectively, taking into account the points below:

              (a) First, the Chairman of the Board preferably should be non-executive and independent (see HC-1.3.6 for the definitions of "non-executive" and "independent");
              (b) Also, the role of Chairman and Chief Executive may not be exercised by the same person; and
              (c) Furthermore, there needs to be a clear division of responsibility between these two positions (see also HC-1.3.8 in this regard).

          • The benefits and functions of committees

            • HC-1.3.10

              In order to perform its duties more efficiently, the Board may set up committees where it feels appropriate with specific responsibilities, which must be documented. Where committees are set up, they should keep full minutes of their activities and meet regularly to fulfil their mandates. In particular, there are three areas where there is a need for checks and balances within the Board itself:

              (a) The nomination of Directors;
              (b) The remuneration of Directors; and
              (c) The audit of the bank's financial performance.

              In these areas, executive Directors have clear potential conflicts of interest. Nomination is all about the continuation of their own jobs and the jobs of their colleagues and potential new colleagues. Remuneration is all about the rewards that executive Directors and/or senior management receive for their services to the bank. Audit concerns the probity of the financial and non-financial reporting of the performance of the company by the very same persons who are responsible for its performance.

              For larger banks that deal with the general public, committees can be a more efficient mechanism to assist the main Board in its monitoring and control of the activities of the bank. The establishment of committees should not mean that the role of the Board is diminished, or that the Board becomes fragmented. Each Committee must have a clear written mandate outlining its purpose, objectives and responsibilities, including composition, frequency of meetings and reporting relationships.

          • Audit Committee

            • HC-1.3.11

              The Agency requires all banks to establish an Audit Committee. The committee members must have sufficient technical expertise to enable the committee to perform its functions effectively. Preferably, there should be at least one qualified and appropriately experienced accountant in the committee. All members of the committee must be financially literate. The CEO may not be a member of this committee.

            • HC-1.3.12

              Responsibilities of the Audit Committee are as follows:

              (a) To review the integrity of the bank's financial reporting (particularly with reference to information passed to the Board — see HC-1.2.6 (a). This review should include the choice of accounting policies. The information needs of the Board to perform its monitoring responsibilities must be defined in writing, and regularly monitored by the Audit Committee;

              To oversee the selection and compensation of the external auditor for appointment and approval at the shareholders' meeting. The audit committee should oversee relations with the external auditors, including ensuring the external auditor's independence (in particular, making sure that the external audit firm and its partners have no other financial or business relationship without the Board's knowledge), the terms and conditions of the auditor's appointment and remuneration arrangements. The committee should monitor rotation arrangements for audit engagement partners. The audit committee should monitor the performance of the external auditor and the non-audit services provided by the external auditor. The committee should meet with the external auditor at least twice per year, and at least once per year in the absence of any members of executive management;
              (b) To regularly review the activities and performance of the internal audit function;
              (c) To review whether the bank complies with all relevant laws, regulations, codes and business practices, and ensure that the bank communicates with shareholders and relevant stakeholders (internal and external) openly and promptly, and with substance of compliance prevailing over form; and
              (d) To review and supervise the implementation of, enforcement of and adherence to the bank's code of conduct.

            • HC-1.3.13

              Below the Audit Committee, the bank must set up an internal audit function, which reports directly to the Audit Committee (with a parallel reporting line to senior management for day-to-day matters as appropriate).

          • Shari'a Supervision Committee

            • HC-1.3.14

              The Agency requires all banks to establish an independent Shari'a Supervision Committee complying with AAOIFI's governance standards for Islamic Financial Institutions No. 1 and No. 2.

            • HC-1.3.15

              All banks must comply with all AAOIFI issued accounting standards as well as the Shari'a pronouncement issued by the Shari'a Board of AAOIFI. The bank must have a separate function of Shari'a review to verify compliance with the above. This internal Shari'a review must be carried out in accordance with AAOIFI's governance standard No. 3. The Shari'a review function may be located in the Internal Audit function of the bank.

        • HC-1.4 HC-1.4 Transparency of Structure and Strategy

          • Board's Responsibility for Disclosure

            • HC-1.4.1

              The Board should oversee the process of disclosure and communications with internal and external stakeholders. The Board should ensure that disclosures made by the bank are fair, transparent, comprehensive and timely and reflect the character of the bank and the nature, complexity and risks inherent in the bank's business activities. Disclosure policies must be reviewed for compliance with the Agency's disclosure requirements (see Rulebook Chapter PD-1).

            • HC-1.4.2

              To promote sound corporate governance, the bank must submit its organizational structure approved by the Board of Directors, which notes the designations and responsibilities of its key management personnel, highlighting their qualifications and relevant industry experience. The organizational structure should be clearly delineated and reporting lines completely transparent to promote full disclosure. It is the General Manager's responsibility to ensure that this occurs.

            • HC-1.4.3

              The bank must submit a statement of its strategy and objectives to the Agency at the time of licensing. This statement should cover a minimum period of three years. The Agency may request a formal review by the Board of the bank's statement from time to time.

        • HC-1.5 HC-1.5 Notification, reporting, and approval requirements for changes to activities, personnel and ownership, strategy, board meetings and special purpose vehicles ("SPVs")

          • HC-1.5.1

            Banks must notify the Agency in writing of all major proposed changes to the strategy and/or corporate plan of the bank prior to implementation.

          • HC-1.5.2

            Banks must notify the Agency in writing of any proposed changes to senior positions or ownership changes mentioned in sections HC-2.1, HC-3.2 and HC-4.1 (whether in terms of structure or identity of personnel) prior to the change. The communication should include the reason for the departure of the personnel and the Curriculum Vitae of any new persons taking up the relevant positions in the bank. See also section BR-5.1 for notification requirements concerning contact details of senior staff.

          • HC-1.5.3

            All locally incorporated banks, in addition to the requirements in paragraphs HC-1.5.1 and HC-1.5.2, should obtain the Agency's prior specific written approval before establishing any subsidiaries (including SPVs where the bank exercises a majority shareholding or has majority voting control by virtue of direct ownership or by proxy/nominee arrangements), branches and/or representative offices, either inside or outside of Bahrain. In order to avoid any delays and/or disruption in implementation of banks' plans in this context, the Agency should be approached as soon as possible, even at a very preliminary stage.

          • HC-1.5.4

            All locally incorporated banks are required to submit, on an annual basis, as an attachment to the year-end quarterly PIR, a report recording the meetings during the year by their Board of Directors. For a sample report, refer to Appendix BR-10.

          • HC-1.5.5

            All locally incorporated banks must notify the Agency if they intend to act as sponsor or manager of a special purpose vehicle ("SPV"), or if they intend to participate in the creation of an SPV, or if they intend to acquire shares in an SPV. All locally incorporated banks must notify the Agency if they are appointed as nominee shareholders of SPVs or hold votes by proxy arrangement in SPVs on behalf of other investors. In all cases listed above, the concerned bank must notify the Agency quarterly of any new commitments to, or engagements in business arrangements with SPVs. These reporting and notification arrangements apply in addition to arrangements under HC-1.5.3 where the SPV is a subsidiary.

          • HC-1.5.6

            The Agency requires any locally incorporated bank associated with an SPV to give the background to the following points in any notification under HC-1.5.5 above:

            (a) the purpose of the SPV;
            (b) the nature of the relationship between the bank and the SPV (i.e. sponsor, manager, investor, controller etc.);
            (c) the external auditor's proposed consolidation/accounting treatment of the SPV;
            (d) the availability of financial and other information relevant to the SPV and access to its business premises and records;
            (e) whether the bank is providing any guarantees, warranties or financial/liquidity support of any kind to the SPV.

          • HC-1.5.7

            Where the SPV is consolidated into the accounts of a locally incorporated bank, the bank must provide separate accounting information on the SPV to the Agency on a quarterly basis. Furthermore, the annual audited financial statements of all consolidated SPVs must be submitted to the Agency within 3 months of the year end of the concerned SPV.

          • HC-1.5.8

            Where a locally incorporated bank has a controller or majority ownership relationship with an SPV, or acts as sponsor, the bank must obtain the prior approval of the Agency for any changes to the capital, ownership, management or control of the SPV. All locally incorporated banks must also notify the Agency of any significant events in relation to the SPV. If necessary, the Agency may require that formal information exchange arrangements are put in place (e.g. a memorandum of understanding) if the SPV is located in a foreign jurisdiction and its activities are not supervised locally.

      • HC-2 HC-2 Approved Persons

        • HC-2.1 HC-2.1 BMA Notification and Approval

          • General Requirement

            • HC-2.1.1

              All persons wishing to undertake a controlled function in an Islamic bank licensee must be notified to the BMA prior to their appointment and, where required, approved by the BMA (see Rule HC-2.1.3).


            • HC-2.1.2

              Controlled functions are those of:

              (a) Director;
              (b) Member of Shari'a Supervisory Board
              (c) Chief Executive or General Manager;
              (d) Senior Manager;
              (e) Compliance officer;
              (f) Money Laundering Reporting Officer; and
              (g) Financial Instruments Trader.

            • HC-2.1.3

              Prior approval is required for controlled functions (a), (b), (c), (d), (e) and (f). Controlled functions (e) and (f) may be combined, however. Controlled function (g) does not require prior approval: instead, notification only is required, once the person concerned has accepted to undertake that function.

          • Basis for Approval

            • HC-2.1.4

              Approval under Rule HC-2.1.1 is only granted by the BMA, if it is satisfied that the person is fit and proper to hold the particular position in the licensee concerned. "Fit and proper" is determined by the BMA on a case-by-case basis. The definition of "fit and proper" and associated guidance is provided in Sections HC-2.2 and HC-2.3 respectively.


          • Definitions

            • HC-2.1.5

              Director is any person who occupies the position of a Director, as defined in Article 173 of the Commercial Companies Law (Legislative Decree No. 21 of 2001).

            • HC-2.1.6

              The fact that a person may have "Director" in their job title does not of itself make them a Director within the meaning of the definition noted in Rule HC-2.1.5. For example, a 'Director of Marketing', is not necessarily a member of the Board of Directors and therefore may not fall under the definition of Rule HC-2.1.5.

            • HC-2.1.7

              The Chief Executive or General Manager means a person who is responsible for the conduct of the licensee (regardless of actual title). The Chief Executive or General Manager must be resident in Bahrain. This person is responsible, alone or jointly, for the conduct of the whole of the firm, or, in the case of an overseas Islamic bank licensee, for all of the activities of the branch (in which case, he may hold the title of "Branch Manager").

            • HC-2.1.8

              Senior Manager means a person who, under the immediate authority of a Director or the Chief Executive/General Manager, exercises major managerial responsibilities, is responsible for a significant business or operating unit, or has major managerial responsibility for maintaining accounts or other records of the licensee.

            • HC-2.1.9

              Whether a person is a Senior Manager will depend on the facts in each case and is not determined by the presence or absence of the word in their job title. Examples of Senior Managers might include, depending on the scale, nature and complexity of the business, a deputy Chief Executive; and heads of departments such as Risk Management, or Internal Audit; or the Chief Financial Officer.

            • HC-2.1.10

              Financial Instruments Trader means a person who is engaged in buying or selling financial instruments.

            • HC-2.1.11

              Where a firm is in doubt as to whether a function should be considered a controlled function it must discuss the case with the BMA.

          • Notification Requirements and Process

            • HC-2.1.12

              Islamic bank licensees must obtain BMA approval before a person is formally appointed to a controlled function; the request for BMA approval must be made by submitting to BMA a duly completed Form 3 (Application for Approved Person status). In the case of a financial instruments trader, notification only is required (see Rule HC-2.1.3): this notification must also be made by submitting a Form 3.

            • HC-2.1.13

              In the case of license applications, the Form 3 must be marked for the attention of the Director, Licensing and Policy Directorate. When made by an Islamic bank licensee, the Form 3 must be marked for the attention of the Director, Islamic Financial Institutions.

            • HC-2.1.14

              Licensees should give the BMA a reasonable amount of notice in order for an application for approval to be reviewed. The BMA aims to respond within 2 weeks of receipt of an application, although in some cases, where referral to an overseas supervisor is required, the response time is likely to be longer.

            • HC-2.1.15

              Licensees seeking to appoint Board Directors should seek BMA approval for all the candidates to be put forward for election at a shareholder meeting, in advance of the agenda being issued to shareholders. BMA approval of the candidates does not in any way limit shareholders' rights to refuse those put forward for election.

            • HC-2.1.16

              All refusals by the BMA to grant a person approved person status have to be reviewed and approved by an Executive Director of the BMA. A notice of intent is issued to the person concerned, setting out the basis for the decision. The person has 30 calendar days from the date of the notice in which to appeal the decision. The BMA then has 30 calendar days from the date of the representation in which to make a final determination. See also Chapter EN-5.

            • HC-2.1.17

              Islamic bank licensees must immediately notify BMA when an approved person ceases to hold the controlled function, for which they have been approved, and for whatever reason.

            • HC-2.1.18

              Thus, licensees are required to notify BMA should an approved person transfer to another function within the licensee, or to another group entity; or else resign, be suspended or dismissed. BMA may require further clarification as to the reasons for the person's transfer or departure. BMA will automatically withdraw the individual's approved person status: should the person wish to undertake another controlled function, whether within the same licensee or in another licensee, then a new application should be resubmitted.

            • HC-2.1.19

              Islamic bank licensees must immediately notify BMA should they become aware of information that could reasonably be viewed as calling into question an approved person's compliance with BMA's "fit and proper" requirement (see HC-2.2).

        • HC-2.2 HC-2.2 "Fit and proper" requirement

          • HC-2.2.1

            Licensees seeking an approved person authorisation for an individual, must satisfy the BMA that the individual concerned is "fit and proper" to undertake the controlled function in question.

          • HC-2.2.2

            To be considered "fit and proper", those nominated must demonstrate:

            (a) personal integrity, honesty and good reputation;
            (b) professional competence, experience and expertise, sufficient for the controlled function for which authorisation is being applied for, and given the scale, complexity and nature of the Islamic bank licensee concerned; and
            (c) financial soundness.

          • HC-2.2.3

            In assessing the conditions prescribed in Rule HC-2.2.2, the BMA will take into account the criteria contained in Section HC-2.3. The BMA reviews each application on a case-by-case basis, taking into account all relevant circumstances. A person may be considered "fit and proper" to undertake one type of controlled function but not another, depending on the function's job size and required levels of experience and expertise. Similarly, a person approved to undertake a controlled function in one Islamic bank licensee may not be considered to have sufficient expertise and experience to undertake nominally the same controlled function but in a much bigger licensee.

          • HC-2.2.4

            Approved persons undertaking a controlled function must act prudently, and with honesty, integrity, care, skill and due diligence in the performance of their duties. They must avoid conflicts of interest arising whilst undertaking a controlled function.

          • HC-2.2.5

            In determining whether a conflict of interest may arise, factors that may be considered include whether:

            (a) a person has breached any fiduciary obligations to the company or terms of employment;
            (b) a person has undertaken actions that would be difficult to defend, when looked at objectively, as being in the interest of the licensee; and
            (c) a person has failed to declare a personal interest that has a material impact in terms of the person's relationship with the licensee.

        • HC-2.3 HC-2.3 Interpretative Guidance on "Fit and Proper" Requirement

          • HC-2.3.1

            In assessing a person's fitness and propriety, the BMA will consider previous professional and personal conduct (in Bahrain or elsewhere) including, but not limited to, the following:

            (a) the propriety of a person's conduct, whether or not such conduct resulted in a criminal offence being committed, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;
            (b) a conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;
            (c) any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;
            (d) whether the person has been the subject of any disciplinary proceeding by any government authority, regulatory agency or professional body or association;
            (e) the contravention of any financial services legislation or regulation;
            (f) whether the person has ever been refused a license, authorisation, registration or other authority;
            (g) dismissal or a request to resign from any office or employment;
            (h) disqualification by a court, regulator or other competent body, as a Director or as a manager of a corporation;
            (i) whether the person has been a Director, partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners have been declared bankrupt whilst the person was connected with that partnership;
            (j) the extent to which the person has been truthful and open with supervisors;
            (k) the extent to which the person has appropriate professional and other qualifications for the controlled function in question;
            (l) the extent to which the person has sufficient experience, or is otherwise able to perform the functions of the controlled function in question;
            (m) whether the person has ever been adjudged bankrupt, entered into any arrangement with creditors in relation to the inability to pay due debts, or failed to satisfy a judgment debt under a court order.

          • HC-2.3.2

            With respect to HC-2.3.1(b), (c), (d) and (e), the BMA will take into account the length of time since any such event occurred, as well as the seriousness of the matter in question.

          • HC-2.3.3

            Further guidance on the process for assessing a person's "fit and proper" status is given in Module EN (Enforcement): see Chapter EN-8.

        • HC-2.4 [deleted]

          [This Section was deleted in 07/2006: it has been left blank.]

      • HC-3 HC-3 Compliance officer/manager

        • HC-3.1 HC-3.1 Introduction

          • HC-3.1.1

            In order to promote best practice with respect to banks' internal systems and controls and international banking supervision, the Agency, in this chapter, outlines its requirements for the compliance function of banks. The expression "Compliance Function" in this Chapter is used to describe staff carrying out compliance duties.

          • HC-3.1.2

            The expression 'Compliance Risk', in this chapter refers to the risk of legal or regulatory sanctions, material or financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with laws, regulations, rules, reporting requirements, standards and codes of conduct applicable to its activities, rather than purely compliance with a bank's internal limits or procedures.

          • HC-3.1.3

            For further information and guidance on compliance risk and the compliance function, the Agency recommends that banks refer to the Basel Committee publication, "Compliance and the compliance function in banks" (see www.bis.org/publ published April 2005). The Agency expects banks to carry out a review of their compliance with the principles in this paper on a regular basis (either by way of a self-assessment or by way of a review by the internal or external audit function).

        • HC-3.2 HC-3.2 Requirement for and approval of a compliance officer/manager

          • HC-3.2.1

            All banks must appoint a senior member of staff with responsibility for the management of compliance risk as their Compliance Officer/Manager.

          • HC-3.2.2

            The compliance function must be independent (i.e. it must not be placed in a position where its other duties or responsibilities may cause a conflict of interest with its compliance risk management responsibilities). Therefore the compliance function must be separate from the internal audit function. The compliance officer or manager may perform other limited related compliance roles (e.g. MLRO or legal advisor), subject to the Agency's prior approval.

          • HC-3.2.3

            The compliance officer/manager must be appropriately qualified and experienced and the compliance function must have adequate resources to carry out its functions effectively.

          • HC-3.2.4

            The appointment of a compliance manager/officer requires the Agency's prior approval and the submission of the appointee's Personal Questionnaire (Appendix LR 2) and Curriculum Vitae to the Agency. The bank must also outline how the compliance function fits into the bank's senior management reporting structure, and must give details of relevant reporting lines within the bank.

          • HC-3.2.5

            In the case of locally incorporated banks, the compliance officer/manager must have access to the Board of Directors in addition to the senior management.

      • HC-4 [deleted]

        [This chapter deleted 07/2006 — left blank.]

    • HC HC High-level Controls[versions up to October 2010]

      • HC-A HC-A Introduction[versions up to October 2010]

        • HC-A.1 HC-A.1 Purpose[versions up to October 2010]

          • HC-A.1.1 [versions up to October 2010]

            This Module presents requirements that have to be met by Islamic bank licensees with respect to:

            a) the role and composition of their Boards and Board Committees; and
            b) related high-level controls and policies.
            October 07

          • HC-A.1.2 [versions up to October 2010]

            In addition, this Module contains requirements for the notification and pre-approval of individuals, undertaking certain designated functions with respect to Islamic bank licensees. These functions (called 'controlled functions'), include Directors and members of senior management. The controlled functions regime supplements the CBB's corporate governance requirements by ensuring that key persons involved in the running of Islamic bank licensees are fit and proper. Those approved by the CBB to undertake controlled functions are called approved persons.

            October 07

          • HC-A.1.3 [versions up to October 2010]

            Finally, this Module contains certain notification and approval requirements regarding the use of Special Purpose Vehicles ('SPVs'; see Section HC-1.5).

            October 07

          • HC-A.1.4 [versions up to October 2010]

            This Module supplements various provisions relating to corporate governance contained in Legislative Decree No. 21 of 2001, with respect to promulgating the Commercial Companies Law ('Commercial Companies Law 2001'). In case of conflict, the Commercial Companies Law shall prevail. The Module also supplements (for companies listed on the Bahrain Stock Exchange), Stock Exchange regulations that are relevant to corporate governance and high-level controls. Compliance with this Module does not guarantee compliance with either the Commercial Companies Law 2001 or the BSE regulations.

            October 07

          • Legal Basis[versions up to October 2010]

            • HC-A.1.5 [versions up to October 2010]

              This Module contains the CBB's Directive relating to the credit risk management of Islamic bank licensees, and is issued under the powers available to the CBB under Article 38 of the CBB Law. The Directive in this Module is applicable to all Islamic bank licensees.

              October 07

            • HC-A.1.6 [versions up to October 2010]

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              October 07

        • HC-A.2 HC-A.2 Key requirements[versions up to October 2010]

          • Corporate governance[versions up to October 2010]

            • HC-A.2.1 [versions up to October 2010]

              The Chairman of the Board should preferably be non-executive and independent. The role of Chairman and Chief Executive may not be exercised by the same person. (See Rule HC-1.3.9.)

              Amended: October 2009
              October 2007

            • HC-A.2.2 [versions up to October 2010]

              The Board must approve a code of conduct for itself, senior management and employees, and define the responsibilities of itself and senior management. This should include procedures for dealing with conflicts of interest, and a prohibition on insider trading. (See Paragraphs HC-1.2.9 to HC-1.2.11.)

              October 07

            • HC-A.2.3 [versions up to October 2010]

              The Board should meet at least four times per year (see Rule HC-1.3.3).

              Amended: October 2009
              October 2007

            • HC-A.2.4 [versions up to October 2010]

              Boards must have an adequate number of members that are 'independent' and 'non-executive' to serve the interests of minority shareholders and other stakeholders. (See Paragraphs HC-1.3.5 and HC-1.3.6.)

              October 07

            • HC-A.2.5 [versions up to October 2010]

              The Board should consider the setting up of committees to assist it in fulfilling its responsibilities. The setting up of an Audit Committee and a Shari'a Committee is mandatory. (See Paragraphs HC-1.3.11 to HC-1.3.16.)

              October 07

            • HC-A.2.6 [versions up to October 2010]

              All licensees must submit their organisational structure as approved by the Board of Directors. All licensees must establish independent functions for Internal Audit and Risk Management.

              October 07

            • HC-A.2.7 [versions up to October 2010]

              Islamic bank licensees are required to notify the CBB, in writing, of all major changes (regardless of type and/or effect) proposed to the strategy and/or corporate plan of the bank prior to implementation, as well as of any Special Purpose Vehicle they intend to establish as a subsidiary, or with respect to which they intend to act as sponsor or manager (see Section HC-1.5).

              October 07

          • Approved Persons[versions up to October 2010]

            • HC-A.2.8 [versions up to October 2010]

              Islamic bank licensees are required to secure prior CBB approval for those persons wishing to undertake a controlled function. Such persons are assessed against CBB's 'fit and proper' requirements. Islamic bank licensees must also notify the CBB of any changes in their approved persons. (See Chapter HC-2)

              October 07

          • Compliance officer/manager[versions up to October 2010]

            • HC-A.2.9 [versions up to October 2010]

              Islamic bank licensees must appoint a senior member of staff with responsibility for compliance. The Compliance Officer is a controlled function. (See Chapter HC-3.1.)

              October 07

        • HC-A.3 HC-A.3 Module History[versions up to October 2010]

          • Evolution of the Module[versions up to October 2010]

            • HC-A.3.1 [versions up to October 2010]

              This Module was first issued in January 2005, as part of the initial release of Volume 2 of the CBB Rulebook. It was dated January 2005. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG 3 provides further details on Rulebook maintenance and version control.

              October 07

            • HC-A.3.2 [versions up to October 2010]

              When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 2 was updated in October 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

              October 07

            • HC-A.3.3 [versions up to October 2010]

              A list of recent changes made to this Module is shown below:

              Module Ref. Change Date Description of Changes
              HC-1.5 01/07/05 Transparency requirements formalised
              HC-1.6 01/07/05 Notification requirements formalised
              HC-1.1, 1.2 & 1.4 01/10/05 High-level controls
              HC-1.5 01/10/05 New SPV requirements
              HC-3.1 – HC-3.2 01/10/05 Revised compliance function requirements
              HC-1.5.3, 1.5.5 & 4.1 01/01/06 Revised notification requirements for SPVs and dealing staff
              HC-2, HC-3 and HC-4 01/07/06 Requirements relating to controllers moved to Module GR; Remaining requirements relating to 'fit and proper' re-drafted to ensure consistency with other Rulebook Volumes (without changing the substance of the previous 'fit and proper' requirements); Requirements relating to dealers incorporated into the 'fit and proper' requirements.
              HC-1.2 & HC-1.3 01/10/07 Reordering of Paragraphs to separate Rules and Guidance
              HC-A.1 10/2007 New Rule HC-A.1.5 introduced, categorising this Module as a Directive.
              HC-1.3.5 04/2008 Mandatory requirement for at least one independent non-executive director
              HC-2.1.16 01/2009 Amendment to notification process for "approved person" status
              HC-1.5.3 01/2009 Requirement to appoint a permanent replacement within 120 days when a controlled function falls vacant.
              HC-2.1.2 10/2009 CBB prior approval requirement for appointment of Deputy MLRO.

            • HC-A.3.4 [versions up to October 2010]

              The contents in this Module are effective from July 2004 and the dates depicted in HC-A.3.3. Section HC-1.3 is effective from October 2007.

              October 07

      • HC-B HC-B General guidance and best practice[versions up to October 2010]

        • HC-B.1 HC-B.1 Guidance provided by other international bodies[versions up to October 2010]

          • Basel Committee: Enhancing Corporate Governance in Banking Organisations and High-level Controls for Banks[versions up to October 2010]

            • HC-B.1.1 [versions up to October 2010]

              These papers (see www.bis.org/publ/bcbs56.pdf) issued in September 1998 and September 1999 provide guidance on corporate governance and high-level controls in banks. These papers form part of an on-going effort by the Committee to strengthen procedures for risk management and disclosure in banks.

              October 07

            • HC-B.1.2 [versions up to October 2010]

              The papers draw on supervisory experience with corporate governance problems at banking organisations and suggest the types of practices that could help to avoid such problems. They identify a number of practices as critical elements of any financial institution's corporate governance process.

              October 07

            • HC-B.1.3 [versions up to October 2010]

              The CBB draws banks' attention to the Basel papers as benchmarks of best practice for corporate governance standards and high-level controls to be followed by banks operating in the Kingdom of Bahrain.

              October 07

        • HC-B.2 HC-B.2 Enforceability[versions up to October 2010]

          • HC-B.2.1 [versions up to October 2010]

            The requirements of Chapter 1, Sections HC-1.1HC-1.4 are binding requirements, which banks and their Boards should follow on an 'apply or explain' basis. If a Board or a bank elects not to follow these requirements, they must explain why to the Central Bank and document the reasons for not applying the concerned requirements in the Minutes of the Board. The remaining Chapters are binding requirements except where shown as guidance.

            October 07

      • HC-1 HC-1 Corporate Governance[versions up to October 2010]

        • HC-1.1 HC-1.1 Scope[versions up to October 2010]

          • HC-1.1.1 [versions up to October 2010]

            The contents of this Chapter are applicable to locally incorporated banks. Bahrain branches of foreign banks must satisfy the Central Bank that equivalent arrangements are in place at the parent level and that these arrangements provide for effective high-level controls over activities conducted under the Bahrain license.

            October 07

          • HC-1.1.2 [versions up to October 2010]

            This Chapter covers the high-level controls aspects of corporate governance of banks, and therefore focuses on the functions of the constituent parts of high-level controls, starting with the respective roles and responsibilities of the Board and senior management.

            October 07

          • HC-1.1.3 [versions up to October 2010]

            This Chapter therefore does not cover matters of corporate governance relating to the Commercial Companies Law (e.g. General Meetings, the role of shareholders and other administrative matters) or Listing Requirements.

            October 07

          • HC-1.1.4 [versions up to October 2010]

            The CBB has historically pursued a 'best practice' guidance approach to high-level controls and corporate governance, rather than a prescriptive rules-based approach. The Central Bank has chosen to notify licensees of international best practice standards, and allowed banks to interpret these, according to the scope of operations of the concerned bank. This Chapter blends a best practice-based approach with minimum requirements.

            October 07

          • HC-1.1.5 [versions up to October 2010]

            Banks must satisfy the CBB that financial services activities conducted in subsidiaries and other group members including foreign branches are subject to the same or equivalent arrangements for ensuring effective high-level controls over their activities. In instances where local jurisdictional requirements are more stringent than those applicable in this Module, the local requirements are to be applied.

            October 07

          • HC-1.1.6 [versions up to October 2010]

            Where a bank is unable to satisfy the CBB that its subsidiaries and other group members or foreign branches are subject to the same or equivalent arrangements, the CBB will assess the potential impact of risks – both financial and reputational – to the bank arising from inadequate high-level controls in the rest of the group of which it is a member. In such instances, the CBB may impose restrictions on dealings between the bank and other group members. Where weaknesses in controls are assessed by the CBB to pose a major threat to the stability of the bank, then its authorisation may be called into question.

            October 07

        • HC-1.2 HC-1.2 The Board of Directors – Its Functions and Responsibilities[versions up to October 2010]

          • Strategy[versions up to October 2010]

            • HC-1.2.1 [versions up to October 2010]

              In most banks, shareholders, creditors, employees, depositors and investment account holders ('stakeholders') are unable to closely monitor management, its strategies and the bank's performance due to a lack of information and resources. A key responsibility of the Board is to fill the gap between uninformed stakeholders to whom it owes a duty of care, and the more fully informed executive management by monitoring management closely on behalf of stakeholders.

              October 07

            • HC-1.2.2 [versions up to October 2010]

              The Board is ultimately accountable and responsible for the affairs and performance of the bank. The Board must establish the objectives of the bank and develop the strategies that direct the on-going activities of the bank to achieve these objectives. The strategies must be communicated throughout the bank, and be disclosed publicly (e.g. via the website or in the annual report in an abbreviated form as applicable). In its strategy document, the Board must demonstrate that it is able to proactively identify and understand the significant risks that the bank faces in achieving its business objectives through its business strategies and plans.

              October 07

            • HC-1.2.3 [versions up to October 2010]

              The precise functions reserved for the Board, and those delegated to management and committees will vary, dependent upon the business of the institution, its size and ownership structure. However, as a minimum, the Board must establish and maintain a statement of its responsibilities for:

              a) The adoption and annual review of strategy;
              b) The adoption and review of management structure and responsibilities;
              c) The adoption and review of the systems and controls framework; and
              d) Monitoring the implementation of strategy by management.

              The Board may not delegate its ultimate responsibility to ensure that an adequate, effective, comprehensive and transparent corporate governance process is in place.

              October 07

            • HC-1.2.4 [versions up to October 2010]

              In its strategy review process under Paragraphs HC-1.2.3 a) and d), the Board must:

              a) Review the bank's business plans and the inherent level of risk in these plans;
              b) Assess the adequacy of capital to support the business risks of the bank.
              c) Set performance objectives;
              d) Review the performance of executive management; and
              e) Oversee major capital expenditures, divestitures and acquisitions.
              October 07

            • HC-1.2.5 [versions up to October 2010]

              The CBB expects the Board to have effective policies and processes in place for:

              a) Ensuring a formal and transparent Board nomination process;
              b) Appointing senior managers, and ensuring that they have the necessary integrity, technical and managerial competence, and experience;
              c) Overseeing succession planning and replacing key executives when necessary, and ensuring appropriate resources are available, and minimising reliance on key individuals;
              d) Reviewing the remuneration and incentive packages of the executive management and members of the Board of Directors and ensuring that such packages are consistent with the corporate values and strategy of the bank;
              e) Effectively monitoring and making formal (annual) evaluations of senior management's performance in implementing agreed strategy and business plans;
              f) Approving budgets and reviewing performance against those budgets and key performance indicators; and
              g) The management of the bank's compliance risk.
              October 07

          • Risk Recognition and Assessment[versions up to October 2010]

            • HC-1.2.6 [versions up to October 2010]

              The Board is responsible for ensuring that the systems and controls framework, including the Board structure and organisational structure of the bank, is appropriate for the bank's business and associated risks (see HC-1.2.3 c)). The Board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which the bank is exposed in its business activities.

              The Board must regularly assess the systems and controls framework of the bank. In its assessments, the Board must demonstrate to the CBB that:

              a) The bank's operations, individually and collectively are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of the bank's activities; and
              b) The bank's operations are supported by an appropriate control environment. The compliance, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The Board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as on-going monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment should maintain necessary client confidentiality and ensure that the privacy of the bank is not violated, and ensure that clients rights and assets are properly safeguarded.
              c) Where the Board has identified any significant issues related to the bank's adopted governance framework, appropriate and timely action is taken to address any identified adverse deviations from the requirements of this Module.
              October 07

            • HC-1.2.7 [versions up to October 2010]

              In its review of the systems and controls framework in Paragraph HC-1.2.6, the Board must:

              a) Make effective use of the work of external and internal auditors. The Board must ensure the integrity of the bank's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings must be used as an independent check on the information received from management about the bank's operations and performance and the effectiveness of internal controls; and
              b) Make use of self-assessments, stress/scenario tests, and/or independent judgments made by external advisors. The Board may appoint supporting committees, and engage senior management to assist it in the oversight of risk management; and
              c) Ensure that senior management have put in place appropriate systems of control for the business of the bank and the information needs of the Board; in particular, there must be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the bank, and compliance with applicable laws, regulations and best practice standards. The systems must produce information on a timely basis.
              October 07

          • Corporate Ethics, Conflicts of Interest and Code of Conduct[versions up to October 2010]

            • HC-1.2.8 [versions up to October 2010]

              Banks are subject to a wide variety of laws, regulations and codes of best practice that directly affect the conduct of business. Such laws involve the Bahraini Stock Exchange Law, the Labour Law, the Commercial Companies Law, occupational health and safety, even environment and pollution laws, as well as codes of conduct and regulations of the Central Bank. The Board sets the 'tone at the top' of a bank, and has a responsibility to oversee compliance with these various requirements. The Board should ensure that the staff conduct their affairs with a high degree of integrity, taking note of applicable laws, codes and regulations.

              October 07

            • HC-1.2.9 [versions up to October 2010]

              The Board must establish corporate standards for itself, senior management, and employees. This requirement should be met by way of a documented and published code of conduct or similar document. These values must be communicated throughout the bank, so that the Board and senior management and staff understand the importance of conducting business based on good corporate governance values and understand their accountabilities to the various stakeholders of the licensee. Banks' Boards, senior management and staff must be informed of and be required to fulfill their fiduciary responsibilities to the bank's stakeholders.

              October 07

            • HC-1.2.10 [versions up to October 2010]

              An internal code of conduct is separate from the business strategy of a bank. A code of conduct should outline the practices that Directors, senior management and staff should follow in performing their duties. Banks may wish to use procedures and policies to complement their codes of conduct. The suggested contents of a code of conduct are covered below:

              a) Commitment by the Board and management to the code. The code of conduct should be linked to the objectives of the bank, and its responsibilities and undertakings to customers, shareholders, staff and the wider community (see HC-1.2.8 and HC-1.2.9). The code should give examples or expectations of honesty, integrity, leadership and professionalism;
              b) Commitment to the law and best practice standards. This commitment would include commitments to following accounting standards, industry best practice (such as ensuring that information to clients is clear, fair, and not misleading), transparency, and rules concerning potential conflicts of interest (see HC-1.2.11);
              c) Employment practices. This would include rules concerning health and safety of employees, training, policies on the acceptance and giving of business courtesies, prohibition on the offering and acceptance of bribes, and potential misuse of company assets;
              d) How the company deals with disputes and complaints from clients and monitors compliance with the code; and
              e) Confidentiality. Disclosure of client or bank information should be prohibited, except where disclosure is required by law (see HC-1.2.6 b).
              October 07

            • HC-1.2.11 [versions up to October 2010]

              The Board must establish and disseminate to its members and management, policies and procedures for the identification, reporting, disclosure, prevention, or strict limitation of potential conflicts of interest. It is senior management's responsibility to implement these policies. Rules concerning connected party transactions and potential conflicts of interest may be dealt with in the Code of Conduct (see HC-1.2.9). In particular, the Central Bank requires that any decisions to enter into transactions, under which Board members or any member of management would have conflicts of interest that are material, should be formally and unanimously approved by the full Board. Best practice would dictate that a Board member or member of senior management must:

              a) Not enter into competition with the bank;
              b) Not demand or accept substantial gifts from the bank for himself or his associates;
              c) Not misuse the banks' assets;
              d) Not use company privileged information or take advantage of business opportunities to which the company is entitled for himself or his associates;
              e) Report to the Board any (potential) conflict of interest in their activities with, and commitments to other organisations. In any case, all Board members and members of senior management must declare in writing all of their other interests in other enterprises or activities (whether as a shareholder of above 5% of the voting capital of a company, a manager, or other form of significant participation) to the Board (or the Nominations or Audit Committees) on an annual basis; and
              f) Absent themselves from any discussions or decision-making that involves a subject where they are incapable of providing objective advice, or which involves a subject or (proposed) transaction where a conflict of interest exists.
              October 07

            • HC-1.2.12 [versions up to October 2010]

              The Central Bank expects that the Board and its members individually and collectively:

              a) Act with honesty, integrity and in good faith, with due diligence and care, with a view to the best interest of the bank and its shareholders and other stakeholders (see Paragraphs HC-2.8 to HC-1.2.11);
              b) Act within the scope of their responsibilities (which should be clearly defined – see HC-1.3.7 and HC-1.3.8 below) and not participate in the day-to-day management of the bank;
              c) Have a proper understanding of, and competence to deal with the affairs and products of the bank and devote sufficient time to their responsibilities;
              d) To independently assess and question the policies, processes and procedures of the bank, with the intent to identify and initiate management action on issues requiring improvement. (i.e. to act as checks and balances on management).
              October 07

            • HC-1.2.13 [versions up to October 2010]

              All Directors whether non-executive or executive should exercise independence in their decision-making. To facilitate independence, the Board should agree procedures whereby the Board or its individual members (or committees) may take independent professional advice at the bank's expense.

              October 07

        • HC-1.3 HC-1.3 Board Composition and the Role of Committee[versions up to October 2010]

          • Board Composition & Frequency of Meetings[versions up to October 2010]

            • HC-1.3.1 [versions up to October 2010]

              To fulfil its responsibility for the review of the systems and controls framework (HC-1.2.3 c), the Board must periodically assess its composition and size and, where appropriate, reconstitute itself and its committees by selecting new Directors to replace long-standing members or those members whose contribution to the bank or its committees (such as the audit committee) is not adequate.

              October 07

            • HC-1.3.2 [versions up to October 2010]

              No Board member may have more than one Directorship of a Retail Bank and a Wholesale Bank. This would mean an effective cap of a maximum of two Directorships of licensees inside Bahrain. Two Directorships of licensees within the same Category (e.g. 'Retail Bank') would not be permitted. Banks may approach the Central Bank for exemption from this limit where the Directorships concern banks or financial institutions within the same group.

              Amended January 2009
              October 07

            • HC-1.3.3 [versions up to October 2010]

              The Board must meet sufficiently often to enable it to discharge its responsibilities effectively, taking into account the bank's scale and complexity.

              October 07

            • HC-1.3.4 [versions up to October 2010]

              To meet its obligations under Rule HC-1.3.3 above, the full Board should meet preferably no less than four times per year. The Central Bank recommends that meetings should take place once every quarter to address the Board's responsibilities for management oversight and performance monitoring. Furthermore, Board rules should require members to step down if they are not actively participating in Board meetings.

              October 07

          • Independent and Non-Executive Directors[versions up to October 2010]

            • HC-1.3.5 [versions up to October 2010]

              Where there is the potential for conflict of interest, or there is a need for impartiality, the Board must assign a sufficient number of independent non-executive Board members capable of exercising independent judgment. At a minimum, all locally incorporated banks must appoint one independent non-executive director. The Board must outline its criteria and materiality thresholds in the annual report for the definition of 'independence'. The Directors must be identified in the annual report as executive, non-executive, and independent non-executive, as follows:

              a) Executive Director (or 'Managing Director' under the Commercial Companies Law 'CCL') - A person who is involved in the day-to-day management and/or is in full-time employment of the bank and/or any of its affiliates or subsidiaries or parent companies. An executive Director may not occupy the post of 'Chairman';
              b) Non-Executive Director - A person not involved in the day-to-day management and/or is not a full-time salaried employee of the bank and/or any of its affiliates, or subsidiaries or parent companies; and
              c) Independent Non-Executive Director - A non-executive Director (as defined above), who also:
              •   Is not a 'controller' of the bank (see Section GR-5.2).
              •   Is not an Associate (see Section GR-5.2) of a Director or a member of senior management of the bank.
              •   Is not a professional advisor to the bank or group (A partner or member of senior management of an accountancy or law firm that provides services to the bank would not be perceived by the Central Bank as an independent non-executive Director).
              •   Is not a large depositor with, or large borrower from the bank (i.e. whose deposits or credit facilities exceed 10% of the capital base of the bank).
              •   Has no significant contractual, or business relationship with the bank or group which could be seen to materially interfere with the person's capacity to act in an independent manner.
              October 07
              Amended: April 2008

            • HC-1.3.6 [versions up to October 2010]

              Independent non-executive Directors should be permitted to meet periodically (e.g. at separate meetings from the main Board) without executive management present.

              October 07

          • Checks and Balances[versions up to October 2010]

            • HC-1.3.7 [versions up to October 2010]

              To ensure a clear segregation of duties, the Board must clearly define, document and enforce its own responsibilities, including those of its Chairman, as well as the delegated authorities, responsibilities and accountabilities of the Board and management committees, the bank's Chief Executive and senior management to the stakeholders of the bank.

              October 07

            • HC-1.3.8 [versions up to October 2010]

              In particular, the Board must issue formal letters of appointment both to senior management and Board members, outlining their specific responsibilities and accountabilities. Wherever possible, these documents or a summary of responsibilities should be disclosed publicly, for example in the annual report. Letters of appointment facilitate better understanding of the respective accountabilities of the Board and management.

              October 07

          • Responsibilities of the Chairman[versions up to October 2010]

            • HC-1.3.9 [versions up to October 2010]

              The Chairman is responsible for the leadership of the Board, and for the efficient functioning of the Board. The Chairman is responsible for ensuring that Board members are adequately briefed in sufficient time for issues arising at Board meetings; therefore it is vital that the Chairman commit sufficient time to perform his role effectively, taking into account the points below:

              a) The role of Chairman and Chief Executive may not be exercised by the same person; and
              b) Furthermore, there needs to be a clear division of responsibility between these two positions (see also HC-1.3.8 in this regard).
              October 07

            • HC-1.3.10 [versions up to October 2010]

              The Chairman of the Board should preferably be non-executive and independent (see HC-1.3.5 for the definitions of 'non-executive' and 'independent').

              October 07

          • The benefits and functions of committees[versions up to October 2010]

            • HC-1.3.11 [versions up to October 2010]

              In order to perform its duties more efficiently, the Board may set up committees where it feels appropriate with specific responsibilities, which must be documented. Where committees are set up, they should keep full minutes of their activities and meet regularly to fulfil their mandates. In particular, there are three areas where there is a need for checks and balances within the Board itself:

              a) The nomination of Directors;
              b) The remuneration of Directors; and
              c) The audit of the bank's financial performance.

              In these areas, executive Directors have clear potential conflicts of interest. Nomination is all about the continuation of their own jobs and the jobs of their colleagues and potential new colleagues. Remuneration is all about the rewards that executive Directors and/or senior management receive for their services to the bank. Audit concerns the probity of the financial and non-financial reporting of the performance of the company by the very same persons who are responsible for its performance.

              For larger banks that deal with the general public, committees can be a more efficient mechanism to assist the main Board in its monitoring and control of the activities of the bank. The establishment of committees should not mean that the role of the Board is diminished, or that the Board becomes fragmented. Each Committee must have a clear written mandate outlining its purpose, objectives and responsibilities, including composition, frequency of meetings and reporting relationships.

              October 07

          • Audit Committee[versions up to October 2010]

            • HC-1.3.12 [versions up to October 2010]

              The Central Bank requires all banks to establish an Audit Committee. The committee members must have sufficient technical expertise to enable the committee to perform its functions effectively. There must be at least one qualified and appropriately experienced accountant in the committee. All members of the committee must be financially literate. The Audit Committee must be composed of non-executive Directors only. The CEO may not be a member of this committee.

              October 07

            • HC-1.3.13 [versions up to October 2010]

              Responsibilities of the Audit Committee are as follows:

              a) To review the integrity of the bank's financial reporting (particularly with reference to information passed to the Board - see HC-1.2.6 a). This review must include the choice of accounting policies. The information needs of the Board to perform its monitoring responsibilities must be defined in writing, and regularly monitored by the Audit Committee;
              b) To oversee the selection and compensation of the external auditor for appointment and approval at the shareholders' meeting. The audit committee must oversee relations with the external auditors, including ensuring the external auditor's independence (in particular, making sure that the external audit firm and its partners have no other financial or business relationship without the Board's knowledge), the terms and conditions of the auditor's appointment and remuneration arrangements. The committee must monitor rotation arrangements for audit engagement partners. The audit committee must monitor the performance of the external auditor and the non-audit services provided by the external auditor. The committee must meet with the external auditor at least twice per year, and at least once per year in the absence of any members of executive management.
              c) To regularly review the activities and performance of the internal audit function;
              d) To review whether the bank complies with all relevant laws, regulations, codes and business practices, and ensure that the bank communicates with shareholders and relevant stakeholders (internal and external) openly and promptly, and with substance of compliance prevailing over form; and
              e) To review and supervise the implementation of, enforcement of and adherence to the bank's code of conduct.
              October 07

            • HC-1.3.14 [versions up to October 2010]

              Below the Audit Committee, the bank must set up an internal audit function, which reports directly to the Audit Committee (with a parallel reporting line to senior management for day-to-day matters as appropriate).

              October 07

          • Sharia Supervision Committee[versions up to October 2010]

            • HC-1.3.15 [versions up to October 2010]

              The Central Bank requires all banks to establish an independent Shari'a Supervision Committee complying with AAOIFI's governance standards for Islamic Financial Institutions No. 1 and No.2

              October 07

            • HC-1.3.16 [versions up to October 2010]

              All banks must comply with all AAOIFI issued accounting standards as well as the Shari'a pronouncement issued by the Shari'a Board of AAOIFI. The bank must have a separate function of Shari'a review to verify compliance with the above. This internal Shari'a review must be carried out in accordance with AAOIFI's governance standards No. 3. The Shari'a review function may be located in the Internal Audit function of the bank.

              October 07

        • HC-1.4 HC-1.4 Transparency and Disclosure[versions up to October 2010]

          Board's Responsibility for Disclosure

          October 07

          • HC-1.4.1 [versions up to October 2010]

            The Board should oversee the process of disclosure and communications with internal and external stakeholders. The Board should ensure that disclosures made by the bank are fair, transparent, comprehensive and timely and reflect the character of the bank and the nature, complexity and risks inherent in the bank's business activities. Disclosure policies must be reviewed for compliance with the Central Bank's disclosure requirements (see Rulebook Chapter PD-1).

            October 07

          • HC-1.4.2 [versions up to October 2010]

            To promote sound corporate governance, the bank must submit its organisational structure approved by the Board of Directors, which notes the designations and responsibilities of its key management personnel, highlighting their qualifications and relevant industry experience. The organisational structure should be clearly delineated and reporting lines completely transparent to promote full disclosure. It is the General Manager's responsibility to ensure that this occurs.

            October 07

          • HC-1.4.3 [versions up to October 2010]

            The bank must submit a statement of its strategy and objectives to the Central Bank at the time of licensing. This statement should cover a minimum period of three years. The Central Bank may request a formal review by the Board of the bank's statement from time to time.

            October 07

        • HC-1.5 HC-1.5 Notification, reporting, and approval requirements for changes to activities, personnel and ownership, strategy, Board meetings and special purpose vehicles ('SPVs')[versions up to October 2010]

          • HC-1.5.1 [versions up to October 2010]

            Banks must notify the Central Bank in writing of all major proposed changes to the strategy and/or corporate plan of the bank prior to implementation.

            October 07

          • HC-1.5.2 [versions up to October 2010]

            Banks must notify the Central Bank in writing of any proposed changes to senior positions or ownership changes mentioned in Sections HC-2.1 and HC-3.2 (whether in terms of structure or identity of personnel) prior to the change. The communication should include the reason for the departure of the personnel and the Curriculum Vitae of any new persons taking up the relevant positions in the bank (see also HC-2.1.17). See also Section BR-5.1 for notification requirements concerning contact details of senior staff.

            Amended: October 2009
            Amended: January 2009
            October 2007

          • HC-1.5.3 [versions up to October 2010]

            If a controlled function falls vacant, all banks must appoint a permanent replacement (after obtaining CBB approval), within 120 calendar days of the vacancy occurring. Pending the appointment of a permanent replacement, the bank must make immediate interim arrangements to ensure continuity of the duties and responsibilities of the controlled function affected. These interim arrangements must be approved by the CBB.

            Added January 2009

          • HC-1.5.4 [versions up to October 2010]

            All locally incorporated banks, in addition to the requirements in Paragraphs HC-1.5.1 and HC-1.5.2, should obtain the Central Bank's prior specific written approval before establishing any subsidiaries (including SPVs where the bank exercises a majority shareholding or has majority voting control by virtue of direct ownership or by proxy/nominee arrangements), branches and/or representative offices, either inside or outside of Bahrain. In order to avoid any delays and/or disruption in implementation of banks' plans in this context, the Central Bank should be approached as soon as possible, even at a very preliminary stage.

            Renumbered January 2009
            October 07

          • HC-1.5.5 [versions up to October 2010]

            All locally incorporated banks are required to submit, on an annual basis, as an attachment to the year-end quarterly PIR, a report recording the meetings during the year by their Board of Directors. For a sample report, refer to Appendix BR-10.

            Renumbered January 2009
            October 07

          • HC-1.5.6 [versions up to October 2010]

            All locally incorporated banks must notify the Central Bank if they intend to act as sponsor or manager of a special purpose vehicle ('SPV'), or if they intend to participate in the creation of an SPV, or if they intend to acquire shares in an SPV. All locally incorporated banks must notify the Central Bank if they are appointed as nominee shareholders of SPVs or hold votes by proxy arrangement in SPVs on behalf of other investors. In all cases listed above, the concerned bank must notify the Central Bank quarterly of any new commitments to, or engagements in business arrangements with SPVs. These reporting and notification arrangements apply in addition to arrangements under HC-1.5.4 where the SPV is a subsidiary.

            Renumbered January 2009
            October 07

          • HC-1.5.7 [versions up to October 2010]

            The Central Bank requires any locally incorporated bank associated with an SPV to give the background to the following points in any notification under HC-1.5.6 above:

            a) the purpose of the SPV;
            b) the nature of the relationship between the bank and the SPV (i.e. sponsor, manager, investor, controller etc.);
            c) the external auditor's proposed consolidation/accounting treatment of the SPV;
            d) the availability of financial and other information relevant to the SPV and access to its business premises and records;
            e) whether the bank is providing any guarantees, warranties or financial/liquidity support of any kind to the SPV.
            Renumbered January 2009
            October 07

          • HC-1.5.8 [versions up to October 2010]

            Where the SPV is consolidated into the accounts of a locally incorporated bank, the bank must provide separate accounting information on the SPV to the Central Bank on a quarterly basis. Furthermore, the annual audited financial statements of all consolidated SPVs must be submitted to the Central Bank within 3 months of the year end of the concerned SPV.

            Renumbered January 2009
            October 07

          • HC-1.5.9 [versions up to October 2010]

            Where a locally incorporated bank has a controller or majority ownership relationship with an SPV, or acts as sponsor, the bank must obtain the prior approval of the Central Bank for any changes to the capital, ownership, management or control of the SPV. All locally incorporated banks must also notify the Central Bank of any significant events in relation to the SPV. If necessary, the Central Bank may require that formal information exchange arrangements are put in place (e.g. a memorandum of understanding) if the SPV is located in a foreign jurisdiction and its activities are not supervised locally.

            Renumbered January 2009
            October 07

      • HC-2 HC-2 Approved Persons[versions up to October 2010]

        • HC-2.1 HC-2.1 CBB Notification and Approval[versions up to October 2010]

          • General Requirement[versions up to October 2010]

            • HC-2.1.1 [versions up to October 2010]

              All persons wishing to undertake a controlled function in an Islamic bank licensee must be notified to the CBB prior to their appointment and, where required, approved by the CBB (see Rule HC-2.1.3).

              October 07

            • HC-2.1.2 [versions up to October 2010]

              Controlled functions are those of:

              (a) Director;
              (b) Member of Shari'a Supervisory Board
              (c) Chief Executive or General Manager;
              (d) Senior Manager;
              (e) Compliance officer;
              (f) Money Laundering Reporting Officer;
              (g) Deputy Money Laundering Reporting Officer; and
              (h) Financial Instruments Trader.
              Amended: October 2009
              October 2007

            • HC-2.1.3 [versions up to October 2010]

              Prior approval is required for controlled functions (a), (b), (c), (d), (e), (f) and (g). Controlled functions (e) and (f) may be combined, however (see also FC-4.1, regarding the MLRO function). Controlled function (h) does not require prior approval: instead, notification only is required, once the person concerned has accepted to undertake that function.

              Amended: October 2009
              October 2007

          • Basis for Approval[versions up to October 2010]

            • HC-2.1.4 [versions up to October 2010]

              Approval under Rule HC-2.1.1 is only granted by the CBB, if it is satisfied that the person is fit and proper to hold the particular position in the licensee concerned. 'Fit and proper' is determined by the CBB on a case-by-case basis. The definition of 'fit and proper' and associated guidance is provided in Sections HC-2.2 and HC-2.3 respectively.

              October 07

          • Definitions[versions up to October 2010]

            • HC-2.1.5 [versions up to October 2010]

              Director is any person who occupies the position of a Director, as defined in Article 173 of the Commercial Companies Law (Legislative Decree No. 21 of 2001).

              October 07

            • HC-2.1.6 [versions up to October 2010]

              The fact that a person may have 'Director' in their job title does not of itself make them a Director within the meaning of the definition noted in Rule HC-2.1.5. For example, a 'Director of Marketing', is not necessarily a member of the Board of Directors and therefore may not fall under the definition of Rule HC-2.1.5.

              October 07

            • HC-2.1.7 [versions up to October 2010]

              The Chief Executive or General Manager means a person who is responsible for the conduct of the licensee (regardless of actual title). The Chief Executive or General Manager must be resident in Bahrain. This person is responsible, alone or jointly, for the conduct of the whole of the firm, or, in the case of an overseas Islamic bank licensee, for all of the activities of the branch (in which case, he may hold the title of 'Branch Manager').

              October 07

            • HC-2.1.8 [versions up to October 2010]

              Senior Manager means a person who, under the immediate authority of a Director or the Chief Executive/General Manager, exercises major managerial responsibilities, is responsible for a significant business or operating unit, or has major managerial responsibility for maintaining accounts or other records of the licensee.

              October 07

            • HC-2.1.9 [versions up to October 2010]

              Whether a person is a Senior Manager will depend on the facts in each case and is not determined by the presence or absence of the word in their job title. Examples of Senior Managers might include, depending on the scale, nature and complexity of the business, a deputy Chief Executive; and heads of departments such as Risk Management, or Internal Audit; or the Chief Financial Officer.

              October 07

            • HC-2.1.10 [versions up to October 2010]

              Financial Instruments Trader means a person who is engaged in buying or selling financial instruments.

              October 07

            • HC-2.1.11 [versions up to October 2010]

              Where a firm is in doubt as to whether a function should be considered a controlled function it must discuss the case with the CBB.

              October 07

          • Notification Requirements and Process[versions up to October 2010]

            • HC-2.1.12 [versions up to October 2010]

              Islamic bank licensees must obtain CBB approval before a person is formally appointed to a controlled function; the request for CBB approval must be made by submitting to CBB a duly completed Form 3 (Application for Approved Person status). In the case of a financial instruments trader, notification only is required (see Rule HC-2.1.3): this notification must also be made by submitting a Form 3.

              October 07

            • HC-2.1.13 [versions up to October 2010]

              In the case of license applications, the Form 3 must be marked for the attention of the Director, Licensing and Policy Directorate. When made by an Islamic bank licensee, the Form 3 must be marked for the attention of the Director, Islamic Financial Institutions.

              October 07

            • HC-2.1.14 [versions up to October 2010]

              Licensees should give the CBB a reasonable amount of notice in order for an application for approval to be reviewed. The CBB aims to respond within 2 weeks of receipt of an application, although in some cases, where referral to an overseas supervisor is required, the response time is likely to be longer.

              October 07

            • HC-2.1.15 [versions up to October 2010]

              Licensees seeking to appoint Board Directors should seek CBB approval for all the candidates to be put forward for election at a shareholder meeting, in advance of the agenda being issued to shareholders. CBB approval of the candidates does not in any way limit shareholders' rights to refuse those put forward for election.

              October 07

            • HC-2.1.16 [versions up to October 2010]

              All refusals by the CBB to grant a person approved person status have to be reviewed and approved by an Executive Director of the CBB. A notice of intent is issued to the licensee concerned, setting out the basis for the decision. The licensee has 30 calendar days from the date of the notice in which to appeal the decision. The CBB then has 30 calendar days from the date of the representation in which to make a final determination. See also Chapter EN-5.

              Amended January 2009
              Added October 2007

            • HC-2.1.17 [versions up to October 2010]

              Islamic bank licensees must immediately notify CBB when an approved person ceases to hold the controlled function, for which they have been approved, and for whatever reason (see also HC-1.5.2).

              Amended January 2009
              October 07

            • HC-2.1.18 [versions up to October 2010]

              Thus, licensees are required to notify CBB should an approved person transfer to another function within the licensee, or to another group entity; or else resign, be suspended or dismissed. CBB may require further clarification as to the reasons for the person's transfer or departure. CBB will automatically withdraw the individual's approved person status: should the person wish to undertake another controlled function, whether within the same licensee or in another licensee, then a new application should be resubmitted.

              October 07

            • HC-2.1.19 [versions up to October 2010]

              Islamic bank licensees must immediately notify CBB should they become aware of information that could reasonably be viewed as calling into question an approved person's compliance with CBB's 'fit and proper' requirement (see HC-2.2).

              October 07

        • HC-2.2 HC-2.2 "Fit and proper" requirement[versions up to October 2010]

          • HC-2.2.1 [versions up to October 2010]

            Licensees seeking an approved person authorisation for an individual, must satisfy the CBB that the individual concerned is 'fit and proper' to undertake the controlled function in question.

            October 07

          • HC-2.2.2 [versions up to October 2010]

            To be considered 'fit and proper', those nominated must demonstrate:

            (a) personal integrity, honesty and good reputation;
            (b) professional competence, experience and expertise, sufficient for the controlled function for which authorisation is being applied for, and given the scale, complexity and nature of the Islamic bank licensee concerned; and
            (c) financial soundness.
            October 07

          • HC-2.2.3 [versions up to October 2010]

            In assessing the conditions prescribed in Rule HC-2.2.2, the CBB will take into account the criteria contained in Section HC-2.3. The CBB reviews each application on a case-by-case basis, taking into account all relevant circumstances. A person may be considered 'fit and proper' to undertake one type of controlled function but not another, depending on the function's job size and required levels of experience and expertise. Similarly, a person approved to undertake a controlled function in one Islamic bank licensee may not be considered to have sufficient expertise and experience to undertake nominally the same controlled function but in a much bigger licensee.

            October 07

          • HC-2.2.4 [versions up to October 2010]

            Approved persons undertaking a controlled function must act prudently, and with honesty, integrity, care, skill and due diligence in the performance of their duties. They must avoid conflicts of interest arising whilst undertaking a controlled function.

            October 07

          • HC-2.2.5 [versions up to October 2010]

            In determining whether a conflict of interest may arise, factors that may be considered include whether:

            (a) a person has breached any fiduciary obligations to the company or terms of employment;
            (b) a person has undertaken actions that would be difficult to defend, when looked at objectively, as being in the interest of the licensee; and
            (c) a person has failed to declare a personal interest that has a material impact in terms of the person's relationship with the licensee.
            October 07

        • HC-2.3 HC-2.3 Interpretative Guidance on 'Fit and Proper' Requirement[versions up to October 2010]

          • HC-2.3.1 [versions up to October 2010]

            In assessing a person's fitness and propriety, the CBB will consider previous professional and personal conduct (in Bahrain or elsewhere) including, but not limited to, the following:

            (a) the propriety of a person's conduct, whether or not such conduct resulted in a criminal offence being committed, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;
            (b) a conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;
            (c) any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;
            (d) whether the person has been the subject of any disciplinary proceeding by any government authority, regulatory agency or professional body or association;
            (e) the contravention of any financial services legislation or regulation;
            (f) whether the person has ever been refused a license, authorisation, registration or other authority;
            (g) dismissal or a request to resign from any office or employment;
            (h) disqualification by a court, regulator or other competent body, as a Director or as a manager of a corporation;
            (i) whether the person has been a Director, partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners have been declared bankrupt whilst the person was connected with that partnership;
            (j) the extent to which the person has been truthful and open with supervisors;
            (k) the extent to which the person has appropriate professional and other qualifications for the controlled function in question;
            (l) the extent to which the person has sufficient experience, or is otherwise able to perform the functions of the controlled function in question;
            (m) whether the person has ever been adjudged bankrupt, entered into any arrangement with creditors in relation to the inability to pay due debts, or failed to satisfy a judgement debt under a court order.
            October 07

          • HC-2.3.2 [versions up to October 2010]

            With respect to HC-2.3.1.(b), (c), (d) and (e), the CBB will take into account the length of time since any such event occurred, as well as the seriousness of the matter in question.

            October 07

          • HC-2.3.3 [versions up to October 2010]

            Further guidance on the process for assessing a person's 'fit and proper' status is given in Module EN (Enforcement): see Chapter EN-8.

            October 07

        • HC-2.4 [This Section was deleted in 07/2006: it has been left blank.][versions up to October 2010]

      • HC-3 HC-3 Compliance officer/manager[versions up to October 2010]

        • HC-3.1 HC-3.1 Introduction[versions up to October 2010]

          • HC-3.1.1 [versions up to October 2010]

            In order to promote best practice with respect to banks' internal systems and controls and international banking supervision, the Central Bank, in this Chapter, outlines its requirements for the compliance function of banks. The expression 'Compliance Function' in this Chapter is used to describe staff carrying out compliance duties.

            October 07

          • HC-3.1.2 [versions up to October 2010]

            The expression 'Compliance Risk', in this Chapter refers to the risk of legal or regulatory sanctions, material or financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with laws, regulations, rules, reporting requirements, standards and codes of conduct applicable to its activities, rather than compliance with a bank's internal limits or procedures.

            October 07

          • HC-3.1.3 [versions up to October 2010]

            For further information and guidance on compliance risk and the compliance function, banks should refer to the Basel Committee publication, 'Compliance and the compliance function in banks' (www.bis.org/publ April 2005). The Central Bank expects banks to carry out a review of their compliance with the principles in this paper on a regular basis (either by way of a self-assessment or by way of a review by the internal or external audit function).

            October 07

        • HC-3.2 HC-3.2 Requirement for and approval of a compliance officer/manager[versions up to October 2010]

          • HC-3.2.1 [versions up to October 2010]

            All banks must appoint a senior member of staff with responsibility for the management of compliance risk as their Compliance Officer/Manager.

            October 07

          • HC-3.2.2 [versions up to October 2010]

            The compliance function must be independent (i.e. it must not be placed in a position where its other duties or responsibilities may cause a conflict of interest with its compliance risk management responsibilities). Therefore the compliance function must be separate from the internal audit function. The compliance officer or manager may however, perform other limited related compliance roles (e.g. the MLRO or legal advisor), subject to the Central Bank's prior approval.

            October 07

          • HC-3.2.3 [versions up to October 2010]

            The compliance officer/manager must be appropriately qualified and experienced and the compliance function must have adequate resources to carry out its functions effectively.

            October 07

          • HC-3.2.4 [versions up to October 2010]

            The appointment of a compliance manager/officer requires the Central Bank's prior approval and the submission of the appointee's Personal Questionnaire (Appendix LR 2) and Curriculum Vitae to the Central Bank. The bank must also outline how the compliance function fits into the bank's senior management reporting structure, and must give details of relevant reporting lines within the bank.

            October 07

          • HC-3.2.5 [versions up to October 2010]

            In the case of locally incorporated banks, the compliance officer/manager must have access to the Board of Directors in addition to the senior management.

            October 07

      • HC-4 [This Chapter deleted 07/2006 – left blank.][versions up to October 2010]

    • HC HC High-Level Controls [Versions Up To April 2023]

      • HC-A HC-A Introduction

        • HC-A.1 HC-A.1 Purpose

          • Executive Summary

            • HC-A.1.1

              This Module presents requirements that have to be met by Islamic bank licensees with respect to:

              (a) Corporate governance principles issued by the Ministry of Industry and Commerce as "The Corporate Governance Code"; and
              (b) International best practice corporate governance standards set by bodies such as the Basel Committee for Banking Supervision; and
              (c) Related high-level controls and policies.
              Amended: April 2011
              October 2010

            • HC-A.1.2

              The Principles referred to in this Module are in line with the Principles relating to the Corporate Governance Code issued by the Ministry of Industry and Commerce.

              October 2010

            • HC-A.1.3

              The purpose of the Module is to establish best practice corporate principles in Bahrain, and to provide protection for investors and other Islamic bank licensee's stakeholders through compliance with those principles.

              October 2010

            • HC-A.1.4

              Whilst the Module follows best practice, it is nevertheless considered as the minimum standard to be applied. This Module also includes additional rules and guidance issued by the CBB prior to the publication of the Code and previously contained in Module HC.

              October 2010

          • Structure of this Module

            • HC-A.1.5

              This Module follows the structure of the Corporate Governance Code and each Chapter deals with one of the nine Principles of corporate governance. The numbered directives included in the Code are Rules for purposes of this Module. Recommendations under the Code have been included as guidance. However, where the previous version of Module HC had a similar recommendation as a Rule, the Module retains this Paragraph as a Rule.

              October 2010

            • HC-A.1.6

              The Module also incorporates other high-level controls and policies that apply in particular to Islamic bank licensees.

              October 2010

            • HC-A.1.7

              All references in this Module to 'he' or 'his' shall, unless the context otherwise requires, be construed as also being references to 'she' and 'her'.

              October 2010

          • The Comply or Explain Principle

            • HC-A.1.8

              This Module is issued as a Directive (as amended from time to time) in accordance with Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). In common with other Rulebook Modules, this Module contains a mixture of Rules and Guidance (See Module UG-1.2 for detailed explanation of Rules and Guidance). All Rulebook content that is categorised as a Rule must be complied with by those to whom the content is addressed. Other parts of this Module are Guidance; nonetheless every Islamic bank licensee to whom Module HC applies, is expected to comply with recommendations made as Guidance in Module HC or explain its noncompliance in the Annual Report in accordance with Subparagraph PD-1.3.10(x) and to the CBB (see Chapter HC-8).

              Amended: April 2012
              Amended: January 2011
              October 2010

          • Monitoring and Enforcement of Module HC

            • HC-A.1.9

              Disclosure and transparency are underlying principles of Module HC. Disclosure is crucial to allow outside monitoring to function effectively. This Module looks to a combined monitoring system relying on the Board, the Islamic bank licensee's shareholders and the CBB.

              October 2010

            • HC-A.1.10

              It is the Board's responsibility to see to the accuracy and completeness of the Islamic bank licensee's corporate governance guidelines and compliance with Module HC. Failure to comply with this Module is subject to enforcement measures as outlined in Module EN (Enforcement).

              October 2010

          • Legal Basis

            • HC-A.1.11

              This Module contains the CBB's Directive (as amended from time to time) relating to high-level controls and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). The Directive in this Module is applicable to Islamic bank licensees (including their approved persons).

              Amended: January 2011
              October 2010

            • HC-A.1.12

              For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

              October 2010

          • Effective Date

            • HC-A.1.13

              The previous version of Module HC is applicable until 31st December 2010. This updated Module issued in October 2010, is effective on 1st January 2011. All Islamic bank licensees to which Module HC applies should be in full compliance by the financial year end 2011. At every Islamic bank licensee's annual shareholder meeting held after 1st January 2011, corporate governance should be an item on the agenda for information and any questions from shareholders regarding the Islamic bank licensee's governance. Where possible, the Islamic bank licensee should also have corporate governance guidelines in place at that time and should have a "comply or explain" report as described in Paragraph HC-A.1.8.

              October 2010

        • HC-A.2 HC-A.2 Module History

          • HC-A.2.1

            This Module was first issued in June 2004 by the BMA and updated in October 2007 to reflect the switch to the CBB. Following the issuance of the Corporate Governance Code by the Ministry of Industry and Commerce in March 2010, the Module was amended in October 2010 to be in line with the new Corporate Governance Code and to include previous requirements that were in place in the originally issued Module HC. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            October 2010

          • HC-A.2.2

            A list of recent changes made to this Module is detailed in the table below:

            Module Ref. Change Date Description of Changes
            HC-1 to HC-8 10/2010 Amendments due to introduction of new MOIC Corporate Governance Code.
            HC-1.3 10/2010 Prohibition of proxies and requirement to attend 75% of Board meetings in a financial year.
            HC-A.1.8 and HC-A.1.11 01/2011 Clarified legal basis.
            HC-1.3.8 01/2011 Corrected cross reference.
            HC-2.2.4, 2.2.5 and 3.2.1 01/2011 Corrected cross references.
            HC-2.3.2 01/2011 Corrected cross reference; reference changed to connected persons.
            Appendix C 01/2011 Corrected cross reference.
            Appendix A 04/2011 Clarified membership of audit committee to be in line with Rule HC-3.2.1.
            HC-6.2.1 10/2011 Clarified management structure.
            HC-B.2.2 01/2012 Clarified language related to corporate governance.
            HC-1.2.8 and HC-1.5.3 01/2012 Clarified that the Chairman of the Board may delegate specific duties dealt with in these Paragraphs.
            HC-1.3.12 01/2012 Amended Rule on Directorships.
            HC-1.9.1 01/2012 Deleted last sentence to be in line with other Volumes of the CBB Rulebook.
            HC-3.2.1(a) and HC-5.6.6 01/2012 Amended to be in line with other Volumes of the CBB Rulebook.
            HC-6.3.1 01/2012 Clarified Rule by following corporate governance code wording.
            Appendix A 01/2012 Amended criteria for audit committee member.
            HC-A.1.8 04/2012 Clarified the reporting of noncompliance with Module HC in the Annual Report.
            HC-7.2.5 04/2012 Clarified Guidance on election of board members.
            Appendices A, B and C 04/2012 Amended requirement for written report on performance evaluation for various Board committees.
            Appendix A 04/2012 Included reference to compliance under Committee Duties and Responsibilities.
            HC-2.2.6A and HC-2.2.6B 07/2012 Added Rule and guidance dealing with benefits received from approved persons from projects and investments.
            Appendices A, B and C 07/2012 Clarified requirement for written report on performance evaluation for various Board committees.
            HC-1.3.7A 10/2012 Added requirement on minimum number of Board meetings to take place in the Kingdom of Bahrain to be consistent with other Volumes of the CBB Rulebook.
            HC-2.2.6A 10/2012 Clarified Rule dealing with benefits received from approved persons from projects and investments.
            Appendix A 10/2012 Corrected minor typo.
            HC-2.2.2 and HC-2.4.1 01/2013 Clarified scope of application for Rules.
            HC-2.2.6A, HC-5 and Appendix C 01/2014 Amendments due to new rules on sound remuneration practices.
            HC-1.2.6 04/2014 Clarified CBB's requirements for proposed changes to strategy and/or corporate plans.
            HC-5.2, HC-5.4 and HC-5.5 07/2014 Updated Rules on remuneration.
            HC-1.2.11 10/2014 Corrected cross reference.
            HC-1.3.10 10/2014 Corrected typo.
            HC-6.4.3 10/2014 Clarified self assessment of compliance function.
            HC-5.4.2 01/2015 Clarified application of remuneration rules for Bahrain operations.
            HC-5.4.5 01/2015 Paragraph deleted.
            HC-5.5.2 04/2015 Clarified cap on board of directors' remuneration as per Article 188 of the Company Law.
            HC-5.4.3A 07/2015 Amended to allow for CBB-approved consultancy firm to prepare report on the bank's compliance with the remuneration Rules outlined in Chapter HC-5.
            HC-2.3.3 04/2016 Added a requirement for the Islamic bank licensee to have in place a board approved policy on the employment of relatives of approved persons.
            HC-2.4.1A 04/2016 Added the requirement to disclose to the board on annual basis relatives of any approved persons occupying controlled functions.
            HC-7.2 04/2016 Added requirements dealing with shareholders' meetings.
            HC-2.3 and HC-2.4 07/2016 Clarified application of rules to overseas conventional bank licensees
            HC-5.4.30(a) and HC-5.4.30A 10/2016 Amended Standard for all Remuneration
            HC-5.2.1 01/2017 Amendment in sub-paragraph (b)
            HC-7.2.4 04/2017 Amended paragraph on website requirement.
            HC-8.2.1 04/2017 Amended sub-paragraph (b) on website requirement.
            HC-7.2.3A 07/2017 Amended paragraph to be in line with Article (199) of the Commercial Companies Law.
            HC-6.5 04/2018 Added new Section on Internal Audit
            HC-1.8.1 07/2018 Amended paragraph to be consistent with HC-6.6.
            HC-6.6 07/2018 Added new Section on Risk Management
            HC-6.4 01/2019 Amended Section and added new requirements on compliance.
            HC-B.1.2 04/2019 Amended Paragraph.
            HC-2.3.4 04/2019 Amended Paragraph.
            HC-2.4.1B 04/2019 Amended Paragraph.
            HC-5.4.4 04/2019 Amended Paragraph.
            HC-6.6.2A 10/2019 Added a new Paragraph on branches of foreign bank licensees.
            HC-6.6.6 10/2019 Deleted Paragraph.
            HC-6.6.7 10/2019 Amended Paragraph on branches of foreign bank licensees.
            HC-1.4.11 01/2020 Added a new Paragraph on independent directors.
            HC-1.4.12 01/2020 Added a new Paragraph on termination of Board membership of a retired, terminated CEO.
            HC-6.4.7 & HC-6.4.10 01/2020 Amended Paragraphs on policy and procedures approval.
            HC-5.4.9A  04/2020  Added a new Paragraph on KPIs compliance with AML/CFT requirements.
            HC-6.2.1  04/2020  Amended Paragraph on reporting line.
            HC-5.4.4 01/2021 Amended reference in Paragraph.
            HC-6.6.33 01/2022 Amended Paragraph.
            HC-6.6.34 01/2022 Amended Paragraph.
            HC-6.6.35 01/2022 Added a new Paragraph on the independent third-party review.
            HC-6.6.36 01/2022 Added a new Paragraph on the independent review reports.

      • HC-B HC-B Scope of Application

        • HC-B.1 HC-B.1 Scope of Application

          • HC-B.1.1

            The contents of this Module — unless otherwise stated — apply to all Islamic bank licensees, incorporated under the Legislative Decree No. 21 of 2001, with respect to promulgating the Commercial Companies Law ('Company Law').

            October 2010

          • HC-B.1.2

            Branches of foreign bank licensees must satisfy the CBB that equivalent arrangements are in place at the parent entity level, and that these arrangements provide for effective high-level controls over activities conducted under the Bahrain license.

            Amended: April 2019
            October 2010

        • HC-B.2 HC-B.2 Subsidiaries and Foreign Branches

          • HC-B.2.1

            Bahraini Islamic bank licensees must ensure that, as a minimum, the same or equivalent provisions of this Module apply to their foreign branches, located outside the Kingdom of Bahrain, such that these are also subject to effective high-level controls. In instances where local jurisdictional requirements are more stringent than those applicable in this Module, the local requirements are to be applied.

            October 2010

          • HC-B.2.2

            Bahraini Islamic bank licensees must satisfy the CBB that financial services activities conducted in subsidiaries and other group members are subject to the same or equivalent arrangements for ensuring effective corporate governance over their activities.

            Amended: January 2012
            October 2010

          • HC-B.2.3

            Where an Islamic bank licensee is unable to satisfy the CBB that its subsidiaries and other group members are subject to the same or equivalent arrangements, the CBB will assess the potential impact of risks — both financial and reputational — to the licensee arising from inadequate high-level controls in the rest of the group of which it is a member. In such instances, the CBB may impose restrictions on dealings between the licensee and other group members. Where weaknesses in controls are assessed by the CBB to pose a major threat to the stability of the licensee, then its authorisation may be called into question.

            October 2010

      • HC-1 HC-1 The Board

        • HC-1.1 HC-1.1 Principle

          • HC-1.1.1

            All Bahraini Islamic bank licensees must be headed by an effective, collegial and informed Board of Directors ('the Board').

            October 2010

        • HC-1.2 HC-1.2 Role and Responsibilities

          • HC-1.2.1

            All directors must understand the Board's role and responsibilities under the Commercial Companies Law and any other laws or regulations that may govern their responsibilities from time to time. In particular:

            (a) The Board's role as distinct from the role of the shareholders (who elect the Board and whose interests the Board serves) and the role of officers (whom the Board appoints and oversees); and
            (b) The Board's fiduciary duties of care and loyalty to the Islamic bank licensee and the shareholders (see HC-2.1).
            October 2010

          • HC-1.2.2

            The Board's role and responsibilities include but are not limited to:

            (a) The overall business performance and strategy for the Islamic bank licensee;
            (b) Causing financial statements to be prepared which accurately disclose the Islamic bank licensee's financial position;
            (c) Monitoring management performance;
            (d) Convening and preparing the agenda for shareholder meetings;
            (e) Monitoring conflicts of interest and preventing abusive related party transactions;
            (f) Assuring equitable treatment of shareholders including minority shareholders; and
            (g) Establishing the objectives of the bank.
            October 2010

          • HC-1.2.3

            The precise functions reserved for the Board, and those delegated to management and committees will vary, dependent upon the business of the institution, its size and ownership structure. However, as a minimum, the Board must establish and maintain a statement of its responsibilities for:

            (a) The adoption and annual review of strategy;
            (b) The adoption and review of management structure and responsibilities;
            (c) The adoption and review of the systems and controls framework; and
            (d) Monitoring the implementation of strategy by management.
            Amended: April 2011
            October 2010

          • HC-1.2.4

            The directors are responsible both individually and collectively for performing the responsibilities outlined in HC-1.2.1 to HC-1.2.3. Although the Board may delegate certain functions to committees or management, it may not delegate its ultimate responsibility to ensure that an adequate, effective, comprehensive and transparent corporate governance framework is in place.

            October 2010

          • HC-1.2.5

            In its strategy review process under Paragraphs HC-1.2.3 a) and d), the Board must:

            (a) Review the bank's business plans and the inherent level of risk in these plans;
            (b) Assess the adequacy of capital to support the business risks of the bank;
            (c) Set performance objectives; and
            (d) Oversee major capital expenditures, divestitures and acquisitions.
            Amended: April 2011
            October 2010

          • HC-1.2.6

            Bahraini Islamic bank licensees must obtain the CBB's prior written approval for all major proposed changes to the strategy and/or corporate plan of the Bahraini Islamic bank licensee prior to implementation (see also Paragraph BR-5.2.8).

            Amended: April 2014
            October 2010

          • HC-1.2.7

            The Board is expected to have effective policies and processes in place for:

            (a) Approving budgets and reviewing performance against those budgets and key performance indicators; and
            (b) The management of the bank's compliance risk.
            Amended: April 2011
            October 2010

          • HC-1.2.8

            When a new director is inducted, the chairman of the Board, or the Islamic bank licensee's legal counsel or compliance officer, or other individual delegated by the chairman of the board, should review the Board's role and duties with that person, particularly covering legal and regulatory requirements and Module HC (see also HC-4.5.1).

            Amended: January 2012
            October 2010

          • HC-1.2.9

            The Islamic bank licensee must have a written appointment agreement with each director which recites the directors' powers, duties, responsibilities and accountabilities and other matters relating to his appointment including his term, the time commitment envisaged, the committee assignment if any, his remuneration and expense reimbursement entitlement, and his access to independent professional advice when that is needed.

            October 2010

          • Risk Recognition and Assessment

            • HC-1.2.10

              The Board is responsible for ensuring that the systems and controls framework, including the Board structure and organisational structure of the bank, is appropriate for the bank's business and associated risks (see HC-1.2.3 c). The Board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which the bank is exposed in its business activities.

              The Board must regularly assess the systems and controls framework of the bank. In its assessments, the Board must demonstrate to the CBB that:

              a) The bank's operations, individually and collectively are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of the bank's activities;
              b) The bank's operations are supported by an appropriate control environment. The compliance, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The Board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as on-going monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment must maintain necessary client confidentiality and ensure that the privacy of the bank is not violated, and ensure that clients' rights and assets are properly safeguarded; and
              c) Where the Board has identified any significant issues related to the bank's adopted governance framework, appropriate and timely action is taken to address any identified adverse deviations from the requirements of this Module.
              October 2010

            • HC-1.2.11

              The Board must adopt a formal Board charter or other statement specifying matters which are reserved to it, which should include but need not be limited to the specific requirements and responsibilities of directors. This charter must cover the points in HC-1.2.1 to HC-1.2.10. Wherever possible, the documents referred to in HC-1.2.3 to HC-1.2.10 or a summary of responsibilities should be disclosed publicly, for example in the annual report, which must be submitted to the CBB in line with the requirements of Module BR.

              Amended: October 2014
              October 2010

        • HC-1.3 HC-1.3 Decision Making Process

          • HC-1.3.1

            The Board must be collegial and deliberative, to gain the benefit of each individual director's judgment and experience.

            October 2010

          • HC-1.3.2

            The chairman must take an active lead in promoting mutual trust, open discussion, constructive dissent and support for decisions after they have been made.

            October 2010

          • HC-1.3.3

            The Board must meet frequently to enable it to discharge its responsibilities effectively but in no event less than four times a year. All directors must attend the meetings whenever possible and the directors must maintain informal communication between meetings.

            October 2010

          • HC-1.3.4

            Individual Board members must attend at least 75% of all Board meetings in a given financial year to enable the Board to discharge its responsibilities effectively (see table below). Voting and attendance proxies for Board meetings are prohibited at all times.

            Meetings per year 75% Attendance requirement
            4 3
            5 4
            6 5
            7 5
            8 6
            9 7
            10 8
            October 2010

          • HC-1.3.5

            The absence of Board members at Board and committee meetings must be noted in the meeting minutes. In addition, Board attendance percentage must be reported during any general assembly meeting when Board members stand for re-election (e.g. Board member XYZ attended 95% of scheduled meetings this year).

            October 2010

          • HC-1.3.6

            In the event that a Board member has not attended at least 75% of Board meetings in any given financial year, the bank must immediately notify the CBB indicating which member has failed to satisfy this requirement, his level of attendance and any mitigating circumstances affecting his non-attendance. The CBB shall then consider the matter and determine whether disciplinary action, including disqualification of that Board member pursuant to Article 65 of the CBB Law, is appropriate. Unless there are exceptional circumstances, it is likely that the CBB will take disciplinary action.

            October 2010

          • HC-1.3.7

            To meet its obligations under Rule HC-1.3.3 above, the full Board should meet once every quarter to address the Board's responsibilities for management oversight and performance monitoring. Furthermore, Board rules should require members to step down if they are not actively participating in Board meetings. Board members are reminded that non attendance at Board meetings does not absolve them of their responsibilities as directors. It is important that each individual director should allocate adequate time and effort to discharge his responsibilities. All Directors are expected to contribute actively to the work of the Board in order to discharge their responsibilities and should make every effort to attend Board meetings where major issues are to be discussed. Banks are encouraged to amend their Articles of Association to provide for telephonic and videoconference meetings. Participation in Board meetings by means of video or telephone conferencing is regarded as attendance and may be recorded as such.

            October 2010

          • HC-1.3.7A

            At least half the Board meetings of Bahraini Islamic bank licensees in any twelve-month period must be held in the Kingdom of Bahrain.

            Added: October 2012

          • HC-1.3.8

            All locally incorporated banks are required to submit, on an annual basis, as an attachment to the year-end quarterly PIR, a report recording the meetings during the year by their Board of Directors. For a sample report, refer to Appendix BR-6, under Part B/CBB Reporting Forms of Volume 2.

            Amended: January 2011
            October 2010

          • HC-1.3.9

            The Chairman is responsible for the leadership of the Board, and for the efficient functioning of the Board. The chairman must ensure that all directors receive an agenda, minutes of prior meetings, and adequate background information in writing before each Board meeting and when necessary between meetings. Therefore it is vital that the Chairman commit sufficient time to perform his role effectively. All directors must receive the same Board information. At the same time, directors have a legal duty to inform themselves and they must ensure that they receive adequate and timely information and must study it carefully (See also HC-7 for other duties of the Chairman).

            October 2010

          • HC-1.3.10

            The Board should have no more than 15 members, and should regularly review its size and composition to ensure that it is small enough for efficient decision making yet large enough to have members who can contribute from different specialties and viewpoints. The Board should recommend changes in Board size to the shareholders when a needed change requires amendment of the Islamic bank licensee's Memorandum of Association.

            Amended: October 2014
            October 2010

          • HC-1.3.11

            Potential non-executive directors should be made aware of their duties before their nomination, particularly as to the time commitment required. The Nominating Committee should regularly review the time commitment required from each non-executive director and should require each non-executive director to inform the Committee before he accepts any Board appointments to another company.

            October 2010

          • HC-1.3.12

            No Board member may have more than one Directorship of a Retail Bank or a Wholesale Bank. This means an effective cap of a maximum of two Directorships of banks inside Bahrain. Two Directorships of licensees within the same Category (e.g. 'Retail Bank') are not permitted. Banks may approach the CBB for exemption from this limit where the Directorships concern banks or financial institutions within the same group.

            Amended: January 2012
            October 2010

          • HC-1.3.13

            One person should not hold more than three directorships in public companies in Bahrain with the provision that no conflict of interest may exist, and the Board should not propose the election or reelection of any director who does.

            October 2010

        • HC-1.4 HC-1.4 Independence of Judgment

          • HC-1.4.1

            Every director must bring independent judgment to bear in decision-making. No individual or group of directors must dominate the Board's decision-making and no one individual should have unfettered powers of decision.

            October 2010

          • HC-1.4.2

            Executive directors must provide the Board with all relevant business and financial information within their cognizance, and must recognise that their role as a director is different from their role as a member of management (see HC-2.3.2).

            October 2010

          • HC-1.4.3

            Non-executive directors must be fully independent of management and must constructively scrutinise and challenge management including the management performance of executive directors.

            October 2010

          • HC-1.4.4

            Where there is the potential for conflict of interest, or there is a need for impartiality, the Board must assign a sufficient number of independent Board members capable of exercising independent judgement. At a minimum, all locally incorporated banks must appoint one independent director.

            October 2010

          • HC-1.4.5

            At least half of an Islamic bank licensee's Board should be non-executive directors and at least three of those persons should be independent directors. (Note the exception for controlled companies in Paragraph HC-1.5.2.)

            October 2010

          • HC-1.4.6

            The chairman of the Board should be an independent director, so that there will be an appropriate balance of power and greater capacity of the Board for independent decision making.

            October 2010

          • HC-1.4.7

            The Chairman and/or Deputy Chairman must not be the same person as the Chief Executive Officer.

            October 2010

          • HC-1.4.8

            The Chairman must not be an Executive Director.

            October 2010

          • HC-1.4.9

            The Board should review the independence of each director at least annually in light of interests disclosed by them, and their conduct. Each independent director shall provide the Board with all necessary and updated information for this purpose.

            October 2010

          • HC-1.4.10

            To facilitate free and open communication among independent directors, each Board meeting should be preceded or followed with a session at which only independent directors are present, except as may otherwise be determined by the independent directors themselves.

            October 2010

          • HC-1.4.11

            Where an independent director has served three consecutive terms on the board, such director will lose his/her independence status and must not be classified as an independent director if reappointed.

            Added: January 2020

          • HC-1.4.12

            Where a Chief Executive Officer of a Bank, who is also a Board member, no longer occupies the CEO position, whether due to resignation, retirement or termination, his/her Board Membership must also be immediately terminated.

            Added: January 2020

        • HC-1.5 HC-1.5 Representation of all Shareholders

          • HC-1.5.1

            Each director must consider himself as representing all shareholders and must act accordingly. The Board must avoid having representatives of specific groups or interests within its membership and must not allow itself to become a battleground of vested interests. If the Islamic bank licensee has controllers (as defined by Module GR-5.2) (or a group of controllers acting in concert), the latter must recognise its or their specific responsibility to the other shareholders, which is direct and is separate from that of the Board of directors.

            October 2010

          • HC-1.5.2

            In Islamic bank licensees with a controller, at least one-third of the Board must be independent directors. Minority shareholders must generally look to independent directors' diligent regard for their interests, in preference to seeking specific representation on the Board.

            October 2010

          • HC-1.5.3

            In Islamic bank licensees with controllers, both controllers and other shareholders should be aware of controllers' specific responsibilities regarding their duty of loyalty to the Islamic bank licensee and conflicts of interest (see Chapter HC-2) and also of rights that minority shareholders may have to elect specific directors under the Company Law or if the Islamic bank licensee has adopted cumulative voting for directors. The chairman of the board or other individual delegated by the chairman of the board should take the lead in explaining this with the help of the Islamic bank licensee's lawyers.

            Amended: January 2012
            October 2010

        • HC-1.6 HC-1.6 Directors' Access to Independent Advice

          • HC-1.6.1

            The Board must ensure by way of formal procedures that individual directors have access to independent legal or other professional advice at the Islamic bank licensee's expense whenever they judge this necessary to discharge their responsibilities as directors and this must be in accordance with the Islamic bank licensee's policy approved by the Board.

            October 2010

          • HC-1.6.2

            Individual directors must also have access to the Islamic bank licensee's corporate secretary, who must have responsibility for reporting to the Board on Board procedures. Both the appointment and removal of the corporate secretary must be a matter for the Board as a whole, not for the CEO or any other officer.

            October 2010

          • HC-1.6.3

            Whenever a director has serious concerns which cannot be resolved concerning the running of the Islamic bank licensee or a proposed action, he should consider seeking independent advice and should ensure that the concerns are recorded in the Board minutes and that any dissent from a Board action is noted or delivered in writing.

            October 2010

          • HC-1.6.4

            Upon resignation, a non-executive director should provide a written statement to the chairman, for circulation to the Board, if he has any concerns such as those in Paragraph HC-1.6.3.

            October 2010

        • HC-1.7 HC-1.7 Directors' Communication with Management

          • HC-1.7.1

            The Board must encourage participation by management regarding matters the Board is considering, and also by management members who by reason of responsibilities or succession, the CEO believes should have exposure to the directors.

            October 2010

          • HC-1.7.2

            Non-executive directors should have free access to the Islamic bank licensee's management beyond that provided in Board meetings. Such access should be through the Chairman of the Audit Committee or CEO. The Board should make this policy known to management to alleviate any management concerns about a director's authority in this regard.

            October 2010

        • HC-1.8 HC-1.8 Committees of the Board

          • HC-1.8.1

            The Board must establish Audit, Remuneration, Nominating and Risk Committees described elsewhere in this Module.

            Amended: July 2018
            October 2010

          • HC-1.8.2

            The Board should establish a corporate governance committee of at least three independent members which should be responsible for developing and recommending changes from time to time in the Islamic bank licensee's corporate governance policy framework.

            Amended: January 2012
            October 2010

          • HC-1.8.3

            The Board or a committee may invite non-directors to participate in, but not vote at, a committee's meetings so that the committee may gain the benefit of their advice and expertise in financial or other areas.

            October 2010

          • HC-1.8.4

            Committees must act only within their mandates and therefore the Board must not allow any committee to dominate or effectively replace the whole Board in its decision-making responsibility.

            October 2010

          • HC-1.8.5

            Committees may be combined provided that no conflict of interest might arise between the duties of such committees, subject to CBB prior approval.

            October 2010

          • HC-1.8.6

            Every committee must have a formal written charter similar in form to the model charters which are set forth in Appendices A, B and C of this Module for the Audit, Nominating and Remuneration Committees.

            October 2010

          • HC-1.8.7

            Where committees are set up, they should keep full minutes of their activities and meet regularly to fulfil their mandates. For larger banks that deal with the general public, committees can be a more efficient mechanism to assist the main Board in its monitoring and control of the activities of the bank. The establishment of committees should not mean that the role of the Board is diminished, or that the Board becomes fragmented.

            October 2010

        • HC-1.9 HC-1.9 Evaluation of the Board and Each Committee

          • HC-1.9.1

            At least annually the Board must conduct an evaluation of its performance and the performance of each committee and each individual director.

            Amended: January 2012
            October 2010

          • HC-1.9.2

            The evaluation process must include:

            (a) Assessing how the Board operates, especially in light of Chapter HC-1;
            (b) Evaluating the performance of each committee in light of its specific purposes and responsibilities, which shall include review of the self-evaluations undertaken by each committee;
            (c) Reviewing each director's work, his attendance at Board and committee meetings, and his constructive involvement in discussions and decision making;
            (d) Reviewing the Board's current composition against its desired composition with a view toward maintaining an appropriate balance of skills and experience and a view toward planned and progressive refreshing of the Board; and
            (e) Recommendations for new Directors to replace long-standing members or those members whose contribution to the bank or its committees (such as the audit committee) is not adequate.
            October 2010

          • HC-1.9.3

            While the evaluation is a responsibility of the entire Board, it should be organised and assisted by an internal Board committee and, when appropriate, with the help of external experts.

            October 2010

          • HC-1.9.4

            The Board should report to the shareholders, at each annual shareholder meeting, that evaluations have been done and report its findings.

            October 2010

      • HC-2 HC-2 Approved Persons Loyalty

        • HC-2.1 HC-2.1 Principle

          • HC-2.1.1

            The approved persons must have full loyalty to the Islamic bank licensee.

            October 2010

        • HC-2.2 HC-2.2 Personal Accountability

          • HC-2.2.1

            Banks are subject to a wide variety of laws, regulations and codes of best practice that directly affect the conduct of business. Such laws involve the Bahraini Stock Exchange Law, the Labour Law, the Commercial Companies Law, occupational health and safety, even environment and pollution laws, as well as the Law, codes of conduct and regulations of the Central Bank. The Board sets the 'tone at the top' of a bank, and has a responsibility to oversee compliance with these various requirements. The Board should ensure that the staff conduct their affairs with a high degree of integrity, taking note of applicable laws, codes and regulations.

            October 2010

          • Corporate Ethics, Conflicts of Interest and Code of Conduct

            • HC-2.2.2

              Each member of the board must understand that under the Company Law he is personally accountable to the Islamic bank licensee and the shareholders if he violates his legal duty of loyalty to the Islamic bank licensee, and that he can be personally sued by the Islamic bank licensee or the shareholders for such violations.

              Amended: January 2013
              October 2010

            • HC-2.2.3

              The Board must establish corporate standards for approved persons and employees. This requirement should be met by way of a documented and published code of conduct or similar document. These standards must be communicated throughout the bank, so that the approved persons and staff understand the importance of conducting business based on good corporate governance values and understand their accountabilities to the various stakeholders of the licensee. Banks' approved persons and staff must be informed of and be required to fulfil their fiduciary responsibilities to the bank's stakeholders.

              October 2010

            • HC-2.2.4

              An internal code of conduct is separate from the business strategy of a bank. A code of conduct should outline the practices that approved persons and staff should follow in performing their duties. Banks may wish to use procedures and policies to complement their codes of conduct. The suggested contents of a code of conduct are covered below:

              (a) Commitment by the Board and management to the code. The code of conduct should be linked to the objectives of the bank, and its responsibilities and undertakings to customers, shareholders, staff and the wider community (see HC-2.2.3 and HC-2.2.4). The code should give examples or expectations of honesty, integrity, leadership and professionalism;
              (b) Commitment to the law and best practice standards. This commitment would include commitments to following accounting standards, industry best practice (such as ensuring that information to clients is clear, fair, and not misleading), transparency, and rules concerning potential conflicts of interest (see HC-2.3);
              (c) Employment practices. This would include rules concerning health and safety of employees, training, policies on the acceptance and giving of business courtesies, prohibition on the offering and acceptance of bribes, and potential misuse of Islamic bank licensee's assets;
              (d) How the Islamic bank licensee deals with disputes and complaints from clients and monitors compliance with the code; and
              (e) Confidentiality. Disclosure of client or bank information should be prohibited, except where disclosure is required by law (see HC-1.2.10 b).
              Amended: April 2011
              Amended: January 2011
              October 2010

            • HC-2.2.5

              The Central Bank expects that the Board and its members individually and collectively:

              (a) Act with honesty, integrity and in good faith, with due diligence and care, with a view to the best interest of the bank and its shareholders and other stakeholders (see Paragraphs HC-2.2.2 to HC-2.2.4);
              (b) Act within the scope of their responsibilities (which should be clearly defined — see HC-1.2.9 and HC-1.2.11 and not participate in the day-to-day management of the bank;
              (c) Have a proper understanding of, and competence to deal with the affairs and products of the bank and devote sufficient time to their responsibilities; and
              (d) To independently assess and question the policies, processes and procedures of the bank, with the intent to identify and initiate management action on issues requiring improvement. (i.e. to act as checks and balances on management).
              Amended: April 2011
              Amended: January 2011
              October 2010

            • HC-2.2.6

              The duty of loyalty (mentioned in Paragraph HC-2.2.2 above) includes a duty not to use property of the Islamic bank licensee for his personal needs as though it was his own property, not to disclose confidential information of the Islamic bank licensee or use it for his personal profit, not to take business opportunities of the Islamic bank licensee for himself, not to compete in business with the Islamic bank licensee, and to serve the Islamic bank licensee's interest in any transactions with a company in which he has a personal interest.

              October 2010

            • HC-2.2.6A

              [This Paragraph was moved to Paragraph HC-5.4.39].

              Amended: January 2014
              Amended: October 2012
              Added: July 2012

            • HC-2.2.6B

              [This Paragraph was moved to Paragraph HC-5.4.40].

              Amended: January 2014
              Added: July 2012

            • HC-2.2.7

              For purposes of Paragraph HC-2.2.6, an approved person should be considered to have a "personal interest" in a transaction with a company if:

              (a) He himself; or
              (b) A member of his family (i.e. spouse, father, mother, sons, daughters, brothers or sisters); or
              (c) Another company of which he is a director or controller,

              is a party to the transaction or has a material financial interest in the transaction. (Transactions and interests which are de minimis in value should not be included.)

              October 2010

        • HC-2.3 HC-2.3 Avoidance of Conflicts of Interest

          • HC-2.3.1

            Each approved person must make every practicable effort to arrange his personal and business affairs to avoid a conflict of interest with the Islamic bank licensee.

            October 2010

          • HC-2.3.2

            The Board must establish and disseminate to its members and management, policies and procedures for the identification, reporting, disclosure, prevention, or strict limitation of potential conflicts of interest. It is senior management's responsibility to implement these policies. Rules concerning connected party transactions and potential conflicts of interest may be dealt with in the Code of Conduct (see HC-2.2.4). In particular, the CBB requires that any decisions to enter into transactions, under which approved persons would have conflicts of interest that are material, should be formally and unanimously approved by the full Board. Best practice would dictate that an approved person must:

            (a) Not enter into competition with the bank;
            (b) Not demand or accept substantial gifts from the bank for himself or connected persons;
            (c) Not misuse the bank's' assets;
            (d) Not use the Islamic bank licensee's privileged information or take advantage of business opportunities to which the Islamic bank licensee is entitled, for himself or his associates; and
            (e) Absent themselves from any discussions or decision-making that involves a subject where they are incapable of providing objective advice, or which involves a subject or (proposed) transaction where a conflict of interest exists.
            Amended: April 2011
            Amended: January 2011
            October 2010

          • HC-2.3.3

            Bahraini Islamic bank licensees must have in place a board approved policy on the employment of relatives of approved persons and a summary of such policy must be disclosed in the annual report of the Bahraini Islamic bank licensee.

            Amended: July 2016
            Added: April 2016

          • HC-2.3.4

            Branches of foreign bank licensees must have in place a policy on the employment of relatives of approved persons pertaining to their Bahrain operations.

            Amended: April 2019
            Added: July 2016

        • HC-2.4 HC-2.4 Disclosure of Conflicts of Interest

          • HC-2.4.1

            Each approved person must inform the entire Board of (potential) conflicts of interest in their activities with, and commitments to other organisations as they arise. Board members must abstain from voting on the matter in accordance with the relevant provisions of the Company Law. This disclosure must include all material facts in the case of a contract or transaction involving the approved person. The approved persons must understand that any approval of a conflicted transaction is effective only if all material facts are known to the authorising persons and the conflicted person did not participate in the decision. In any case, all approved persons must declare in writing all of their other interests in other enterprises or activities (whether as a shareholder of above 5% of the voting capital of a company, a manager, or other form of significant participation) to the Board (or the Nominations or Audit Committees) on an annual basis.

            Amended: January 2013
            Amended: January 2011
            October 2010

          • HC-2.4.1A

            The chief executive/general manager of the Bahraini Islamic bank licensees must disclose to the board of directors on an annual basis those individuals who are occupying controlled functions and who are relatives of any approved persons within the Bahraini Islamic bank licensee.

            Amended: July 2016
            Added: April 2016

          • HC-2.4.1B

            The chief executive/general manager of the branch of foreign bank licensee must disclose to a designated officer at its head office or regional manager on an annual basis those individuals who are occupying controlled functions and who are relatives of any approved persons within the branch of foreign bank licensee.

            Amended: April 2019
            Added: July 2016

          • HC-2.4.2

            The Board of a Bahraini Islamic bank licensee should establish formal procedures for:

            (a) Periodic disclosure and updating of information by each approved person on his actual and potential conflicts of interest; and
            (b) Advance approval by directors or shareholders who do not have an interest in the transactions in which an Islamic bank licensee's approved person has a personal interest. The Board should require such advance approval in every case.
            Amended: July 2016
            October 2010

        • HC-2.5 HC-2.5 Disclosure of Conflicts of Interest to Shareholders

          • HC-2.5.1

            The Islamic bank licensee must disclose to its shareholders in the Annual Report any abstention from voting motivated by a conflict of interest and must disclose to its shareholders any authorisation of a conflict of interest contract or transaction in accordance with the Company Law.

            October 2010

      • HC-3 HC-3 Audit Committee and Financial Statements Certification

        • HC-3.1 HC-3.1 Principle

          • HC-3.1.1

            The Board must have rigorous controls for financial audit and reporting, internal control, and compliance with law.

            October 2010

        • HC-3.2 HC-3.2 Audit Committee

          • HC-3.2.1

            The Board must establish an audit committee of at least three directors of which the majority must be independent including the Chairman. The committee must:

            (a) Review the Islamic bank licensee's accounting and financial practices;
            (b) Review the integrity of the Islamic bank licensee's financial and internal controls and financial statements (particularly with reference to information passed to the Board — see HC-1.2.10). The information needs of the Board to perform its monitoring responsibilities must be defined in writing, and regularly monitored by the Audit Committee;
            (c) Review the Islamic bank licensee's compliance with legal requirements;
            (d) Recommend the appointment, compensation and oversight of the Islamic bank licensee's external auditor; and
            (e) Recommend the appointment of the internal auditor.
            Amended: January 2012
            Amended: January 2011
            October 2010

          • HC-3.2.2

            In its review of the systems and controls framework in Paragraph HC-3.2.1, the audit committee must:

            (a) Make effective use of the work of external and internal auditors. The audit committee must ensure the integrity of the bank's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings must be used as an independent check on the information received from management about the bank's operations and performance and the effectiveness of internal controls; and
            (b) Make use of self-assessments, stress/scenario tests, and/or independent judgements made by external advisors. The Board should appoint supporting committees, and engage senior management to assist the audit committee in the oversight of risk management; and
            (c) Ensure that senior management have put in place appropriate systems of control for the business of the bank and the information needs of the Board; in particular, there must be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the bank, and compliance with applicable laws, regulations and best practice standards. The systems must produce information on a timely basis.
            October 2010

          • HC-3.2.3

            The Islamic bank licensee must set up an internal audit function, which reports directly to the Audit Committee and administratively to the CEO.

            October 2010

          • HC-3.2.4

            The CEO must not be a member of the audit committee.

            October 2010

        • HC-3.3 HC-3.3 Audit Committee Charter

          • HC-3.3.1

            The audit committee must adopt a written charter which shall, at a minimum, state the duties outlined in Paragraph HC-3.2.1 and the other matters included in Appendix A to this Module.

            October 2010

          • HC-3.3.2

            A majority of the audit committee must have the financial literacy qualifications stated in Appendix A.

            October 2010

          • HC-3.3.3

            The Board should adopt a "whistleblower" program under which employees can confidentially raise concerns about possible improprieties in financial or legal matters. Under the program, concerns may be communicated directly to any audit committee member or, alternatively, to an identified officer or employee who will report directly to the Audit Committee on this point.

            October 2010

        • HC-3.4 HC-3.4 CEO and CFO Certification of Financial Statements

          • HC-3.4.1

            To encourage management accountability for the financial statements required by the directors, the Islamic bank licensee's CEO and chief financial officer must state in writing to the audit committee and the Board as a whole that the Islamic bank licensee's interim and annual financial statements present a true and fair view, in all material respects, of the Islamic bank licensee's financial condition and results of operations in accordance with applicable accounting standards.

            October 2010

      • HC-4 HC-4 Appointment, Training and Evaluation of the Board

        • HC-4.1 HC-4.1 Principle

          • HC-4.1.1

            The Islamic bank licensee must have rigorous and transparent procedures for appointment, training and evaluation of the Board.

            October 2010

        • HC-4.2 HC-4.2 Nominating Committee

          • HC-4.2.1

            The Board must establish a Nominating Committee of at least three directors which must:

            (a) Identify persons qualified to become members of the Board of directors or Chief Executive Officer, Chief Financial Officer, Corporate Secretary and any other officers of the Islamic bank licensee considered appropriate by the Board, with the exception of the appointment of the internal auditor which shall be the responsibility of the Audit Committee in accordance with Paragraph HC-3.2.1 above; and
            (b) Make recommendations to the whole Board of directors including recommendations of candidates for Board membership to be included by the Board of directors on the agenda for the next annual shareholder meeting.
            October 2010

          • HC-4.2.2

            The committee must include only independent directors or, alternatively, only non-executive directors of whom a majority must be independent directors and the chairman must be an independent director. This is consistent with international best practice and it recognises that the Nominating Committee must exercise judgment free from personal career conflicts of interest.

            October 2010

        • HC-4.3 HC-4.3 Nominating Committee Charter

          • HC-4.3.1

            The Nominating Committee must adopt a formal written charter which must, at a minimum, state the duties outlined in Paragraph HC-4.2.1 and the other matters included in Appendix B to this Module.

            October 2010

        • HC-4.4 HC-4.4 Board Nominations to Shareholders

          • HC-4.4.1

            Each proposal by the Board to the shareholders for election or reelection of a director must be accompanied by a recommendation from the Board, a summary of the advice of the Nominating Committee, and the following specific information:

            (a) The term to be served, which may not exceed three years (but there need not be a limit on reelection for further terms);
            (b) Biographical details and professional qualifications;
            (c) In the case of an independent director, a statement that the Board has determined that the criteria of independent director have been met;
            (d) Any other directorships held;
            (e) Particulars of other positions which involve significant time commitments, and
            (f) Details of relationships between:
            (i) The candidate and the Islamic bank licensee, and
            (ii) The candidate and other directors of the Islamic bank licensee.
            October 2010

          • HC-4.4.2

            The chairman of the Board should confirm to shareholders when proposing re-election of a director that, following a formal performance evaluation, the person's performance continues to be effective and continues to demonstrate commitment to the role. Any term beyond six years (e.g. two three-year terms) for a director should be subject to particularly rigorous review, and should take into account the need for progressive refreshing of the Board. Serving more than six years is relevant to the determination of a non-executive director's independence.

            October 2010

        • HC-4.5 HC-4.5 Induction and Training of Directors

          • HC-4.5.1

            The chairman of the Board must ensure that each new director receives a formal and tailored induction to ensure his contribution to the Board from the beginning of his term. The induction must include meetings with senior management, visits to the Islamic bank licensee's facilities, presentations regarding strategic plans, significant financial, accounting and risk management issues, compliance programs, its internal and external auditors and legal counsel.

            October 2010

          • HC-4.5.2

            All continuing directors must be invited to attend orientation meetings and all directors must continually educate themselves as to the Islamic bank licensee's business and corporate governance.

            October 2010

          • HC-4.5.3

            Management, in consultation with the chairman of the Board, should hold programs and presentations to directors respecting the Islamic bank licensee's business and industry, which may include periodic attendance at conferences and management meetings. The Nominating Committee shall oversee directors' corporate governance educational activities.

            October 2010

      • HC-5 HC-5 Remuneration of Approved Persons and Material Risk-Takers

        • HC-5.1 HC-5.1 Principle

          • HC-5.1.1

            The Islamic bank licensee must remunerate approved persons and material risk-takers fairly and responsibly.

            Amended: January 2014
            October 2010

        • HC-5.2 HC-5.2 Role of the Board of Directors and Remuneration Committee

          • HC-5.2.1AA

            The board of directors must actively oversee the remuneration system s design and operation for approved persons as well as for material risk-takers. The CEO and senior management must not primarily control the remuneration system.

            Added: January 2014

          • HC-5.2.1

            The Board must establish a remuneration committee of at least three directors which must:

            (a) Review the Islamic bank licensee's remuneration policies for the approved persons and material risk-takers, which must be approved by the shareholders and be consistent with the corporate values and strategy of the bank;
            (b) Approve the remuneration package and amounts for each approved person and material risk-taker, as well as the total variable remuneration to be distributed, taking account of total remuneration including salaries, fees, expenses, bonuses and other employee benefits;
            (c) Approve, monitor and review the remuneration system to ensure the system operates as intended; and
            (d) Recommend Board member remuneration based on their attendance and performance and in compliance with Article 188 of the Company Law.
            Amended: January 2017
            Amended: July 2014
            Amended: January 2014
            October 2010

          • HC-5.2.1A

            In reviewing the remuneration system (see Subparagraph HC-5.2.1(c)), the remuneration committee should ensure that the system includes effective controls, including back testing and stress testing of the remuneration policy. The practical operation of the system should be regularly reviewed for compliance with regulations, internal policies and bank procedures. In addition, remuneration outcomes, risk measurements, and risk outcomes should be regularly reviewed by the Board for consistency with Board's approved risk appetite.

            Added: January 2014

          • HC-5.2.1B

            Stress testing or stressed measures might be used by banks to help ex-ante risk adjustments take into account severe but plausible scenarios, based on possible expected loss on loans, as an example. Due to the uncertainty of payoffs, there will always be a need for ex-post adjustments so as to back-test actual performance against risk assumptions.

            Added: January 2014

          • HC-5.2.1C

            As part of the duties noted under Paragraph HC-5.2.1, the remuneration committee must carefully evaluate practices by which remuneration is paid for potential future revenues whose timing and likelihood remain uncertain. It must demonstrate that its decisions are consistent with an assessment of the bank's financial condition and future prospects.

            Added: January 2014

          • HC-5.2.2

            The committee may be merged with the nominating committee.

            October 2010

        • HC-5.3 HC-5.3 Remuneration Committee Charter

          • HC-5.3.1

            The committee must adopt a written charter which must, at a minimum, state the duties in Paragraph HC-5.2.1 and other matters in Appendix C of this Module.

            October 2010

          • HC-5.3.1A

            Members of the remuneration committee must have independence of any risk taking function or committees.

            Added: January 2014

          • HC-5.3.2

            The committee should include only independent directors or, alternatively, only non-executive directors of whom a majority are independent directors and the chairman is an independent director. This is consistent with international best practice and it recognises that the remuneration committee must exercise judgment free from personal career conflicts of interest.

            October 2010

        • HC-5.4 HC-5.4 Standard for all Remuneration

          • HC-5.4.1

            Remuneration of approved persons and material risk-takers must be sufficient enough to attract, retain and motivate persons of the quality needed to run the Islamic bank licensee successfully, but the Islamic bank licensee must avoid paying more than is necessary for that purpose.

            Amended: January 2014
            October 2010

          • HC-5.4.2

            While this Section applies to all approved persons and material risk-takers for the Bahrain operations, the rules on the proportion of fixed and variable remuneration (Paragraph HC-5.4.30) as well as those rules related to the deferral of variable remuneration (Paragraphs HC-5.4.31 and HC-5.4.32) and the obligation to have part of the variable remuneration in shares (Paragraphs HC-5.4.33 and HC-5.4.34) apply only to:

            (a) Approved persons; or
            (b) Material risk-takers

            whose total annual remuneration (including all benefits) is in excess of BD100,000, unless the board of directors requires the application of these Rules to all staff.

            Amended: January 2015
            Amended: July 2014
            Added: January 2014

          • HC-5.4.3

            All policies for performance-based incentives should be approved by the shareholders, but the approval should be only of the plan itself and not of the grant to specific individuals of benefits under the plan.

            Added: January 2014

          • HC-5.4.3A

            As noted in Sections AU-3.7 and BR-4A.3, the external auditor or a CBB approved consultancy firm must undertake an annual review of the bank's compliance with the remuneration Rules outlined in this Chapter. The results of this review are to be submitted to the CBB within 3 months from the financial year end.

            Amended: July 2015
            Moved from HC-5.4.6 to HC-5.4.3A: January 2015
            Amended: October 2014
            Added: January 2014

          • Application to Branches of Foreign Banks

            • HC-5.4.4

              Banks operating as branches of foreign bank licensee in Bahrain must apply the most stringent set of remuneration rules to which they may be subject to. Such rules are:

              (a) The requirements imposed in Bahrain with respect to remuneration as outlined in Volume 2 CBB Rulebook; and
              (b) The requirements imposed by their home supervisor and head office.
              Amended: January 2021
              Amended: April 2019
              Added: January 2014

          • HC-5.4.5

            [This Paragraph was deleted in January 2015.]

            Deleted: January 2015
            Added: January 2014

          • HC-5.4.6

            [Moved to Paragraph HC-5.4.3A in January 2015.]

            Amended: January 2015
            Amended: October 2014
            Added: January 2014

          • Approved Persons in Risk Management, Internal Audit, Operations, Financial Controls, Internal Shari'a Review/Audit, AML and Compliance Functions

            • HC-5.4.7

              The bank's approved persons engaged in risk management, internal audit, operations, financial controls, internal Shari'a review/audit, AML and compliance functions must be independent, have appropriate authority, and be remunerated in a manner that is independent of the business areas they oversee and commensurate with their key role in the bank. Effective independence and appropriate authority of such staff are necessary to preserve the integrity of financial risk and management's influence on incentive remuneration.

              Amended: July 2014
              Added: January 2014

            • HC-5.4.8

              The performance measures of approved persons referred to in Paragraph HC-5.4.7 must be based principally on the achievement of the objectives and targets of their functions.

              Added: January 2014

            • HC-5.4.9

              The mix of fixed and variable remuneration for risk management, internal audit, operations, financial controls, internal Shari'a review/audit, AML and compliance functions personnel must be weighted in favour of fixed remuneration.

              Amended: July 2014
              Added: January 2014

          • Effective Alignment of Remuneration with Prudent Risk-Taking

            • Alignment of All Staff Remuneration with Compliance with AML/CFT Requirements

              • HC-5.4.9A

                The performance evaluation and remuneration of senior management and staff of the Islamic bank licensee must be based on the achievement of the Key Performance Indicators (KPIs) relevant to ensuring compliance with AML/CFT requirements as specified in Paragraphs FC-2.1.3 and FC-2.1.4.

                Added: April 2020

              • HC-5.4.10

                Remuneration must be adjusted for all types of risks.

                Added: January 2014

              • HC-5.4.11

                In relation to Paragraph HC-5.4.10, two employees who generate the same short-run profit but take different amounts of risk on behalf of their bank should not be treated the same by the remuneration system.

                Added: January 2014

              • HC-5.4.12

                Both quantitative measures and human judgement must play a role in determining risk adjustments.

                Added: January 2014

              • HC-5.4.13

                Risk adjustments must account for all types of risk, including intangible and other risks such as reputation risk, liquidity risk and the cost of capital.

                Added: January 2014

              • HC-5.4.14

                Banks' remuneration policies and practices must be designed to reduce employees' incentives to take excessive and undue risk.

                Added: January 2014

              • HC-5.4.15

                Remuneration outcomes must be symmetric with risk outcomes.

                Added: January 2014

              • HC-5.4.16

                The mix of cash, equity and other forms of remuneration must be consistent with risk alignment. The mix will vary depending on the employee's position and role and the bank must be able to explain the rationale for its mix to the CBB.

                Added: January 2014

              • HC-5.4.17

                Existing contractual payments related to a termination of employment must be re-examined, and kept in place only if there is a clear basis for concluding that they are aligned with long-term value creation and prudent risk-taking. Prospectively, any such payments must be related to performance achieved over time and designed in a way that does not reward failure.

                Added: January 2014

              • HC-5.4.18

                Banks must ensure that their employees commit themselves not to use personal hedging strategies or remuneration- and liability-related insurance to undermine the risk alignment effects embedded in their remuneration arrangements. Banks must ensure that appropriate compliance mechanisms are in place to monitor their employees commitment in this regard such as signed adherence by staff to the bank's code of ethics which should include the conditions outlined in this Paragraph.

                Added: January 2014

            • Variable Remuneration

              • HC-5.4.19

                Remuneration systems must link the size of the bonus pool to the overall performance of the bank.

                Added: January 2014

              • HC-5.4.20

                Employees' incentive payments must be linked to the contribution of the individual and business to such performance.

                Added: January 2014

              • HC-5.4.21

                As profits and losses of different activities of a bank are realised over different periods of time, remuneration payout schedules must be sensitive to the time horizon of risks and variable remuneration must therefore be deferred accordingly. Variable remuneration must not be finalised over short periods where risks are realised over long periods.

                Added: January 2014

              • HC-5.4.22

                The remuneration committee of the bank must question payouts for income that cannot be realised or whose likelihood of realisation remains uncertain at the time of payout.

                Amended: July 2014
                Added: January 2014

              • HC-5.4.23

                Banks must ensure that total variable remuneration does not limit their ability to strengthen their capital base. The extent to which capital needs to be built up must be a function of a bank's current capital position and its ICAAP.

                Added: January 2014

              • HC-5.4.24

                The size of the variable remuneration pool and its allocation within the bank must take into account the full range of current and potential risks, including:

                (a) The cost and quantity of capital required to support the risks taken;
                (b) The cost and quantity of the liquidity risk assumed in the conduct of business; and
                (c) Consistency with the timing and likelihood of potential future revenues incorporated into current earnings.
                Amended: July 2014
                Added: January 2014

              • HC-5.4.25

                Paragraph HC-5.4.24 focuses on the overall size of the variable remuneration, at the overall bank level, in order to ensure that the recognition and accrual of variable remuneration will not compromise the financial soundness of the bank.

                Added: January 2014

              • HC-5.4.26

                Bonuses must diminish or be deferred in the event of poor bank, divisional or business unit performance.

                Added: January 2014

              • HC-5.4.27

                Subdued or negative financial performance of the bank should generally lead to a considerable contraction of the bank's total variable remuneration, taking into account both current remuneration and reductions in payouts of amounts previously earned, including through malus and clawback arrangements. Recognition of staff who have achieved their targets or better, may take place by way of deferred compensation, which may be paid once the bank's performance improves.

                Added: January 2014

              • HC-5.4.28

                If the bank and/or relevant line of business is incurring losses in any year during the vesting period, any unvested portions must be subject to malus.

                Amended: July 2014
                Added: January 2014

              • HC-5.4.29

                Accrual and deferral of variable remuneration does not oblige the bank to pay the variable remuneration, particularly when the anticipated outcome has not materialised or the bank's financial position does not support such payments.

                Added: January 2014

              • HC-5.4.30

                For approved persons and material risk-takers, other than those covered under Paragraphs HC-5.4.9 and Section HC-5.5, as their actions have a material impact on the risk exposure of the bank:

                (a) An appropriate ratio between the fixed and variable components of total remuneration must be set to ensure that fixed and variable components of total remuneration are appropriately balanced and paid on the basis of individual, business-unit and bank-wide measures that adequately measure performance; and
                (b) The variable proportion of remuneration must increase significantly along with the level of seniority and/or responsibility.
                Amended: October 2016
                Amended: July 2014
                Added: January 2014

              • HC-5.4.30A

                The level of the fixed component referred to in Subparagraph HC-5.4.30(a) should represent a sufficiently high proportion of the total remuneration to allow the operation of a fully flexible policy on variable remuneration components, including the possibility to pay no variable component.

                Amended: October 2016
                Added: July 2014

              • HC-5.4.31

                For purposes of Paragraph HC-5.4.30:

                (a) At least 40% of the variable remuneration must be payable under deferral arrangements over a period of at least 3 years; and
                (b) For the CEO, his deputies and the other 5 most highly paid business line employees, at least 60% of the variable remuneration must be payable under deferral arrangements over a period of at least 3 years.
                Amended: July 2014
                Added: January 2014

              • HC-5.4.32

                The deferral period referred to under Subparagraph HC-5.4.31(a) must be aligned with the nature of the business, its risks and the activities of the employee in question. Remuneration payable under deferral arrangements should generally vest no faster than on a pro rata basis.

                Added: January 2014

              • HC-5.4.33

                As a minimum, 50% of variable remuneration (including both the deferred and undeferred portions of the variable remuneration) must be awarded in shares or share-linked instruments or where appropriate, other non-cash instruments.

                Added: January 2014

              • HC-5.4.34

                The remaining portion (other than that mentioned under Paragraph HC-5.4.33) of the deferred remuneration can be paid as cash remuneration vested over a minimum 3-year period.

                Added: January 2014

              • HC-5.4.34A

                The only instance where deferred remuneration can be paid out before the end of the vesting period is in the case of the death of the employee where the beneficiaries would receive any unpaid deferred remuneration.

                Added: July 2014

              • HC-5.4.35

                Banks must not provide any form of guaranteed variable remuneration as part of the overall remuneration package. Exceptional minimum variable remuneration must only occur in the context of hiring new staff and limited to the first year.

                Amended: July 2014
                Added: January 2014

            • Remuneration in the Form of Shares or Share-Linked Instruments

              • HC-5.4.36

                Awards in shares or share-linked instruments must be subject to a minimum share retention policy of 6 months from the time the shares are awarded, unless the bank's policy requires a longer period.

                Amended: July 2014
                Added: January 2014

              • HC-5.4.37

                For Bahraini Islamic bank licensees, where fixed or variable remuneration include common shares, banks must limit the shares awarded to an annual aggregate limit of 10% of the total issued shares outstanding of the bank, at all times.

                Amended: July 2014
                Added: January 2014

              • HC-5.4.38

                For Bahraini Islamic bank licensees, all share incentive plans must be approved by the shareholders.

                Amended: July 2014
                Added: January 2014

            • Remuneration from Projects and Investments

              • HC-5.4.39

                In reference to Paragraph HC-2.2.6, for greater certainty, approved persons are not allowed to take any benefits from any projects or investments which are managed by the Islamic bank licensee or promoted to its customers or potential customers except for board related remuneration (declared as per Paragraph HC-2.4.1) linked to their fiduciary duties to the investors of the project/investment. This Rule applies to all approved persons including those appointed as members of the board of special purpose vehicles or other operating companies set up by the Islamic bank licensee for projects or investments.

                Added: January 2014

              • HC-5.4.40

                The reference to benefits in Paragraph HC-5.4.39 includes commission, fees, shares, consideration in kind, or other remuneration or incentives in respect of the performance of the project or investment

                Added: January 2014

        • HC-5.5 HC-5.5 Board of Directors' Remuneration

          • HC-5.5.1

            Remuneration of non-executive directors must not include performance-related elements such as grants of shares, share options or other deferred stock-related incentive schemes, bonuses, or pension benefits.

            October 2010

          • HC-5.5.2

            The Board of Directors' remuneration must be capped so that total remuneration is in line with Article 188 of the Company Law, in any financial year and has been approved by the shareholders.

            Amended: April 2015
            Amended: July 2014
            Added: January 2014

          • HC-5.5.3

            If a senior manager is also a director, his remuneration as a senior manager must take into account compensation received in his capacity as a director.

            Added: January 2014

          • HC-5.5.4

            In the years where the bank has not generated any profits it must comply with the approval requirements of Article 188 of the Company Law.

            Added: January 2014

          • HC-5.5.5

            In addition to the requirements of Article 188 of the Company Law, the articles of association regarding remuneration of the board of directors must be in line with the Rules outlined in this Chapter.

            Added: January 2014

        • HC-5.6 HC-5.6 [This Section was deleted and is replaced with requirements contained under Section HC-5.4]

          Deleted: January 2014

          • HC-5.6.1

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            October 2010

          • HC-5.6.2

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            October 2010

          • HC-5.6.3

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            October 2010

          • HC-5.6.4

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            October 2010

          • HC-5.6.5

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            October 2010

          • HC-5.6.6

            [This paragraph was deleted and is replaced with requirements contained under Section HC-5.4]

            Deleted: January 2014
            Amended: January 2012
            October 2010

      • HC-6 HC-6 Management Structure

        • HC-6.1 HC-6.1 Principle

          • HC-6.1.1

            The Board must establish a clear and efficient management structure.

            October 2010

        • HC-6.2 HC-6.2 Establishment of Management Structure

          • HC-6.2.1

            The Board must appoint senior management whose authority must include management and operation of current activities of the Islamic bank licensee under the direction and oversight of the Board. The senior management must include at a minimum:

            (a) A CEO;
            (b) A chief financial officer;
            (c) A corporate secretary; and
            (d) An internal auditor,

            and must also include such other approved persons as the Board considers appropriate.

            Amended: April 2020
            Amended: October 2011
            Added: October 2010

        • HC-6.3 HC-6.3 Titles, Authorities, Duties and Reporting Responsibilities

          • HC-6.3.1

            The Board must adopt by-laws prescribing each senior manager's title, authorities, duties, accountabilities and internal reporting responsibilities. This must be done with the advice of the Nominating Committee and in consultation with the CEO, to whom the other senior managers should normally report.

            Amended: January 2012
            October 2010

          • HC-6.3.2

            These provisions must include but should not be limited to the following:

            (a) The CEO must have authority to act generally in the Islamic bank licensee's name, representing the Islamic bank licensee's interests in concluding transactions on the Islamic bank licensee's behalf and giving instructions to other senior managers and Islamic bank licensee employees;
            (b) The chief financial officer must be responsible and accountable for:
            (i) The complete, timely, reliable and accurate preparation of the Islamic bank licensee's financial statements, in accordance with the accounting standards and policies of the Islamic bank licensee (see also HC-3.4.1); and
            (ii) Presenting the Board with a balanced and understandable assessment of the Islamic bank licensee's financial situation;
            (c) The corporate secretary's duties must include arranging, recording and following up on the actions, decisions and meetings of the Board and of the shareholders (both at annual and extraordinary meetings) in books to be kept for that purpose; and
            (d) The internal auditor's duties must include providing an independent and objective review of the efficiency of the Islamic bank licensee's operations. This would include a review of the accuracy and reliability of the Islamic bank licensee's accounting records and financial reports as well as a review of the adequacy and effectiveness of the Islamic bank licensee's risk management, control, and governance processes.
            October 2010

          • HC-6.3.3

            The Board should also specify any limits which it wishes to set on the authority of the CEO or other senior managers, such as monetary maximums for transactions which they may authorise without separate Board approval.

            October 2010

          • HC-6.3.4

            The corporate secretary should be given general responsibility for reviewing the Islamic bank licensee's procedures and advising the Board directly on such matters (see Rule HC-6.3.2(c)). Whenever practical, the corporate secretary should be a person with legal or similar professional experience and training

            October 2010

          • HC-6.3.5

            At least annually the Board shall review and concur in a succession plan addressing the policies and principles for selecting a successor to the CEO, both in emergencies and in the normal course of business. The succession plan should include an assessment of the experience, performance, skills and planned career paths for possible successors to the CEO.

            October 2010

        • HC-6.4 HC-6.4 Compliance

          • HC-6.4.1

            Compliance starts at the top. It will be most effective in a corporate culture that emphasises standards of honesty and integrity and in which the board of directors and senior management lead by example. It concerns everyone within the bank and should be viewed as an integral part of the bank's business activities. A bank should hold itself to high standards when carrying on business, and at all times strive to observe the spirit as well as the letter of the law. Failure to consider the impact of its actions on its shareholders, customers, employees and the markets may result in significant adverse publicity and reputational damage, even if no law has been broken.

            Amended: January 2019
            October 2010

          • HC-6.4.2

            Islamic bank licensees must establish an effective compliance framework, which is appropriate for the size and complexity of their operations, for managing their compliance risks.

            Amended: January 2019
            October 2010

          • HC-6.4.3

            The term "Compliance risk" refers to the risk of legal or regulatory sanctions, material financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with laws, regulations, directives, directions, reporting requirements and codes of conduct, including internal code of conduct.

            Amended: January 2019
            Amended: October 2014
            October 2010

          • HC-6.4.4

            Compliance laws, rules and standards generally cover matters such as observing proper prudential standards, standards of market conduct, managing conflicts of interest, treating customers fairly and ensuring suitability of customer advice, as well as matters specified in HC-6.4.3 above. They typically include specific areas such as the prevention of money laundering and terrorist financing, and may extend to tax laws that are relevant to the structuring of banking products or customer advice.

            Added: January 2019

          • HC-6.4.5

            It is important that banks do not consider compliance function as a cost center rather it is an activity that enhances the reputation of the bank and promotes the right environment for better financial performance.

            Added: January 2019

          • HC-6.4.6

            The relationship between a bank's business units, the support functions and the compliance function can be explained using the three lines of defence model.

            a) The business units are the first line of defence. They undertake the management of risks within assigned limits of risk exposure and are responsible and accountable for identifying, assessing and controlling the risks of their business.
            b) The second line of defence includes the support functions, such as risk management, compliance, legal, human resources, finance, operations, and technology. Each of these functions, in close relationship with the business units, ensures that risks in the business units have been appropriately identified and managed. The business support functions work closely to help define strategy, implement bank policies and procedures, and collect information to create a bank-wide view of risks.
            c) The third line of defence is the internal audit function that independently assesses the effectiveness of the controls over the processes created in the first and second lines of defence and provides assurance on these processes. The responsibility for internal control does not transfer from one line of defence to the next line.
            Added: January 2019

          • Responsibilities of the Board of Directors

            • HC-6.4.7

              The board of directors of an Islamic bank licensee is responsible for overseeing the management of the bank's compliance risk. The board must establish a permanent and effective compliance function and approve the bank's compliance policies for identifying, assessing, monitoring, reporting and advising on compliance risk. At least once a year, the board or a designated board committee must assess the extent to which the bank is managing its compliance risk effectively. The board must also ensure that the agenda for the meetings of the board or the designated board committee include compliance as a topic at least every quarter.

              Amended: January 2020
              Added: January 2019

            • HC-6.4.8

              The board designated committee referred to in HC-6.4.7 may be the audit committee, the governance committee, the risk committee, or other committee which does not have a role in the business or executive roles, such as those relevant to executive committees and investment committees. For branches of foreign bank licensees, all references in this Section to the Board/the designated board committee should be interpreted as the Group Compliance Officer or a sufficiently senior level Regional Compliance Committee or Officer.

              Added: January 2019

          • Responsibilities of the Senior Management

            • HC-6.4.9

              Senior management is responsible for effective management of bank's compliance risk.

              Added: January 2019

            • HC-6.4.10

              Senior management is responsible for establishing the operating framework and the processes to support a permanent and an effective compliance function. It is responsible for establishing and communicating a written compliance policy through all levels of the organisation for ensuring that it is adhered to in practice. It is responsible also for approving the bank's compliance procedures for identifying, assessing, monitoring, reporting and advising on compliance risk.

              Amended: January 2020
              Added: January 2019

            • HC-6.4.11

              The compliance policy must be approved by the Board/the designated board committee and must address the following:

              (a) The role and responsibilities of the compliance function;
              (b) Measures to ensure its independence;
              (c) Its relationship with other risk management functions within the bank and with the internal audit function;
              (d) In cases where compliance responsibilities are carried out by staff in different departments, how these responsibilities are to be allocated among the departments;
              (e) Its right to obtain access to information necessary to carry out its responsibilities, and the corresponding duty of bank staff to cooperate in supplying this information;
              (f) Its right to conduct investigations of possible breaches of the relevant laws and regulations and the compliance policy and to appoint outside experts to perform this task if appropriate; and
              (g) Its right to be able freely to express and disclose its findings to the board of directors or to the designated board committee, e.g. the audit committee or the governance committee of the board.
              (h) The basic principles to be followed by management and staff describing the main processes by which compliance risks are to be identified and managed through all levels of the organization.
              Added: January 2019

            • HC-6.4.12

              The Board and the designated Board committee must ensure that all compliance findings and recommendations are resolved within six months for high risk/critical issues and 9 months for any other issues from the issue date of the subject compliance report unless otherwise agreed with the CBB taking into consideration time required for specific issues that may require substantive changes to technology, systems and/or processes.

              Added: January 2019

            • HC-6.4.13

              Senior management must assess the training needs of staff taking into account the existing skills and competencies, the nature of changes to laws and regulations in developing a training plan for compliance across all levels throughout the organisation. Training must be provided by competent and skilled personnel, whether available internally or externally. Training that is provided must reflect the seniority, role and responsibilities of the individuals for whom it is intended.

              Added: January 2019

          • Compliance Function

            • HC-6.4.14

              Islamic bank licensees must organise their compliance function and set priorities for the management of their compliance risk in a way that is consistent with their own risk management strategy and structures.

              Added: January 2019

            • HC-6.4.15

              The compliance function must be independent and effective. It must be headed by an executive or senior staff member with overall responsibility for co-ordinating the identification and management of the bank's compliance risk and for supervising the activities of other compliance function staff.

              Added: January 2019

            • HC-6.4.16

              The Head of Compliance, with the assistance of senior management must:

              (a) report to the board of directors or the designated committee of the board on a quarterly basis, even if there are no issues to highlight,
              (b) report to the board or the designated committee of the board on the bank's management of its compliance risk, in such a manner as to assist board members to make an informed judgment on whether the bank is managing its compliance risk effectively;
              (c) report promptly to the board or the designated committee of the board on any material compliance failures as they arise (e.g. failures that may attract a significant risk of legal or regulatory sanctions, material financial loss, or loss to reputation); and
              (d) ensure that senior management develop remedial action plans to address compliance breaches.
              Added: January 2019

            • HC-6.4.17

              The role of head of compliance may be combined with those of the head of risk if the size and nature of the bank justifies a single function for both roles. Banks which carry out limited operations or are small branches of foreign banks would qualify for such a practice.

              Added: January 2019

            • HC-6.4.18

              The compliance function should assist senior management, the board and the designated committee of the board in their compliance obligations and help promote the right culture within the bank. While the board and management are accountable for the bank's compliance, the compliance function has an important role in supporting corporate values, policies and processes that help ensure that the bank acts responsibly and fulfils all applicable obligations.

              Added: January 2019

            • HC-6.4.19

              The independence and effectiveness of the function must be based on the following related elements:

              (a) The compliance function must have a formal status with sufficient authority within the bank;
              (b) There must be a group compliance officer or head of compliance with overall responsibility for co-ordinating the management of the bank's compliance risk;
              (c) Compliance function staff, and in particular, the head of compliance, must not be placed in a position where there is a possible conflict of interest between their compliance responsibilities and any other responsibilities they have;
              (d) Compliance function staff must have access to the information and personnel necessary to carry out their responsibilities; and
              (e) The compliance function must directly report to the board or a designated board committee in the case of Bahraini Islamic bank licensees) and administratively to the CEO; and
              (f) In the case of branches of foreign bank licensees, the reporting must be to the Group Compliance Officer or Regional Compliance Officer and may report administratively to the CEO/GM.
              Added: January 2019

            • HC-6.4.20

              The concept of independence does not mean that the compliance function cannot work closely with management and staff in the various business units. Indeed, a co-operative working relationship between compliance function and business units should help to identify and manage compliance risks at an early stage. Rather, the various elements described above should be viewed as safeguards to help ensure the effectiveness of the compliance function, notwithstanding the close working relationship between the compliance function and the business units. The way in which the safeguards are implemented will depend to some extent on the specific responsibilities of individual compliance function staff.

              Added: January 2019

            • HC-6.4.21

              The compliance function should be free to highlight to senior management on any irregularities or possible breaches disclosed by its investigations, without fear of retaliation or disfavour from management or other staff members.

              Added: January 2019

            • HC-6.4.22

              Appointment, dismissal and other changes to the head of compliance must be approved by the board or the designated board committee. Appointments of head of compliance must be approved by the CBB in accordance with paragraph LR-1A.1.17. If the head of compliance is removed from his or her position for any reason, this must be notified to the CBB, describing fully the reasons as required under paragraph LR-1A.1.22.

              Added: January 2019

            • HC-6.4.23

              Islamic bank licensees must ensure that the compliance risk management framework is subject to an independent review by a third party consultant, other than the external auditor, every three years and when there are material changes to the business. The results of the independent review and action must be provided to the CBB by 30th September of the relevant year.

              Added: January 2019

            • HC-6.4.24

              The responsibilities of the compliance function must be carried out under a compliance programme that sets out its planned activities, such as the implementation and review of specific policies and procedures, compliance risk assessment, compliance testing, and educating staff on compliance matters. The compliance programme must be risk based and subject to oversight by the head of compliance to ensure appropriate coverage across businesses and co-ordination among risk management functions.

              Added: January 2019

            • HC-6.4.25

              The Compliance function must on a pro-active basis, identify, measure, document and assess the compliance risks associated with the bank's business activities including the development of new products and business practices; the proposed establishment of new types of business or customer relationships, or material changes in the nature of such relationships. If the bank has a new products committee, the compliance function staff should be represented on the committee.

              Added: January 2019

            • HC-6.4.26

              While the Compliance function is responsible for oversight and compliance checks across the full spectrum of compliance risk areas, it is recognised that many areas of compliance require specialist skills which can be found in different parts of the organisation, example, the skill sets for compliance with ICAAP can be found either with financial control or with risk management, for compliance with labour laws, the specialist skills are with human resources departments etc. In such cases, the compliance function ensures that the right levels of checks and balances and compliance reporting are available to get comfort that the licensee has adhered to the relevant requirements. In certain instances, it may use external experts with the approval of the relevant authority within the bank.

              Added: January 2019

            • HC-6.4.27

              The compliance function should consider ways to measure compliance risk (e.g. by using performance indicators) and use such measurements to enhance compliance risk assessment.

              Added: January 2019

            • HC-6.4.28

              In case of new regulations, the compliance function must assess the appropriateness of the bank's compliance procedures and guidelines, promptly follow up any identified deficiencies, and, where necessary, formulate proposals for amendments.

              Added: January 2019

          • Monitoring, testing and reporting

            • HC-6.4.29

              The compliance function must monitor and test compliance by performing sufficient and representative compliance testing. The results of the compliance testing must be reported to the board or designated committee of the board.

              Added: January 2019

            • HC-6.4.30

              The compliance function must advise senior management and the designated committee of the board on all relevant laws, rules and standards, in all jurisdictions in which the bank conducts its business, and inform them on developments in the subject.

              Added: January 2019

          • Guidance and education

            • HC-6.4.31

              The compliance function must assist senior management in:

              a) Educating staff on compliance issues, and acting as a contact point within the bank for compliance queries from staff members; and
              b) Establishing written guidance to staff on the appropriate implementation of laws, rules and standards through policies and procedures and other documents such as manuals, internal codes of conduct and practice guidelines.
              Added: January 2019

          • Statutory responsibilities and liaison

            • HC-6.4.32

              The compliance function must have specific statutory responsibilities (e.g. fulfilling the role of anti-money laundering officer). It may also liaise with relevant external bodies, including regulators, standard setters and external experts.

              Added: January 2019

          • Right of access

            • HC-6.4.33

              The compliance function must have access across the entire organisation to carry out its responsibilities on its own initiative where compliance risk exists. It must, additionally, have the right to communicate with any staff member and to obtain access to any records or files necessary to conduct its responsibilities and to conduct investigations of possible breaches of the compliance policy and to request assistance from specialists within the bank (e.g. legal or internal audit) or engage outside specialists' subject to appropriate internal approval to perform this task if appropriate.

              Added: January 2019

          • Competent Resources

            • HC-6.4.34

              The compliance function must have adequate resources to carry out its functions effectively commensurate with the size and complexity of the organisation. The resources to be provided for the compliance function must be both sufficient and appropriate to ensure that compliance risk within the bank is managed effectively.

              Added: January 2019

            • HC-6.4.35

              The compliance function staff must have the necessary qualifications, experience and professional and personal qualities to enable them to carry out their specific duties. Compliance function staff must have a sound understanding of laws, rules and standards and their practical impact on the bank's operations.

              Added: January 2019

            • HC-6.4.36

              The professional skills of compliance function staff, especially with respect to keeping up-to-date with developments in compliance laws, rules and standards, must be maintained through regular and systematic education and training.

              Added: January 2019

          • Relationship with Internal Audit

            • HC-6.4.37

              The scope and breadth of the activities of the compliance function must be subject to periodic review by the internal audit function.

              Added: January 2019

            • HC-6.4.38

              Compliance risk must be included in the risk assessment methodology of the internal audit function, and an audit programme that covers the adequacy and effectiveness of the bank's compliance function should be established, including testing of controls commensurate with the perceived level of risk.

              Added: January 2019

            • HC-6.4.39

              The compliance function and the internal audit function must be separate, to ensure that the activities of the compliance function are subject to independent review. It is important, therefore, that there is a clear understanding within the bank as to how risk assessment and testing activities are divided between the two functions, and that this is documented (e.g. in the bank's compliance policy or in a related document such as a protocol). The internal audit function must, of course, keep the head of compliance informed of any audit findings relating to compliance.

              Added: January 2019

          • Cross-border Issues

            • HC-6.4.40

              Islamic bank licensees that conduct business through a branch or subsidiary in other jurisdictions must through the Group Compliance Function:

              (a) comply with local laws and regulations;
              (b) have Group Compliance policy and procedures; and
              (c) conduct annual compliance testing on overseas operations whose total revenue represents 20% or more of the Group's total revenue and on every two years' basis for other overseas operations.
              Added: January 2019

            • HC-6.4.41

              Islamic bank licensees must have procedures in place to identify and assess the possible increased reputational risk to the bank if it offers products or carries out activities in certain jurisdictions.

              Added: January 2019

            • HC-6.4.42

              Islamic bank licensees with overseas operations must establish a Group Compliance Function which must oversee the compliance activities on a group-wide basis. The Group Compliance Officer must ensure that compliance reviews and checks are carried out at branches and subsidiaries. As legal and regulatory requirements may differ from jurisdiction to jurisdiction, compliance issues specific to each jurisdiction must be coordinated within the structure of the bank's group-wide compliance policy.

              Added: January 2019

            • HC-6.4.43

              The senior management with assistance of Group Compliance Officer must ensure that adequate resources, commensurate with the scale and complexity of the operations, are assigned for compliance activities at, the head office, branches and subsidiaries.

              Added: January 2019

            • HC-6.4.44

              The Group Compliance Officer must ensure that adequate reports and information is received from overseas branches and subsidiaries on compliance related issues.

              Added: January 2019

          • Outsourcing

            • HC-6.4.45

              Compliance function or its activities must not be outsourced.

              Added: January 2019

          • Other requirements

            • HC-6.4.46

              Every application/request for approval to the CBB must be accompanied by a compliance assessment report confirming that all related requirements pertaining to the request have been thoroughly checked by the compliance function including the impact of such a request on the licensee's financial position and compliance status. In addition, reference must be made to any previously approved arrangements by the CBB.

              Added: January 2019

            • HC-6.4.47

              In cases where the requests have a potential financial impact on the licensee a report from the financial control function in consultation with external auditors must also be submitted as part of the compliance assessment report, whereas in case of any legal implication of such a request a legal opinion on the matter must be submitted.

              Added: January 2019

            • HC-6.4.48

              Where breaches or deficiencies have occurred due to failures by approved persons, the CBB may consider re-assessing the fitness and propriety of such persons.

              Added: January 2019

        • HC-6.5 HC-6.5 Internal Audit

          • Introduction

            Added: April 2018

            • HC-6.5.1

              Islamic bank licensee's must establish and implement an effective internal audit function which provides an independent and objective assurance to the board of directors and senior management on the quality and effectiveness of a bank's internal control, risk management and governance systems and processes, to protect the bank and its reputation.

              Added: April 2018

            • HC-6.5.2

              The internal audit function must develop an independent and informed view of the risks faced by the bank based on its access to all bank records and data, its enquiries, and its professional competence. The internal audit function must discuss its views, findings and conclusions directly with the audit committee and, if necessary with the board of directors at their routine quarterly meetings, thereby helping the board to oversee senior management.

              Added: April 2018

            • HC-6.5.3

              In this Section, all references to the board of directors may also be taken as referring to the bank's audit committee where the audit committee is mandated to carry out such functions on the board's behalf.

              Added: April 2018

            • HC-6.5.4

              For branches of foreign bank licensee's, and where no local board of directors exists, all references in this Module to the board of directors should be interpreted as the Head Office/ Regional Office.

              Added: April 2018

            • HC-6.5.5

              This Section applies in its entirety to all locally incorporated banks, including those within a banking group, and to holding companies whose subsidiaries are predominantly banks. While Module LR requires that all banks including branches must have an internal auditor as a controlled function in the Kingdom, only Paragraphs HC-6.5.7 to HC-6.5.23, HC-6.5.28 to HC-6.5.42 and HC-6.5.69 to HC-6.5.70 would be directly applicable to branches of foreign bank licensee's in Bahrain in terms of the internal audit function located here. Branches should ensure that equivalent arrangements are in place at the parent level for other requirements in this Section and these arrangements provide for an effective internal audit function over activities conducted under the Bahrain license.

              Added: April 2018

            • HC-6.5.6

              The extent of application of this Section must be commensurate with the significance, complexity and international presence of the bank (principle of proportionality).

              Added: April 2018

            • HC-6.5.7

              The key features for the effective operation of an internal audit function are:

              (a) Independence and objectivity;
              (b) Professional competence and due professional care; and
              (c) Professional ethics
              Added: April 2018

          • Independence and Objectivity

            • HC-6.5.8

              Islamic bank licensees internal audit function must be independent of the audited activities. This means that the internal audit is independent of all functions including compliance, risk management and financial control functions. The internal audit function must also have sufficient standing and authority within the bank and must operate according to sound principles.

              Added: April 2018

            • HC-6.5.9

              The internal audit function must report directly to the audit committee and administratively to the CEO, thereby providing a framework for internal auditors to carry out their assignments with objectivity.

              Added: April 2018

            • HC-6.5.10

              The internal audit function must be able to perform its assignments on its own initiative in all areas and functions of the bank based on the audit plan established by the head of the internal audit function and approved by the board of directors or audit committee. It must be free to report its findings and assessments internally through clear reporting lines. The head of internal audit must demonstrate appropriate leadership and have the necessary personal characteristics and professional skills to fulfill his or her responsibility for maintaining the function's independence and objectivity.

              Added: April 2018

            • HC-6.5.11

              The internal audit function must not be involved in designing, selecting, implementing or operating specific internal control measures. However, the independence of the internal audit function must not prevent senior management from requesting input from internal audit on matters related to risk and internal controls. Nevertheless, the development and implementation of internal controls must remain the responsibility of management.

              Added: April 2018

            • HC-6.5.12

              Islamic bank licensees should, whenever practicable and without jeopardising competence and expertise, periodically rotate internal audit staff within the internal audit function.

              Added: April 2018

          • Professional Competence and Due Professional Care

            • HC-6.5.13

              The head of internal audit must have the responsibility for acquiring human resources with sufficient qualifications and skills to effectively deliver on the mandate for professional competence and to audit to the required level. He/she must continually assess and monitor the skills necessary to do so. The skills required for senior internal auditors must include the abilities to judge outcomes and make an impact at the highest level of the organisation.

              Added: April 2018

            • HC-6.5.14

              For purposes of Paragraph HC-6.5.13, professional competence depends on the auditor's capacity to collect and understand information, to examine and evaluate audit evidence and to communicate with the stakeholders of the internal audit function.

              Added: April 2018

            • HC-6.5.15

              The head of internal audit must ensure that internal audit staff acquire appropriate ongoing training in order to meet the growing technical complexity of the Islamic Bank licensee's activities and the increasing diversity of tasks that need to be undertaken as a result of the introduction of new products and processes within the Islamic Bank licensee and other developments in the financial sector.

              Added: April 2018

            • HC-6.5.16

              The internal audit function collectively must be competent to examine all areas in which the bank operates. When internal audit is outsourced, the head of internal audit/coordinator must ensure that the use of those experts does not compromise the independence and objectivity of the internal audit function.

              Added: April 2018

            • HC-6.5.17

              For purposes of Paragraph HC-6.5.16, the coordinator must be an approved person within the Islamic Bank licensee.

              Added: April 2018

            • HC-6.5.18

              The head of internal audit/coordinator should ensure that, whenever practical, the relevant knowledge input from an expert is assimilated into the organisation. This may be possible by having one or more members of the bank's internal audit staff participate in the external expert's work.

              Added: April 2018

            • HC-6.5.19

              Internal auditors must apply the care and skills expected of a reasonably prudent and competent professional. Due professional care does not imply infallibility; however, internal auditors having limited competence and experience in a particular area must be appropriately supervised by more experienced internal auditors.

              Added: April 2018

          • Professional Ethics

            • HC-6.5.20

              Internal auditors must act with integrity. Integrity includes, being straightforward, honest and truthful.

              Added: April 2018

            • HC-6.5.21

              Internal auditors must respect the confidentiality of information acquired in the course of their duties. They must not use that information (particularly 'confidential information' as defined in Article 116 of the CBB Law) for personal gain or malicious action and must be diligent in the protection of information acquired.

              Added: April 2018

            • HC-6.5.22

              The head of the internal audit function and all internal auditors must avoid conflicts of interest (see Section HC-2.3). Internally recruited internal auditors must not engage in auditing activities for which they have had previous responsibility before a one year "cooling off" period has elapsed.

              Added: April 2018

            • HC-6.5.23

              Internal auditors must adhere to the code of ethics of both the bank and The Institute of Internal Auditors (see Section HC-2.2).

              Added: April 2018

          • Internal Audit Charter

            • HC-6.5.24

              All Bahraini Islamic bank licensee's must have an internal audit charter that articulates the purpose, standing and authority of the internal audit function within the bank in a manner that promotes an effective internal audit function as described in Paragraph HC-6.5.1.

              Added: April 2018

            • HC-6.5.25

              The charter must be drawn up and reviewed annually by the head of internal audit and approved by the board of directors or audit committee. It must be available to all internal stakeholders and, in certain circumstances, such as listed entities, to external stakeholders.

              Added: April 2018

            • HC-6.5.26

              At a minimum, the internal audit charter must establish:

              (a) The internal audit function's standing within the bank, its authority, its responsibilities and its relations with other control functions in a manner that promotes the effectiveness of the function as described in Paragraphs HC-6.5.1 and HC-6.5.2;
              (b) The purpose and scope of the internal audit function;
              (c) The key features of the internal audit function described in Paragraphs HC-6.5.8 to HC-6.5.23;
              (d) The obligation of the internal auditors to communicate the results of their engagements and a description of how and to whom this must be done (reporting line);
              (e) The criteria for when and how the internal audit function may outsource some of its engagements to external experts;
              (f) The terms and conditions according to which the internal audit function can be called upon to provide consulting or advisory services or to carry out other special tasks;
              (g) The responsibility and accountability of the head of internal audit;
              (h) A requirement to comply with sound internal auditing standards; and
              (i) Procedures for the coordination of the internal audit function with the external auditor.
              Added: April 2018

            • HC-6.5.27

              The charter must empower the internal audit function, whenever relevant to the performance of its assignments and discharge of its duties, to initiate direct communication with any member of staff, to examine any activity or entity of the bank, and to have full and unconditional access to any records, files, data and physical properties of the bank. This includes access to management information systems and records and the minutes of board and sub-board committee meetings and all consultative and decision-making committees.

              Added: April 2018

          • Scope of Activity

            • HC-6.5.28

              The scope of internal audit activities must include the examination and evaluation of the effectiveness of the internal control, risk management and governance systems and processes of the entire bank, including the bank's outsourced activities and its subsidiaries (including SPVs) and branches.

              Added: April 2018

            • HC-6.5.29

              The internal audit function must independently evaluate the:

              (a) Effectiveness and efficiency of internal control, risk management and governance systems and processes created by the business units and support functions in the context of both current and potential or actual emerging risks and provide assurance on these systems and processes;
              (b) Reliability, effectiveness and integrity of management information systems and processes (including relevance, accuracy, completeness, availability, confidentiality and comprehensiveness of data);
              (c) Monitoring of compliance with laws and regulations, including any requirements from the CBB; and
              (d) Safeguarding of assets.
              Added: April 2018

            • HC-6.5.30

              The head of internal audit must establish, prior to year-end an annual internal audit plan. It must be based on a robust risk assessment (including direct or indirect input from senior management and the board).

              Added: April 2018

            • HC-6.5.31

              The audit committee's approval of the audit plan also requires that an appropriate budget will be available to support the internal audit function's activities.

              Added: April 2018

            • HC-6.5.32

              The scope of the internal audit function's activities must ensure adequate coverage of matters of regulatory interest within the audit plan.

              Added: April 2018

          • Risk Management

            • HC-6.5.33

              Internal audit must include in its scope the following aspects of risk management:

              (a) The organisation and mandates of the risk management function including market, credit, liquidity, interest rate and operational risks;
              (b) Evaluation of risk appetite, escalation and reporting of issues and decisions taken by the risk management function;
              (c) The adequacy of risk management systems and processes for identifying, measuring, assessing, controlling, responding to, and reporting on all the risks resulting from the bank's activities;
              (d) The integrity of the risk management information systems, including the accuracy, reliability and completeness of the data used;
              (e) The approval and maintenance of risk models including verification of the consistency, timeliness, independence and reliability of data sources used in such models;
              (f) Information technology and information security;
              (g) The bank's system for identifying and measuring its regulatory capital and assessing the adequacy of its capital resources in relation to the bank's risk exposures and established minimum ratios; and
              (h) The review of management's process for stress testing its capital levels, taking into account the frequency of such exercises, their purpose (e.g., internal monitoring vs. regulator imposed), the reasonableness of scenarios and the underlying assumptions employed, and the reliability of the processes used.
              Added: April 2018

            • HC-6.5.34

              When the risk management function has not informed the board of directors about the existence of a significant divergence of views between senior management and the risk management function regarding the level of risk faced by the bank, the head of internal audit must inform the audit committee about this divergence.

              Added: April 2018

          • Capital Adequacy and Liquidity

            • HC-6.5.35

              The internal audit must review the bank's system for identifying and measuring its regulatory capital and assessing the adequacy of its capital resources in relation to the bank's risk exposures and established minimum ratios.

              Added: April 2018

            • HC-6.5.36

              Internal audit must review management's process for stress testing its capital levels.

              Added: April 2018

            • HC-6.5.37

              Internal audit must review the effectiveness of the bank's systems and processes for measuring and monitoring its liquidity positions in relation to its risk profile, external environment, and minimum regulatory requirements including the requirement set out in Paragraph CA-1.3.4.

              Added: April 2018

          • Regulatory and Internal Reporting

            • HC-6.5.38

              The internal audit function must regularly evaluate the effectiveness of the process by which the risk and reporting functions interact to produce timely, accurate, reliable and relevant reports for both internal management and the CBB. Such reports include, but not limited to, the PIR and public disclosure requirements included in the CBB Rulebook, Module PD.

              Added: April 2018

          • Compliance

            • HC-6.5.39

              The internal audit function must periodically review the scope of the activities of the compliance function using the risk-based approach. The audit of the compliance function must include an assessment of how effectively it fulfils its responsibilities.

              Added: April 2018

          • Finance

            • HC-6.5.40

              The internal audit function must periodically review the controls over the bank's finance function using the risk-based approach.

              Added: April 2018

            • HC-6.5.41

              The internal audit function must devote sufficient resources to evaluate the valuation control environment, availability and reliability of information or evidence used in the valuation process and the reliability of estimated fair values. This is achieved through reviewing the independent price verification processes and testing valuations of significant transactions.

              Added: April 2018

            • HC-6.5.42

              The internal audit function must, as a minimum, also include the following aspects in its scope:

              (a) The organisation and mandate of the finance function;
              (b) The adequacy and integrity of underlying financial data and finance systems and processes for completely identifying, capturing, measuring and reporting key data such as profit or loss, valuations of financial instruments and impairment allowances;
              (c) The approval and maintenance of pricing models including verification of the consistency, timeliness, independence and reliability of data sources used in such models;
              (d) Controls in place to prevent and detect trading irregularities; and
              (e) Balance sheet controls including key reconciliations performed and actions taken (e.g. adjustments).
              Added: April 2018

          • Permanency of the Internal Audit Function

            • HC-6.5.43

              The internal audit function must be structured consistent with Paragraphs HC-6.5.61 to HC-6.5.65. Senior management and the board must ensure that the internal audit function is permanent and commensurate with the size, the nature and complexity of the bank's operations.

              Added: April 2018

            • HC-6.5.44

              Where the head of internal audit function ceases to act in this capacity, the CBB will meet with him/her to discuss the reasons.

              Added: April 2018

          • Responsibilities of the Board of Directors and Senior Management

            • HC-6.5.45

              Islamic bank licensees board of directors must ensure that senior management establishes and maintains an adequate, effective and efficient internal control system (see HC-1.2.3(c)) and accordingly, the board must support the internal audit function in discharging its duties effectively.

              Added: April 2018

            • HC-6.5.46

              The board of directors must review at least annually, the effectiveness and efficiency of the internal control system based, in part, on information provided by the internal audit function (see HC-1.2.10).

              Added: April 2018

            • HC-6.5.47

              The board of directors, its audit committee and senior management must promote a strong internal control environment supported and assessed by a sound internal audit function.

              Added: April 2018

            • HC-6.5.48

              As part of their oversight responsibilities, the audit committee must review the performance of the internal audit function.

              Added: April 2018

            • HC-6.5.49

              Every five years, the audit committee must commission an independent external quality assurance review of the internal audit function.

              Added: April 2018

            • HC-6.5.50

              Senior management must inform the internal audit function of new developments, initiatives, projects, products and operational changes.

              Added: April 2018

            • HC-6.5.51

              Senior management must ensure that all internal audit findings and recommendations are resolved within six months for high risk/critical issues and 12 months for any other issues from the issue date of the subject internal audit report.

              Added: April 2018

            • HC-6.5.52

              Senior management must ensure that the head of internal audit has the necessary resources, financial and otherwise, available to carry out his or her duties commensurate with the annual internal audit plan, scope and budget approved by the audit committee.

              Added: April 2018

          • Responsibilities of the Audit Committee in relation to the Internal Audit Function

            • HC-6.5.53

              The audit committee must oversee the bank's internal audit function (see also Paragraph HC-3.2.3).

              Added: April 2018

            • HC-6.5.54

              The bank's audit committee and the internal audit function must develop and maintain their own tools to assess the quality of the internal audit function.

              Added: April 2018

            • HC-6.5.55

              The audit committee must ensure that the internal audit function is able to discharge its responsibilities in an independent manner, consistent with Paragraph HC-6.5.8. It must review and approve the audit plan, its scope, and the budget of the internal audit function. It must also review audit reports and ensure that senior management is taking necessary and timely corrective actions to address control weaknesses, compliance issues with policies, laws and regulations, and other concerns identified and reported by the internal audit function.

              Added: April 2018

          • Management of the Internal Audit Function

            • HC-6.5.56

              The head of the internal audit function must ensure that the function complies with The Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing.

              Added: April 2018

            • HC-6.5.57

              The audit committee must ensure that the head of the internal audit function is a person of integrity. This means that he or she will be able to perform his or her work with honesty, diligence and responsibility. It also implies that this person observes the law and has not been a party to any illegal activity. The head of internal audit must also ensure that the members of internal audit staff are persons of integrity.

              Added: April 2018

          • Reporting Lines of the Internal Audit Function

            • HC-6.5.58

              The internal audit function must be accountable to the audit committee, on all matters related to the performance of its mandate as described in the internal audit charter. It must also promptly inform the CEO and other related Heads of Functions about its findings.

              Added: April 2018

            • HC-6.5.59

              The internal audit function must inform senior management of all significant findings so that timely corrective actions can be taken. Subsequently, the internal audit function must follow up with senior management on the outcome of these corrective measures. The head of the internal audit function must quarterly report to the audit committee, the status of pending findings.

              Added: April 2018

          • The Relationship between the Internal Audit, Compliance and Risk Management Functions

            • HC-6.5.60

              The relationship between a bank's business units, the support functions and the internal audit function can be explained using the three lines of defence model. The business units are the first line of defence. They undertake the management of risks within assigned limits of risk exposure and are responsible and accountable for identifying, assessing and controlling the risks of their business. The second line of defence includes the support functions, such as risk management, compliance, legal, human resources, finance, operations, and technology. Each of these functions, in close relationship with the business units, ensures that risks in the business units have been appropriately identified and managed. The business support functions work closely to help define strategy, implement bank policies and procedures, and collect information to create a bank-wide view of risks. The third line of defence is the internal audit function that independently assesses the effectiveness of the controls over the processes created in the first and second lines of defence and provides assurance on these processes. The responsibility for internal control does not transfer from one line of defence to the next line.

              Added: April 2018

          • Internal Audit within a Group or Holding Company Structure

            • HC-6.5.61

              The internal auditors who perform the internal audit work at the bank must report to the bank's audit committee, or its equivalent, and to the group or holding company's head of internal audit.

              Added: April 2018

            • HC-6.5.62

              To facilitate a consistent approach to internal audit across all the banks within a banking organisation, the board of directors of each bank within a banking group or holding company structure should ensure that either:

              (a) The bank has its own internal audit function, which should be accountable to the bank's board and should report to the banking group or holding company's head of internal audit; or
              (b) The banking group or holding company's internal audit function performs internal audit activities of sufficient scope at the bank to enable the board to satisfy its fiduciary and legal responsibilities.
              Added: April 2018

            • HC-6.5.63

              The board of directors and senior management of the parent bank in a banking group must ensure that an adequate and effective internal audit function is established across the banking organisation and must ensure that internal audit policies and practices are appropriate to the structure, business activities and risks of all of the components of the group or holding company.

              Added: April 2018

            • HC-6.5.64

              The head of internal audit at the level of the parent bank must define the group or holding company's internal audit strategy, determine the organisation of the internal audit function both at the parent and subsidiary bank levels (in consultation with these entities' respective audit committees and in accordance with local laws) and formulate the internal audit principles, which include the audit methodology and quality assurance measures.

              Added: April 2018

            • HC-6.5.65

              The group or holding company's internal audit function must determine the audit scope for the banking organisation. In doing so, it must comply with local legal and regulatory provisions and incorporate local knowledge and experience.

              Added: April 2018

          • Outsourcing of Internal Audit Activities

            • HC-6.5.66

              Regardless of whether internal audit activities are outsourced, the board of directors remains ultimately responsible for the internal audit function.

              Added: April 2018

            • HC-6.5.67

              The head of internal audit/coordinator must maintain adequate oversight and ensure that any outsourcing providers comply with the principles of the bank's internal audit charter.

              Added: April 2018

            • HC-6.5.68

              To preserve independence, the head of internal audit/coordinator must ensure that the outsourcing provider has not been previously engaged in a consulting engagement in the same area within the bank unless a one year "cooling-off" period has elapsed. Subsequently, those experts who participated in an internal audit engagement must not provide consulting services to a function of the bank they have audited within the previous 12 months. Additionally, banks must not outsource internal audit activities to their own external audit firm (see OM-3).

              Added: April 2018

          • Communication between the CBB and the Internal Audit Function

            • HC-6.5.69

              The bank's internal auditor must have formal regular communication with the CBB to (i) discuss the risk areas identified, (ii) understand the risk mitigation measures taken by the bank, and (iii) monitor the bank's response to weaknesses identified.

              Added: April 2018

            • HC-6.5.70

              At least two weeks prior to the prudential meeting date, all internal audit reports issued since the last prudential meeting must be submitted to the CBB supervisory point of contact.

              Added: April 2018

        • HC-6.6 HC-6.6 Risk Management

          • Bank-wide Risk Management Framework

            • HC-6.6.1

              Islamic bank licensees must establish a sound risk management framework commensurate with the bank's size, complexity and risk profile. A risk management framework must have the following key features:

              (a) active Board and senior management oversight;
              (b) independent risk management function;
              (c) a Board driven sound risk management culture that is established throughout the bank;
              (d) appropriate policy, procedures and limits;
              (e) comprehensive and timely identification, measurement, mitigation, controlling, monitoring and reporting of risks;
              (f) appropriate management information systems ('MIS') at a business and bank-wide level; and
              (g) comprehensive internal controls.
              Added: July 2018

            • HC-6.6.2AA

              Further to the requirement in Paragraph HC-B.1.2, branches of foreign bank licensees must demonstrate that the activities of the Bahrain branch are subject to appropriate risk management oversight commensurate with the size, complexity, nature and the risk profile of the branch.

              Added: October 2019

            • HC-6.6.2

              More specifically, the risk management framework generally encompasses the process of:

              (a) developing and implementing the enterprise-wide risk governance framework, Subject to the review and approval of the board, which includes the bank's risk culture, risk appetite and risk limits;
              (b) identifying key risks to the bank including material individual, aggregate and emerging risks;
              (c) assessing the key risks and measuring the bank's exposures to them;
              (d) ongoing monitoring and assessing of the risk taking activities, decisions and risk exposures in line with the board-approved risk strategy, risk appetite, risk limits and determining the corresponding capital or liquidity needs (i.e. capital planning) on an ongoing basis;
              (e) reporting to senior management, and the board or risk committee as appropriate, on all the items noted in this Paragraph including but not limited to proposing appropriate risk-mitigating actions;
              (f) establishing an early warning or trigger system for breaches of the bank's risk appetite or limits; and
              (g) influencing and, when necessary, challenging decisions that give rise to material risk.
              Added: July 2018

            • HC-6.6.3

              Senior management must establish a risk management process that is not limited to credit, market, rate of return risk in the banking book (RRRBB), liquidity and operational risks, but which incorporates all material risks. This includes reputational and strategic risks, as well as risks that do not appear to be significant in isolation, but when combined with other risks, could lead to material losses.

              Added: July 2018

          • Independent Risk Management Function and Chief Risk Officer

            • HC-6.6.4

              All Islamic bank licensees must establish an independent Risk Management function and appoint a head of risk management function, referred to as Chief Risk Officer ('CRO') or any equivalent title. The function must be independent of the individual business lines and report directly to the Board of Directors or its Audit or Risk Committees and administratively to the Chief Executive Officer ('CEO'). The role of the CRO must be independent and distinct from other executive functions and business line responsibilities, and there must be no 'dual hatting' (i.e. the chief operating officer, CFO, chief auditor or other senior management personnel must not also serve as the CRO).

              Added: July 2018

            • HC-6.6.5

              For branches of foreign bank licensees, and where no local board of directors exists, all references in this Module to the board of directors should be interpreted as the Head Office/ Regional Office.

              Added: July 2018

            • HC-6.6.6

              [This Paragraph was deleted in October 2019].

              Deleted: October 2019
              Added: July 2018

            • HC-6.6.7

              Branches of foreign bank licensees operating in Bahrain have the choice of having an in-house risk management function in Bahrain or to outsource such role to their regional or Head offices.

              Amended: October 2019
              Added: July 2018

            • HC-6.6.8

              The CRO should have the ability to interpret and articulate risk in a clear and understandable manner and to effectively engage the board and management in constructive dialogue on key risk issues. The CRO should also not have any management or financial responsibility in respect of any operational business lines or revenue-generating functions. Interaction between the CRO and the board should occur regularly and be documented adequately. Non-executive board members should have the right to meet regularly — in the absence of senior management — with the CRO.

              Added: July 2018

            • HC-6.6.9

              The CRO has primary responsibility for overseeing the development and implementation of the bank's risk management framework. This includes the ongoing strengthening of risk management staff skills and enhancements to risk management systems, policies, processes, quantitative models and reports as necessary to ensure that the bank's risk management capabilities are sufficiently robust and effective to fully support its strategic objectives and all of its risk-taking activities. The CRO is responsible for supporting the board and the Risk Committee, as appropriate, in its engagement with and oversight of the development of the bank's risk strategy, risk appetite statement ('RAS') and for translating the risk appetite into a risk limits structure.

              Added: July 2018

            • HC-6.6.10

              The risk management function must have access to all business lines that have the potential to generate material risk to the Islamic bank licensee as well as to relevant risk-bearing subsidiaries.

              Added: July 2018

            • HC-6.6.11

              The CRO, together with management, must be actively engaged in monitoring performance relative to risk-taking and risk limit adherence. The CRO's responsibilities also include participating in key decision-making processes (e.g. strategic planning, capital and liquidity planning, new products and services development and compensation design and operation).

              Added: July 2018

            • HC-6.6.12

              The CRO must have sufficient organisational stature, authority, seniority within the organisation and necessary skills to oversee the bank's risk management activities.

              Added: July 2018

            • HC-6.6.13

              Appointment, dismissal and other changes to the CRO position must be approved by the board or its Risk/ Audit Committee. If the CRO is removed from his or her position for any reason, this must be disclosed publicly. The bank must also discuss the reasons for such removal with the CBB. The CRO's performance, compensation and budget must be reviewed and approved by the board Remuneration Committee.

              Added: July 2018

          • Board Risk Committee

            • HC-6.6.14

              Further to HC-1.8.1, all Bahraini Islamic bank licensees must establish a board risk committee composed of at least three independent directors. Such board risk committee must be responsible for supporting the board in its oversight and decisions related to the bank's risk management framework.

              Added: July 2018

            • HC-6.6.15

              The risk committee must meet the following requirements:

              (a) must be chaired by an independent director;
              (b) include a majority of members who are independent of day to day risk taking activities;
              (c) include members who have experience in risk management issues and practices;
              (d) develop a committee charter which among other matters include its role in the discussions of risk strategies, both at an aggregated basis and by type of risk and make recommendations to the board thereon, and on the risk appetite and risk limits;
              (e) review and revise as may be required, the bank's policies from a risk management perspective, at least every three years, unless there are material changes in the relevant Rulebook requirements or to the business conducted by the bank and / or its risk profile;
              (f) review and recommend the appointment or removal of Chief Risk Officer; and
              (g) oversee that the bank has in place processes to promote the bank's adherence to the approved risk policies.
              Added: July 2018

          • Role of Board and Senior Management

            • HC-6.6.16

              The Board must define the Islamic bank licensee's risk appetite and ensure that the bank's risk management framework is aligned with the bank's strategic, capital strategies and financial plans and compensation practices and includes detailed policy that sets specific bank-wide prudential limits on the bank's activities. The bank's risk appetite must be clearly conveyed through an RAS that can be easily understood by all relevant parties, the board itself, senior management and bank employees.

              Added: July 2018

            • HC-6.6.17

              The Islamic bank licensee's RAS must:

              (a) include both quantitative and qualitative considerations;
              (b) establish the individual and aggregate level and types of risk that the bank is willing to assume in advance of and in order to achieve its business activities within its risk capacity;
              (c) define the boundaries and business considerations in accordance with which the bank is expected to operate when pursuing the business strategy; and
              (d) be communicated effectively throughout the bank, linking it to daily operational decision-making and establishing the means to raise risk issues and strategic concerns across the bank.
              Added: July 2018

            • HC-6.6.18

              Developing and conveying the bank's risk appetite is essential to reinforcing a strong risk culture. The risk governance framework should outline actions to be taken when stated risk limits are breached, including disciplinary actions for excessive risk-taking, escalation procedures and board of director notification.

              Added: July 2018

            • HC-6.6.19

              The development of an effective RAS should be driven by both top-down board leadership and bottom-up management involvement. While the definition of risk appetite may be initiated by senior management, successful implementation depends upon effective interactions between the board, senior management, risk management and operating businesses, including the chief financial officer (CFO).

              Added: July 2018

            • HC-6.6.20

              The Board must ensure that:

              (a) a sound risk management culture is established throughout the bank;
              (b) appropriate limits are established that are consistent with the bank's risk appetite, risk profile and capital strength, and that are understood by, and regularly communicated to, relevant staff;
              (c) policy and processes are developed for risk-taking, that are consistent with the Risk Management Strategy and the established risk appetite;
              (d) uncertainties attached to risk measurement are recognised; and
              (e) senior management is taking all necessary steps to monitor and control all material risks consistent with the approved strategies and risk appetite.
              Added: July 2018

            • HC-6.6.21

              The Board of Directors and senior management must possess sufficient knowledge of all major business lines to ensure that appropriate policy, controls and risk monitoring systems are implemented effectively. They must have the necessary expertise to understand the activities in which the bank is involved — such as securitisation and off-balance sheet activities — and the associated risks. The Board and senior management must remain informed, on an on-going basis, about these risks as financial markets, risk management practices and the bank's activities evolve. In addition, the Board and senior management must ensure that accountability and lines of authority are clearly delineated.

              Added: July 2018

            • HC-6.6.22

              Before embarking on new lines of business or activities, the Board and senior management must identify and review the changes in risk profile arising from these potential new activities and ensure that the infrastructure and the internal controls necessary to manage any related risks, are in place.

              Added: July 2018

            • HC-6.6.23

              Before embarking on new or complex products, senior management must identify and review the changes in risk profile arising from these potential new products and ensure that the infrastructure and internal controls necessary to manage any related risks, are in place.

              Added: July 2018

            • HC-6.6.24

              For purposes of paragraphs HC-6.6.22 and HC-6.6.23, senior management must understand the underlying assumptions regarding accounting treatment, business models, valuation and risk management practices. In addition, senior management must evaluate the potential risk exposure if those assumptions fail.

              Added: July 2018

            • HC-6.6.25

              As part of the Board members annual training program, Islamic bank licensees must include training to enable Board members to better analyse risk and question strategic decisions, policy and transactions. Banks must also provide adequate training for all staff across the business units on risk management related matters.

              Added: July 2018

          • Policy, Procedures, Limits and Controls

            • HC-6.6.26

              An Islamic bank licensee's policy and procedures must provide specific guidance for the implementation of broad risk management strategies and must establish, where appropriate, internal limits for the various types of risk to which the bank may be exposed. These limits must consider the bank's role in the financial system and be defined in relation to the bank's capital, total assets, earnings or where adequate measures exist, its overall risk level.

              Added: July 2018

            • HC-6.6.27

              An Islamic bank licensee's policy, procedures and limits must:

              (a) Provide for adequate and timely identification, measurement, monitoring, control and mitigation of all risks, including the risks posed by its lending, investing, trading, securitisation, off-balance sheet, fiduciary and other significant activities at the business line and bank-wide levels;
              (b) Ensure that the economic substance of a bank's risk exposures, including reputational risk and valuation uncertainty, are fully recognised and incorporated into the bank's risk management processes;
              (c) Be consistent with the bank's stated goals and objectives, as well as its overall financial strength;
              (d) Clearly delineate accountability and lines of authority across the bank's various business activities, and ensure there is a clear separation between business lines and the Risk Management function;
              (e) Escalate and address breaches of internal position limits;
              (f) Provide for the review of new businesses and products by bringing together all relevant risk management, control and business lines, to ensure that the bank is able to manage and control the activity, prior to it being initiated; and
              (g) Include a schedule and process for reviewing the policy, procedures and limits, and for updating them as appropriate.
              Added: July 2018

          • Monitoring and Reporting of Risk

            • HC-6.6.28

              An Islamic bank licensee's MIS must provide the Board and senior management with timely and relevant information concerning their risk profile, in a clear and concise manner. This information must include all risk exposures, including those that are off-balance sheet. Senior management must understand the assumptions behind, and limitations inherent in, specific risk measures

              Added: July 2018

            • HC-6.6.29

              Islamic bank licensees must establish appropriate risk management methodologies, tools and models and systems commensurate with the nature and complexity of their business.

              Added: July 2018

            • HC-6.6.30

              Where Islamic bank licensees use models to measure components of risk, they must establish model governance frameworks including regulatory validation and testing.

              Added: July 2018

            • HC-6.6.31

              Islamic bank licensees must have information systems that are adequate (both under normal circumstances and in periods of stress) for measuring, assessing and reporting on the size, composition and quality of exposures on a bank-wide basis across all risk types, products, countries, region, etc. and counterparties. These reports must reflect the bank's risk profile, capital and liquidity needs, and are provided on a timely basis to the bank's Board and senior management. A bank's MIS must be capable of capturing limit breaches, and there must be procedures in place to promptly report such breaches to senior management, as well as to ensure that the appropriate follow-up actions are taken.

              Added: July 2018

            • HC-6.6.32

              The CRO must consistently remind staff, through a regular process under the sponsorship of the CEO, of the risk management requirements and enhance a common understanding of these requirements across the bank in order to create a culture of risk awareness.

              Added: July 2018

          • Independent Review

            • HC-6.6.33

              Islamic bank licensees must ensure that their risk management frameworks are subject to a comprehensive independent review by a third-party consultant, other than their external auditors:

              (a) Upon first implementation of a new or revised module on specific risk management requirements;
              (b) When there are material changes to certain Rulebook requirements and the CBB requires such a review;
              (c) When there are material changes to the business conducted by the bank or its risk profile and the CBB requires such a review; or
              (d) In case of a major failure of controls or major adverse changes in relevant business environment and the CBB requires such a review.
              Amended: January 2022
              Added: July 2018

            • HC-6.6.34

              With regards to HC-6.6.33(a), the relevant modules are the following:

              (a) Module IC;
              (b) Module CA;
              (c) Module DS;
              (d) Module CM;
              (e) Module OM;
              (f) Module ST;
              (g) Module LM; and
              (h) Module RR.
              Amended: January 2022
              Added: July 2018

            • HC-6.6.35

              Resources involved in the independent third-party review must be competent and appropriately trained. The independent third party must not have been previously involved in the development, implementation and operation of the bank’s risk management framework.

              Added: January 2022

            • HC-6.6.36

              The independent review reports must be presented to the Board or a designated committee of the Board. The agreed action planning steps to remedy any material weaknesses must be documented. The independent report together with the action plan must be provided to the CBB within one month of the date of the report.

              Added: January 2022

      • HC-7 HC-7 Communication between Board and Shareholders

        • HC-7.1 HC-7.1 Principle

          • HC-7.1.1

            The Islamic bank licensee must communicate with shareholders, encourage their participation, and respect their rights.

            October 2010

        • HC-7.2 HC-7.2 Conduct of Shareholders' Meetings

          • HC-7.2.1

            The Board must observe both the letter and the intent of the Company Law's requirements for shareholder meetings. Among other things:

            (a) Notices of meetings must be honest, accurate and not misleading. They must clearly state and, where necessary, explain the nature of the business of the meeting;
            (b) Meetings must be held during normal business hours and at a place convenient for the greatest number of shareholders to attend;
            (c) Notices of meetings must encourage shareholders to attend shareholder meetings and, if not possible, to participate by proxy and must refer to procedures for appointing a proxy and for directing the proxy how to vote on a particular resolution. The proxy agreement must list the agenda items and must specify the vote (such as "yes," "no" or "abstain");
            (d) Notices must ensure that all material information and documentation is provided to shareholders on each agenda item for any shareholder meeting, including but not limited to any recommendations or dissents of directors;
            (e) The Board must propose a separate resolution at any meeting on each substantially separate issue, so that unrelated issues are not "bundled" together;
            (f) In meetings where directors are to be elected or removed the Board must ensure that each person is voted on separately, so that the shareholders can evaluate each person individually;
            (g) The chairman of the meeting must encourage questions from shareholders, including questions regarding the Islamic bank licensee's corporate governance guidelines;
            (h) The minutes of the meeting must be made available to shareholders upon their request as soon as possible but not later than 30 days after the meeting; and
            (i) Disclosure of all material facts must be made to the shareholders by the Chairman prior to any vote by the shareholders.
            Amended: April 2011
            October 2010

          • HC-7.2.2

            The Bahraini Islamic bank licensee should require all directors to attend and be available to answer questions from shareholders at any shareholder meeting and, in particular, ensure that the chairs of the audit, remuneration and nominating committees are ready to answer appropriate questions regarding matters within their committee's responsibility (it being understood that confidential and proprietary business information may be kept confidential).

            Amended: April 2016
            October 2010

          • HC-7.2.3

            The Bahraini Islamic bank licensee should require its external auditor to attend the annual shareholders' meeting and be available to answer shareholders' questions concerning the conduct and conclusions of the audit.

            Amended: April 2016
            October 2010

          • HC-7.2.3A

            Bahraini Islamic bank licensees must provide to the CBB, for its review and comment, at least 5 business days prior to communicating with the shareholders or publishing in the press, the draft agenda for any shareholders' meetings referred to in Paragraph HC-7.2.3C.

            Amended: July 2017
            April 2016

          • HC-7.2.3B

            Bahraini Islamic bank licensees must ensure that any agenda items to be discussed or presented during the course of meetings which require the CBB's prior approval, have received the necessary approval, prior to the meeting taking place.

            Added: April 2016

          • HC-7.2.3C

            The Bahraini Islamic bank licensee must invite a representative of the CBB to attend any shareholders' meetings (i.e. ordinary and extraordinary general assembly) taking place. The invitation must be provided to the CBB at least 5 business days prior to the meeting taking place.

            Added: April 2016

          • HC-7.2.3D

            Within a maximum of 15 calendar days of any shareholders' meetings referred to in Paragraph HC-7.2.3C, the Bahraini Islamic bank licensee must provide to the CBB a copy of the minutes of the meeting.

            Added: April 2016

          • HC-7.2.4

            The Islamic bank licensee should maintain a website. The Islamic bank licensee should dedicate a specific section of its website to describing shareholders' rights to participate and vote at each shareholders' meeting, and should post significant documents relating to meetings including the full text of notices and minutes. The Islamic bank licensee may also consider establishing an electronic means for shareholders' communications including appointment of proxies. For confidential information, the Islamic bank licensee should grant a controlled access to such information to its shareholders.

            Amended: April 2017
            October 2010

          • HC-7.2.5

            In notices of meetings at which directors are to be elected or removed the Islamic bank licensee should ensure that:

            (a) Where the number of candidates exceeds the number of available seats, the notice of the meeting should explain the voting method by which the successful candidates will be selected and the method to be used for counting of votes; and
            (b) The notice of the meeting should present a factual and objective view of the candidates so that shareholders may make an informed decision on any appointment to the board.
            Amended: April 2012
            October 2010

        • HC-7.3 HC-7.3 Direct Shareholder Communication

          • HC-7.3.1

            The chairman of the Board (and other directors as appropriate) must maintain continuing personal contact with controllers to solicit their views and understand their concerns. The chairman must ensure that the views of shareholders are communicated to the Board as a whole. The chairman must discuss governance and strategy with controllers. Given the importance of market monitoring to enforce the "comply or explain" approach of this Module, the Board should encourage investors, particularly institutional investors, to help in evaluating the Islamic bank licensee's corporate governance (see also HC-1.2 and 1.3 for other duties of the Chairman).

            October 2010

        • HC-7.4 HC-7.4 Controllers

          • HC-7.4.1

            In Islamic bank licensees with one or more controllers, the chairman and other directors must actively encourage the controllers to make a considered use of their position and to fully respect the rights of minority shareholders (see also HC-1.2 and 1.3 for other duties of the Chairman).

            October 2010

      • HC-8 HC-8 Corporate Governance Disclosure

        • HC-8.1 HC-8.1 Principle

          • HC-8.1.1

            The Islamic bank licensee must disclose its corporate governance.

            October 2010

        • HC-8.2 HC-8.2 Disclosure Under the Company Law and CBB Requirements

          • HC-8.2.1

            In each Islamic bank licensee:

            (a) The Board must adopt written corporate governance guidelines covering the matters stated in this Module and Module PD and other corporate governance matters deemed appropriate by the Board. Such guidelines must include or refer to the principles and rules of Module HC;
            (b) The Islamic bank licensee must publish the guidelines on its website;
            (c) At each annual shareholders' meeting the Board must report on the Islamic bank licensee's compliance with its guidelines and Module HC, and explain the extent if any to which it has varied them or believes that any variance or noncompliance was justified; and
            (d) At each annual shareholders' meeting the Board must also report on further items listed in Module PD. Such information should be maintained on the Islamic bank licensee's website or held at the Islamic bank licensee's premises on behalf of the shareholders.
            Amended: April 2017
            October 2010

          • HC-8.2.2

            The CBB may issue a template as a guide for an Islamic bank licensee's annual meeting corporate governance discussion.

            October 2010

          • Board's Responsibility for Disclosure

            • HC-8.2.3

              The Board must oversee the process of disclosure and communications with internal and external stakeholders. The Board must ensure that disclosures made by the bank are fair, transparent, comprehensive and timely and reflect the character of the bank and the nature, complexity and risks inherent in the bank's business activities. Disclosure policies must be reviewed for compliance with the Central Bank's disclosure requirements (see Chapter PD-1).

              October 2010

      • HC-9 HC-9 The Principles of Islamic Shari'a

        • HC-9.1 HC-9.1 Principle

          • HC-9.1.1

            Banks which refer to themselves as "Islamic" must follow the principles of Islamic Shari'a.

            October 2010

        • HC-9.2 HC-9.2 Governance and Disclosure Per Shari'a Principles

          • HC-9.2.1

            Islamic bank licensees which are guided by the principles of Islamic Shari'a have additional responsibilities to their stakeholders. Islamic bank licensees which refer to themselves as "Islamic" are subject to additional governance requirements and disclosures to provide assurance to stakeholders that they are following Shari'a Principles. In ensuring compliance with Shari'a principles, each Islamic bank licensee must establish an independent Shari'a Supervisory Board consisting of at least three Shari'a scholars and complying with AAOIFI's Governance Standards for Islamic Financial Institutions No.1 and No.2.

            October 2010

          • HC-9.2.2

            The Board shall set up a Corporate Governance Committee (see also Chapter HC-8). In this case, the Committee shall comprise at least three members to co-ordinate and integrate the implementation of the governance policy framework.

            October 2010

          • HC-9.2.3

            In addition to its duties outlined in Chapter HC-3 and Appendix A, the Audit Committee shall communicate and co-ordinate with the Islamic bank licensee's Corporate Governance Committee and the Shari'a Supervisory Board ("SSB") (where applicable) to ensure that information on compliance with Islamic Shari'a rules and principles is reported in a timely manner.

            October 2010

          • HC-9.2.4

            The Corporate Governance Committee established under Chapter HC-9 shall comprise at a minimum of:

            (a) An independent director to chair the Corporate Governance Committee. The Chairman of the Corporate Governance Committee should not only possess the relevant skills, such as the ability to read and understand financial statements, but should also be able to coordinate and link the complementary roles and functions of the Corporate Governance Committee and the Audit Committee;
            (b) A Shari'a scholar who is an SSB member for the purpose of leading the Corporate Governance Committee on Shari'a-related governance issues (if any), and also to coordinate and link the complementary roles and functions of the Corporate Governance Committee and the SSB; and
            (c) An independent director who can offer different skills to the committee, such as legal expertise and business proficiency, which are considered particularly relevant by the Board of directors for cultivating a good corporate governance culture, and deemed "fit and proper" by the CBB.
            October 2010

          • HC-9.2.5

            The Corporate Governance Committee shall be empowered to:

            (a) Oversee and monitor the implementation of the governance policy framework by working together with the management, the Audit Committee and the SSB; and
            (b) Provide the Board of directors with reports and recommendations based on its findings in the exercise of its functions.
            October 2010

          • HC-9.2.6

            All Islamic Bank Licensees must comply with all AAOIFI issued accounting standards as well as applicable Shari'a pronouncements issued by the Shari'a Board of AAOIFI. The Islamic Bank Licensee must have a separate function of Shari'a review to verify compliance with the above. The internal Shari'a review must be carried out in accordance with AAOIFI governance standard No.3. The Shari'a review function may be located in the Internal audit function of the Islamic Bank Licensee.

            October 2010

      • Appendix A Appendix A Audit Committee

        • Committee Duties

          The Committee's duties shall include those stated in Paragraph HC-3.2.1.

          October 2010

        • Committee Membership and Qualifications

          The Committee shall have at least three members. Such members must have no conflict of interest with any other duties they have for the Islamic bank licensee.

          A majority of the members of the committee including the Chairman shall be independent directors.

          The CEO must not be a member of this committee.

          The committee members must have sufficient technical expertise to enable the committee to perform its functions effectively. Technical expertise means that members must have recent and relevant financial ability and experience, which includes:

          (a) An ability to read and understand corporate financial statements including an Islamic bank licensee's balance sheet, income statement and cash flow statement and changes in shareholders' equity;
          (b) An understanding of the accounting principles which are applicable to the Islamic bank licensee's financial statements;
          (c) Experience in evaluating financial statements that have a level of accounting complexity comparable to that which can be expected in the Islamic bank licensee's business;
          (d) An understanding of internal controls and procedures for financial reporting; and
          (e) An understanding of the audit committee's controls and procedures for financial reporting.
          Amended: January 2012
          Amended: April 2011
          October 2010

        • Committee Duties and Responsibilities

          In serving those duties, the Committee shall:

          (a) Be responsible for the selection, appointment, remuneration, oversight and termination where appropriate of the external auditor, subject to ratification by the Islamic bank licensee's Board and shareholders. The external auditor shall report directly to the committee;
          (b) Make a determination at least once each year of the external auditor's independence, including:
          (i) Determining whether its performance of any non-audit services compromised its independence (the committee may establish a formal policy specifying the types of non-audit services which are permissible) and;
          (ii) Obtaining from the external auditor a written report listing any relationships between the external auditor and the Islamic bank licensee or with any other person or entity that may compromise the auditor's independence;
          (c) Review and discuss with the external auditor the scope and results of its audit, any difficulties the auditor encountered including any restrictions on its access to requested information and any disagreements or difficulties encountered with management;
          (d) Review and discuss with management and the external auditor each annual and each quarterly financial statements of the Islamic bank licensee including judgments made in connection with the financial statements;
          (e) Review and discuss and make recommendations regarding the selection, appointment and termination where appropriate of the head of internal audit and head of compliance and the budget allocated to the internal audit and compliance function, and monitor the responsiveness of management to the committee's recommendations and findings;
          (f) Review and discuss the activities, performance and adequacy of the Islamic bank licensee's internal auditing and compliance personnel and procedures and its internal controls and compliance procedures, risk management systems, and any changes in those;
          (g) Oversee the Islamic bank licensee's compliance with legal and regulatory requirements, codes and business practices, and ensure that the bank communicates with shareholders and relevant stakeholders (internal and external) openly and promptly, and with substance of compliance prevailing over form; and
          (h) Review and discuss possible improprieties in financial reporting or other matters, and ensure that arrangements are in place for independent investigation and follow-up regarding such matters;
          (i) The committee must monitor rotation arrangements for audit engagement partners. The audit committee must monitor the performance of the external auditor and the non-audit services provided by the external auditor; and
          (j) The review and supervision of the implementation of, enforcement of and adherence to the bank's code of conduct.
          Amended: October 2012
          Amended: April 2012
          Amended: April 2011
          October 2010

        • Committee Structure and Operations

          The committee shall elect one member as its chair.

          The committee shall meet at least four times a year. Its meetings may be scheduled in conjunction with regularly-scheduled meetings of the entire Board.

          The committee may meet without any other director or any officer of the Islamic bank licensee present. Only the committee may decide if a non-member of the committee should attend a particular meeting or a particular agenda item. Non-members who are not directors of the Islamic bank licensee may attend to provide their expertise, but may not vote. It is expected that the external auditor's lead representative will be invited to attend regularly but that this shall always be subject to the committee's decision.

          The committee must meet with the external auditor at least twice per year, and at least once per year in the absence of any members of executive management.

          The committee shall report regularly to the full Board on its activities.

          October 2010

        • Committee Resources and Authority

          The committee shall have the resources and authority necessary for its duties and responsibilities, including the authority to select, retain, terminate and approve the fees of outside legal, accounting or other advisors as it deems necessary or appropriate, without seeking the approval of the Board or management. The Islamic bank licensee shall provide appropriate funding for the compensation of any such persons.

          October 2010

        • Committee Performance Evaluation

          The committee shall prepare and review with the Board an annual performance evaluation of the committee, which shall compare the committee's performance with the above requirements and shall recommend to the Board any improvements deemed necessary or desirable to the committee's charter. The report must be in the form of a written report provided at any regularly scheduled Board meeting.

          Amended: July 2012
          Amended: April 2012
          October 2010

      • Appendix B Appendix B Nominating Committee

        • Committee Duties

          The committee's duties shall include those stated in Paragraph HC-4.2.1.

          October 2010

        • Committee Duties and Responsibilities

          In serving those duties with respect to Board membership:

          (a) The committee shall make recommendations to the Board from time to time as to changes the committee believes to be desirable to the size of the Board or any committee of the Board;
          (b) Whenever a vacancy arises (including a vacancy resulting from an increase in Board size), the committee shall recommend to the Board a person to fill the vacancy either through appointment by the Board or through shareholder election;
          (c) In performing the above responsibilities, the committee shall consider any criteria approved by the Board and such other factors as it deems appropriate. These may include judgment, specific skills, experience with other comparable businesses, the relation of a candidate's experience with that of other Board members, and other factors;
          (d) The committee shall also consider all candidates for Board membership recommended by the shareholders and any candidates proposed by management;
          (e) The committee shall identify Board members qualified to fill vacancies on any committee of the Board and recommend to the Board that such person appoint the identified person(s) to such committee; and
          (f) Assuring that plans are in place for orderly succession of senior management.

          In serving those purposes with respect to officers the committee shall:

          (a) Make recommendations to the Board from time to time as to changes the committee believes to be desirable in the structure and job descriptions of the officers including the CEO, and prepare terms of reference for each vacancy stating the job responsibilities, qualifications needed and other relevant matters including integrity, technical and managerial competence, and experience;
          (b) Overseeing succession planning and replacing key executives when necessary, and ensuring appropriate resources are available, and minimising reliance on key individuals;
          (c) Design a plan for succession and replacement of officers including replacement in the event of an emergency or other unforeseeable vacancy; and
          (d) If charged with responsibility with respect to Islamic bank licensee's corporate governance guidelines, the committee shall develop and recommend to the Board corporate governance guidelines, and review those guidelines at least once a year.
          Amended: April 2011
          October 2010

        • Committee Structure and Operations

          The committee shall elect one member as its chair.

          The committee shall meet at least twice a year. Its meetings may be scheduled in conjunction with regularly-scheduled meetings of the entire Board.

          October 2010

        • Committee Resources and Authority

          The committee shall have the resources and authority necessary for its duties and responsibilities, including the authority to select, retain, terminate and approve the fees of outside legal, consulting or search firms used to identify candidates, without seeking the approval of the Board or management. The Islamic bank licensee shall provide appropriate funding for the compensation of any such persons.

          October 2010

        • Performance Evaluation

          The committee shall preview and review with the Board an annual performance evaluation of the committee, which shall compare the committee's performance with the above requirements and shall recommend to the Board any improvements deemed necessary or desirable to the committee's charter. The report must be in the form of a written report provided at any regularly scheduled Board meeting.

          Amended: July 2012
          Amended: April 2012
          October 2010

      • Appendix C Appendix C Remuneration Committee

        • Committee Duties

          The committee's duties shall include those stated in Paragraph HC-5.2.1.

          Amended: January 2011
          October 2010

        • Committee Duties and Responsibilities

          In serving those duties the committee shall consider, and make specific recommendations to the Board on, both remuneration policy and individual remuneration packages for the approved persons and other material risk-takers as well as the total variable remuneration to be distributed. This remuneration policy should cover at least:

          (a) The following components:
          (i) Salary;
          (ii) The specific terms of performance-related plans including any stock compensation, stock options, or other deferred-benefit compensation;
          (iii) Pension plans;
          (iv) Fringe benefits such as non-salary perks; and
          (v) Termination policies including any severance payment policies; and
          (b) Policy guidelines to be used for determining remuneration in individual cases, including on:
          (i) The relative importance of each component noted in a) above;
          (ii) Specific criteria to be used in evaluating a senior manager's performance.

          The committee shall evaluate the approved persons and material risk-takers' performance in light of the bank's corporate goals, agreed strategy, objectives and business plans and may consider the Islamic bank licensee's performance and shareholder return relative to comparable Islamic bank licensees, the value of awards to CEOs at comparable Islamic bank licensees, and awards to the CEO in past years.

          The committee should also be responsible for retaining and overseeing outside consultants or firms for the purpose of determining approved persons and material risk-takers' remuneration, administering remuneration plans, or related matters.

          Amended: January 2014
          Amended: April 2011
          October 2010

        • Committee Structure and Operations

          The committee shall elect one member as its chair.

          The committee shall meet at least twice a year. Its meetings may be scheduled in conjunction with regularly-scheduled meetings of the entire Board.

          October 2010

        • Committee Resources and Authority

          The committee shall have the resources and authority necessary for its duties and responsibilities, including the authority to select, retain, terminate and approve the fees of outside legal, consulting or compensation firms used to evaluate the compensation of directors, the CEO or other approved persons, without seeking the approval of the Board or management. The Islamic bank licensee shall provide appropriate funding for the compensation of any such persons.

          October 2010

        • Performance Evaluation

          The committee shall preview and review with the Board an annual performance evaluation of the committee, which shall compare the committee's performance with the above requirements and shall recommend to the Board any improvements deemed necessary or desirable to the committee's charter. The report must be in the form of a written report provided at any regularly scheduled Board meeting.

          Amended: July 2012
          Amended: April 2012
          October 2010

    • AU AU Auditors and Accounting Standards

      • AU-A AU-A Introduction

        • AU-A.1 AU-A.1 Purpose

          • AU-A.1.1

            This Module presents requirements that have to be met by Islamic bank licensees with respect to the appointment of external auditors. This Module also sets out certain obligations that external auditors have to comply with, as a condition of their appointment by Islamic bank licensees.

          • AU-A.1.2

            This Module is issued under the powers given the BMA under Article 41 of the BMA Law 1973. It supplements Article 79 of the BMA Law, which requires licensees to appoint an external auditor acceptable to the BMA.

        • AU-A.2 AU-A.2 Module History

          • Evolution of Module

            • AU-A.2.1

              This Module was first issued as Module AU (Audit Firms) in January 2005, as part of the first release of Volume 2 (Islamic banks) of the BMA Rulebook. It was subsequently reissued in full in July 2006 (and renamed "Auditors and Accounting Standards").

            • AU-A.2.2

              The reissued Module was one of several Modules modified to reflect the introduction of the BMA's new integrated license framework. Although the new framework did not change the substance of the requirements contained in this Module, the Module was re-issued in order to simplify its drafting and layout and align it with equivalent Modules in other Volumes of the BMA Rulebook.

            • AU-A.2.3

              This Module is dated July 2006. Pages that are subsequently changed in this Module are updated with the end-calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            • AU-A.2.4

              A list of changes made to this Module is provided below:

              Module Reference Change Date Description of Changes
              Whole module July 2006 Module renamed as Module AU (Auditors and Accounting Standards). Text redrafted but substance of requirements left unchanged.

          • Superseded Requirements

            • AU-A.2.5

              Circular Ref Date of Issue Module Ref.
              (July 2004 version)
              Circular Subject
              BC/5/82 5 Aug 1982 AU 1.1 Approval of Appointment of Auditors
              ODG/59/99 15 Jul 1999 AU 1.1–AU 1.2 Audit Partners of External Auditors and Reporting Accountants of Locally Incorporated Banks
              PIRI Pack - - - - - AU 1.4, AU 3.7 Prudential Information Returns for Islamic Financial Institutions
              ODG/162/03 (partial) 21 May 2003 AU 1.4–AU 1.4, AU 2.2 Outsourcing
              BS/9/03 (partial) 14 Sep 2003 AU 1.5 Operational Risk Management
              BC/1/97 12 Feb 1997 AU 1.6 Request for Approval for Dividend Distribution
              BC/4/99 (partial) 17 Mar 1999 AU 1.6, AU 3.7 Annual Accounts for the Year Ending 31 December 1999
              14/86 19 Jun 1986 AU 2.1 Auditors' Relationship with Supervisors
              BMA/751/93 (partial) 8 Jul 1993 AU 3.2 Directors' Interest in the Shares of, and the Unaudited Quarterly Financial Statements of, Locally Incorporated Banks Quoted on the Bahrain Stock Exchange.
              BC/1/99 22 Feb 1999 AU 3.3 Enhancing Bank Transparency
              EDBC/6/01 (partial) 14 Oct 2001 AU 3.4 Money laundering Regulation
              BC/6/97 21 Apr 1997 AU 4 Reporting Accountants

      • AU-B AU-B Scope of Application

        • AU-B.1 AU-B.1 Islamic bank Licensees

          • AU-B.1.1

            The contents of this Module — unless otherwise stated — apply to all Islamic bank licensees.

          • AU-B.1.2

            The contents of Chapters AU-1 to AU-4 apply to both Bahraini Islamic bank licensees and overseas Islamic bank licensees.

        • AU-B.2 AU-B.2 Auditors

          • AU-B.2.1

            Certain requirements in this Module extend to auditors, by virtue of their appointment by Islamic bank licensees. Auditors appointed by Islamic bank licensees must be independent (cf. Sections AU-1.4 and AU-1.5). Auditors who resign or are otherwise removed from office must inform the BMA in writing of the reasons for the termination of their appointment (cf. Section AU-1.2). Other requirements are contained in Sections AU-1.3 (Audit partner rotation) and AU-3 (Auditor reports).

      • AU-1 AU-1 Auditor Requirements

        • AU-1.1 AU-1.1 Appointment of Auditors

          • AU-1.1.1

            Islamic bank licensees must obtain prior written approval from the BMA before appointing or re-appointing their auditors.

          • AU-1.1.2

            As the appointment of auditors normally takes place during the course of the firm's annual general meeting, Islamic bank licensees should notify the BMA of the proposed agenda for the annual general meeting in advance of it being circulated to shareholders. The BMA's approval of the proposed auditors does not limit in any way shareholders' rights to subsequently reject the Board's choice.

          • AU-1.1.3

            The BMA, in considering the proposed (re-)appointment of an auditor, takes into account the expertise, resources and reputation of the audit firm, relative to the size and complexity of the licensee. The BMA will also take into account the track record of the audit firm in auditing Islamic bank licensees within Bahrain; the degree to which it has generally demonstrated independence from management in its audits; and the extent to which it has identified and alerted relevant persons of significant matters. Finally, the BMA will also consider the audit firm's compliance with applicable laws and regulations (including legislative Decree No. 26 of 1996; the Ministry of Industry and Commerce's Ministerial Resolution No. 6 of 1998; and relevant Bahrain Stock Exchange regulations).

          • AU-1.1.4

            In the case of overseas Islamic bank licensees, the BMA will also take into account who act as the auditors of the parent firm. As a general rule, the BMA does not favour different parts of a banking firm or group having different auditors.

        • AU-1.2 AU-1.2 Removal or Resignation of Auditors

          • AU-1.2.1

            Islamic bank licensees must notify the BMA as soon as they intend to remove their auditors, with an explanation of their decision, or as soon as their auditors resign.

          • AU-1.2.2

            Islamic bank licensees must ensure that a replacement auditor is appointed (subject to BMA approval as per Section AU-1.1), as soon as reasonably practicable after a vacancy occurs, but no later than three months.

          • AU-1.2.3

            An auditor who resigns or is otherwise removed from the office of auditor must, within 30 days of the resignation or removal, write to the BMA setting out the reasons for the resignation or removal.

        • AU-1.3 AU-1.3 Audit Partner Rotation

          • AU-1.3.1

            Unless otherwise exempted by the BMA, Islamic bank licensees must ensure that the audit partner responsible for their audit does not undertake that function more than five years in succession.

          • AU-1.3.2

            Islamic bank licensees must notify the BMA of any change in audit partner.

        • AU-1.4 AU-1.4 Auditor Independence

          • AU-1.4.1

            Before an Islamic bank licensee appoints an auditor, it must take reasonable steps to ensure that the auditor has the required skill, resources and experience to carry out the audit properly, and is independent of the licensee.

          • AU-1.4.2

            For an auditor to be considered independent, it must, among things, comply with the restrictions in Section AU-1.5.

          • AU-1.4.3

            If an Islamic bank licensee becomes aware at any time that its auditor is not independent, it must take reasonable steps to remedy the matter and notify the BMA of the fact.

          • AU-1.4.4

            If in the opinion of the BMA, independence has not been achieved within a reasonable timeframe, then the BMA may require the appointment of a new auditor.

        • AU-1.5 AU-1.5 Licensee/Auditor Restrictions

          • Financial Transactions with Auditors

            • AU-1.5.1

              Islamic bank licensees must not lend to their auditors, nor enter into any contracts of professional indemnity insurance with their auditors.

          • Outsourcing to Auditors

            • AU-1.5.2

              Section OM-2.7 generally prohibits Islamic bank licensees from outsourcing their internal audit function to the same firm that acts as their external auditors. However, the BMA may allow short-term outsourcing of internal audit operations to an Islamic bank licensee's external auditor, to meet unexpected urgent or short-term needs (for instance, on account of staff resignation or illness). Any such arrangement will normally be limited to a maximum period of one year and is subject to BMA prior approval.

          • Other Relationships

            • AU-1.5.3

              Islamic bank licensees and their auditors must comply with the restrictions contained in Article 217 (c) of the Commercial Companies Law (Legislative Decree No. (21) of 2001).

            • AU-1.5.4

              Article 217(c) prohibits an auditor from (i) being the chairman or a member of the Board of Directors of the company he/she audits; (ii) holding any managerial position in the company he/she audits; and (iii) acquiring any shares in the company he/she audits, or selling any such shares he/she may already own, during the period of his audit. Furthermore, the auditor must not be a relative (up to the second degree) of a person assuming management or accounting duties in the company.

            • AU-1.5.5

              The restriction in Paragraph AU-1.5.3 applies to overseas Islamic bank licensees as well as Bahraini Islamic bank licensees.

            • AU-1.5.6

              A partner, Director or manager on the engagement team of auditing an Islamic bank licensee may not serve on the Board or in a controlled function of the licensee, for two years following the end of their involvement in the audit, without prior authorisation of the BMA.

            • AU-1.5.7

              Chapter HC-2 sets out the BMA's "controlled functions" requirements.

          • Definition of "Auditor"

            • AU-1.5.8

              For the purposes of Section AU-1.5, "auditor" means the partners, Directors and managers on the engagement team responsible for the audit of the Islamic bank licensee.

      • AU-2 AU-2 Access

        • AU-2.1 AU-2.1 BMA Access to Auditors

          • AU-2.1.1

            Islamic bank licensees must waive any duty of confidentiality on the part of their auditors, such that their auditors may report to the BMA any concerns held regarding material failures by the Islamic bank licensee to comply with BMA requirements.

          • AU-2.1.2

            The BMA may, as part of its on-going supervision of Islamic bank licensees, request meetings with a licensee's auditors. If necessary, BMA may direct that the meeting be held without the presence of the licensee's management or Directors.

        • AU-2.2 AU-2.2 Auditor Access to Outsourcing Providers

          • AU-2.2.1

            Rule OM-2.5.1 (c) on outsourcing agreements between Islamic bank licensees and outsourcing providers requires licensees to ensure that their internal and external auditors have timely access to any relevant information they may require to fulfil their responsibilities. Such access must allow them to conduct on-site examinations of the outsourcing provider, if required.

      • AU-3 AU-3 Auditor Reports

        • AU-3.1 AU-3.1 Review of Financial Disclosures

          • AU-3.1.1

            Islamic bank licensees that are required to publish financial disclosures in accordance with Chapters PD-2 and PD-3 must arrange for their external auditors to review these prior to their publication, unless otherwise exempted in writing by BMA.

          • AU-3.1.2

            Chapter PD-2 requires overseas Islamic bank licensees operating as retail banks to publish on semi-annual basis summary information on their balance sheet and profit and loss account, in the same format as their annual audited accounts. Chapter PD-3 requires all locally incorporated Islamic bank licensees to publish quarterly financial statements, in accordance with Financial Accounting Standards (FAS) issued by the Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI). For products and activities not covered by AAOIFI, International Accounting Standards (IAS) should be followed.

        • AU-3.2 AU-3.2 Report on Compliance with Financial Crime Rules

          • AU-3.2.1

            Islamic bank licensees must arrange for their external auditors to report on the licensee's compliance with the requirements contained in Module FC (Financial Crime), at least once a year.

          • AU-3.2.2

            The report specified in Rule AU-3.2.1 must be in the form agreed by BMA, and must be submitted to the BMA within four months of the licensee's financial year-end.

          • AU-3.2.3

            The context to the above requirement can be found in Section FC-4.3.

        • AU-3.3 AU-3.3 Review of Compliance with relevant laws

          • AU-3.3.1

            Islamic bank licensees must arrange for their external auditors to review the bank's compliance with applicable laws and declare, in the auditors report, that no material violations of the following laws and regulations have taken place:

            (a) The Bahrain Commercial Companies Law of 2001;
            (b) The BMA Law 1973; and
            (c) The BMA's licensing conditions, and other rules contained in Volume 2 of the BMA Rulebook.

          • AU-3.3.2

            For the purposes of Rule AU-3.3.1, material violations are violations that have any material impact on the financial statements of the bank.

        • AU-3.4 AU-3.4 Report on material differences

          • AU-3.4.1

            Islamic bank licensees must arrange for their external auditors to provide to the BMA explanations for any material differences in data reported in the bank's audited accounts and in the following reports provided to the BMA:

            (a) Prudential Information Returns for Islamic Banks (PIRI); and
            (b) Monthly Statements of Assets and Liabilities.

        • AU-3.5 AU-3.5 Report on behavioural adjustments

          • AU-3.5.1

            Islamic bank licensees that have been given BMA approval to apply behavioural adjustments to the liquidity data provided in Section E of the PIRI Form, must arrange for their external auditors to verify the supporting data used to support the behavioural adjustments made.

          • AU-3.5.2

            Please refer to Module LM and to Section BR-5.2. Banks that have at least 2 years' worth of supporting data may seek BMA approval to apply behavioural adjustments to certain of their reported liquidity data, instead of reporting contractual maturities.

      • AU-4 AU-4 Accounting Standards

        • AU-4.1 AU-4.1 General Requirements

          • AU-4.1.1

            Islamic bank licensees must comply with Financial Accounting Standards (FAS) issued by the Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI). For products and activities not covered by AAOIFI, International Financial Reporting Standards (IFRS) / International Accounting Standards (IAS) must be followed.

    • GR GR General Requirements

      • GR-A GR-A Introduction

        • GR-A.1 GR-A.1 Purpose

          • GR-A.1.1

            The General Requirements Module presents a variety of different requirements that are not extensive enough to warrant their own stand-alone Module, but for the most part are generally applicable. These include general requirements on books and records; on the use of corporate and trade names; and on controllers. Each set of requirements is contained in its own Chapter: a table listing these and their application to licensees is given in Chapter GR-B.

        • GR-A.2 GR-A.2 Module History

          • Evolution of Module

            • GR-A.2.1

              This Module was first issued in July 2006, with immediate effect, as a new Module aimed at aligning the structure and contents of Volume 2 with other Volumes of the BMA Rulebook. It is dated July 2006. All subsequent changes to this Module are annotated with the end-calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            • GR-A.2.2

              The July 2006 version of Module GR does not introduce new requirements. Rather, it incorporates the record keeping requirements previously contained in Chapter LR-6 of the Licensing and Authorisation Requirement Module (reissued, in July 2006, as the Licensing Module). It also incorporates the requirements relating to controllers, previously contained in Chapter HC-2 of the High-Level Controls Module. Finally, Module GR expands on certain requirements that were previously contained only in the BMA Law 1973, such as the requirement to seek BMA approval for use of a corporate or trading name.

            • GR-A.2.3

              A list of recent changes made to this Module is detailed in the table below:

              Module Ref. Change Date Description of Changes
                   
                   
                   
                   

          • Superseded Requirements

            • GR-A.2.4

              This Module supersedes:

              Circular / other reference Provision Subject
              Module LR (April 2006 version) LR-6: Record Keeping Record keeping requirements were moved to GR-1, and edited down to simplify and avoid duplication of record keeping requirements contained in Module FC.
              Module HC (April 2006 version) HC-2: 'Fit and Proper Requirement' Requirements relating to controllers were moved to GR-5. Remaining 'fit and proper' elements regarding Directors and key employees of licensees were retained in HC-2, in a re-drafted form.
                   

      • GR-B GR-B Scope of Application

        • GR-B.1 GR-B.1 Islamic Bank Licensees

          • License categories

            • GR-B.1.1

              The requirements in Module GR (General Requirements) apply to both retail and wholesale Islamic bank licensees.

          • Bahraini and overseas Islamic bank licensees

            • GR-B.1.2

              The scope of application of Module GR (General Requirements) is as follows:

              Chapter Bahraini Islamic bank licensees Overseas bank licensees
              GR-1 GR-1.1 and GR-1.3 apply to the whole bank; GR-1.2 applies to business booked in Bahrain only. Applies to the Bahrain branch only.
              GR-2 Applies to the whole bank. Applies to the Bahrain branch only.
              GR-3 Applies to the whole bank. Doesn't apply.
              GR-4 Applies to the whole bank. Applies to the Bahrain branch only.
              GR-5 Applies to the whole bank. Applies to the whole bank.
              GR-6 [This chapter has been left blank.] [This chapter has been left blank.]
              GR-7 Applies to the whole bank. Applies to the Bahrain branch only.

            • GR-B.1.3

              In the case of Bahraini Islamic bank licensees, certain requirements apply to the whole bank, irrespective of the location of its business; other requirements apply only in respect to business booked in Bahrain. In the case of overseas Islamic bank licensees, the requirements of Module GR mostly only apply to business booked in the Bahrain branch.

      • GR-1 GR-1 Books and Records

        • GR-1.1 GR-1.1 General Requirements

          • GR-1.1.1

            The requirements in Section GR-1.1 apply to Bahraini Islamic bank licensees, with respect to the business activities of the whole bank (whether booked in Bahrain or in a foreign branch). The requirements in Section GR-1.1 also apply to overseas Islamic bank licensees, but only with respect to the business booked in their branch in Bahrain.

          • GR-1.1.2

            All Islamic bank licensees must maintain books and records (whether in electronic or hard copy form) sufficient to produce financial statements and show a complete record of the business undertaken by a licensee. These records must be retained for at least the minimum period specified under Bahrain law.

          • GR-1.1.3

            GR-1.1.2 includes accounts, books, files and other records (e.g. trial balance, general ledger, nostro/vostro statements, reconciliations and lists of counterparties). It also includes records that substantiate the value of the assets, liabilities and off balance sheet activities of the licensee (e.g. client activity files and valuation documentation). Finally, it includes any email records that are directly related to transactions (such as payment instructions from customers or other third parties).

          • GR-1.1.4

            Bahrain law currently requires corporate records to be retained for at least 5 years (see Ministerial Order No. 23 of 2002, made pursuant to the Amiri Decree Law No. 4 of 2001).

          • GR-1.1.5

            Unless otherwise agreed with the BMA in writing, records must be kept in either English or Arabic; or else accompanied by a certified English or Arabic translation. Records must be kept current. The records must be sufficient to allow an audit of the licensee's business or an on-site examination of the licensee by the BMA.

          • GR-1.1.6

            If a licensee wishes to retain certain records in a language other than English or Arabic without translation, the licensee should write to the BMA, explaining which types of records it wishes to keep in a foreign language, and why systematically translating these may be unreasonable. Generally, only financing contracts or similar original transaction documents may be kept without translation. Where exemptions are granted by BMA, the licensee is nonetheless asked to confirm that it will make available certified translations of such documents, if requested by BMA for an inspection or other supervisory purpose.

          • GR-1.1.7

            Translations produced in compliance with Rule GR-1.1.5 may be undertaken in-house, by an employee or contractor of the licensee, providing they are certified by an appropriate officer of the licensee.

          • GR-1.1.8

            Records must be accessible at any time from within the Kingdom of Bahrain, or as otherwise agreed with the BMA in writing.

          • GR-1.1.9

            Where older records have been archived, or in the case of records relating to overseas branches of Bahraini Islamic bank licensees, the BMA may accept that records be accessible within a reasonably short time frame (e.g. within 5 business days), instead of immediately. The BMA may also agree similar arrangements for overseas Islamic bank licensees, as well as Bahraini Islamic bank licensees, where elements of record retention and management have been centralised in another group company, whether inside or outside of Bahrain.

          • GR-1.1.10

            All original account opening documentation, due diligence and transaction documentation should normally be kept in Bahrain, if the business is booked in Bahrain. However, where a licensee books a transaction in Bahrain, but the transaction documentation is handled entirely by another (overseas) branch or affiliate of the licensee, the relevant transaction documentation may be held in the foreign office, provided electronic or hard copies are retained in Bahrain; the foreign office is located in a FATF member state; and the foreign office undertakes to provide the original documents should they be required.

          • GR-1.1.11

            Licensees should also note that to perform effective consolidated supervision of a group (or sub-group), the BMA needs to have access to financial information from foreign operations of a licensee, in order to gain a full picture of the financial condition of the group: see Module BR (BMA Reporting), regarding the submission of consolidated financial data. If a licensee is not able to provide to the BMA full financial information on the activities of its branches and subsidiaries, it should notify the BMA of the fact, to agree alternative arrangements: these may include requiring the group to restructure or limit its operations in the jurisdiction concerned.

          • GR-1.1.12

            In the case of Bahraini Islamic bank licensees with branch operations overseas, where local record keeping requirements are different, the higher of the local requirements or those contained in this Chapter must be followed.

        • GR-1.2 GR-1.2 Transaction Records

          • GR-1.2.1

            Islamic bank licensees must keep completed transaction records for as long as they are relevant for the purposes for which they were made (with a minimum period in all cases of five years from the date when the transaction was completed). Records of completed transactions must be kept in their original form (whether in hard copy and / or electronic format), for at least five years from the date of the transaction.

          • GR-1.2.2

            For example, if the original documents are paper, they must be kept in their original form. Electronic payments and receipts may be kept electronically without the need for hard copies. The record format selected must be capable of producing complete and accurate financial, management and regulatory reports, and allow monitoring and review of all transactions.

          • GR-1.2.3

            Rule GR-1.2.1 applies to all transactions entered into by a Bahraini Islamic bank licensee, whether booked in Bahrain or in an overseas branch. With respect to overseas Islamic bank licensees, it applies only to transactions booked in the Bahrain branch.

          • GR-1.2.4

            In the case of overseas Islamic bank licensees, Rule GR-1.2.1 therefore only applies to business booked in the Bahrain branch, not in the rest of the company.

        • GR-1.3 GR-1.3 Other Records

          • Corporate Records

            • GR-1.3.1

              Islamic bank licensees must maintain the following records in original form or in hard copy at their premises in Bahrain:

              (a) internal policies, procedures and operating manuals;
              (b) corporate records, including minutes of shareholders', Directors' and management meetings, and Shari'a board meetings;
              (c) correspondence with the BMA and records relevant to monitoring compliance with BMA requirements;
              (d) reports prepared by the Islamic bank licensee's internal and external auditors; and
              (e) employee training manuals and records.

            • GR-1.3.2

              In the case of Bahraini Islamic bank licensees, these requirements apply to the licensee as a whole, including any overseas branches. In the case of overseas Islamic bank licensees, all the requirements of Chapter GR-1 are limited to the business booked in their branch in Bahrain and the records of that branch (see Rule GR-1.1.1). They are thus not required to hold copies of shareholders' and Directors' meetings, and Shari'a board meetings, except where relevant to the branch's operations.

          • Customer Records

            • GR-1.3.3

              Record keeping requirements with respect to customer records, including customer identification and due diligence records, are contained in Module FC (Financial Crime). These requirements address specific requirements under the Amiri Decree Law No. 4 of 2001, the standards promulgated by the Financial Action Task Force, as well as to the best practice requirements of the Basel Committee Core Principles methodology, and its paper on "Customer due diligence for banks".

      • GR-2 GR-2 Corporate and Trade Names

        • GR-2.1 GR-2.1 Vetting of Names

          • GR-2.1.1

            Islamic bank licensees must seek prior written approval from the BMA for their corporate name and any trade names, and those of their subsidiaries located in Bahrain.

          • GR-2.1.2

            GR-2.1.1 applies to overseas Islamic bank licensees only with respect to their Bahrain branch.

          • GR-2.1.3

            Rules GR-2.1.1 and GR-2.1.2 implement the requirements contained in Article 62 of the BMA Law 1973.

          • GR-2.1.4

            In approving a corporate or trade name, the BMA seeks to ensure that it is sufficiently distinct as to reduce possible confusion with other unconnected businesses, particularly those operating in the financial services sector. The BMA also seeks to ensure that names used by unregulated subsidiaries do not suggest those subsidiaries are in fact regulated.

      • GR-3 GR-3 Dividends

        • GR-3.1 GR-3.1 BMA Non-Objection

          • GR-3.1.1

            Bahraini Islamic bank licensees must obtain a letter of no-objection from the BMA to any dividend proposed, before submitting a proposal for a distribution of profits to a shareholder vote.

          • GR-3.1.2

            The BMA will grant a no-objection letter where it is satisfied that the level of dividend proposed is unlikely to leave the licensee vulnerable — for the foreseeable future — to breaching the BMA's capital requirements, taking into account (as appropriate) trends in the licensee's business volumes, expenses, overall performance and the adequacy of provisions against impaired loans or other assets.

          • GR-3.1.3

            To facilitate the prior approval required under Paragraph GR-3.1.1, Islamic bank licensees subject to GR-3.1.1 should provide the BMA with a copy of the proposed agenda for the annual general meeting or other special meeting, noting the licensee's intended declared dividends for the coming year.

          • GR-3.1.4

            Islamic bank licensees must also comply with the provisions contained in Articles 72 to 75 of the BMA Law 1973.

      • GR-4 GR-4 Asset / Liability Transfers

        • GR-4.1 GR-4.1 BMA Approval

          • GR-4.1.1

            Islamic bank licensees must seek prior written approval from the BMA before transferring assets or liabilities of a material nature to a third party, except where such transfers are effected within the normal scope of the bank's operations.

          • GR-4.1.2

            Rule GR-4.1.1 is intended to apply to circumstances where a bank wishes to sell part of its business or a portfolio to a third party, or is undertaking winding up proceedings. It implements the provisions contained in Article 65(A)(2) of the BMA Law 1973.

          • GR-4.1.3

            For the purposes of Rule GR-4.1.1, assets or liabilities of a material nature would be assets or liabilities that comprise 5% or more of the total assets or liabilities of the bank concerned, and any amounts placed with the banks through investment accounts and safe-keeping accounts.

          • GR-4.1.4

            In the case of a Bahraini Islamic bank licensee, Chapter GR-4 applies to its assets and liabilities booked in Bahrain and in the bank's overseas branches. In the case of an overseas Islamic bank licensee, Chapter GR-4 applies only to assets and liabilities booked in the bank's Bahrain branch.

          • GR-4.1.5

            Islamic banks intending to apply to transfer assets or liabilities are advised to contact the BMA at the earliest possible opportunity, in order that the BMA may determine the nature and level of any documentation to be provided and the need for an auditor or other expert opinion to be provided. The BMA will grant its permission where the transfer will have no negative impact on the financial soundness of the bank, and does not otherwise compromise the interests of the bank's investment accounts holders, depositors and creditors. In all cases, the BMA will only grant its permission where the institution acquiring the assets or investment account/deposit liabilities holds the appropriate regulatory approvals and is in good regulatory standing.

      • GR-5 GR-5 Controllers

        • GR-5.1 GR-5.1 Key Provisions

          • GR-5.1.1

            Condition 3 of BMA's licensing conditions specifies, amongst other things, that Islamic bank licensees must satisfy the BMA that their controllers are suitable and pose no undue risks to the licensee. (See Paragraph LR-2.3.1.)

          • GR-5.1.2

            Applicants for an Islamic bank license must provide details of their controllers, by submitting a duly completed Form 2 (Application for authorisation of controller). (See sub-paragraph LR-3.1.5(a).)

          • GR-5.1.3

            Islamic bank licensees must obtain prior approval from the BMA for any of the following changes to its controllers (as defined in Section GR-5.2):

            (a) a new controller;
            (b) an existing controller increasing its holding from below 20% to above 20%;
            (c) an existing controller increasing its holding from below 33% to above 33%;
            (d) an existing controller increasing its holding from below 50% to above 50%; and
            (e) an existing controller increasing its holding from below 75% to above 75%.

          • GR-5.1.4

            For approval under Paragraph GR-5.1.3 to be granted, the BMA must be satisfied that the proposed increase in control poses no undue risks to the licensee. A duly completed Form 2 (Controllers) must be submitted as part of the request for a change in controllers.

          • GR-5.1.5

            If, as a result of circumstances outside the Islamic bank licensee's knowledge and/or control, one of the changes specified in Paragraph GR-5.1.3 is triggered prior to BMA approval being sought or obtained, the Islamic bank licensee must notify the BMA as soon as it becomes aware of the fact and no later than 7 days.

          • GR-5.1.6

            Islamic bank licensees are encouraged to notify the BMA as soon as they become aware of events that are likely to lead to changes in their controllers. The criteria by which the BMA assesses the suitability of controllers are set out in Section GR-5.3. The BMA aims to respond to requests for approval within 30 calendar days. The BMA may contact references and supervisory bodies in connection with any information provided to support an application for controller. The BMA may also ask for further information, in addition to that provided in Form 2, if required to satisfy itself as to the suitability of the applicant.

          • GR-5.1.7

            Islamic bank licensees must submit, within 3 months of their financial year-end, a report on their controllers. This report must identify all controllers of the licensee, as defined in Section GR-5.2.

        • GR-5.2 GR-5.2 Definition of Controller

          • GR-5.2.1

            A controller of an Islamic bank licensee is a natural or legal person who:

            (a) holds 10% or more of the shares in the licensee ("L"), or is able to exercise (or control the exercise) of more than 10% of the voting power in L; or
            (b) holds 10% or more of the shares in a parent undertaking ("P") of L, or is able to exercise (or control the exercise) of more than 10% of the voting power in P; or
            (c) is able to exercise significant influence over the management of L or P.

          • GR-5.2.2

            For the purposes of Paragraph GR-5.2.1, "person" means the person ("H") or any of the person's associates, where associate includes:

            (a) the spouse, child or stepchild of H;
            (b) an undertaking of which H is a Director;
            (c) a person who is an employee or partner of H;
            (d) if H is a corporate entity, a Director of H, a subsidiary of H, or a Director of any subsidiary undertaking of H.

          • GR-5.2.3

            Associate also includes any other person or undertaking with which the person H has entered into an agreement or arrangement as to the acquisition, holding or disposal of shares or other interests in the Islamic bank licensee, or under which they undertake to act together in exercising their voting power in relation to the Islamic bank licensee.

        • GR-5.3 GR-5.3 Suitability of Controllers

          • GR-5.3.1

            A controller of an Islamic bank licensee must satisfy the BMA of his suitability.

          • GR-5.3.2

            In assessing the suitability of controllers who are natural persons, BMA has regard to their professional and personal conduct, including, but not limited to, the following:

            (a) the propriety of a person's conduct, whether or not such conduct resulted in conviction for a criminal offence, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;
            (b) a conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;
            (c) any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;
            (d) whether the person has been the subject of any disciplinary proceeding by any government authority, regulatory agency or professional body or association;
            (e) the contravention of any financial services legislation or regulation;
            (f) whether the person has ever been refused a license, authorisation, registration or other authority;
            (g) dismissal or a request to resign from any office or employment;
            (h) disqualification by a court, regulator or other competent body, as a Director or as a manager of a corporation;
            (i) whether the person has been a Director, partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners have been declared bankrupt whilst the person was connected with that partnership;
            (j) the extent to which the person has been truthful and open with regulators; and
            (k) whether the person has ever been adjudged bankrupt, entered into any arrangement with creditors in relation to the inability to pay due debts, or failed to satisfy a judgement debt under a court order.

          • GR-5.3.3

            In addition, the following criteria are also taken into consideration:

            (a) the financial resources of the person and the likely stability of their shareholding;
            (b) existing directorships or ownership of more than 20% of the capital or voting rights of any financial institution in the Kingdom of Bahrain or elsewhere, and the potential for conflicts of interest that such directorships or ownership may imply;
            (c) the interests of depositors, creditors and shareholders of the licensee; and
            (d) the interests of Bahrain's banking and financial sector.

          • GR-5.3.4

            In assessing the suitability of corporate controllers, BMA has regard to their financial standing, judicial and regulatory record, and standards of business practice and reputation, including, but not limited to, the following:

            (a) the financial strength of the controller, its parent(s) and other members of its group, its implications for the Islamic bank licensee and the likely stability of the controller's shareholding;
            (b) whether the controller or members of its group have ever entered into any arrangement with creditors in relation to the inability to pay due debts;
            (c) the controller's jurisdiction of incorporation, location of Head Office, group structure and close links, and the implications for the Islamic bank licensee as regards effective supervision of the Islamic bank licensee and potential conflicts of interest;
            (d) the controller's (and other group members') propriety and general standards of business conduct, including the contravention of any laws or regulations, or the institution of disciplinary proceedings by a government authority, regulatory agency or professional body;
            (e) any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct;
            (f) any criminal actions instigated against the controller or other members of its group, whether or not this resulted in an adverse finding; and
            (g) the extent to which the controller or other members of its group have been truthful and open with regulators and supervisors.

          • GR-5.3.5

            In addition, the following criteria are also taken into consideration:

            (a) the interests of investment account holders, depositors, creditors and shareholders of the licensee; and
            (b) the interests of Bahrain's banking and financial sector.

        • GR-5.4 GR-5.4 Approval Process

          • GR-5.4.1

            Following receipt of an approval request under Paragraph GR-5.1.3, the BMA will issue a written notice of objection if it is not satisfied that the person concerned is suitable to become a controller of the Islamic bank licensee. The notice of objection will specify the reasons for the objection and specify the applicant's right of appeal.

          • GR-5.4.2

            Notices of objection have to be approved by an Executive Director of the BMA. The applicant has 30 calendar days from the date of the notice in which to make written representations. The BMA then has 30 calendar days from the date of the representation in which to consider any mitigating evidence submitted and make a final determination. See Module EN (Enforcement).

          • GR-5.4.3

            Where a person has become a controller by virtue of his shareholding in contravention of Paragraph GR-5.1.3, or a notice of objection has been served to him under Paragraph GR-5.4.1 and the period of appeal has expired, the BMA may, by notice in writing served on the person concerned, direct that his shareholding shall, until further notice, be subject to all or any of the following restrictions:

            (a) no voting right shall be exercisable in respect of those shares; and
            (b) except in a liquidation, no payment shall be made of any sum due on the shares from the Islamic bank licensee, whether in respect of capital, dividend or otherwise.

      • GR-6 [This Chapter has been left blank.]

        [This page has been left blank.]

      • GR-7 GR-7 Suspension of Business

        • GR-7.1 GR-7.1 BMA Approval

          • GR-7.1.1

            An Islamic bank licensee wishing to suspend its operations and liquidate its business must notify the BMA in writing at least six months in advance of its intended suspension, setting out how it proposes to do so and, in particular, how it will treat any Shari'a money placements/deposits, and investment accounts, that it holds.

          • GR-7.1.2

            The notice period under Rule GR-7.1.1 is a statutory requirement, specified in Article 91 of the BMA Law 1973. Article 91, however, also provides for the notice period to be reduced, by prior agreement with the BMA, if in the BMA's view the rights of depositors are safeguarded.

          • GR-7.1.3

            If the Islamic bank licensee wishes to transfer assets or liabilities to a third party, it must comply with the requirements contained in Chapter GR-4.

          • GR-7.1.4

            If the Islamic bank licensee wishes to liquidate its business, the BMA will revise its license to restrict the firm from entering into new business. The licensee must continue to comply with all applicable BMA requirements until such time as it is formally notified by the BMA that its obligations have been discharged and that it may surrender its license.

          • GR-7.1.5

            An Islamic bank licensee in liquidation must continue to meet its contractual and regulatory obligations to depositors, other clients and creditors.

          • GR-7.1.6

            Once the Islamic bank licensee believes that it has discharged all its remaining contractual obligations to investment account holders, depositors, clients and creditors, it must publish a notice in two national newspapers in Bahrain approved by the BMA (one being in English and one in Arabic), stating that is has settled all its dues and wishes to leave the market.

          • GR-7.1.7

            The notice referred to in Paragraph GR-7.1.6 must include a statement that written representations concerning the liquidation may be sent to the BMA before a specified day, which shall not be earlier than sixty days after the day of the first publication of the notice. The BMA will not decide on the application until after considering any representations made to the BMA before the specified day.

          • GR-7.1.8

            If no objections to the liquidation are upheld by the BMA, then the BMA may issue a written notice of approval for the surrender of the license.

      • GR-8 GR-8 BMA Fees

        • GR-8.1 GR-8.1 Annual License Fees

          • GR-8.1.1

            Islamic bank licensees must pay the relevant annual license fee to the BMA, upon the issuance of their license and thereafter on 1 January each year. The annual license fee charged upon issuance of a license is charged on a pro-rata basis, proportionate to the period remaining between the issuance of the license and the end of the calendar year in question (subject to a minimum charge of BD 1,000).