Business Standards
BC BC Business and Market Conduct
BC-A BC-A Introduction
BC-A.1 BC-A.1 Purpose
BC-A.1.1
The purpose of this module is to lay down rules and guidelines that lay down the regulations and provide guidance on best practices that the banks should adhere to in relation to business and market conduct.
BC-A.1.2
This module provides support for certain other parts of the Rulebook, mainly:
(a) Principles of Business;(b) Audit Firms;(c) Public Disclosure;(d) High Level Controls;(e) Enforcement; and(f) BMA Reporting Requirements.BC-A.1.3
This module also provides support for certain aspects relating to business and market conduct in the Bahrain Commercial Companies Law of 2001 (as amended).
BC-A.2 BC-A.2 Key requirements
Promotion of financial products and services
BC-A.2.1
The Agency should be sent copies of documentation relating to promotional schemes at least ten days prior to their launch for information purposes.
BC-A.2.2
All documentation concerning promotional schemes should be in Arabic and English and, if relevant, any other language necessary for customers to fully understand and appreciate their terms and conditions. Such terms and conditions, including any related advertising, need to be clear, concise, truthful, unambiguous and complete so as to enable customers to make a fully informed decision.
Code of conduct for bank dealers and foreign exchange and money brokers in the interbank market
BC-A.2.3
Management of banks and money brokers are responsible for ensuring that their institutions are in full compliance with the Code.
BC-A.2.4
Brokers should pass details verbally, and principals be prepared to receive them, normally within a few minutes after deals have been concluded.
Disclosure of information about individual accounts
BC-A.2.5
Banks should not publish or release information to third parties concerning the accounts or activities of their individual customers, unless:
(a) such information is requested by an authorised official from the BMA or by an order from the Courts; or(b) the release of such information is approved be the customer concerned.Minimum balance and charges on saving investment accounts
BC-A.2.6
Banks may impose no more than a monthly charge of BD 1 when the monthly weighted average balance for saving investment accounts for individuals falls below BD 20 (or equivalent in other currencies).
BC-A.2.7
Orphans, widows, pensioners, individuals receiving social subsidies from the Ministry of Labour & Social Affairs, students and Bahraini nationals with a monthly salary below BD 250 should be exempted from maintaining the above minimum balance requirement for saving investment accounts.
Disclosure of charges
BC-A.2.8
Banks should also ensure that each customer is in receipt of its current list of charges. The list should specify standard charges and commissions that will be applied by the bank to individual services and transactions and to specific areas of business.
Accounts held for clubs and societies in Bahrain
BC-A.2.9
The FCB is requested to notify GOYS when any club or society registered with GOYS requests the opening of an account with the bank.
Current accounts
BC-A.2.10
FCBs levying fees on their low-balance customer current accounts, are required by the Agency to apply such fees to average balances when these fall below a prescribed level during a specified period.
Notification to the Agency on introduction of new or expanded customer products and facilities
BC-A.2.11
All full commercial banks are required to consult the Agency before the introduction of any new or expanded customer products and facilities.
Penalty system for dishonoured cheques
BC-A.2.12
On the first working day of each calendar month, each FCB will provide to the Agency a list of the names, supported with I.D. numbers (CPR or CR numbers (as applicable) for Bahrain
residents , Passport or CR-equivalent numbers (as applicable) for non-Bahrain residents) of those customers to whom one (or more) written warning(s) has been sent in accordance with section BC-5.1 during the immediately preceding calendar month.BC-A.2.13
Concerned FCB(s) will be required not to provide current account facilities to the abuser of cheques for the twelve calendar month period immediately following the date of issue of the relevant list (as mentioned in section BC-5.1) by the Agency. All other FCBs should, within a maximum period of one month after the issue of the relevant list, also withdraw current account facilities from that abuser of cheques for the same twelve calendar month period.
General guidance on administration of dishonoured cheques
BC-A.2.14
FCBs which wish to issue cheque guarantee cards for an amount not exceeding BD 200 may do so – subject to informing the Director of Banking Services at the Agency of their intention and the arrangements governing the issue of such cards.
Penalty charges on dishonoured cheques
BC-A.2.15
The Agency will impose penalty charges of BD 5 (five Bahraini Dinars) on each returned cheque for the reasons of 'Refer to Drawer', 'Not Arranged For', 'Re-present', and 'Account Closed'.
BC-A.2.16
FCBs will be entitled to charge customers no more than BD 10 (ten Bahraini Dinars) in respect of each dishonoured cheque.
Installation of an off-site ATM in Bahrain
BC-A.2.17
FCBs wishing to install an off-site ATM must submit an application (in writing) for the BMA's (Executive Director of Financial Institutions Supervision) approval. This application must be accompanied by a copy of a feasibility study for that particular ATM, as well as such other information as the BMA may request. In particular, a copy of the written permission (for installation of that off-site ATM) of the legal owner of the proposed location must be provided to the Agency, as well as a copy of the written permission of any other relevant authorities in this context (e.g. the Traffic & Licensing and Civil Defence & Fire Service Directorates of the Ministry of Interior).
GCC ATM network charges
BC-A.2.18
The Agency requires that the charges on such customer withdrawals and other ATM services should not exceed BD 1 (one Bahraini Dinar) per transaction.
Minimum terms and conditions
BC-A.2.19
All Mudaraba contracts entered into by a bank (whether new or renewed contracts) should meet the standards referred to under paragraph BC-7.1.1.
BC-A.2.20
Banks must have a policy statement as to the policies and procedures in place to safeguard the interest of the PSIA holders. The banks must agree the Policy Statement with the Agency before 20 January 2002.
Margin Trading System
BC-A.2.21
FCBs may write to the Agency to obtain approval to provide margin trading facilities to their customers. FCBs must follow the rules and guidance in Chapter BC-8.
BC-A.3 BC-A.3 Regulation history
BC-A.3.1
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
BC-A.3.2
The most recent changes made to this module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes BC-4.6 01/10/05 Streamlined requirements for new products BC-8 01/04/06 Margin trading rules and guidance Effective date and evolution of the Module
BC-A.3.3
Prior to the Rulebook, the Agency had issued various circulars covering different aspects of Business and Market Conduct. These circulars have now been consolidated into this module. The contents of this module are effective from the date depicted in the original circulars listed below or from the dates indicated in paragraph BC-A.3.2 above:
Circular Ref. Date of Issue Module Ref. Circular Subject EDBC/73/96 1 May 1996 BC-1.1 Explanatory note on the promotion of Banking and Financial Products offered in/from Bahrain by Means of Incentives etc. BS.C7/91/442 10 Sep 1991 BC-1.1 Promotion of Banking Services 85/25 2 May 1985 BC-2 Code of Conduct for Foreign Exchange Dealers and Brokers 83/5 10 Apr 1983 BC-3 Disclosure of Information about Individual Accounts BS.C7/90/34 31 Jan 1990 BC-4.2 Dinar Certificates of Deposits EDBO/51/02 2 Apr 2002 BC-4.2 Charges to Customers BC/5/00 8 Mar 2000 BC-4.3 Accounts held for Clubs and Societies in Bahrain BSD(111)/94/1507 24 Sep 1994 BC-4.4 Fees on Current Accounts BC/2/01 3 Mar 2001 BC-4.5 Brokerage Fees in Bahrain ODG/145/92 18 Aug 1992 BC-4.6 New or expanded products and facilities in the Retail Banking Field EDBO/46/03 8 Apr 2003 BC-4.7 Inheritance — Financial Procedures EDBO/27/96 25 Sep 1996 BC-5.1 Regulation Relating to a Penalty System for "Dishonoured Cheques" OG/399/94 28 Nov 1994 BC-5.2 Returned Cheques EDBO/49/01 6 May 2001 BC-5.3 Penalty Charges on Returned Cheques BC/8/98 24 May 1998 BC-6.1 Off-site ATMs EDBO/45/02 13 Mar 2002 BC-6.2 GCC ATM Network Charges EDBC/105/96 26 June 1996 BC-7 Mudaraba Contracts — Minimum Terms and Conditions BS/11/2004 10 August 2004 BC-4 Bank Charges on Savings Accounts
BC-1 BC-1 Promotion of financial products and services
BC-1.1 BC-1.1 Promotion of financial products and services offered in/from Bahrain by mean of incentives etc.
Introduction
BC-1.1.1
The purpose of the content of this section is to set out regulations pertaining to the promotion of banking/financial products offered in/from Bahrain by means of incentives etc. (herein referred to as 'promotional schemes').
BC-1.1.2
The Agency has no objection to the use of promotional schemes in general and, unless it otherwise specifically directs in any particular case, the Agency does not expect to be actively consulted/have its approval sought about the idea and/or substance of any promotional schemes. The Agency should, however, be sent copies of documentation relating to promotional schemes at least ten days prior to their launch for information purposes.
BC-1.1.3
The Agency will monitor promotional schemes and, if thought appropriate in the interests of a bank or other financial institution (together herein referred to as 'institutions') and its customers in particular and/or the financial sector in general, may issue specific guidance in certain cases. Institutions should feel free to consult the Agency at any time regarding any matters referred to in the explanatory note set out in this section.
General requirements
BC-1.1.4
Institutions should take care to ensure that promotional schemes do not involve a breach of Bahrain law or any other relevant applicable law, regulation or international practice. In addition, promotional schemes should not in any way be detrimental to the public good or public morals.
BC-1.1.5
While there is to be no formal restriction on the types of incentive which may be used by institutions, care should be taken to ensure that promotional schemes do not negatively affect the integrity, reputation, good image and standing of Bahrain and/or its financial sector, and do not detrimentally affect Bahrain's economy.
BC-1.1.6
Bearing in mind the reputation of, and the requirement to develop, the financial sector in Bahrain, as well as the need to act at all times in the best interests of the customer, institutions need to take adequate care to ensure that promotional schemes do not unreasonably divert the attention of the public from other important considerations in choosing an institution or a banking/financial product.
BC-1.1.7
All documentation concerning promotional schemes should be in Arabic and English and, if relevant, any other language necessary for customers to fully understand and appreciate their terms and conditions. Such terms and conditions, including any related advertising, need to be clear, concise, truthful, unambiguous and complete so as to enable customers to make a fully informed decision.
BC-1.1.8
Customers to whom promotional schemes are directed should enjoy equal opportunity in terms of access to, and treatment within, such schemes.
BC-1.1.9
No costs (including funding costs), charges or levies associated with promotional schemes should be concealed from prospective customers.
BC-1.1.10
Full and complete records should be maintained for promotional schemes, particularly where raffles/lotteries etc. are concerned.
BC-1.1.11
Any raffles/lotteries etc. held as part of promotional schemes should be independently monitored (e.g. by the institution's external auditor) and adequate systems put in place to ensure fair play and impartiality.
BC-1.1.12
An appropriate system should also exist for informing participants of the results of a raffle/lottery without delay. Institutions should note that raffles/lotteries etc. may be subject to rules and requirements (including prior authorisation/approval) laid down by the Ministry of Commerce.
BC-1.1.13
Institutions may use small 'gifts' as an inducement to members of the public to use banks' services, provided such gifts are offered on a general basis and have a low monetary value.
BC-1.1.14
Finally, due note should be taken of the overriding provisions of Bahrain (and any other relevant) law in relation to institutions' duties to customers to the extent (if any) that promotional schemes might impact on such duties.
BC-2 BC-2 Code of conduct for bank dealers and foreign exchange and money brokers in the interbank market
BC-2.1 BC-2.1 Introduction
BC-2.1.1
The Code of Conduct which is prepared in cooperation with the Bankers' Society of Bahrain and the foreign exchange brokers, provide rules in respect of certain kinds of practice which experience has shown may cause difficulty and may jeopardise the good standing of the Bahrain market. Management of banks and money brokers are responsible for ensuring that their institutions are in full compliance with the Code.
BC-2.1.2
Every broker and dealer shall at all times comply with the criteria in respect to market practice, integrity and conduct. Failure to comply with such criteria will be regarded as a serious offence by the BMA, which reserves the right to investigate any complaints brought to its attention. All participants should adhere to the spirit as well as to the letter of the Code.
BC-2.1.3
The code is shown in full, although many paragraphs are not strictly relevant for Islamic banks. Treasury staff should refer to the relevant paragraphs as appropriate.
BC-2.2 BC-2.2 Market terminology and definitions
BC-2.2.1
The use of generally accepted precise terminology should reduce misunderstandings and frustration, and to this end Appendix BC 5 sets out, without claiming to be exhaustive, accepted market terminology and definitions.
BC-2.2.2
For the purpose of this chapter, the following definitions apply:
(a) 'Broker' means a money and foreign exchange broker who is authorised by the BMA to operate in Bahrain.(b) 'Principal' means a party undertaking a transaction through a broker.(c) 'Bank' means any institution, holding a banking license.BC-2.3 BC-2.3 Confidentiality and market practice
BC-2.3.1
Confidentiality is vital for the preservation of a reputable and efficient market. Accordingly, the exchange of confidential information in respect of third parties is forbidden.
BC-2.3.2
The rules which follow are not intended to define exhaustively the obligations of dealers and brokers but set down specific ways in which confidentiality should be safeguarded and operations should be conducted.
(a) Use of phrases and terms likely to identify the name of the principal should be avoided at all times.(b) In foreign exchange transactions brokers should not disclose the name of the principal until the deal is being closed.
A broker asking for a specific support price should be prepared to qualify the principal in terms of geographical location, by country or by region when the broker genuinely believes it will enable business to be concluded satisfactorily to the benefit of both broker and principal.(c) Indeposit transactions, brokers should not disclose the name of the borrower until the broker is satisfied that the potential lender seriously intends to do business. Once a lender has asked for the identity of the borrower ('Who pays?'), the lender is committed to do business at the rate quoted with an acceptable name, until the lending bank takes the broker 'off' or puts himself under reference. In the event of the first disclosed name being unacceptable to the lender, the lender will be prepared to check other acceptable names provided that such names are shown to the lender by the broker within a reasonable amount of time, which should be stipulated if necessary.(d) In the deposit market, banks should whenever possible give brokers prior indication of those categories of principals and of any centers and areas with which they would be unwilling to do business, in order that the smooth operation of markets be facilitated and frustration be minimized. Lenders should indicate the amounts they are prepared to place with particular categories of borrower. Brokers should classify bids with an indication of the type and quality of names they are in a position to pass.(e) Practices whereby banks reject a succession of names in order to assess the market and brokers offer banks deals which have no chance of being concluded, merely in order to establish their interest, are totally unacceptable.(f) A principal is urged whenever possible to specify to a broker the rate, the amount, the currency, and the period of his requirements. The principal shall be willing to deal in a marketable amount with acceptable names and shall remain bound so to deal at the quoted rate unless either the broker is:(i) informed otherwise at the time of acceptance, or(ii) a time limit was placed (for example, 'Firm for one minute only').A broker who quotes a firm rate without qualification shall be prepared to deal at the rate, in a marketable amount. A broker, if quoting only the basis of one or two names shall qualify his quotation, e.g., 'one small offeror — only two names paying'. The broker should indicate whether prices are firm or simply for guidance and, if requested by the principal, should be willing to indicate the amount involved. Further he should confirm with banks at reasonable intervals that their interest is still firm.
It is the responsibility of the principal to ensure the broker is made aware of any circumstances which materially affect the validity of the order placed with the broker.(g) A principal, by selecting to 'put a broker on' is deemed to have a serious intention of completing business, and should allow the broker sufficient time to quote the principal's interest to a potentialcounterparty with a view to doing business. In quantifying a 'sufficient time' factors such as the currency, market conditions and communication systems employed, should be taken into account.(h) A broker is held responsible for advising a principal on every occasion that hisdeposit rates are being checked by a potentialcounterparty . This action should help minimise the occasional difficulties that arise when a principal 'takes a broker off' simultaneously to having his prices checked.
Whenever possible and subject to market conditions, a bank in the deposit market should, before he 'takes a broker off' either a single order or several orders, check whether the broker is already committed to deal on his behalf.(i) 'Under reference' orders placed by banks with brokers without having first being placed as 'firm', are to be discouraged. Firm orders which are later qualified by a request to 'put me under reference' indicate a principal's weakening desire to conclude business with that broker. 'Under reference' orders should not be left with a broker for more than a few minutes. A principal must ensure that the broker has the opportunity frequently to check the validity of an 'under reference' order.(j) No person may visit the dealing room of any broker or any bank except with the consent of a Manager or Director of that institution. A broker shall not in any circumstances permit any visitors from a bank to deal for his bank in the dealing room of that broker.(k) Management of banks should issue clear directions to staff on the monitoring, control and recording of 'after hours' dealing from premises other than bank dealing rooms. All deals of this kind must be properly authorised and confirmed.(l) A bank dealer shall not apply unfair pressure upon a broker to pass information which it would be improper for the broker to pass. Unfair pressure would for example include a statement made in any form that a failure to co-operate would lead to reduction in the business given by the principal or by other principals to the broker.(m) A principal should not place an order with a broker solely with the intention of finding out the name of a counterparty, who can be contacted directly with a view to concluding further deals.(n) Management of banks and brokers should lay down clear directions to staff on the extent to which dealing in foreign exchange ordeposit for personal account is permitted. Any such dealing must be strictly controlled.(o) Care should be taken over the positioning of 2-way loudspeakers in dealing rooms.(p) Brokers and dealers should inform each other if conversations are being recorded. The use of such equipment is encouraged as a sensible means of enabling any subsequent disputes and differences to be settled.BC-2.4 BC-2.4 Passing of details
BC-2.4.1
The passing and recording of details form an essential part of the transaction and the possibility of errors and misunderstanding is increased by delay and by the passing of details in batches. Brokers should pass details verbally, and principals be prepared to receive them, normally within a few minutes after deals have been concluded.
BC-2.4.2
When arranging and passing details on forward contracts in foreign exchange, banks and brokers must ensure that the rate applied to the spot end of the transaction bears a close relationship to the spot rate at the time the deal was concluded.
BC-2.5 BC-2.5 Confirmations
BC-2.5.1
Written confirmation by a broker is the final check on the details of the transaction. The handling of confirmations must take account of the desire of brokers to have a realistic time-limit placed on their liability for differences. There is an obligation on recipients to check such confirmations. Initial confirmations should be sent out by telex without delay, and at the latest by close of business on the same working day. They should be followed up by written confirmation, normally hand-delivered and receipted before close of business on the following working day.
BC-2.5.2
Banks must check all confirmations carefully upon receipt so that discrepancies shall be quickly revealed and differences minimised. Principals shall also make enquiries of brokers about particular confirmations which have not been received within an appropriate time (as above) or about any changes in contract terms.
BC-2.5.3
In the case of deals where a bank pays against telex confirmation, the broker remains liable for differences until receipt of written confirmation is provided by the bank.
BC-2.6 BC-2.6 Differences and disputes
BC-2.6.1
The majority of differences payable by brokers arise from errors occurring in payment or repayment instructions. They also arise from a broker, having in good faith indicated a firm rate, being unable to substantiate his quotation.
BC-2.6.2
Any differences deemed payable by a broker to a bank (or by a bank to a broker) should be settled as soon as possible. The parties should provide each other with documents, setting out the exact details of and circumstances surrounding the deal.
BC-2.6.3
It is acknowledged that differences are sometimes paid by 'points'. The management of broking firms should always ensure that this practice is strictly controlled and monitored.
BC-2.6.4
All differences settled by direct payment should be advised in writing by the broker to the Director of Reserve Management, BMA, (copied to the Bank) indicating the amount paid and the other party's name. The BMA reserves the right to ask for further information at its discretion.
BC-2.7 BC-2.7 Conduct
BC-2.7.1
The BMA will regard any breaches of the rules stated below regarding gifts, favours, betting and entertainment unacceptable.
Gifts and favours
BC-2.7.2
No broker, including management, employees and other persons acting on their behalf, shall offer or give inducements to dealing room personnel of a bank. No gifts or favours whatsoever shall be so given unless the broker is satisfied that the person responsible for dealing operations in the bank concerned has been informed of the nature of the gift or favour.
BC-2.7.3
Employees of banks shall not solicit inducements from brokers, nor shall they receive unsolicited gifts or favours from brokers without informing the person responsible for dealing operations in the bank concerned of the nature of such gifts or favours.
Bets
BC-2.7.4
The making or arranging of bets between brokers and banks dealers is totally unacceptable.
Entertaining
BC-2.7.5
It shall be the responsibility of management in both banks and brokers to ensure that entertainment offered in the course of business does not exceed reasonable limits and does not infringe standards of propriety and decency.
BC-2.8 BC-2.8 Responsibility
BC-2.8.1
Brokers shall be responsible for ensuring that:
(a) their principals understand fully the limitations of the brokers' responsibilities for business and market conducted;(b) all their principals understand that they are required to conform, where appropriate, to the Code of Conduct;(c) their staff carrying out transactions on behalf of principals are adequately trained both in the practices of the market-place and in the firm's responsibilities to principals; and(d) the BMA is notified of any changes in broking staff, in accordance with BMA requirements.BC-2.8.2
Bankers shall be responsible for ensuring that:
(a) their dealing staff are adequately trained and supervised in the practices of the market (the requirement of this Code of Conduct should be fully understood by all staff involved in foreign exchange and currency deposit operations);(b) the BMA is notified of any changes in dealing staff, in accordance with BMA requirements;(c) their staff understand that the ultimate responsibility for assessing the creditworthiness of a borrower or lender lies with the bank and not the broker;(d) brokerage is normally payable at the end of the month in which the money passes, or otherwise by special arrangement; and(e) there is no pressure on brokers to reduce charges below the approved minimum rates.BC-2.9 BC-2.9 Market regulations — Foreign exchange
Currencies
BC-2.9.1
A broker will, in response to an enquiry from any bank, make known the currencies which it elects to quote and to make a service in.
BC-2.9.2
Each broker shall provide, on request by a bank taking a service, general market information on all currencies handled (whether for the time being active or not) by that broker.
Brokerage
BC-2.9.3
Brokers shall comply with the minimum scales of brokerage charges (see section BC-4.6) agreed in consultation with the Bankers' Society Council from time to time, or laid down by the BMA.
In cases where there is no established minimum scale of brokerage charges, no deals shall be transacted until a rate has been agreed. Rates of brokerage in these cases should be agreed in advance, and only by Directors or senior managers on each side, and in no event by the dealers themselves.
BC-2.9.4
Put-through deals may be net of brokerage.
BC-2.9.5
Brokerage should be expressed in US dollars.
BC-2.10 BC-2.10 Market regulations — Currency deposits
Brokerage
BC-2.10.1
Brokers shall comply with the minimum scales of brokerage charges (see section BC-4.6) agreed in consultation with the Bankers' Society Council from time to time, or laid down by the BMA. In cases where there is no established minimum scale of brokerage charges, no deals shall be transacted until a rate has been agreed. Rates of brokerage in these cases should be agreed in advance, and only by Directors or senior managers on each side, and in no event by the dealers themselves.
BC-2.10.2
Calculation of brokerage on all currency deposits shall be worked out on a 360-day year, or a 365-day year, according to normally accepted market practice. For example, Sterling and Kuwaiti Dinars are on a 365-day year basis, and US dollars and Saudi Riyals are on a 360-day year basis.
Brokers' confirmations and statements should express brokerage in US dollars.
BC-2.10.3
In a forward-forward
deposit (e.g. one month against six months) the brokerage to be charged shall be on the actual intervening period (i.e. in the above example — five months).BC-2.10.4
Put-through deals may be net of brokerage.
BC-2.11 BC-2.11 Market discipline
BC-2.11.1
As part of its responsibility for supervising the conduct of brokers and dealers in the foreign exchange and currency markets, the Agency may, at its discretion:
(a) investigate any complains concerning the conduct of brokers and dealers;(b) investigate possible breaches of this Code by brokers and banks; and/or(c) take such further action as it considers appropriate, in the light of all the relevant facts.BC-2.12 BC-2.12 Adjustment of value dates in case of unexpected banking closing dates
BC-2.12.1
Spot transactions and outrights:(a) Original agreed upon value date for identical currency sold and purchased: extension of value date to next possible value date for both currencies.(b) Original agreed upon value date for non-identical currency sold and purchased (for instance, Friday for US Dollars and Saturday for Gulf Currencies): as unexpected banking closing days for non-Middle Eastern currencies are unlikely — value of non-Gulf currencies unchanged and value of Gulf currency on the next working day, adjusting spot or outright rate taking into account interest rate difference between the two currencies.For pure outrights it would be advisable to adapt the same system as for swaps; however, implied swap difference is not visible or identical for both parties.
— It can be assumed that, if the above rule would cause substantial losses for one party, dealers will re-negotiate a new rate, on a case-by case basis; if no agreement can be reached, the BMA, — as final Arbitrator — will fix the interest rates, prevailing at that time, which will be used to calculate the points difference, with which the outright rate will be adjusted.It is possible that payment instructions for counter-currency are already sent out and cannot be cancelled; in that case the paying party should be entitled to the proceeds of the unexpected use of funds by the receiving party.
BC-2.12.2
Deposits :(a) Maturing on unexpected closing day(s): Extendingdeposit to next possible value date; interest to be calculated in the extended period at original agreed upon interest rate.(b) Starting on unexpected closing day(s) and maturing after unexpected closing day(s): Starting date will be extended to next possible value date without altering maturing date; interest to be calculated on the shortened period at the originally agreed upon interest rate.(c) Starting on unexpected closing day(s) and maturing before or on next possible value date: Cancellation of deal.1. If payment instructions are already sent out by lender and can only be executed on next possible value date, and cannot be cancelled, borrower ensures repayment will be done on the same next possible value date. If in that case borrower cannot repay-because of deadline of receiving instructions by correspondent on same next possible value day, parties negotiate a new deal starting at value date of payment by lender and maturing according to new deal.2. If payment instructions are already sent out by lender for capital and by borrower for capital and interest both payments will be executed at same next possible value date, lender should refund to borrower unearned interest.BC-2.12.3
Swaps:
(a) Maturing on unexpected closing day(s): Extending swap to next possible value date for both currencies, adjusting swap difference according to formula — swap difference divided by original number of days and multiplied by new number of days.(b) Starting on unexpected closing day(s) and maturing after unexpected closing day(s): Starting date for both currencies would be extended to next possible value date for both currencies without altering maturing date, adjusting swap difference according to Formula under paragraph BC-2.12.3(a).(c) Starting on unexpected closing day(s) and maturing before or on next possible value date: Deals are cancelled.If starting or maturing date of original swap under paragraph BC-2.12.1 or paragraph BC-2.12.2 are substantially different, per currency swap difference has to be recalculated in mutual agreement between the dealers;
— It is possible that payment instructions for counter currency are already sent out and cannot be cancelled — in that case paying party should be entitled to the proceeds of the unexpected use of funds by the receiving party;BC-3 BC-3 Client confidentiality
BC-3.1 BC-3.1 Disclosure of information about individual accounts
BC-3.3.1
Banks should not publish or release information to third parties concerning the accounts or activities of their individual customers, unless:
(a) such information is requested by an authorised official from the BMA or by an order from the Courts; or(b) the release of such information is approved by the customer concerned.BC-4 BC-4 Customer account services and charges
BC-4.1 BC-4.1 Minimum balance and charges on accounts
BC-4.1.1
Banks may impose no more than a monthly charge of BD 1 when the monthly weighted average balance for saving investment accounts for individuals falls below BD 20 (or equivalent in other currencies).
BC-4.1.2
Orphans, widows, pensioners, individuals receiving social subsidies from the Ministry of Labour & Social Affairs, students and Bahraini nationals with a monthly salary below BD 250 should be exempted from maintaining the above minimum balance requirement for saving investment accounts.
Banks should establish criteria for determining the eligibility of a person for exemption from the above charges and should notify their concerned customers accordingly.
BC-4.2 BC-4.2 Disclosure of Charges
BC-4.2.1
In order to improve customer awareness and enhance transparency of bank charging structures, retail banks should display in Arabic and in English, by notice in their banking halls (both head offices and
branches ), a list of all current charges.Amended April 2011
October 2007BC-4.2.2
Banks should also ensure that each customer is in receipt of its current list of charges. The list should specify standard charges and commissions that will be applied by the bank to individual services and transactions and to specific areas of business.
October 07BC-4.2.3
[This Paragraph was deleted in July 2012].
Deleted: July 2012BC-4.2 BC-4.2 Disclosure of charges
BC-4.2.1
In order to improve customer awareness and enhance transparency of bank charging structures, full commercial banks should display, by notice in their banking halls (both head offices and
branches ), a list of current charges.BC-4.2.2
Banks should also ensure that each customer is in receipt of its current list of charges. The list should specify standard charges and commissions that will be applied by the bank to individual services and transactions and to specific areas of business.
BC-4.3 BC-4.3 Accounts held for clubs and societies in Bahrain
BC-4.3.1
All clubs and societies registered with the General Organisation for Youth and Sports (GOYS), are permitted under GOYS rule to only have one account with FCBs in Bahrain.
BC-4.3.2
The FCB is requested to notify GOYS when any club or society registered with GOYS requests the opening of an account with the bank. The purpose of the notification is to obtain clarification whether or not the account in question can be opened in accordance with the rules of GOYS.
BC-4.3.3
For accounts already held with the FCBs for clubs and societies registered with GOYS (i.e. before the application of the regulation in this section), the bank is requested to provide details of such accounts to GOYS (by reference to account name, relevant society, date opened and type of account) as soon as possible. If appropriate, GOYS will contact the relevant club or society in writing (with a copy to the bank) with instructions (e.g. to close the account) regarding such account.
BC-4.4 BC-4.4 Current accounts
BC-4.4.1
FCBs levying fees on their low-balance customer current accounts, are required by the Agency to apply such fees to average balances when these fall below a prescribed level during a specified period.
BC-4.4.2
In order to prevent incidences of returned cheques due to maintenance of low-balance current accounts, the banks may convert some low-balance and/or inactive current accounts to savings accounts.
BC-4.5 BC-4.5 Brokerage fee
BC-4.5.1
The purpose of the contents of this section is to set out the new scale of brokerage fees effective for all banks in Bahrain.
BC-4.5.2
The new scale of fees is the result of discussion and consultation between The Bankers' Society and the Bahrain Money Brokers.
BC-4.5.3
For the list of brokerage fee, see Appendix BC 6.
BC-4.6 BC-4.6 Notification to the Agency on introduction of new or expanded customer products and facilities
BC-4.6.1
The content of this section is applicable only to full commercial banks licensed by the Agency.
BC-4.6.2
All institutions referred to under paragraph BC-4.6.1 are required to consult the Agency before the introduction of any new or expanded customer products and facilities. The Agency will respond to the concerned bank within one week of receipt of the notification if it has any observations on the new product.
BC-4.6.3
Further, institutions should also advise the Agency, on a six-monthly basis, on the status of new or expanded products and facilities. The advise should cover the following aspects:
(a) response to,(b) success of, and(c) difficulties in,the introduction of new or expanded products and facilities. The institution should also advise the Agency on any variances which are introduced to the terms and conditions applying to these products and facilities.
BC-4.7 BC-4.7 Procedures for inheritance of financial assets
BC-4.7.1
The content of this section is applicable to all full commercial banks licensed by the Agency in the Kingdom of Bahrain.
BC-4.7.2
The Agency requires all commercial banks to follow the undermentioned procedures regarding the distribution of the financial assets of a deceased customer.
(a) Legal ownership of financial assets should only pass after sight of, and in accordance with, the relevant documentation issued by the Ministry of Justice (known as the "statutory portion").(b) Distribution of assets should be made to the order of an individual named in, and in accordance with, a mandate, duly certified by the Ministry of Justice, that reflects the permission of all inheritors that the named individual may act on their collective behalf.(c) Where minors are inheritors, the Ministry of Justice documentation must specifically refer to their inheritance and the instruction followed absolutely.BC-4.17 BC-4.17 Blocking Customer Accounts
BC-4.17.1
Islamic retail bank licensees must not block the accounts of a customer (who has a financing arrangement with it) due to customer’s termination from his or her employment or retirement regardless of the bank’s contractual rights to take such action. Banks instead must agree on other arrangements with the customer for the repayment of the financing.Added: April 2020BC-5 BC-5 Dishonoured cheques
BC-5.1 BC-5.1 Penalty system for dishonoured cheques
BC-5.1.1
The purpose of the contents of this section is to set out regulations relating to the system of penalising any person, whether natural or corporate in form, (referred to as a 'customer' in this chapter) whose cheque is
(a) presented for payment, but is returned due to insufficient funds being available on his current account, where,(b) in the opinion of the FCB on whom the cheque is drawn, such cheque has been issued by the customer in bad faith.Cheques falling within this system are referred to as 'dishonoured cheques'. Due regard must be given by FCBs to the general provisions of Bahrain Law regarding
joint accounts , partnership accounts and accounts in the name of corporate entities, as well as to the customer mandate in each case, to determine how such accounts may be dealt with for purposes of the Regulation in this chapter.Procedures to be followed
BC-5.1.2
On each occasion that an FCB becomes aware of a dishonoured cheque of one of its customers, that FCB will send a written warning to the relevant customer informing him/her of the existence of the dishonoured cheque, requesting him/her to immediately make good the insufficiency in his current account in order to clear the cheque. This written warning will also inform the customer of the provisions of this system with regard to dishonoured cheques and abusers of cheques.
BC-5.1.3
On the first working day of each calendar month, each FCB should provide to the Agency a list of the names, supported with I.D. numbers (CPR or CR numbers (as applicable) for Bahrain
residents , Passport or CR-equivalent numbers (as applicable) for non-Bahrain residents) of those customers to whom one (or more) written warning(s) has been sent in accordance with paragraph BC-5.1.2 above during the immediately preceding calendar month. This list should specify the number of written warnings relating to dishonoured cheques for each customer of the relevant FCB for the month in question and shall be in the form set out in Appendix BC 1. FCBs will be responsible for ensuring the accuracy of all details on their respective lists.BC-5.1.4
Using the lists referred to in paragraph BC-5.1.3 above, the Agency will prepare a further list (the 'Control List') of those customers to whom two or more written warnings were sent by any one or more FCB at any time within a maximum period of three consecutive calendar months. The Control List, which will be in the form set out in Appendix BC 2, will specify the name and I.D. numbers of each such customer, the total number of dishonoured cheques for that customer included in the lists referred to in paragraph BC-5.1.3 above, the name of the relevant FCB(s) on whose list(s) the customer's name has been included, and other relevant details for FCBs' information and checking in accordance with paragraph BC-5.1.5 below. Any customer to whom more than two written warnings relating to dishonoured cheques were sent by any one or more FCB at any time within a maximum period of three consecutive calendar months will be automatically deemed an abuser of cheques for the purposes of paragraph BC-5.1.7 below.
BC-5.1.5
On the second working day of each calendar month, the Agency will circulate a draft copy of the Control List to FCBs. FCBs will be requested to check the accuracy of the Control List by reference to the information they have sent to the Agency in accordance with paragraph BC-5.1.3 above, and to notify the Agency within a maximum period of one week of receiving the list of any inaccuracies on the Control List. The Control List, as amended if appropriate, will be circulated to FCBs by the Agency on the second working day after it receives all responses from FCBs. FCBs will be required to monitor the customers on this Control List to establish whether any one or more of them issued another dishonoured cheque in the instant calendar month. Any FCB becoming aware of a dishonoured cheque of one or more of its customers on the Control List during this month should notify the Agency of this fact, using the relevant section in Appendix BC 1, on the first working day of each calendar month.
BC-5.1.6
If the Agency does not receive any notification as contemplated in paragraph BC-5.1.5 above for a particular customer on the Control List, that customer's name shall be withdrawn from the next issue of the Control List. However, the Agency will monitor the names of customers appearing on the Control List during the three consecutive calendar months falling immediately after the calendar month in which a customer's name is taken off the Control List. If any such customer's name is again reported to the Agency pursuant to paragraph BC-5.1.3 above at any time during this three month period,
(a) his name will be returned to the Control List on the date of its next issue if there is only one dishonoured cheque reported in this context, or(b) he will be automatically deemed an abuser of cheques for the purposes of paragraph BC-5.1.7 below if there is more than one dishonoured cheque reported in this context.If, however, his name is not reported to the Agency in this regard, the Agency will cease its monitoring thereof.
BC-5.1.7
If the Agency does receive notification as contemplated in paragraph BC-5.1.5 above for a particular customer on the Control List, or if a customer is deemed to be an abuser of cheques within paragraph BC-5.1.4 or paragraph BC-5.1.6 above, such customer (herein referred to as an 'abuser of cheques') will be penalised as follows. Using Appendix BC 3, on the second working day of the calendar month following the receipt of the information referred to above, the Agency will circulate a draft list to FCBs. FCBs will be requested to check the accuracy of this list by reference to the information they have sent to the Agency in accordance with paragraph BC-5.1.5 above, and to notify the Agency within a maximum period of one week of receiving the list of any inaccuracies on that list. The list, as amended if appropriate, will be circulated to FCBs by the Agency on the second working day after it receives all responses from FCBs, and will direct the FCB(s) which has/have reported an abuser of cheques to withdraw all cheque books held by that abuser of cheques, and to close such person's current account(s) by transferring any balances therein to saving and/or any other accounts held with that/those FCB(s). Furthermore, those FCB(s) will be required not to provide current account facilities to that abuser of cheques for the twelve calendar month period immediately following the date of issue of the relevant list. All other FCBs should, within a maximum period of one month after the issue of the relevant list, also withdraw current account facilities from that abuser of cheques for the same twelve calendar month period. FCBs will be entitled to recover any amounts due to them from abusers of cheques as a result of compliance with this system by availing of their set-off rights under Bahrain Law.
BC-5.1.8
On Appendix BC 4, the Agency will notify FCBs of those abusers of cheques in respect of whom the twelve calendar month period referred to in paragraph BC-5.1.7 above has ended, and to whom FCBs may reinstate/offer current account facilities at their discretion.
BC-5.1.9
Nothing in this Regulation shall prejudice the rights of banks against customers otherwise existing under Bahrain Law and/or under any particular bank/customer agreement. Furthermore, FCBs will be entitled to the same immunity from prosecution as the Agency for any harm suffered, or alleged to be suffered, by customers as a result of FCBs complying with the Regulation in this chapter.
BC-5.1.10
The Regulation in this chapter may be amended, in whole or in part, from time to time by the Agency. In addition, the Agency may, at its discretion and as it so deems appropriate, issue specific directions to all or any FCBs regarding abusers of cheques or any particular abuser of cheques.
BC-5.2 BC-5.2 General guidance on administration of dishonoured cheques
BC-5.2.1
FCBs which wish to issue cheque guarantee cards for an amount not exceeding BD 200 may do so — subject to informing the Director of Banking Services at the Agency of their intention and the arrangements governing the issue of such cards.
BC-5.2.2
FCBs, generally, should take steps to extend their administrative supervision and control over current account customers (in particular those who are in repeated breach of normally-accepted behaviour), and to stress to account holders the need for an appropriate level of discipline in the usage of cheques.
BC-5.2.3
FCBs should exercise greater vigilance over borrowers, especially in the area of consumer finance, where such borrowers maintain their current accounts at a bank or banks other than at the lending bank.
BC-5.2.4
The Agency will monitor the incidence of returned cheques on a monthly basis (as stipulated in section BC-5.1) in order to determine the extent to which such incidence is being reduced or otherwise.
BC-5.3 BC-5.3 Penalty charges on dishonoured cheques
BC-5.3.1
The Agency will impose penalty charges of BD 5 (five Bahraini Dinars) on each returned cheque for the reasons of 'Refer to Drawer', 'Not Arranged For', 'Re-present', and 'Account Closed'. Individual banks will continue to be informed daily of any charges accruing to their accounts. The respective accounts will be debited on the same day.
BC-5.3.2
FCBs will be entitled to charge customers no more than BD 10 (ten Bahraini Dinars) in respect of each dishonoured cheque.
BC-6 BC-6 Automated Teller Machine (ATM)
BC-6.1 BC-6.1 Installation of an off-site ATM in Bahrain
BC-6.1.1
The purpose of the content of this section is to set out the criteria to be followed by banks for the installation and usage of
off-site ATMs in the Kingdom of Bahrain.BC-6.1.2
Applications for the installation of
off-site ATMs should be sent in writing, and in accordance with the requirements set out in paragraphs BC-6.1.3 to paragraphs BC-6.1.10, to the Executive Director of Banking Supervision at the Agency.General criteria
BC-6.1.3
Subject to the prior written approval of the Agency,
off-site ATMs may be owned individually or jointly by licensed FCBs which are members of the BENEFIT Switch. Each relevant owning FCB must already have linked its bank's ATM capability to the BENEFIT Switch prior to requesting the BMA's permission to install an off-site ATM and, furthermore, must conform to the general standards set by the Benefit company.BC-6.1.4
Subject to the prior written approval of the Agency,
off-site ATMs may, at each relevant owning FCB's discretion, be fully functioning or operate as cash dispensers only. In addition, off-site ATMs may, at each relevant owning FCB's discretion (and subject to the prior written approval of the Agency), be 'walk-up' or 'drive-in' machines.BC-6.1.5
Owning FCBs will bear full legal responsibility for their respective
off-site ATMs , as well as all costs associated with such ATMs (including, but not limited to, cash replenishment, installation, security etc.).BC-6.1.6
FCBs wishing to install an off-site ATM must submit an application (in writing) for the BMA's approval. This application must be accompanied by a copy of a feasibility study for that particular ATM, as well as such other information as the BMA may request. In particular, a copy of the written permission (for installation of that off-site ATM) of the legal owner of the proposed location must be provided to the Agency, as well as a copy of the written permission of any other relevant authorities in this context (e.g. the Traffic & Licensing and Civil Defence & Fire Service Directorates of the Ministry of Interior).
BC-6.1.7
Applications will generally be considered on a 'first come, first served' basis for a particular location. If more than one application is received to install an off-site ATM in the same location, the number of such applications which are approved will depend upon whether the location appears to the Agency to be capable of sustaining multiple
off-site ATMs (subject, in addition, to the exact details of each individual application regarding security etc. being acceptable to the Agency).BC-6.1.8
Each application will be assessed on its individual merits, and at the Agency's discretion, taking into account factors which the Agency considers relevant including, but not limited to:
(a) the suitability of the location in question,(b) the level of overall activities of the applicant in the market as well as the size and make-up of its customer base, and(c) the type and range of facilities which the applicant proposes offering through the off-site ATM at the location in question.BC-6.1.9
In addition to the information required by the Agency under paragraph BC-6.1.6, the Agency may require further information/clarification to be provided to it before it takes a decision regarding the application. The Agency's decision in this regard will be notified to each relevant applicant FCB in writing and will be final.
BC-6.1.10
The Agency may, at its discretion, require an off-site ATM to be closed at any time. In addition, an owning FCB may request the Agency in writing for permission to close any of its
off-site ATMs .BC-6.2 BC-6.2 GCC ATM network charges
BC-6.2.1
The purpose of this section is to set a limit on ATM service charges imposed by full commercial banks in the Kingdom of Bahrain for customer withdrawals and other ATM services transactions relating to other banks in the GCC (i.e. linking to GCC ATM networks).
BC-6.2.2
The limits in this section do not apply to ATM service charges on local ATM networks.
BC-6.2.3
The Agency requires that the charges on such customer withdrawals and other ATM services should not exceed BD 1 (one Bahraini Dinar) per transaction.
BC-7 BC-7 Mudaraba contracts
BC-7.1 BC-7.1 Minimum terms and conditions
BC-7.1.1
As part of its ongoing supervision of Islamic banks, the Agency has set out in Appendix BC 7 details of the type of terms and conditions which it believes Islamic banks should include, as a minimum, in such Mudaraba contracts.
BC-7.1.2
All such Mudaraba contracts entered into by a bank (whether new or renewed contracts) should meet the standards referred to under paragraph BC-7.1.1.
BC-7.1.3
Banks must have a policy statement as to the policies and procedures in place to safeguard the interest of the PSIA holders. The statement must, as a minimum, cover the following areas:
(a) Basis for allocation of profit or loss to the PSIA;(b) Policy for making provisions and reserves against assets and equity for PSIA (refer to FAS 11, issued by AAOIFI, for recognition and measurement of provisions and reserves) and to whom these provisions and reserves revert to in case of write-back or recovery;(c) Policy on the priority for investment of own funds and those of unrestricted investment account holders; and(d) Basis for allocating expenses to the PSIA.Banks must agree their Policy Statements with the Agency.
BC-8 BC-8 Margin Trading System
BC-8.1 BC-8.1 Introduction
BC-8.1.1
This Chapter applies to all full commercial banks in Bahrain.
BC-8.1.2
Investors purchasing securities (as defined from time to time by the Bahrain Stock Exchange ("BSE") listed on the BSE may pay for them under the Margin Trading System ("The System") by borrowing a portion of the purchase price from a participating bank. The System is subject to relevant provisions of the BMA Law, the BSE Law, any rules and regulations issued pursuant to such Laws and this Module. The System applies to equities in companies listed on the BSE. Unless restrictions apply under Bahrain law in this regard, the System shall be available to Bahraini or non-Bahraini investors, whether resident or non-resident in Bahrain.
BC-8.1.3
The main objective of introducing the System is to enhance the overall activity on the BSE, allowing investors to leverage their investments, in a controlled manner.
General criteria
BC-8.1.4
Only Full Commercial Banks will be permitted as participating banks for the System. Participating banks must each receive the prior general written approval of the BMA in order to take part in the System. The BMA will notify the BSE of the identity of participating banks. The BMA's approval may be withdrawn at its discretion.
BC-8.1.5
BSE Brokers will not be permitted to act as lenders for the System.
BC-8.2 BC-8.2 Limits and Trading Rules
BC-8.2.1
An investor may, through his relationship with any one individual participating bank under the System, invest a maximum of BD200,000 in securities (i.e. BD200,000 per investor/per individual participating bank, made up of BD100,000 by way of the investor's own initial margin and BD100,000 by way of financing from the relevant participating bank to that investor).
BC-8.2.2
An investor may, through approaching more than one bank under the System, invest a maximum of BD500,000 in securities (i.e. BD500,000 per investor/from all participating banks, made up of BD250,000 by way of the investor's own initial margin with all participating banks and BD250,000 by way of total financing from all participating banks to that investor.
BC-8.2.3
The amount of the margin facility made to an investor under the System shall be included as an exposure to that customer, and contribute towards the large exposures limit and the consumer finance limit for that person.
BC-8.2.4
The total amount of financing granted by an individual participating bank to all investors under the System shall not, at any time exceed 15% of that participating bank's capital base, such percentage to be reviewed by the BMA at its discretion from time to time.
BC-8.2.5
In relation to the aggregate limit under paragraph BC-8.2.2 above, the Agency will require participating banks to inform the Credit Risk Bureau of all facility limits approved to investors under the System from time to time. Participating banks must check with the CRB on the amount of facility limits outstanding under the System at any time to a particular investor.
Brokers
BC-8.2.6
Only those brokers approved by the BSE will be permitted to act as brokers for the System. Generally, brokers will only be approved if they (a) hold a "Class A" license from the BSE, and (b) meet the requirements set for the System from time to time by the BSE and the BMA.
Documentation
BC-8.2.7
Only standard-form documents (application forms and agreements) will be used for the System. Standard-form agreements, drafted and approved in advance by the BSE, will be entered into between the participating bank and the investor (in respect of financing), and between the participating bank and the investor and the broker (in respect of trading) and, as relevant, these agreements shall (amongst other things) confirm that:
a. The investor is borrowing or financing a stated amount from the participating bank for the purpose of taking part in the System;b. The investor will repay such stated amount, together with any interest or charges thereon, when due and in accordance with the agreement;c. The investor understands the risks involved in margin trading as well as the implications of the undertakings given by him;d. The participating bank can sell the securities bought through the System if the relevant margin is called and not met, without further formalities being required;e. The broker is liable for marking the securities to market on a daily (or more frequent) basis and for keeping the participating bank updated as to the participating bank's exposure to the investor;f. The investor can place orders with the broker for the purchase of securities up to the limit permitted by the agreement;g. Each party to the agreement in question shall abide by the duty of confidentiality imposed on him in relation to the matters set out in the agreement; andh. There is an overriding obligation on the parties thereto to comply with Bahrain law in general and, in particular, with the share-ownership restrictions applying to certain types of securities.Owner of the Securities bought using the System
BC-8.2.8
For ease of transfer and sale of the securities in the event that a margin is called by the participating bank but not met by the investor, the securities will be registered in the participating bank's name (for the account of the investor) and held by a custodian.
BC-8.2.9
Under paragraph BC-8.2.8 above; (a) the securities should not be considered as part of the bank's own assets for the purposes of determining ownership/control under Bahrain law, and (b) if the investor has discharged his obligations to the participating bank under the System and the securities have not been sold, the securities shall be transferred into the legal ownership of the investor.
Margin Percentage
BC-8.2.10
For equities listed on the BSE, an investor shall have the right to borrow a loan the value of which shall not exceed 50% of the total value of the funds being invested (i.e. 1:1). The BMA and the BSE shall coordinate in making any change to the margin percentages set for the System.
Margin Call Top-up
BC-8.2.11
The margin call top-up shall be 30% of the total value of the funds invested by an investor through a margin account with a participating bank. An investor shall settle a margin call on the settlement date (as determined by the BSE) by making a cash payment of such amount to the participating bank. Such cash payment may, at the investor's discretion and in whole or part, come from the sale of the securities bought through the System, or otherwise. Failure to meet such margin call will, however, give the participating bank the right to sell the securities bought through the System.
Margin Charges
BC-8.2.12
The participating bank shall impose charges on the financing amount granted to the investor at a rate or on a basis to be determined by the participating bank. In the event that investor's margin account is in credit in excess of the margin applicable thereto, profit shall be paid on the excess at a rate to be determined by the participating bank.
CA CA Capital Adequacy
CA-A CA-A Introduction
CA-A.1 CA-A.1 Application
CA-A.1.1
Regulations in this module are applicable to locally incorporated banks on both a stand-alone, including their foreign
branches , and on a consolidated group basis.CA-A.1.2
In addition to licensees mentioned in paragraph CA-A.1.1, certain of these regulations (in particular gearing requirements) are also applicable to full commercial
branches of foreign banks in the Kingdom.CA-A.2 CA-A.2 Purpose
CA-A.2.1
The purpose of this module is to set out the Agency's
capital adequacy regulations and provide guidance on the risk measurement for the calculation of capital requirements by banks referred to under CA-A.1.1.CA-A.2.2
The module also sets out the minimum gearing requirements which relevant banks (referred to in section CA-A.1) must meet as a condition of their licensing.
CA-A.2.3
The Agency requires in particular that the relevant banks maintain adequate capital, in accordance with the Regulation in this module, against their risks as capital provides banks with a cushion to absorb losses without endangering customer accounts. Due to this, the Agency also requires the relevant banks to maintain adequate liquidity and identify and control their large credit
exposures that might otherwise be a source of loss to a licensee on a scale that might threaten its solvency.CA-A.2.4
The regulations contained in this section are consistent in all substantial respects with the approach recommended by the Basel Committee on Banking Supervision and the Statement on the Purpose and Calculation of the Capital Adequacy Ratio for Islamic Banks issued by Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI).
CA-A.2.5
The Agency recognises that the Basel Committee guidelines may not address specific characteristics of the various products and services offered by Islamic banks. Therefore, the Agency has adopted a risk-based approach and has tailored the regulations to address the specific risk characteristics for Islamic banks.
CA-A.2.6
This module provides support for certain other parts of the Rulebook, mainly:
(a) Licensing and Authorisation Requirements;(b) BMA Reporting Requirements;(c) Credit Risk Management;(d) Market Risk Management;(e) Operational Risk Management;(f) Liquidity Risk Management;(g) High Level Controls:(h) Relationship with Audit Firms;(i) Enforcement; and(j) Penalties and Fines.CA-A.3 CA-A.3 Key requirements
CA-A.3.1
All locally incorporated banks are required to measure and apply capital charges in respect of their credit and market risk capital requirements.
The capital requirement
CA-A.3.2
Banks are allowed two classes of capital instruments (see section CA-2.2) to meet their capital requirements for credit risk and market risk, as set out below:
Tier 1: Core capital — Supports the calculation of credit risk weighted assets and at least 28.57% of market risk.
Tier 2: Supplementary capital — Supports credit risk and market risk subject to limitations.
Measuring credit risks
CA-A.3.3
In measuring credit risk for the purpose of
capital adequacy , banks are required to apply a simple risk-weighted approach through which claims of different categories of counterparties are assigned risk weights according to broad categories of relative riskiness.Measuring market risks
CA-A.3.4
The minimum capital requirement for equities is expressed in terms of two separately calculated charges, one relating to the "specific risk" of holding a long position in an individual equity, and the other to the "general market risk" of holding a long position in the market as a whole.
Measuring foreign exchange risk
CA-A.3.5
The measurement of the foreign exchange risk involves, as a first step, the calculation of the net open position in each individual currency including gold and as a second step, the measurement of the risks inherent in the bank's mix of assets and liabilities positions in different currencies.
Measuring commodities risk
CA-A.3.6
Banks should adopt either the simplified approach to calculate their commodities risk and the resultant capital charges or the maturity ladder approach. Where banks have Salam and Parallel Salam contracts, the maturity ladder approach must be used.
Minimum capital ratio requirement
CA-A.3.7
On a consolidated basis, the Agency has set a minimum Risk Asset Ratio ("RAR") of 12.0% for all locally incorporated banks. Furthermore, on a solo basis, the parent bank is required to maintain a minimum RAR of 8.0% (i.e. unconsolidated).
Maintaining minimum RAR
CA-A.3.8
All locally incorporated banks must give the Agency immediate written notification of any actual breach by such banks of either or both of the above RARs. Where such notification is given, the bank must also provide the Agency; no later than one calendar week after the notification, with a written action plan setting out how the bank proposes to restore the relevant RAR(s) and report on a weekly basis thereafter on the bank's relevant RAR(s) until such RAR(s) have reached the required target level(s).
CA-A.3.9
The Agency considers it a matter of basic prudential practice that, in order to ensure that these RARs are constantly met, banks set up internal "targets" of 12.5% (on a consolidated basis) and 8.5% (on a solo basis) to warn them of a potential fall by the bank below the Agency's required minimum RARs. Where a bank's capital ratio falls below its target ratio, the General Manager should notify the Agency immediately, however, no formal action plan will be necessary. The General Manager should explain what measures are being implemented to ensure that the bank will remain above its minimum RAR(s).
CA-A.3.10
The bank will be required to submit the PIRI forms to the Agency on a monthly basis, until the RAR(s) exceeds its target ratio(s).
Gearing requirements
CA-A.3.11
For Full Commercial Bank and Offshore Banking Unit licensees,
deposit liabilities should not exceed 20 times the respective bank's capital and reserves.CA-A.3.12
For Investment Bank licensees,
deposit liabilities should not exceed 10 times the respective bank's capital and reserves.CA-A.4 CA-A.4 Regulation history
CA-A.4.1
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
CA-A.4.2
A list of most recent changes made to this module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes Evolution of the Module
CA-A.4.3
Prior to the development of Rulebook, the Agency had issued various circulars representing regulations relating to
capital adequacy requirements. These circulars have now been consolidated into this module covering thecapital adequacy regulation. These circulars and their evolution into this module are listed below:Circular Ref. Date of Issue Module Ref. Circular Subject PIRI
BC/09/0126 Nov 2001 CA Prudential Information Returns for Islamic Financial Institutions OG/78/01 20 Feb 2001 CA-2.5 Monitoring of Capital Adequacy BC/01/98 10 Jan 1998 CA-2.5 Risk Asset Ratio Effective date
CA-A.4.4
The contents in this module are effective from the date depicted in the original circulars (see paragraph CA-A.4.3) from which the requirements are compiled.
CA-B CA-B General guidance and best practice
CA-B.1 CA-B.1 Introduction
CA-B.1.1
This chapter provides general guidance on
Capital adequacy requirements, unless otherwise stated.CA-B.1.2
It sets best practice standards and should generally be applied by all licensees to their activities.
CA-B.2 CA-B.2 Guidance provided by other international bodies
Basel Committee: The management of banks' off balance sheet exposures — a supervisory perspective
CA-B.2.1
In March 1986, the
Basel Committee on Banking Supervision issued a paper titled "The management of banks' off-balance-sheet exposures — a supervisory perspective" (see www.bis.org/publ/bcbsc134.pdf).CA-B.2.2
This paper examines off balance sheet risks from three angles — market/position risk, credit risk and operational/control risk. Part III of this paper examines credit risk (including control of large exposures, settlement risk and country risk), with particular emphasis given to the assessment of the relative risks of the different types of off balance sheet activity.
CA-B.3 CA-B.3 Enforceability
CA-B.3.1
These guidance should not be taken as legally binding requirements, unless otherwise embodied in Bahrain law or by regulation.
CA-B.3.2
It should be noted that the provisions in this chapter are to be taken as guidance, unless otherwise stated, supplementing the Regulations set out in this module.
CA-1 CA-1 Scope and coverage of capital charges
CA-1.1 CA-1.1 Introduction
CA-1.1.1
All locally incorporated banks are required to measure and apply capital charges in respect of their fiduciary and displacement risk, credit and market risk capital requirements.
CA-1.1.2
Fiduciary and displacement risk is defined as [ref IFSB].
CA-1.1.3
Credit risk is defined as the potential that a bank's
counterparty will fail to meet its obligations in accordance with agreed terms. Credit risk exists throughout the activities of a bank in the banking book and in the trading book including both on and off balance sheetexposures .CA-1.1.4
Market risk is defined as the risk of losses in on or off balance sheet positions arising from movements in market prices. The risks subject to the capital requirement of this module are:
(a) the risks pertaining to equities in the trading book;(b) foreign exchange risk throughout the bank; and(c) commodity risk throughout the bank.CA-1.2 CA-1.2 Measuring fiduciary and displacement risks
CA-1.2.1
Islamic banks mobilise funds on a profit and loss sharing basis (PLS). However, certain risks are associated with such PLS accounts. These risks are referred to as fiduciary and displaced commercial risk.
CA-1.2.2
To cater for these risks the Agency has accepted the recommendations contained in the AAOIFI's statements and requires the inclusion of 50% of the risk weighted assets of the Profit Sharing Investment Accounts (PSIA) in the denominator of the capital adequacy ratio.
CA-1.3 CA-1.3 Measuring credit risks
CA-1.3.1
In measuring credit risk for the purpose of
capital adequacy , banks are required to apply a simple risk-weighted approach through which claims of different categories of counterparties are assigned risk weights according to broad categories of relative riskiness.CA-1.3.2
The Agency has adopted the risk weightings recommended by the Basel Committee on Banking Supervision, where applicable. However, the Basel Committee does not define the risk weightings for some of the specific Islamic contracts.
CA-1.3.3
In Islamic banking, the legal form is as important as the substance of the transaction otherwise the transaction would not be permissible under Shari'a. Therefore, when assigning risk weights to the various Islamic contracts, banks should consider the legal form of the transactions as well as the substance.
CA-1.3.4
The framework of weights consists of four weights — 0%, 20%, 50% and 100% for on and off balance sheet items, which based on a broad-brush judgment, are applied to the different types of assets and off balance sheet
exposures within the banking book.CA-1.3.5
The resultant different weighted assets and off balance sheet
exposures are then added together to calculate the total credit-risk-weighted assets of the bank.CA-1.3.6
The Agency has addressed the issue of the risk weightings for some of the commonly used Islamic contracts. If banks are involved in contracts not covered below they should contact the Agency and agree on an appropriate risk-weighting category.
Murabaha and Murabaha to the purchase orderer
CA-1.3.7
The Agency as a policy requires that all Murabaha contracts be based on binding promises. The Murabaha receivables should be assigned a risk weight based on the credit standing of the obligor as recommended by the Basel Committee.
Mudaraba contracts
CA-1.3.8
Mudaraba contracts should be assigned a risk weighting according to the underlying investments. Where Mudaraba funds are invested in securities listed on recognised exchanges and the price volatility is based on market movements, these should be removed from credit risk weightings and subject to market risk regulations. Examples would be equity Mudarabas where banks may have direct exposure in the value of the underlying equities or commodity Mudarabas.
CA-1.3.9
Investments in other Mudarabas such as real estate or leasing should be assigned risk weightings according to the standing of the underlying investment as per the Basel Capital Accord.
CA-1.3.10
Where a Mudaraba fund invests in another Mudaraba contract, which in turn makes investments at its own discretion, the risk weight would be based on the credit standing of the counterparty (investee Mudarib) as recommended by the Basel Committee. Investments in particular asset classes made at the discretion of the (investor) Mudaraba fund should be assigned risk weighting according to the underlying investments, where possible.
Musharaka contracts
CA-1.3.11
Musharaka contracts refer to partnerships in specific transactions or projects. These exclude participation in the share capital (equity) of other enterprises. Risk weights should be assigned in accordance with the standings of the underlying investment as per the guidelines of the Basel Committee. Musharaka in real estate, plant and machinery or other similar assets attract a 100% risk weighting.
CA-1.3.12
Musharakas in trading transactions will attract risk weighting as per the standing of the underlying investment, which in all cases would attract a 100% risk weighting. Where the transaction involves trading in commodities which may be traded in secondary markets, these should be removed from credit risk weighting and subjected to market risk regulations.
CA-1.3.13
In cases where it is difficult to ascertain the composition of the underlying asset, risk weight would be assigned based on the credit standing of the counterparty.
Ijarah / Ijarah Muntahia Bittamleek assets
CA-1.3.14
Under Shari'a, substantial risks and rewards of ownership of assets may not be transferred to lessees. Therefore, assets acquired for the purpose of leasing under Ijarah or Ijarah Muntahia Bittamleek contracts should be carried on the balance sheet of the lessor and assigned a risk weighting of 100%.
CA-1.3.15
However, where these are residential properties, leased under Ijarah Muntahia Bittamleek with the lessee's option to buy at the end of the lease term and to use the properties for residential purposes, a 50% risk weighting is assigned, where the lessor has a first enforceable charge on the assets.
Istisna'a and parallel Istisna'a contracts
CA-1.3.16
The accounting for these contracts should be in accordance with Financial Accounting Standard (FAS) No. 10: Istisna'a and Parallel Istisna'a, issued by AAOIFI.
CA-1.3.17
Istisna'a and parallel Istisna'a contracts would attract risk weighting as per the credit standing of the respective counterparties in accordance with the Basel Committee.
Salam and parallel Salam
CA-1.3.18
Amounts paid in respect of Salam contracts (for which there exists a parallel Salam contract) should normally be assigned a risk weight as per the credit standing of the customer in accordance with the Basel Committee.
CA-1.3.19
Salam and parallel Salam contracts would attract risk weighting as per the credit standing of the respective counterparties in accordance with the Basel Committee.
Participations and equity investments
CA-1.3.20
The supervision of banks for capital adequacy purposes is carried out on a consolidated basis, taking into account all holdings of the capital of other entities by the concerned bank. For subsidiaries, the preferred mode of consolidation is to add the assets and liabilities into the accounts of the parent on a line-by-line basis. For associate companies (i.e. where the parent bank owns 20% or more of the voting stock, and/or has voting control of the concerned company), the assets and liabilities should also be consolidated on a line-by-line basis. If banks do not wish to consolidate subsidiaries or associates (that meet the above criteria), they must contact the Agency to agree on the accounting treatment to be used. Participations and investments which amount to below 20% of the voting capital of the concerned company should be accounted for at fair value and weighted at 100%.
CA-1.3.21
Banks which have subsidiary and associate companies must also be supervised for capital adequacy on a solo basis (i.e. after deducting all holdings of the share capital of all subsidiaries and associates (that meet the criteria in paragraph CA-1.3.20 above) and excluding all their assets and liabilities from the accounts of the parent bank). Holdings of other participations and equity investments need not be deducted on a solo basis, but should be accounted for at fair value and weighted at 100%. Banks should note paragraph CA-2.2.6 in respect of the treatment described in this paragraph and in paragraph CA-1.3.20.
Intra fund balances
CA-1.3.22
Transactions between the corporate book (i.e. self-financed and financed by unrestricted investment accounts) and restricted investment accounts are not allowed, unless approved by the Agency on a temporary basis.
CA-1.3.23
If permitted by the Agency, on a temporary basis, the following weightings will be applied:
(a) Corporate or unrestricted investment funds invested in Restricted Investment Accounts.
Risk weighting would be assigned on the underlying asset as per the Basel Committee Guidelines and in accordance with the guidance set out under chapters CA-1 to CA-6.(b) Restricted investment account funds invested in corporate books.(i) In the corporate books, the assets financed by restricted investment accounts would be included as part of the corporate assets and risk weighting assigned in accordance with the guidelines.(ii) 0% risk weighting should be assigned to the funds invested by the restricted investment accounts in the corporate books in order to avoid double counting as the resultant assets are already risk weighted in the Bank's books.(iii) Banks must agree with the Agency on the treatment of investments by restricted investment accounts in the corporate book. The Agency will consider each case on its merit.CA-1.4 CA-1.4 Measuring market risks
Trading book
CA-1.4.1
The trading book means the bank's positions in financial instruments (including off balance sheet instruments that are intentionally held for short-term resale and/or which are taken on by the bank with the intention of benefiting in the short-term from actual and/or expected differences between their buying and selling prices, or from other price variations, and positions in financial instruments arising from matched principal brokering and market making). Treatment of risks associated with any option transactions should be agreed in advance with the Agency, who will consider the issue on a case by case basis.
CA-1.4.2
Each bank should agree to a written policy statement with the Agency as to which activities are normally considered trading and constitute part of the trading book. Trading book's definition should be consistently applied by the bank from year to year.
CA-1.4.3
It is expected that the trading activities will be managed and monitored by a separate unit and that such activities should be identifiable because of their intent, as defined in paragraph CA-1.4.1 above.
Equity risk
CA-1.4.4
The capital charges for equities will apply based on the current market values of items in a bank's trading book.
Foreign exchange and commodities risk
CA-1.4.5
The capital charges for foreign exchange risk and for commodity risk will apply to a bank's total currency and commodity positions, with the exception of structural foreign exchange positions in accordance with section CA-5.3 of these regulations.
Exemptions
CA-1.4.6
Banks will be allowed certain de minimis exemptions from the capital requirements for foreign exchange risk, as described in section CA-5.2 of these regulations. For the time being, there shall be no exemptions from the trading requirements, or from the capital requirements for commodity risk.
Bank's own fund and Profit and Loss Sharing Investment Accounts (PSIA)
CA-1.4.7
Banks must compute capital charges for own funds subject to market risk, as well as those of the PSIA. For the purpose of computing the capital adequacy ratio, 50% of the bank's market risk weighted assets relating to the PSIA (restricted and unrestricted) must be included in accordance with AAOIFI's Statement on Purpose and Calculation of the Capital Adequacy Ratio for Islamic Banks.
Consolidation
CA-1.4.8
As with the credit risk capital requirements, the market risk capital requirements apply on a worldwide consolidated basis. Only a bank, which is running a global consolidated book, may apply the offsetting rules contained in the remainder of these regulations, on a consolidated basis with the prior written agreement of the Agency. However, where it would not be prudent to offset or net positions within the group, for example where there are obstacles to the quick repatriation of profits from a foreign subsidiary or where there are legal and procedural difficulties in carrying out the timely management of risks on a consolidated basis, the Agency will require the bank to take individual positions into account without any offsetting.
CA-1.4.9
Notwithstanding that the market risk capital requirements apply on a worldwide consolidated basis, the Agency also monitors the market risks of banks on a non-consolidated basis to ensure that significant imbalances within a group do not escape supervision. The Agency is particularly vigilant to ensure that banks do not pass positions on reporting dates in such a way as to escape measurement.
Approach to measurement
CA-1.4.10
For the measurement of their market risks, banks will measure the risks in a standardised manner, using the measurement framework described in chapters CA-4 to CA-6.
CA-1.4.11
The standardised methodology uses a "building block" in which the capital charge for each risk category is determined separately. For equity positions risk, separate capital charge for specific risk and the general market risk arising from these positions are calculated. The specific market risk is defined as the risk of loss caused by an adverse price movement of a security/ units due principally to factors related to the issuer. The general market risk is defined as the risk of loss arising from adverse changes in aggregate market prices. For commodities and foreign exchange, there is only one general market risk capital requirement.
CA-1.4.12
All transactions, including forward sales and purchases, shall be included in the calculation of capital requirements as from the date on which they were entered into.
Monitoring
CA-1.4.13
Formal reporting, to the Agency, of the market risk exposure and capital adequacy shall take place as at the end of each calendar quarter. The returns relating to any quarter should be submitted to the Agency by the 20th day of the first month of the following quarter. Furthermore, banks are expected to manage their market risk in such a way that the capital requirements for market risk are being met on a continuous basis (i.e. at the close of each business day and not merely at the end of each calendar quarter). Banks are also expected to maintain strict risk management systems to ensure that their intra-day exposures are not excessive.
CA-1.4.14
Banks' daily compliance with the capital requirements for market risk will be verified by the independent risk management department and the internal auditor. It is expected that the external auditors will perform appropriate tests of the bank's daily compliance with the capital requirements for market risk. Where a bank fails to meet the minimum capital requirements for market risk on any business day, the Agency must be informed in writing. The Agency will then seek to ensure that the bank takes immediate measures to rectify the situation.
CA-1.4.15
Besides what is stated in paragraph CA-1.4.14 above, the Agency will consider a number of other appropriate and effective measures to ensure that banks do not "window dress" by showing significantly lower market risk positions on reporting dates.
CA-1.5 CA-1.5 Reporting
CA-1.5.1
Formal reporting, to the Agency, of
capital adequacy shall be made in accordance with the requirements set out under section BR-3.1.CA-1.6 CA-1.6 Summary of overall capital adequacy requirements
CA-1.6.1
Each bank is expected to monitor and report the level of risk against which a capital requirement is to be applied, in accordance with section CA-1.4. The bank's overall minimum capital requirement will be:
(a) the credit risk requirements laid down in these regulations; PLUSCA-2 CA-2 The capital requirement
CA-2.1 CA-2.1 Introduction
CA-2.1.1
Islamic banks are allowed two types of own funds to meet their capital requirements for credit risk and market risk, as set out below:
— Tier 1: Supports the calculation of credit risk weighted assets and at least 28.57% of market risk.— Tier 2: Supports credit risk and market risk subject to limitations.CA-2.1.2
For the purpose of calculating its Capital Adequacy Ratio (CAR), the risk-weighted assets of an Islamic bank consist of the sum of the risk-weighted assets financed by the Islamic bank's own capital and liabilities, plus 50% of the risk-weighted assets financed by the Islamic bank's PSIA. This applies to both unrestricted PSIA that are accounted for on the Islamic bank's balance sheet and restricted PSIA that are accounted for off the balance sheet.
CA-2.2 CA-2.2 Definition of capital
Tier capital
CA-2.2.1
Tier Capital forms the numerator of the Capital Adequacy Ratio. It is defined as the cornerstone of a bank's strength.
CA-2.2.2
The essential characteristics of capital are that it should:
(a) Represent a permanent and unrestricted commitment of funds;(b) Be freely available to absorb losses and thereby enable a bank to keep operating whilst any problems are resolved;(c) Not impose any unavoidable charge on the earnings of the bank.CA-2.2.3
For the purpose of defining Tier capital, the Agency has broadly adopted the recommendations contained in AAOIFI's Statement on the Purpose and Calculation of Capital Adequacy for Islamic Banks. However, some restrictions have been placed on the inclusion of profit equalisation and investment risk reserve as Tier 2 capital. For components of Tier 1 and Tier 2 capital refer to paragraphs CA-2.2.4 to CA-2.2.5.
Tier 1: Core capital
CA-2.2.4
Tier 1 capital shall consist of the sum of items (a) to (b) below, less the sum of items (c) to (d) below:
(a) Bank's permanent share capital and disclosed reserves in the form of legal, general and other reserves created by appropriations of retained earnings, share premium, capital redemption reserves and other surplus (as shown in its balance sheet), but excluding revaluation reserves and prudential reserves (profit equalisation reserves and investment risk reserve as defined in the AAOIFI's Financial Accounting Standard No: 11 Provisions and Reserves).
In case of an Islamic fund having participation and / or "B" class shares (not carrying voting rights), their treatment as capital or unrestricted investment accounts (for the purpose these regulations) must be agreed with the Agency. The Agency will consider each case on its merit.(b) Minority interests, arising on consolidation, in the equity of subsidiaries that are less than wholly owned.LESS:
(c) Goodwill(d) Current year's cumulative net losses which have been reviewed as per the International Standards on Auditing (ISA) by the external auditors.Tier 2: Supplementary capital
CA-2.2.5
Tier 2 capital shall consist of the following items:
(a) Interim retained profits that have been reviewed as per the ISA by the external auditors.(b)Asset revaluation reserves , which arise in two ways. Firstly, these reserves can arise from the revaluation of fixed assets from time to time in line with the change in market values, and are reflected on the face of the balance sheet as a revaluation reserve. Secondly, hidden values or "latent" revaluation reserves may be present as a result of long-term holdings of equity securities valued in the balance sheet at the historical cost of acquisition. Both types of revaluation reserve may be included in Tier 2 capital, with the concurrence of the external auditors, provided that the assets are prudently valued, fully reflecting the possibility of price and forced sale. In the case of "latent" revaluation reserves, a discount of 55% will be applied to the difference between the historical cost book value and the market value to reflect the potential volatility of this form of unrealised capital.(c) General provisions held against the future, presently unidentified, losses are freely available to meet losses that subsequently materialise and therefore, qualify for inclusion within supplementary elements of capital, subject to a maximum of 1.25% of total risk-weighted assets (both credit and market risk weighted). Prescriptions ascribed to impairment of particular assets or known liabilities should be excluded.(d) Profit equalisation reserve and investment risk reserve as defined in FAS No. 11: Provisions and Reserves, issued by AAOIFI, up to a maximum amount equal to the capital charge pertaining to the 50% the risk weighted assets financed by unrestricted and restricted investment account holders.(e) 45% of unrealised gains on equitysecurities held as available-for-sale (on an aggregate net-basis).Deductions from Tier 1 and Tier 2 capital
CA-2.2.6
For the calculation of capital adequacy on a solo basis, the following item shall be deducted from the sum of Tier 1 and Tier 2 capital (goodwill will have been already deducted from Tier 1 capital):
(a) Investments in and financing of a capital nature to unconsolidated subsidiaries and associates. The assets representing the investments in subsidiary companies whose capital is deducted from that of the parent would not be included in total assets for the purpose of computing the capital adequacy ratio.(b) Holdings of own shares and any financing facility provided to the parent company to finance the shares of the subsidiary.CA-2.3 CA-2.3 Limits on the use of different forms of capital
CA-2.3.1
The following constraints apply to the CAR calculations:
Constraint 1: Tier 2 capital allocated to credit risk (see section A20.7 of guidelines in Appendix BR 3)
should be less than or equal to
50% of the Tier 1 capital allocated to credit risk (see section A20.6 of guidelines in Appendix BR 3)Constraint 2: Tier 2 capital allocated to market risk (see section A20.13 of guidelines in Appendix BR 3) plus Tier 2 capital allocated to credit risk (see section A20.7 of guidelines in Appendix BR 3)
should be less than or equal to
Total Tier 1 capital available (see section A20.1 of guidelines in Appendix BR 3)CA-2.4 CA-2.4 Calculation of the CAR for Islamic banks
CA-2.4.1
Firstly, the banks should calculate minimum capital required (section A20.4 or A9.14 of guidelines in Appendix BR 3) by reference to credit risk in accordance with these regulations, excluding equity securities in the trading book and all positions in commodities. This figure will constitute minimum capital required to cover credit risk (section A20.5 of guidelines in Appendix BR 3).
CA-2.4.2
Secondly, the banks should calculate minimum capital required (section A20.9 or A17.14 of guidelines in Appendix BR 3) by reference to the measure of market risk (i.e. specific risk plus general market risk) in accordance with the regulations contained in section CA-1.4. This figure will constitute minimum capital required to cover market risk (section A21.10 of guidelines in Appendix BR 3).
CA-2.4.3
Thirdly, the amount resulting from the above requirement (section A20.10 of guidelines in Appendix BR 3) should be multiplied by 28.57%. This is the minimum capital charge which should be supported by Tier 1 capital allocated to market risk weighted exposures (section A20.12 of guidelines in Appendix BR 3); therefore, the balance amount in Tier 1 capital should be the amount allocated to support credit risk weighted assets (section A20.6 of guidelines in Appendix BR 3).
CA-2.4.4
The balance of the credit risk weighted assets may be supported by Tier 2 capital amount in section A20.7 of guidelines in Appendix BR 3 (subject to constraint stated in section CA-2.3).
CA-2.4.5
Further, the residual amount in Tier 2 capital (section A20.13 of guidelines in Appendix BR 3) may be used to support the balance subject to the condition stated in paragraph CA-2.4.3.
CA-2.5 CA-2.5 Minimum capital ratio requirement
CA-2.5.1
The Agency has established that the minimum capital ratio required for all Islamic banks incorporated in Bahrain is 12%. Furthermore, on a solo basis, the parent bank of a group is required to maintain a minimum RAR of 8.0% (i.e. unconsolidated).
Maintaining minimum RAR
CA-2.5.2
All locally incorporated banks must give the Agency immediate written notification of any actual breach by such banks of either or both of the above RARs. Where such notification is given, the bank must also provide the Agency:
(a) no later than one calendar week after the notification, with a written action plan setting out how the bank proposes to restore the relevant RAR(s) to the required minimum level(s) set out above and, further, describing how the bank will ensure that a breach of such RAR(s) will not occur again in the future; and(b) with a weekly report thereafter on the bank's relevant RAR(s) until such RAR(s) have reached the required target level(s) set out below.CA-2.5.3
In addition, the Agency considers it a matter of best practice that, in order to ensure that these RARs are constantly met, that banks set up internal "targets" of 12.5% (on a consolidated basis) and 8.5% (on a solo basis) to warn them of a potential fall by the bank below the Agency's required minimum RARs as set out above.
CA-2.5.4
Where a bank's capital ratio falls below its target ratio, the General Manager should notify the Director of Banking Supervision at the Agency immediately. No formal action plan will be necessary, however the General Manager should explain what measures are being implemented to ensure that the bank will remain above its minimum RAR(s).
CA-2.5.5
The bank will be required to submit the PIRI forms to the Agency on a monthly basis, until the RAR(s) exceeds its target ratio(s).
CA-2.5.6
The Agency will notify banks in writing of any action required of them with regard to the corrective and preventive action (as appropriate) proposed by the bank pursuant to the above, as well as of any other requirement of the Agency in any particular case.
CA-2.5.7
Banks should note that the Agency considers the breach of RARs to be a very serious matter. Consequently, the Agency may (at its discretion) subject a bank which breaches its RAR(s) to a formal licensing reappraisal. Such reappraisal may be effected either through the Agency's own inspection function or through the use of Reporting Accountants, as appropriate. Following such appraisal, the Agency will notify the bank concerned in writing of its conclusions with regard to the continued licensing of the bank.
CA-2.5.8
The Agency recommends that the bank's compliance officer supports and cooperates with the Agency in the monitoring and reporting of the capital ratios and other regulatory reporting matters. Compliance officers should ensure that their banks have adequate internal systems and controls to comply with these regulations.
CA-3 CA-3 Credit risk
CA-3.1 CA-3.1 Introduction
CA-3.1.1
This chapter describes the standardised approach for the measurement of the credit risk
exposure in the bank's banking book.CA-3.2 CA-3.2 Risk weighting — On balance sheet asset category
CA-3.2.1
Risk weights by category of on balance sheet asset are illustrated in the table below:
Risk weights Category of on balance sheet assets/claims 0% (a) Cash;
(b) Holdings of Gold bullion and coins;
(c) The government of Bahrain & Bahrain public sector entities;
(d) Government-owned GCC companies incorporated in Bahrain;
(e) Central governments and central banks of GCC and OECD countries; and
(f) Central governments and central banks of classified countries where denominated and funded in local currency.20% (a) Cash items in process of collection;
(b) Multilateral development banks;
(c) Banks and securities firms incorporated in Bahrain, other GCC and OECD countries;
(d) Banks incorporated in classified countries with a residual maturity less than 1 year;
(e) Public sector entities in GCC and OECD countries; and
(f) Government-owned GCC companies incorporated outside Bahrain.50% Mortgages backed by residential property 100% (a) Related parties
(b) Holdings of other banks' and securities firms' capital instruments
(c) Banks incorporated in classified countries with a residual maturity of over 1 year
(d) Central governments and central banks of classified countries (not included above)
(e) Public sector entities of classified countries
(f) Government-owned companies in non-GCC countries
(g) Private sector persons and entities in and outside Bahrain
(h) Istisna'a assets*
(i) Ijarah / Ijarah Muntahia Bittamleek assets
(j) Real estate investments
(k) Other assets not reported elsewhere*** This represents balance in Work in Progress/ cost account less billings. However, Istisna'a receivables should be reported against the risk weighting category of the counterparty.
** Salam Contracts are subject to market risk and should not be included here.
CA-3.3 CA-3.3 Risk weighting — Off balance sheet items
CA-3.3.1
The framework takes account of the credit risk on off balance sheet
exposures by applying credit conversion factors to the different types of off balance sheet instruments or transactions.CA-3.3.2
The conversion factors are derived from the estimated size and likely occurrence of the credit
exposure , as well as the relative degree of credit risk as identified in theBasel Committee's paper on "The management of banks' off-balance-sheet exposures: a supervisory perspective" (see www.bis.org/publ/bcbsc134.pdf) issued in March 1986.CA-3.3.3
The credit conversion factors applicable to the off balance sheet items are set out in the table below:
Credit Conversion factors Off balance sheet items 100% Direct credit substitutes 50% Transaction-related contingent 20% Trade-related contingencies 100% Sale and repurchase agreements 100% Forward asset purchases 50% Underwriting commitments 50% Commitments with an original maturity of over 1 year, not unconditionally cancellable at anytime 0% Commitments with an original maturity of less than 1 year, unconditionally cancellable at anytime CA-3.3.4
The applicable credit conversion factors should be multiplied by the weights applicable to the category of the counterparty as set out below:
Risk weights Counterparty 0% Type (a)
— The Government of Bahrain.— Bahrain public sector entities.— Government-owned (non-banking) GCC companies incorporated in Bahrain.— Central government and central banks of GCC and OECD member countries.20% Type (b)
— Banks incorporated in Bahrain or GCC and OECD countries andsecurities firms.— Banks incorporated in classified countries (if the commitment has a residual life of 1 year or less).— Public sector entities in GCC and OECD countries.— Government-owned (non-banking) GCC companies incorporated outside Bahrain.100% Type (c)
— Banks incorporated in classified countries (if the commitment has a residual life of more than 1 year).— Central governments, central banks and public sector entities in classified countries.— Government-owned companies incorporated in non-GCC countries.— Private sector persons and entities in Bahrain and abroad.CA-4 CA-4 Equity risk
CA-4.1 CA-4.1 Introduction
CA-4.1.1
This chapter sets out the minimum capital requirements to cover the risk of holding or taking positions in equities in the bank's trading book.
CA-4.1.2
The minimum capital requirement for equities is expressed in terms of two separately calculated charges, one relating to the "specific risk" of holding a long position in an individual equity, and the other to the "general market risk" of holding a long position in the market as a whole.
CA-4.1.3
Where the bank has invested in shares/units of equity funds on Mudaraba financing and the bank has direct exposures in the equities which are traded in a recognised stock exchange, the shares/units are considered to be subject to equity risk. The equity position would be considered to be the net asset value as at the reporting date.
CA-4.2 CA-4.2 Specific risk calculation
CA-4.2.1
Specific risk is defined as the bank's gross equity positions (i.e. the sum of all equity positions and is calculated for each country or equity market).
CA-4.2.2
The capital charge for specific risk is 8%, unless the portfolio is both liquid and well-diversified, in which case the capital charge will be 4%. To qualify for the reduced 4% capital charge, the following requirements need to be met:
(a) The portfolio should be listed on a recognised stock exchange;(b) No individual equity position shall comprise more than 10% of the gross value of the country portfolio; and(c) The total value of the equity positions which individually comprise between 5% and 10% of the gross value of the country portfolio, shall not exceed 50% of the gross value of the country portfolio.CA-4.2.3
To qualify for reduced 4% capital charge on equity funds, the bank should acquire prior written approval from the Agency.
CA-4.3 CA-4.3 General risk calculation
CA-4.3.1
The general market risk is the difference between the sum of the long positions and the sum of the short positions (i.e. the overall net position) in each national equity market. In other words, to calculate the general market risk, the bank should sum the market value of its individual net positions for each national market, taking into account whether the positions are long or short.
CA-4.3.2
The general market equity risk measure is 8% of the overall net position in each national market.
CA-5 CA-5 Foreign exchange risk
CA-5.1 CA-5.1 Introduction
CA-5.1.1
This section describes the standardised method for calculation of the bank's foreign exchange risk, and the capital required against that risk.
CA-5.1.2
The measurement of the foreign exchange risk involves, as a first step, the calculation of the net open position in each individual currency including gold1 and as a second step, the measurement of the risks inherent in the bank's mix of assets and liabilities positions in different currencies.
1 Positions in gold should be treated as if they were foreign currency positions, rather than commodity positions, because the volatility of gold is more in line with that of foreign currencies and most banks manage it in a similar manner.
CA-5.1.3
A bank that holds net open positions (whether assets or liabilities) in foreign currencies is exposed to the risk that exchange rates may move against it. The open positions may be either trading positions or, simply, exposures caused by the bank's overall assets and liabilities. Where the bank is involved in option transactions, these should be agreed in advance with the Agency. The Agency will consider the appropriate treatment on a case by case basis.
CA-5.1.4
The open positions and the capital requirements are calculated with reference to the entire business (i.e. the banking and trading books).
CA-5.1.5
The open positions are calculated with reference to the bank's base currency, which will be either Bahraini Dinars (BD) or United States dollars (USD).
CA-5.1.6
In addition to foreign exchange risk, positions in foreign currencies may be subject to credit risk which should be treated separately.
CA-5.2 CA-5.2 De Minimis exemptions
CA-5.2.1
A bank doing negligible business in foreign currencies and which does not take foreign exchange positions for its own account may, at the discretion of the Agency and as evidenced by the Agency's prior written approval, be exempted from calculating the capital requirements on these positions. The Agency is likely to be guided by the following criteria in deciding to grant exemption to any bank:
(a) The bank's holdings or taking of positions in foreign currencies, including gold, defined as the greater of the sum of the gross asset positions and the sum of the gross liability position in all foreign positions and gold, does not exceed 100% of its eligible capital; and(b) The bank's overall net open position, as defined in section CA-5.3, does not exceed 2% of its eligible capital.CA-5.2.2
The criteria listed in paragraph CA-5.2.1 above are only intended to be guidelines, and a bank will not automatically qualify for exemptions upon meeting them. Banks doing negligible foreign currency business, which do not take foreign exchange positions for the bank's own account, and wish to seek exemption from foreign exchange risk capital requirements, should submit an application to the Agency, in writing. The Agency will have the discretion to grant such exemptions. The Agency may also, at its discretion, fix a minimum capital requirement for a bank that is exempted from calculating its foreign exchange risk capital requirement, to cover the risks inherent in its foreign currency business.
CA-5.2.3
The Agency may, at a future date, revoke an exemption granted to a bank, if the Agency is convinced that the conditions on which the exemption was granted no longer exist.
CA-5.3 CA-5.3 Calculation of net open positions
CA-5.3.1
A bank's exposure to foreign exchange risk in any currency is its net open position in that currency, which is calculated by summing the following items:
(a) The net spot position in the currency (i.e. all asset items less all liability items, including accrued profit, other income and expenses, denominated in the currency in question; assets are included gross of provisions for bad and doubtful debts, except in cases where the provisions are maintained in the same currency as the underlying assets);(b) The net forward position in the currency (i.e. all amounts to be received less all amounts to be paid under forward foreign exchange contracts, in the concerned currency);(c) Guarantees and similar off balance sheet contingent items that are certain to be called and are likely to be irrecoverable where the provisions, if any, are not maintained in the same currency;(d) Profits (i.e. the net value of income and expense accounts) held in the currency in question; and(e) Specific provisions held in the currency in question where the underlying asset is in a different currency, net of assets held in the currency in question where a specific provision is held in a different currency.CA-5.3.2
For calculating the net open position in gold, the bank will first express the net position (spot plus forward) in terms of the standard unit of measurement (i.e. ounces or grams) and then convert it at the current spot rate into the base currency.
CA-5.3.3
Where gold is part of a forward contract (i.e. quantity of gold to be received or to be delivered), any foreign currency exposure from the other leg of the contract should be reported.
Structural positions
CA-5.3.4
Positions of a structural nature (i.e. non-dealing), may be excluded from the calculation of the net open currency positions, these include positions related to items that are deducted from the bank's capital when calculating its capital base in accordance with the rules and guidelines issued by the Agency, such as investments denominated in foreign currencies in non-consolidated subsidiaries.
CA-5.3.5
The Agency will consider approving the exclusion of the above positions for the purpose of calculating the capital requirement, only if each of the following conditions is met:
(a) The concerned bank provides adequate documentary evidence to the Agency which establishes the fact that the positions proposed to be excluded are, indeed, of a structural nature (i.e. non-dealing) and are merely intended to protect the bank's capital adequacy ratio. For this purpose, the Agency may ask written representations from the bank's management or Directors.(b) Any exclusion of a position is consistently applied, with the treatment of the structural positions remaining the same for the life of the associated assets or other items.Calculation of the overall net open position
CA-5.3.6
The net position in each currency is converted at the spot rate, into the reporting currency. The overall net open position is measured by aggregating the following:
(a) The sum of the net liabilities positions or the sum of the net asset positions whichever is greater(b) The net position (liabilities and assets) in gold, regardless of signCA-5.3.7
Where the bank is assessing its foreign exchange on a consolidated basis, it may be technically impractical in the case of some marginal operations to include the currency positions of a foreign branch or subsidiary of the bank. In such cases, the internal limit for that branch/subsidiary, in each currency, may be used as a proxy for the positions. The branch/subsidiary limits should be added, without regard to sign, to the net open position in each currency involved. When this simplified approach to the treatment of currencies with marginal operations is adopted, the bank should adequately monitor the actual positions of the branch/subsidiary against the limits, and revise the limits, if necessary, based on the results of the ex-post monitoring.
CA-5.4 CA-5.4 Calculation of the capital charge
CA-5.4.1
The capital charge is 8% of the overall net open foreign currency position.
CA-5.4.2
The table below illustrates the calculation of the overall net open foreign currency position and the capital charge:
Example of the calculation of the foreign exchange overall net open position and the capital charge
GBP DEM SAR US$ JPY GOLD +200 +100 +70 −190 −40 −50 +370−23050 The capital charge is 8% of the higher of either the sum of the net long currency positions or the sum of the net short positions (i.e. 370) and of the net position in gold (i.e. 50) = 420 @ 8% = 33.6
CA-5.4.3
For illustration and calculation of the overall net open position and the capital charge for unrestricted / restricted investment account and corporate book, refer to section CA-5.3.
CA-6 CA-6 Commodities risk
CA-6.1 CA-6.1 Introduction
CA-6.1.1
This section sets out the minimum capital requirements to cover the risk of holding or taking positions in commodities, including precious metals, but excluding gold (which is treated as a foreign currency according to the methodology explained in chapter CA-5).
CA-6.1.2
The commodities position risk and the capital charges are calculated with reference to the entire business of a bank (i.e. the banking and trading books combined).
CA-6.1.3
The price risk in commodities is often more complex and volatile than that associated with currencies. Banks need to guard against the risk that arises when a liability (i.e. in a Parallel Salam transaction) position falls due before the asset position (i.e. a failure associated with or delay in the Salam contract). Owing to a shortage of liquidity in some markets, it might be difficult to close the Parallel Salam position and the bank might be "squeezed by the market". All these commodity market characteristics can result in price transparency and the effective management of risk.
CA-6.1.4
All contracts (Salam, Musharaka or Mudaraba) involving commodities as defined in section CA-1.3 are subject to commodities risk and a capital charge as per the provisions outlined in sections CA-6.2 to CA-6.4 should be computed.
CA-6.1.5
Banks should adopt either the simplified approach to calculate their commodities risk and the resultant capital charges or the maturity ladder approach. Where banks have Salam and Parallel Salam contracts, the maturity ladder approach must be used.
CA-6.2 CA-6.2 Calculation of commodities positions
CA-6.2.1
Banks will first express each commodity position (i.e. Salam and Parallel Salam) in terms of the standard unit of measurement (i.e. barrels, kilograms, grams, etc). Asset and liability positions in a commodity are reported on a net basis for the purpose of calculating the net open position in that commodity. For markets which have daily delivery dates, any contracts maturing within ten days of one another may be offset. The net position in each commodity is then converted, at spot rates, into the bank's reporting currency.
CA-6.2.2
Positions in different commodities cannot be offset for the purpose of calculating the open-positions as described in paragraph CA-6.2.1 above. However, where one or more sub-categories2 of the same category is in effect and are directly deliverable against each other, netting between those sub-categories is permitted. Furthermore, if two or more sub-categories of the same category is considered as close substitutes for each other, and minimum correlation of 0.9 between their price movements is clearly established over a minimum period of one year, the bank may, with the prior written approval of the Agency, net positions in those sub-categories.
2 Commodities can be grouped into clan, families, sub-groups and individual commodities. For example, a clan might be Energy Commodities, within which Hydro-Carbons is a family with Crude Oil being a sub-group and West Texas Intermediate, Arabian Light and Brent being individual commodities.
CA-6.2.3
Banks, which wish to net positions based on correlation (in the manner discussed in paragraph CA-6.2.2 above), will need to satisfy the Agency of the accuracy of the method which it proposes to adopt.
CA-6.3 CA-6.3 Maturity Ladder Approach
CA-6.3.1
A worked example of the maturity ladder approach is set out in Appendix CA 1 and the table below illustrates the maturity time-bands of the maturity ladder for each commodity. As stated in section CA-6.1, banks having Salam and Parallel Salam transactions must use the maturity ladder approach.
CA-6.3.2
The steps in the calculation of the commodities risk by the maturity ladder approach are:
(a) The net positions in individual commodities, expressed in terms of the standard unit of measurement, are first slotted into the maturity ladder. Physical stocks are allocated to the first-time band. A separate maturity ladder is used for each commodity as defined in section CA-6.2. The net positions in commodities are calculated as explained in section CA-6.2.(b) Asset and liability positions in the same time-band are matched. The sum of the matched asset and liability positions is multiplied first by the spot price of the commodity, and then by a spread of 1.5% for each time-band as set out in the table below. This represents the capital charge in order to capture all risks within a time-band (which, together, are sometimes referred to as curvature risk).
Time band3 0–1 months 1–3 months 3–6 months 6–12 months 1–2 years 2–3 years over 3 years (c) The residual (unmatched) net positions from nearer time-bands are then carried forward to offset opposite positions (i.e. asset against liability and vice versa) in time bands that are further out. However, a surcharge of 0.6% of the net position carried forward is added in respect of each time-band that the net position is carried forward, to recognise that such management of positions between different time-bands is imprecise. The surcharge is in addition to the capital charge for each matched amount created by carrying net positions forward, and is calculated as explained in step (b) above.(d) At the end of step (c), there will be either asset or liability positions, to which a capital charge of 15% will apply. The Agency recognises that there are differences in volatility between different commodities, but has, nevertheless, decided that one uniform capital charge for open positions in all commodities shall apply in the interest of simplicity of the measurement, and given the fact that banks normally run rather small open positions in commodities. Banks will be required to submit in writing, details of their commodities business in order to capture the market risk on this business and to enable the Agency to evaluate whether the models approach should be adopted by the bank.
3 Instruments, where the maturity is on the boundary of two maturity time-bands, should be placed into the earlier maturity band. For example, instruments with a maturity of exactly one-year are placed into the 6 to 12 months time-band.
CA-6.4 CA-6.4 Simplified Approach
CA-6.4.1
Banks who do not enter into Salam and Parallel Salam transactions and do not have any short positions in commodities may use the simplified approach to compute the capital charge. In the simplified approach, the capital charge is computed at 15% of the net position. Net positions in commodities are calculated as explained in section CA-6.2. For the time being the Agency is not requiring additional 3% capital charge for basis risk.
CA-7 CA-7 Gearing requirements
CA-7.1 CA-7.1 Gearing
CA-7.1.1
The content of this chapter is applicable to locally incorporated banks and FCB
branches (licensed by the Agency) of foreign banks.Measurement
CA-7.1.2
The Gearing ratio is measured with reference to the ratio of
deposit liabilities against the bank's capital and reserves as reported in its PIRI.Gearing limit
CA-7.1.3
For Full Commercial Bank and Offshore Banking Unit licensees,
deposit liabilities should not exceed 20 times the respective bank's capital and reserves.CA-7.1.4
For Investment Bank licensees,
deposit liabilities should not exceed 10 times the respective bank's capital and reserves.CA CA Capital Adequacy (October 2007)
CA-A CA-A Introduction
CA-A.1 CA-A.1 Application
CA-A.1.1
Regulations in this Module are applicable to locally incorporated banks on both a stand-alone basis (i.e. including their foreign
branches ), and on a consolidated group basis (i.e. including their subsidiaries and any other investments which are included or consolidated into the group accounts or are required to be consolidated for regulatory purposes by the CBB).October 07CA-A.1.2
In addition to licensees mentioned in Paragraph CA-A.1.1, certain of these regulations (in particular gearing and market risk requirements) are also applicable to Bahrain
branches of foreign retail bank licensees.October 07CA-A.2 CA-A.2 Purpose
CA-A.2.1
The purpose of this Module is to set out the Central Bank's
capital adequacy regulations and provide guidance on the risk measurement for the calculation of capital requirements by banks referred to under CA-A.1.1. This requirement is supported by Article 44(c) of the Central Bank of Bahrain and Financial Institutions Law (Decree No. 64 of 2006).October 07CA-A.2.2
The Module also sets out the minimum gearing requirements which relevant banks (referred to in Section CA-A.1) must meet as a condition of their licensing.
October 07CA-A.2.3
The Central Bank requires in particular that the relevant banks maintain adequate capital, in accordance with the Regulation in this Module, against their risks.
October 07CA-A.2.4
Principle 9 of the Principles of Business requires that
conventional bank licensees maintain adequate human, financial and other resources, sufficient to run their business in an orderly manner (see Section PB-1.9). In addition, Condition 5 of CBB's Licensing Conditions (Section LR-2.5) requiresconventional bank licensees to maintain financial resources in excess of the minimum requirements specified in Module CA (Capital Adequacy).October 07CA-A.2.5
The requirements specified in this Module vary according to the Category of
Islamic bank licensee concerned, their inherent risk profile, and the volume and type of business undertaken. The purpose of such requirements is to ensure thatIslamic bank licensees hold sufficient capital to provide some protection against unexpected losses, and otherwise allow conventional banks to effect an orderly wind-down of their operations, without loss to their depositors. The minimum capital requirements specified here may not be sufficient to absorb all unexpected losses.October 07Legal Basis
CA-A.2.6
This Module contains the CBB's Directive relating to the capital adequacy of
Islamic bank licensees , and is issued under the powers available to the CBB under Article 38 of the CBB Law. The Directive in this Module is applicable to allIslamic bank licensees .October 07CA-A.2.7
For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.
October 07CA-A.3 CA-A.3 Module History
CA-A.3.1
This Module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date . Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG 3 provides further details on Rulebook maintenance and version control.
October 07CA-A.3.2
A list of most recent changes made to this Module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes CA-A.1 10/2007 New Rule CA-A.1.4 introduced, categorising this Module as a Directive. CA-1.1 10/2007 Minor change to notification period in Rule CA-1.1.4. October 07Evolution of the Module
CA-A.3.3
Prior to the development of Rulebook, the Central Bank had issued various circulars relating to
capital adequacy requirements. These circulars were consolidated into this Module. These circulars are listed below:Circular Ref. Date of Issue Module Ref. Circular Subject PIRI BC/09/01 26 Nov 2001 CA Prudential Information Returns for Islamic Financial Institutions OG/78/01 20 Feb 2001 CA 2.5 Monitoring of Capital Adequacy BC/01/98 10 Jan 1998 CA 2.5 Risk Asset Ratio October 07Effective date
CA-A.3.4
The contents in this Module are effective from the date depicted in the original circulars (see Paragraph CA-A.3.3) or from the dates mentioned in the Summary of Changes.
October 07CA-B CA-B General guidance and best practice
CA-B.1 CA-B.1 Guidance provided by other international bodies
Basel Committee : The management of banks' off-balance-sheetexposures – a supervisory perspectiveOctober 07CA-B.1.1
In March 1986, the
Basel Committee on Banking Supervision issued a paper titled 'The management of banks' off-balance-sheet exposures – a supervisory perspective' (see www.bis.org/publ/bcbsc134.pdf).October 07CA-B.1.2
This paper examines off-balance-sheet risks from three angles - market/position risk, credit risk and operational/control risk. Part III of this paper examines credit risk (including control of large exposures, settlement risk and country risk), with particular emphasis given to the assessment of the relative risks of the different types of off-balance-sheet activity.
October 07CA-1 CA-1 Scope and coverage of capital charges
CA-1.1 CA-1.1 Introduction
CA-1.1.1
All locally incorporated banks are required to measure and apply capital charges in respect of their fiduciary and displaced commercial risk, credit and market risk capital requirements.
October 07CA-1.1.2
Fiduciary Risk is outlined in the IFSB Guiding Principles on Corporate Governance (Principle 2.1, Paragraphs 22 onward). Displaced Commercial Risk is defined in the IFSB Exposure Draft No4 (Paragraphs 83 onward). Both papers are available at the IFSB website (www.ifsb.org).
October 07CA-1.1.3
Credit risk is defined as the potential that a bank's
counterparty will fail to meet its obligations in accordance with agreed terms. Credit risk exists throughout the activities of a bank in the banking book and in the trading book including both on- and off-balance-sheetexposures .October 07CA-1.1.4
Market risk is defined as the risk of losses in on- or off-balance-sheet positions arising from movements in market prices. The risks subject to the capital requirement of this Module are:
(a) The risks pertaining to equities in the trading book;(b) Foreign exchange risk throughout the bank; and(c) Commodity risk throughout the bank.October 07CA-1.2 CA-1.2 Measuring fiduciary and displacement risks
CA-1.2.1
Islamic banks mobilise funds on a profit and loss sharing basis (PLS). However, certain risks are associated with such PLS accounts. These risks are referred to as fiduciary and displaced commercial risk.
October 07CA-1.2.2
To cater for these risks the Central Bank has accepted the recommendations contained in the AAOIFI's statements and requires the inclusion of 50% of the risk weighted assets of the Profit Sharing Investment Accounts (PSIA) in the denominator of the capital adequacy ratio.
October 07CA-1.3 CA-1.3 Measuring credit risks
CA-1.3.1
In measuring credit risk for the purpose of
capital adequacy , banks are required to apply a simple risk-weighted approach through which claims of different categories of counterparties are assigned risk weights according to broad categories of relative riskiness.October 07CA-1.3.2
The Central Bank has adopted the risk weightings recommended by the Basel Committee on Banking Supervision, where applicable. However, the Basel Committee does not define the risk weightings for some of the specific Islamic contracts.
October 07CA-1.3.3
In Islamic banking, the legal form is as important as the substance of the transaction otherwise the transaction would not be permissible under Shari'a. Therefore, when assigning risk weights to the various Islamic contracts, banks should consider the legal form of the transactions as well as the substance.
October 07CA-1.3.4
The framework of weights consists of four weights – 0%, 20%, 50% and 100% for on- and off-balance-sheet items, which based on a broad-brush judgement, are applied to the different types of assets and off-balance-sheet
exposures within the banking book.October 07CA-1.3.5
The resultant different weighted assets and off-balance-sheet
exposures are then added together to calculate the total credit-risk-weighted assets of the bank.October 07CA-1.3.6
The Central Bank has addressed the issue of the risk weightings for some of the commonly used Islamic contracts. If banks are involved in contracts not covered below they should contact the Central Bank and agree on an appropriate risk-weighting Category.
October 07Murabaha and Murabaha to the purchase orderer
CA-1.3.7
The Central Bank as a policy requires that all Murabaha contracts be based on binding promises. The Murabaha receivables should be assigned a risk weight based on the credit standing of the obligor as recommended by the Basel Committee.
October 07Mudaraba contracts
CA-1.3.8
Mudaraba contracts should be assigned a risk weighting according to the underlying investments. Where Mudaraba funds are invested in securities listed on recognised exchanges and the price volatility is based on market movements, these should be removed from credit risk weightings and subject to market risk regulations. Examples would be equity Mudarabas where banks may have direct exposure in the value of the underlying equities or commodity Mudarabas.
October 07CA-1.3.9
Investments in other Mudarabas such as real estate or leasing should be assigned risk weightings according to the standing of the underlying investment as per the Basel Capital Accord.
October 07CA-1.3.10
Where a Mudaraba fund invests in another Mudaraba contract, which in turn makes investments at its own discretion, the risk weight would be based on the credit standing of the counterparty (investee Mudarib) as recommended by the Basel Committee. Investments in particular asset classes made at the discretion of the (investor) Mudaraba fund should be assigned risk weighting according to the underlying investments, where possible.
October 07Musharaka contracts
CA-1.3.11
Musharaka contracts refer to partnerships in specific transactions or projects. These exclude participation in the share capital (equity) of other enterprises. Risk weights should be assigned in accordance with the standings of the underlying investment as per the guidelines of the Basel Committee. Musharaka in real estate, plant and machinery or other similar assets attract a 100% risk weighting.
October 07CA-1.3.12
Musharakas in trading transactions will attract risk weighting as per the standing of the underlying investment, which in all cases would attract a 100% risk weighting. Where the transaction involves trading in commodities which may be traded in secondary markets, these should be removed from credit risk weighting and subjected to market risk regulations.
October 07CA-1.3.13
In cases where it is difficult to ascertain the composition of the underlying asset, risk weight would be assigned based on the credit standing of the counterparty.
October 07Ijarah / Ijarah Muntahia Bittamleek assets
CA-1.3.14
Under Shari'a, substantial risks and rewards of ownership of assets may not be transferred to lessees. Therefore, assets acquired for the purpose of leasing under Ijarah or Ijarah Muntahia Bittamleek contracts should be carried on the balance sheet of the lessor and assigned a risk weighting of 100%.
October 07CA-1.3.15
However, where these are residential properties, leased under Ijarah Muntahia Bittamleek with the lessee's option to buy at the end of the lease term and to use the properties for residential purposes, a 50% risk weighting is assigned, where the lessor has a first enforceable charge on the assets.
October 07Istisna'a and parallel Istisna'a contracts
CA-1.3.16
The accounting for these contracts should be in accordance with Financial Accounting Standard (FAS) No. 10: Istisna'a and Parallel Istisna'a, issued by AAOIFI.
October 07CA-1.3.17
Istisna'a and parallel Istisna'a contracts would attract risk weighting as per the credit standing of the respective counterparties in accordance with the Basel Committee.
October 07Salam and parallel Salam
CA-1.3.18
Amounts paid in respect of Salam contracts (for which there exists a parallel Salam contract) should normally be assigned a risk weight as per the credit standing of the customer in accordance with the Basel Committee.
October 07CA-1.3.19
Salam and parallel Salam contracts would attract risk weighting as per the credit standing of the respective counterparties in accordance with the Basel Committee.
October 07Participations and equity investments
CA-1.3.20
The supervision of banks for capital adequacy purposes is carried out on a consolidated basis, taking into account all holdings of the capital of other entities by the concerned bank. For subsidiaries, the preferred mode of consolidation is to add the assets and liabilities into the accounts of the parent on a line-by-line basis. For associate companies (i.e. where the parent bank owns 20% or more of the voting stock, and/or has voting control of the concerned company), the assets and liabilities should also be consolidated on a line-by-line basis. If banks do not wish to consolidate subsidiaries or associates (that meet the above criteria), they must contact the Central Bank to agree on the accounting treatment to be used. Participations and investments which amount to below 20% of the voting capital of the concerned company should be accounted for at fair value and weighted at 100%.
October 07CA-1.3.21
Banks which have subsidiary and associate companies must also be supervised for capital adequacy on a solo basis (i.e. after deducting all holdings of the share capital of all subsidiaries and associates (that meet the criteria in Paragraph CA-1.3.20 above) and excluding all their assets and liabilities from the accounts of the parent bank). Holdings of other participations and equity investments need not be deducted on a solo basis, but should be accounted for at fair value and weighted at 100%. Banks should note Paragraph CA-2.2.6 in respect of the treatment described in this Paragraph and in Paragraph CA-1.3.20.
October 07Intra fund balances
CA-1.3.22
Transactions between the corporate book (i.e. self-financed and financed by unrestricted investment accounts) and restricted investment accounts are not allowed, unless approved by the Central Bank on a temporary basis.
October 07CA-1.3.23
If permitted by the Central Bank, on a temporary basis, the following weightings will be applied:
(a) Corporate or unrestricted investment funds invested in Restricted Investment Accounts.
Risk weighting would be assigned on the underlying asset as per the Basel Committee Guidelines and in accordance with the guidance set out under Chapters CA-1 to CA-6.(b) Restricted investment account funds invested in corporate books.(i) In the corporate books, the assets financed by restricted investment accounts would be included as part of the corporate assets and risk weighting assigned in accordance with the guidelines.(ii) 0% risk weighting should be assigned to the funds invested by the restricted investment accounts in the corporate books in order to avoid double counting as the resultant assets are already risk weighted in the Bank's books.(iii) Banks must agree with the Central Bank on the treatment of investments by restricted investment accounts in the corporate book. The Central Bank will consider each case on its merit.October 07CA-1.4 CA-1.4 Measuring market risks
Trading book
CA-1.4.1
The trading book means the bank's positions in financial instruments (including off-balance sheet instruments that are intentionally held for short-term resale and/or which are taken on by the bank with the intention of benefiting in the short-term from actual and/or expected differences between their buying and selling prices, or from other price variations, and positions in financial instruments arising from matched principal brokering and market making). Treatment of risks associated with any option transactions should be agreed in advance with the Central Bank, who will consider the issue on a case by case basis.
October 07CA-1.4.2
Each bank should agree to a written policy statement with the Central Bank as to which activities are normally considered trading and constitute part of the trading book. Trading book's definition should be consistently applied by the bank from year to year.
October 07CA-1.4.3
It is expected that the trading activities will be managed and monitored by a separate unit and that such activities should be identifiable because of their intent, as defined in Paragraph CA-1.4.1 above.
October 07Equity risk
CA-1.4.4
The capital charges for equities will apply based on the current market values of items in a bank's trading book.
October 07Foreign exchange and commodities risk
CA-1.4.5
The capital charges for foreign exchange risk and for commodity risk will apply to a bank's total currency and commodity positions, with the exception of structural foreign exchange positions in accordance with Section CA-5.3 of these regulations.
October 07Exemptions
CA-1.4.6
Banks will be allowed certain de minimis exemptions from the capital requirements for foreign exchange risk, as described in Section CA-5.2 of these regulations. For the time being, there shall be no exemptions from the trading requirements, or from the capital requirements for commodity risk.
October 07Bank's own fund and Profit and Loss Sharing Investment Accounts (PSIA)
CA-1.4.7
Banks must compute capital charges for own funds subject to market risk, as well as those of the PSIA. For the purpose of computing the capital adequacy ratio, 50% of the bank's market risk weighted assets relating to the PSIA (restricted and unrestricted) must be included in accordance with AAOIFI's Statement on Purpose and Calculation of the Capital Adequacy Ratio for Islamic Banks.
October 07Consolidation
CA-1.4.8
As with the credit risk capital requirements, the market risk capital requirements apply on a worldwide consolidated basis. Only a bank, which is running a global consolidated book, may apply the offsetting rules contained in the remainder of these regulations, on a consolidated basis with the prior written agreement of the Central Bank. However, where it would not be prudent to offset or net positions within the group, for example where there are obstacles to the quick repatriation of profits from a foreign subsidiary or where there are legal and procedural difficulties in carrying out the timely management of risks on a consolidated basis, the Central Bank will require the bank to take individual positions into account without any offsetting.
October 07CA-1.4.9
Notwithstanding that the market risk capital requirements apply on a worldwide consolidated basis, the Central Bank also monitors the market risks of banks on a non-consolidated basis to ensure that significant imbalances within a group do not escape supervision. The Central Bank is particularly vigilant to ensure that banks do not pass positions on reporting dates in such a way as to escape measurement.
October 07Approach to measurement
CA-1.4.10
For the measurement of their market risks, banks will measure the risks in a standardised manner, using the measurement framework described in Chapters CA-4 to CA-6.
October 07CA-1.4.11
The standardised methodology uses a 'building block' in which the capital charge for each risk Category is determined separately. For equity positions risk, separate capital charge for specific risk and the general market risk arising from these positions are calculated. The specific market risk is defined as the risk of loss caused by an adverse price movement of a security/ units due principally to factors related to the issuer. The general market risk is defined as the risk of loss arising from adverse changes in aggregate market prices. For commodities and foreign exchange, there is only one general market risk capital requirement.
October 07CA-1.4.12
All transactions, including forward sales and purchases, shall be included in the calculation of capital requirements as from the date on which they were entered into.
October 07Monitoring
CA-1.4.13
Formal reporting, to the Central Bank, of the market risk exposure and capital adequacy shall take place as at the end of each calendar quarter. The returns relating to any quarter should be submitted to the Central Bank by the 20th day of the first month of the following quarter. Furthermore, banks are expected to manage their market risk in such a way that the capital requirements for market risk are being met on a continuous basis (i.e. at the close of each business day and not merely at the end of each calendar quarter). Banks are also expected to maintain strict risk management systems to ensure that their intra-day exposures are not excessive.
October 07CA-1.4.14
Banks' daily compliance with the capital requirements for market risk will be verified by the independent risk management department and the internal auditor. It is expected that the external auditors will perform appropriate tests of the bank's daily compliance with the capital requirements for market risk. Where a bank fails to meet the minimum capital requirements for market risk on any business day, the Central Bank must be informed in writing. The Central Bank will then seek to ensure that the bank takes immediate measures to rectify the situation.
October 07CA-1.4.15
Besides what is stated in Paragraph CA-1.4.14 above, the Central Bank will consider a number of other appropriate and effective measures to ensure that banks do not 'window dress' by showing significantly lower market risk positions on reporting dates.
October 07CA-1.5 CA-1.5 Reporting
CA-1.5.1
Formal reporting, to the Central Bank, of
capital adequacy shall be made in accordance with the requirements set out under Section BR-3.1.October 07CA-1.6 CA-1.6 Summary of overall capital adequacy requirements
CA-1.6.1
Each bank is expected to monitor and report the level of risk against which a capital requirement is to be applied, in accordance with Section CA-1.4. The bank's overall minimum capital requirement will be:
(a) The credit risk requirements laid down in these regulations; PLUS(b) The capital charges for market risks calculated according to the measurement frameworks described in Chapters CA-4 to CA-6, summed arithmetically.October 07CA-2 CA-2 The capital requirement
CA-2.1 CA-2.1 Introduction
CA-2.1.1
Regulatory Capital is the sum of the following components (as defined in Rules CA-2.2.1 to CA-2.2.6), subject to the restrictions set out in Section CA-2.3:• Tier 1: Supports the calculation of credit risk weighted assets and at least 28.57% of market risk.• Tier 2: Supports credit risk and market risk subject to limitations.October 07CA-2.1.2
For the purpose of calculating its Capital Adequacy Ratio (CAR), the risk-weighted assets of an Islamic bank consist of the sum of the risk-weighted assets financed by the Islamic bank's own capital and liabilities, plus 50% of the risk-weighted assets financed by the Islamic bank's PSIA. This applies to both unrestricted PSIA that are accounted for on the Islamic bank's balance sheet and restricted PSIA that are accounted for off the balance sheet.
October 07CA-2.2 CA-2.2 Definition of capital
Tier 1 capital
CA-2.2.1
Tier Capital forms the numerator of the Capital Adequacy Ratio. It is defined as the cornerstone of a bank's strength.
October 07CA-2.2.2
The essential characteristics of capital are that it should:
(a) Represent a permanent and unrestricted commitment of funds;(b) Be freely available to absorb losses and thereby enable a bank to keep operating whilst any problems are resolved;(c) Not impose any unavoidable charge on the earnings of the bank.October 07CA-2.2.3
For the purpose of defining Tier capital, the Central Bank has broadly adopted the recommendations contained in AAOIFI's Statement on the Purpose and Calculation of Capital Adequacy for Islamic Banks. However, some restrictions have been placed on the inclusion of profit equalisation and investment risk reserve as Tier 2 capital. For components of Tier 1 and Tier 2 capital refer to Paragraphs CA-2.2.1 to CA-2.2.6.
October 07Tier 1: Core capital
CA-2.2.4
Tier 1 capital shall consist of the sum of items (a) to (b) below, less the sum of items (c) to (d) below:
(a) Bank's permanent share capital and disclosed reserves in the form of legal, general and other reserves created by appropriations of retained earnings, share premium, capital redemption reserves and other surplus (as shown in its balance sheet), but excluding revaluation reserves and prudential reserves (profit equalisation reserves and investment risk reserve as defined in the AAOIFI's Financial Accounting Standard No: 11 Provisions and Reserves).
In case of an Islamic fund having participation and / or 'B' class shares (not carrying voting rights), their treatment as capital or unrestricted investment accounts (for the purpose these regulations) must be agreed with the Central Bank. The Central Bank will consider each case on its merit.(b) Minority interests, arising on consolidation, in the equity of subsidiaries that are less than wholly owned.
LESS:(c) Goodwill(d) Current year's cumulative net losses which have been reviewed as per the International Standards on Auditing (ISA) by the external auditors.October 07Tier 2: Supplementary capital
CA-2.2.5
Tier 2 capital shall consist of the following items:
(a) Interim retained profits that have been reviewed as per the ISA by the external auditors.(b)Asset revaluation reserves , which arise in two ways. Firstly, these reserves can arise from the revaluation of fixed assets from time to time in line with the change in market values, and are reflected on the face of the balance sheet as a revaluation reserve. Secondly, hidden values or 'latent' revaluation reserves may be present as a result of long-term holdings of equity securities valued in the balance sheet at the historical cost of acquisition. Both types of revaluation reserve may be included in Tier 2 capital, with the concurrence of the external auditors, provided that the assets are prudently valued, fully reflecting the possibility of price and forced sale. In the case of 'latent' revaluation reserves, a discount of 55% will be applied to the difference between the historical cost book value and the market value to reflect the potential volatility of this form of unrealised capital.(c) General provisions held against the future, presently unidentified, losses are freely available to meet losses that subsequently materialise and therefore, qualify for inclusion within supplementary elements of capital, subject to a maximum of 1.25% of total risk-weighted assets (both credit and market risk weighted). Prescriptions ascribed to impairment of particular assets or known liabilities should be excluded.(d) Profit equalisation reserve and investment risk reserve as defined in FAS No. 11: Provisions and Reserves, issued by AAOIFI, up to a maximum amount equal to the capital charge pertaining to the 50% the risk weighted assets financed by unrestricted and restricted investment account holders.(e) 45% of unrealised gains on equitysecurities held as available-for-sale (on an aggregate net-basis).October 07Deductions from Tier 1 and Tier 2 capital
CA-2.2.6
For the calculation of capital adequacy on a solo basis, the following item shall be deducted from the sum of Tier 1 and Tier 2 capital (goodwill will have been already deducted from Tier 1 capital):
(a) Investments in and financing of a capital nature to unconsolidated subsidiaries and associates. The assets representing the investments in subsidiary companies whose capital is deducted from that of the parent would not be included in total assets for the purpose of computing the capital adequacy ratio.(b) Holdings of own shares and any financing facility provided to the parent company to finance the shares of the subsidiary.October 07CA-2.3 CA-2.3 Limits on the use of different forms of capital
CA-2.3.1
The following constraints apply to the CAR calculations:
Constraint 1: Tier 2 capital allocated to credit risk (see Section A20.7 of guidelines in Appendix BR-3)
should be less than or equal to
50% of the Tier 1 capital allocated to credit risk (see Section A20.6 of guidelines in Appendix BR-3)Constraint 2: Tier 2 capital allocated to market risk (see Section A20.13 of guidelines in Appendix BR-3) plus Tier 2 capital allocated to credit risk (see Section A20.7 of guidelines in Appendix BR-3)
should be less than or equal to
Total Tier 1 capital available (see Section A20.1 of guidelines in Appendix BR-3)October 07CA-2.4 CA-2.4 Calculation of the CAR for Islamic banks
CA-2.4.1
Firstly, the banks should calculate minimum capital required (Section A20.4 or A9.14 of guidelines in Appendix BR-3) by reference to credit risk in accordance with these regulations, excluding equity securities in the trading book and all positions in commodities. This figure will constitute minimum capital required to cover credit risk (Section A20.5 of guidelines in Appendix BR-3).
October 07CA-2.4.2
Secondly, the banks should calculate minimum capital required (Section A20.9 or A17.14 of guidelines in Appendix BR-3) by reference to the measure of market risk (i.e. specific risk plus general market risk) in accordance with the regulations contained in Section CA-1.4. This figure will constitute minimum capital required to cover market risk (Section A21.10 of guidelines in Appendix BR-3).
October 07CA-2.4.3
Thirdly, the amount resulting from the above requirement (Section A20.10 of guidelines in Appendix BR-3) should be multiplied by 28.57%. This is the minimum capital charge which should be supported by Tier 1 capital allocated to market risk weighted exposures (Section A20.12 of guidelines in Appendix BR-3); therefore, the balance amount in Tier 1 capital should be the amount allocated to support credit risk weighted assets (Section A20.6 of guidelines in Appendix BR-3).
October 07CA-2.4.4
The balance of the credit risk weighted assets may be supported by Tier 2 capital amount in Section A-20.7 of guidelines in Appendix BR-3 (subject to constraint stated in Section CA-2.3).
October 07CA-2.4.5
Further, the residual amount in Tier 2 capital (Section A-20.13 of guidelines in Appendix BR-3) may be used to support the balance subject to the condition stated in Paragraph CA-2.4.3.
October 07CA-2.5 CA-2.5 Minimum capital ratio requirement
CA-2.5.1
The Central Bank has established that the minimum capital ratio required for all Islamic banks incorporated in Bahrain is 12%. Furthermore, on a solo basis, the parent bank of a group is required to maintain a minimum RAR of 8.0% (i.e. unconsolidated).
October 07Maintaining minimum RAR
CA-2.5.2
All locally incorporated banks must give the Central Bank immediate written notification of any actual breach by such banks of either or both of the above RARs. Where such notification is given, the bank must also provide the Central Bank:
(a) No later than one calendar week after the notification, with a written action plan setting out how the bank proposes to restore the relevant RAR(s) to the required minimum level(s) set out above and, further, describing how the bank will ensure that a breach of such RAR(s) will not occur again in the future; and(b) With a weekly report thereafter on the bank's relevant RAR(s) until such RAR(s) have reached the required target level(s) set out below.October 07CA-2.5.3
In addition, the Central Bank considers it a matter of best practice that, in order to ensure that these RARs are constantly met, that banks set up internal 'targets' of 12.5% (on a consolidated basis) and 8.5% (on a solo basis) to warn them of a potential fall by the bank below the Central Bank's required minimum RARs as set out above.
October 07CA-2.5.4
Where a bank's capital ratio falls below its target ratio, the General Manager should notify the Director of Banking Supervision at the Central Bank immediately. No formal action plan will be necessary, however the General Manager should explain what measures are being implemented to ensure that the bank will remain above its minimum RAR(s).
October 07CA-2.5.5
The bank will be required to submit the PIRI forms to the Central Bank on a monthly basis, until the RAR(s) exceeds its target ratio(s).
October 07CA-2.5.6
The Central Bank will notify banks in writing of any action required of them with regard to the corrective and preventive action (as appropriate) proposed by the bank pursuant to the above, as well as of any other requirement of the Central Bank in any particular case.
October 07CA-2.5.7
Banks should note that the Central Bank considers the breach of RARs to be a very serious matter. Consequently, the Central Bank may (at its discretion) subject a bank which breaches its RAR(s) to a formal licensing reappraisal. Such reappraisal may be effected either through the Central Bank's own inspection function or through the use of Reporting Accountants, as appropriate. Following such appraisal, the Central Bank will notify the bank concerned in writing of its conclusions with regard to the continued licensing of the bank.
October 07CA-2.5.8
The Central Bank recommends that the bank's compliance officer supports and cooperates with the Central Bank in the monitoring and reporting of the capital ratios and other regulatory reporting matters. Compliance officers should ensure that their banks have adequate internal systems and controls to comply with these regulations.
October 07CA-3 CA-3 Credit risk
CA-3.1 CA-3.1 Introduction
CA-3.1.1
This Chapter describes the standardised approach for the measurement of the credit risk
exposure in the bank's banking book.October 07CA-3.2 CA-3.2 Risk weighting – On-balance-sheet asset Category
CA-3.2.1
Risk weights by Category of on-balance-sheet asset are illustrated in the table below:
Risk weights Category of on-balance-sheet assets/claims 0% (a) Cash;(b) Holdings of Gold bullion and coins;(c) The government of Bahrain & Bahrain public sector entities;(d) Government-owned GCC companies incorporated in Bahrain;(e) Central governments and central banks of GCC and OECD countries; and(f) Central governments and central banks of classified countries where denominated and funded in local currency.20% (a) Cash items in process of collection;(b) Multilateral development banks;(c) Banks and securities firms incorporated in Bahrain, other GCC and OECD countries;(d) Banks incorporated in classified countries with a residual maturity less than 1 year;(e) Public sector entities in GCC and OECD countries; and(f) Government-owned GCC companies incorporated outside Bahrain.50% Mortgages backed by residential property 100% (a) Related parties(b) Holdings of other banks' and securities firms' capital instruments(c) Banks incorporated in classified countries with a residual maturity of over 1 year(d) Central governments and central banks of classified countries (not included above)(e) Public sector entities of classified countries(f) Government-owned companies in non-GCC countries(g) Private sector persons and entities in and outside Bahrain(h) Istisna'a assets*(i) Ijarah / Ijarah Muntahia Bittamleek assets(j) Real estate investments(k) Other assets not reported elsewhere**
* This represents balance in Work in Progress/ cost account less billings. However, Istisna'a receivables should be reported against the risk weighting Category of the counterparty.
** Salam Contracts are subject to market risk and should not be included here.
October 07CA-3.3 CA-3.3 Risk weighting – Off-balance-sheet items
CA-3.3.1
The framework takes account of the credit risk on off-balance-sheet
exposures by applying credit conversion factors to the different types of off-balance-sheet instruments or transactions.October 07CA-3.3.2
The conversion factors are derived from the estimated size and likely occurrence of the credit
exposure , as well as the relative degree of credit risk as identified in theBasel Committee 's paper on 'The management of banks' off-balance-sheet exposures: a supervisory perspective' (see www.bis.org/publ/bcbsc134.pdf) issued in March 1986.October 07CA-3.3.3
The credit conversion factors applicable to the off-balance-sheet items are set out in the table below:
Credit Conversion factors Off-balance-sheet items 100% Direct credit substitutes 50% Transaction-related contingent 20% Trade-related contingencies 100% Sale and repurchase agreements 100% Forward asset purchases 50% Underwriting commitments 50% Commitments with an original maturity of over 1 year, not unconditionally cancellable at anytime 0% Commitments with an original maturity of less than 1 year, unconditionally cancellable at anytime October 07CA-3.3.4
The applicable credit conversion factors should be multiplied by the weights applicable to the Category of the
counterparty as set out below:Risk weights Counterparty 0% Type (a) • The Government of Bahrain.• Bahrain public sector entities.• Government-owned (non-banking) GCC companies incorporated in Bahrain.• Central government and central banks of GCC and OECD member countries.20% Type (b) • Banks incorporated in Bahrain or GCC and OECD countries andsecurities firms.• Banks incorporated in classified countries (if the commitment has a residual life of 1 year or less).• Public sector entities in GCC and OECD countries.• Government-owned (non-banking) GCC companies incorporated outside Bahrain.100% Type (c) • Banks incorporated in classified countries (if the commitment has a residual life of more than 1 year).• Central governments, central banks and public sector entities in classified countries.• Government-owned companies incorporated in non-GCC countries.• Private sector persons and entities in Bahrain and abroad.October 07CA-4 CA-4 Equity risk
CA-4.1 CA-4.1 Introduction
CA-4.1.1
This Chapter sets out the minimum capital requirements to cover the risk of holding or taking positions in equities in the bank's trading book.
October 07CA-4.1.2
The minimum capital requirement for equities is expressed in terms of two separately calculated charges, one relating to the 'specific risk' of holding a long position in an individual equity, and the other to the 'general market risk' of holding a long position in the market as a whole.
October 07CA-4.1.3
Where the bank has invested in shares/units of equity funds on Mudaraba financing and the bank has direct exposures in the equities which are traded in a recognised stock exchange, the shares/units are considered to be subject to equity risk. The equity position would be considered to be the net asset value as at the reporting date.
October 07CA-4.2 CA-4.2 Specific risk calculation
CA-4.2.1
Specific risk is defined as the bank's gross equity positions (i.e. the sum of all equity positions and is calculated for each country or equity market).
October 07CA-4.2.2
The capital charge for specific risk is 8%, unless the portfolio is both liquid and well-diversified, in which case the capital charge will be 4%. To qualify for the reduced 4% capital charge, the following requirements need to be met:
(a) The portfolio should be listed on a recognised stock exchange;(b) No individual equity position shall comprise more than 10% of the gross value of the country portfolio; and(c) The total value of the equity positions which individually comprise between 5% and 10% of the gross value of the country portfolio, shall not exceed 50% of the gross value of the country portfolio.October 07CA-4.2.3
To qualify for reduced 4% capital charge on equity funds, the bank should acquire prior written approval from the Central Bank.
October 07CA-4.3 CA-4.3 General risk calculation
CA-4.3.1
The general market risk is the difference between the sum of the long positions and the sum of the short positions (i.e. the overall net position) in each national equity market. In other words, to calculate the general market risk, the bank should sum the market value of its individual net positions for each national market, taking into account whether the positions are long or short.
October 07CA-4.3.2
The general market equity risk measure is 8% of the overall net position in each national market.
October 07CA-5 CA-5 Foreign exchange risk
CA-5.1 CA-5.1 Introduction
CA-5.1.1
This Section describes the standardised method for calculation of the bank's foreign exchange risk, and the capital required against that risk.
October 07CA-5.1.2
The measurement of the foreign exchange risk involves, as a first step, the calculation of the net open position in each individual currency including gold1 and as a second step, the measurement of the risks inherent in the bank's mix of assets and liabilities positions in different currencies.
1 Positions in gold should be treated as if they were foreign currency positions, rather than commodity positions, because the volatility of gold is more in line with that of foreign currencies and most banks manage it in a similar manner.
October 07CA-5.1.3
A bank that holds net open positions (whether assets or liabilities) in foreign currencies is exposed to the risk that exchange rates may move against it. The open positions may be either trading positions or, simply, exposures caused by the bank's overall assets and liabilities. Where the bank is involved in option transactions, these should be agreed in advance with the Central Bank. The Central Bank will consider the appropriate treatment on a case by case basis.
October 07CA-5.1.4
The open positions and the capital requirements are calculated with reference to the entire business (i.e. the banking and trading books).
October 07CA-5.1.5
The open positions are calculated with reference to the bank's base currency, which will be either Bahrain Dinars (BD) or United States dollars (USD).
October 07CA-5.1.6
In addition to foreign exchange risk, positions in foreign currencies may be subject to credit risk which should be treated separately.
October 07CA-5.2 CA-5.2 De Minimis exemptions
CA-5.2.1
A bank doing negligible business in foreign currencies and which does not take foreign exchange positions for its own account may, at the discretion of the Central Bank and as evidenced by the Central Bank's prior written approval, be exempted from calculating the capital requirements on these positions. The Central Bank is likely to be guided by the following criteria in deciding to grant exemption to any bank:
(a) The bank's holdings or taking of positions in foreign currencies, including gold, defined as the greater of the sum of the gross asset positions and the sum of the gross liability position in all foreign positions and gold, does not exceed 100% of its eligible capital; and(b) The bank's overall net open position, as defined in Section CA-5.3, does not exceed 2% of its eligible capital.October 07CA-5.2.2
The criteria listed in Paragraph CA-5.2.1 above are only intended to be guidelines, and a bank will not automatically qualify for exemptions upon meeting them. Banks doing negligible foreign currency business, which do not take foreign exchange positions for the bank's own account, and wish to seek exemption from foreign exchange risk capital requirements, should submit an application to the Central Bank, in writing. The Central Bank will have the discretion to grant such exemptions. The Central Bank may also, at its discretion, fix a minimum capital requirement for a bank that is exempted from calculating its foreign exchange risk capital requirement, to cover the risks inherent in its foreign currency business.
October 07CA-5.2.3
The Central Bank may, at a future date, revoke an exemption granted to a bank, if the Central Bank is convinced that the conditions on which the exemption was granted no longer exist.
October 07CA-5.3 CA-5.3 Calculation of net open positions
CA-5.3.1
A bank's exposure to foreign exchange risk in any currency is its net open position in that currency, which is calculated by summing the following items:
(a) The net spot position in the currency (i.e. all asset items less all liability items, including accrued profit, other income and expenses, denominated in the currency in question; assets are included gross of provisions for bad and doubtful debts, except in cases where the provisions are maintained in the same currency as the underlying assets);(b) The net forward position in the currency (i.e. all amounts to be received less all amounts to be paid under forward foreign exchange contracts, in the concerned currency);(c) Guarantees and similar off-balance sheet contingent items that are certain to be called and are likely to be irrecoverable where the provisions, if any, are not maintained in the same currency;(d) Profits (i.e. the net value of income and expense accounts) held in the currency in question; and(e) Specific provisions held in the currency in question where the underlying asset is in a different currency, net of assets held in the currency in question where a specific provision is held in a different currency.October 07CA-5.3.2
For calculating the net open position in gold, the bank will first express the net position (spot plus forward) in terms of the standard unit of measurement (i.e. ounces or grams) and then convert it at the current spot rate into the base currency.
October 07CA-5.3.3
Where gold is part of a forward contract (i.e. quantity of gold to be received or to be delivered), any foreign currency exposure from the other leg of the contract should be reported.
October 07Structural positions
CA-5.3.4
Positions of a structural nature (i.e. non-dealing), may be excluded from the calculation of the net open currency positions, these include positions related to items that are deducted from the bank's capital when calculating its capital base in accordance with the rules and guidelines issued by the Central Bank, such as investments denominated in foreign currencies in non-consolidated subsidiaries.
October 07CA-5.3.5
The Central Bank will consider approving the exclusion of the above positions for the purpose of calculating the capital requirement, only if each of the following conditions is met:
(a) The concerned bank provides adequate documentary evidence to the Central Bank which establishes the fact that the positions proposed to be excluded are, indeed, of a structural nature (i.e. non-dealing) and are merely intended to protect the bank's capital adequacy ratio. For this purpose, the Central Bank may ask written representations from the bank's management or Directors.(b) Any exclusion of a position is consistently applied, with the treatment of the structural positions remaining the same for the life of the associated assets or other items.October 07Calculation of the overall net open position
CA-5.3.6
The net position in each currency is converted at the spot rate, into the reporting currency. The overall net open position is measured by aggregating the following:
(a) The sum of the net liabilities positions or the sum of the net asset positions whichever is greater(b) The net position (liabilities and assets) in gold, regardless of signOctober 07CA-5.3.7
Where the bank is assessing its foreign exchange on a consolidated basis, it may be technically impractical in the case of some marginal operations to include the currency positions of a foreign branch or subsidiary of the bank. In such cases, the internal limit for that branch/subsidiary, in each currency, may be used as a proxy for the positions. The branch/subsidiary limits should be added, without regard to sign, to the net open position in each currency involved. When this simplified approach to the treatment of currencies with marginal operations is adopted, the bank should adequately monitor the actual positions of the branch/subsidiary against the limits, and revise the limits, if necessary, based on the results of the ex-post monitoring.
October 07CA-5.4 CA-5.4 Calculation of the capital charge
CA-5.4.1
The capital charge is 8% of the overall net open foreign currency position.
October 07CA-5.4.2
The table below illustrates the calculation of the overall net open foreign currency position and the capital charge:
October 07Example of the calculation of the foreign exchange overall net open position and the capital charge
GBP DEM SAR US$ JPY GOLD +200 +100 +70 -190 -40 -50 +370 -230 50 The capital charge is 8% of the higher of either the sum of the net long currency positions or the sum of the net short positions (i.e. 370) and of the net position in gold (i.e. 50) = 420 @ 8% = 33.6
October 07CA-5.4.3
For illustration and calculation of the overall net open position and the capital charge for unrestricted / restricted investment account and corporate book, refer to Section CA-5.3.
October 07CA-6 CA-6 Commodities risk
CA-6.1 CA-6.1 Introduction
CA-6.1.1
This Section sets out the minimum capital requirements to cover the risk of holding or taking positions in commodities, including precious metals, but excluding gold (which is treated as a foreign currency according to the methodology explained in Chapter CA-5).
October 07CA-6.1.2
The commodities position risk and the capital charges are calculated with reference to the entire business of a bank (i.e. the banking and trading books combined).
October 07CA-6.1.3
The price risk in commodities is often more complex and volatile than that associated with currencies. Banks need to guard against the risk that arises when a liability (i.e. in a Parallel Salam transaction) position falls due before the asset position (i.e. a failure associated with or delay in the Salam contract). Owing to a shortage of liquidity in some markets, it might be difficult to close the Parallel Salam position and the bank might be 'squeezed by the market'. All these commodity market characteristics can result in price transparency and the effective management of risk.
October 07CA-6.1.4
All contracts (salam, musharaka or mudaraba) involving commodities as defined in Section CA-1.3 are subject to commodities risk and a capital charge as per the provisions outlined in Sections CA-6.2 to CA-6.4 should be computed.
October 07CA-6.1.5
Banks should adopt either the simplified approach to calculate their commodities risk and the resultant capital charges or the maturity ladder approach. Where banks have Salam and Parallel Salam contracts, the maturity ladder approach must be used.
October 07CA-6.2 CA-6.2 Calculation of commodities positions
CA-6.2.1
Banks will first express each commodity position (i.e. Salam and Parallel Salam) in terms of the standard unit of measurement (i.e. barrels, kilograms, grams, etc). Asset and liability positions in a commodity are reported on a net basis for the purpose of calculating the net open position in that commodity. For markets which have daily delivery dates, any contracts maturing within ten days of one another may be offset. The net position in each commodity is then converted, at spot rates, into the bank's reporting currency.
October 07CA-6.2.2
Positions in different commodities cannot be offset for the purpose of calculating the open-positions as described in Paragraph CA-6.2.1 above. However, where one or more sub-categories2 of the same Category are in effect and are directly deliverable against each other, netting between those sub-categories is permitted. Furthermore, if two or more sub-categories of the same Category are considered as close substitutes for each other, and minimum correlation of 0.9 between their price movements is clearly established over a minimum period of one year, the bank may, with the prior written approval of the Central Bank, net positions in those sub-categories.
2 Commodities can be grouped into clan, families, sub-groups and individual commodities. For example, a clan might be Energy Commodities, within which Hydro-Carbons is a family with Crude Oil being a sub-group and West Texas Intermediate, Arabian Light and Brent being individual commodities.
October 07CA-6.2.3
Banks, which wish to net positions based on correlation (in the manner discussed in Paragraph CA-6.2.2 above), will need to satisfy the Central Bank of the accuracy of the method which it proposes to adopt.
October 07CA-6.3 CA-6.3 Maturity Ladder Approach
CA-6.3.1
A worked example of the maturity ladder approach is set out in Appendix CA-1 and the table below illustrates the maturity time-bands of the maturity ladder for each commodity. As stated in Section CA-6.1, banks having Salam and Parallel Salam transactions must use the maturity ladder approach.
October 07CA-6.3.2
The steps in the calculation of the commodities risk by the maturity ladder approach are:
(a) The net positions in individual commodities, expressed in terms of the standard unit of measurement, are first slotted into the maturity ladder. Physical stocks are allocated to the first-time band. A separate maturity ladder is used for each commodity as defined in Section CA-6.2. The net positions in commodities are calculated as explained in Section CA-6.2.(b) Asset and liability positions in the same time-band are matched. The sum of the matched asset and liability positions is multiplied first by the spot price of the commodity, and then by a spread of 1.5% for each time-band as set out in the table below. This represents the capital charge in order to capture all risks within a time-band (which, together, are sometimes referred to as curvature risk).Time band3 0-1 months 1-3 months 3-6 months 6-12 months 1-2 years 2-3 years over 3 years (c) The residual (unmatched) net positions from nearer time-bands are then carried forward to offset opposite positions (i.e. asset against liability and vice versa) in time bands that are further out. However, a surcharge of 0.6% of the net position carried forward is added in respect of each time-band that the net position is carried forward, to recognise that such management of positions between different time-bands is imprecise. The surcharge is in addition to the capital charge for each matched amount created by carrying net positions forward, and is calculated as explained in step (b) above.(d) At the end of step (c), there will be either asset or liability positions, to which a capital charge of 15% will apply. The Central Bank recognises that there are differences in volatility between different commodities, but has, nevertheless, decided that one uniform capital charge for open positions in all commodities shall apply in the interest of simplicity of the measurement, and given the fact that banks normally run rather small open positions in commodities. Banks will be required to submit in writing, details of their commodities business in order to capture the market risk on this business and to enable the Central Bank to evaluate whether the models approach should be adopted by the bank.
3 Instruments, where the maturity is on the boundary of two maturity time-bands, should be placed into the earlier maturity band. For example, instruments with a maturity of exactly one-year are placed into the 6 to 12 months time-band.
October 07CA-6.4 CA-6.4 Simplified Approach
CA-6.4.1
Banks who do not enter into Salam and Parallel Salam transactions and do not have any short positions in commodities may use the simplified approach to compute the capital charge. In the simplified approach, the capital charge is computed at 15% of the net position. Net positions in commodities are calculated as explained in Section CA-6.2. For the time being the Central Bank is not requiring additional 3% capital charge for basis risk.
October 07CA-7 CA-7 Gearing requirements
CA-7.1 CA-7.1 Gearing
CA-7.1.1
The content of this Chapter is applicable to locally incorporated banks and Bahrain retail bank branches of foreign banks.
October 07Measurement
CA-7.1.2
The Gearing ratio is measured with reference to the ratio of
deposit liabilities against the bank's capital and reserves as reported in its PIRI.October 07Gearing limit
CA-7.1.3
For Retail Bank and Wholesale bank licensees,
deposit liabilities should not exceed 20 times the respective bank's capital and reserves.October 07CA CA Capital Adequacy (April 2008)
PART 1: PART 1: Definition of Capital
CA-A CA-A Introduction
CA-A.1 CA-A.1 Application
CA-A.1.1
Rules in this Module are applicable to locally incorporated banks on both a stand-alone basis (i.e. including their foreign
branches ), and on a consolidated group basis (i.e. including their subsidiaries and any other investments which are included or consolidated into the group accounts or are required to be consolidated for regulatory purposes by the Central Bank of Bahrain ('CBB')).Amended: January 2011
Apr 08CA-A.1.2
In addition to licensees mentioned in Paragraph CA-A.1.1, certain of these Rules (in particular gearing and market risk requirements) are also applicable to Bahrain
branches of foreign retail bank licensees.Amended: January 2011
Apr 08CA-A.1.3
Rules in this Module are applicable to locally incorporated Islamic banks (hereinafter referred to as "the banks") on both a stand-alone and consolidated group basis.
Amended: January 2011
Apr 08CA-A.1.4
If the banks have investments in other entities, the banks must also apply the Rules set out in the Prudential Consolidation and Deduction Requirements Module (Module PCD) for the calculation of their solo and consolidated Capital Adequacy Ratio (CAR).
Amended: January 2011
Apr 08CA-A.2 CA-A.2 Purpose
Executive Summary
CA-A.2.1
The purpose of this Module is to set out the CBB's
capital adequacy Rules and provide guidance on the risk measurement for the calculation of capital requirements by banks referred to under Paragraph CA-A.1.1. This requirement is supported by Article 44(c) of the Central Bank of Bahrain and Financial Institutions Law (Decree No. 64 of 2006).Amended: January 2011
Apr 08CA-A.2.2
The Module also sets out the minimum gearing requirements which relevant banks (referred to in Section CA-A.1) must meet as a condition of their licensing.
Apr 08CA-A.2.3
Principle 9 of the Principles of Business requires that
Islamic bank licensees maintain adequate human, financial and other resources, sufficient to run their business in an orderly manner (see Section PB-1.1.9). In addition, Condition 5 of CBB's Licensing Conditions (Section LR-2.5) requiresIslamic bank licensees to maintain financial resources in excess of the minimum requirements specified in Module CA (Capital Adequacy).Apr 08CA-A.2.4
The requirements specified in this Module vary according to the Category of
Islamic bank licensee concerned, their inherent risk profile, and the volume and type of business undertaken. The purpose of such requirements is to ensure thatIslamic bank licensees hold sufficient capital to provide some protection against unexpected losses, and otherwise allow conventional banks to effect an orderly wind-down of their operations, without loss to their depositors. The minimum capital requirements specified here may not be sufficient to absorb all unexpected losses.Apr 08Legal Basis
CA-A.2.5
This Module contains the CBB's Directive (as amended from time to time) relating to the capital adequacy of
Islamic bank licensees , and is issued under the powers available to the CBB under Article 38 of the CBB Law. The Directive in this Module is applicable to allIslamic bank licensees .Amended: January 2011
Apr 08CA-A.2.6
For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.
Apr 08CA-A.2.7
The CBB requires in particular that the banks maintain adequate capital, in accordance with the Rules in this Module, against their risks as capital provides banks with a cushion to absorb losses without endangering customer accounts. As such, the CBB also requires the relevant banks to maintain adequate liquidity and identify and control their large
exposures which might otherwise be a source of loss to a licensee on a scale that might threaten its solvency.Amended: January 2011
Apr 08CA-A.2.8
These Rules are consistent in all substantial respects with the approach recommended by the Basel Committee on Banking Supervision and Islamic Financial Services Board (IFSB) for capital adequacy.
Amended: January 2011
Apr 08CA-A.2.9
The CBB recognises that the Basel Committee guidelines may not address specific characteristics of the various products and services offered by Islamic banks. Therefore, the CBB has adopted a risk-based approach and has tailored the Rules to address the specific risk characteristics of Islamic banks. The structure of these Rules is explained on the next page.
Amended: January 2011
Apr 08CA-A.2.10
This Module provides support for certain other parts of the Rulebook, mainly:
(a) Prudential Consolidation and Deduction Requirements;(b) Licensing and Authorisation Requirements;(c) CBB Reporting Requirements;(d) Credit Risk Management;(e) Market Risk Management;(f) Operational Risk Management;(g) Liquidity Risk Management;(h) High Level Controls;(i) Relationship with Audit Firms; and(j) Penalties and Fines.
Amended: January 2011
Apr 08CA-A.3 CA-A.3 Capital Adequacy Ratio
CA-A.3.1
Historically, on a consolidated basis, the CBB has set a minimum Capital Adequacy Ratio ("CAR") of 12.0% for all locally incorporated banks. Furthermore, on a solo basis, the parent bank has been required to maintain a minimum CAR of 8.0% (i.e. unconsolidated). The arrangements outlined below will apply once banks have been subject to a Pillar 2 risk profile assessment by the CBB or an acceptable audit firm. Until such an assessment has been completed, the existing 12% and 8% minimum capital ratio requirements (as outlined in Module CA-2.5 October 2006 edition) will remain in place.
Apr 08CA-A.3.2
CAR will be calculated by applying the regulatory capital to the numerator and risk-weighted assets (RWAs) to the denominator.
Eligible Capital
{ Total Risk-weighted Assets (Creditb + Marketb Risks) Plus Operational Risks
Less
Risk-weighted Assets funded by Restricted PSIAc (Creditb + Marketb Risks)
Less
(1 - α) [Risk-weighted Assets funded by Unrestricted PSIAc (Creditb + Marketb Risks)]
Less
α [Risk-weighted Assets funded by PER and IRR of Unrestricted PSIAe (Creditb +
Marketb Risks)]}(a) Total RWA include those financed by both restricted and unrestricted Profit Sharing Investment Accounts (PSIA);(b) Credit and market risks for on- and off-balance sheet exposures;(c) Where the funds are commingled, the RWA funded by PSIA are calculated based on their pro-rata share of the relevant assets. PSIA balances include PER and Investment risk reserve (IRR) or equivalent reserves;(d) — α refers to the proportion assets funded by unrestricted PSIA which, as determined by the CBB, is 30%; and(e) The relevant proportion of risk-weighted assets funded by the PSIA's share of PER and by IRR is deducted from the denominator. The PER has the effect of reducing the displaced commercial risk and the IRR has the effect of reducing any future losses on the investment financed by the PSIA.
The above formula is applicable as the Islamic banks may smooth income to the Investment Account Holders (IAHs) as part of a mechanism to minimise withdrawal risk and is concerned with systemic risk.Amended: April 2011
April 2008CA-A.3.3
All locally incorporated banks are required to maintain a capital ratio both on a solo (and a consolidated basis where applicable) above the minimum "trigger" CAR of 8%. Failure to remain above the trigger ratio will result in Enforcement and other measures as outlined in Section CA-1.4.
Apr 08CA-A.3.4
All locally incorporated banks will be required to maintain capital ratios above individually set "target" CARs on a solo and on a consolidated basis. These target CARs will be set at an initial minimum of 8.5% and may in the case of high risk banks be set at levels above the 12.5% target ratio set prior to January 2008. Failure to remain above the target ratio will result in Enforcement and other measures as outlined in Section CA-1.4.
Apr 08Eligible Capital
CA-A.3.5
Banks are allowed two classes of capital (see section CA-2.2) to meet their capital requirements for credit risk, operational risk and market risk, as set out below:
Tier 1: Core capital — Supports the calculation of credit risk weighted assets, operational risk and market risk.
Tier 2: Supplementary capital — Supports credit risk, operational risk and market risk subject to limitations.
Apr 08Risk-weighted Assets
CA-A.3.6
Total risk-weighted assets are determined by:
(i) Multiplying the capital requirements for market risk and operational risk by 12.5; and(ii) Adding the resulting figures to the sum of risk-weighted assets for credit risk.Amended: January 2011
Apr 08CA-A.3.7
Islamic banks are not contractually obliged to make good losses arising from Islamic financing assets funded by the investment accounts, unless these losses arise from the negligence on the part of the Islamic bank as manager (Mudarib) or as agent (Wakeel). However to be prudent, the CBB requires Islamic banks to provide regulatory capital to cover minimum requirement arising from 30% of the risk weighted assets and contingencies financed by the unrestricted investment accounts. Therefore, for the purpose of calculating its Capital Adequacy Ratio (CAR), the risk-weighted assets of an Islamic bank consist of the sum of the risk-weighted assets financed by the Islamic bank's own capital and liabilities, plus 30% of the risk-weighted assets financed by the Islamic bank's unrestricted PSIAs.
Amended: January 2011
Apr 08CA-A.3.8
In measuring credit risk for the purpose of
capital adequacy , banks must apply the standardised approach through which claims of different categories of counterparties are assigned risk weights (RWs) according to broad categories of relative riskiness.Apr 08CA-A.3.9
For the measurement of their operational risks, banks have a choice, subject to the written approval of the CBB, between two broad methodologies:
(a) One alternative is to measure the risks using a basic indicator approach, applying the measurement framework described in Chapter CA-6 of this Module; and(b) The second methodology (i.e. the standardised approach) is set out in detail in Chapter CA-6 including the procedure for obtaining the CBB's approval. This methodology is subject to the fulfillment of certain conditions. The use of this methodology is, therefore, conditional upon the explicit approval of the CBB.Amended: January 2011
Apr 08CA-A.3.10
In measuring market risk for the purpose of
capital adequacy , banks must apply the approach set out in relevant sections.Apr 08CA-A.3.11
If an Islamic bank wants to adopt an advanced approach (IRB for credit risk and/or IMA for market risk), it will need to apply to the CBB for prior approval.
Apr 08CA-A.4 CA-A.4 Module History
CA-A.4.1
This Module was first issued in January 2005 as part of the Islamic principles volume. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made. Chapter UG-3 provides further details on Rulebook maintenance and version control.
Apr 08CA-A.4.2
A list of most recent changes made to this Module are detailed in the table below:
Summary of ChangesModule Ref. Change Date Description of Changes CA-A.2 10/2007 New Rule CA-A.2.5 introduced, categorising this Module as a Directive. CA-1 to CA-6 01/2008 Basel II implementation. CA-1.5 01/2008 Review of PIR by external auditors CA-4.6 04/2008 Recognition of IIRA as ECAI and mapping of ratings CA-4.2.15–18 01/2009 New guidance and rules on SMEs CA-A 01/2011 Various minor amendments to ensure consistency in CBB Rulebook. CA-A.2.5 01/2011 Clarified legal basis. CA-5.1 & CA-5.3 01/2012 Changes in respect of July 2009 and February 2011 amendments to Basel II. CA-4.2.10 and CA-4.2.11A 04/2012 Amendment made for claims on banks dealing with self-liquidating letters of credit. CA-2.1.4(g) 10/2013 Added Rule to include limited general provision against unidentified future losses as part of Tier 2. CA-2.1.4(f), CA-2.1.4A to CA-2.1.4C and CA-2.2.1 10/2013 Added Rules to deal with subordinated issued for Tier 2 capital. CA-5.5.13 10/2013 Clarified Rules on structural positions for foreign exchange risk. Evolution of the Module
CA-A.4.3
Prior to the development of this Rulebook, the CBB issued various circulars representing regulations relating to
capital adequacy requirements. These circulars were consolidated into this Module and are listed below:Circular Ref. Date of Issue Module Ref. Circular Subject OG/78/01 20 Feb 2001 CA-A.3 and CA-1.4 Monitoring of Capital Adequacy BC/01/98 10 Jan 1998 CA-A.3 and CA-1.4 Capital Adequacy Ratio Apr 08Effective Date
CA-A.4.4
The contents retained from the previous module (Capital Adequacy-Islamic banks) are effective from the date depicted in the above circulars from which the requirements are compiled. The updated module is effective from January 01, 2008.
Apr 08CA-1 CA-1 Scope and Coverage of Capital Charges
CA-1.1 CA-1.1 Application
CA-1.1.1
All locally incorporated banks are required to measure and apply capital charges with respect to their credit, operational, market risk fiduciary and displacement risk, capital requirements.
Apr 08CA-1.1.2
Credit risk is defined as the potential that a bank's
counterparty will fail to meet its obligations in accordance with agreed terms. Credit risk exists throughout the activities of a bank in the banking book and in the trading book including both on-and off-balance-sheetexposures .Apr 08CA-1.1.3
Operational risk is defined as the risk of losses resulting from inadequate or failed internal processes, people and systems or from external events, which includes but is not limited to, legal risk and Sharia compliance risk. This definition excludes strategic and reputational risks.
Apr 08CA-1.1.4
Market risk is defined as the risk of losses in on- or off-balance-sheet positions arising from movements in market prices. The risks subject to the capital requirement of this module are:
(a) The risks pertaining to equities in the trading book;(b) Foreign exchange risk throughout the bank; and(c) Commodity risk throughout the bank.Amended: April 2011
April 2008CA-1.1.5
The CBB has adopted the IFSB definitions of fiduciary and displacement risk for the purpose of this volume.
Apr 08CA-1.1.6
Banks must compute capital charges for own funds as well as those of the unrestricted PSIAs. For the purpose of computing the Capital Adequacy Ratio, 30% of the bank's risk weighted assets relating to the unrestricted PSIAs must be included in accordance with the IFSB guidelines.
Apr 08CA-1.2 CA-1.2 Monitoring of Risks
CA-1.2.1
Banks are required to manage their risks, especially market risks, in such a way that the capital requirements are being met on a continuous basis i.e. at the close of each business day and not merely at the end of each calendar quarter. Banks are also required to maintain strict risk management systems to ensure that their intra-day
exposures are not excessive.Apr 08CA-1.2.2
Banks' daily compliance with the capital requirements for credit and market risks must be verified by an independent risk management department and internal audit. It is expected that external auditors will perform appropriate tests of the bank's daily compliance with the capital requirements for credit and market risks. Where a bank fails to meet the minimum capital requirements for credit and market risk on any business day, the CBB must be informed in writing by no later than the following business day. The CBB will then seek to ensure that the bank takes immediate measures to rectify the situation.
Apr 08CA-1.3 CA-1.3 Investments in other Entities and Consolidation
CA-1.3.1
The banks must also apply the rules set in the Prudential Consolidation and Deduction Requirements Module where the bank has investments in other entities.
Apr 08CA-1.3.2
These capital adequacy regulations must be applied on a worldwide consolidated basis as well as on a solo basis. Guidance on consolidation and related matters is provided in the Prudential Consolidation and Deduction Requirements Module.
Apr 08CA-1.4 CA-1.4 Reporting
CA-1.4.1
Formal reporting, to the CBB, of capital adequacy must be made in accordance with the requirements set out under section BR 3.1.
Apr 08CA-1.4.2
Where a bank's CAR falls below its individual target ratio either on a solo basis (or on a consolidated basis), the General Manager of the bank must notify the CBB by the following business day, however no formal action plan will be necessary. The General Manager must explain what measures are being implemented to ensure that the bank will remain above its minimum target CAR(s).
Apr 08CA-1.4.3
The bank will be required to submit form PIRI to the CBB on a monthly basis, until the concerned CAR exceeds its target ratio.
Apr 08CA-1.4.4
The CBB will notify banks in writing of any action required of them with regard to the corrective and preventive action (as appropriate) proposed by the bank pursuant to the above, as well as of any other requirement of the CBB in any particular case.
Apr 08CA-1.4.5
All locally incorporated banks must provide the CBB, with immediate written notification (i.e. by no later than the following business day) of any actual breach of the minimum trigger CAR of 8%. Where such notification is given, the bank must also provide the CBB:
(a) No later than one calendar week after the notification, with a written action plan setting out how the bank proposes to restore the relevant CAR(s) to the required minimum level(s) set out above and, further, describing how the bank will ensure that a breach of such CAR(s) will not occur again in the future; and(b) Report on a weekly basis thereafter on the bank's relevant CAR(s) until such CAR(s) have reached the required target level(s) described above.Amended: April 2011
April 2008CA-1.4.6
Banks must note that the CBB considers the breach of CARs to be a very serious matter. Consequently, the CBB may (at its discretion) subject a bank which breaches its CAR(s) to a formal licensing reappraisal. Such reappraisal may be effected either through the CBB's own inspection function or through the use of Reporting Accountants, as appropriate. Following such appraisal, the CBB will notify the bank concerned in writing of its conclusions with regard to the continued licensing of the bank.
Apr 08CA-1.4.7
The CBB recommends that the bank's compliance officer support and cooperate with the CBB in the monitoring and reporting of the CARs and other regulatory reporting matters. Compliance officers should ensure that their banks have adequate internal systems and controls to comply with these regulations.
Apr 08CA-1.5 CA-1.5 Review of Prudential Information Returns by External Auditors
CA-1.5.1
The CBB requires all relevant banks to request their external auditors to conduct a review of the prudential returns on a quarterly basis in accordance with the requirements set out under section BR . However, if a bank provides prudential returns without any reservation from auditors for two consecutive quarters, it can apply for exemption from such review for a period to be decided by CBB.
Apr 08CA-2 CA-2 Regulatory Capital
CA-2.1 CA-2.1 Regulatory Capital
CA-2.1.1
Islamic banks are allowed two types of own funds to meet their capital requirements for credit risk, market risk and operational risk as set out below:
Tier 1: Core capital — Supports the calculation of credit risk weighted assets, operational risk and market risk.
Tier 2: Supplementary capital — Supports credit risk, operational risk and market risk subject to limitations.
Apr 08CA-2.1.2
For the purpose of defining Tier capital, the CBB has broadly adopted the recommendations contained in IFSB's guidelines. However, some restrictions have been placed on the inclusion of profit equalisation and investment risk reserve as Tier 2 capital. For components of Tier 1 and Tier 2 capital refer to paragraphs CA-2.1.3 to CA-2.1.4.
Apr 08Tier 1: Core Capital
CA-2.1.3
Tier 1 capital shall consist of the sum of items (a) to (e) below, less the sum of items (f) through (j) below:
(a) Issued and fully paid ordinary shares;
For Islamic funds with participation and / or "B" class shares (not carrying voting rights), the treatment for the purpose of these regulations must be agreed with the CBB. The CBB will consider each case on its merit.(b) Disclosed reserves• General reserves• Legal / statutory reserves• Share premium• Capital redemption reserves• Excluding fair value reserves1(c) Retained profit brought forward;(d) Unrealized net gains arising from fair valuing equities2; and(e) Minority interests in subsidiaries Tier 1 equity, arising on consolidation, in the equity of subsidiaries that are less than wholly owned. Further guidance on minority interests is provided in the Prudential Consolidation and Deduction Requirements Module.LESS:
(f) Goodwill;(g) Current interim cumulative net losses;(h) Unrealized gross losses arising from fair valuing equity securities3;(i) Other deductions made on a pro-rata basis between Tier 1 and Tier 2;(j) Reciprocal cross holdings of other banks' capital.
1 This refers to unrealised fair value gains reported directly in equity (such gross gains are included in Tier 2).
2This refers to unrealised net fair value gains taken through P&L (which have been audited). Please note that the unrealised net gains related to unlisted equities taken through P&L arising on or after January 1, 2008 will be subject to 55% discount as stated in CA-2.1.4(c)ii.
3 This refers to both 'net losses taken through P&L' and 'gross losses reported directly in equity'.
Apr 08Tier 2: Supplementary Capital
CA-2.1.4
Tier 2 capital shall consist of the following items:
(a) Current interim retained profits that have been reviewed as per the ISA by the external auditors;(b)Asset revaluation reserves , which arise from the revaluation of fixed assets and real estate from time to time in line with the change in market values, and are reflected on the face of the balance sheet as a revaluation reserve. Similarly, gains may also arise from revaluation of Investment Properties (real estate). These reserves (including the net gains on investment properties) may be included in Tier 2 capital, with the concurrence of the external auditors, provided that the assets are prudently valued, fully reflecting the possibility of price and forced sale. A discount of 55% will be applied to the difference between the historical cost book value and the market value to reflect the potential volatility of this form of unrealised capital;(c) Unrealised gains arising from fair valuing equities:(i) For unrealized gross gains reported directly in equity, a discount factor of 55% will be applied before inclusion in Tier 2 capital. Note for gross losses, the whole amount of such unrealised loss should be deducted from the Tier 1 capital;(ii) For unrealized net gains reported in income, a discount factor of 55% will apply on any such unrealized net gains from unlisted equity instruments before inclusion in Tier 1 capital (for audited gains) or Tier 2 capital (for reviewed gains) as appropriate. This discount factor will be applied to the incremental net gains related to unlisted equities arising on or after January 1, 2008;(d) Banks should note that the Central bank will discuss the applicability of the discount factor under paragraph (c) above with individual banks. This discount factor relating to CA-2.1.4(c)ii may be reassessed by the CBB if the bank arranges an independent review (which has been performed for the bank's systems and controls relating to FV gains on financial instruments) and meets all the requirements of the paper 'Supervisory guidance on the use of the fair value option for financial instruments by banks' issued by Basel Committee on Banking Supervision in June 2006;(e) Profit equalisation reserve and investment risk reserve, up to a maximum amount equal to the capital charge pertaining to 30% of the risk weighted assets financed by unrestricted investment account holders;(f) Subordinated term capital instruments, which comprise all unsecured term instruments subordinated (with respect to both profit and principal) to all other liabilities of the bank except the share capital. To be eligible for inclusion in Tier 2 capital, subordinated term capital instruments should have a minimum original fixed term to maturity of over five years. During the last five years to maturity, a cumulative discount (or amortisation) factor of 20% per year will be applied to reflect the diminishing value of these instruments as a continuing source of strength. These instruments are not normally available to participate in the losses of a bank which continues trading. For this reason, these instruments will be limited to a maximum of 50% of Tier 1 capital. Subordinated term capital instruments must also satisfy the conditions outlined in the paragraphs below; and(g) Credit facilities loss provisions held against future, presently unidentified losses and are freely available to meet such losses which subsequently materialise. Such general provisions/general credit facilities-loss reserves eligible for inclusion in Tier 2 will be limited to a maximum of 1.25 percentage points of credit risk-weighted risk assets. Provisions ascribed to identified deterioration of particular assets or known liabilities, whether individual or grouped, must be excluded.Amended: October 2013
Amended: April 2011
April 2008CA-2.1.4A
Subordinated term capital instruments agreed to on a case by case basis by CBB, must meet the following conditions. They must be:
(a) Issued and fully paid;(b) Neither be secured nor covered by a guarantee of the issuer or related entity or other arrangement that legally or economically enhances the seniority of the claim vis-à-vis bank creditors;(c) The main features of such instruments must be easily understood and publicly disclosed;(d) Proceeds must be immediately available without limitation to the issuing bank; and(e) The bank must have discretion over the amount and timing of distributions, subject only to prior waiver of distributions on the bank's common stock, and banks must have full access to waived payments.Added: October 2013
CA-2.1.4B
A bank may not exercise a call on a subordinated term capital instrument, partially or in full, prior to the end of its term, unless it has received the CBB's prior written approval, and there is a clear statement in support of the call in the original documentation.
Added: October 2013
CA-2.1.4C
Where Paragraph CA-2.1.4B applies, the CBB will take into consideration whether the bank has received confirmation from its external auditor that the bank will continue to satisfy the CBB's capital adequacy requirements after such early call and the bank has sufficient liquidity to repay the subordinated term capital instrument. This can be done by assessing the impact of such redemption on the capital adequacy ratio of the bank.
Added: October 2013
CA-2.2 CA-2.2 Limits on the use of Different Forms of Capital
CA-2.2.1
Tier 1 capital should represent at least half of the total eligible capital, i.e., Tier 2 capital is limited to the 100% of Tier 1 capital. Subordinated term capital instruments are limited to a maximum of 50% of Tier 1 capital.
Amended: October 2013
Apr 08CA-2.2.2
The limit on Tier 2 capital is based on the amount of Tier 1 capital after all deductions of investments pursuant to Prudential Consolidation and Deduction Requirements Module (see Appendix PCD-2 of PCD module for an example of the deduction effects and the caps).
Apr 08PART 2: PART 2: Credit Risk
CA-3 CA-3 The Banking Book — Minimum Capital Requirements for Islamic Financing Assets
CA-3.1 CA-3.1 Background
CA-3.1.1
Due to the nature of Islamic banking transactions, Islamic banks, as opposed to their conventional counterparts, are additionally exposed to price risk in their banking book. CBB recognizes that such risks need to be identified and measured for regulatory capital purposes.
Apr 08CA-3.2 CA-3.2 Murabahah and Murabahah to the Purchase Orderer
Introduction
CA-3.2.1
This section sets out the minimum capital adequacy requirements to cover the transactions that are based on the Sharia rules and principles of Murabahah and Murabahah to the Purchase Orderer (MPO).
Apr 08CA-3.2.2
In Murabahah and MPO, the capital adequacy requirement for credit risk refers to the risk of a counterparty not paying the agreed price of an asset to the bank. In the case of binding MPOs, the risks faced by the Islamic banks are different at the various stages of the contract.
Apr 08CA-3.2.3
This section is broadly divided into (a) Murabahah and non-binding MPO and (b) binding MPO, as the types of risk faced by the bank are different at the various stages of the contract for the two categories.
Apr 08CA-3.2.4
This classification and the distinctions between a non-binding MPO and a binding MPO are subject to the criteria and opinions set by the respective SSB of the bank or any other SSB as specified by the CBB.
Apr 08CA-3.2.5
A Murabahah contract refers to an agreement whereby the bank sells to a customer at acquisition cost (purchase price plus other direct costs) plus an agreed profit margin, a specified kind of asset that is already in its possession. An MPO contract refers to an agreement whereby the bank sells to a customer at cost (as above) plus an agreed profit margin, a specified kind of asset that has been purchased and acquired by the bank based on a Promise to Purchase (PP) by the customer which can be a binding or non-binding PP.
Apr 08Murabahah and Non-binding MPO
CA-3.2.6
In a Murabahah transaction, the bank sells an asset that is already available in its possession, whereas in a MPO transaction the bank acquires an asset in anticipation that the asset will be purchased by the orderer/customer.
Apr 08CA-3.2.7
This price risk in Murabahah contracts ceases and is replaced by credit risk for the amount receivable from the customer following delivery of the asset. Likewise, in a non-binding MPO transaction, the bank is exposed to credit risk on the amount receivable from the customer when the latter accepts delivery and assumes ownership of the asset.
Apr 08Binding MPO
CA-3.2.8
In a binding MPO, the bank has no 'long' position in the asset that is the subject of the transaction, as there is a binding obligation on the customer to take delivery of the asset at a pre-determined price. The bank is exposed to counterparty risk in the event that the orderer in a binding MPO does not honour his/her obligations under the PP, resulting in the bank selling the asset to a third party at a selling price which may be lower than the cost to the bank. The risk of selling at a loss is mitigated by securing a Hamish Jiddiyyah (HJ) (a security deposit held as collateral upon entering into agreement to purchase or agreement to lease) upon executing the PP with the customer, as commonly practised in the case of binding MPO.
Apr 08Collateralisation
CA-3.2.9
As one of the CRM techniques, the bank can secure a pledge of the sold asset/underlying asset or another tangible asset ("collateralised Murabahah"). The collateralisation is not automatically provided in a Murabahah contract but must be explicitly stated or must be documented in a separate security agreement at or before the time of signing of the Murabahah contract. The bank may employ other techniques such as pledge of deposits or a third party financial guarantee. The RW of a financial guarantor can be substituted for the RW of the purchaser provided that the guarantor has a better credit rating than the purchaser and that the guarantee is legally enforceable.
Apr 08CA-3.2.10
In financing transactions that are collateralised, the pricing of the Murabahah assets and determination of the required amount of HJ would normally take into consideration the market value and forced-sale value of the assets; and the CRM would take into account of any 'haircut' applicable to the collateralised assets (if these assets are eligible collateral or acceptable to the Central Bank). Thus, fluctuations in the market value and forced sale value of the collateralised assets are dealt with under credit risk assessment. For full details of CRM techniques, and the eligibility of collateral, refer to Section CA-4.7.
Apr 08Credit Risk
Murabahah and Non-binding MPO
CA-3.2.11
The credit exposure must be measured based on accounts receivable in Murabahah (the term used herein includes MPO), which is recorded at their cash equivalent value i.e. amount due from the customers at the end of the reporting quarter less any provision for doubtful debts.
Apr 08CA-3.2.12
The accounts receivable (net of specific provisions) amount arising from the selling of a Murabahah asset must be assigned a RW based on the credit standing of the obligor (purchaser or guarantor) as rated by an ECAI that is approved by the CBB. In case the obligor is unrated, a RW of 100% shall apply. (See Section CA-4.2).
Apr 08Binding MPO
CA-3.2.13
In a binding MPO, the bank is exposed to default on the purchase orderer's obligation to pay fully for the asset at the agreed price. In the event of the orderer defaulting on its PP, the bank will dispose of the asset to a third party. The bank will have recourse to any HJ paid by the orderer, and (a) may have a right to recoup from the orderer any loss on disposing of the asset, after taking account of the HJ or (b) may have no such legal rights. In both cases, this risk is mitigated by the asset in possession as well as any HJ paid by the purchase orderer.
Apr 08CA-3.2.14
In case (a) the bank has the right to recoup any loss (as indicated in the previous paragraph) from the orderer, that right constitutes a claim receivable which is exposed to credit risk, and the exposure shall be measured as the amount of the asset's total acquisition cost to the bank, (less the market value of the asset as collateral subject to any haircut, and less the amount of any HJ, provided that the collateral is an eligible collateral or has been agreed as acceptable to the CBB). The applicable RW must be based on the standing of the obligor as rated by an ECAI that is approved by the CBB, and in the case the obligor is unrated, a RW of 100% shall apply. (See Section CA-4.2).
Apr 08CA-3.2.15
In case (b) the bank has no such right, and the cost of the asset to the bank constitutes a market risk (as in the case on a non-binding MPO), but this market risk exposure is reduced by the amount of any HJ that the bank has the right to retain.
Apr 08CA-3.2.16
In applying the treatment as set out in paragraph CA-3.2.14, the bank should ensure that the PP is properly documented and is legally enforceable.
Apr 08CA-3.2.17
Upon selling the asset, the accounts receivable (net of specific provisions) amount must be assigned a RW based on the credit standing of the obligor as rated by an ECAI that is approved by the CBB. In case the obligor is unrated, a RW of 100% shall apply. (See Section CA-4.2).
Apr 08Exclusions
CA-3.2.18
The capital requirement is to be calculated on the receivable amount, net of (i) specific provisions, (ii) any amount that is secured by eligible collateral (as defined in section CA-4.7) and/or (iii) any amount that is past due by more than 90 days. The portions that are collateralised and past due are subject to the treatment as set out in chapter CA-4.
Apr 08Assignment of Risk Weights
CA-3.2.19
Islamic financing assets are to be categorized as per the claim categories detailed in section CA-4.2, and risk weighted accordingly. Banks should ensure that the appropriate risk weight is used based on the claim category for each transaction.
Apr 08Market Risk
Murabahah and Non-binding MPO
CA-3.2.20
In the case of an asset in possession for a Murabahah transaction and an asset acquired specifically for resale to a customer in a non-binding MPO transaction, the asset would be treated as inventory of the bank and will be subject to price risk as per section CA-5.2. This capital charge is also applicable to assets held by a bank for incomplete non-binding MPO transactions at the end of a financial period.
Apr 08CA-3.2.21
Assets in possession on a 'sale or return' basis (with such an option included in the contract) are treated as accounts receivable from the vendor and as such would be offset against the related accounts payable to the vendor. If these accounts payable have been settled, the assets shall attract a RW based on rating of the vendor (100% in case of unrated), subject to (a) the availability of documentation evidencing such an arrangement with the vendor, and (b) the period for returning the assets to the vendor not having been exceeded. If the above conditions are not satisfied, capital charge will be provided as per paragraph CA-3.2.20.
Apr 08Binding MPO
CA-3.2.22
In a binding MPO the orderer has the obligation to purchase the asset at the agreed price, and the bank as the seller is only exposed to credit risk as indicated in paragraph CA-3.1.13 above.
Apr 08Foreign Exchange Risk
CA-3.2.23
If the funding of an asset purchase or the selling of an asset opens a bank to foreign exchange exposures, the relevant positions should be included in the measurement of foreign exchange risk described in section CA-5.5.
Apr 08Summary of Capital Requirement at Various Stages of the Contract
CA-3.2.24
The following table sets out the applicable period of the contract that attracts capital charges:
(a) Murabahah and Non-binding MPOApplicable Stage of the Contract Credit RW Market Risk Capital Charge Asset available for sale (asset on balance sheet)* Not applicable Price risk (15% Capital charge) Asset is sold and delivered to a customer and the selling price (accounts receivable) is due from the customer. Based on customer's rating or 100% RW for unrated customer (see paragraphs CA-3.2.11 and CA-3.2.12) NA Upon full settlement of the purchase price. NA NA * Also includes an asset which is in possession due to cancellation of PP by a non-binding MPO customer. Any HJ taken, if any, is not considered as eligible collateral and shall not be offset against the value of the asset.
(b) Binding MPOApplicable Stage of the Contract Credit RW Market Risk Capital Charge Asset available for sale (asset on balance sheet)* - If the bank has legal right to recoup from the customer any loss on disposing of the asset Asset acquisition cost less [market value of asset if eligible as collateral (net of any haircut**) plus any HJ] x applicable RW (see chapter CA-4) NA Asset available for sale (asset on balance sheet)* - If the bank has no legal right to recoup from the customer any loss on disposing of the asset NA Price risk 15% Capital charge minus HJ(if the bank has legal right to the HJ) Asset is sold and delivered to a customer and the selling price (accounts receivable) is due from the customer. Based on customer's rating or 100% RW for unrated customer (see section CA-4.2) NA Upon full settlement of the purchase price. NA NA * Also includes an asset which is in possession due to cancellation of PP by a customer.
** Please refer to CRM section CA-4.7 for eligibility of collateral and application of haircuts.
Amended: April 2011
April 2008CA-3.3 CA-3.3 Salam and Parallel Salam
Introduction
CA-3.3.1
This section sets out the minimum capital requirement to cover credit and market (price) risks arising from entering into contracts or transactions that are based on the Sharia rules and principles of Salam. The bank is exposed to the (a) credit (counterparty) risk of not receiving the purchased commodity after disbursing the purchase price to the seller, and (b) price risk that the bank incurs from the date of execution of a Salam contract, which is applicable throughout the period of the contract and beyond the maturity date of the contract as long as the commodity remains on the balance sheet of the bank.
Apr 08CA-3.3.2
This section is applicable to (a) Salam contracts that are executed without any Parallel Salam contracts and (b) Salam contracts that are backed by independently executed Parallel Salam contracts.
Apr 08CA-3.3.3
A Salam contract refers to an agreement to purchase, at a predetermined price, a specified kind of commodity4 which is to be delivered on a specified future date in a specified quantity and quality. The bank as the buyer makes full payment of the purchase price upon execution of a Salam contract or within a subsequent period not exceeding two or three days as deemed permissible by its Sharia Supervisory Board (SSB).
4 A commodity is defined as a physical product which is and can be traded on a secondary market, e.g. agricultural products, minerals (including oil) and precious metals. The commodity may or may not be traded on an organised exchange.
Apr 08CA-3.3.4
In certain cases the bank may enter into a back-to-back contract (Parallel Salam) to sell a commodity with the same specification as the purchased commodity under a Salam contract to a party other than the original seller. The Parallel Salam allows the bank to sell the commodity for future delivery at a predetermined price (thus hedging the price risk on the original Salam contract) and protects the bank from having to take delivery of the commodity and warehousing it.
Apr 08CA-3.3.5
The non-delivery of the commodity by a Salam seller (i.e. counterparty risk) does not discharge the bank's obligations to deliver the commodity under a Parallel Salam contract, and thus exposes the bank to potential loss in obtaining the supply elsewhere.
Apr 08CA-3.3.6
The obligations of a bank under Salam and Parallel Salam are not inter-conditional or interdependent, which implies that there is no legal basis for offsetting credit exposures between the contracts.
Apr 08CA-3.3.7
In the absence of a Parallel Salam contract, a bank may sell the subject-matter of the original Salam contract in the spot market upon receipt, or, alternatively, the bank may hold the commodity in anticipation of selling it at a higher price. In the latter case, the bank is exposed to price risk on its position in the commodity until the latter is sold.
Apr 08Credit Risk
CA-3.3.8
The amount paid for the purchase of a commodity based on a Salam contract shall be assigned a RW based on the credit standing of the counterparties involved in the contracts as rated by an ECAI that is approved by the CBB. If a counterparty is unrated, a RW of 100% will apply. (See Section CA-4.2).
Apr 08Exclusions
CA-3.3.9
The capital requirement is to be calculated on the amount paid, net of (i) specific provisions, (ii) any amount that is secured by eligible collateral (as defined in section CA-4.7) and/or (iii) any amount which is past due by more than 90 days. The portions that are collateralised and past due are subject to the treatment as set out in chapter CA-4.
Apr 08Applicable Period
CA-3.3.10
The credit RW will be applied from the date of the contract made between both parties until the maturity of the Salam contract, which is upon receipt of the purchased commodity. However, between the date of contract and disbursement of funds to the customer the exposure is a commitment (off-balance sheet) and a credit conversion factor (CCF) of 20% will be applied before applying the relevant RW.
Apr 08Offsetting Arrangement between Credit Exposures of Salam and Parallel Salam
CA-3.3.11
The credit exposure amount of a Salam contract is not to be offset against the exposure amount of a Parallel Salam contract, as an obligation under one contract does not discharge an obligation to perform under the other contract.
Apr 08Market Risk
CA-3.3.12
The price risk on the commodity exposure in Salam can be measured in two ways, either the maturity ladder approach in accordance with paragraphs CA-5.6.9 to CA-5.6.12 or price risk in accordance with paragraph CA-5.2.2.
Apr 08CA-3.3.13
The long and short positions in a commodity, which are positions of Salam and Parallel Salam, may be offset under either approach for the purpose of calculating the net open positions provided that the positions are in the same group of commodities.
Apr 08Foreign Exchange Risk
CA-3.3.14
It the funding of a commodity purchase or selling of a commodity leaves a bank open to foreign exchange exposures, the relevant positions should be included in the measures of foreign exchange risk described in section CA-5.5.
Apr 08Summary of Capital Requirement at Various Stages of the Contract
CA-3.3.15
The following table sets out the applicable period of the contract that attracts capital charges:
(a) Salam with Parallel SalamApplicable Stage of Contract Credit RW Market Risk Capital Charge Payment of purchase price by the bank of a Salam customer Based on customer's rating or 100% RW for unrated customer.
No Netting of Salam exposures against parallel Salam exposures.
(See section CA-4.2)Two approaches are available.
Maturity Ladder Approach (see paragraphs CA-5.6.9 to CA-5.6.12 of chapter CA-5)
Price risk (see CA-5.2.2 of chapter CA-5)Receipt of the purchased commodity by the bank. Asset available for delivery to the customer. If the bank has legal right to recoup from the customer any loss on disposing of the asset Based on customer's rating or 100% RW for unrated customer.
No Netting of Salam exposures against parallel Salam exposures.
(See section CA-4.2)NA Receipt of the purchased commodity by the bank. Asset available for delivery to the customer - If the bank has no legal right to recoup from the customer any loss on disposing of the asset NA Two approaches are available.
Maturity Ladder Approach (see paragraphs CA-5.6.9 to CA-5.6.12 of chapter CA-5)
Price risk (see paragraph CA-5.2.2 of chapter CA-5)The purchased commodity is sold and delivered to the buyer and the amount is received. NA NA (b) Salam without Parallel SalamApplicable Stage of Contract Credit RW Market Risk Capital Charge Payment of purchase price by the bank of a Salam customer. At this stage of the contract, only one of credit or market risk is possible at the same time. To be prudent, higher of the two should be provided (not both). The higher of the following (credit or market) Based on customer's rating or 100% RW for unrated customer.
(See section CA-4.2)Price risk but without additional 3 %. (see paragraph 5.2.2 of chapter CA-5) Receipt of the purchased commodity by the bank NA Price risk but without additional 3 %. (see paragraph 5.2.2 of chapter CA-5) The purchased commodity is sold and delivered to the buyer. NA NA Amended: April 2011
April 2008CA-3.4 CA-3.4 Istisna'a and Parallel Istisna'a
Introduction
CA-3.4.1
This section sets out the minimum capital adequacy requirement to cover credit and market (price) risks arising from entering into contracts or transactions that are based on the Sharia rules and principles of Istisna'a.
Apr 08CA-3.4.2
Istisna'a and parallel Istisna'a contracts would attract a risk weighting as per the credit standing of the respective counterparties (See section CA-4.2).
Apr 08CA-3.4.3
An Istisna'a contract refers to an agreement to sell to or buy from a customer, a non-existent asset which is to be manufactured or built according to the ultimate buyer's specifications and is to be delivered on a specified future date at a predetermined selling price.
Apr 08CA-3.4.4
The bank, as the seller, has the option to manufacture or build the asset on its own or to engage the services of a party other than the Istisna'a ultimate buyer as supplier or subcontractor, by entering into a Parallel Istisna'a contract (please refer to paragraph CA-3.4.12).
Apr 08CA-3.4.5
The exposures under Istisna'a involve credit and market risks, as described below. Credit exposures arise once the work is billed to the customer, while market (price) exposures arise on unbilled work-in-process (WIP).
Apr 08CA-3.4.6
There is a capital requirement to cater for the credit (counterparty) risk of the bank not receiving the selling price of the asset from the customer or project sponsor either in pre-agreed stages of completion and/or upon full completion of the manufacturing or construction process.
Apr 08CA-3.4.7
This section also sets out the capital adequacy requirement to cater for the market risk that a bank incurs from the date of manufacturing or construction, which is applicable throughout the period of the contract on unbilled WIP inventory.
Apr 08CA-3.4.8
This section is applicable to both (a) Istisna'a contracts that are executed without a Parallel Istisna'a contract and (b) Istisna'a contracts that are backed by independently executed Parallel Istisna'a contracts.
Apr 08CA-3.4.9
This section makes distinctions between the two main categories of Istisna'a:
(a) Full Recourse Istisna'a
The receipt of the selling price by the bank is dependent on the financial strength or payment capability of the customer for the subject matter of Istisna'a, where the source of payment is derived from the various other commercial activities of the customer and is not solely dependent on the cash flows from the underlying asset/project; and(b) Limited and Non-recourse Istisna'a
The receipt of the selling price by the bank is dependent partially or primarily on the amount of revenue generated by the asset being manufactured or constructed by selling its output or services to contractual or potential third party buyers. This form of Istisna'a faces "revenue risk" arising from the asset's ability to generate cash flows, instead of the creditworthiness of the customer or project sponsor.Apr 08CA-3.4.10
In full, limited and non-recourse Istisna'a contracts, the bank assumes the completion risk that is associated with the failure to complete the project at all, delay in completion, cost overruns, occurrence of a force majeure event and unavailability of qualified personnel and reliable seller(s) or subcontractors in a Parallel Istisna'a.
Apr 08CA-3.4.11
The selling price of an asset sold based on Istisna'a is agreed or determined on the contractual date and such a contract is binding. The price cannot be increased or decreased on account of an increase or decrease in commodity prices or labour cost. The price can be changed subject to the mutual consent of the contracting parties due to alteration or modifications to the contract or unforeseen contingencies, which is a matter for the commercial decision of the bank and can result in a lower profit margin.
Apr 08CA-3.4.12
In cases where a bank enters into Parallel Istisna'a to procure an asset from a party other than the original Istisna'a customer (buyer), the price risk relating to input materials is mitigated. The bank remains exposed to the counterparty risk of the Parallel Istisna'a seller in delivering the asset on time and in accordance with the Istisna'a ultimate buyer's specifications. This is the risk of not being able to recover damages from the Parallel Istisna'a seller for the losses resulting from the breach of contract.
Apr 08CA-3.4.13
The failure of the Parallel Istisna'a seller to deliver a completed asset which meets the buyer's specifications does not discharge the bank's obligations to deliver the asset ordered under an Istisna'a contract, and thus exposes the bank to potential loss in making good the shortcomings or obtaining the supply elsewhere. The obligations of a bank under Istisna'a and Parallel Istisna'a contracts are not inter-conditional or interdependent, which implies that there is no legal basis for offsetting credit exposures between the contracts.
Apr 08Credit Risk
Full Recourse Istisna'a
CA-3.4.14
The receivable amount generated from the selling of an asset based on an Istisna'a contract with full recourse to the customer (buyer) shall be assigned a RW based on the credit standing of the customer as rated by an ECAI that is approved by the CBB. In case the buyer is unrated, a RW of 100% shall apply. (See section CA-4.2).
Apr 08Limited and Non-Recourse Istisna'a
CA-3.4.15
When the project is rated by an ECAI, the RW based on the credit rating of the project is applied to calculate the capital adequacy requirement. Otherwise, the RW shall be based on the 'Supervisory Slotting Criteria' approach for Specialised Financing (Project Finance) as set out in section CA-4.3.
Apr 08CA-3.4.16
In cases where a group of contractors are engaged in a particular project, the risk rating or weightage will follow the obligations of various contractors. If the risk is undertaken by a main contractor, the risk rating of the main contractor is to be used.
Apr 08CA-3.4.17
The limited and non-recourse Istisna'a financing structure is required to meet the characteristics as set out below in order to qualify for the treatment mentioned in paragraph CA-3.4.15 above:
(a) The segregation of the project's liabilities from the balance sheet of the Istisna'a ultimate buyer (or project sponsor) from a commercial and accounting perspective which is generally achieved by having the Istisna'a contract made with a special purpose entity set up to acquire and operate the asset/project concerned;(b) The ultimate buyer is dependent on the income received from the assets acquired/ projects to pay the purchase price;(c) The contractual obligations give the manufacturer/constructor/bank a substantial degree of control over the asset and the income it generates, for example under BOT (built, operate and transfer) arrangement where the manufacturer builds a highway and collects tolls for a specified period as a consideration for the selling price; and(d) The primary source of repayment is the income generated by the asset/project rather than relying on the capacity of the buyer.Amended: April 2011
April 2008CA-3.4.18
Please Note: Insurance is normally part and parcel of the project risk financing. However, it is not regarded as a credit risk mitigating technique.
Apr 08Exclusions
CA-3.4.19
The capital requirement is to be calculated on the receivable amount, net of (i) specific provisions, (ii) any amount that is secured by eligible collateral (as defined in section CA-4.7) and/or (iii) any amount which is past due by more than 90 days. The portions that are collateralised and past due are subject to the treatment as set out in chapter CA-4.
Apr 08CA-3.4.20
Any portion of an Istisna'a contract that is covered by an advanced payment shall carry a RW of 0%, or the amount of the advanced payment shall be offset against the total amount receivable or amounts owing from progress billings.
Apr 08Applicable Period
CA-3.4.21
The credit RW is to be applied from the date when the manufacturing or construction process commences and until the selling price is fully settled by the bank, either in stages and/or on the maturity of the Istisna'a contract, which is upon delivery of the manufactured asset to the Istisna'a ultimate buyer.
Apr 08Offsetting Arrangement between Credit Exposures of Istisna'a and Parallel Istisna'a
CA-3.4.22
The credit exposure amount of an Istisna'a contract is not to be offset against the credit exposure amount of a Parallel Istisna'a contract because an obligation under one contract does not discharge an obligation to perform under the other contract.
Apr 08Market Risk
Full Recourse Istisna'a
(a)Istisna'a with Parallel Istisna'a
CA-3.4.23
There is no capital charge for market risk to be applied in addition to provisions in paragraphs CA-3.4.14 to CA-3.4.22 above, subject to there being no provisions in the Parallel Istisna'a contract that allow the seller to increase or vary its selling price to the bank, under unusual circumstances. Any variations in a Parallel Istisna'a contract that are reflected in the corresponding Istisna'a contract which effectively transfers the whole of the price risk to an Istisna'a customer (buyer), is also eligible for this treatment.
Apr 08(b)Istisna'a without Parallel Istisna'a
CA-3.4.25
A capital charge of 1.6% (equivalent to a 20% RW) is to be applied to the balance of unbilled WIP inventory to cater for market risk, in addition to the credit RW stated in paragraphs CA-3.4.14 to CA-3.4.22 above.
Apr 08CA-3.4.26
This inventory is held subject to the binding order of the Istisna'a buyer and is exposed to the price risk as described in CA-3.4.11.
Apr 08Foreign Exchange Risk
CA-3.4.27
Any foreign exchange exposures arising from the purchasing of input materials, or from Parallel Istisna'a contracts made, or the selling of a completed asset in foreign currency should be included in the measures of foreign exchange risk described in section CA-5.5.
Apr 08Summary of Capital Requirement at Various Stages of the Contract
CA-3.4.28
The following tables set out the applicable period of the contract that attracts capital charges for (a) Full Recourse Istisna'a (b) Limited and Non-Recourse Istisna'a.
(a) Full Recourse Istisna'a(i) Istisna'a with Parallel Istisna'aApplicable Stage of the Contract Credit RW Market Risk Capital Charge Unbilled work-in-progress Based on ultimate buyer's rating or 100% RW for unrated buyer.
No netting of Istisna'a exposures against Parallel Istisna'a exposures.
(See paragraphs CA-3.4.14 to CA-3.4.22)
(See section CA-4.2)Nil provided that there is no provision in the Parallel Istisna'a contract that allows the seller to increase or vary the selling price. See paragraph CA-3.4.23 If the seller is allowed to vary the selling price of the asset, then under the market risk treatment 15% capital charge on net long or short position plus 3% capital charge on gross positions. Amount receivable after contract billings Upon full settlement price by an Istisna'a buyer. NA NA (ii) Istisna'a without Parallel Istisna'aApplicable Stage of the Contract Credit RW Market Risk Capital Charge Unbilled work-in-progress Based on ultimate buyer's rating or 100% RW for unrated buyer. 1.6% capital charge on work in progress inventory.
See relevant paragraphs under CA-3.4.25 to CA-3.4.26Progress billing to customer. Based on ultimate buyer's rating or 100% RW for unrated buyer.
(See paragraphs CA-3.4.14 to CA-3.4.22) (See section CA-4.2)NA Upon full settlement price by and Istisna'a buyer. NA NA (b) Limited and Non-Recourse Istisna'a
Istisna'a with Parallel Istisna'a (for project finance)Applicable Stage of the Contract Credit RW Market Risk Capital Charge Unbilled work-in-progress Based on project's ECAI rating if available or supervisory slotting criteria that ranges from 70% to 250% RW.
No netting of Istisna'a exposures against Parallel Istisna'a exposures.
(See sections CA-4.2 and CA -4.3)NA Amount receivable after contract billings NA Upon full settlement price by and Istisna'a buyer. NA NA Apr 08CA-3.5 CA-3.5 Ijarah and Ijarah Muntahia Bittamleek
Introduction
CA-3.5.1
This section sets out the minimum capital requirement to cover counterparty risk and residual value risk of leased assets, arising from a bank entering into contracts or transactions that are based on the Sharia rules and principles of Ijarah and Ijarah Muntahia Bittamleek (IMB), also known as Ijarah wa Iqtinā. The section also covers the market (price) risk of assets acquired for Ijarah and IMB.
Apr 08CA-3.5.2
In an Ijarah contract (either operating or IMB), the bank as the lessor maintains its ownership in the leased asset whilst transferring the right to use the asset, or usufruct, to an enterprise as the lessee, for an agreed period at an agreed consideration. All liabilities and risks pertaining to the leased asset are to be borne by the bank including obligations to restore any impairment and damage to the leased asset arising from wear and tear and natural causes which are not due to the lessee's misconduct or negligence.
Apr 08CA-3.5.3
Thus, in both Ijarah and IMB, the risks and rewards remain with the lessor, except for the residual value risk at the term of an IMB which is borne by the lessee. The lessor is exposed to price risk on the asset while it is in the lessor's possession prior to the signature of the lease contract, except where the asset is acquired following a binding promise to lease as described in paragraph CA-3.5.5 below.
Apr 08CA-3.5.4
In an IMB contract, the lessor promises to transfer its ownership of the leased asset to the lessee at the end of the contract as a gift or as a sale at a specified consideration, provided that (a) the promise is separately expressed and independent of the underlying Ijarah; or (b) a gift contract is entered into conditional upon fulfillment of all the Ijarah obligations, and thereby ownership shall be automatically transferred thereupon.
Apr 08CA-3.5.5
In both operating Ijarah and IMB, the Bank either possesses the asset before entering into a leased contract or enters into the contract based on specific description of an asset to be leased and acquired in the future before it is delivered to the lessee. This agreement to lease may be considered as binding (binding Promise to Lease (PL)) or as non-binding (non-binding PL) depending on the applicable Sharia interpretations.
Apr 08Operating Ijarah
CA-3.5.6
This section sets out the minimum capital requirements to cater for the lessor's exposures to (a) the credit risk of the lessee as counterparty in servicing the lease rentals, and (b) the market (price) risk attaching to the residual value of the leased assets either at the end of the Ijarah contract or at the time of repossession upon default, i.e. the risk of losing money on the resale of the leased asset.
Apr 08IMB
CA-3.5.7
In IMB, once the lease contract is signed, the lessor is exposed to credit risk for the lease payments receivable from the lessee (a credit risk mitigated by the asset's value as collateral5 in most cases) and to a type of operational risk in respect of the need to compensate the lessee if the asset is permanently impaired through no fault of the latter. If the leased asset is permanently impaired and is uninsured, the bank suffers a loss equal to the carrying value of the leased asset, just as it would if any of its fixed assets were permanently impaired. In the event that the lessee exercises its right to cancel the lease, the lessor is exposed to the residual value of the leased asset being less than the refund of payments due to the lessee. In such case, the price risk, if any, is already reflected in a 'haircut' to be applied to the value of the leased asset as collateral. Therefore, the price risk, if any, is not applicable in the context of the IMB.
5 The collateral used in the context of IMB is of the usufruct or use value of the asset, as the bank is the owner of the asset.
Apr 08CA-3.5.8
This section sets out the minimum capital adequacy requirement to cater for the credit risk of the lessee as counterparty with respect to servicing the lease rentals. The credit risk exposure in respect of the lease rentals is mitigated by the collateral represented by the value of the leased asset on repossession, provided that the bank is able to repossess the asset, which may be subject to doubt, especially in the case of movable assets or residential real estate. Insofar as there is doubt as to the lessor's ability to repossess the asset, the residual fair value of the asset that was assumed in fixing the lease rentals is also exposed to credit risk.
Apr 08CA-3.5.9
The bank may be exposed to losses in case a lessee acquiring an asset under IMB decides not to continue with the contract. In such a case, the lessor is required to refund to the lessee the capital payments (instalments of the purchase price) that were included in the periodic lease rentals (subject to deduction of any amounts due for unpaid rentals). If the value of the repossessed asset is less than the amount to be refunded (before any such deduction), the difference constitutes a loss to the lessor. This exposes the bank as lessor to a form of market risk.
Apr 08CA-3.5.10
In theory, a situation could arise in which, when an IMB contract arrives at its term, the lessee decides not to exercise its option to complete the purchase by making the contractually agreed final payment (The option to purchase places no obligation on the lessee to do so.). The bank may thus be exposed to market risk, in respect of a potential loss from disposing of the asset for an amount lower than its net book value. Generally, however, the lessor's exposure in such a case would not be significant, as the option to purchase can be exercised by making a payment of a token amount and the lessee would have no reason to refrain from exercising it.
Apr 08CA-3.5.11
Moreover, the net book value of the asset at the term of the IMB (i.e. its residual fair value as assumed in fixing the lease rentals) would be zero or close to zero.
Apr 08Credit Risk
CA-3.5.12
In a binding PL, when a bank is exposed to default on the lease orderer's obligation to execute the lease contract, the exposure shall be measured as the amount of the asset's total acquisition cost to the bank, less the market value of the asset as collateral subject to any haircut, and less the amount of any urbun received from the lease orderer. The applicable RW shall be based on the standing of the obligor as rated by an ECAI that is approved by the CBB, and in the case the obligor is unrated, a RW of 100% shall apply (refer to chapter CA-4). The bank may or may not have the right to recoup from the customer any loss on leasing or disposing of the asset after taking account of the HJ.
Apr 08CA-3.5.13
In applying the treatment as set out in paragraph CA-3.5.12, the bank must ensure that the PL is properly documented and is legally enforceable. In the absence of proper documentation and legal enforceability, the asset is to be treated similarly to one in a non-binding PL which is exposed to market (price) risk, using the measurement approach as set out in paragraph CA-3.5.18(a).
Apr 08Operating Ijarah
CA-3.5.14
When the lessee gets the right to use the asset, the lessor is exposed to credit risk for the estimated value of the lease payments in respect of the remaining period of the Ijarah. This exposure is mitigated by the market value of the leased asset (subject to the applicable haircut) which may be repossessed (except in the case of residential real estate). The net credit risk exposure shall be assigned a RW based on the credit standing of the lessee/counterparty as rated by an ECAI that is approved by the CBB. In the case that the lessee is unrated, a RW of 100% shall apply.
Apr 08IMB
CA-3.5.15
When the lessee gets the right to use the asset, the capital requirement for IMB is based on the total estimated future ijarah receivable amount over the duration of the lease contract. This exposure is mitigated by the market value of the leased asset which may be repossessed (except in the case of residential real estate). The net credit risk exposure shall be assigned a RW based on the credit standing of the lessee/counterparty as rated by an ECAI that is approved by the CBB. In the case that the lessee is unrated, a RW of 100% shall apply. (See section CA-4.2).
Apr 08CA-3.5.16
The estimated future ijarah receivable amount as indicated in paragraph CA-3.5.15 (a) above, shall be risk-weighted based on the credit standing of the lessee as rated by an ECAI or at 100%, after deduction of the value of the leased asset as collateral (subject to any haircut). (See chapter CA-4).
Apr 08Exclusions
CA-3.5.17
The capital requirement is to be calculated on the receivable amount, net of (i) specific provisions, (ii) any amount that is secured by eligible collateral (as defined in section CA-4.7) and/or (iii) any amount which is past due by more than 90 days. The portions that are collateralised and past due are subject to the treatment as set out in chapter CA-4.
Apr 08Market Risk
CA-3.5.18
In the case of an asset acquired and held for the purpose of either operating Ijarah or IMB, the capital charge to cater for market (price) risk in respect of the leased asset from its acquisition date until its disposal can be categorised into the following:
(a) Non-binding PL
The asset for leasing will be treated as inventory of the bank and capital charge will be provided for the price risk in accordance with section CA-5.2.(b) Binding PL
In a binding PL, a bank is exposed to default on the lease orderer's obligation to lease the asset in its possession. In the event of the lease orderer defaulting on its PL, the bank will either lease or dispose of the asset to a third party. The bank will have recourse to any HJ paid by the customer6, and (i) may have a right to recoup from the customer any loss on leasing or disposing of the asset after taking account of the HJ, or (ii) may have no such right, depending on the legal situation. In both cases, this risk is mitigated by the asset in possession (if eligible) as well as any HJ paid by the lease orderer.
6 The amount can only be deducted for damages, i.e. difference between the asset acquisition cost and the total of lease rentals (when the asset is leased to a third party) or selling price (when the asset is sold to a third party), whichever is applicable.
Apr 08CA-3.5.19
In case (i), the bank has the right to recoup any loss (as indicated in the previous paragraph) from the customer, that right constitutes a claim receivable which is exposed to credit risk, and the exposure shall be measured as the amount of the asset's total acquisition cost to the bank, less the market value of the asset as collateral subject to any haircut, and less the amount of any HJ. The applicable RW shall be based on the standing of the customer as rated by an ECAI that is approved by CBB, and in the case the obligor is unrated, a RW of 100% shall apply. (see section CA-4.2).
Apr 08CA-3.5.20
In case (ii) the bank has no such right, and the cost of the asset to the bank constitutes a market risk (as in the case on a non-binding PL), but this market risk exposure is reduced by the amount of any HJ that the bank has the right to retain.
Apr 08Operating Ijarah
CA-3.5.21
The residual value of the asset will be subject to capital charge of 8%. Upon expiry of the lease contract, the carrying value of the leased asset shall carry a capital charge for price risk in accordance with section CA-5.2 until the asset is re-leased or disposed of.
Apr 08IMB
CA-3.5.22
In the event that the lessee exercises its right to cancel the lease, the lessor is exposed to the residual value of the leased asset being less than the refund of payments due to the lessee. In such a case, the price risk, if any, is already reflected in a 'haircut' to be applied to the value of the leased asset as collateral in credit risk. Therefore, the price risk, if any, is not applicable in the context of the IMB.
Apr 08Summary of Capital Requirement at Various Stages of the Contract
CA-3.5.23
The following tables set out the applicable period of the contract that attracts capital charges:
Operating IjarahApplicable Stage of the Contract Credit RW Market Risk Capital Charge Asset available for lease (prior to signing a lease contract) - If the bank has legal right to recoup from the customer any loss on disposing of the asset Binding PL Asset acquisition cost less (a) market value of asset fulfilling function of collateral (net of any haircuts) and (b) any 'hamish jiddiyyah' multiply with the customer's rating or 100% RW for unrated customer. (See section CA-4). Non-binding PL 15% capital charge until lessee takes possession. Asset available for lease (prior to signing a lease contract) - If the bank has no legal right to recoup from the customer any loss on disposing of the asset NA 15% capital charge until lessee takes possession minus urbun (If the bank has legal right to it). When the lessee gets the right to use the asset and the lease rental payments are due from the lessee Total contractual obligation of the lease rental receivable over the duration of the lease contract less the recovery value* (if eligible) of the leased asset shall be risk-weighted according to the lessee's rating. (100% RW for an unrated lessee.). (See chapter CA-4). The residual value will be subject to capital charge of 8% Maturity of contract term and the leased asset is returned to the bank Not applicable 15% capital charge of the carrying value of the asset * Recovery value should be based on the entire Ijarah asset value.
IMBApplicable Stage of the Contract Credit RW Market Risk Capit Charge Asset available for lease (prior to signing a lease contract) - If the bank has legal right to recoup from the customer any loss on disposing of the asset Binding PL Asset acquisition cost less (a) market value of asset fulfilling function of collateral (net of any haircuts) and (b) any 'hamish jiddiyyah' multiply with the customer's rating or 100% RW for unrated customer. (See chapter CA-4). Non-binding PL 15% capital charge until lessee takes possession Asset available for lease (prior to signing a lease contract) - If the bank has no legal right to recoup from the customer any loss on disposing of the asset NA 15% capital charge until lessee takes possession minus urbun (If the bank has legal right to it). When the lessee gets the right to use the asset and the lease rental payments are due from the lessee Total contractual obligation of the lease rental receivable over the duration of the lease contract less recovery value of the asset* (if eligible) shall be risk-weighted according to the lessee's rating (100% RW for an unrated lessee. (See chapter CA-4). Not applicable Maturity of contract term and the leased asset is returned to the bank Not applicable Not applicable * Recovery value should be based on the entire Ijarah asset value.
Apr 08CA-3.6 CA-3.6 Musharakah and Diminishing Musharakah
Introduction
CA-3.6.1
This section sets out the minimum capital adequacy requirement to cover the risk of loss on invested capital arising from entering into contracts or transactions that are based on the Sharia rules and principles of Musharakah and Diminishing Musharakah where the bank and their customers/partner(s) contribute to the capital of the partnership and shares its profit or loss.
Apr 08CA-3.6.2
This section is applicable to both (a) Musharakah in which all the partners' share remain constant throughout the contract period; and (b) Diminishing Musharakah in which the share of the bank shall be gradually reduced during the tenure of the contract until it is fully sold to the other partner(s).
Apr 08CA-3.6.3
Musharakah contracts refer to partnerships in specific transactions or projects. These exclude participation in the share capital (equity) of other enterprises.
Apr 08CA-3.6.4
A Musharakah is an agreement between the bank and a customer to contribute capital in various proportions to an enterprise, whether existing or new, or to ownership of a real estate or moveable asset, either on a permanent basis, or on a diminishing basis where the customer progressively buys out the share of the bank ("Diminishing Musharakah"). Profits generated by that enterprise or real estate/asset are shared in accordance with the terms of Musharakah agreement whilst losses are shared in proportion to the respective contributor's share of capital.
Apr 08CA-3.6.5
A bank may enter into a Musharakah contract with a customer as a means of providing a financing to the latter on a profit sharing and loss bearing basis. In this case, the Musharakah is normally of the diminishing type, in which the customer gradually purchases the bank's partnership share over the life of the contract. This type of financing is one of the Sharia compliant alternatives to avoid a conventional term loan repayable by instalments, and as such it is exposed to credit risk for the customer's purchase payments as well as to the risk attached to the bank's share of the underlying assets.
Apr 08Musharakah
CA-3.6.6
This section sets out the minimum capital adequacy requirement to cater for "capital impairment risk", the risk of losing the amount contributed to an enterprise or ownership of an asset. The bank acts as a partner in a Musharakah contract and is exposed to the risk of losing its capital upon making payment of its share of capital in a Musharakah contract. A Musharakah can expose the bank either to capital impairment risk or to 'credit risk', depending on the structure and purpose of the Musharakah and the types of asset in which the funds are invested. The invested capital is redeemable either by liquidation of the Musharakah assets at the end of the contract which has a fixed tenure or as mutually agreed by the partners, or upon divestment of partnership in an on-going Musharakah subject to giving a notice to other partners. The amount of capital redemption is represented by the value of a share of capital, which is dependent on the quality of the underlying investments or assets, and ability to generate profits and cash flows from the Musharakah.
Apr 08CA-3.6.7
As a partner to a Musharakah contract, the bank is not entitled to a fixed rate of return and is thus exposed to variable profits generated by the partnership which are shared on a basis as agreed in the Musharakah contract, whereas losses are to be borne by the bank and its partners according to their respective ratio of invested capital. Therefore, the bank is exposed to entrepreneurial risk of an active partner that manages the partnership and business risks associated with the underlying activities and types of investments or assets of the partnership.
Apr 08Diminishing Musharakah
CA-3.6.8
This form of Musharakah is a means whereby a bank can provide term finance to a client on a profit and loss sharing basis. The bank enters into this type of Musharakah with the objective of transferring the ownership to the partner/customer, where the bank acts as a joint-owner of the asset with a promise by the partner to purchase the bank's share making a payment on one or more specified future dates. The bank's selling price is normally based on the fair value of the partnership share being transferred on the date of each purchase, which may expose the bank to the risk of selling its share of ownership below the acquisition price.
Apr 08CA-3.6.9
As a joint-owner, the bank is also entitled to its share of revenue generated from the assets of the Musharakah, such as Ijarah lease rentals in which the rental entitlements to the bank shall be adjusted periodically according to the bank's share of ownership in the asset.
Apr 08CA-3.6.10
The bank's position in a Diminishing Musharakah thus entails two kinds of exposure. The amounts due from the partner to purchase the agreed shares of the asset on the agreed dates are subject to credit risk in respect of the partner's ability and willingness to pay, with the shares of the partner in the asset providing credit risk mitigation as collateral. The capital invested by the bank is also subject to the risk that the amounts recoverable from the partner may be less than the amount invested because the value of the Musharakah assets has decreased (capital impairment risk).
Apr 08Equity Position Risk - Musharakah
CA-3.6.11
Musharakah exposures, unless deducted for regulatory capital purposes according to the Prudential Consolidation and Deduction Requirements, will be treated as stated in paragraphs CA-3.6.12 to CA-3.6.14.
Apr 08CA-3.6.12
Musharakah exposures in the nature of specialized financing will be risk-weighted as per the supervisory slotting criteria as detailed in section CA-4.3.
Apr 08CA-3.6.13
Other Musharakah exposures will be risk-weighted using the risk weights applicable to equities as explained in section CA-4.2.
Apr 08Equity Position Risk - Diminishing Musharakah
CA-3.6.15
The equity exposure in a Diminishing Musharakah contract, where the bank intends to transfer its full ownership in movable assets and working capital to the other partner over the life of the contract, is calculated based on the remaining balance of the amount invested (measured at historical cost including any share of undistributed profits) less any specific provision for impairment. The exposure shall be risk weighted according to the nature of the underlying assets as set out in paragraph CA-3.6.11 to CA-3.6.14 above. If a third party guarantee exists, to make good impairment losses, the RW of the guarantor shall be substituted for that of the assets (if lower) for the amount of any such guarantee.
Apr 08Summary of Capital Requirement at Various Stages of the Contract
CA-3.6.16
The following table sets out the Musharakah categories that attract capital charges:
Musharakah Category Credit RW Market Risk Capital Charge Specialized financing Supervisory slotting criteria should be applied.
Between 90-270% RW of the contributed amount* to the business venture based on the four categories.NA Other 150% RW** of the contributed amount to the business venture less any specific provisions (if there is a third party guarantee, the RW of the guarantor shall be substituted for that of the assets for the amount of any such guarantee, if lower). NA Musharakah meeting the definition of trading book As set out in the applicable market risk section (Chapter CA-5). * In the case of Diminishing Musharakah, the contributed amount is based on the remaining balance of the invested amount.
** 100% RW may be applied if the funds can be withdrawn by the bank at short notice of 5 working days.
Apr 08CA-3.7 CA-3.7 Mudarabah
Introduction
CA-3.7.1
This section sets out the minimum capital adequacy requirement to cover the risk of losing invested capital arising from entering into contracts or transactions that are based on the Sharia rules and principles of Mudarabah where the bank assumes the role of capital provider. This section is applicable to both restricted and unrestricted Mudarabah financing.
Apr 08CA-3.7.2
A Mudarabah is an agreement between the bank and a customer whereby the bank would contribute capital to an enterprise or activity which is to be managed by the customer as the (labour provider or) Mudarib.
Apr 08CA-3.7.3
Profits generated by that enterprise or activity are shared in accordance with the terms of the Mudarabah agreement whilst losses are to be borne solely by the bank unless the losses are due to the Mudarib's misconduct, negligence or breach of contracted terms.
Apr 08CA-3.7.4
A Mudarabah financing can be carried out on either:
(a) A restricted basis, where the capital provider allows the Mudarib to make investments subject to specified investment criteria or certain restrictions such as types of instrument, sector or country exposures; and(b) An unrestricted basis, where the capital provider allows the Mudarib to invest funds freely based on the latter's skills and expertise.Amended: April 2011
April 2008CA-3.7.5
As the fund provider, the bank is exposed to the risk of losing its capital investment or 'capital impairment risk' upon making payment of the capital to the Mudarib. Any loss on the investment is to be borne solely by the capital provider, but is limited to the amount of his capital. Losses that are due to misconduct, negligence or breach of contractual terms, are to be borne by the Mudarib.
Apr 08CA-3.7.6
However, while it is not permissible for a Mudarib to give a guarantee against such losses, such a guarantee may be given by a third party on the basis of tabarru (donation). In such a case, the amount of the Mudarabah capital so guaranteed may be considered as subject to credit risk with a risk weighting equal to that of the guarantor.
Apr 08CA-3.7.7
In particular, such guarantees may be given when liquid funds are placed in an Islamic interbank market under a Mudarabah contract.
Apr 08Equity Position Risk
CA-3.7.8
Mudarabah exposures, unless deducted for regulatory capital purposes according to the Prudential Consolidation and Deduction Requirements, will be treated as stated in paragraphs CA-3.7.9 to CA-3.7.11.
Apr 08CA-3.7.9
Mudarabah exposures in the nature of specialized financing will be risk-weighted as per the supervisory slotting criteria as detailed in section CA-4.3.
Apr 08CA-3.7.10
Other Mudarabah exposures will be risk-weighted using the risk weights applicable to equities as explained in section CA-4.2.
Apr 08Summary of Capital Requirements for Mudarabah Categories
CA-3.7.12
The following tables set out the Mudarabah categories that attract capital charges:
Mudarabah Category Credit RW Market Risk Capital Charge Specialized financing Supervisory slotting method will be applied.
Between 90-270% RW of the contributed amount to the business venture based on the four categories.NA Other 150% RW* of the contributed amount to the business venture less any specific provisions (if there is a third party guarantee, the RW of the guarantor shall be substituted for that of the assets for the amount of any such guarantee). NA Mudarabah meeting the definition of trading book As set out in the applicable market risk section (See chapter CA-5). * 100% RW may be applied if the funds can be withdrawn by the bank at short notice of 5 working days.
Apr 08CA-3.8 CA-3.8 Sukuk
Introduction
CA-3.8.1
This section sets out the minimum capital adequacy requirement to cover the credit risk and market risk arising from the holding of Sukuk.
Apr 08CA-3.8.2
This section is applicable only to Sukuk or certificates that represent the holder's proportionate ownership in an undivided part of an underlying asset where the holder assumes all rights and obligations to such asset. This section does not cover certificates that give the holders the entitlement to receive returns on an asset of which the ownership is not transferred to the Sukuk holders.
Apr 08CA-3.8.3
Sukuk can be broadly categorised into:
(a) Asset-based Sukuk, where the underlying assets offer fairly predictable returns to the Sukuk holders, such as in the case of Salam, Istisna'a and Ijarah (Note: the assets in question may be held by a Musharakah or Mudarabah which is securitised. This is not the same as the Musharakah or Mudarabah Sukuk mentioned below).(b) Equity-based Sukuk, where the returns are determined on a profit and loss sharing in the underlying investment which does not offer fairly predictable returns (e.g. Musharakah or Mudarabah for trading purposes).Amended: April 2011
April 2008CA-3.8.4
CBB has the discretion to specify measurement approaches as it thinks appropriate for other types of Sukuk which are not listed in this section, provided they are approved by a Sharia board.
Apr 08Salam Sukuk
CA-3.8.5
A Salam Sukuk represents fractional ownership of the capital of a Salam transaction, where the Salam capital is constituted by an advance payment to a counterparty as supplier of a commodity (the subject-matter) to be delivered at a future date. This type of Sukuk is non-tradable, since the subject-matter is considered to be a financial asset (a receivable). The gross return to the Sukuk holders consists of the margin or spread between the purchase price of the subject-matter and its selling price following delivery. In certain Sukuk issues, a third party gives an undertaking that the subject-matter will be sold at a price exceeding the purchase price by a specified margin. This may be achieved by means of a parallel Salam transaction in which a third party purchases the subject-matter for delivery on the same delivery date as in the original Salam contract.
Apr 08Istisna'a Sukuk
CA-3.8.6
An Istisna'a Sukuk represents a fractional share in the project financing of an undertaking to manufacture or construct an asset for a customer at a price to be paid in future instalments, the total of which equals the total face value of the Sukuk, in addition to mark-up. The Sukuk can be in the form of serial notes or certificates with different maturity dates that match the progress schedule of instalments as agreed between the buyer/customer of the asset and the manufacturer/bank. Istisna'a Sukuk are tradable as the subject-matter is considered to be a non-financial asset (work-in-process inventory).
Apr 08Ijarah Sukuk
CA-3.8.7
An Ijarah Sukuk represents the holder's proportionate ownership in a leased asset where the Sukuk holders will collectively assume the rights and obligations of the lessor. The Sukuk holder will enjoy a share of the lease rental in proportionate to the ownership share in the leased asset. An Ijarah Sukuk is tradable from the issuance date as the subject-matter is a non-financial asset owned by the Sukuk holders. As a part-owner, the Ijarah Sukuk holder assumes a proportionate share of any loss if the leased asset is destroyed or of the cost of meeting the obligation to provide an alternative asset, failing which, the lessee can terminate the lease without paying future rentals.
Apr 08Musharakah Sukuk
CA-3.8.8
A Musharakah Sukuk represents the direct pro-rata ownership of the holder in the assets of a private commercial enterprise or project where the subscription money is normally employed in purchasing non-liquid assets or such as real estate or moveable assets. A Musharakah Sukuk is a profit and loss sharing instrument where the exposure is of the nature of an equity position in the banking book, except in the case of investments (normally short-term) in assets for trading purposes. A Musharakah certificate can be tradable provided that non-cash and receivable assets are not less than 30% of market capitalisation.
Apr 08Mudarabah (Muqaradah) Sukuk
CA-3.8.9
Sukuk holders subscribe to the certificates issued by a Mudarib and share the profit and bear any losses arising from the Mudarabah operations. The returns to the holders are dependent on the revenue generated by the underlying investment. The rule regarding tradability of the certificates is the same as for Musharakah certificates.
Apr 08Calculation of Capital Charge
CA-3.8.10
If the Sukuk has the characteristics of a claim (or debt) then the Sukuk should be risk weighted using its issue specific rating according to the nature of the issuer (i.e. sovereign, bank or corporate etc). If the Sukuk is unrated and has the characteristics of a claim or debt, the risk weight applicable will be based on the risk weight applicable to the issuer.
Apr 08CA-3.8.11
If the Sukuk is equity in nature, such investment should be treated as an equity investment and risk weighted accordingly (i.e. 100 % for listed and 150 % for others).
Apr 08CA-3.8.12
The bank can apply to CBB for using look-through approach for such investment if it can demonstrate that look-through approach is more appropriate to the circumstances of the bank.
Apr 08CA-3.8.13
If there are no voting rights attached to investment in Sukuk, the investment will not be subjected to consolidation and deduction requirements (except large exposure limit).
Apr 08CA-3.8.14
For the purpose of determining "large exposure limit" for investment in Sukuk, look-through approach should be used (despite the fact that look-through approach is not used to risk weight the investment).
Apr 08Summary of Capital Requirements for Sukuk Exposures
CA-3.8.16
The following tables summarises the capital requirements for Sukuk exposures:
Sukuk Category Credit RW Market Risk Capital Charge In nature of claim or debt Risk-weighted according to the external rating of the Sukuk (where rated) or according to the risk weight applicable to the issuer (where unrated) NA In nature of equity -Listed 100% RW NA In nature of equity- Not listed 150% RW* NA If the bank gets approval to apply "look-through approach" RWs applicable to the underlying assets NA Sukuk meeting the definition of trading book NA As set out in the applicable market risk section (See chapter CA-5). * 100% RW may also be applied if the funds can be withdrawn by the bank at short notice of 5 working days.
Apr 08CA-4 CA-4 Credit Risk — The Standardized Approach
CA-4.1 CA-4.1 Introduction
CA-4.1.1
Credit risk exposures in Islamic financing arise in connection with accounts receivable in Murabaha contracts, counterparty risk in Salam contracts, accounts receivable and counterparty risk in Istisn'a contracts and lease payments receivable in Ijarah contracts, and Sukuk held to maturity in the banking book. Credit risk is measured according to the Standardised Approach as outlined in the Basel II guidelines, except for certain exposures arising from investments by means of Musharaka or Mudaraba contracts in assets in the banking book. The latter are to be treated as giving rise to credit risk (in the form of capital impairment risk), and are to be risk-weighted applying the supervisory slotting criteria for exposures in the nature of specialised financing and the risk weights applicable to equities for other equity exposures as detailed in the Musharaka and Mudaraba sections of this Rulebook.
Apr 08CA-4.1.2
Broadly, the assignment of Risk Weights (RW) under the standardised approach takes into consideration the following:
• The credit risk rating of an obligor or other counterparty, or a security, based on external credit assessment institutions (ECAI) ratings7. In determining the risk weights in the standardised approach, Islamic banks must use assessments by only those external credit assessment institutions which are recognised as eligible for capital purposes by CBB in accordance with the criteria defined in section CA-4.6.• Credit risk mitigation techniques adopted by the banks;• Types of the underlying assets that are sold and collateralised or leased by the banks; and• The amount of specific provisions made for the overdue portion of accounts receivable or lease payments receivable.
7 The notations follow the methodology used by one institution, Standard & Poor's. The use of Standard & Poor's credit ratings is an example only; those of some other external credit assessment institutions could equally well be used. The ratings used throughout this document, therefore, do not express any preferences or determinations on external assessment institutions by CBB.
Amended: April 2011
April 2008CA-4.1.3
Where a discount is applied on fair value of an asset (as explained in CA-2.1.4), the value of the asset will be adjusted to exclude that discount part. Refer to appendix CA-7.
Apr 08CA-4.2 CA-4.2 Segregation of Claims
Claims on Sovereigns
CA-4.2.1
Claims on governments of GCC member states (hereinafter referred to as GCC) and their central banks can be risk weighted at 0%. Claims on other sovereigns and their central banks are given a preferential risk weighting of 0% where such claims are denominated and funded in the relevant domestic currency of that sovereign/central bank (e.g. if a Bahraini bank has a claim on government of Australia and the loan is denominated and funded in Australian dollar, it will be risk weighted at 0%). Such preferential risk weight for claims on GCC/other sovereigns and their central banks will be allowed only if the relevant supervisor also allows 0% risk weighting to claims on its sovereign and central bank.
Apr 08CA-4.2.2
Claims on sovereigns other than those referred to in the previous paragraph must be assigned risk weights as follows:
Credit Assessment AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Unrated Risk Weight 0% 20% 50% 100% 150% 100% Apr 08Claims on International Organizations
CA-4.2.3.
Claims on the Bank for International Settlements, the International Monetary Fund and the European Central Bank must receive a 0% risk weight.
Apr 08Claims on Non-central Government Public Sectors Entities (PSEs)
CA-4.2.4
Claims on the Bahraini PSEs listed in Appendix CA-8 will be treated as claims on the government of Bahrain.
Apr 08CA-4.2.5
Where other supervisors also treat claims on named PSEs as claims on their sovereigns, claims to those PSEs are treated as claims on the respective sovereigns as outlined in paragraphs CA-4.2.1 and CA-4.2.2 above. These PSE's must be shown on a list maintained by the concerned central bank or financial regulator. Where PSE's are not on such a list, they must be subject to the treatment outlined in paragraph CA-4.2.6 below.
Apr 08CA-4.2.6
Claims on all other (foreign) PSEs (i.e. not having sovereign treatment) denominated and funded in the home currency of the sovereign must be risk weighted as allowed by their home country supervisors, provided the sovereign carries rating BBB- or above. Claims on PSEs with no explicit home country weighting or to PSEs in countries of BB+ sovereign rating and below are subject to ECAI ratings as per the following table:
Credit Assessment AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Unrated Risk Weight 20% 50% 100% 100% 150% 100% Apr 08CA-4.2.7
Claims on commercial companies owned by governments must be risk weighted as normal commercial entities unless they are covered by a government guarantee that satisfies the conditions in CA-4.7 below in which case they may take the risk weight of the concerned government.
Apr 08Claims on Multilateral Development Banks (MDB's)
CA-4.2.8
MDB's currently eligible for a 0% risk weight are: the World Bank Group comprised of the International Bank for Reconstruction and Development (IBRD) and the International Finance Corporation (IFC), the Asian Development Bank (ADB), the African Development Bank (AfDB), the European Bank for Reconstruction and Development (EBRD), the Inter-American Development Bank (IADB), the European Investment Bank (EIB), the European Investment Fund (EIF), the Nordic Investment Bank (NIB), the Caribbean Development Bank (CDB), the Islamic Development Bank (IDB), Arab Monetary Fund (AMF), the Council of Europe Development Bank (CEDB), the Arab Bank for Economic Development in Africa (ABEDA), Council of European Resettlement Fund (CERF) and the Kuwait Fund for Arab Economic Development (KFAED).
Apr 08CA-4.2.9
The claims on MDB's, which do not qualify for the 0% risk weighting, should be assigned risk weights as follows:
Banks Credit Quality Grades AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Un-rated Risk weights 20% 50% 50% 100% 150% 50% Apr 08Claims on Islamic Banks and Conventional Banks
CA-4.2.10
Claims on banks must be risk weighted as given in the following table. No claim on an unrated bank may receive a risk weight lower than that applied to claims on its sovereign of incorporation (see Guidance in Paragraph CA-4.2.11A for self-liquidating letters of credit).
Banks Credit Quality Grades AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Un-rated Standard risk weights 20% 50% 50% 100% 150% 50% Preferential risk weight 20% 20% 20% 50% 150% 20% Amended: April 2012
Apr 08CA-4.2.11
Short-term claims on locally incorporated banks may be assigned a risk weighting of 20% where such claims on the banks are of an original maturity of 3 months or less denominated and funded in either BD or US$. A preferential risk weight that is one category more favourable than the standard risk weighting may be assigned to claims on foreign banks licensed in Bahrain of an original maturity of 3 months or less denominated and funded in the relevant domestic currency (other than claims on banks that are rated below B-). Such preferential risk weight for short-term claims on banks licensed in other jurisdictions will be allowed only if the relevant supervisor also allows this preferential risk weighting to short-term claims on its banks.
Apr 08CA-4.2.11A
Self-liquidating letters of credit issued or confirmed by an unrated bank will be allowed a risk weighting of 50% or 20% without reference to the risk weight of the sovereign of incorporation. All other claims will be subject to the 'sovereign floor' of the country of incorporation of the concerned issuing or confirming bank.
Added: April 2012CA-4.2.12
Claims with an (contractual) original maturity under 3 months that are expected to be rolled over (i.e. where the effective maturity is longer than 3 months) will not qualify for a preferential treatment for capital adequacy purposes.
Apr 08Claims on Investment Firms
CA-4.2.13
Claims on category one and category two investment firms which are subject to direct supervisory and regulatory provisions from the CBB may be treated as claims on banks for risk weighting purposes but without the use of preferential risk weight for short-term claims. Claims on category three investment firms must be treated as claims on corporates for risk weighting purposes. Claims on investment firms in other jurisdictions will be treated as claims on corporates for risk weighting purposes. However, if the bank can demonstrate that the concerned investment firm is subject to a Basel II equivalent capital adequacy regime and is treated as a bank for risk weighting purposes by its home regulator, then claims on such investment firms may be treated as claims on banks.
Apr 08Claims on Corporates, including Insurance Companies
CA-4.2.14
Risk weighting for corporates including insurance companies is as follows:
Credit assessment AAA to AA- A+ to A- BBB+ to BB- Below BB- Unrated Risk weight 20% 50% 100% 150% 100% Apr 08CA-4.2.15
Risk weighting for unrated (corporate) claims will be reviewed and where appropriate, may be increased by the CBB. Credit facilities to small/medium enterprises may be placed in the regulatory retail portfolio in limited cases below.
Amended January 2009
Apr 08Claims included in the Regulatory Retail Portfolios
CA-4.2.16
No claim on any unrated corporate, where said corporate originates from a foreign jurisdiction, may be given a risk weight lower than that assigned to a corporate within its own jurisdiction, and in no case will it be below 100%.
Apr 08CA-4.2.17
Retail claims that are included in the regulatory retail portfolio must be risk weighted at 75%, except as provided in CA-4.2.21 for the past due receivables.
Apr 08CA-4.2.18
To be included in the regulatory retail portfolio, claims must meet the following criteria:
(a) Orientation — the exposure is to an individual person or persons or to a small business. A small business is a Bahrain-based business with annual turnover below BD 2mn.(b) Product — The exposure takes the form of any of the following: revolving credits and lines of credit (including credit cards and running finance), personal term finance and leases (e.g. instalment finance, auto finance and leases, student and educational finance, personal finance) and small business facilities and commitments. Islamic products which involve securities (such as Musharakah, Mudarabah, Sukuks and equities), whether listed or not, are specifically excluded from this category. Mortgage finance will be excluded if they qualify for treatment as claims secured by residential property (see below). Finance for purchase of shares are also excluded from the regulatory retail portfolios.(c) Granularity — The regulatory retail portfolio is sufficiently diversified to a degree that it reduces the risks in the portfolio, warranting a 75% risk weight. No aggregate exposure to one counterpart8 can exceed 0.2% of the overall regulatory retail portfolio.(d) The maximum aggregated retail exposure to one counterpart must not exceed an absolute limit of BD 250,000.
8 Aggregated exposure means gross amount (i.e. not taking any credit risk mitigation into account) of all forms of debt exposures (e.g. finances or commitments) that individually satisfy the three other criteria. In addition, "to one counterpart" means one or several entities that may be considered as a single beneficiary (e.g. in the case of a small business that is affiliated to another small business, the limit would apply to the bank's aggregated exposure on both businesses).
Amended January 2009
Apr 08Claims Secured by Residential Property
CA-4.2.19
Lending fully secured by first mortgages on residential property that is or will be occupied by the borrower, or that is leased, must carry a risk weighting of 75%. However, if the bank can justify foreclosure or repossession for a claim, a 35% risk weight will be allowed. To get this lower risk weight the bank must obtain a satisfactory legal opinion that foreclosure or repossession is possible without any impediment.
Apr 08Claims Secured by Commercial Real Estate
CA-4.2.20
Claims secured by mortgages on commercial real estate are subject to a minimum of 100% risk weight. If the borrower is rated below BB-, the risk-weight corresponding to the rating must be applied.
Apr 08Past Due Receivables
CA-4.2.21
In the event that accounts receivable or lease payments receivable become past due, the exposure shall be risk-weighted in accordance with the following table. The exposures should be risk weighted net of specific provisions (see CA-4.3.5 for exposures risk-weighted under Supervisory Slotting Criteria).
Type RW % of Specific Provisions for Past Due Receivables Unsecured exposure (other than a qualifying residential mortgage loan) that is past due more than 90 days, net of specific provisions 150%
100%Less than 20% of the outstanding receivables.
At least 20% of the outstanding receivables.Exposure secured by RRE 100% For receivables that are past due for more than 90 days, net of specific provisions. Apr 08CA-4.2.22
For the purposes of defining the secured portion of a past due loan, eligible collateral and guarantees will be the same as for credit risk mitigation purposes.
Apr 08CA-4.2.23
Past due retail loans are to be excluded from the overall regulatory retail portfolio when assessing the granularity criterion, for risk-weighting purposes.
Apr 08Investments in Equities and Funds
CA-4.2.24
Investments in listed equities must be risk weighted at 100% while equities other than listed must be risk weighted at 150%. For risk-weighting of Sukuk, refer to Section CA-3.8.
Apr 08CA-4.2.25
Investments in funds (e.g. mutual funds, Collective Investment Undertakings etc.) must be risk weighted as follows:
• If the instrument (e.g. units) is rated, it should be risk-weighted according to its external rating (for risk-weighting, it must be treated as a "claim on corporate");• If not rated, such investment should be treated as an equity investment and risk weighted accordingly (i.e. 100% for listed and 150% for others);• The bank can apply to CBB for using the look-through approach for such investments if it can demonstrate that the look-through approach is more appropriate to the circumstances of the bank;• If there are no voting rights attached to investment in funds, the investment will not be subjected to consolidation and deduction requirements (except large exposure limits);• For the purpose of determining "large exposure limit" for investment in funds, the look-through approach should be used (even if the look-through approach is not used to risk weight the investment).Apr 08CA-4.2.26
CBB may enforce a bank to adopt the 'Simple Risk Weight Method' for equities (Section CA-4.4) if the CBB considers that bank's equity portfolio is significant.
Apr 08Holdings of Real Estate
CA-4.2.27
All holdings of real estate by banks (i.e. owned directly or by way of investments in Real Estate Companies, subsidiaries or associate companies or other arrangements such as trusts, funds or REITs) must be risk-weighted at 200%. Premises occupied by the bank may be weighted at 100%. Investments in Real Estate Companies will be subject to the materiality thresholds for commercial companies described in Module PCD and therefore any holdings which amount to 15% or more of regulatory capital will be subject to deduction. The holdings below the 15% threshold will be weighted at 200%.
Apr 08Other Assets
CA-4.2.28
Gold bullion held in own vaults or on an allocated basis to the extent backed by bullion liabilities may be treated as cash and therefore risk-weighted at 0%. In addition, cash items in the process of collection must be risk-weighted at 20%. The standard risk weight for all other assets will be 100%. Investments in regulatory capital instruments issued by banks or investment firms must be risk weighted at a minimum of 100%, unless they are deducted from the capital base according to the Prudential Consolidation and Deduction Requirements Module.
Apr 08Underwriting of Non-trading Book items
CA-4.2.29
Where a bank has acquired assets on its balance sheet in the banking book which it is intending to place with third parties under a formal arrangement and is underwriting the placement, the following risk weightings apply during the underwriting period (which may not last for more than 90 days). Once the underwriting period has expired, the usual risk weights should apply.
1. For holdings of private equity, a risk weighting of 100% will apply instead of the usual 150% (see CA-4.2.24).2. For holdings of Real Estate, a risk weight of 100% will apply instead of the usual 200% risk weight (see CA-4.2.27).Apr 08CA-4.3 CA-4.3 Supervisory Slotting Criteria
CA-4.3.1
Equity exposures in the nature of specialized financing will be risk-weighted as per the supervisory slotting criteria as detailed below. Specialized lending is basically a typical kind of exposure in which some special underlying assets are both the source of repayment and security. This may include financing extended to:
• Power plants, chemical processing plants, mines, transportation infrastructure, environment, telecommunications infrastructure, ships, aircraft, satellites, railcars, fleets, crude oil, metals, crops, office buildings to let, retail space, multifamily residential buildings, industrial or warehouse space, hotels, High volatility real estate etc.• Retail space;• Multifamily residential buildings;• Industrial or warehouse space;• Hotels.Amended: April 2011
April 2008CA-4.3.2
A bank is required to map its RW into four supervisory categories as set out in the Appendix CA-1 (specialised financing) for Limited and Non-Recourse Istisna'a exposures, Mudarabah exposures, Sukuk exposures and Musharakah in a business venture exposures, where the RW for each category is as follows:
Supervisory Categories Strong Good Satisfactory Weak External Credit Assessments BBB- or better BB+ or BB BB- to B+ B to C- Risk Weights 70% 90% 115% 250% Apr 08CA-4.3.3
A bank with Diminishing Musharaka exposures in real estate are required to map its RW into the four supervisory categories as set out in Appendix CA-2 (Diminishing Musharaka in real estate) where the RW of each category is as follows:
Supervisory Categories Strong Good Satisfactory Weak Risk Weights 90% 110% 135% 270% Apr 08CA-4.3.4
The above RW under the slotting criteria for specialised financing include an additional fixed factor, equal to a 20% RW, to cater for the potential decline in the Musharakah's net asset value.
Apr 08CA-4.3.5
If any exposure which is to be risk-weighted under this sub-section becomes past due, it will be risk-weighted at the higher of risk-weight applicable under CA-4.2.21 or the risk-weight applicable under this sub-section e.g. if an exposure getting 90% risk-weight under CA-4.3.2 above becomes past due, it will be risk-weighted under CA-4.2.21 (at 100% or 150% whichever is applicable). However if an exposure getting 250% risk-weight under CA-4.3.2 above becomes past due, it will continue to be risk-weighted at 250%.
Apr 08CA-4.4 CA-4.4 Simple Risk-weight Method
CA-4.4.1
As stated in CA-4.2.26, CBB may enforce a bank to adopt this treatment for equities if the CBB considers that bank's equity portfolio is significant.
Apr 08CA-4.4.2
The RW under simple risk weight method for equity position risk in respect of an equity exposure shall be 300% for listed and 400% for others less any specific provisions for impairment. If there is a third party guarantee to make good impairment losses, the RW of the guarantor shall be substituted for that of the assets for the amount of any such guarantee.
Apr 08CA-4.5 CA-4.5 Risk Weighting - Off-balance-sheet Items
CA-4.5.1
Off-balance-sheet items must be converted into credit exposure equivalents using credit conversion factors (CCFs).
Apr 08CA-4.5.2
Commitments with an original maturity of up to one year and commitments with an original maturity of over one year will receive a CCF of 20% and 50%, respectively.
Apr 08CA-4.5.3
Any commitments that are unconditionally cancellable at any time by the bank without prior notice, or that are subject to automatic cancellation due to deterioration in a borrowers' creditworthiness, will receive a 0% CCF.
Apr 08CA-4.5.4
A CCF of 100% must be applied to the lending of banks' securities or the posting of securities as collateral by banks.
Apr 08CA-4.5.5
For short-term self-liquidating trade letters of credit arising from the movement of goods a 20% CCF must be applied to both issuing and confirming banks.
Apr 08CA-4.5.6
Where there is an undertaking to provide a commitment on an off-balance sheet item, banks are to apply the lower of the two applicable CCF's.
Apr 08CA-4.5.7
Direct credit substitutes, e.g. general guarantees of indebtedness (including standby letters of credit serving as financial guarantees for finance and securities) and acceptances (including endorsements with the character of acceptances) must be applied a CCF of 100%.
Apr 08CA-4.5.8
Sale and repurchase agreements and asset sales with recourse, where the credit risk remains with the bank, must be applied a CCF of 100%.
Apr 08CA-4.5.9
Forward asset purchases, forward deposits and partly-paid shares and securities, which represent commitments with certain drawdown must be applied a CCF of 100%.
Apr 08CA-4.5.10
Certain transaction-related contingent items (e.g. performance bonds, bid bonds, warranties and standby letters of credit related to particular transactions) must be applied a CCF of 50%.
Apr 08CA-4.5.11
Note issuance facilities and revolving underwriting facilities must be applied a CCF of 50%.
Apr 08CA-4.5.12
Banks must closely monitor securities, commodities, and foreign exchange transactions that have failed, starting the first day they fail. A capital charge to failed transactions must be calculated in accordance with CBB guidelines set forth in Appendix CA-5 - 'Capital treatment for failed trades and non DvP transactions'.
Apr 08CA-4.5.13
With regard to unsettled securities, commodities, and foreign exchange transactions, banks are encouraged to develop, implement and improve systems for tracking and monitoring the credit risk exposure arising from unsettled transactions as appropriate for producing management information that facilitates action on a timely basis.
Apr 08CA-4.5.14
Furthermore, when such transactions are not processed through a delivery-versus-payment (DvP) or payment-versus-payment (PvP) mechanism, banks must calculate a capital charge as set forth in Appendix CA-5.
Please Note: An import or export financing, which is based on Murabahah where the underlying goods/shipment are collateralised and insured, shall attract a 20% credit conversion factor to the banks that issues or confirms the letter of credit. This treatment of collateral assumes there are no obstacles to the exercise of rights over it by the issuer or confirmer (see "Pledge of assets as collateral as detailed below under Credit Risk Mitigation).Apr 08CA-4.6 CA-4.6 External Credit Assessments
The Recognition Process and Eligibility Criteria
CA-4.6.1
CBB will assess all External Credit Assessment Institutions (ECAI) according to the six criteria below. Any failings, in whole or in part, to satisfy these to the fullest extent will result in the respective ECAI's methodology and associated resultant rating not being accepted by the CBB:
(a) Objectivity: The methodology for assigning credit assessments must be rigorous, systematic, and subject to some form of validation based on historical experience. Moreover, assessments must be subject to ongoing review and responsive to changes in financial condition. Before being recognized by the CBB, an assessment methodology for each market segment, including rigorous back testing, must have been established for an absolute minimum of one year and with a preference of three years;(b) Independence: An ECAI must show independence and should not be subject to political or economic pressures that may influence the rating. The assessment process should be as free as possible from any constraints that could arise in situations where the composition of the board of directors, political pressure, the shareholder structure of the assessment institution or any other aspect could be seen as creating a conflict of interest;(c) International access/Transparency: The individual assessments should be available to both domestic and foreign institutions with legitimate interests and at equivalent terms. The general methodology used by the ECAI has to be publicly available;(d) Disclosure: An ECAI is required to disclose the following information: its assessment methodologies, including the definition of default, the time horizon, and the meaning of each rating; the actual default rates experienced in each assessment category; and the transitions of the assessments, e.g. the likelihood of a slide in the ratings of an exposure from one class to another over time;(e) Resources: An ECAI must have sufficient resources to carry out high quality credit assessments. These resources should allow for substantial ongoing contact with senior and operational levels within the entities assessed in order to add value to the credit assessments. Such assessments will be based on methodologies combining qualitative and quantitative approaches; and(f) Credibility: Credibility, to a certain extent, can derive from the criteria above. In addition, the reliance on an ECAI's external credit assessments by independent parties (investors, insurers, trading partners) may be evidence of the credibility of the assessments of an ECAI. The credibility of an ECAI will also be based on the existence of internal procedures to prevent the misuse of confidential information. In order to be eligible for recognition, an ECAI does not have to assess firms in more than one country.Amended: April 2011
April 2008CA-4.6.2
The CBB recognizes Standard and Poor's, Moody's, Fitch IBCA, Capital Intelligence and the Islamic International Rating Agency as eligible ECAIs. With respect to the possible recognition of other rating agencies as eligible ECAIs, CBB will update this paragraph subject to the rating agencies satisfying the eligibility requirements. (See Appendix CA-6 for mapping of eligible ECAIs).
Apr 08CA-4.6.3
Banks must use the chosen ECAIs and their ratings consistently for each type of claim, for both risk weighting and risk management purposes. Banks will not be allowed to "cherry-pick" the assessments provided by different eligible ECAIs.
Apr 08CA-4.6.4
Banks must disclose ECAIs that they use for the risk weighting of their assets by type of claims, the risk weights associated with the particular rating grades as determined by CBB through the mapping process as well as the aggregated risk-weighted assets for each risk weight based on the assessments of each eligible ECAI.
Apr 08Multiple Assessments
CA-4.6.5
If there are two assessments by eligible ECAIs chosen by a bank which map into different risk weights, the higher risk weight must be applied.
Apr 08CA-4.6.6
If there are three or more assessments by eligible ECAIs chosen by a bank which map into different risk weights, the assessments corresponding to the two lowest risk weights should be referred to and the higher of those two risk weights must be applied.
Apr 08Issuer Versus Issues Assessment
CA-4.6.7
Where a bank invests in a particular issue that has an issue-specific assessment, the risk weight of the claim will be based on this assessment. Where the bank's claim is not an investment in a specific assessed issue, the following general principles apply:
(a) In circumstances where the borrower has a specific assessment for an issued debt — but the bank's claim is not an investment in this particular debt — a high quality credit assessment (one which maps into a risk weight lower than that which applies to an unrated claim) on that specific debt may only be applied to the bank's un-assessed claim if this claim ranks pari passu or senior to the claim with an assessment in all respects. If not, the credit assessment cannot be used and the un-assessed claim will receive the risk weight for unrated claims; and(b) In circumstances where the borrower has an issuer assessment, this assessment typically applies to senior unsecured claims on that issuer. Consequently, only senior claims on that issuer will benefit from a high quality issuer assessment. Other un-assessed claims of a highly assessed issuer will be treated as unrated. If either the issuer or a single issue has a low quality assessment (mapping into a risk weight equal to or higher than that which applies to unrated claims), an un-assessed claim on the same counterparty will be assigned the same risk weight as is applicable to the low quality assessment.Amended: April 2011
April 2008CA-4.6.8
Whether the bank intends to rely on an issuer- or an issue-specific assessment, the assessment must take into account and reflect the entire amount of credit risk exposure the bank has with regard to all payments owed to it.9
9 For example, if a bank is owed both principal and interest, the assessment must fully take into account and reflect the credit risk associated with repayment of both principal and interest.
Apr 08CA-4.6.9
In order to avoid any double counting of credit enhancement factors, no recognition of credit risk mitigation techniques will be taken into account if the credit enhancement is already reflected in the issue specific rating (see paragraph CA-4.7.3).
Apr 08Domestic Currency and Foreign Currency Assessments
CA-4.6.10
Where unrated exposures are risk weighted based on the rating of an equivalent exposure to that borrower, the general rule is that foreign currency ratings would be used for exposures in foreign currency. Domestic currency ratings, if separate, would only be used to risk weight claims denominated in the domestic currency.
Apr 08CA-4.6.11
However, when an exposure arises through a bank's participation in a loan that has been extended, or has been guaranteed against convertibility and transfer risk, by certain MDBs, its convertibility and transfer risk can be considered by CBB, on a case by case basis, to be effectively mitigated. To qualify, MDBs must have preferred creditor status recognised in the market and be included in MDB's qualifying for 0% risk rate under CA-4.2.8. In such cases, for risk weighting purposes, the borrower's domestic currency rating may be used instead of its foreign currency rating. In the case of a guarantee against convertibility and transfer risk, the local currency rating can be used only for the portion that has been guaranteed. The portion of the loan not benefiting from such a guarantee will be risk-weighted based on the foreign currency rating.
Apr 08Short-term/Long-term Assessments
CA-4.6.12
For risk-weighting purposes, short-term assessments are deemed to be issue-specific. They can only be used to derive risk weights for claims arising from the rated facility. They cannot be generalised to other short-term claims, except under the conditions of paragraph CA-4.6.14. In no event can a short-term rating be used to support a risk weight for an unrated long-term claim. Short-term assessments may only be used for short-term claims against banks and corporates. The table below provides a framework for banks' exposures to specific short-term facilities, such as a particular issuance of commercial paper: For any Sharia contract with an original maturity of up to three months that is not rolled over, the short-term RW as set out in the following table shall be applied.
Credit assessment A-1/P-110 A-2/P-2 A-3/P-3 Others11 Risk weight 20% 50% 100% 150%
10The notations follow the methodology used by Standard & Poor's and by Moody's Investors Service. The A-1 rating of Standard & Poor's includes both A-1+ and A-1-.
11This category includes all non-prime and B or C ratings.
Apr 08CA-4.6.13
If a short-term rated facility attracts a 50% risk-weight, unrated short-term claims cannot attract a risk weight lower than 100%. If an issuer has a short-term facility with an assessment that warrants a risk weight of 150%, all unrated claims, whether long-term or short-term, should also receive a 150% risk weight, unless the bank uses recognised credit risk mitigation techniques for such claims.
Apr 08CA-4.6.14
For short-tem claims on banks, the interaction with specific short-term assessments is expected to be the following:
(a) The general preferential treatment for short-term claims, as defined under paragraphs CA-4.2.11 and CA-4.2.12, applies to all claims on banks of up to three months original maturity when there is no specific short-term claim assessment.(b) When there is a short-term assessment and such an assessment maps into a risk weight that is more favourable (i.e. lower) or identical to that derived from the general preferential treatment, the short-term assessment should be used for the specific claim only. Other short-term claims would benefit from the general preferential treatment.(c) When a specific short-term assessment for a short term claim on a bank maps into a less favourable (higher) risk weight, the general short-term preferential treatment for inter-bank claims cannot be used. All unrated short-term claims should receive the same risk weighting as that implied by the specific short-term assessment.Apr 08CA-4.6.15
When a short-term assessment is to be used, the institution making the assessment needs to meet all of the eligibility criteria for recognising ECAIs as presented in paragraph CA-4.6.1 in terms of its short-term assessment.
Apr 08Level of Application of the Assessment
CA-4.6.16
External assessments for one entity within a corporate group must not be used to risk weight other entities within the same group.
Apr 08Unsolicited Ratings
CA-4.6.17
As a general rule, banks should use solicited ratings from eligible ECAIs but they are also allowed to use unsolicited ratings in the same way as solicited ratings. However, there may be the potential for ECAIs to use unsolicited ratings to put pressure on entities to obtain solicited ratings. If such behaviour is identified, CBB may disallow the use of unsolicited ratings.
Apr 08CA-4.7 CA-4.7 Credit Risk Mitigation
CA-4.7.1
The exposure in respect of an obligor or other, counterparty can be further adjusted or reduced by taking into account the credit risk mitigation (CRM) techniques employed by Islamic banks (off-balance sheet items will first be converted into on-balance sheet equivalents prior to the CRM being applied). Banks use a number of techniques to mitigate the credit risks to which they are exposed. For example, exposures may be collateralised by first priority claims, in whole or in part with cash or securities or an exposure may be guaranteed by a third party. Additionally banks may agree to net exposure amounts owed to them against deposits from the same counterparty.
Apr 08General Remarks
CA-4.7.2
No transaction in which CRM techniques are used should receive a higher capital requirement than an otherwise identical transaction where such techniques are not used.
Apr 08CA-4.7.3
The effects of CRM will not be double counted. Therefore, no additional recognition of CRM for regulatory capital purposes will be applicable on claims for which an issue-specific rating is used that already reflects that CRM. As stated in paragraph CA-4.6.8 of the section on the standardised approach, principal-only ratings will also not be allowed within the framework of CRM.
Apr 08CA-4.7.4
While the use of CRM techniques reduces or transfers credit risk, it simultaneously may increase other risks (residual risks). Residual risks include legal, operational, liquidity and market risks. Therefore, it is imperative that banks employ robust procedures and processes to control these risks, including strategy; consideration of the underlying credit; valuation; policies and procedures; systems; control of roll-off risks; and management of concentration risk arising from the bank's use of CRM techniques and its interaction with the bank's overall credit risk profile. Where these risks are not adequately controlled, the CBB may impose additional capital charges or take supervisory actions.
Apr 08CA-4.7.5
Market Discipline requirements must also be observed for banks to obtain capital relief in respect of any CRM techniques.
Apr 08Legal Certainty
CA-4.7.6
In order for banks to obtain capital relief for any use of CRM techniques, the following minimum standards for legal documentation must be met.
Apr 08CA-4.7.7
All documentation used in collateralised transactions and for documenting on- balance sheet netting and guarantees must be binding on all parties and legally enforceable in all relevant jurisdictions. Banks must have conducted sufficient legal review to verify this and have a well founded legal basis to reach this conclusion, and undertake such further review as necessary to ensure continuing enforceability.
Apr 08CRM Techniques
The CRM techniques that are commonly employed by the bank are as follows:
Amended: April 2011
April 2008Hamish Jiddiyyah (Security Deposit held as Collateral)
CA-4.7.8
Hamish Jiddiyyah (HJ), a refundable security deposit taken by the bank prior to establishing a contract, carries a limited recourse to the extent of damages incurred by the bank when the purchase orderer fails to honour a binding promise to purchase (PP) or promise to lease (PL). The bank has recourse to the clients in the PP/PL if the HJ is insufficient to cover for the damages.
Apr 08CA-4.7.9
In the case of a non-binding PP/PL, the HJ shall be refunded in full to the clients, and hence is not considered as an eligible CRM.
Apr 08Urbun (Earnest Money held after a Contract is Established as Collateral to Guarantee Contract Performance)
CA-4.7.10
The urbun taken from a purchaser or lessee when a contract is established accrues to the benefit of the bank if the purchaser or lessee breaches the contract within the agreed upon term.
Apr 08Guarantee from a Third Party (Recourse or Non-recourse Guarantee)
CA-4.7.11
The guarantor may or may not have recourse to the debtor (i.e. purchaser or lessee) and the guarantee can be for a fixed period and for a limited amount, without any consideration being received by the guarantor. However, a claim should first be made against the debtor, and then against the guarantor, unless an option is provided to make the claim against either the debtor or the guarantor.
Apr 08CA-4.7.12
The guarantee can also be given in a 'blanket' form that covers an unknown amount or a future receivable. However, this type of guarantee (sometimes known as a "market/business guarantee" or "guarantee of contractual obligation") is revocable at any time prior to the existence of the future receivables and does not qualify as an eligible CRM.
Apr 08Leased Assets used as Collateral
CA-4.7.13
Assets leased under Ijarah or IMB contracts fulfill a function similar to that of collateral, in that they may normally be repossessed by the lessor in the event of default by the lessee (see residential real estate CA-4.2.19 and below).
Apr 08CA-4.7.14
The value of such assets may be offset against the exposure amount to the customer, subject to the regulatory haircuts under the Standard Supervisory Haircut 12 Approach (CA-4.7.32 onwards) for leased assets mentioned in the paragraph CA-4.7.39. Ijarah receivables which comprise Residential Real Estate do not generally satisfy the conditions laid out in Paragraph CA-4.7.23 and therefore such receivables will be weighted at 75% and the collateral will not be recognised for risk mitigation purposes. If the bank can show legal evidence that it may exercise foreclosure, a risk weighting of 35% may be applied to the lease receivable in the case of residential property occupied by the customer. Commercial real estate may be used as collateral for Ijarah transactions as long as it satisfies the criteria of paragraph CA-4.7.23 (and the supervisory haircut is then applied).
12 The term 'haircut' in this context refers to a discount on the depreciated value of an asset as collateral after taking into consideration some inherent risks that affect the volatility of the market price or value of the asset. It is commonly expressed in terms of a percentage by which an asset's value as collateral is reduced.
Apr 08CA-4.7.15
The leased asset to be used as collateral must be a Sharia compliant tangible asset of monetary value that can be lawfully owned, and is saleable, specifiable, deliverable and free of encumbrance.
Apr 08CA-4.7.16
The collateralisation under the concept of "rahn" or "kafālah" shall be properly documented in a security agreement or, in the body of a contract to the extent permissible by Sharia, and must be binding on all parties and legally enforceable in the relevant jurisdictions.
Apr 08CA-4.7.17
The banks must additionally document its procedures for the valuation of leased assets to be used as collateral as described above. This valuation would normally be the depreciated value of the asset as reported in the financial statement.
Apr 08Guarantees
CA-4.7.18
Capital relief for the use of a guarantee shall be given when the following conditions are satisfied:
(a) The guarantee represents the bank's direct claim on the guarantor;(b) The guarantee is irrevocable and does not allow the guarantor to unilaterally cancel the guarantee after creation of the receivables;(c) The guarantee is unconditional and provides no protection clause that prevents the guarantor from being obliged to pay out in a timely manner in the event that the original counterparty fails to make payments due;(d) The bank has the right to pursue, in a timely manner, the guarantor for monies outstanding, rather than having to pursue the original counterparty to recover its exposure;(e) The guarantee shall be an explicitly documented obligation assumed by the guarantor; and(f) The guarantee shall cover all types of expected payments made under the contract in the event that the original counterparty defaults.(g) Portions of claims guaranteed by the entities detailed in paragraph CA-4.2.1 above, where the guarantee is denominated in the domestic currency (and US$ in case of a guarantee provided by the Government of Bahrain and CBB) may get a 0% risk-weighting. A claim may be covered by a guarantee that is indirectly counter-guaranteed by such entities. Such a claim may be treated as covered by a sovereign guarantee provided that:• the sovereign counter-guarantee covers all credit risk elements of the claim;• both the original guarantee and the counter-guarantee meet all operational requirements for guarantees, except that the counter-guarantee need not be direct and explicit to the original claim; and• CBB is satisfied that the cover is robust and that no historical evidence suggests that the coverage of the counter-guarantee is less than effectively equivalent to that of a direct sovereign guarantee.
Please Note: Though insurance is normally part and parcel of the project risk financing, it is not regarded by CBB as a credit risk mitigation technique.Amended: April 2011
April 2008Collateralised Transactions
CA-4.7.19
Where banks take eligible financial collateral as defined in paragraph CA.4.7.28, they are allowed to reduce their credit exposure to a counterparty when calculating their capital requirements to take account of the risk mitigating effect of the collateral (except residential real estate - see CA-4.7.14).
Apr 08Overall Framework and Minimum Conditions
CA-4.7.20
Banks may opt for either the simple approach, which substitutes the risk weighting of the collateral for the risk weighting of the counterparty for the collateralised portion of the exposure (generally subject to a 20% floor), or for the standard supervisory haircuts approach which allows fuller offset of collateral against exposures, by effectively reducing the exposure amount by the value ascribed to the collateral.
Apr 08CA-4.7.21
Banks may operate under either, but not both, approaches in the banking book, but only under the standard supervisory haircuts approach in the trading book. Partial collateralisation is recognised in both approaches. Mismatches in the maturity of the underlying exposure and the collateral will only be allowed under the standard supervisory haircuts approach.
Apr 08CA-4.7.22
However, before capital relief will be granted in respect of any form of collateral, the standards set out below in paragraphs CA-4.7.23 to CA-4.7.26 must be met under either approach.
Apr 08CA-4.7.23
In addition to the general requirements for legal certainty set out in paragraphs CA-4.7.6 and CA-4.7.7, the legal mechanism by which collateral is pledged or transferred must ensure that the bank has the right to liquidate or take legal possession of it, in a timely manner, in the event of the default, insolvency or bankruptcy (or one or more otherwise-defined credit events set out in the transaction documentation) of the counterparty (and, where applicable, of the custodian holding the collateral). Furthermore banks must take all steps necessary to fulfill those requirements under the law applicable to the bank's interest in the collateral for obtaining and maintaining an enforceable security interest, e.g. by registering it with a registrar, or for exercising a right to net or set off in relation to title transfer collateral.
Apr 08CA-4.7.24
In order for collateral to provide protection, the credit quality of the counterparty and the value of the collateral must not have a material positive correlation. For example, securities issued by the counterparty — or by any related group entity — would provide little protection and so would be ineligible.
Apr 08CA-4.7.25
Banks must have clear and robust procedures for the timely liquidation of collateral to ensure that any legal conditions required for declaring the default of the counterparty and liquidating the collateral are observed, and that collateral can be liquidated promptly.
Apr 08CA-4.7.26
Where the collateral is held by a custodian, banks must take reasonable steps to ensure that the custodian segregates the collateral from its own assets.
Apr 08Types of Collateral
CA-4.7.27
The types of collateral given in the next paragraph are eligible for relief in respect of the above CRM techniques.
Apr 08CA-4.7.28
(a) Hamish jiddiyyah (security deposit) only for agreements to purchase or lease preceded by a binding promise.(b) Urbun(c) Profit sharing investment account or cash on deposit13 with the bank which is incurring the exposure(d) Sukuk rated by an external rating agency which is issued by:(i) Sovereigns and PSEs (treated as sovereigns) with a minimum rating of BB-;or(ii) Issuers other than the above, with a minimum rating of BBB- or A-3 / P-3.(e) Sukuk that is unrated by an ECAI but fulfill each of the following criteria:(i) Issued by an Islamic bank or a conventional bank or a sovereign;(ii) Listed on a recognised exchange;(iii) All other rated issues by the Islamic bank or conventional bank of the same seniority of at least BBB - or A-3/P-3 by a recognised ECAI, as determined by the CBB;(iv) The Islamic bank which incurs the exposure or is holding the collateral has no information to suggest that the issue would justify a rating below BBB- or A-3/P-3; and(v) The CBB is sufficiently confident about the market liquidity of the securities.(f) Equities and units in collective investment schemes.(g) Guarantees issued by third parties that fall within the following categories:(i) Sovereigns and central banks;(ii) PSEs;(iii) MDBs;(iv) International organisations/official entities with 0% RW(v) Islamic banks or conventional banks; and(vi) Corporate entities (including insurance and securities firms) either by the parent, subsidiary and affiliates, of a minimum rating of A-.(h) Leased assets as stated under "Leased assets used as collateral" above.
13 Must be supported by an agreement or documentation that gives bank the right of set-off against the amount of receivables due.
Amended: April 2011
April 2008CA-4.7.29
Any portion of the exposure which is not collateralised shall be assigned the RW of the counterparty.
Apr 08CA-4.7.30
As stated earlier, banks may opt for either of the two approaches listed below:
Apr 08The Simple Approach
CA-4.7.31
In the simple approach the risk weighting of the collateral instrument collateralising or partially collateralising the exposure is substituted for the risk weighting of the counterparty.
Apr 08The Standard Supervisory Haircuts Approach
CA-4.7.32
In this approach, when taking collateral, banks must calculate their adjusted exposure to a counterparty for capital adequacy purposes in order to take account of the effects of that collateral. Using haircuts, banks are required to adjust both the amount of the exposure to the counterparty and the value of any collateral received in support of that counterparty to take account of possible future fluctuations in the value of either14, occasioned by market movements. This will produce volatility adjusted amounts for both exposure and collateral. Unless either side of the transaction is cash, the volatility adjusted amount for the exposure will be higher than the exposure and for the collateral it will be lower.
14 Exposure amounts may vary where, for example, securities are being lent.
Apr 08CA-4.7.33
Additionally where the exposure and collateral are held in different currencies an additional downwards adjustment must be made to the volatility adjusted collateral amount to take account of possible future fluctuations in exchange rates.
Apr 08CA-4.7.34
Where the volatility-adjusted exposure amount is greater than the volatility-adjusted collateral amount (including any further adjustment for foreign exchange risk), banks shall calculate their risk-weighted assets as the difference between the two multiplied by the risk weight of the counterparty. The framework for performing these calculations is set out in paragraphs CA-4.7.36 to CA-4.7.38.
Apr 08CA-4.7.35
Banks must use standard supervisory haircuts given in paragraph CA-4.7.39.
Apr 08Calculation of Capital Requirement Employing the Standard Supervisory Haircuts
CA-4.7.36
For a collateralised transaction, the exposure amount after risk mitigation is calculated as follows:
E* = max {0, [E x (1 + He) - C x (1 - Hc - Hfx)]}
where:
E* = the exposure value after risk mitigation
E = current value of the exposure
He = haircut appropriate to the exposure
C = the current value of the collateral received
Hc = haircut appropriate to the collateral
Hfx = haircut appropriate for currency mismatch between the collateral and exposureApr 08CA-4.7.37
The exposure amount after risk mitigation will be multiplied by the risk weight of the counterparty to obtain the risk-weighted asset amount for the collateralised transaction. The treatment for transactions where there is a mismatch between the maturity of the counterparty exposure and the collateral is given in paragraphs CA-4.7.47 to CA-4.7.50.
Apr 08CA-4.7.38
Where the collateral is a basket of assets, the haircut on the basket will be H = Σi ai Hi, where ai is the weight of the asset (as measured by units of currency) in the i basket and Hi the haircut applicable to that asset.
Apr 08The Standard Supervisory Haircuts
CA-4.7.39
Both the amount of exposure to counterparty and the value of collateral received are adjusted by using standard supervisory haircuts as set out below:
Types of Collateral* Residual Maturity (yrs) Haircuts (%) Sovereigns15 Others Cash All 0 0 Sukuk
Long-term: AAA to AA- and
Short-term: A-1
≤ 1
> 1 to ≤ 5
> 50.5
2
41
4
8Sukuk
Long-term: A+ to BBB- and
Short-term: A-2 to A-3≤ 1
> 1 to ≤ 5
> 51
3
62
6
12Sukuk
Long-term: BB+ to BB-All 15 15 Sukuk (unrated) All 25 25 Equities (included in main index)
Equities (not included in main index but listed)
Units in collective investment schemesAll
All
All15
25
Depending on the underlying assets as above15
25
Depending on the underlying assets as aboveLeased assets used as collateral (except residential real estate -see CA-4.2.19) and other assets All >=30 >=30 * Collateral denominated in different currency will also be subject to additional 8% haircut to cater for foreign exchange risk.
15 Includes PSEs and MDBs
Apr 08CA-4.7.40
The standard haircut for currency risk where exposure and collateral are denominated in different currencies is 8% (also based on a 10-business day holding period and daily mark-to-market). For transactions in which the bank lends non-eligible instruments (e.g. non- investment grade securities), the haircut to be applied on the exposure should be the same as the one for equity traded on a recognised exchange that is not part of a main index.
Apr 08The Simple Approach
The Minimum Conditions
CA-4.7.41
For collateral to be recognised in the simple approach, the collateral must be pledged for at least the life of the exposure and it must be marked to market and revalued with a minimum frequency of six months. Those portions of claims collateralised by the market value of recognised collateral receive the risk weight applicable to the collateral instrument. The risk weight on the collateralised portion will be subject to a floor of 20% except under the conditions specified in paragraphs CA-4.7.42. The remainder of the claim should be assigned to the risk weight appropriate to the counterparty.
Apr 08Exceptions to the Risk Weight Floor
CA-4.7.42
The 20% floor for the risk weight on a collateralised transaction will not be applied and a 0% risk weight can be applied where the exposure and the collateral are denominated in the same currency, and either:
(a) The collateral is cash on deposit; or(b) The collateral is in the form of sovereign/PSE securities eligible for a 0% risk weight, and its market value has been discounted by 20%Amended: April 2011
April 2008Treatment of Pools of CRM Techniques
CA-4.7.43
In the case where a bank has multiple CRM techniques covering a single exposure (e.g. a bank has both collateral and guarantee partially covering an exposure), the bank will be required to subdivide the exposure into portions covered by each type of CRM technique (e.g. portion covered by collateral, portion covered by guarantee) and the risk-weighted assets of each portion must be calculated separately.
Apr 08Credit Risk Mitigation for Mudarabah Classified as Equity Exposures
CA-4.7.44
A placement of funds made under a Mudarabah contract may be subject to a Sharia compliant guarantee from a third party. Such a guarantee relates only to the Mudarabah capital, not to the return. In such cases, the capital should be treated as subject to credit risk with a risk-weighting equal to that of the guarantor provided that the RW of that guarantor is lower than the RW of the Mudarib as a counterparty. Otherwise, the RW of the Mudarib shall apply.
Apr 08CA-4.7.45
In Mudarabah investment in project finance, collateralisation of the progress payments made by the ultimate customers can be used to mitigate the exposures of unsatisfactory performance by the Mudarib.
Apr 08CA-4.7.46
The bank may also place liquid funds with a central bank or another bank on a short-term Mudarabah basis in order to obtain a return on those funds. Such placements serve as an interbank market with maturities ranging from an overnight market up to three months, but the funds may be withdrawn on demand before the maturity date in which case the return is calculated proportionately on the basis of duration and amount. Although from a juristic point of view the amounts so placed do not constitute debts, since (in the absence of misconduct or negligence) Mudarabah capital does not constitute a liability for the institution that acts as Mudarib, in practice the operation of this interbank market requires that the Mudarib should effectively treat them as liabilities. Hence a bank placing funds on this basis may treat them as cash equivalents and, for risk weighting purposes, apply the risk weight applicable to the Mudarib as counterparty.
Apr 08Maturity Mismatches
CA-4.7.47
For the purposes of calculating risk-weighted assets, a maturity mismatch occurs when the residual maturity of CRM is less than that of the underlying exposure.
Apr 08CA-4.7.48
The maturity of the underlying exposure and the maturity of the CRM should both be defined conservatively. The effective maturity of the underlying should be gauged as the longest possible remaining time before the counterparty is scheduled to fulfill its obligation, taking into account any applicable grace period.
Apr 08CA-4.7.49
CRM with maturity mismatches are only recognised when their original maturities are greater than or equal to one year. As a result, the maturity of CRM for exposures with original maturities of less than one year must be matched to be recognised. In all cases, CRM with maturity mismatches will no longer be recognised when they have a residual maturity of three months or less.
Apr 08CA-4.7.50
When there is a maturity mismatch with recognised credit risk mitigants, the following adjustment will be applied.
Pa = P x (t - 0.25) / (T - 0.25)
where:
Pa = value of the credit protection adjusted for maturity mismatch
P = credit protection (e.g. collateral amount, guarantee amount) adjusted for any haircuts
t = min (T, residual maturity of the credit protection arrangement) expressed in years
T = min (5, residual maturity of the exposure) expressed in years.Apr 08PART 3: PART 3: Other Risks
CA-5 CA-5 Market Risk
CA-5.1 CA-5.1 Trading Book
Definition of the Trading Book
CA-5.1.1
The following definition of the trading book replaces the previous definition.
Apr 08CA-5.1.2
A trading book consists of positions in financial instruments and commodities held either with trading intent or in order to hedge other elements of the trading book. To be eligible for trading book capital treatment, financial instruments must either be free of any restrictive covenants on their tradability or able to be hedged completely. In addition, positions should be frequently and accurately valued, and the portfolio should be actively managed (at the present time, open equity stakes in hedge funds, private equity investments and real estate holdings do not meet the definition of the trading book, owing to significant constraints on the ability of banks to liquidate these positions and value them reliably on a daily basis. Such holdings must therefore be held in the bank's banking book and treated as equity holding in corporates, except real estate which should be treated as per Paragraph CA-4.2.27).
Amended: January 2012
Apr 08CA-5.1.3
A financial instrument is any contract that gives rise to both a financial asset of one entity and a financial liability or equity instrument of another entity. Financial instruments include both primary financial instruments (or cash instruments) and forward financial instruments. A financial asset is any asset that is cash, the right to receive cash or another financial asset; or the contractual right to exchange financial assets on potentially favourable terms, or an equity instrument. A financial liability is the contractual obligation to deliver cash or another financial asset or to exchange financial liabilities under conditions that are potentially unfavourable.
Apr 08CA-5.1.4
Positions held with trading intent are those held intentionally for short-term resale and/or with the intent of hedging proprietary or client positions.
Apr 08CA-5.1.5
Banks must have clearly defined policies and procedures for determining which exposures to include in, and to exclude from, the trading book for purposes of calculating their regulatory capital, to ensure compliance with the criteria for trading book set forth in this section and taking into account the bank's risk management capabilities and practices. Compliance with these policies and procedures must be fully documented and subject to periodic internal audit.
Apr 08CA-5.1.6
These policies and procedures should, at a minimum, address the following general considerations:
(a) The activities the bank considers to be trading and as constituting part of the trading book for regulatory capital purposes;(b) The extent to which an exposure can be marked-to-market daily by reference to an active, liquid two-way market;(c) For exposures that are marked-to-model, the extent to which the bank can:• Identify the material risks of the exposure;• Hedge (Sharia compliant hedging) the material risks of the exposure and the extent to which hedging instruments would have an active, liquid two-way market;• Derive reliable estimates for the key assumptions and parameters used in the model.(d) The extent to which the bank can and is required to generate valuations for the exposure that can be validated externally in a consistent manner;(e) The extent to which legal restrictions or other operational requirements would impede the bank's ability to effect an immediate liquidation of the exposure;(f) The extent to which the bank is required to, and can, actively risk manage the exposure within its trading operations; and(g) The extent to which the bank may transfer risk or exposures between the banking and the trading books and criteria for such transfers.The list above is not intended to provide a series of tests that a product or group of related products must pass to be eligible for inclusion in the trading book. Rather, the list provides a minimum set of key points that must be addressed by the policies and procedures for overall management of a firm's trading book.Apr 08CA-5.1.7
The following will be the basic requirements for positions eligible to receive trading book capital treatment.
(a) Clearly documented trading strategy for the position/instrument or portfolios, approved by senior management (which would include expected holding horizon).(b) Clearly defined policies and procedures for the active management of the position, which must include:• Positions are managed on a trading desk;• Position limits are set and monitored for appropriateness;• Dealers have the autonomy to enter into/manage the position within agreed limits and according to the agreed strategy;• Positions are marked to market at least daily and when marking to model the parameters must be assessed on a daily basis;• Positions are reported to senior management as an integral part of the institution's risk management process; and• Positions are actively monitored with reference to market information sources (assessment should be made of the market liquidity or the ability to hedge positions or the portfolio risk profiles). This would include assessing the quality and availability of market inputs to the valuation process, level of market turnover, sizes of positions traded in the market, etc.(c) Clearly defined policy and procedures to monitor the positions against the bank's trading strategy including the monitoring of turnover and stale positions in the bank's trading book.Apr 08Prudent Valuation Guidance
CA-5.1.8
This section provides banks with guidance on prudent valuation for positions in the trading book. This guidance is especially important for less liquid positions which, although they will not be excluded from the trading book solely on grounds of lesser liquidity, raise CBB's concerns about prudent valuation.
Apr 08CA-5.1.8.A
Positions in the bank's own eligible regulatory capital instruments are deducted from capital. Positions in other banks', securities firms', and other financial entities' eligible regulatory capital instruments, as well as intangible assets, are subject to the same treatment as that set down by the CBB for such assets held in the banking book (see Module PCD).
Added: January 2012CA-5.1.9
This section provides banks with guidance on prudent valuation for positions that are accounted for at fair value, whether they are in the trading book or in the banking book. This guidance is especially important for positions without actual market prices or observable inputs to valuation, as well as less liquid positions which, although they will not be excluded from the trading book solely on grounds of lesser liquidity, raise supervisory concerns about prudent valuation. The valuation guidance set forth below is not intended to require banks to change valuation procedures for financial reporting purposes. The CBB will assess a bank's valuation procedures for consistency with this guidance. One factor in the CBB's assessment of whether a bank must take a valuation adjustment for regulatory purposes under Paragraphs CA-5.1.18.A to CA-5.1.20 is the degree of consistency between the bank's valuation procedures and these guidelines.
Added: January 2012CA-5.1.9A
A framework for prudent valuation practices should at a minimum include the following:
Amended: January 2012
Apr 08Systems and Controls
CA-5.1.10
Banks must establish and maintain adequate systems and controls sufficient to give management and CBB the confidence that their valuation estimates are prudent and reliable. These systems must be integrated with other risk management systems within the organisation (such as credit analysis). Such systems must include:
(a) Documented policies and procedures for the process of valuation. This includes clearly defined responsibilities of the various areas involved in the determination of the valuation, sources of market information and review of their appropriateness, guidelines for the use of unobservable inputs reflecting the bank's assumptions of what market participants would use in pricing position, frequency of independent valuation, timing of closing prices, procedures for adjusting valuations, end of the month and ad-hoc verification procedures; and(b) Clear and independent (i.e. independent of front office) reporting lines for the department accountable for the valuation process. The reporting line should ultimately be to a main board executive director.Amended: January 2012
Apr 08Valuation Methodologies
Marking to Market
CA-5.1.11
Marking-to-market is at least the daily valuation of positions at readily available close out prices that are sourced independently. Examples of readily available close out prices include exchange prices, screen prices, or quotes from several independent reputable brokers.
Apr 08CA-5.1.12
Banks must mark-to-market as much as possible. The more prudent side of bid/offer must be used unless the institution is a significant market maker in a particular position type and it can close out at mid-market. Banks should maximise the use of relevant observable inputs and minimise the use of unobservable inputs when estimating fair value using a valuation technique. However, observable inputs or transactions may not be relevant, such as in a forced liquidation or distressed sale, or transactions may not be observable, such as when markets are inactive. In such cases, the observable data should be considered, but may not be determinative.
Amended: January 2012
Apr 08Marking to Model
CA-5.1.13
Only where marking-to-market is not possible, should banks may mark-to-model, but this must be demonstrated to be prudent. Marking-to-model is defined as any valuation which has to be benchmarked, extrapolated or otherwise calculated from a market input.
Amended: January 2012
Apr 08CA-5.1.14
When marking to model, an extra degree of conservatism is appropriate. The CBB will consider the following in assessing whether a mark-to-model valuation is prudent:
(a) Senior management should be aware of the elements of the trading book or of other fair-valued positions which are subject to mark to model and should understand the materiality of the uncertainty this creates in the reporting of the risk/performance of the business;(b) Market inputs should be sourced, to the extent possible, in line with market prices (as discussed above). The appropriateness of the market inputs for the particular position being valued should be reviewed regularly;(c) Where available, generally accepted valuation methodologies for particular products should be used as far as possible;(d) Where the model is developed by the institution itself, it should be based on appropriate assumptions, which have been assessed and challenged by suitably qualified parties independent of the development process. The model should be developed or approved independently of the front office. It should be independently tested. This includes validating the mathematics, the assumptions and the software implementation;(e) There should be formal change control procedures in place and a secure copy of the model should be held and periodically used to check valuations;(f) Risk management should be aware of the weaknesses of the models used and how best to reflect those in the valuation output;(g) The model should be subject to periodic review to determine the accuracy of its performance (e.g. assessing continued appropriateness of the assumptions, analysis of P&L versus risk factors, comparison of actual close out values to model outputs); and(h) Valuation adjustments should be made as appropriate, for example, to cover the uncertainty of the model valuation.Amended: January 2012
Apr 08Independent Price Verification
CA-5.1.15
Independent price verification is distinct from daily mark-to-market. It is the process by which market prices or model inputs are regularly verified for accuracy. While daily marking-to-market may be performed by dealers, verification of market prices or model inputs should be performed by a unit independent of the dealing room, at least monthly (or, depending on the nature of the market/trading activity, more frequently). It need not be performed as frequently as daily mark-to-market, since the objective, i.e. independent, marking of positions, should reveal any error or bias in pricing, which should result in the elimination of inaccurate daily marks.
Apr 08CA-5.1.16
Independent price verification entails a higher standard of accuracy in that the market prices or model inputs are used to determine profit and loss figures, whereas daily marks are used primarily for management reporting in between reporting dates. For independent price verification, where pricing sources are more subjective, e.g. only one available broker quote, prudent measures such as valuation adjustments may be appropriate.
Apr 08Valuation Adjustments
CA-5.1.17
As part of their procedures for marking to market, banks must establish and maintain procedures for considering valuation adjustments. The CBB expects banks using third-party valuations to consider whether valuation adjustments are necessary. Such considerations are also necessary when marking to model.
Amended: January 2012
Apr 08CA-5.1.18
The CBB expects the following valuation adjustments/reserves to be formally considered at a minimum: unearned profit, close-out costs, operational risks, early termination, investing and funding costs, and future administrative costs and, where appropriate, model risk.
Apr 08Adjustment to the Current Valuation of Less Liquid Positions for Regulatory Capital Purposes
CA-5.1.18.A
Banks must establish and maintain procedures for judging the necessity of and calculating an adjustment to the current valuation of less liquid positions for regulatory capital purposes. This adjustment may be in addition to any changes to the value of the position required for financial reporting purposes and should be designed to reflect the illiquidity of the position. The CBB expects banks to consider the need for an adjustment to a position's valuation to reflect current illiquidity whether the position is marked to market using market prices or observable inputs, third-party valuations or marked to model.
Added: January 2012CA-5.1.19
Bearing in mind that the underlying 10-day assumptions made about liquidity in the market risk capital charge may not be consistent with the bank's ability to sell or hedge out less liquid positions, where appropriate, banks must take an adjustment to the current valuation of these positions, and review their continued appropriateness on an on-going basis. Reduced liquidity may have arisen from market events. Additionally, close-out prices for concentrated positions and/or stale positions should be considered in establishing the adjustment. Banks must consider all relevant factors when determining the appropriateness of the adjustments for less liquid positions. These factors may include, but are not limited to, the amount of time it would take to hedge out the position/risks within the position, the average volatility of bid/offer spreads, the availability of independent market quotes (number and identity of market makers), the average and volatility of trading volumes (including trading volumes during periods of market stress), market concentrations, the aging of positions, the extent to which valuation relies on marking-to-model, and the impact of other model risks not included in Paragraph CA-5.1.18.A.
Amended: January 2012
Apr 08CA-5.1.20
[This Paragraph was deleted in January 2012]
Deleted: January 2012CA-5.2 CA-5.2 Price Risk
CA-5.2.1
The capital charge for price risk is 15% of the amount of the position (carrying value).
Apr 08CA-5.2.2
For commodities exposure in Salam, the capital charge is computed at 15% of the net position in each commodity, plus an additional charge equivalent to 3% of the gross positions, long plus short, to cover basis risk and forward gap risk. The 3% capital charge is also intended to cater for potential losses in Parallel Salam when the seller in the original Salam contract fails to deliver and the bank has to purchase an appropriate commodity in the spot market to honour its obligation. Net positions in commodities are calculated as explained in section CA-5.6. In case of Istisna'a (see paragraph CA-3.4.24) 15% capital charge on net long or short position plus 3% capital charge on gross positions must apply.
Apr 08CA-5.3 CA-5.3 Equity Position Risk
Introduction
CA-5.3.1
The minimum capital requirement for equities is expressed in terms of two separately calculated charges, one relating to the "specific risk" of holding a long position in an individual equity, and the other to the "general market risk" of holding a long position in the market as a whole. Where the bank has invested in shares/units of equity funds on Mudaraba financing and the bank has direct exposures in the equities which are traded in a recognised stock exchange, the shares/units are considered to be subject to equity risk. The equity position would be considered to be the net asset value as at the reporting date.
Apr 08Specific Risk Calculation
CA-5.3.2
Specific risk is defined as the bank's gross equity positions (i.e. the sum of all equity positions and is calculated for each country or equity market) and is calculated for each country or equity market. For each national market in which the bank holds equities, it should sum the market values of its individual net positions irrespective of whether they are long or short positions, to produce the overall gross equity position for that market.
Amended: January 2012
Apr 08CA-5.3.3
The capital charge for specific risk is 8%.
Amended: January 2012
Apr 08CA-5.3.4
[This Paragraph was deleted in January 2012]
Deleted: January 2012General Risk Calculation
CA-5.3.5
The general market risk is calculated by first determining the difference between the sum of the long positions and the sum of the short positions (i.e. the overall net position) in each national equity market. In other words, to calculate the general market risk, the bank should sum the market value of its individual net positions for each national market, taking into account whether the positions are long or short.
Amended: January 2012
Apr 08CA-5.3.6
The general market equity risk measure is 8% of the overall net position in each national market.
Amended: January 2012
Apr 08CA-5.4 CA-5.4 Sukuk
Specific Risk for Sukuk
CA-5.4.1
In the case of Sukuk in the trading book, the specific risk charge must be provided on the RW of the issue and the term to maturity of the Sukuk, as follows:
Categories External credit assessment Specific risk capital charge Government (including GCC governments)* AAA to AA- 0% A+ to BBB- 0.25% (residual term to final maturity 6 months or less)
1.00% (residual term to final maturity greater than 6 and up to and including 24 months)
1.60% (residual term to final maturity exceeding 24 months)BB+ to B- 8.00% Below B- 12.00% Unrated 8.00% Qualifying 0.25% (residual term to final maturity 6 months or less)
1.00% (residual term to final maturity greater than 6 and up to and including 24 months)
1.60% (residual term to final maturity exceeding 24 months)Other Similar to credit risk charges under the standardised approach, e.g.: BB+ to BB- 8.00% Below BB- 12.00% Unrated 8.00% * CBB has the discretion to apply a different specific risk weight to sukuk issued by certain foreign government.
Apr 08General Market Risk for Sukuk
CA-5.4.2
The general market risk16 must be provided on the residual term to maturity or to the next repricing date, using a simplified form of the Maturity Method on the net positions in each time-band in accordance with the table below:
Residual term to maturity RW 1 month or less 0.00% 1-3 months 0.20% 3-6 months 0.40% 6-12 months 0.70% 1-2 years 1.25% 2-3 years 1.75% 3-4 years 2.25% 4-5 years 2.75% 5-7 years 3.25% 7-10 years 3.75% 10-15 years 4.50%
16 At the CBB's discretion, the bank may alternatively use the duration method as set out in the Market risk section of the Basel II Accord (June 2006).
Apr 08CA-5.4.3
In the case of equity investments made by means of a Musharaka or a Mudaraba contract where the underlying assets are commodities, the market risk provisions for commodities, as described below, will be applicable.
Apr 08CA-5.5 CA-5.5 Foreign Exchange Risk
Introduction
CA-5.5.1
This section describes the standardised method for calculation of the bank's foreign exchange risk, and the capital required against that risk.
Apr 08CA-5.5.2
The measurement of the foreign exchange risk involves, as a first step, the calculation of the net open position in each individual currency including gold and/or silver and as a second step, the measurement of the risks inherent in the bank's mix of assets and liabilities positions in different currencies.
Apr 08CA-5.5.3
A bank that holds net open positions (whether assets or liabilities) in foreign currencies is exposed to the risk that exchange rates may move against it. The open positions may be either trading positions or, simply, exposures caused by the bank's overall assets and liabilities. Where the bank is involved in option transactions, these must be agreed in advance with the CBB. The CBB will consider the appropriate treatment on a case by case basis.
Apr 08CA-5.5.4
The open positions and the capital requirements are calculated with reference to the entire business (i.e. the banking and trading books).
Apr 08CA-5.5.5
The open positions are calculated with reference to the bank's base currency, which will be either Bahraini Dinars (BD) or United States dollars (USD).
Apr 08CA-5.5.6
In addition to foreign exchange risk, positions in foreign currencies may be subject to credit risk which should be treated separately. For the purposes of calculating "Foreign Exchange Risk" only, positions in those GCC currencies which are pegged to US$, will be treated as positions in US$.
Apr 08De Minimis Exemptions
CA-5.5.7
A bank doing negligible business in foreign currencies and which does not take foreign exchange positions for its own account may, at the discretion of the CBB and as evidenced by the CBB's prior written approval, be exempted from calculating the capital requirements on these positions. The CBB is likely to be guided by the following criteria in deciding to grant exemption to any bank:
(a) The bank's holdings or taking of positions in foreign currencies, including gold and/or silver, defined as the greater of the sum of the gross asset positions and the sum of the gross liability position in all foreign positions and gold and/or silver, does not exceed 100% of its eligible capital; and(b) The bank's overall net open position, as defined in CA-5.5.15 does not exceed 2% of its eligible capital.Apr 08CA-5.5.8
The criteria listed above are only intended to be guidelines, and a bank will not automatically qualify for exemptions upon meeting them. Banks doing negligible foreign currency business, which do not take foreign exchange positions for the bank's own account, and wish to seek exemption from foreign exchange risk capital requirements, should submit an application to the CBB, in writing. The CBB will have the discretion to grant such exemptions. The CBB may also, at its discretion, fix a minimum capital requirement for a bank that is exempted from calculating its foreign exchange risk capital requirement, to cover the risks inherent in its foreign currency business.
Apr 08CA-5.5.9
The CBB may, at a future date, revoke an exemption granted to a bank, if the CBB is convinced that the conditions on which the exemption was granted no longer exist.
Apr 08Calculation of Net Open Positions
CA-5.5.10
A bank's exposure to foreign exchange risk in any currency is its net open position in that currency, which is calculated by summing the following items:
(a) The net spot position in the currency (i.e. all assets items less all liability items, including accrued profit, other income and expenses, denominated in the currency in question; assets are included gross of provisions for bad and doubtful debts, except in cases where the provisions are maintained in the same currency as the underlying assets);(b) The net forward position in the currency (i.e. all amounts to be received less all amounts to be paid under forward foreign exchange contracts, in the concerned currency);(c) Guarantees and similar off-balance sheet contingent items that are certain to be called and are likely to be irrecoverable where the provisions, if any, are not maintained in the same currency;(d) Profits (i.e. the net value of income and expense accounts) held in the currency in question; and(e) Specific provisions held in the currency in question where the underlying asset is in a different currency, net of assets held in the currency in question where a specific provision is held in a different currency.Apr 08CA-5.5.11
For calculating the net open position in gold and/or silver, the bank must first express the net position (spot plus forward) in terms of the standard unit of measurement (i.e. ounces or grams) and then convert it at the current spot rate into the base currency.
Apr 08CA-5.5.12
Where gold and/or silver are part of a forward contract (i.e. quantity of gold and/or silver to be received or to be delivered), any foreign currency exposure from the other leg of the contract should be reported.
Apr 08Structural Positions
CA-5.5.13
Positions of a structural nature (i.e. non-dealing), may be excluded from the calculation of the net open currency positions. These may include:
(a) Positions taken deliberately in order to hedge, partially or totally, against the adverse effects of exchange rate movements on the bank's CAR;(b) Positions related to items that are deducted from the bank's capital when calculating its capital base in accordance with the rules and guidelines in this Module, such as investments in non-consolidated subsidiaries; and(c) Retained profits held for payout to parent, where the profits are held in the currency concerned.Amended: October 2013
Apr 08CA-5.5.14
The CBB will consider approving the exclusion of the above positions for the purpose of calculating the capital requirement, only if each of the following conditions is met:
(a) The concerned bank provides adequate documentary evidence to the CBB which establishes the fact that the positions proposed to be excluded are, indeed, of a structural nature (i.e. non-dealing) and are merely intended to protect the bank's CAR. For this purpose, the CBB may ask written representations from the bank's management or directors.(b) Any exclusion of a position is consistently applied, with the treatment of the structural positions remaining the same for the life of the associated assets or other items.Apr 08Calculation of the Overall Net Open Position
CA-5.5.15
The net position in each currency is converted at the spot rate, into the reporting currency. The overall net open position must be measured by aggregating the following:
(a) The sum of the net liabilities positions or the sum of the net asset positions whichever is greater(b) The net position (liabilities and assets) in gold and/or silver, regardless of sign.Apr 08CA-5.5.16
Where the bank is assessing its foreign exchange on a consolidated basis, it may be technically impractical in the case of some marginal operations to include the currency positions of a foreign branch or subsidiary of the bank. In such cases, the internal limit for that branch/subsidiary, in each currency, may be used as a proxy for the positions. The branch/subsidiary limits should be added, without regard to sign, to the net open position in each currency involved. When this simplified approach to the treatment of currencies with marginal operations is adopted, the bank should adequately monitor the actual positions of the branch/subsidiary against the limits, and revise the limits, if necessary, based on the results of the ex-post monitoring.
Apr 08Calculation of the Capital Charge
CA-5.5.17
The capital charge is 8% of the overall net open foreign currency position.
Apr 08CA-5.5.18
The table below illustrates the calculation of the overall net open foreign currency position and the capital charge:
Example of the calculation of the foreign exchange overall net open position and the capital charge
GBP DEM SAR US$ JPY GOLD and/or silver +200 +100 +70 -190 -40 -50 +370 -230 50 The capital charge is 8% of the higher of either the sum of the net long currency positions or the sum of the net short positions (i.e. 370) and of the net position in gold and/or silver (i.e. 50) = 420 @ 8% = 33.6
Apr 08CA-5.6 CA-5.6 Commodities Risk
Introduction
CA-5.6.1
This section sets out the minimum capital requirements to cover the risk of holding or taking positions in commodities, including precious metals, but excluding gold and silver (which is treated as a foreign currency according to the methodology explained in section CA-5.5).
Apr 08CA-5.6.2
The commodities position risk and the capital charges are calculated with reference to the entire business of a bank (i.e. the banking and trading books combined).
Apr 08CA-5.6.3
The price risk in commodities is often more complex and volatile than that associated with currencies. Banks need to guard against the risk that arises when a liability (i.e. in a Parallel Salam transaction) position falls due before the asset position (i.e. a failure associated with or delay in the Salam contract). Owing to a shortage of liquidity in some markets, it might be difficult to close the Parallel Salam position and the bank might be "squeezed by the market". All these commodity market characteristics can result in price transparency and the effective management of risk.
Apr 08CA-5.6.4
All contracts (Salam, Musharakah or Mudarabah) involving commodities as defined in chapters CA-3.3, CA-3.6 and CA-3.7 are subject to commodities risk and a capital charge as per the relevant provisions must be computed.
Apr 08CA-5.6.5
Banks should adopt either the simplified approach to calculate their commodities risk and the resultant capital charges or the maturity ladder approach.
Apr 08Calculation of Commodities Positions
CA-5.6.6
Banks must first express each commodity position (i.e. Salam and Parallel Salam) in terms of the standard unit of measurement (i.e. barrels, kilograms, grams, etc). Assets and liabilities positions in a commodity are reported on a net basis for the purpose of calculating the net open position in that commodity. For markets which have daily delivery dates, any contracts maturing within ten days of one another may be offset. The net position in each commodity is then converted, at spot rates, into the bank's reporting currency.
Apr 08CA-5.6.7
Positions in different commodities cannot be offset for the purpose of calculating the open-positions as described above. However, where one or more sub-categories17 of the same category are in effect and are directly deliverable against each other, netting between those sub-categories is permitted. Furthermore, if two or more sub-categories of the same category is considered as close substitutes for each other, and minimum correlation of 0.9 between their price movements is clearly established over a minimum period of one year, the bank may, with the prior written approval of the CBB, net positions in those sub-categories.
17 Commodities can be grouped into clan, families, sub-groups and individual commodities. For example a clan might be Energy Commodities, within which Hydro-Carbons is a family with Crude Oil being a sub-group and West Texas Intermediate, Arabian light and Brent being individual commodities.
Apr 08CA-5.6.8
Banks, which wish to net positions based on correlation (in the manner discussed above), must satisfy the CBB of the accuracy of the method which it proposes to adopt.
Apr 08Maturity Ladder Approach
CA-5.6.9
A worked example of the maturity ladder approach is set out in Appendix CA-3 and the table below illustrates the maturity time-bands of the maturity ladder for each commodity.
Apr 08CA-5.6.10
The steps in the calculation of the commodities risk by the maturity ladder approach are:
(a) The net positions in individual commodities, expressed in terms of the standard unit of measurement, are first slotted into the maturity ladder. Physical stocks are allocated to the first-time band. A separate maturity ladder is used for each commodity.(b) Asset and liability positions in the same time-band are matched. The sum of the matched asset and liability positions is multiplied first by the spot price of the commodity, and then by a spread of 1.5% for each time-band as set out in the table below. This represents the capital charge in order to capture all risks within a time-band (which, together, are sometimes referred to as curvature risk).Time band18 0-1 months 1-3 months 3-6 months 6-12 months 1-2 years 2-3 years over 3 years
18 Instruments, where the maturity is on the boundary of two maturity time-bands, should be placed into the earlier maturity band. For example, instruments with a maturity of exactly one-year are placed into the 6 to 12 months time-band.
Apr 08CA-5.6.11
The residual (unmatched) net positions from nearer time-bands are then carried forward to offset opposite positions (i.e. asset against liability and vice versa) in time bands that are further out. However, a surcharge of 0.6% of the net position carried forward is added in respect of each time-band that the net position is carried forward, to recognise that such management of positions between different time-bands is imprecise. The surcharge is in addition to the capital charge for each matched amount created by carrying net positions forward, and is calculated as explained in step (b) above.
Apr 08CA-5.6.12
At the end of step (c), there will be either asset or liability positions, to which a capital charge of 15% will apply. The CBB recognises that there are differences in volatility between different commodities, but has, nevertheless, decided that one uniform capital charge for open positions in all commodities shall apply in the interest of simplicity of the measurement, and given the fact that banks normally run rather small open positions in commodities. Banks will be required to submit in writing, details of their commodities business in order to capture the market risk on this business and to enable the CBB to evaluate whether the models approach should be adopted by the bank.
Apr 08CA-6 CA-6 Operational Risk
CA-6.1 CA-6.1 Definition of Operational Risk
CA-6.1.1
Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events which includes but is not limited to, legal risk and Sharia compliance risk. This definition excludes strategic and reputational risk.
Apr 08CA-6.1.2
Sharia compliance risk is an operational risk facing Islamic banks which can lead to non-recognition of income and resultant losses.
Apr 08CA-6.2 CA-6.2 The Measurement Methodologies
CA-6.2.1
The framework outlined below presents two methods for calculating operational risk capital charges in a continuum of increasing sophistication and risk sensitivity:
(a) The Basic Indicator Approach; and(b) The Standardised Approach.Amended: April 2011
April 2008CA-6.2.2
A bank will not be allowed to choose to revert to basic indicator approach once it has been approved for standardised approach without CBB's approval. However, if CBB determines that a bank using the standardised approach no longer meets the qualifying criteria for the standardised approach, it may require the bank to revert to the basic indicator approach for some or all of its operations, until it meets the conditions specified by the CBB for returning to the standardised approach.
Apr 08Basic Indicator Approach
CA-6.2.3
Banks using the Basic Indicator Approach must hold capital for operational risk equal to the average over the previous three years of a fixed percentage (denoted alpha) of positive annual gross income. Figures for any year in which annual gross income is negative or zero should be excluded from both the numerator and denominator when calculating the average.19 The charge may be expressed as follows:
KBIA = [Σ (GI1..n α n)]/n
where:
KBIA = the capital charge under the Basic Indicator Approach
GI = annual gross income, where positive, over the previous three years (audited financial years)
N = number of the previous three years for which gross income is positive
α = 15%, relating the industry wide level of required capital to the industry wide level of the indicator.
19 If negative gross income distorts a bank's Pillar 1 capital charge, CBB will consider appropriate supervisory action.
Apr 08CA-6.2.4
The extent of losses arising from non-compliance with Sharia rules and principles cannot be ascertained owing to the lack of data. Therefore, banks are not required to set aside any additional amount over and above the 15% of average annual gross income over the preceding three years for operational risk.
Apr 08CA-6.2.5
Gross income is defined as:
(a) Net income from financing activities which is gross of any provisions, operating expenses, realised profits/losses from the sale of securities in the banking book, and depreciation of Ijarah assets;(b) Net income from investment activities; and(c) Fee income (e.g. commission and agency fee)
Less;(d) Investment account holders' share of income(e) Takaful incomeIn case of a bank with negative gross income for the previous three years, a newly licensed bank with less than 3 years of operations, or a merger, acquisition or material restructuring, the CBB shall discuss with the concerned licensed bank an alternative method for calculating the operational risk capital charge. For example, a newly licensed bank may be required to use the projected gross income in its 3-year business plan. Another approach that the CBB may consider is to require such licensed banks to observe a higher CAR.Apr 08CA-6.2.6
Gross income includes income attributable to restricted and unrestricted Profit Sharing Investment Accounts' funds, but excludes extraordinary or exceptional income. Net income from investment activities includes the bank's share of profit from Musharakah and Mudarabah financing activities.
Apr 08CA-6.2.7
Banks applying this approach are encouraged to comply with the principles set in section OM-1.2 of Operational Risk Management Module.
Apr 08The Standardised Approach
CA-6.2.8
In the Standardised Approach, banks' activities are divided into eight business lines: corporate finance, trading & sales, retail banking, commercial banking, payment & settlement, agency services, asset management, and retail brokerage. The business lines are defined in detail in Appendix CA-4. The bank must meet the requirements detailed in section OM-1.3 to qualify for the use of standardised approach.
Apr 08CA-6.2.9
Within each business line, gross income is a broad indicator that serves as a proxy for the scale of business operations and thus the likely scale of operational risk exposure within each of these business lines. The capital charge for each business line is calculated by multiplying gross income by a factor (denoted beta) assigned to that business line. Beta serves as a proxy for the industry-wide relationship between the operational risk loss experience for a given business line and the aggregate level of gross income for that business line. It should be noted that in the Standardised Approach, gross income is measured for each business line, not the whole institution, i.e. in corporate finance, the indicator is the gross income generated in the corporate finance business line.
Apr 08CA-6.2.10
The total capital charge is calculated as the three-year average of the simple summation of the regulatory capital charges across each of the business lines in each year. In any given year, negative capital charges (resulting from negative gross income) in any business line can not off-set positive capital charges in other business lines. Where the aggregate capital charge across all business lines within a given year is negative, then the input to the numerator for that year will be zero.20 The total capital charge may be expressed as:
K TSA={Σ years 1-3 max[(GI1-8 xβ1-8, 0] }/3
where:
KTSA = the capital charge under the Standardised Approach
GI 1-8 = annual gross income in a given year, as defined above in the Basic Indicator Approach, for each of the eight business lines
β1-8 = a fixed percentage, relating the level of required capital to the level of the gross income for each of the eight business lines.
The values of the betas are detailed below.Business Lines Beta Factors (%) Corporate Finance (β1) 18 Trading and Sales (β2) 18 Retail Banking (β3) 12 Commercial Banking (β4) 15 Payment and Settlement (β5) 18 Agency Services (β6) 15 Asset Management (β7) 12 Retail Brokerage (β8) 12
20 As under the Basic Indicator Approach, if negative gross income distorts a bank's Pillar 1 capital charge under the Standardised Approach, CBB will consider appropriate supervisory action.
Apr 08CA-7 CA-7 Profit Sharing Investment Accounts
CA-7.1 CA-7.1 Profit Sharing Investment Accounts
CA-7.1.1
This chapter deals with the capital adequacy requirement for assets financed by Profit Sharing Investment Accounts (PSIA), a pool of investment funds placed with an Islamic bank on the basis of Mudarabah.
Apr 08CA-7.1.2
The PSIA (commonly referred to as "investment accounts" or "special investment accounts") can be further categorised into:
(a)Unrestricted PSIA; and(b)Restricted PSIA.Apr 08CA-7.1.3
The bank has full discretionary powers in making investment decisions for unrestricted PSIAs. However, the placement of funds in restricted PSIA's by the bank is subject to investment criteria specified by the bank, or by the customer, in the Mudarabah contract, or agreed between the investment account holders (IAH) and the bank at the time of contracting.
Apr 08CA-7.1.4
The bank assumes the role of an economic agent or Mudarib in placing such funds in income-producing assets or economic activities, and as such is entitled to a share (the Mudarib share) in the profits (but not losses) earned on funds managed by it on behalf of the IAH, according to a pre-agreed ratio specified in the Mudarabah contract.
Apr 08Reserves
CA-7.1.5
The bank can take precautionary steps by setting up prudential reserve accounts to minimise the adverse impact of income smoothing for PSIA on its shareholders' returns and to meet unexpected losses (UL) that would be borne by the IAH on investments financed by PSIA, namely:
• Profit equalisation reserve (PER)
PER comprises of allocations from the gross income21 of the Mudarabah to be available for smoothing returns paid to the investment account holders and the shareholders, and consists of a PSIA portion and a shareholder's portion; and/or• Investment risk reserve (IRR)
IRR comprises amounts appropriated out of the income of investment account holders after deduction of the Mudarib share of income, to meet any potential future losses on the investments financed by the PSIA.
21 In some countries, the appropriation of income is to be made out of after tax income.
Apr 08CA-8 CA-8 Gearing Requirements
CA-8.1 CA-8.1 Gearing
CA-8.1.1
The content of this Chapter is applicable to locally incorporated banks and Bahrain retail bank branches of foreign banks.
Apr 08Measurement
CA-8.1.2
The Gearing ratio is measured with reference to the ratio of
deposit liabilities against the bank's capital and reserves as reported in its PIRI.Apr 08Gearing Limit
CA-8.1.3
For Retail Bank and Wholesale bank licensees,
deposit liabilities should not exceed 20 times the respective bank's capital and reserves.Apr 08CM CM Credit Risk Management
CM-A CM-A Introduction
CM-A.1 CM-A.1 Purpose
CM-A.1.1
The purpose of this module is to provide a checklist of the key elements of a sound credit risk management system which supervisors can expect their banks to observe.
CM-A.1.2
This module provides support for certain other parts of the Rulebook, mainly:
(a) Principles of Business;(b) BMA Reporting Requirements;(c) Audit Firms;(d) Public Disclosure;(e) High Level Controls; and(f)Capital Adequacy .CM-A.2 CM-A.2 Key requirements
CM-A.2.1
Branches of foreign banks in Bahrain are expected to maintain provisions against potential credit losses on their books in Bahrain. Head offices of banks that do not wish to maintain provisions on books of theirbranch(es) in Bahrain should advise the Agency, on an annual basis and in writing, of the amount of provisions set aside for the bad debts of Bahrainbranch(es) .CM-A.2.2
The Agency requires all banks incorporated in Bahrain to set out their policy on large
exposures , including limits for differing types ofexposures to individual customers, banks, corporates, countries and economic and market sectors, in a policy statement which should be formally approved by the Board of Directors.CM-A.2.3
The aggregate of large exposures may not exceed 800% of the bank's (consolidated) capital base. A bank may not incur a combined
exposure (funded by unrestricted investment accounts, the bank's own funds and restricted investment accounts) to an individualcounterparty or group of closely relatedcounterparties which exceeds 35% of the reporting bank's (consolidated) capital base.CM-A.2.4
The aggregate
exposures to all connectedcounterparties when taken together, may not exceed 60% of (consolidated) capital base.CM-A.2.5
No Islamic financing provided by a bank to its own external auditors shall be permitted.
CM-A.2.6
All banks incorporated in Bahrain are required to report (for the attention of the Director of Financial Institutions Supervision Directorate) all large
exposures , (whether exempt or not) on a quarterly basis using the return provided in Appendix BR 3.CM-A.2.7
The Agency's prior written consent should be obtained for any credit facility to an employee where the amount of such facility, either singly or when added to an existing facility/existing facilities outstanding to that employee at that date, would be equal to or in excess of BD 100,000 (or its equivalent).
CM-A.2.8
Licensees may only provide a new consumer facility (or renew, extend or otherwise modify an existing consumer facility) for an amount such that the counterparty's total monthly repayments on all his consumer finance commitments do not exceed 50% of his monthly gross income.
CM-A.2.9
Licensees must make clear to potential counterparties, prior to entering into a consumer finance agreement, all relevant key terms of the agreement.
CM-A.2.10
The Agency's prior written consent should be obtained before writing off any credit facility provided to senior employee/officer/Director of the reporting bank or other bank(s) who fails to discharge his/her repayment obligations to the reporting bank.
CM-A.2.11
The bank should notify the Agency of any write-off of a credit facility, (i.e., Murabaha or any other credit facility) of an amount in excess of BD 100,000 (or its equivalent).
CM-A.3 CM-A.3 Regulation history
CM-A.3.1
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
CM-A.3.2
A list of most recent changes made to this module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes CM-2.2 1/10/05 Role of Internal audit becomes a rule CM-7.4 1/10/05 Clarification re non-compliant facilities Evolution of the Module
CM-A.3.3
Prior to the development of this Rulebook, the Agency had issued various circulars representing regulations covering different aspects of credit risk management. These circulars have now been consolidated into one module covering the credit risk management regulation. These circulars and their evolution into this module are listed below:
Circular Ref. Date of Issue Module Ref. Circular Subject BC/3/98 21 Feb 1998 CM-B.2 Basel Committee on Banking Supervision Framework for the Evaluation of Internal Controls Systems BC/117/95
(partial)1 Feb 1995 CM-1–CM-3 Risk Management OG/127/01 18 Mar 2001 CM-2 Developing a Sound Credit Culture OGD/27/88 9 Feb 1988 CM-3.4 Provisions Against Country Debt PIRI Pack - - - - - CM-4 Prudential Information Returns for Islamic Financial Institutions EDBC/178/96 5 Oct 1996 CM-5 Islamic Facilities OG/45/88 13 Mar 1988 CM-6.1 Write-Off–Credit Facility OG/50/92
(partial)4 Mar 1992 CM-7.1–CM-7.2 Consumer Finance PIRI Pack - - - - - CM-8 Prudential Regulations for Islamic Financial Institutions EDBC/105/96 26 June 1996 CM-8.3 Mudaraba Contracts — Minimum Terms and Conditions BC/4/99 17 Mar 1999 CM-9.1 Annual Accounts for the Year Ending 31 December 1999 Effective date
CM-A.3.4
The contents in this module are effective from the date depicted in the original circulars (see paragraph CM-A.3.3) from which the requirements are compiled.
CM-B CM-B General guidance and best practice
CM-B.1 CM-B.1 Introduction
CM-B.1.1
This chapter provides general guidance on the subject matter of this Module. These guidance could be in the form of papers / reports or other source of information issued by international bodies.
CM-B.1.2
These guidance promote best practice and could generally be applied by all licensees to their activities.
CM-B.1.3
Where applicable, the sources provided in this chapter should be used as an aid to reading the contents of this module.
CM-B.2 CM-B.2 Guidance provided by other international bodies
Basel Committee: Principles for the Management of Credit Risk
CM-B.2.1
The paper (see www.bis.org/publ/bcbs75.pdf) which contains 17 principles, encourages banking supervisors globally to promote sound practices for managing credit risks in banking activities.
CM-B.2.2
Throughout the module, references have been made to this paper and it is recommended that the regulations in this module be followed in conjunction with the guidelines presented in this paper.
Counterparty Risk Management Policy Group (CRMPG): Improving Counterparty Risk Management
CM-B.2.3
The objective of this report (see www.isda.org/educat/pdf/CRMPG-report6-99.pdf), which was developed by a committee of market practitioners in the wake of the 1998 market disruptions, discusses
counterparty credit risk and market risk management practices and how they can be enhanced.CM-B.2.4
The report covers four subject areas: transparency and
counterparty credit assessments; risk measurement, management, and reporting; market practices and conventions; and regulatory reporting.CM-B.2.5
Of particular interest to risk managers is guidance provided in two areas, one on liquidity risk and leverage, and the other on
counterparty creditexposure estimation.Basel Committee: Framework for Internal Controls Systems in Banking Organisations
CM-B.2.6
The paper (see www.bis.org/publ/bcbs40.pdf) issued in September 1998 presents the first internationally accepted framework for supervisors to use in evaluating the effectiveness of the internal controls over all on and off balance sheet activities of banking organizations.
CM-B.2.7
The paper describes elements that are essential to a sound internal control system, recommends principles that supervisors can apply in evaluating such systems, and discusses the role of bank supervisors and external auditors in this assessment process.
CM-B.3 CM-B.3 Enforceability
CM-B.3.1
This guidance should not be taken as legally binding requirements, unless otherwise embodied in Bahrain law or by regulation.
CM-B.3.2
It should be noted that the provisions in this chapter are to be taken as guidance by the licensees in order to promote sound credit risk management practices.
CM-1 CM-1 General procedures
CM-1.1 CM-1.1 Overview
CM-1.1.1
Credit risk is the likelihood that
counterparty of the bank will not meet its obligations in accordance with the agreed terms. The magnitude of the credit risk depends on the likelihood ofdefault by thecounterparty , and on the potential value of the bank's contracts with the customer at the time ofdefault . Credit risk largely arises in assets shown on the balance sheet, but it can also show up off the balance sheet in a variety of contingent obligations.CM-1.1.2
Exposure to credit risk, notably in the form of traditional bank financing, has historically been the most frequent source of bank problems. The assessment of credit risk is a challenging task where bankers are often faced with making decisions based on outdated or partial information.CM-1.1.3
The lack of continuous credit supervision and effective internal controls, or the failure to identify abuse and fraud are also sources of risk. The overall lending policy of the bank should be monitored by a Credit Committee composed of officers with adequate seniority and experience.
CM-1.2 CM-1.2 Credit analysis
CM-1.2.1
Proper credit risk management will help banks to discipline their lending activities and ensure that credit facilities are granted on a sound basis, and that bank funds are invested in a profitable manner. The process of managing credit risk starts at the origination of the credit facility. Standards for credit analysis should stress the borrower's ability to meet his future financial needs through analysis of his cash-flow generation capacity.
CM-1.2.2
Measurement of credit risk is complicated by the fact that both credit
exposures and the likelihood ofdefault can vary over time and may be interdependent. The creditworthiness of customers shifts, as reflected in credit rating upgrades and downgrades. Customers that originally are highly rated are more likely todefault later in a credit facilities' life than earlier.CM-1.2.3
Banks should properly assess the inherent risk factor of each credit facility; monitor the risks arising from any portfolio concentration; and ensure that appropriate precautions against losses have been taken in the form of
collateral and/or provisioning as described in chapter CM-2.CM-1.3 CM-1.3 Credit policy
CM-1.3.1
A properly documented credit policy is an essential element of and prerequisite for the credit risk management process. Consistent with the Board's objectives, it assists bank management in the maintenance of proper credit standards and the avoidance of unnecessary risks.
CM-1.3.2
It is prudent to review the credit policy regularly to ensure that once it is established, it remains flexible enough to be current and continues to accomplish its original purpose taking into consideration market developments.
CM-1.3.3
Explicit guidelines in credit policy provide the basis for effective credit portfolio management. A sound credit policy should consider which types of credit products and borrowers the bank is looking for and the underwriting standards the bank will utilize.
CM-1.3.4
A bank's credit policy should address all credit matters of significance including:
(a) objectives of credit monitoring;(b) organisation and reporting structure of the credit department;(c)designated markets and products;(d) establishment of a credit limit framework;(e) guidelines for assessment of concentration;(f) authorisation procedures for the advancement of credit;(g) establishment of credit committees;(h) establishment of desirable pricing levels and criteria; and(i) problem credit identification and administration.CM-1.3.5
After the credit facility has been granted, its performance should be monitored at regular intervals. This includes an appropriate periodic review of financial statements, a reassessment of
collateral and update of appraisals, and attentive monitoring of conditions in the borrower's industry. Credit supervision constitutes the first line of detection of difficulties and provides the bank with an opportunity to address problems before losses are sustained.CM-2 CM-2 Developing a sound credit culture
CM-2.1 CM-2.1 Overview
CM-2.1.1
Credit culture is defined as the sum total of a bank's approach to managing credit risk, including business strategy, credit policy, shared assumptions about credit, the effectiveness of communications, and the composition and quality of the resulting credit portfolio.
CM-2.1.2
As a matter of best practice, all banks should periodically review their credit cultures in order to reduce future credit losses and also to minimise
reputational risk and damage to their credit ratings.CM-2.1.3
The Agency draws all licensed banks' attention to the September 2000 document issued by the
Basel Committee entitled "Principles for the Management of Credit Risk". This document contains 17 principles which all banks should ensure are covered in their credit culture (i.e. policies, procedures, systems and controls) (see www.bis.org/publ/bcbs75.pdf).CM-2.1.4
Effective from the date of the original circular (see section CM-A.3), the Agency has used the Basel document mentioned above as a guideline in its evaluation of the credit cultures of banks operating in Bahrain. Evaluation is conducted through prudential meetings, inspection and reporting accountants' reviews.
CM-2.2 CM-2.2 Elements of a strong credit culture
CM-2.2.1
First, the regulation in this section is recommendatory in nature (except for the requirement in paragraph CM-2.2.2 (a) & (e) below), and the guidelines below under the five headings are indicative of best practice. Some of the guidelines may not be appropriate to all relevant licensees. However, if a bank is not following these guidelines, it should consider why it is not doing so.
CM-2.2.2
Secondly, the regulation in this section is intended as a complement to the September 2000 Paper by the
Basel Committee entitled "Principles for the Management of Credit Risk" (see section CM-B.2). This section does not summarise the Basel Paper, but is intended to be read in conjunction with the above Paper.(a) The Role of the Board of Directors
The Board of Directors must approve all the operating policies of a bank (see principle 1 ofBasel Committee paper "Framework for Internal Controls Systems in Banking Organisations" — section CM-B.2).
Given that credit risk is still the major risk that banks are exposed to in their business, particular scrutiny must be paid to credit policies, in terms of various limits as well as in terms of risk strategy. An essential function of the Board is to review and reassess the credit policies of the bank (includingcollateral , provisioning policies and concentration policies) on a periodic basis. The Board should also regularly review overdue and large facilities both in terms of performance, and also in relation to the capital (base) of the bank. The Board should insist upon periodic review/evaluation of internal systems and control weaknesses identified by external/internal auditors and management. Principle 1 of theBasel Committee paper "Principles for the Management of Credit Risk" (see section CM-B.2) also gives greater detail on the role of the Board in developing a sound credit culture.(b) The Role of the senior management
Senior Management should be involved in regular reviews of outstanding facilities and overdue accounts as well as reviewing changes in activity, turnover or balances in clients' accounts. The role of senior management is covered in depth in Principle 2 ofBasel Committee paper "Principles for the Management of Credit Risk" — section CM-B.2 (see also Principle 3 ofBasel Committee paper "Framework for Internal Controls Systems in Banking Organisations" — section CM-B.2). However, Senior Management should be involved in the credit review process of (larger) existing facilities, visiting clients, requesting up to date financial statements and verifyingcollateral . Too often, a lack of direct contact by senior management with a problem client has been an identified factor in significant credit losses by banks, whether by way of fraud, or corporate failure.(c) Role of an Independent Risk Management Function
Perhaps the key point to emphasise in Risk Management is that the function must be independent of the senior management and operational functions which are related to business acquisition. The Risk Management function should report to the Board or to senior management related to control functions. The Risk Management function must not only monitor risk, but also control it (i.e. review limits, excesses etc). It must also ensure that risk monitoring systems accurately measure risk in the first place, and that all risks where they occur are, correctly identified (see also Principle 6 ofBasel Committee paper "Framework for Internal Controls Systems in Banking Organisations" — section CM-B.2).(d) Effective Internal Systems and Controls
Well implemented sound policies and procedures maintain credit standards, enable monitoring and control of credit risk, and identify problem credits in a timely manner (see Principle 2 ofBasel Committee paper "Principles for the Management of Credit Risk" — section CM-B.2 for more detail). Sound policy and administrative requirements also apply equally strongly to existing facilities as well as new ones (see Principle 8 ofBasel Committee paper "Principles for the Management of Credit Risk" — section CM-B.2). Policies and procedures should allow a thorough understanding of thecounterparty , the purpose of the credit facility and the source of repayment (Principle 4 ofBasel Committee paper "Principles for the Management of Credit Risk" — section CM-B.2) to be gained by the Risk Management function in its assessment of thecounterparty for risk profiling purposes, (see also Principle 6 ofBasel Committee paper "Framework for Internal Controls Systems in Banking Organisations" — section CM-B.2 and section E of the paper issued by theCounterparty Risk Management Policy Group — "ImprovingCounterparty Risk Management" — see section CM-B.2). Banks should seek to utilise internal rating systems to manage credit risk and to set adequate provisions on a timely basis (see Principle 10 ofBasel Committee paper "Framework for Internal Controls Systems in Banking Organisations" — section CM-B.2).(e) The Role of Internal Audit
Internal audit function should, on an on-going basis, monitor the system of internal controls because it provides an independent assessment of the adequacy of, and compliance with, the established policies and procedures. Internal audit function must report directly to the highest levels of the banking organisation, typically the Board of Directors or its audit committee, and to senior management. This allows for the proper functioning of corporate governance by giving the Board information that is not biased in any way by the levels of management that the reports cover.CM-2.3 CM-2.3 Name-financing
CM-2.3.1
Banks are exposed to credit risk when they provide large credit facilities on a "clean" basis (i.e. without
collateral orsecurity ). This risk is amplified, specifically, when such clean name financing is made without adequate (up to date) financial information.CM-2.3.2
In many banks there is a tendency to indulge in "
name-financing " without any credit analysis or understanding of the concernedcounterparty's current outstanding facilities from other banks. The Agency strongly discourages the banks to engage in such activities in order to minimise their credit risk and reputation risk.CM-3 CM-3 Assessment of credit quality
CM-3.1 CM-3.1 Overview
CM-3.1.1
A realistic assessment of credit quality is an essential feature of effective credit risk management. The starting point for a systematic review of credit quality is a comprehensive review of the bank's written credit policies and practices. These include, but are not limited to:
(a) credit approval procedures;(b) credit underwriting criteria; and(c) credit administration process.CM-3.1.2
Credit quality is a relative concept based on performance prospects and external variables. Trends in the economy, and changes in markets and prices of goods affect the evaluation of credit facility repayment value. Assessing credit risk is a dynamic concept which needs to take into account the business cycle and the economic environment.
CM-3.1.3
The objectives of the credit assessment are to determine:
(a) whether the applicant / customer will have sufficient future liquid resources to honour credit obligations according to the agreed terms;(b) whether the applicant's / customer's present and future prospects indicate that they will continue as agoing concern in the foreseeable future;(c) is the applicant / customer of sufficient integrity; and(d) to what extent does anysecurity offered affect the risk inherent in the facility.CM-3.1.4
To help improve prudential oversight of credit quality, the Agency, in this Module, seeks to establish a set of broad rules that are useful in identifying and containing the impact of impaired assets within banks.
CM-3.2 CM-3.2 Credit grading system
CM-3.2.1
The banks should have in place appropriate credit grading systems (classification) to help assess asset quality and credit exposures including performing receivables.
CM-3.2.2
Credit grading systems offer a number of benefits. Analysis of a bank's entire book can reveal important insights to bank's management in the functioning and ultimately the health of the bank. Credit grading systems provide the means for a more systematic assessment of asset quality. They are particularly useful in assisting in the early detection of asset quality problems within a bank by highlighting credit with above normal risks.
CM-3.2.3
The Agency does not favour the imposition of a standard credit grading system for all banks. Instead, the Agency will rely, wherever possible, upon the credit grading system adopted by each bank. This preference reflects the fact that banks generally have devoted significant resources to developing grading systems that best fit their individual product mix.
CM-3.2.4
Each bank is hence required to provide to the Agency a statement of its current policy in respect of its credit grading system (including definitions used to classify exposures). Banks that do not intend to implement a credit grading system should indicate to the Agency their reason for not doing so. The Agency expects to have the endorsement of the Board of the bank concerned.
CM-3.2.5
Banks looking to implement a credit grading system, or to update their current system, should consider the following points:
(a) The system should cover a broad range of the bank's asset portfolio, including unrestricted investment accounts, restricted investment accounts and other off balance sheet exposures;(b) The system should cover both performing and impaired assets — it is common for grading systems to have sufficient range of grades, covering exposures with the lowest risk to those where losses are expected;(c) Banks should detail credit grading system in a credit policy statement, and should develop procedures for the determination and regular review of the credit risk grades;(d) Banks should establish formal forums in the form of committees to review the compliance with the credit policy parameters and the concentration of exposure attributable to various economic and industrial sectors in accordance with the credit policy;(e) Particular attention should be given to those facilities which involve a higher normal risk, or which are impaired;(f) It is imperative that the policies relating to the provisioning for Islamic banks should be clearly laid down, fully identifying provisions relating to assets financed by own funds and those by the investment account holders; and(g) Facilities should, at minimum, include four categories along the following lines:(i) "Standard credits" are those, which are performing, as the contract requires. There is no reason to suspect that the creditor's financial condition or collateral adequacy has depreciated in any way. The bank is very likely to extend additional funds to this borrower if requested (subject to internal or legal credit restrictions);(ii) "Substandard credits" are inadequately protected by the paying capacity of the obligor or by the collateral pledged. They are characterized by the distinct possibility that the bank will sustain some loss if the deficiencies are not corrected. Loss potential, while existing in the aggregate amount of Substandard assets does not have to exist in individual assets classified Substandard;(iii) "Doubtful credits" have all the weaknesses inherent in a credit classified as Substandard with the added characteristic that the weaknesses make collection or liquidation in full, on the basis of currently existing facts, conditions, and values, highly questionable or improbable. The possibility of Loss is extremely high, but because of certain important and reasonably specific pending factors which may work to the advantage and strengthening of the asset, its rating as an estimated Loss is deferred until its more exact status may be determined;(iv) "Loss credits" are considered uncollectible and of such little value that their continuance as assets is not warranted. The rating does not mean that the asset has absolutely no recovery or salvage value, but rather that it is not practical or desirable to defer writing off this basically worthless asset even though partial recovery may be affected in the future.CM-3.3 CM-3.3 Impairment of assets and provisioning
Impairment of assets
CM-3.3.1
Banks are required to place on a non-accrual basis any facility where there is reasonable doubt about the collectability of the receivable irrespective of whether the customer concerned is currently in arrears or not. This acknowledges the reality that recognition of impaired assets will have a high degree of subjectivity attached to it.
CM-3.3.2
Impaired assets should be classified into one of the following categories:
(a) Non accrual items;(b) Restructured items; or(c) Other assets acquired through security enforcement, including "other real estate owned".CM-3.3.3
For the purpose of this Module, The following definition of non-accrual items applies:
(a) Financing facilities and investments where there is reasonable doubt about the ultimate collectability of principal within a time frame established by the bank. Non-accruals would include all facilities against which a specific provision has been established, or a write-off taken even if the facility is not in breach of contractual requirements. Refer to AAOIFI's FAS 11 on recognition of provisions and reserves.(b) Financing facilities and investments, not included in (a), where contractual payments of the principal are 90 or more consecutive days in arrears, and where the "fair value" of security is insufficient to cover repayment. In line with the principles outlined above, a facility should be classified as non-accruing earlier than 90 days where it is evident that full, or partial repayment of the amount is unlikely even though the full extent of the loss cannot be clearly determined.Provisioning
CM-3.3.4
Banks must maintain an adequate level of provisioning against the impairment of assets and problem exposures if their earnings and capital adequacy are to be measured correctly.
CM-3.3.5
As a general rule, where there is a doubt about the collectability of a receivable, and security exists, provisions should equal the carrying value of the receivable less the net current market value of security.
CM-3.3.6
Provisions of either type (specific or general) are made in relation to receivables, financing and investment assets in cases where there is doubt regarding collectability or an impairment of value. Refer to AAOIFI's FAS 11: Provisions and Reserves.
CM-3.3.7
Provisioning should be carried in the respective books including bank's own books, unrestricted investment account holders' books and restricted investment account holders' books.
CM-3.3.8
A general provision is an amount set aside to reflect a potential loss that may occur as a result of currently unidentifiable risks in relation to receivables, financing or investment assets. The amount reflects estimated losses affecting these assets attributable to events that have already occurred at the date of the statement of financial position, and not estimated losses attributable to future events.
CM-3.3.9
The policy for provisioning should clearly contain provisions for segregating provisions relating to assets financed by own funds and those financed by investment account holders. In devising the policy, reference should be made to the Mudaraba contract.
CM-3.3.10
A specific provision is an amount set aside to reflect an estimated impairment of value of a specific type of asset. In the cases of investment assets, it is the amount needed to write the assets down to cash equivalent value if this is lower than cost. Refer to AAOIFI's FAS 11: Provisions and Reserves.
CM-3.4 CM-3.4 Provisions against sovereign credit
CM-3.4.1
The Agency has consistently encouraged banks to maintain adequate provisions against credits to borrowers experiencing difficulties and against credits for countries with current or potential credit servicing difficulties.
CM-3.4.2
In all cases the assessment of credits — and decisions regarding adequate provisions — are assisted by the categorization of credits as defined by the Agency in section CM-3.2. In addition, with regard to "sovereign credit" it is particularly important that the size of the provisions made should be based on the identification and objective assessment of the nature and extent of difficulties being experienced by particular countries and reflect as near as possible deterioration in the prospects for recovering credits. With these objectives in mind, the Sovereign Credit Provisioning Matrix (see Appendix CM 1) contains a list of measurements which have been designed to help identify those borrowers and countries with payment difficulties and to decide what would constitute adequate provisions.
CM-3.4.3
It is emphasized that this section and the Sovereign Credit Provisioning Matrix (see Appendix CM 1) are merely a general framework for assessing degrees of provisions. They should not be regarded as an exhaustive or definitive framework. Nevertheless, the Agency does intend to include the results of banks' calculations in its discussions with them, and to establish that adequate provisions are being made.
Implications of International Accounting Standard (IAS) no. 39 on the provisions assessed through Sovereign Credit Provisioning Matrix
CM-3.4.4
The banks should continue to apply the Sovereign Credit Provisioning Matrix (see Appendix CM 1) as a benchmark for estimating future recoverable cash receipts. However, if a lower provisioning amount is determined, i.e. lower than the amount identified through the matrix, and the bank intends to book the lower amount, then a meeting must be arranged with the Agency to discuss the issues before booking such provisions.
CM-3.5 CM-3.5 Collateral
CM-3.5.1
The extension of credit is often supported by
collateral provided by the customer or third parties. When the credit decision is based oncollateral value, independent timely appraisals of thecollateral should be obligatory, including provision for sufficient security margins.CM-3.5.2
In principle,
collateral can improve the credit grading of a customer, but experience suggests that over-reliance oncollateral is unsound because very often when a credit facility goes sour thecollateral turns out to have less value than estimated or is, at worst, illusory.CM-3.5.3
Misjudgements about collectability are frequently the cause;
collateral is often illiquid, difficult to value during periods of financial distress and costly to realise through foreclosure or other legal means. Particular concern may be appropriate in the case ofcollateral in the form of real estate, as it involves additional uncertainties and the costs of maintaining the property.CM-3.5.4
As a matter of principle,
collateral should not replace a careful assessment of the borrower's ability to repay.CM-4 CM-4 The monitoring and control of large exposures of banks licensed by the Agency
CM-4.1 CM-4.1 Overview
CM-4.1.1
The Regulation on large
exposures for banks in Bahrain is issued as part of the Agency's measures to encourage banks to mitigate risk concentrations.CM-4.1.2
The contents of this chapter apply in full to all locally incorporated Islamic banks in the Kingdom of Bahrain.
CM-4.2 CM-4.2 The measure of exposure
CM-4.2.1
The measure of exposure reflects the maximum loss should a counterparty fail, or loss that may be experienced due to non-repayment of facilities granted. Consistent with this, an exposure encompasses the amount at risk arising from a bank's:
(a) Claims on a counterparty including actual claims, and potential claims which would arise from the drawing down in full of undrawn advised facilities (whether revocable or irrevocable, conditional or unconditional) which the bank has committed itself to provide, and claims which the bank has committed itself to purchase or underwrite;(b) Contingent liabilities arising in the normal course of business, and those contingent liabilities which would arise from the drawing down in full of undrawn advised facilities (whether revocable or irrevocable, conditional or unconditional) which the bank has committed itself to provide; and(c) Other assets (whether on balance sheet or restricted investment accounts), which constitute a claim for the bank and its customers and which are not included in (a) or (b) above. In particular, exposures where the bank itself is not exposed, but is committing client funds such as restricted investment accounts are included here.CM-4.2.2
As a general rule, exposures should be reported on a gross basis (i.e. no offset). However, debit balances on accounts may be offset against credit balances where they relate to the same customer or to corporate customers in the same business group if:
(a) a legally enforceable right of set off exists in all cases (as confirmed by an independent legal opinion addressed to the bank) in respect of the recognised amounts, and(b) the bank intends either to settle on a net basis, or to realise the debit balances and settle the credit balances simultaneously.For a group facility, a full cross guarantee structure must also exist (i.e. full multilateral guarantees must be in place between all the companies within the group).
CM-4.2.3
Large exposures are calculated using the sum of the nominal amounts before the application of the risk weighting and credit conversion factors for:
(a) on balance sheet claims;(b) guarantees and other contingent claims; and(c) potential claims in the case of undrawn facilities.CM-4.2.4
In case of syndicated facilities, the nominal amount would include only the bank's share of the syndication (financed by unrestricted investment accounts and bank's own funds) and any amounts for which binding commitments from other financial institutions are not available. Where a binding commitment is available, that amount would be excluded in calculation of the large exposures. See section CM-4.5 for exemptions.
CM-4.2.5
For the purpose of large exposures, balance sheet claims involving assets acquired to be leased under Ijarah Muntahia Bittamleek should be reflected as an exposure against the lessee. Further, Murabaha contracts where assets are held for resale, under a binding promise, such exposure should be reflected as an exposure to the counterparty which has signed the binding promise. Potential claims in the case of Istisna'a contracts should include the total amount expected to be paid to al-Sani (the seller) and shown as an exposure to al-Mustasni (ultimate buyer).
CM-4.2.6
A bank's exposure arising from securities' trading operations is calculated as its net long position in a particular security. A bank's "net position" in a security refers to its commitments to buy that security together with its current holding of the same security, less its commitments to sell such a security.
CM-4.3 CM-4.3 Identity of counterparty
CM-4.3.1
For the purposes of measuring
exposures , the counterparty will generally be the customer receiving the funds, the person guaranteed, and the issuer of a security in the case of a security held.CM-4.3.2
Where a third party has provided an explicit unconditional irrevocable guarantee, and subject to the guaranteed bank's policy statement not stating otherwise, the guaranteed bank may be permitted to report the exposure as being to the guarantor, rather than the person guaranteed.
CM-4.4 CM-4.4 Limits for large exposures
Aggregate limit on large exposures
CM-4.4.1
A "large
exposure " is any exposure whether direct, indirect or funded by restricted investment accounts to a counterparty or a group of closely related counterparties which is greater than, or equal to, 10% of the reporting bank's (consolidated) capital base.CM-4.4.2
"Capital base" is the adjusted capital base for the purpose of the risk asset ratio calculated in accordance with the PIRI return (see Module BR) (or owner's equity) using the most recent annual consolidated balance sheet, subject to any specific requirements by the Agency.
CM-4.4.3
The aggregate of large exposures (from both on balance sheet and restricted investment accounts) may not exceed 1200% of the bank's (consolidated) capital base whether funded or not funded, i.e. contingent commitments.
CM-4.4.4
However, the aggregate of large exposures from on balance sheet exposures should not exceed 800% of the bank's (consolidated) capital base whether funded or not funded.
Single exposure limit
CM-4.4.5
The following single exposure limits apply:
(a) Direct exposures (i.e. funded by a bank's own funds or unrestricted investment accounts): A bank may not incur an exposure to an individual counterparty or group of closely related counterparties which exceeds 15% of the reporting bank's (consolidated) capital base without the prior written approval of the Agency. For this purpose, companies/banks with variable capital should not include participation shares in calculating their capital base, since these are governed by Mudaraba contract (profit sharing).(b) Restricted investment accounts: A bank may not incur an exposure to an individual counterparty or group of closely related counterparties where the exposure is funded by restricted investment accounts, which exceeds 30% of the reporting bank's (consolidated) capital base.(c) The combined exposures: A combined exposure of (a) & (b) above (funded by unrestricted investment accounts, or a bank's own funds or restricted investment accounts) to an individual counterparty or group of closely related parties may not exceed 35% of the reporting bank's (consolidated) capital base.Closely related counterparties
CM-4.4.6
Closely related counterparties are two or more counterparties who constitute a single risk because one of them has, direct or indirect, "control" over the other(s) (see below) or counterparties connected in such a way that the financial soundness of any one of them may affect the financial soundness of the other(s), or the same factors may affect the financial soundness of both or all of them.
CM-4.4.7
"Control" means either significant ownership (i.e. ownership of 20% or more of voting equity) or any other interests (including, but not limited to, the ability to exercise or control the exercising of voting power of issued share capital in the licensee) which enable the holder, or which would enable a proposed transferee, thereof to exercise significant influence over the management and business of the licensee.
Limit on exposures to connected counterparties
CM-4.4.8
Exposures to connected counterparties may be justified only when undertaken for the clear commercial advantage of the bank, when negotiated and agreed on an arm's length basis, and when included in the policy statement agreed with the Agency.
CM-4.4.9
No Islamic facilities provided by a bank to its own external auditors shall be permitted. In addition, unless provided for in the contract, off balance sheet restricted investment accounts will not be permitted to participate in on balance sheet corporate funding and vice versa and movement within restricted investment accounts is not permitted without the Agency's prior written approval.
CM-4.4.10
For the purpose of this module, "Connected counterparties" includes companies or persons connected with the bank, including, in particular, subsidiaries and associated companies (whether such association is due to
control or shareholding or otherwise), Directors and their associates (whether such association is due tocontrol orfamily links or otherwise), members of the Shari'a Supervisory Board, management and other staff, andshareholders holding 10% or more of the voting power of the bank. In this context,family links means spouse, father, mother, sons, daughters, sisters and brothers.CM-4.4.11
The Agency will closely examine all exposures to companies or persons connected to a bank and will deduct them from the bank's (consolidated) capital base if they are, in the Agency's opinion, of the nature of a capital investment, or provision of long-term working capital, or are made on particularly concessionary terms.
CM-4.4.12
The limits for exposure to connected counterparties have been set as follows:
(a) Direct exposures: A bank may not incur an exposure (whether funded or not funded) to an individual connected counterparty (as defined above) which exceeds 15% of the reporting bank's (consolidated) capital base. The aggregate exposures to all counterparties within this category should not exceed 25% of the bank's consolidated capital base.(b) Restricted investment accounts: A bank may not incur an exposure (whether funded or not funded) to an individual connected counterparty where the exposure is funded by restricted investment accounts which exceeds 25% of the reporting bank's (consolidated) capital base. The aggregate exposures to all counterparties within this category should not exceed 35% of the bank's consolidated capital base.(c) The combined exposures: A combined exposure of (a) & (b) above (funded by unrestricted investment accounts and bank's own funds, and restricted investment accounts) whether funded or not funded, to an individual connected counterparty may not exceed 25% of the reporting bank's (consolidated) capital base.(d) The aggregate exposures to connected counterparties: (whether funded from on balance sheet or restricted investment accounts) may not exceed 60% of the bank's (consolidated) capital base, whether funded or not funded.CM-4.5 CM-4.5 Exempt exposures
CM-4.5.1
Certain types of exposure are exempt from the limits set out above, but notification of such exposures should be made to the Agency.
CM-4.5.2
These exemptions fall into the following categories and are subject, in each case, to the policy statement as agreed with the Agency:
(a) Islamic bonds/ Sukook issued or guaranteed by the Government of Bahrain or its Agencies;(b) Islamic bonds/ Sukook issued or guaranteed by the IDB;(c) Short term (one year or less) interbank exposures;(d) Exposures to GCC governments, their semi-government institutions and agencies that do not operate on commercial basis;(e) Exposures to OECD central governments;(f) Exposures secured on cash or GCC government securities/guarantees;(g) Exposures secured on OECD central government securities/guarantees;(h) Certain connected exposures, in particular those arising from a group treasury function;(i) Exposures which are covered by a guarantee from the bank's parent (see paragraph CM-4.5.8);(j) Exposures arising from underwriting activities, such exposures continuing for no more than 90 calendar days. Any residual holdings of securities for more than 90 days from the commitment date of underwriting would be subject to normal large exposure limits;(k) Exposures where the bank is acting as agent for an investor in a single purpose, non-discretionary capacity, and the bank has the full right to set-off losses and costs against any funds provided by the investor (examples might include real estate investments); and(l) Syndicated facilities being financed by restricted investment accounts where the investor is fully aware of the type of investment and the associated risks.Exempt exposures to connected counterparties
CM-4.5.3
In respect of exposures to other group companies, the Agency's policy allows a bank to take on a treasury role on behalf of the group as a whole (provided that the group is subject to consolidated supervision by its home supervisor). The Agency's policy regarding the taking on of a treasury role includes exposures arising from a central risk management function.
CM-4.5.4
In certain exceptional cases, exposures of more than 15% of (consolidated) capital base to a bank which controls the financing bank may be permitted for utilisation of surplus liquid funds for a short period not exceeding 90 days even where the financing bank does not perform a treasury role. Any other form of connected financing outside the scope of the above will be dealt with by the Agency on a case-by-case basis.
Exposures undertaken by a subsidiary bank or by a branch outside Bahrain
CM-4.5.5
In the case of banks, which are the Bahrain subsidiaries of overseas banks, the Agency will agree in writing with the supervisory authority of the parent bank, the size of exposures that can be undertaken by the subsidiary.
CM-4.5.6
Exposures undertaken by a branch of a foreign bank on the books in Bahrain should be within the policy statement of the parent bank (company) as agreed by the parent's regulatory authority.
CM-4.5.7
Overseas subsidiaries of Bahrain banks will be expected to comply with the regulatory requirements of the country in which they are located.
CM-4.5.8
Where exposures undertaken by a subsidiary bank are guaranteed by its parent, the subsidiary bank may be deemed to have an exposure to the parent.
CM-4.5.9
Under the terms of this Module, such indirect exposures to a parent bank may be exempt from the limits on large exposures if the Agency is satisfied that:
(a) such exposures are entered into within the terms of a policy agreed by the parent bank, and(b) there are guarantees in place from the parent bank to protect the subsidiary should the exposure become non-performing or require to be written off.CM-4.5.10
In the case of a Bahrain incorporated bank's subsidiary inside Bahrain, in order for an exposure exceeding 15% of capital base to be acceptable for the subsidiary, the Bahrain parent must at all times have room to take over the exposure, without itself exceeding the limit of 15% of capital base. Also, the combined (on and off balance sheet) exposure of the banking group to the customer must be within 35% of the parent bank's consolidated capital base.
CM-4.5.11
The Agency will need to be satisfied that adequate control systems are in place to ensure that credit risk taken in the group as a whole is properly monitored and controlled.
CM-4.6 CM-4.6 Reporting of exposures
CM-4.6.1
Bahrain incorporated banks are required to report all large
exposures on a quarterly basis using the PIRI return provided in Appendix BR 4.CM-4.6.2
Banks are required to adopt policies and set internal limits, which will not lead to the
exposure limit(s) referred to above being exceeded as a matter of course.CM-4.6.3
For some banks, the Agency may determine it prudent to set a lower percentage(s) than the ones given herein.
CM-4.6.4
Should any bank find that, for reasons outside its control or otherwise, it has an
exposure to an individualcounterparty (other than an exemptexposure ) which results in it exceeding any of the limits set out above, this should be reported immediately to the Agency for its consideration, and action should be taken to immediately bring theexposure back within applicable limits as soon as possible.CM-4.7 CM-4.7 Policy statements
CM-4.7.1
The Agency requires each bank incorporated in Bahrain to set out its policy and internal limits on large exposures, including exposures to individual customers, banks, institutions, countries and economic sectors, in a policy statement which should be formally adopted by the Board of Directors. The policy statement should be part of the risk management policy of the bank. The Agency expects banks not to implement significant changes in these policies without prior discussion with the Agency.
CM-4.7.2
Each bank should discuss their policy statement with the Agency. Each bank will be expected to justify to the Agency its policy on exposures to individual counterparties, including the maximum size of an exposure contemplated.
CM-4.7.3
Exposures to counterparties connected with the bank will continue to be particularly closely examined.
CM-4.7.4
The necessary control systems to give effect to a bank's policy on large exposures should be clearly specified and monitored by its Board.
CM-4.8 CM-4.8 Concentrations in economic and market sectors
CM-4.8.1
The extent to which a bank may be prudently exposed to a particular economic sector will vary considerably depending upon the characteristics and strategy of the bank, and the sector concerned.
CM-4.8.2
Concentrations should also be recognized in not just economic sectors, but also in markets (e.g. individual stock exchanges). The Agency will not apply common maximum percentages to banks' sectoral or market exposures but, instead, will continue to monitor such exposures on an individual and general basis.
CM-4.8.3
Banks must specify in their policy statements how they define economic and market sectors, and what limits apply to differing sectors.
CM-4.8.4
Exposures and limits for sectors should be reviewed at least quarterly by the Board of Directors.
CM-4.8.5
Banks which have over 10% of their risk adjusted assets in market risk (i.e. the trading book) must also set market risk concentration limits.
CM-5 CM-5 Staff credit facilities
CM-5.1 CM-5.1 Reporting and compliance
CM-5.1.1
The Agency's prior written consent should be obtained for any credit facilities provided to an employee where the amount of such facility, either singly or when added to an existing facility/existing facilities outstanding to that employee at that date, would be equal to or in excess of BD 100,000 (Bahraini Dinars One Hundred Thousand), or its equivalent in foreign currency. Banks must notify the Agency in writing of any senior employee who fails to discharge his repayment obligations.
CM-5.1.2
Banks must ensure that the provisions of relevant laws (including, specifically, the Bahrain Labour Law) are observed at all times in this area.
CM-6 CM-6 Write-off — Credit facility
CM-6.1 CM-6.1 Write-offs
CM-6.1.1
All locally incorporated banks, should notify the Agency of any write-off of a credit facility, (i.e., Murabaha or any other credit facility) of an amount in excess of BD 100,000 (Bahraini Dinars One Hundred Thousand), or its equivalent in foreign currency.
CM-6.1.2
Such notification should be accompanied with documentary evidence showing, beyond reasonable doubt, that the customer does not possess the resources to fulfil the outstanding obligation.
CM-6.1.3
Banks should also obtain the BMA's prior written approval before writing off any of their following claims:
(a) claims on present or former Directors of the bank;(b) claims which are guaranteed by a Director of the bank;(c) claims on any business entity for which the bank or any of its Directors is an agent;(d) claims on any officer or employee of the bank, or any other person who receives remuneration from the bank;(e) claims on any business entity in which the bank (or any of its Directors, officers or other persons receiving remuneration from the bank) has an interest as a shareholder, Director, manager, agent or guarantor; and(f) claims on any person who is a Director, manager or officer of another bank licensed by the Agency.CM-7 CM-7 Consumer finance
CM-7.1 CM-7.1 Overview
CM-7.1.1
This chapter sets out various requirements regarding the provision of consumer finance within the Kingdom of Bahrain by BMA licensees. The aim of these requirements is to encourage:
(a) prudent provision of credit facilities by licensees providing consumer finance; and(b) the transparent disclosure of the full costs and terms on which licensees offer consumer finance.Application date
CM-7.1.2
The contents of this chapter apply to all consumer finance facilities entered into or renewed after 1 January 2005.
CM-7.2 CM-7.2 The Agency's approach to consumer finance
CM-7.2.1
The Agency favours an open, market-based approach to the operations of licensees, to the extent consistent with its regulatory objectives of ensuring a stable financial system and the fair treatment of licensees' customers.
CM-7.2.2
Bank licensees are reminded of their obligation to implement a sound internal controls framework, including an effective credit culture (see, for instance, section CM-2.3). Bank licensees are also reminded of their obligations clearly to display and communicate charges and profit rates (see, for instance, section BC-4.3).
CM-7.2.3
The Agency has noted the growth in consumer finance as a proportion of outstanding credit facilities over the past few years. The Agency is concerned that this growth should not be at the cost of declining credit quality. Furthermore, the Agency wishes to see further improvements in licensees' transparency in their dealings with their customers, as regards the costs and terms of their lending. Strong competition in this segment of the market increases the need for licensees to be vigilant and to resist pressures to relax standards.
CM-7.2.4
The measures presented in this chapter should be viewed as minimum standards, rather than best practice. They are aimed to encouraging prudent extension of credit facilities and full, frank and fair disclosures, rather than dictate comprehensively how licensees should engage in consumer finance.
CM-7.2.5
These measures will be kept under review in the light of market developments and adjusted accordingly. If the Agency assesses that credit quality and effective transparency are being significantly undermined, then additional prescriptive measures will be considered.
On-going effort by the Agency
CM-7.2.6
These measures form part of a wider response by the Agency. The Agency recognizes that a key contributor to ensuring a sounder credit environment is the credit reference bureau.
CM-7.2.7
The Agency supervisors and examiners will also focus more on consumer finance, in their on-going supervision of licensees, to monitor and encourage sound financing practices.
CM-7.3 CM-7.3 Definition of Consumer Finance
CM-7.3.1
Consumer finance is the provision of any form of credit facility to an individual excluding:
(a) any credit facility secured by a first charge on residential property to an individual, where the counterparty lives in, or intends to live in the property;(b) any credit facility secured by cash or investments, where the security provided more than covers the principal of the credit facility; and(c) the provision of any form of credit to an individual for business purposes where the facility is to be repaid from the business activities of the counterparty.CM-7.3.2
For the purposes of the Rulebook, "credit facility" includes personal overdraft facilities, credit cards, ijara or other financing facility.
CM-7.4 CM-7.4 Maximum limits
Total repayments ratio
CM-7.4.1
Licensees may only provide a new consumer facility (or renew, extend or otherwise modify an existing consumer facility) for an amount such that the counterparty's total monthly repayments on all his consumer finance commitments do not exceed 50% of his monthly gross income. This limit may only be exceeded in the circumstances described in paragraph CM-7.4.6 and CM-7.4.10.
CM-7.4.2
When reviewing an applicant for a consumer facility, licensees may only take into consideration regular income. A spouse's income may only be taken into consideration when the credit facility would be in joint names, such that the spouse would also be legally liable for the obligation incurred.
CM-7.4.3
Notwithstanding the above limit, licensees must review in detail an applicant's personal financial standing and ability to service their obligations. Where a spouse's income is being taken into consideration, then their individual circumstances must also be similarly assessed. In many cases, these reviews may require consumer finance repayments to be kept significantly below 50% of monthly gross income.
CM-7.4.4
Licensees must enquire as to applicants' sources of income, their past credit history, their regular outgoings and other financial commitments, including potential liabilities such as guarantees. Particular attention should be paid to housing costs (such as payments to the Housing Bank). A person's regular income, net of consumer finance repayments and other financial obligations, must remain sufficient for that person to support himself and any dependents. Licensees should also take into account likely future trends in income and outgoings, and the impact this may have on the 50% ratio.
CM-7.4.5
When factoring in credit cards into the repayment limit in paragraph CM-7.4.1 above, licensees should include 5% of the total of credit limits available on these facilities. If the amounts outstanding (including profit) under such facilities exceed their limit, then this higher amount should be included in full in the repayments ratio calculation. Charge cards are not included under this definition.
CM-7.4.6
In the case of high earners — defined for these purposes as persons earning more than BD 3,000 / month — the 50% limit may be relaxed, providing that the licensee has undertaken the review required in paragraph CM-7.4.4 above and is satisfied that the counterparty can comfortably support a higher facility service ratio.
CM-7.4.7
The review undertaken to satisfy requirements in paragraph CM-7.4.4 above must be documented and made available to the Agency's examiners on request. The documentation must include all relevant information used to support the decision to extend credit facilities. In the case of high earners granted a facility in excess of the 50% limit, the documentation must also include a written statement, signed by an appropriate member of management, explaining the justification for relaxing the limit.
Maximum tenor limit
CM-7.4.8
The maximum tenor for instalment consumer finance facilities is seven years. The tenor may not be extended more than twice during the period of the agreement.
CM-7.4.9
The Agency does not believe it prudent for licensees to encourage the provision of credit facilities by offering long-term borrowing to fund short-term consumption. The Agency will review the development of market practices in this respect and will consider further measures if required.
Non-compliant facilities
CM-7.4.10
Where a customer's monthly gross income falls (e.g. due to redundancy or disability or a similar event outside the control of the customer), the bank must identify such accounts as "technically non compliant". If a customer requests an extension to the tenor of the facility due to reduced income, then the bank may increase the term to assist the customer. The bank must take account of the 50% limit outlined in paragraph CM-7.4.1. Such facilities must also be identified as "technically non compliant". Banks must report all "technically non-compliant facilities" to the Director of Islamic Financial Institutions Supervision Directorate on a quarterly basis.
CM-7.5 CM-7.5 Disclosure requirements
Disclosure of key terms
CM-7.5.1
Licensees must make clear to potential counterparties, prior to entering into a consumer finance agreement, all relevant key terms of the agreement.
CM-7.5.2
These terms should be summarised in plain English and Arabic in a short "key terms disclosure" document; this document must be signed and dated by counterparties (in duplicate) as having been read and understood, prior to signing a consumer finance agreement. One copy should be retained by the counterparty and the other must be retained by the licensee in their customer file.
CM-7.5.3
The "key terms disclosure" document must, amongst other things, make clear:
(a) the amount being received or the credit limit being offered, its maturity and repayment schedules;(b) the nominal amount of the cost of credit to be provided to the customer;(c) whether this cost of credit is fixed or can go up and / or down, and under what circumstances;(d) the basis on which the cost of credit is calculated and when capital repayments are taken into account in the calculation, together with an illustration of the calculation method;(e) a breakdown of all other costs not included in (b), (c) and (d) above and associated with the credit, such as arrangement fees, documentation fees, late payment fees (if permitted by the Shari'a Board), and obligatory payment protection insurance costs;(f) the full costs associated with top-ups of installment facilities or early repayments of amounts due (in full or in part if permitted by the Shari'a Board), including the treatment of remaining profit and the payment of premium for insurance; and(g) the Profit Rate, as defined in paragraph CM-7.5.5 below.CM-7.5.4
Licensees are free to design the layout and wording to be used in their "key terms disclosure" document, as they see fit, providing they contain the information specified in paragraph CM-7.5.3 above. BMA will monitor compliance with the spirit as well as the letter of the requirements in this chapter. If necessary, BMA will consider prescribing a standard template to be used by all licensees engaged in consumer finance.
Annual Profit Rate "APR"
CM-7.5.5
The APR is a standard measure that allows consumers to compare total charges for credit facilities to be compared on a like-for-like basis. The APR allows the consumer to compare the total charge for credit over differing periods (e.g. — two versus three years) with differing payment profiles and taking into account the payment of any other fees payable as a condition of the contract, such as documentation fees or insurance premium.
CM-7.5.6
The APR should be shown clearly on the facility document and "key terms disclosure" document (as set out in paragraphs CM-7.5.1 to CM-7.5.4 above).
CM-7.5.7
The APR methodology should also be utilised in advertisements for credit. Any deferral of profit or principal announced by the bank should also take account of the APR methodology, and the new APR should be given to the client or made public in advertisements.
CM-7.5.8
The total charge for credit payable by a consumer includes the following items:
(a) Effective rate of profit on the credit;(b) Documentation or administration fees;(c) In the case of ijara or deferred purchase contracts, any fees for purchasing the asset (e.g. an option to purchase fee payable at the end of the contract); and(d) Any fees or charges payable under any linked or mandatory contract entered into as a condition for the granting of the credit facility, such as payment protection insurance.CM-7.5.9
The APR must be calculated using the following methodology:
K=m
∑
K=1Ak
(1 + i) tk= K'=m'
∑
K'=1A'k'
(1 + i) tk'CM-7.5.10
The meaning of letters and symbols used in the above formula are:
K is the number identifying a particular advance of credit; K' is the number identifying a particular instalment; Ak is the amount of advance K; A'k' is the amount of instalment K; ∑ represents the sum of all the terms indicated; M is the number of advances of credit; M' is the total number of instalments; tk is the interval, expressed in years between the relevant date and the date of advance K; tk' is the interval expressed in years between the relevant date and the date of instalment K'; I is the APR, expressed as a decimal. CM-7.5.11
For the purpose of this chapter, the "relevant date" is the earliest identifiable date on which the customer is able to acquire anything which is the subject of the agreement (e.g. delivery of goods), or otherwise the "relevant date" is the date on which the credit agreement is made.
CM-7.5.12
In the case of instalment finance such as a credit facility, where there is no reimbursement of cost of credit in the event of early repayment, then the residual cost of credit in the old facility must be added to the cost of credit for the new facility, and the APR amended accordingly.
CM-8 CM-8 Islamic contracts
CM-8.1 CM-8.1 Overview
CM-8.1.1
The Agency recognises the unique risk characteristics of Islamic contracts, which may have implication on the asset quality of a bank.
CM-8.1.2
In order to monitor and identify any asset deterioration due to the Islamic contracts, the Agency requires additional disclosures (see Module BR) on the Islamic contracts undertaken by the bank during the period.
CM-8.1.3
Definitions, disclosure requirements and method(s) of accounting treatments for some of the Islamic contracts are outlined in the following sections of this chapter.
CM-8.2 CM-8.2 Murabaha
CM-8.2.1
Revenue for the purpose of Murabaha contracts must be recognised on an accrual basis.
CM-8.2.2
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 2: Murabaha and Murabaha to the Purchase Orderer.
CM-8.3 CM-8.3 Mudaraba
CM-8.3.1
Revenue on Mudaraba contracts may only be recognised to the extent it is being distributed.
CM-8.3.2
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 3: Mudaraba Financing.
CM-8.3.3
As part of its ongoing supervision of Islamic banks, the Agency has set out the type of terms and conditions (see Appendix BC 7) which it believes Islamic banks should include, as a minimum, in such contracts.
CM-8.4 CM-8.4 Musharaka
CM-8.4.1
Under a Musharaka contract, losses are shared in proportion to the contributed capital. It is not permissible to stipulate otherwise.
CM-8.4.2
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 4: Musharaka Financing.
CM-8.5 CM-8.5 Salam
CM-8.5.1
As a policy no Salam contracts should be entered into without covering the position through a Parallel Salam contract.
CM-8.5.2
Where the bank is not able to enter into a Parallel Salam contract it must agree a statement policy with the Agency.
CM-8.5.3
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 7: Salam and Parallel Salam.
CM-8.6 CM-8.6 Istisna'a
CM-8.6.1
As a policy no Istisna'a contracts should be entered without covering the position through a Parallel Istisna'a contract.
CM-8.6.2
In accordance with provisions contained in FAS 10: Istisna'a and Parallel Istisna'a, revenue and profit on such contracts should be recognised on a percentage of completion method.
CM-8.6.3
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 10: Istisna'a and Parallel Istisna'a.
CM-8.7 CM-8.7 Ijarah and Ijarah Muntahia Bittamleek
CM-8.7.1
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 8: Ijarah and Ijarah Muntahia Bittamleek.
CM-9 CM-9 Qard Hassan
CM-9.1 CM-9.1 Facilities transferred to Qard Hassan
CM-9.1.1
The Agency's approval should be obtained before any transfer of any exposures to Qard Hassan if the amount is more than BD 100,000 or its equivalent in foreign currency.
CM-9.1.2
The requirement stated in paragraph CM-9.1.1 above applies to both on balance sheet and restricted investment account related exposures.
CM CM Credit Risk Management (June 2022)
CM-A CM-A Introduction
CM-A.1 CM-A.1 Purpose
CM-A.1.1
The purpose of this Module is to provide a checklist of the key elements of a sound credit risk management system which supervisors can expect their banks to observe. This requirement is supported by Article 44(c) of the Central Bank of Bahrain and Financial Institutions Law (Decree No. 64 of 2006).
October 07CM-A.1.2
This Module provides support for certain other parts of the Rulebook, mainly:
(a) Principles of Business;(b) CBB Reporting Requirements;(c) Audit Firms;(d) Public Disclosure;(e) High-level Controls; and(f)Capital Adequacy .October 07Legal Basis
CM-A.1.3
This Module contains the Central Bank of Bahrain's (CBB's) Directive (as amended from time to time) relating to the credit risk management of
Islamic bank licensees , and is issued under the powers available to the CBB under Article 38 of the CBB Law. The Directive in this Module is applicable to allIslamic bank licensees .Amended: January 2011
October 2007CM-A.1.4
For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.
October 07CM-A.2 CM-A.2 Key Requirements
CM-A.2.1
Overseas Islamic bank licensees are expected to maintain provisions against potential credit losses on their books in Bahrain. Head offices of banks that do not wish to maintain provisions on books of theirbranch (es) in Bahrain must advise the CBB, on an annual basis and in writing, of the amount of provisions set aside for the bad debts of Bahrainbranch (es).Amended: April 2014
Amended: July 2011
Amended: January 2011
October 2007CM-A.2.2
The CBB requires all
Bahraini Islamic bank licensees to set out their policy on largeexposures , including limits for differing types ofexposures to individual customers, banks, corporates, countries and economic and market sectors, in a policy statement which must be formally approved by the Board of Directors (see Section CM-4.7).Amended: April 2014
Amended: July 2011
Amended: January 2011
October 2007CM-A.2.2A
The CBB requires that any large
exposure , as defined in Paragraph CM-4.4.1, must be priorly approved by the bank's Board of Directors (see Paragraph CM-4.4.3A).Added: January 2017CM-A.2.3
The aggregate of large
exposures may not exceed 800% of the bank's consolidated Total Capital (see Paragraph CM-4.4.4). A bank may not incur a combinedexposure (funded by unrestricted investment accounts and the bank's own funds) to an individualcounterparty or group of closely relatedcounterparties which exceeds 15% of the reporting bank's consolidated Total Capital (see Paragraph CM-4.4.5).Amended: January 2015
Amended: April 2014
October 07CM-A.2.4
The aggregate
exposures to all connectedcounterparties when taken together, may not exceed the limit as stated in Paragraph CM-4.4.13 of consolidated Total Capital.Amended: January 2015
Amended: April 2011
October 2007CM-A.2.5
No Islamic financing provided by a bank to its own external auditors shall be permitted.
October 07CM-A.2.6
All
Bahraini Islamic bank licensees are required to report (for the attention of the Director of Islamic Financial Institutions Supervision Directorate) all largeexposures , (whether exempt or not) on a quarterly basis using the Form PIR provided in Appendix BR-5 (see Section CM-4.6).Amended: April 2014
Amended: October 2009
October 2007CM-A.2.7
The CBB's prior written consent must be obtained for any credit facility to an employee where the amount of such facility, either singly or when added to an existing facility/existing facilities outstanding to that employee at that date, would be equal to or in excess of BD 100,000 (or its equivalent) (see Section CM-5.1).
Amended: April 2014
Amended: July 2011
Amended: January 2011
October 2007CM-A.2.8
The CBB requires that banks only provide a new consumer facility (or renew, extend or otherwise modify an existing consumer facility) for an amount such that the counterparty's total monthly repayments on all his consumer finance commitments do not exceed 50% of his monthly gross income (see Section CM-7.4).
Amended: April 2014
Amended: July 2011
October 2007CM-A.2.9
[This Paragraph was deleted in April 2014 as this requirement has been moved to Module BC.]
Deleted: April 2014
CM-A.2.10
The CBB's prior written consent must be obtained before writing off any credit facility provided to senior employee/officer/Director of the reporting bank or other bank(s) who fails to discharge his/her repayment obligations to the reporting bank (See Section CM-7.1 for details).
Amended: July 2011
Amended: January 2011
October 2007CM-A.2.11
All
Bahraini Islamic bank licensees must notify the CBB of any write-off of a credit facility, (i.e. Murabaha or any other credit facility) of an amount in excess of BD 100,000 (or its equivalent). Chapter CM-6 contains Rules relating to the write-off of credit facilities.Amended: April 2014
Amended: January 2013
Amended: July 2011
Amended: January 2011
October 2007CM-A.2.12
All banks which provide credit to residents of Bahrain must become members of the Credit Reference bureau and follow the CRB Code of Practice (see Paragraph CM-1.2.4).
Amended: April 2014
October 07CM-A.2.13
All banks are required to follow the CBB’s requirements concerning refund of insurance on financing prepayments and top-ups and early repayment fees/charges as outlined in Section CM-7.6.
Added: April 2008CM-A.3 CM-A.3 Module History
CM-A.3.1
This Module was first issued on 1st January 2005 as part of the Islamic principles volume. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG 3 provides further details on Rulebook maintenance and version control.
October 07CM-A.3.2
A list of most recent changes made to this Module are detailed in the table below:
Summary of Changes
Module Ref. Change Date Description of Changes CM-2.2 1/10/05 Role of Internal audit becomes a rule CM-7.4 1/10/05 Clarification re non-compliant facilities CM-A.1 10/2007 New Rule CA-A.1.4 introduced, categorising this Module as a Directive. CM-7 10/2007 New Requirement to follow the "Code of best Practice on Consumer Credit and Charging CM-1.2 10/2007 Membership of CRB CM-4.2 10/2007 Clarification of definition of exposure CM-8 10/2007 Re-organised the Chapter. CM-4.4 & 6.1 04/2008 New Limits for significant shareholders and guidance on write-offs CM-7.6 04/2008 New Insurance Refund and prepayment requirements CM-4.6 10/2009 New reporting arrangements for exposures of connected counterparties. CM-A.1.3 01/2011 Clarified legal basis. CM-4 01/2011 Changes made to incorporate CP-5 and large exposures requirements.CM-A.2.4 04/2011 Corrected cross reference in line with new limits introduced in January 2011. CM-4.2.1(c), CM-4.5.1 04/2011 Corrected cross reference. CM 07/2011 Various minor amendments to clarify Rules and have consistent language. CM-4.4.10 07/2011 Amended the definition of connected counterparties. CM-7.5.3 10/2011 Clarified reference to APR. CM-7.5.9 and CM-7.5.10 10/2011 Corrected elements of APR formula. CM-7.5.12 10/2011 Deleted Paragraph as it does not reflect current practice on residual interest. CM-4.4.1E 01/2012 Amended definition of qualifying holdings CM-4.5 01/2012 Clarified and amended the Rules on temporary exposures. CM-4.9.3 01/2012 Clarified the Rule on future increases in qualifying holdings. CM-7.4.9 01/2012 Changed Rule to Guidance. CM-4.5.2E and CM-4.5.2F 04/2012 Clarified Rule on temporary exposures. CM-A.2.9 07/2012 Updated reference to Bahrain Association of Banks. CM-4.4.7 07/2012 Clarified the definition of 'controlling interest'. CM-4.4.8A 07/2012 CBB prior approval required for excess over limits to connected counterparties. CM-4.4.10 07/2012 Minor corrections. CM-4.9.3 07/2012 Amendment made to be in line with updated definition of qualifying holdings. CM-7.5.4 07/2012 Minor typo corrected. CM-7.5 10/2012 This Section was deleted and requirements are now included in Section BC-4.2. CM-A.2.11 01/2013 Clarified Rule related to the write-off of a credit facility. CM-4.4.13A 07/2013 Clarified Rule on the amount that must be deducted from the capital base where exposure exceeds the limit stipulated. CM-7.6.2 07/2013 Clarified the type of mortgages on which the CBB imposes a ceiling on early repayment fees and/or charges. CM-1.2.4 10/2013 Amended to reflect the expanded scope of activities of the Credit Reference Bureau and the membership requirements. CM-7.4.4 10/2013 Updated reference to Eskan Bank to reflect new name. CM-1.2.4 01/2014 Clarified Rule to apply to credit facilities to residents in Bahrain. CM-A.2, CM-4 and CM-8.1.19 04/2014 Added cross references and corrected terminology to link to Glossary items. CM-5.1.1A 04/2014 Clarified Rules on staff loans. CM-7.2.4 04/2014 Reference updated for the code of best practice on consumer credit and charging. CM-4.9.2A 07/2014 Added a guidance Paragraph to clarify the treatment of investments in commercial entities which are otherwise not connected to the bank. CM-A.2 and CM-4 01/2015 Corrected to be aligned with updated requirements under module CA. CM-4.4.2 01/2015 Added reference to transactions subject to the regulation on close-out netting under a market contract. CM-4.4.1B 01/2015 Corrected cross reference. CM-4.4.1E 04/2015 Deleted cross reference as not applicable. CM-4.4.13 04/2015 Clarified that RIAs are excluded. CM-4.4.5, CM-4.5.2B, CM-4.5.9 and CM-4.9.10 04/2015 Corrected reference to consolidated Total Capital to be in line with Module CA. CM-4.6.1 04/2015 Added reference to Appendix BR-19 for reporting the financial details of each large exposure. CM-4.9.3 04/2015 Clarified language on the treatment of significant investments over the thresholds outlined in Paragraph CA-2.4.25. CM-4.6.1, CM-4.6.1A and CM-4.6.1B 07/2015 Clarified the reporting requirements of exposures. CM-6.1 10/2015 Amended Rules on write-offs. CM-4.4.1E 10/2016 Amended definition of 'Major investments'. CM-4.9 10/2016 Amended 'Acquisitions' to be 'Investments' CM-4.9.3 10/2016 Amended Major Investments approval CM-4.9.4 10/2016 Changed 'major acquisition' to 'major investment'. CM-4.9.5 10/2016 Changed 'significant investment' to 'major investment' CM-4.9.6 10/2016 Moved to new section CM-4.10 CM-4.9.7 10/2016 Moved to new section CM-4.10 CM-4.9.8 10/2016 Moved to new section CM-4.10 CM-4.9.10 10/2016 Changed 'acquisitions' to 'major investments'. CM-4.10 10/2016 New Section — 'Limits on Significant Investments' CM-6.1 10/2016 Amended the 'Write-offs' Section CM-7.4.5 10/2016 Amendments to clarify the Rule CM-A.2.2A
CM-4.4.3A01/2017 Added a new requirement on Large Exposures. CM-4.4.6A
CM-4.4.10B01/2017 Added Paragraphs on closely related counterparties and connected counterparties. CM-3.6 07/2017 Added new Section on 'Country and Transfer Risks'. CM-7.6.2 04/2018 Deleted Paragraph on "Early Repayment Fees/Charges". CM-7.4.10 10/2019 Amended Paragraph on non-compliant facilities. CM-4.5.2D 01/2020 Amended Paragraph on approval of the banks policies and procedures. CM-1.2.6 07/2020 Added a new Paragraph on CRB members requirements. CM-1.2.7 07/2020 Added a new Paragraph on compliance with CBB Law. CM-7.4.10 07/2021 Amended submission of technically non-compliant facilities report. CM-7.4.10 01/2022 Amended Paragraph on submission of technically non-compliant facilities report. Evolution of the Module
CM-A.3.3
Prior to the development of this Rulebook, the CBB had issued various circulars representing regulations covering different aspects of credit risk management. These circulars and their evolution into this Module are listed below:
Circular Ref. Date of Issue Module Ref. Circular Subject BC/3/98 21 Feb 1998 CM-B.2 Basel Committee on Banking Supervision Framework for the Evaluation of Internal Controls Systems BC/117/95 (partial) 1 Feb 1995 CM-1 - CM-3 Risk Management OG/127/01 18 Mar 2001 CM-2 Developing a Sound Credit Culture OGD/27/88 9 Feb 1988 CM-3.4 Provisions Against Country Debt PIRI Pack - - - - - CM-4 Prudential Information Returns for Islamic Financial Institutions EDBC/178/96 5 Oct 1996 CM-5 Islamic Facilities OG/45/88 13 Mar 1988 CM-6.1 Write-Off - Credit Facility OG/50/92 (partial) 4 Mar 1992 CM-07.1 - CM-7.2 Consumer Finance PIRI Pack - - - - - CM-8 Prudential Regulations for Islamic Financial Institutions EDBC/105/96 26 June 1996 CM-8.3 Mudaraba Contracts - Minimum Terms and Conditions BC/4/99 17 Mar 1999 CM-9.1 Annual Accounts for the Year Ending 31 December 1999 Amended: January 2011
October 2007Effective Date
CM-A.3.4
The contents in this Module are effective from the date depicted in the original circulars (see Paragraph CM-A-3.3) or the dates given in the summary of changes above.
October 07CM-B CM-B General Guidance and Best Practice
CM-B.1 CM-B.1 Guidance Provided by Other International Bodies
Basel Committee: Principles for the Management of Credit Risk
CM-B.1.1
The paper (see www.bis.org/publ/bcbs75.pdf) which contains 17 principles, encourages banking supervisors globally to promote sound practices for managing credit risks in banking activities.
October 07CM-B.1.2
Throughout the Module, references have been made to this paper and it is recommended that the regulations in this Module be followed in conjunction with the guidelines presented in this paper.
October 07Counterparty Risk Management Policy Group (CRMPG): Improving Counterparty Risk Management
CM-B.1.3
The objective of this report (see www.isda.org/educat/pdf/CRMPG-report6-99.pdf), which was developed by a committee of market practitioners in the wake of the 1998 market disruptions, discusses
counterparty credit risk and market risk management practices and how they can be enhanced.October 07CM-B.1.4
The report covers four subject areas: transparency and
counterparty credit assessments; risk measurement, management, and reporting; market practices and conventions; and regulatory reporting.October 07CM-B.1.5
Of particular interest to risk managers is guidance provided in two areas, one on liquidity risk and leverage, and the other on
counterparty creditexposure estimation.October 07Basel Committee: Framework for Internal Controls Systems in Banking Organisations
CM-B.1.6
The paper (see www.bis.org/publ/bcbs40.pdf) issued in September 1998 presents the first internationally accepted framework for supervisors to use in evaluating the effectiveness of the internal controls over all on- and off-balance-sheet activities of banking organisations.
October 07CM-B.1.7
The paper describes elements that are essential to a sound internal control system, recommends principles that supervisors can apply in evaluating such systems, and discusses the role of bank supervisors and external auditors in this assessment process.
October 07CM-1 CM-1 General Procedures
CM-1.1 CM-1.1 Overview
CM-1.1.1
Credit risk is the likelihood that
counterparty of the bank will not meet its obligations in accordance with the agreed terms. The magnitude of the credit risk depends on the likelihood ofdefault by thecounterparty , and on the potential value of the bank's contracts with the customer at the time ofdefault . Credit risk largely arises in assets shown on the balance sheet, but it can also show up off the balance sheet in a variety of contingent obligations.October 07CM-1.1.2
Exposure to credit risk, notably in the form of traditional bank financing, has historically been the most frequent source of bank problems. The assessment of credit risk is a challenging task where bankers are often faced with making decisions based on outdated or partial information.October 07CM-1.1.3
The lack of continuous credit supervision and effective internal controls, or the failure to identify abuse and fraud are also sources of risk. The overall lending policy of the bank should be monitored by a Credit Committee composed of officers with adequate seniority and experience.
October 07CM-1.2 CM-1.2 Credit Analysis
CM-1.2.1
Proper credit risk management will help banks to discipline their lending activities and ensure that credit facilities are granted on a sound basis, and that bank funds are invested in a profitable manner. The process of managing credit risk starts at the origination of the credit facility. Standards for credit analysis should stress the borrower's ability to meet his future financial needs through analysis of his cash-flow generation capacity.
October 07CM-1.2.2
Measurement of credit risk is complicated by the fact that both credit
exposures and the likelihood ofdefault can vary over time and may be interdependent. The creditworthiness of customers shifts, as reflected in credit rating upgrades and downgrades. Customers that originally are highly rated are more likely todefault later in a credit facilities' life than earlier.October 07CM-1.2.3
Banks should properly assess the inherent risk factor of each credit facility; monitor the risks arising from any portfolio concentration; and ensure that appropriate precautions against losses have been taken in the form of
collateral and/or provisioning as described in Chapter CM-2.October 07CM-1.2.4
Banks which provide credit facilities to residents in Bahrain must become members of the Credit Reference Bureau (CRB). All requests for new credit facilities in Bahrain must be submitted to the CRB.
Amended: January 2014
Amended: October 2013
October 07CM-1.2.5
All CRB members must fully abide by the agreed Code of Practice of the CRB (see Appendix CM-3), in matters such as the protection of confidential customer data and payment of enquiry fees. Any such breaches will be viewed as calling into question the "fit and proper status" of persons involved, potentially making the licensee and the person liable to enforcement action by the CBB.
October 07CM-1.2.6
All CRB members must meet the following requirements and incorporate them into their policies and procedures:
a) Establish an electronic monitoring system to detect, monitor and maintain records and a log of all access to CRB data by the CRB member’s employees;b) Conduct a monthly internal audit on the access logs to identify unauthorised access to CRB data by any employee without securing customer consent and report to the CBB any observed violation of Article 68(bis(2)) of CBB Law;c) Require the sign off of a CRB member’s designated employee on their legal obligations concerning the confidentiality of CRB data and that any violation of Article 68(bis(2)) of CBB Law would subject them to an enforcement action in accordance with CBB Law; andd) Cover compliance with the above requirements in the performance appraisal of relevant employees.Added: July 2020CM-1.2.7
Failure to comply with Article 68(bis(2)) of the CBB Law and Paragraph CM-1.2.6 may result in an enforcement action taken against the CRB member, as well as the relevant employee in accordance with CBB Law.
Added: July 2020CM-1.3 CM-1.3 Credit Policy
CM-1.3.1
A properly documented credit policy is an essential element of and prerequisite for the credit risk management process. Consistent with the Board's objectives, it assists bank management in the maintenance of proper credit standards and the avoidance of unnecessary risks.
October 07CM-1.3.2
It is prudent to review the credit policy regularly to ensure that once it is established, it remains flexible enough to be current and continues to accomplish its original purpose taking into consideration market developments.
October 07CM-1.3.3
Explicit guidelines in credit policy provide the basis for effective credit portfolio management. A sound credit policy should consider which types of credit products and borrowers the bank is looking for and the underwriting standards the bank will utilize.
October 07CM-1.3.4
A bank's credit policy should address all credit matters of significance including:
(a) Objectives of credit monitoring;(b) Organisation and reporting structure of the credit department;(c)Designated markets and products;(d) Establishment of a credit limit framework;(e) Guidelines for assessment of concentration;(f) Authorisation procedures for the advancement of credit;(g) Establishment of credit committees;(h) Establishment of desirable pricing levels and criteria; and(i) Problem credit identification and administration.Amended: January 2011
October 2007CM-1.3.5
After the credit facility has been granted, its performance should be monitored at regular intervals. This includes an appropriate periodic review of financial statements, a reassessment of
collateral and update of appraisals, and attentive monitoring of conditions in the borrower's industry. Credit supervision constitutes the first line of detection of difficulties and provides the bank with an opportunity to address problems before losses are sustained.October 07CM-2 CM-2 Developing a Sound Credit Culture
CM-2.1 CM-2.1 Overview
CM-2.1.1
Credit culture is defined as the sum total of a bank's approach to managing credit risk, including business strategy, credit policy, shared assumptions about credit, the effectiveness of communications, and the composition and quality of the resulting credit portfolio.
October 07CM-2.1.2
As a matter of best practice, all banks should periodically review their credit cultures in order to reduce future credit losses and also to minimise
reputational risk and damage to their credit ratings.October 07CM-2.1.3
The CBB draws all licensed banks' attention to the September 2000 document issued by the
Basel Committee entitled 'Principles for the Management of Credit Risk'. This document contains 17 principles which all banks should ensure are covered in their credit culture (i.e. policies, procedures, systems and controls) (see www.bis.org/publ/bcbs75.pdf).Amended: January 2011
October 2007CM-2.1.4
Effective from the date of the original circular (see Section CM-A-3), the CBB has used the Basel document mentioned above as a guideline in its evaluation of the credit cultures of banks operating in Bahrain. Evaluation is conducted through prudential meetings, inspection and reporting accountants' reviews.
Amended: January 2011
October 2007CM-2.2 CM-2.2 Elements of a Strong Credit Culture
CM-2.2.1
First, the regulation in this Section is recommendatory in nature (except for the requirements in Paragraph CM-2.2.2 (a)&(e) below), and the guidelines below under the five headings are indicative of best practice. Some of the guidelines may not be appropriate to all relevant licensees. However, if a bank is not following these guidelines, it should consider why it is not doing so.
October 07CM-2.2.2
Secondly, the regulation in this Section is intended as a complement to the September 2000 Paper by the
Basel Committee entitled 'Principles for the Management of Credit Risk' (see Section CM-B.2). This Section does not summarise the Basel Paper, but is intended to be read in conjunction with the above Paper.(a) The Role of the Board of Directors
The Board of Directors must approve all the operating policies of a bank (see principle 1 ofBasel Committee paper 'Framework for Internal Controls Systems in Banking Organisations' – Section CM-B.2).
Given that credit risk is still the major risk that banks are exposed to in their business, particular scrutiny must be paid to credit policies, in terms of various limits as well as in terms of risk strategy. An essential function of the Board is to review and reassess the credit policies of the bank (includingcollateral , provisioning policies and concentration policies) on a periodic basis. The Board should also regularly review overdue and large facilities both in terms of performance, and also in relation to the capital (base) of the bank. The Board should insist upon periodic review/evaluation of internal systems and control weaknesses identified by external/internal auditors and management. Principle 1 of theBasel Committee paper 'Principles for the Management of Credit Risk' (see Section CM B-2) also gives greater detail on the role of the Board in developing a sound credit culture.(b) The Role of the senior management
Senior Management should be involved in regular reviews of outstanding facilities and overdue accounts as well as reviewing changes in activity, turnover or balances in clients' accounts. The role of senior management is covered in depth in Principle 2 ofBasel Committee paper 'Principles for the Management of Credit Risk' – Section CM-B.2 (see also Principle 3 ofBasel Committee paper 'Framework for Internal Controls Systems in Banking Organisations' – Section CM-B.2). However, Senior Management should be involved in the credit review process of (larger) existing facilities, visiting clients, requesting up to date financial statements and verifyingcollateral . Too often, a lack of direct contact by senior management with a problem client has been an identified factor in significant credit losses by banks, whether by way of fraud, or corporate failure.(c) Role of an Independent Risk Management Function
Perhaps the key point to emphasise in Risk Management is that the function must be independent of the senior management and operational functions which are related to business acquisition. The Risk Management function should report to the Board or to senior management related to control functions. The Risk Management function must not only monitor risk, but also control it (i.e. review limits, excesses etc). It must also ensure that risk monitoring systems accurately measure risk in the first place, and that all risks where they occur are, correctly identified (see also Principle 6 ofBasel Committee paper 'Framework for Internal Controls Systems in Banking Organisations' – Section CM-B.2).(d) Effective Internal Systems and Controls
Well implemented sound policies and procedures maintain credit standards, enable monitoring and control of credit risk, and identify problem credits in a timely manner (see Principle 2 ofBasel Committee paper 'Principles for the Management of Credit Risk' – Section CM-B.2 for more detail). Sound policy and administrative requirements also apply equally strongly to existing facilities as well as new ones (see Principle 8 ofBasel Committee paper 'Principles for the Management of Credit Risk' – Section CM-B.2). Policies and procedures should allow a thorough understanding of thecounterparty , the purpose of the credit facility and the source of repayment (Principle 4 ofBasel Committee paper 'Principles for the Management of Credit Risk' – Section CM-B.2) to be gained by the Risk Management function in its assessment of thecounterparty for risk profiling purposes, (see also Principle 6 ofBasel Committee paper 'Framework for Internal Controls Systems in Banking Organisations' – Section CM-B.2 and Section E of the paper issued by theCounterparty Risk Management Policy Group - 'ImprovingCounterparty Risk Management' – see Section CM-B.2). Banks should seek to utilise internal rating systems to manage credit risk and to set adequate provisions on a timely basis (see Principle 10 ofBasel Committee paper 'Framework for Internal Controls Systems in Banking Organisations' – Section CM-B.2).(e) The Role of Internal Audit
Internal audit function must, on an on-going basis, monitor the system of internal controls because it provides an independent assessment of the adequacy of, and compliance with, the established policies and procedures. Internal audit function must report directly to the highest levels of the banking organisation, typically the Board of Directors or its audit committee, and to senior management. This allows for the proper functioning of corporate governance by giving the Board information that is not biased in any way by the levels of management that the reports cover.Amended: October 2011
October 2007CM-2.3 CM-2.3 Name-financing
CM-2.3.1
Banks are exposed to credit risk when they provide large credit facilities on a 'clean' basis (i.e. without
collateral orsecurity ). This risk is amplified, specifically, when such clean name financing is made without adequate (up to date) financial information.October 07CM-2.3.2
In many banks there is a tendency to indulge in '
name-financing ' without any credit analysis or understanding of the concernedcounterparty 's current outstanding facilities from other banks. The CBB strongly discourages the banks to engage in such activities in order to minimise their credit risk and reputation risk.Amended: January 2011
October 2007CM-3 CM-3 Assessment of Credit Quality
CM-3.1 CM-3.1 Overview
CM-3.1.1
A realistic assessment of credit quality is an essential feature of effective credit risk management. The starting point for a systematic review of credit quality is a comprehensive review of the bank's written credit policies and practices. These include, but are not limited to:
(a) Credit approval procedures;(b) Credit underwriting criteria; and(c) Credit administration process.Amended: January 2011
October 2007CM-3.1.2
Credit quality is a relative concept based on performance prospects and external variables. Trends in the economy, and changes in markets and prices of goods affect the evaluation of credit facility repayment value. Assessing credit risk is a dynamic concept which needs to take into account the business cycle and the economic environment.
October 07CM-3.1.3
The objectives of the credit assessment are to determine:
(a) Whether the applicant / customer will have sufficient future liquid resources to honour credit obligations according to the agreed terms;(b) Whether the applicant's / customer's present and future prospects indicate that they will continue as agoing concern in the foreseeable future;(c) Is the applicant / customer of sufficient integrity; and(d) To what extent does anysecurity offered affect the risk inherent in the facility.Amended: January 2011
October 2007CM-3.1.4
To help improve prudential oversight of credit quality, the CBB, in this Module, seeks to establish a set of broad rules that are useful in identifying and containing the impact of impaired assets within banks.
Amended: January 2011
October 2007CM-3.2 CM-3.2 Credit Grading System
CM-3.2.1
The banks should have in place appropriate credit grading systems (classification) to help assess asset quality and credit exposures including performing receivables.
October 07CM-3.2.2
Credit grading systems offer a number of benefits. Analysis of a bank's entire book can reveal important insights to bank's management in the functioning and ultimately the health of the bank. Credit grading systems provide the means for a more systematic assessment of asset quality. They are particularly useful in assisting in the early detection of asset quality problems within a bank by highlighting credit with above normal risks.
October 07CM-3.2.3
The CBB does not favour the imposition of a standard credit grading system for all banks. Instead, the CBB will rely, wherever possible, upon the credit grading system adopted by each bank. This preference reflects the fact that banks generally have devoted significant resources to developing grading systems that best fit their individual product mix.
Amended: January 2011
October 2007CM-3.2.4
Each bank is hence required to provide to the CBB a statement of its current policy in respect of its credit grading system (including definitions used to classify
exposures ). Banks that do not intend to implement a credit grading system should indicate to the CBB their reason for not doing so. The CBB expects to have the endorsement of the Board of the bank concerned.Amended: January 2011
October 2007CM-3.2.5
Banks looking to implement a credit grading system, or to update their current system, should consider the following points:
(a) The system should cover a broad range of the bank's asset portfolio, including unrestricted investment accounts, restricted investment accounts and other off-balance sheetexposures ;(b) The system should cover both performing and impaired assets - it is common for grading systems to have sufficient range of grades, coveringexposures with the lowest risk to those where losses are expected;(c) Banks should detail credit grading system in a credit policy statement, and should develop procedures for the determination and regular review of the credit risk grades;(d) Banks should establish formal forums in the form of committees to review the compliance with the credit policy parameters and the concentration ofexposure attributable to various economic and industrial sectors in accordance with the credit policy;(e) Particular attention should be given to those facilities which involve a higher than normal risk, or which are impaired;(f) It is imperative that the policies relating to the provisioning for Islamic banks should be clearly laid down, fully identifying provisions relating to assets financed by own funds and those by theinvestment account holders; and(g) Facilities should, at minimum, include four categories along the following lines:(i) 'Standard credits' are those, which are performing, as the contract requires. There is no reason to suspect that the creditor's financial condition or collateral adequacy has depreciated in any way. The bank is very likely to extend additional funds to this borrower if requested (subject to internal or legal credit restrictions);(ii) 'Substandard credits' are inadequately protected by the paying capacity of the obligor or by the collateral pledged. They are characterized by the distinct possibility that the bank will sustain some loss if the deficiencies are not corrected. Loss potential, while existing in the aggregate amount of Substandard assets does not have to exist in individual assets classified Substandard;(iii) 'Doubtful credits' have all the weaknesses inherent in a credit classified as Substandard with the added characteristic that the weaknesses make collection or liquidation in full, on the basis of currently existing facts, conditions, and values, highly questionable or improbable. The possibility of Loss is extremely high, but because of certain important and reasonably specific pending factors which may work to the advantage and strengthening of the asset, its rating as an estimated Loss is deferred until its more exact status may be determined; and(iv) 'Loss credits' are considered uncollectible and of such little value that their continuance as assets is not warranted. The rating does not mean that the asset has absolutely no recovery or salvage value, but rather that it is not practical or desirable to defer writing off this basically worthless asset even though partial recovery may be affected in the future.Amended: April 2011
October 2007CM-3.3 CM-3.3 Impairment of Assets and Provisioning
Impairment of Assets
CM-3.3.1
Banks are required to place on a non-accrual basis any facility where there is reasonable doubt about the collectability of the receivable irrespective of whether the customer concerned is currently in arrears or not. This acknowledges the reality that recognition of impaired assets will have a high degree of subjectivity attached to it.
October 07CM-3.3.2
Impaired assets should be classified into one of the following categories:
(a) Non accrual items;(b) Restructured items; or(c) Other assets acquired through security enforcement, including 'other real estate owned'.October 07CM-3.3.3
For the purpose of this Module, the following definition of non-accrual items applies:
(a) Financing facilities andinvestments where there is reasonable doubt about the ultimate collectability of principal within a time frame established by the bank. Non-accruals would include all facilities against which a specific provision has been established, or a write-off taken even if the facility is not in breach of contractual requirements. Refer to AAOIFI's FAS 11 on recognition of provisions and reserves; and(b) Financing facilities andinvestments , not included in (a), where contractual payments of the principal are 90 or more consecutive days in arrears, and where the 'fair value' of security is insufficient to cover repayment. In line with the principles outlined above, a facility should be classified as non-accruing earlier than 90 days where it is evident that full, or partial repayment of the amount is unlikely even though the full extent of the loss cannot be clearly determined.Amended: April 2012
October 07Provisioning
CM-3.3.4
Banks must maintain an adequate level of provisioning against the impairment of assets and problem exposures if their earnings and capital adequacy are to be measured correctly.
October 07CM-3.3.5
As a general rule, where there is a doubt about the collectability of a receivable, and security exists, provisions should equal the carrying value of the receivable less the net current market value of security.
October 07CM-3.3.6
Provisions of either type (specific or general) are made in relation to receivables, financing and investment assets in cases where there is doubt regarding collectability or an impairment of value. Refer to AAOIFI's FAS 11: Provisions and Reserves.
October 07CM-3.3.7
Provisioning should be carried in the respective books including bank's own books, unrestricted investment account holders' books and restricted investment account holders' books.
October 07CM-3.3.8
A general provision is an amount set aside to reflect a potential loss that may occur as a result of currently unidentifiable risks in relation to receivables, financing or investment assets. The amount reflects estimated losses affecting these assets attributable to events that have already occurred at the date of the statement of financial position, and not estimated losses attributable to future events.
October 07CM-3.3.9
The policy for provisioning should clearly contain provisions for segregating provisions relating to assets financed by own funds and those financed by investment account holders. In devising the policy, reference should be made to the Mudaraba contract.
October 07CM-3.3.10
A specific provision is an amount set aside to reflect an estimated impairment of value of a specific type of asset. In the cases of investment assets, it is the amount needed to write the assets down to cash equivalent value if this is lower than cost. Refer to AAOIFI's FAS 11: Provisions and Reserves.
October 07CM-3.4 CM-3.4 Provisions Against Sovereign Credit
CM-3.4.1
The CBB has consistently encouraged banks to maintain adequate provisions against credits to borrowers experiencing difficulties and against credits for countries with current or potential credit servicing difficulties.
Amended: January 2011
October 2007CM-3.4.2
In all cases the assessment of credits - and decisions regarding adequate provisions - are assisted by the categorization of credits as defined by the CBB in Section CM-3.2. In addition, with regard to '
sovereign credit ' it is particularly important that the size of the provisions made should be based on the identification and objective assessment of the nature and extent of difficulties being experienced by particular countries and reflect as near as possible deterioration in the prospects for recovering credits. With these objectives in mind, the Sovereign Credit Provisioning Matrix (see Appendix CM-1) contains a list of measurements which have been designed to help identify those borrowers and countries with payment difficulties and to decide what would constitute adequate provisions.Amended: January 2011
October 2007CM-3.4.3
It is emphasized that this Section and the Sovereign Credit Provisioning Matrix (see Appendix CM-1) are merely a general framework for assessing degrees of provisions. They should not be regarded as an exhaustive or definitive framework. Nevertheless, the CBB does intend to include the results of banks' calculations in its discussions with them, and to establish that adequate provisions are being made.
Amended: January 2011
October 2007Implications of International Accounting Standard (IAS) no. 39 on the Provisions Assessed through Sovereign Credit Provisioning Matrix
CM-3.4.4
The banks must continue to apply the Sovereign Credit Provisioning Matrix (see Appendix CM-1) as a benchmark for estimating future recoverable cash receipts. However, if a lower provisioning amount is determined, i.e. lower than the amount identified through the matrix, and the bank intends to book the lower amount, then a meeting must be arranged with the CBB to discuss the issues before booking such provisions.
Amended: July 2011
Amended: January 2011
October 2007CM-3.5 CM-3.5 Collateral
CM-3.5.1
The extension of credit is often supported by
collateral provided by the customer or third parties. When the credit decision is based oncollateral value, independent timely appraisals of thecollateral should be obligatory, including provision for sufficient security margins.October 07CM-3.5.2
In principle,
collateral can improve the credit grading of a customer, but experience suggests that over-reliance oncollateral is unsound because very often when a credit facility goes sour thecollateral turns out to have less value than estimated or is, at worst, illusory.October 07CM-3.5.3
Misjudgements about collectability are frequently the cause;
collateral is often illiquid, difficult to value during periods of financial distress and costly to realise through foreclosure or other legal means. Particular concern may be appropriate in the case ofcollateral in the form of real estate, as it involves additional uncertainties and the costs of maintaining the property.October 07CM-3.5.4
As a matter of principle,
collateral should not replace a careful assessment of the borrower's ability to repay.October 07CM-3.6 CM-3.6 Country and Transfer Risks
CM-3.6.1
The CBB requires all
Islamic bank licensees to set out their policy on country and transfer risks, including the criteria on downgrading a country exposure from stage 1 to stages 2 or 3, and related provisioning requirements, in a policy statement which must be approved by the CBB.Added: July 2017
CM-3.6.2
For the purpose of Paragraph CM-3.6.1,
Islamic bank licensees , may consider the sovereign risk matrix factors, stipulated in Appendix CM-1 (Sovereign Debt Provision Matrix), and any other factors.Added: July 2017
CM-3.6.3
Branches of foreign Islamic bank licensees must satisfy the CBB that equivalent arrangements are in place at the parent entity level, otherwise a policy statement is required in line with paragraph CM-3.6.1.Added: July 2017
CM-3.6.4
The policy statement set in Paragraph CM-3.6.1 must be implemented with effect from 1st January 2018.
Added: July 2017
CM-4 CM-4 The Monitoring and Control of Large Exposures of Banks Licensed by the CBB
CM-4.1 CM-4.1 Overview
CM-4.1.1
The CBB's directives on large
exposures for banks in Bahrain is issued as part of the CBB's measures to encourage banks to mitigate risk concentrations.Amended: January 2011
October 2007CM-4.1.2
The contents of this Chapter apply in full to
Bahraini Islamic bank licensees on a consolidated basis.Amended: January 2015
Amended: April 2014
Amended: January 2011
October 2007CM-4.1.3
Islamic banks, through the PIR forms (see Module CA), must notify the CBB of the
subsidiaries to be consolidated for reporting purposes.Amended: January 2015
Added: January 2011CM-4.2 CM-4.2 The Measure of Exposure
CM-4.2.1
For large
exposure (s) purposes, the measure ofexposure reflects the maximum loss that will arise should a counterparty fail, or the loss that may arise due to the realisation of any financing assets, shareholdings or otherexposures or off-balance sheet positions, or losses experienced due to non-repayment of facilities granted. In the case of undrawn L/C or similar facilities, the advised limit must be included in the measure ofexposure . In particular for Islamic banks, the measure ofexposure also includes facilities or transactions or purchases of assets where the bank itself is not exposed, but is committing client funds through arrangements such as a wakala. In certain cases (particularly off-balance sheet items or derivatives), the measure of a largeexposure may be larger than that used in published financial statements. Consistent with this, anexposure encompasses the amount at risk arising from a bank's:(a) Claims on a counterparty including actual claims, and potential claims which would arise from the drawing down in full of undrawn advised facilities (whether revocable or irrevocable, conditional or unconditional) which the bank has committed itself to provide, and claims which the bank has committed itself to purchase or underwrite. Such claims would include but are not limited to:(i) Financing and other credit facilities whether or not drawn;(ii)Exposures arising through lease agreements;(iii) Margin held with exchanges or counterparties;(iv) Claims under Shari'a compliant derivative contracts such as swaps and similar contracts on profit rates, foreign currencies, equities, securities, or commodities;(v) Claims arising in the course of settlement of securities transactions;(vi) Receivables such as fees or commissions;(vii) Claims arising in the case of forward sales and purchases of financial instruments in the trading or banking books;(viii) Amounts outstanding under sale and repurchase agreements, forward asset purchase agreements, buyback agreements, secured financing or similar transactions;(ix) Sukuk, bills or other non-equity financial instruments; and(x)Underwriting exposures for sukuk, bills, or other non-equity financial instruments.(b)Contingent liabilities arising in the normal course of business, and thosecontingent liabilities which would arise from the drawing down in full of undrawn advised facilities (whether revocable or irrevocable, conditional or unconditional) which the bank has committed itself to provide. In the case of an undrawn L/C or similar facility, the advised limit must be included in the measure ofexposure . Such liabilities may include:(i) Direct credit substitutes (including guarantees, standby letters of credit, bills accepted but not held by the reporting bank, and endorsements creating payable obligations);(ii) Claims sold with recourse (i.e. where the credit risk remains with the reporting bank);(iii) Transaction related contingents not having the character of direct credit substitutes (e.g. performance bonds, bid bonds, transaction-related L/Cs etc); and(iv) Undrawn documentary letters of credit issued or confirmed;(c) Any other assets or transactions whose value depends wholly or mainly on a counterparty performing his obligations, or whose value depends upon that counterparty's financial soundness but which do not represent a claim on the counterparty. Such assets or transactions include:(i) Equities and othercapital instruments (including significant investments in commercial entities—see CM-4.4.1.E for definition);(ii) Convertible Murabahas or other similar instruments.(iii) Exposures arising from arrangements that have been entered into by the reporting bank for the purpose of providing credit protection;(iv)Underwriting or purchase commitments for equities; and(v) Claims on fund managers. Banks must regard assets placed with third parties under management asexposures . Under no circumstances may a bank place funds with fund managers (or mudaribs or trustees) that also act as custodian; and(d) Any other assets, receivables or transactions (whether on or off- balance sheet), which constitute a claim (or potential claim) for the customers of the bank which are not included in (a), (b) or (c) above. In particular, it includesexposures where the bank is committing client funds through arrangements such as a wakala.Amended: January 2015
Amended: April 2011
Amended: January 2011
October 2007CM-4.2.2
As a general rule,
exposures must be reported on a gross basis (i.e. no offset). However, debit balances on accounts may be offset against credit balances on other accounts with the bank if:(a) A legally enforceable right of set off exists in all cases (as confirmed by an independent legal opinion addressed to the bank) in respect of the recognised amounts;(b) The debit and credit balances relate to the same customer or to customers in the same group (for a group facility, a full cross guarantee structure must also exist before debit balances on accounts may be offset against credit balances i.e. full multilateral guarantees must be in place between all the companies within the group); and(c) The bank intends either to settle on a net basis, or to realise the debit balances and settle the credit balances simultaneously; and(d) The transactions are subject to the regulation in respect of close-out netting under market contract whenever it is applicable (see Appendix CM-4).Amended: January 2015
Amended: July 2011
Amended: April 2011
Amended: January 2011
October 2007CM-4.2.3
Large exposures are calculated using the sum of the nominal amounts before the application of the risk weighting and credit conversion factors for:
(a) On-balance sheet claims;(b) Guarantees and other contingent claims; and(c) Potential claims in the case of undrawn facilities.The amount at risk from Shari'a compliant
derivative contracts is taken to be the credit equivalent amount calculated based on the guidelines for the prudential returns (see module CA). In the case of equityexposures , the current fair value as shown in the books of the bank must be taken as the measure ofexposure .Amended: July 2011
Amended: January 2011
October 2007CM-4.2.4
In case of syndicated facilities, the nominal amount would include only the bank's share of the syndication (financed by unrestricted investment accounts, current accounts and bank's own funds) and any amounts for which binding commitments from other financial institutions are not available. Where a binding commitment is available, that amount would be excluded in calculation of the large
exposures . See Section CM-4.5 for exemptions.Amended: January 2011
October 2007CM-4.2.5
For the purpose of large
exposures , balance sheet claims involving assets acquired to be leased under Ijarah Muntahia Bittamleek should be reflected as anexposure against the lessee. Further, murabaha contracts where assets are held for resale, under a binding promise, suchexposure should be reflected as anexposure to the counterparty which has signed the binding promise. Potential claims in the case of Istisna'a contracts should include the total amount expected to be paid to al-Sani (the seller) and shown as anexposure to al-Mustasni (ultimate buyer).October 07CM-4.2.6
A bank's
exposure arising fromsecurities ' trading operations is calculated as its net long position in a particularsecurity (a short position in onesecurity issue may not be offset against a long position in another issue made by the same issuer). A bank's 'net long position' in asecurity refers to its commitments to buy thatsecurity together with its current holding of the samesecurity , less its commitments to sell suchsecurities .Amended: January 2011
October 2007CM-4.2.7
"Underwriting" is defined as "A binding commitment by the reporting bank to purchase securities issued by, or provide syndicated credit facilities to (as the case may be) an unconnected party ("the issuer" or "the borrower") at a mutually agreed price. Underwriting does not take place if a bank commits to purchase its own securities or securities issued by a party connected to it as there is no transfer of risk; therefore banks may not utilise the limits concerned with these definitions in connection with any commitments to any connected counterparties." Temporary
exposure limits for "underwriting" and otherinvestment business relatedexposures are covered in more detail in paragraphs CM-4.5.2A-F.Amended: July 2012
Added: January 2011CM-4.3 CM-4.3 Identity of Counterparty
CM-4.3.1
For the purposes of measuring
exposures , the counterparty will generally be: the person from whom the concerned funds are receivable (in the case of fees and commissions etc.); the counterparty (customer) in the case of credit facilities; the person guaranteed, and the issuer of a security in the case of a security held; or the party with whom a contract was made in the case of a Shari'a compliant derivative contract.Amended: January 2011
October 2007CM-4.3.2
Where a third party has provided an eligible guarantee, and subject to the guaranteed bank's policy statement not stating otherwise, the guaranteed bank may be permitted to report the
exposure as being to the third party guarantor, rather than the person guaranteed (see Chapter CA-4 for full conditions relating to the recognition of guarantees for regulatory purposes).Amended: January 2015
Amended: January 2011
October 2007CM-4.4 CM-4.4 Limits for Large Exposures
Definitions and Aggregate Limit on Large Exposures
CM-4.4.1
A 'large
exposure ' is anyexposure whether direct or indirect to a counterparty or a group of closely related counterparties which is greater than, or equal to, 10% of the reporting bank's consolidated Total Capital.Amended: January 2015
Amended: January 2011
October 2007CM-4.4.1A
'
Capital instrument ' includes all components of equity capital including ordinary equity, both voting and non-voting, and preference shares. It also includes convertible or hybrid financial instruments which are debt — like in character and which may be converted into equity (such as convertible murabaha). Also for financial institutions and insurance companies, any other financial instruments (such as subordinated debt) which are eligible as regulatory capital should also be included ascapital instruments . Sukuk or senior debt instruments would not normally be regarded as "capital instruments " unless they have convertibility features. Equity-like contracts such as joint venture musharaka contracts (investments but not financing) are also included in this definition. The musharaka stake is classified as acapital instrument at onset.Amended: January 2012
Added: January 2011CM-4.4.1B
'
Acquisition ' means the acquiring by a bank of beneficial or legal ownership ofcapital instruments issued by another entity. This would not include securities underwriting until the expiry of the underwriting period (where separate arrangements apply elsewhere in this Module).Acquisition may also be in the form of exercising of rights to take control ofcapital instruments pledged as collateral. The pledging ofcapital instruments by a customer to a bank as collateral (e.g. for the purpose of obtaining credit) does not in itself mean that an "acquisition " has taken place.Acquisition also does not include the establishment of newsubsidiaries by the bank. Regulatory requirements for the establishment of SPVs andsubsidiaries are contained in Section BR-5-2.Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.4.1C
'
Investment ' is any holding by a bank ofcapital instruments issued by a third party that is not a subsidiary of the bank. Therefore holdings of subordinated debt eligible as regulatory capital issued by another financial institution would be regarded as an "investment ". In this case 'holding' means legal or beneficial ownership ofcapital instruments .Amended: January 2012
Added: January 2011CM-4.4.1D
A bank has "
close links " with:(a) Any person/entity which qualifies as acontroller of the concerned bank as defined in Chapter GR-5;(b) Any entity which is asubsidiary of the bank; and(c) Any entity which is an associate of the bank.Amended: January 2015
Amended: January 2012
Amended: April 2011
Added: January 2011CM-4.4.1E
A "
major investment " is defined as anyacquisition orinvestment in thecapital instruments of another entity by aBahraini Islamic bank licensee which is equivalent to or more than 10% of the Bahraini Islamic bank licensees consolidated total capital.Amended: October 2016
Amended: April 2015
Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.4.1F
[This Paragraph was deleted in January 2015.]
Deleted: January 2015CM-4.4.2
Total Capital has the same meaning as when used in Section CA-1.1.
Amended: January 2015
Amended: January 2011
October 2007CM-4.4.3
The aggregate of large
exposures may not exceed 800% of the bank's consolidated Total Capital (there are separate sub-limits for "Significant investments" in Section CM-4.10),whether funded or not funded, i.e. contingent commitments.Amended: October 2016
Amended: January 2015
Amended: January 2011
October 2007CM-4.4.3A
The CBB requires that any large
exposure , as defined in Paragraph CM-4.4.1, must be priorly approved by the bank's Board of Directors.Added: January 2017CM-4.4.4
[This Paragraph was deleted in January 2015.]
Deleted: January 2015Single Exposure Limits to Unconnected Counterparties
CM-4.4.5
A bank may not incur an
exposure to an individual counterparty or group of closely relatedcounterparties (not connected to the reporting bank) which exceeds the limit below, in respect of the reporting bank's consolidated Total Capital without the prior written approval of the CBB. Where such limit has been exceeded whether with or without the prior approval of the CBB, the excess amount must be risk-weighted at 800%. The following singleexposure limit applies:Direct
exposures (i.e. funded, unfunded on and off balance sheet): A bank may not incur anexposure to an individual counterparty or group of closely related counterparties which exceeds 15% of the reporting bank's consolidated Total Capital without the prior written approval of the CBB. For this purpose, companies/banks with variable capital should not include participation shares in calculating their consolidated Total Capital, since there are governed by Mudaraba contract (profit sharing).Amended: April 2015
Amended: January 2015
Amended: January 2011
October 2007Closely Related Counterparties — Definitions
CM-4.4.6
'Closely related
counterparties ' are two or more counterparties who constitute a single risk because one of them has, directly or indirectly, a controlling interest in the other(s) (i.e. 20% or more voting rights), orcounterparties connected in such a way that the financial soundness of any one of them may affect the financial soundness of the other(s), or the same factors may affect the financial soundness of both or all of them.Amended: January 2015
Amended: January 2011
October 2007CM-4.4.6A
The CBB shall exercise its discretion in considering two or more
counterparties of a bank as closely related on a case by case basis if it finds during its onsite or offsite supervisory review any linkage of such counterparties.Added: January 2017CM-4.4.7
'Controlling interest' means either significant ownership (i.e. ownership of 20% or more of the voting rights) or any other interests (including, but not limited to, the ability to exercise or control the exercising of voting power in the other party) which enable the holder, or which would enable a proposed transferee, thereof to exercise significant influence over the management and business of the other party.
Amended: July 2012
Amended: January 2011
October 2007Limits on Exposures to Connected Counterparties
CM-4.4.8
Exposures to connected counterparties may be justified only when undertaken for the clear commercial advantage of the bank, when negotiated and agreed on an arm's length basis, and when included in the largeexposures policy statement agreed with the CBB.Amended: January 2011
October 2007CM-4.4.8A
A bank may not exceed the individual or aggregate connected counterparty limits shown in Paragraph CM-4.4.13 without the prior written approval of the CBB.
Added: July 2012CM-4.4.9
A bank may not undertake
exposures to its own external auditors. In this context, 'external auditors' refers to the firm/partnership, the partners, the directors and managers of the audit firm.Amended: January 2011
October 2007CM-4.4.9A
Any on-balance sheet utilisation of existing/outstanding restricted investment accounts (RIAs) or any movement of funds between RIAs is not permitted unless specifically permitted under a valid contract between the bank and the relevant
customer .Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.4.10
For the purpose of this Module, 'Connected counterparties' includes companies or persons connected with the bank, including, in particular;
controllers of the bank (and their appointed board representatives) as defined in Chapter GR-5;subsidiaries , associates and related parties of the bank as defined by IFRS; holders ofcontrolled functions in the bank as defined by Module LR-1A and their close family members (as defined by IFRS–IAS 24); members of the Shari'a Supervisory Board.Amended: January 2015
Amended: July 2012
Amended: July 2011
Amended: January 2011
Amended: April 2008
October 2007
CM-4.4.10A
Equity participations in and credit exposures to consolidated banking and financial subsidiaries (see CM-4.2.1(c)) need not be included in exposures to connected counterparties for the sake of the table in CM-4.4.13. Equity participations in and credit or financing exposures to unconsolidated subsidiaries are included in the definition of exposure in order to understand the degree of support the parent is supplying to its unconsolidated subsidiaries on a day-to-day basis.
Added: January 2015CM-4.4.10B
The CBB shall exercise its discretion in applying the definition of connected
counterparties of a bank on a case by case basis if it finds during its onsite or offsite supervisory review any linkage of such counterparties.Added: January 20170% Limit on Exposures to Controllers
CM-4.4.12
Banks must not undertake
exposures tocontrollers as defined in Chapter GR-5 or tosubsidiaries of such (i.e. there is a 0% limit for suchexposures ), however smaller shareholders will be subject to the normalexposure limits outlined in CM-4.4.5. Directors who are alsocontrollers (or the appointed board representatives of suchcontrollers ) are subject to the 0% limit.Amended: January 2015
Amended: January 2011
Amended: April 2008
October 2007
CM-4.4.13
The limits for connected counterparties have been set as follows:
Exposures funded on and off balance sheet (excluding RIAs) as a percentage of consolidated Total Capital
Connected Counterparties Individual Limit Aggregate Limit Controllers and their subsidiaries 0% 0% Approved persons (and their close family members) and Shari'a Board Members10% 25% Associates, other related parties not mentioned above and unconsolidated subsidiaries 15% Total (including senior management and others) 25% Amended: April 2015
Amended: January 2015
Amended: April 2011
Amended: January 2011
Added: April 2008Deductions from Total Capital
CM-4.4.14
The CBB will closely examine all
exposures to companies or persons connected to a bank and will deduct them from the bank's consolidated Total Capital if they are, in the CBB's opinion, of the nature of a capitalinvestment , or provision of long-term working capital, or are made on particularly concessionary terms.Amended: January 2015
Amended: January 2011
Added: April 2008CM-4.4.15
Reciprocal cross-holdings of capital between a bank and its
controllers (see GR-5) which artificially inflate the capital of licensee concerned are not permitted. Any cross-holdings that occur due toacquisitions or takeovers must be deducted from the concerned bank's Total Capital (see also CA-2.4.15).Amended: January 2015
Added: January 2011CM-4.4.16
Any other form of connected lending outside the scope of the above will be dealt with by the CBB on a case-by-case basis.
Added: January 2011CM-4.5 CM-4.5 Exempt or Temporary Exposures
Exempt Exposures to Parties not Connected to the Bank
CM-4.5.1
Certain types of
exposure are exempt from the limits set out above in CM 4.4.5, but prior notification of commitment to suchexposures must be made to the CBB and then retrospectively on a quarterly basis using the Form PIR provided in Appendix BR-5.Amended: April 2011
Amended: January 2011
October 2007CM-4.5.2
These exemptions fall into the following categories and are subject, in each case, to the policy statement as agreed with the CBB:
(a) Short term (i.e. up to 3 months original maturity) interbankexposures to parties not connected to the reporting bank;(b)Exposures to GCC governments, and their Public Sector Entities that do not operate on a commercial basis, as set out in the guidelines to the PIR (see Module CA) where such bodies are not connected to the reporting bank;(c)Exposures to OECD central governments orExposures secured by OECD central government securities/guarantees);(d)Exposures secured by cash or GCC government securities/guarantees;(e) Specific connected short-termexposures agreed with and approved in advance with the CBB, in particular those arising from a group treasury function (see Paragraph CM-4.5.6);(f) Pre-notifiedexposures which are covered by a guarantee from the bank's parent (see Paragraph CM-4.5.7 to CM-4.5.10);(g) Sukuk or other securities issued or guaranteed by the Islamic Development Bank (IDB) and any of itssubsidiaries ;Amended: January 2015
Amended: January 2011
Added: April 2008Temporary Exposure Limits to Commercial Entities not Connected to the Bank
CM-4.5.2A
In certain circumstances outlined below, banks may apply on a case-by-case basis to the CBB for approval of certain underwriting or
investment business relatedexposures above the limits as stated in CM-4.4.5(a), (b), and (c) for periods of up to 3 months where the entity is a commercial entity.Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.5.2B
A bank may not incur an
exposure which arises when a bank enters into a legally binding commitment to underwrite a securities issue or to provide a syndicated financing facility for another commercial entity not connected to the bank, which exceeds 15% of the bank's consolidated Total Capital without the prior written approval of the CBB. The maximum level of suchexposures per counterparty that the CBB may approve must not exceed 30% of the concerned bank's consolidated Total Capital during the three-month period.Amended: April 2015
Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.5.2C
Such securities underwriting
exposures must be included in the trading book policy statement of a bank wishing to use this higher temporary limit. Any residual holdings of securities or syndicated financing commitments held for more than three months from the commitment date of underwriting must be risk-weighted at 800% where there are any excesses above the materiality thresholds outlined in Paragraph CA-2.4.25. Where the lead bank has obtained legally binding irrevocable (i.e. full) commitments from other institutions to participate in the concerned securities issue or to participate in providing the syndicated financing facilities, the lead underwriter or syndicate manager may show participations to the concerned sub-underwriting/ participating institution rather than to the issuer of the security or the obligor. The CBB will not allow any bank to include syndicated credit facilities to, or holdings of securities issued by any of the concerned bank or its connected counterparties (including SPVs connected through ownership, control or establishment) to be included in this temporary 30% limit.Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.5.2D
A bank may not incur any temporary large
exposure arising frominvestment business (where the intention by the concerned bank is to securitize such assets or place them with investors), which exceeds 15% of the bank's consolidated Total Capital without the prior written approval of the CBB. The maximum level of such temporaryexposures that the CBB may approve per individualexposure must not exceed 25% of the concerned bank's consolidated Total Capital for a maximum six-month period. Any suchexposures held for more than six months from the originating date of theexposure must be risk-weighted at 800% where there is any excess above the materiality thresholds mentioned in Paragraph CA-2.4.25. In order for a bank to be allowed suchexposures , it must have in place a written detailed due diligence policy for such business which must be approved by the bank's board of directors and related procedures which must be approved by senior management.Amended: January 2020
Amended: January 2015
Amended: January 2012
Added: January 2011CM-4.5.2E
In order to qualify for these temporary limits, banks must submit a request for each individual
exposure to the CBB and the CBB shall respond within two weeks from the date of receiving a complete set of all required documents. The CBB will take into account any existingexposures to the concerned counterparties in its consideration of any application for such temporary largeexposures limits.Amended: April 2012
Amended: January 2012
Added: January 2011CM-4.5.2F
In the case of any subsequent proposed increment in the amount of
exposure (for example where a limit of 20% has been approved), the CBB's prior approval must be obtained (as outlined above). CBB approval for fair value changes to holdings/ underwritings of securities during the temporary approval period will not be required.Amended: April 2012
Amended: January 2012
Added: January 2011CM-4.5.2G
Temporary large
exposures arising from investment business (where the intention by the concerned bank is to securitize such assets or place them with investors) referred to in Paragraph CM-4.5.2D are not subject to the 'connected counterparty' and significant investments in commercial entities limits and treatments during the six-month period. After the expiry of this period, the limits and deduction treatments relating to significant investments in commercial entities and 'connected counterparties' apply.Amended: January 2015
Added: January 2012Exempt Exposures to Connected Counterparties
CM-4.5.3
Exposures tosubsidiaries which are always fully consolidated on a line-by-line basis for supervisory purposes are exempt from the limits in this Module on a consolidated basis, however banks must observe the largeexposure limits in CM-4.4.13 on a solo basis and the CBB's solo capital adequacy requirements in Module CA.Amended: January 2015
Added: January 2011
CM-4.5.4
Exposures to unconsolidatedsubsidiaries (normally non-financial and outside the scope of regulatory consolidation) are not exempt from the limits in this Module and will be included under the limits forexposures to associates, related parties and unconsolidatedsubsidiaries .Amended: January 2015
Amended: January 2011
October 2007CM-4.5.5
Banks may apply to the CBB to take on a treasury role on behalf of the group as a whole (provided that the group is subject to consolidated supervision by its home supervisor). The CBB's policy regarding the taking on of a treasury role includes
exposures arising from a central risk management function. Suchexposures must be approved by the CBB before they may be exempted.Amended: January 2011
October 2007CM-4.5.6
In the above scenario (Paragraph CM-4.5.5), for example,
exposures of more than 15% of the Total Capital to a parent bank from a subsidiary bank may be permitted where they constitute short term placements or financing of excess liquid funds.Amended: January 2015
Amended: January 2011
October 2007Exposures Undertaken by a Subsidiary Bank
CM-4.5.7
Where
exposures undertaken by a Bahrain subsidiary of an overseas bank are guaranteed by its parent bank, the Bahrain subsidiary bank may be deemed to have anexposure to its parent bank.Amended: January 2011
October 2007CM-4.5.8
Under the terms of this Module (See Paragraph CM-4.5.2(f)), such indirect
exposures to a parent bank may be exempt from the limits on largeexposures if the CBB is satisfied that:(a) Suchexposures have been pre-notified to the CBB for the CBB's approval and are entered into within the terms of a policy agreed by the parent bank;(b) There are guarantees in place from the parent bank to protect thesubsidiary should theexposure become impaired or require to be written off; and(c) In the case of banks, which are the Bahrainsubsidiaries of overseas banks, the supervisory authority of the parent bank has approved theexposures that can be undertaken by the Bahrainsubsidiary .Amended: January 2015
Amended: January 2011
October 2007CM-4.5.9
In the case of a Bahrain incorporated bank's
subsidiary inside Bahrain, in order for anexposure exceeding 15% of Total Capital to be acceptable in thesubsidiary , the Bahrain parent bank must at all times have the capacity to take on theexposure to the third party, without itself exceeding the limit of 15% of its own Total Capital. Also, the totalexposure of the banking group to the customer must be within 15% of the parent bank's consolidated Total Capital.Amended: April 2015
Amended: January 2015
Amended: January 2011
October 2007CM-4.5.10
The Central Bank will need to be satisfied that adequate control systems are in place to ensure that credit risks taken in the group as a whole are properly monitored and controlled.
Amended: January 2011
October 2007CM-4.6 CM-4.6 Reporting of Exposures
CM-4.6.1
All
Islamic bank licensees are required to report their 25 largestexposures to banks as well as their 25 largestexposures to the CBB on a quarterly basis using the Form PIRI provided in Appendix BR-5.Amended: July 2015
Amended: April 2015
Amended: April 2014
Amended: January 2011
Amended: October 2009
October 2007CM-4.6.1A
All
Bahraini Islamic bank licensees must report the financial details of each largeexposure , as defined under Paragraph CM-4.4.1, in Appendix BR-19, as required under Paragraph BR-3.1.7A.Added: July 2015CM-4.6.1B
All
Bahraini Islamic bank licensees must report all theirexposures to connected parties on a monthly basis using the form provided in Appendix BR-10, as required under Paragraph BR-4.3.4.Added: July 2015CM-4.6.2
Banks are required to adopt policies and set internal limits, which will not lead to the
exposure limit(s) referred to above being exceeded as a matter of course.October 07CM-4.6.3
For some banks, the CBB may determine it prudent to set a lower
exposure limits than the ones given in this Module.Amended: January 2011
October 2007CM-4.6.4
Should any bank incur, or may incur an
exposure to an individualcounterparty (other than an exemptexposure ) which results in or may result in it exceeding any of the limits set out above, this must be reported immediately to the CBB for its consideration. Where theexposure or counterparty is not exempt, and action must be taken to immediately bring theexposure back within applicable limits as soon as possible.Amended: July 2011
Amended: January 2011
October 2007CM-4.7 CM-4.7 Policy Statements
CM-4.7.1
The CBB requires each
Bahraini Islamic bank licensee to set out its policy and internal limits on largeexposures , including limits for differing types ofexposures to individual customers, banks, corporates, countries and economic and market sectors, in a policy statement which must be formally adopted by the Board of Directors and then submitted to the CBB. The policy statement must be part of the risk management policy of the bank. Furthermore, banks must not implement significant changes to these policies without prior discussion with the CBB.Amended: April 2014
Amended: July 2011
Amended: January 2011
October 2007CM-4.7.2
The policy statement must identify 'connected
counterparties ' and the bank's policies towards financing to and investing in thesecounterparties .Amended: July 2011
Added: January 2011CM-4.7.3
The bank must explain and justify any requests for exemptions for
exposures to /investments in connectedcounterparties .Amended: July 2011
Added: January 2011CM-4.7.4
Each bank will be expected to justify to the CBB its policy on
exposures to individual counterparties, including the maximum size of anexposure contemplated.Amended: January 2011
October 2007CM-4.7.5
Exposures to counterparties connected with the bank will continue to be particularly closely examined.Amended: January 2011
October 2007CM-4.7.6
The necessary control systems to give effect to a bank's policy on large
exposures must be clearly specified and monitored by its Board.Amended: July 2011
Amended: January 2011
October 2007CM-4.7.7
Banks are required to implement appropriate internal systems and controls to monitor the size of their Total Capital on a daily basis to ensure that the limits detailed in this Module are not exceeded.
Amended: January 2015
Added: January 2011CM-4.8 CM-4.8 Concentrations in Geographic, Economic and Market Sectors
CM-4.8.1
The extent to which a bank may be prudently exposed to a particular geographic, economic and market sector will vary considerably depending upon the characteristics and strategy of the bank, and the sector concerned.
Amended: January 2011
October 2007CM-4.8.2
Concentrations should also be recognized in not just geographic and economic sectors, but also in markets (e.g. individual stock exchanges). The CBB will not apply common maximum percentages to banks' sectoral or market
exposures but, instead, will continue to monitor suchexposures on an individual and general basis.Amended: January 2011
October 2007CM-4.8.3
Banks must specify in their policy statements how they define geographic, economic and market sectors, and what limits apply to differing sectors.
Amended: January 2011
October 2007CM-4.8.4
Exposures and limits for sectors must be reviewed at least quarterly by the Board of Directors.Amended: July 2011
Amended: January 2011
October 2007CM-4.8.5
Banks which have over 10% of their risk adjusted assets in market risk (i.e. the trading book) must also set market risk concentration limits.
October 07CM-4.9 CM-4.9 Major Investments
Credit Risk and Investment Risk
CM-4.9.1
Where a bank acquires a holding of the
capital instruments of another entity, the concerned bank acquires risk in that entity. The riskexposure to a bank through theacquisition of capital is arguably greater than that acquired by providing credit facilities in four ways:(a) The rights of a shareholder are subordinated to those of ordinary creditors in the event of liquidation of the concerned entity.(b) Term credit facilities have an explicit obligation on the borrower to repay the sum advanced or committed. Share capital has no such commitment (with the exception of some subordinated term instruments).Investments in the capital of an entity can only be realized by the sale of the concerned capital instruments to a third party, or by winding up the concerned entity.(c) A capitalinvestment in a third party entity (particularly where theinvestment is significant in size) is a pledge of capital to the concerned entity to fund its longer-term activities. The funds concerned are no longer available to be used by the investor bank to fund its activities.(d) There may be reputational and legal risk to the investing bank, particularly if the bank has a “control relationship” with the concerned entity.Added: January 2011CM-4.9.2
In view of the above, the supervisory treatment of
major investments requires special consideration which goes further than the monitoring of largeexposures of banks as outlined earlier in Chapter CM-4.Amended: October 2016
Added: January 2011CM-4.9.2A
[This Paragraph was moved to Section CM-4.10 in October 2016]
Amended: October 2016
Amended: January 2015
Added: July 2014
Initial Approval Requirement for "Major Investments"
CM-4.9.3
All
Bahraini Islamic bank licensees must obtain the CBB's prior written approval before making a "major investment " (as described in CM-4.4.1E). [This Paragraph was moved to CM-4.9.3A, CM-4.9.3B, CM-4.9.3C and CM-4.9.3D in October 2016].Amended: October 2016
Amended: April 2015
Amended: January 2015
Amended: July 2012
Amended: January 2012
Added: January 2011CM-4.9.3A
All
Bahraini Islamic bank licensees must obtain the CBB's prior written approval before any future increases in the bank's ownership of any of the existingmajor investments in excess of 5% of such exposure.Added: October 2016
CM-4.9.3B
Where the percentage ownership increase is due to revaluation or change in the capital of the bank, the bank must provide a written notification to the CBB, outlining the percentage increase and the reason for such increase.
Added: October 2016
CM-4.9.3C
Where a percentage ownership increase as described in Paragraph CM-4.9.3B occurs, the 800% risk weight rule will apply as it exceeds the single large exposure limit outlined in Section CM-4.4.
Added: October 2016
CM-4.9.3D
Any bank wishing to acquire a "major investment" in another entity must address the points outlined in Paragraph CM-4.9.10 of this Section so that the CBB may make an informed review of the request. Banks must submit such request to the CBB and the CBB shall respond within 2 weeks from the date of receiving a complete set of all the required documents.
Added: October 2016
CM-4.9.4
Any
major investments by aBahraini Islamic bank licensee in thecapital instruments of another entity must be included in the measure of an "exposure " for the purposes of Module CM, i.e. suchmajor investments must be aggregated with all other facilities to a client for the purpose of calculating the level of "largeexposures ".Amended: October 2016
Amended: January 2015
Amended: April 2014
Added: January 2011CM-4.9.5
The CBB reserves the right to require
Bahraini Islamic bank licensees to dispose of anymajor investment acquired without its prior approval. Where a "major investment " is acquired without approval of the CBB, then the entire value of the holding must be deducted from the consolidated Total Capital of the concerned bank. Approval will not be given for "major investments " in entities incorporated in jurisdictions where secrecy constraints exist or there are restrictions on the passage of information to the bank (other than customer confidentiality requirements imposed by financial regulators).Amended: October 2016
Amended: January 2015
Amended: April 2014
Added: January 2011[This Section was deleted in October 2016.]
Deleted: October 2016CM-4.9.6
[This Paragraph was moved to Section CM-4.10 in October 2016]
Amended: October 2016
Amended: January 2015
Amended: April 2014
Added: January 2011CM-4.9.7
[This Paragraph was moved to Section CM-4.10 in October 2016]
Amended: October 2016
Amended: January 2015
Amended: April 2014
Added: January 2011CM-4.9.8
[This Paragraph was moved to Section CM-4.10 in October 2016]
Amended: October 2016
Amended: January 2015
Amended: April 2014
Added: January 2011Other Requirements
CM-4.9.9
If a bank's
close links with another entity prevent effective supervision of the bank (or bank group), the CBB may refuse or revoke a license or require a bank to sell or otherwise dispose of entities within its corporate group, or to restructure the banking group.Added: January 2011CBB Criteria for Assessment of Major Investments by Bahraini Islamic Bank Licensees
CM-4.9.10
In assessing any proposed
major investment mentioned above, the CBB will take into account the following points:(a) The amount of the proposedmajor investment relative to the existing consolidated Total Capital of the bank.(b) Existing capital adequacy ratios on consolidated basis and forecast ratios after themajor investment has gone ahead.(c) The adequacy of information flows from the investee company to the concerned bank.(d) Experience and fit and proper matters relating to the senior personnel associated with the proposedmajor investment .(e) Risks associated with the proposedmajor investment .(f) Disclosure and exchange of (supervisory) information (in the case of a foreigninvestment ).(g) Adequacy of host supervision (in the case of a foreignmajor investment ).(h) Currentinvestments and concentrations inexposures of the concerned bank.(i) The compliance of the concerned bank with the CBB's rules and regulations (e.g. reporting issues), and the adequacy of internal systems and controls.(j) The extent of holdings by any other shareholders (holding 5% or more of the capital of the concerned entity) orcontrollers of the concerned entity.(k) Whether the proposed activities are in line with the Memorandum & Articles of Association of the bank.(l) The accounting treatment of the proposedmajor investment .(m) Whether themajor investment oracquisition relates to a closely-linked party, connected party, orcontroller in any way.(n) The existence of secrecy laws or constraints over supervisory access to the premises, assets, books and records of the concerned entity in which a "major investment " is being acquired.(o) The impact and extent of goodwill and intangibles upon the capital adequacy and balance sheet of the bank on a consolidated basis.(p) The bank's existing and forecast liquidity position (as a result of themajor investment ) and how themajor investment is to be funded (e.g. by the issuance of new capital or sale of otherinvestments ).Amended: October 2016
Amended: April 2015
Amended: January 2015
Added: January 2011CM-4.10 CM-4.10 Limits on 'Significant Investments'
CM-4.10.1
No
Bahraini Islamic bank licensee may have a significant investment in the capital instruments of a commercial entity where the significant investment amount and any otherexposure to the subject entity is more than 15% of the concerned bank's consolidated Total Capital.Added: October 2016
CM-4.10.2
The total amount of a bank's significant investments in unconnected commercial entities may not exceed 60% of the concerned bank's consolidated Total Capital.
Added: October 2016
CM-4.10.3
Any excesses above the limits in Paragraphs CM-4.10.1 and CM-4.10.2 must be risk-weighted according to Paragraph CA-2.4.25.
Added: October 2016
CM-4.10.4
For purposes of this Section, 'significant investments' in a commercial entity is defined as any
investment in thecapital instruments of a commercial entity by aBahraini Islamic bank licensee which is equivalent to or more than 10% of the issued common share capital of the issuing commercial entity.Added: October 2016
CM-4.10.5
This section refers to the treatment of investments in commercial entities which are otherwise not connected to the concerned bank (i.e. the bank's connection to the entity is by way of shareholding or holding of other capital instruments). If a bank is investing in a commercial company where there is a connection by way of mutual directors or mutual parent, or some other relationship that makes the investee a 'related party' as defined by IFRS, then the
major investment must be treated as anexposure to a connected counterparty and the concerned limits and rules forexposures to connected counterparties apply.Added: October 2016
CM-5 CM-5 Staff Credit Facilities
CM-5.1 CM-5.1 Reporting and Compliance
CM-5.1.1
The CBB's prior written consent must be obtained for any credit facilities provided to an employee where the amount of such facility, either singly or when added to an existing facility/existing facilities outstanding to that employee at that date, would be equal to or in excess of BD 100,000 (Bahrain Dinars One Hundred Thousand), or its equivalent in foreign currency. Banks must notify the CBB in writing of any senior employee who fails to discharge his repayment obligations.
Amended: July 2011
Amended: January 2011
October 2007CM-5.1.1A
Where a bank seeks the CBB's prior approval as required under Paragraph CM-5.1.1, in its request, the bank must confirm that the employee credit facility is in line with the bank's board approved policy. The request must also confirm that the bank has made an internal assessment and evaluation when reaching the decision to grant the employee credit facility and that all necessary internal approvals have been obtained.
Added: April 2014CM-5.1.2
Banks must ensure that the provisions of relevant laws (including, specifically, the Bahrain Labour Law) are observed at all times in this area.
October 07CM-6 CM-6 Write-off – Credit Facility
CM-6.1 CM-6.1 Write-offs
CM-6.1.1
All
Bahraini Islamic bank licensees must notify the CBB of any write-off of an exposure of an amount in excess of BD 100,000 (Bahrain Dinars One Hundred Thousand), or its equivalent in foreign currency.Amended: October 2016
Amended: October 2015
Amended: July 2011
Amended: January 2011
October 2007CM-6.1.2
Such notification should be accompanied with documentary evidence showing, beyond reasonable doubt, that the customer does not possess the resources to fulfil the outstanding obligation.
October 07CM-6.1.3
All
Bahraini Islamic bank licensees must obtain the CBB's written no-objection before writing off any of the following:(a)Exposures to or guaranteed by anyapproved persons of the bank or any other CBB licensee;(b) [This Subparagraph was deleted in October 2016];(c)Exposures to controllers, subsidiaries, associates and SSB members of the bank;(d) [This Subparagraph was deleted in October 2015];(e)Exposures to any business entity for which the bank or any of itsapproved persons is a related party such as a board member, a shareholder owning 5% or more, a person assuming a managerial role, a guarantor; and(f)Exposures to anycontroller of another CBBlicensee (as defined in Section GR-5.2 — definition of Controller).Amended: October 2016
Amended: October 2015
Amended: July 2011
Amended: January 2011
Amended: April 2008
October 2007CM-6.1.3A
All branches of foreign banks must obtain the CBB's written no-objection before writing off the exposures listed in CM-6.1.3 from (a) to (f) except for (c).
Added: October 2016CM-6.1.4
All
Islamic bank licensees must notify the CBB of any applicableexposures outlined in Paragraph CM-6.1.3 that are classified as non-performing loans.Amended: October 2016
Added: October 2015CM-6.1.5
In order to comply with Subparagraph CM-6.1.3 (a) and (f),
Islamic bank licensees should refer to the CBB register on the CBB Website which contains a list ofapproved persons andcontrollers of all CBB licensees.Amended: October 2016
Added: October 2015CM-7 CM-7 Consumer Finance
CM-7.1 CM-7.1 Overview
CM-7.1.1
This Chapter sets out various requirements regarding the provision of consumer finance within the Kingdom of Bahrain by CBB licensees. The aim of these requirements is to encourage:
(a) Prudent provision of credit facilities by licensees providing consumer finance; and(b) The transparent disclosure of the full costs and terms on which licensees offer consumer finance.Amended: January 2011
October 2007Application Date
CM-7.1.2
The contents of this Chapter apply to all consumer finance facilities entered into or renewed after 1 January 2005. The application date of the "Code of Best Practice on Consumer Credit and Charging" is 1 September 2007. All Islamic banks which offer consumer finace facilities to residents of Bahrain must follow the Code after 1 September 2007. Failure to observe the requirements of this Chapter or the Code may result in Enforcement Action under Module EN. The Code is attached as Appendix CM-2 in Part B of the Rulebook.
October 07CM-7.2 CM-7.2 The CBB's Approach to Consumer Finance
CM-7.2.1
The CBB favours an open, market-based approach to the operations of licensees, to the extent consistent with its regulatory objectives of ensuring a stable financial system and the fair treatment of licensees' customers.
Amended: January 2011
October 2007CM-7.2.2
Bank licensees are reminded of their obligation to implement a sound internal controls framework, including an effective credit culture (see, for instance, Section CM-2.3). Bank licensees are also reminded of their obligations clearly to display and communicate charges and profit rates (see, for instance, Section BC-4.3).
October 07CM-7.2.3
The CBB has noted the growth in consumer finance as a proportion of outstanding credit facilities over the past few years. The CBB is concerned that this growth should not be at the cost of declining credit quality. Furthermore, the CBB wishes to see further improvements in licensees' transparency in their dealings with their customers, as regards the costs and terms of their lending. Strong competition in this segment of the market increases the need for licensees to be vigilant and to resist pressures to relax standards.
Amended: January 2011
October 2007CM-7.2.4
The measures presented in this Chapter should be viewed as minimum standards, rather than best practice. They are aimed to encouraging prudent extension of credit facilities and full, frank and fair disclosures, rather than dictate comprehensively how licensees should engage in consumer finance. These measures should be read in conjunction with the "Code of Best Practice on Consumer Credit and Charging" which was agreed jointly between the CBB and the Bahrain Association of banks (see appendix CM-2).
Amended: April 2014
October 07CM-7.2.5
These measures will be kept under review in the light of market developments and adjusted accordingly. If the CBB assesses that credit quality and effective transparency are being significantly undermined, then additional prescriptive measures will be considered.
Amended: January 2011
October 2007On-going Effort by the CBB
CM-7.2.6
These measures form part of a wider response by the CBB. The CBB recognizes that a key contributor to ensuring a sounder credit environment is the credit reference bureau.
Amended: January 2011
October 2007CM-7.2.7
The CBB supervisors and examiners will also focus on banks' implementation of the "Code of Best Practice on Consumer Credit and Charging" in their on-going supervision of licensees, to monitor and encourage sound financing practices and disclosure standards.
Amended: January 2011
October 2007CM-7.3 CM-7.3 Definition of Consumer Finance
CM-7.3.1
Consumer finance is the provision of any form of credit facility to an individual excluding:
(a) Any credit facility secured by a first charge on residential property to an individual, where the counterparty lives in, or intends to live in the property;(b) Any credit facility secured by cash or investments, where the security provided more than covers the principal of the credit facility; and(c) The provision of any form of credit to an individual for business purposes where the facility is to be repaid from the business activities of the counterparty.Amended: January 2011
October 2007CM-7.3.2
For the purposes of the Rulebook, 'credit facility' includes personal overdraft facilities, credit cards, ijara or other financing facility.
October 07CM-7.4 CM-7.4 Maximum Limits
Total Repayments Ratio
CM-7.4.1
Licensees may only provide a new consumer facility (or renew, extend or otherwise modify an existing consumer facility) for an amount such that the counterparty's total monthly repayments on all his consumer finance commitments do not exceed 50% of his monthly gross income. This limit may only be exceeded in the circumstances described in Paragraphs CM-7.4.6 and CM-7.4.10.
Amended: July 2011
October 2007CM-7.4.2
When reviewing an applicant for a consumer facility, licensees may only take into consideration regular income. A spouse's income may only be taken into consideration when the credit facility would be in joint names, such that the spouse would also be legally liable for the obligation incurred.
October 07CM-7.4.3
Notwithstanding the above limit, licensees must review in detail an applicant's personal financial standing and ability to service their obligations. Where a spouse's income is being taken into consideration, then their individual circumstances must also be similarly assessed. In many cases, these reviews may require consumer finance repayments to be kept significantly below 50% of monthly gross income.
October 07CM-7.4.4
Licensees must enquire as to applicants' sources of income, their past credit history, their regular outgoings and other financial commitments, including potential liabilities such as guarantees. Particular attention must be paid to housing costs (such as payments to Eskan Bank). A person's regular income, net of consumer finance repayments and other financial obligations, must remain sufficient for that person to support himself and any dependents. Licensees must also take into account likely future trends in income and outgoings, and the impact this may have on the 50% ratio.
Amended: October 2013
Amended: July 2011
October 2007CM-7.4.5
When factoring in credit cards into the repayment limit in Paragraph CM-7.4.1 above, licensees must include 5% of the credit limits available on these facilities. If the amounts outstanding (including profit) under such facilities exceed their limit, then the full amount outstanding must be included in the repayments ratio calculation. Charge cards are not included under this definition.
Amended: October 2016
Amended: July 2011
October 2007CM-7.4.6
In the case of high earners – defined for these purposes as persons earning more than BD 3,000 / month - the 50% limit may be relaxed, providing that the licensee has undertaken the review required in Paragraph CM-7.4.4 above and is satisfied that the counterparty can comfortably support a higher facility service ratio.
October 07CM-7.4.7
The review undertaken to satisfy requirements in Paragraph CM-7.4.4 above must be documented and made available to the CBB's examiners on request. The documentation must include all relevant information used to support the decision to extend credit facilities. In the case of high earners granted a facility in excess of the 50% limit, the documentation must also include a written statement, signed by an appropriate member of management, explaining the justification for relaxing the limit.
Amended: January 2011
October 2007Maximum Tenor Limit
CM-7.4.8
The maximum tenor for instalment consumer finance facilities is seven years. The tenor may not be extended more than twice during the period of the agreement.
October 07CM-7.4.9
The CBB does not believe it prudent for licensees to encourage the provision of credit facilities by offering long-term borrowing to fund short-term consumption. The CBB will review the development of market practices in this respect and will consider further measures if required.
Amended: January 2012
Amended: January 2011
October 2007Non-compliant Facilities
CM-7.4.10
Where a customer's monthly gross income falls (e.g. due to redundancy or disability or a similar event outside the control of the customer), the bank must identify such accounts as 'technically non-compliant'. If a customer requests an extension to the tenor of the facility due to reduced income, then the bank may increase the term to assist the customer. The bank must take account of the 50% limit outlined in Paragraph CM-7.4.1. Such facilities must also be identified as 'technically non-compliant'.
Amended: January 2022
Amended: July 2021
Amended: October 2019
October 07CM-7.5 CM-7.5 [This Section was deleted in October 2012 and requirements are now included in Section BC-4.2
[Deleted]
CM-7.5.1
[This paragraph was deleted in October 2012]
Deleted: October 2012
October 07CM-7.5.2
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: July 2011
October 2007CM-7.5.3
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: October 2011
Amended: April 2011
Amended: January 2011
October 2007CM-7.5.4
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: July 2012
October 07[Deleted]
CM-7.5.5
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: July 2012
October 07CM-7.5.6
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: July 2011
October 2007CM-7.5.7
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: July 2011
October 2007CM-7.5.8
[This paragraph was deleted in October 2012]
Deleted: October 2012
October 07CM-7.5.9
[This paragraph was deleted in October 2012]
Deleted: October 2012CM-7.5.10
[This paragraph was deleted in October 2012]
Deleted: October 2012
Amended: October 2011
October 2007CM-7.5.11
[This paragraph was deleted in October 2012]
Deleted: October 2012
October 07CM-7.5.12
[This Paragraph was deleted in October 2011].
Deleted: October 2011CM-7.6 CM-7.6 Refunds and Prepayments
Refund / Adjustment of Insurance Premium on Financing Prepayments and Top-Ups
CM-7.6.1
Banks/financing companies must refund/adjust proportionately the insurance premium charged on individual credit facilities when the customer either requests for a top up or prepayment of the credit facility as per the prescribed formula below:
Refund/Adjustment Amount = Remaining period to Maturity
X Premium Paid Original Maturity Added: April 2008Early Repayment Fees / Charges
CM-7.6.2
[This paragraph was deleted in April 2018].
Deleted: April 2018
Amended: July 2013
Amended: October 2011
Amended: January 2011
Added: April 2008CM-8 CM-8 Islamic Contracts
CM-8.1 CM-8.1 Overview
CM-8.1.1
[This paragraph was deleted in April 2011].
CM-8.1.2
[This paragraph was deleted in April 2011].
CM-8.1.3
In order to monitor and identify any asset deterioration due to the Islamic contracts, the CBB requires additional disclosures (see Module BR) on the Islamic contracts undertaken by the bank during the period.
Amended: January 2011
October 2007CM-8.1.4
Definitions, disclosure requirements and method(s) of accounting treatments for some of the Islamic contracts are outlined below.
October 07Murabaha
CM-8.1.5
Revenue for the purpose of Murabaha contracts must be recognised on an accrual basis.
October 07CM-8.1.6
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 2: Murabaha and Murabaha to the Purchase Orderer.
October 07Mudaraba
CM-8.1.7
Revenue on Mudaraba contracts may only be recognised to the extent it is being distributed.
October 07CM-8.1.8
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 3: Mudaraba Financing.
October 07CM-8.1.9
As part of its on-going supervision of Islamic banks, the CBB has set out the type of terms and conditions (see Appendix BC-7) which it believes Islamic banks should include, as a minimum, in such contracts.
Amended: January 2011
October 2007Musharaka
CM-8.1.10
Under a Musharaka contract, losses are shared in proportion to the contributed capital. It is not permissible to stipulate otherwise.
October 07CM-8.1.11
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 4: Musharaka Financing.
October 07Salam
CM-8.1.12
As a policy no Salam contracts must be entered into without covering the position through a Parallel Salam contract.
Amended: July 2011
October 2007CM-8.1.13
Where the bank is not able to enter into a Parallel Salam contract it must agree a statement policy with the CBB.
Amended: January 2011
October 2007CM-8.1.14
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 7: Salam and Parallel Salam.
October 07Istisna'a
CM-8.1.15
As a policy no Istisna'a contracts must be entered without covering the position through a Parallel Istisna'a contract.
Amended: July 2011
October 2007CM-8.1.16
In accordance with provisions contained in FAS 10: Istisna'a and Parallel Istisna'a, revenue and profit on such contracts must be recognised on a percentage of completion method.
Amended: July 2011
October 2007CM-8.1.17
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 10: Istisna'a and Parallel Istisna'a.
October 07Ijarah and Ijarah Muntahia Bittamleek
CM-8.1.18
For a detailed definition, disclosure requirements and method(s) of accounting treatment, refer to AAOIFI's FAS 8: Ijarah and Ijarah Muntahia Bittamleek.
October 07Facilities Transferred to Qard Hassan
CM-8.1.19
The CBB's approval must be obtained before any transfer of any
exposures to Qard Hassan if the amount is more than BD 100,000 or its equivalent in foreign currency (see Paragraph BR-5.2.6).Amended: April 2014
Amended: July 2011
Amended: January 2011
October 2007CM-8.1.20
The requirement stated in Paragraph CM-8.1.19 above applies to both on-balance sheet and restricted investment account related
exposures .Amended: January 2011
October 2007OM OM Operational Risk Management [Versions from October 2007 to 31 December 2019]
OM-A OM-A Introduction
OM-A.1 OM-A.1 Purpose
Executive Summary
OM-A.1.1
The Operational Risk Management Module sets out the Central Bank of Bahrain's ('CBB's') rules and guidance to
Islamic Bank licensees operating in Bahrain on establishing parameters and control procedures to monitor and mitigate operational risks. The contents of this Module apply to all Islamic banks, except where noted in individual Chapters.October 07OM-A.1.2
This Module provides support for certain other parts of the Rulebook, mainly:
(a) Principles of Business; and(b) High-level Controls.October 07Legal Basis
OM-A.1.3
This Module contains the CBB's Directive (as amended from time to time) relating to Operational Risk Management and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). The Directive in this Module is applicable to all
Islamic bank licensees (including theirapproved persons ).Amended: January 2012
Amended: January 2011
October 2007OM-A.1.4
For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.
Added: January 2011OM-A.2 [This Chapter was deleted in October 2007]
October 07OM-A.3 OM-A.3 Module History
OM-A.3.1
This Module was first issued in July 2004 as part Volume one of the CBB Rulebook (Volume one). All directives in this Module have been effective since this date. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made; Chapter UG-3 provides further details on Rulebook maintenance and version control.
October 07OM-A.3.2
When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 1 was updated in October 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.
October 07OM-A.3.3
The most recent changes made to this Module are detailed in the table below:
Summary of Changes
Module Ref. Change Date Description of Changes OM-5.1 01/04/05 Physical security measures. OM-4.2 01/10/05 Succession planning for locally incorporated banks. OM-5.1 01/10/05 Clarification of security manager role for smaller banks. OM-B & OM-1.2 01/04/06 Minor amendments concerning roles of Board and management. OM-5.1.15-OM-5.1.24 01/04/06 New security requirements for ATM security arrangements and reporting of security related complaints. OM-A.2.1-OM-A.2.6 01/10/07 Purpose (expanded) OM-A.2.1-OM-A.2.6 01/10/07 Key Requirements (deleted) OM-2.1-2.2&2.4 01/10/07 Relocation of Succession Planning Requirements from OM-4 OM-5.1-OM-5.9 01/10/07 Business Continuity Planning (expanded) OM-7 01/10/07 New Books and Records Chapter transferred from Module GR OM-8 01/04/08 Basel II Qualitative Operational Risk Requirements OM 01/2011 Various minor amendments to ensure consistency in CBB Rulebook. OM-A.1.3 and OM-A.1.4 01/2011 Clarified legal basis. OM-7.1.4 04/2011 This paragraph was deleted as Ministerial Order 23 does not apply to CBB licensees. OM-7.3.4 04/2011 Clarified retention period of records for promotional schemes. OM 07/2011 Various minor amendments to clarify Rules and have consistent language. OM-2.4 07/2011 Amended CBB reporting requirements regarding succession planning. OM-3.1.7 07/2011 Paragraph deleted as no longer applicable since standard conditions and licensing criteria document has now been incorporated as part of Volume 1. OM-6.2 10/2011 Added new Section on internet security. OM-7.1.7 10/2011 Corrected typo. OM-A.1.3 01/2012 Updated legal basis. OM-2.1.4 01/2012 Corrected cross reference. OM-3.2.2 04/2012 Deleted last sentence of Paragraph as it repeats the requirement under Paragraph OM-3.3.1 OM-6.2.2 04/2012 Clarified penetration testing interval for internet security. OM-1.1.4 10/2012 Amended to reflect updated version of Basel Committee document. OM-3.2.6, OM-5.2.1, OM-5.4.8, OM-8 10/2012 Amended to reflect the Basel June 2011 paper on Principles for the Sound Management of Operational Risk. OM-6.2 07/2013 Amended reporting requirements related to internet security measures. OM-6.2.1 10/2013 Amended Rule to apply to all banks. OM-3.7.2 10/2015 Clarified Rule on internal audit outsourcing. OM-6 04/2016 Updated ATM security measures for banks. OM-3.9 07/2016 Added new Section dealing with outsourcing of functions containing customer information. OM-5.10 10/2016 Added new Section on Cyber Security Risk Management OM-6.4.3 10/2016 Corrected cross references OM-6.4.4 10/2016 Corrected cross references OM-6.4.5 10/2016 Corrected cross references OM-6.6 10/2016 Added new Section on Cyber Security Measures OM-3.9.2 01/2017 Amended Paragraph on customer information OM-3.9.6 01/2017 Added new guidance paragraph on customer information OM-6.4.22 04/2017 ATM requirement on Solid Wall deleted. OM-6.4.23 04/2017 ATM requirement on Solid Wall deleted. OM-6.3.1 07/2017 Clarified requirements on compliance date. OM-6.3.2A 07/2017 Added new paragraph on Prohibition of Double Swiping. OM-6.3.2B 07/2017 Added new paragraph on Prohibition of Double Swiping. OM-6.3.2C 07/2017 Added new paragraph on Prohibition of Double Swiping. OM-6.3.2D 07/2017 Added new paragraph on Prohibition of Double Swiping. OM-6.3.2E 07/2017 Added new paragraph on Prohibition of Double Swiping. OM-6.4.21 07/2017 Deleted paragraph. OM-7.2.1 07/2017 Amended paragraph according to the Legislative Decree No. (28) of 2002. OM-7.2.2 07/2017 Deleted paragraph. OM-3.1.2 10/2017 Amended paragraph to allow the utilization of cloud services. OM-3.1.5A 10/2017 Added a new paragraph on outsourcing requirements. OM-3.2.3 10/2017 Amended paragraph. OM-3.3.1 10/2017 Amended paragraph. OM-3.3.2 10/2017 Amended paragraph. OM-3.3.3 10/2017 Amended paragraph. OM-3.3.4 10/2017 Amended paragraph. OM-3.3.5 10/2017 Added a new paragraph on outsourcing. OM-3.4.1 10/2017 Amended paragraph. OM-3.4.2(b) 10/2017 Amended sub-paragraph. OM-3.4.3 10/2017 Deleted paragraph. OM-3.4.5 10/2017 Amended paragraph. OM-3.5.1(a) 10/2017 Amended sub-sub-paragraph no. (5). OM-3.5.1(c) 10/2017 Amended sub-sub-paragraphs no. (2) and (3). OM-3.5.1(e) 10/2017 Amended sub-sub-paragraph no. (3). OM-3.8.3 10/2017 Amended paragraph. OM-3.9.1 10/2017 Amended paragraph. OM-3.9.2 10/2017 Amended paragraph on third party outsourcing of functions. OM-3.9.3 10/2017 Amended paragraph. OM-3.9.4 10/2017 Amended sub-paragraph. OM-3.9.4(b) 10/2017 Amended sub-paragraph. OM-3.9.4(d) 10/2017 Deleted sub-paragraph. OM-3.9.5 10/2017 Deleted paragraph. OM-3.9.7 10/2017 Added a new paragraph for security measures related to cloud services. OM-6.4.6 10/2017 Amended paragraph to include ancillary service providers. OM-6.3.1A 04/2018 Added a new Paragraph on card (EMV) compliance. OM-6.3.1B 04/2018 Added a new Paragraph on "provision of cash withdrawal and payment services through various channels" OM-6.3.2 04/2018 Amended Paragraph to mention "Islamic bank licensees". OM-3.9.2 07/2018 Amended Paragraph to include call centres. OM-3.9.2A 07/2018 Added new Paragraph on customer notification. OM-6.4.15A 10/2018 Added a new Paragraph on drive-thru ATMs. OM-6.4.20A 10/2018 Added a new Paragraph on drive-thru ATMs. OM-6.1.2 07/2019 Amended Paragraph on deployment of Private Security Guards at Head Offices of Licensees. OM-6.3.1C, OM6.3.1D, OM-6.3.1E, OM-6.3.1F 10/2019 Added new Paragraphs on Near Field Communication "NFC". Evolution of the Module
OM-A.3.4
[Deleted in October 2007 updates]
October 07OM-B OM-B General Guidance and Best Practice
OM-B.1 This Section was moved to Chapter OM-1.
OM-1 OM-1 International Guidance and Best Practice
OM-1.1 OM-1.1 Guidance Provided by International Bodies
Guidance Provided by other International Bodies
OM-1.1.1
The papers below provide guidance which promotes best practice and can be generally applied by all licensees to their activities.
October 07Basel Committee: Framework for Internal Controls Systems in Banking Organisations
OM-1.1.2
The paper (see www.bis.org/publ/bcbs40.pdf) issued in September 1998 presents the first internationally accepted framework for supervisors to use in evaluating the effectiveness of the internal controls over all on- and off-balance-sheet activities of banking organisations.
October 07OM-1.1.3
The paper describes elements that are essential to a sound internal control system, recommends principles that supervisors can apply in evaluating such systems, and discusses the role of bank supervisors and external auditors in this assessment process.
October 07Basel Committee: Principles for the Sound Management of Operational Risk
OM-1.1.4
The paper (see www.bis.org/publ/bcbs195.pdf) issued in June 2011 by the
Basel Committee on Banking Supervision, outlines a set of principles that provide a framework for the effective management and supervision of operational risk, for use by banks and supervisory authorities when evaluating operational risk management policies and practices.Amended: October 2012
October 07OM-1.1.5
The paper also recognises that clear strategies and oversight by the Board of Directors and senior management, a strong operational risk culture and internal control culture (including, among other things, clear lines of responsibility and segregation of duties), effective internal reporting, and contingency planning are all crucial elements of an effective operational risk management framework for banks of any size and scope.
October 07Basel Committee: Risk Management for Electronic Banking and Electronic Money Activities
OM-1.1.6
The paper (see www.bis.org/publ) issued in March 1998 provides guidelines for supervisory authorities and banking organisations as they develop methods for identifying, assessing, managing and controlling the risks associated with
electronic banking andelectronic money .October 07OM-1.1.7
The paper indicates that, while providing new opportunities for banks,
electronic banking andelectronic money activities carry risks as well as benefits and it is important that these risks are recognised and managed in a prudent manner.October 07Basel Committee: Risk Management Principles for Electronic Banking
OM-1.1.8
The paper (see www.bis.org/publ) issued in July 2003 recognizes new risks associated with the increase in distribution of financial services through electronic channels, or e-banking. To emphasize the importance of these risks, the Committee has placed responsibility on the shoulders of the Board and senior management to ensure their institutions have analysed, identified and modified operations to mitigate these risks.
October 07OM-1.1.9
To facilitate these developments, the Committee has identified fourteen Risk Management Principles for
Electronic Banking to help banking institutions expand their existing risk oversight policies and processes to cover their e-banking activities.October 07OM-1.1.10
The Risk Management Principles fall into three broad, and often overlapping, categories of issues that are grouped to provide clarity: Board and Management Oversight; Security Controls; and Legal and
Reputational Risk Management.October 07Joint Forum: High Level Principles for Business Continuity
OM-1.1.11
This paper provides a broad framework for business continuity standards, and contains seven principles for regulators and industry participants to follow. It was published in August 2006 and is available in the "publications" section of the Basel Committee portion of the BIS website (www.bis.org).
October 07OM-2 OM-2 General Requirements
OM-2.1 OM-2.1 Overview
OM-2.1.1
This Chapter provides guidance and rules for operational risk and sets out requirements for an appropriate risk management environment, including business continuity, outsourcing and electronic banking. Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and
reputational risk .October 07OM-2.1.2
Operational risk is inherent in all types of banks' activities, and therefore all new products and services should be reviewed for operational risks prior to their implementation. As these risks are important and can result in substantial losses, bank auditors should include operational audits in the scope of all audits.
October 07OM-2.1.3
The importance of operational risk has gained prominence as increasing reliance on sophisticated technology raises concerns of potential losses should unforeseen events cause technological failures. Banks have traditionally focused on controlling and mitigating credit and liquidity risks, however, enhanced levels of automation, while reducing costs and processing times, also pose potential risks. As such any one process or system failure may itself or through a series of systematic failures, cause financial or other losses to a bank. Therefore, it has become imperative that banks should establish policies and procedures to monitor and control operational risks.
October 07OM-2.1.4
The CBB will use the papers mentioned in Paragraphs OM-1.1.1 to OM-1.1.11 as guidelines in evaluation of the internal control systems of banks operating in Bahrain. Such evaluations will be made through the CBB's normal supervisory processes (e.g. meetings with management, on-site examinations (Module BR) and the use of
appointed experts (Section BR-6.5).Amended: January 2012
Amended: January 2011
October 2007OM-2.2 OM-2.2 Developing an Appropriate Risk Management Environment
OM-2.2.1
It must be standard practice for a bank's management to implement policies and procedures to manage risks arising out of a bank's activities. The bank must maintain written policies and procedures that identify the risk tolerances approved by the Board of Directors and must clearly delineate lines of authority and responsibility for managing the risks. Banks' employees and loan officers in particular must be fully aware of all policies and procedures that relate to their specific duties.
Amended: July 2011
October 07OM-2.2.2
The bank's strategy must define its tolerance for risk and lay out the Board's understanding of the specific characteristics of operational risk.
October 07The Board of Directors
OM-2.2.3
The Board of Directors must be aware of the major aspects of the bank's operational risk as a distinct and controllable risk Category.
Amended: July 2011
October 07OM-2.2.4
The responsibilities of the Board of Directors of the bank must include:
(a) Approving the bank's operational risk strategy;(b) Periodically reviewing the bank's operational risk strategy;(c) Approving the basic structure of the framework for managing operational risk; and(d) Ensuring that senior management is carrying out its risk management responsibilities.October 07Senior Management
OM-2.2.5
The responsibilities of the senior management of the bank must include:
(a) Implementing the operational risk strategy approved by the Board of Directors;(b) Ensuring that the strategy is implemented consistently throughout the whole banking organisation;(c) Ensuring that all levels of staff understand their responsibilities with respect to operational risk management;(d) Developing and implementing policies, processes and procedures for managing operational risk in all of the bank's products, activities, processes and systems;(e) Developing succession plans for senior staff; and(f) Developing Business Continuity Plans for the bank.October 07Management Information System
OM-2.2.6
The management information system of a banking organisation plays a key role in establishing and maintaining an effective operational risk management framework.
October 07OM-2.2.7
'Communication flow' serves the purpose of establishing a consistent operational risk management culture across the bank. 'Reporting flow' enables:
(a) Senior management to monitor the effectiveness of the risk management system for operational risk; and(b) The Board of Directors to oversee senior management performance.Amended: January 2012
October 07
OM-2.3 OM-2.3 Identification, Measurement, Monitoring and Control
OM-2.3.1
As part of an effective operational risk management system, banks must:
(a) Identify critical processes, resources and loss events;(b) Establish processes necessary for measuring operational risk;(c) Monitor operational risk exposures and loss events on an on-going basis; and(d) Develop policies, processes and procedures to control or mitigate operational risk.October 07OM-2.3.2
Banks should assess the costs and benefits of alternative risk limitation and control strategies and should adjust their operational risk exposure using appropriate strategies, in light of their overall risk profile.
Amended: January 2012
October 07OM-2.4 OM-2.4 Succession Planning
OM-2.4.1
Succession planning is an essential precautionary measure for a bank if its leadership stability — and hence ultimately its financial stability — is to be protected. Succession planning is especially critical for smaller institutions, where management teams tend to be smaller and possibly reliant on a few key individuals.
October 07OM-2.4.2
The CBB requires locally incorporated banks to document their Board-approved
succession plans for their senior management team and have these ready at any time for onsite inspection by CBB staff.Amended: July 2011
Amended: January 2011
October 2007OM-2.4.3
[This Paragraph was deleted in July 2011].
OM-3 OM-3 Outsourcing
OM-3.1 OM-3.1 Introduction
OM-3.1.1
This Chapter sets out the CBB's approach to outsourcing by licensees. It also sets out various requirements that licensees must address when considering outsourcing an activity or function.
Amended: January 2011
October 2007OM-3.1.2
In the context of this Chapter, 'outsourcing' means an arrangement whereby a third party performs on behalf of a licensee an activity which was previously undertaken by the licensee itself (or in the case of a new activity, one which commonly would have been performed internally by the licensee). Examples of services that are typically outsourced include data processing, cloud services, customer call centres and back-office related activities.
Amended: October 2017
October 07OM-3.1.3
Most of the Directives in this Chapter are concerned with situations where the third party provider is outside the licensee's group. Section OM-3.8, however, sets out the CBB's requirements when a service is outsourced to a company within the licensee's group.
Amended: January 2011
October 2007OM-3.1.4
The requirements in this Chapter only apply to 'material' outsourcing arrangements. These are arrangements that, if they failed in any way, would pose significant risks to the on-going operations of a licensee, its reputation and/or quality of service provided to its customers. For instance, the outsourcing of all or a substantial part of functions such as customer sales and relationship management, settlements and processing, IT and data processing and financial control, would normally be considered 'material'.
October 07OM-3.1.5
Management should carefully consider whether a proposed outsourcing arrangement falls under this Chapter's definition of 'material'. If in doubt, management should consult with the CBB.
Amended: January 2011
October 2007OM-3.1.5A
For outsourcing services that are not considered material outsourcing arrangements, licensees must submit a written notification to the CBB before committing to the new outsourcing arrangement.
Added: October 2017OM-3.1.6
The requirements in this Chapter only apply to outsourcing arrangements entered into after May 2003. In the case of pre-existing outsourcing agreements, the CBB requires licensees to apply the requirements of this Chapter to the fullest extent possible when these arrangements are subsequently renewed.
Amended: January 2011
October 2007Legal Source
OM-3.1.7
[This Paragraph was deleted in July 2011].
OM-3.2 OM-3.2 Supervisory Approach
OM-3.2.1
The CBB recognises the benefits that can potentially be achieved through outsourcing an activity to a third party provider. They can include reduced costs, enhanced service quality and a reduction in management time spent on non-core activities. However, outsourcing an activity also poses potential risks. These include the ability of the service provider to maintain service quality levels, reduced control over the activity and access to relevant information, and increased legal and client confidentiality risks.
Amended: January 2011
October 2007OM-3.2.2
The CBB's approach is to allow licensees the freedom to enter into outsourcing arrangements, providing these have been properly structured and associated risks addressed.
Amended: April 2012
Amended: January 2011
October 2007OM-3.2.3
The CBB expects licensees to have undertaken a thorough assessment of a proposal before formally submitting the request for prior approval to the CBB. However, the CBB is also willing to discuss ideas informally at an early stage of development, on a 'no-commitment' basis. It especially encourages an early approach when the proposed outsourcing is particularly material or innovative.
Amended: October 2017
Amended: January 2011
October 2007OM-3.2.4
Once an outsourcing arrangement has been implemented, the CBB requires a licensee to continue to monitor the associated risks and the effectiveness of its mitigating controls. It will verify this through the course of its normal on-site and off-site supervisory processes, such as prudential meetings and on-site examinations. The CBB also requires access to the outsourced activity, which it may occasionally want to examine itself, through management meetings or on-site examinations.
Amended: January 2011
October 2007OM-3.2.5
Fundamental to the CBB's supervisory approach to outsourcing is that the Board and management of the licensee may not abdicate their responsibility for a licensee's business and the way its customers are treated. The Board and management remain ultimately responsible for the effectiveness of systems and controls in outsourced activities.
Amended: January 2011
October 2007OM-3.2.6
The board and
senior management are responsible for understanding the operational risks associated with outsourcing arrangements and ensuring that effective risk management policies and practices are in place to manage the risk in outsourcing activities. Outsourcing policies and risk management activities should encompass:(a) Procedures for determining whether and how activities can be outsourced;(b) Processes for conducting due diligence in the selection of potential service providers;(c) Sound structuring of the outsourcing arrangement, including ownership and confidentiality of data, as well as termination rights;(d) Programmes for managing and monitoring the risks associated with the outsourcing arrangement, including the financial condition of the service provider;(e) Establishment of an effective control environment at the bank and the service provider;(f) Development of viable contingency plans; and(g) Execution of comprehensive contracts and/or service level agreements with a clear allocation of responsibilities between the outsourcing provider and the bank.Added: October 2012OM-3.3 OM-3.3 Prior Approval Requests
OM-3.3.1
A licensee must seek the CBB s prior written approval before committing to a new material outsourcing arrangement.
Amended: October 2017
Amended: January 2011
October 2007OM-3.3.2
The above request for prior approval must:
(a) Be made in writing to the licensee's normal supervisory contact;(b) Contain sufficient detail to demonstrate that relevant issues raised in Section OM-2.4 onward of this Chapter have been addressed; and(c) Be made at least 6 weeks before the licensee intends to commit to the arrangement.Amended: October 2017
October 07OM-3.3.3
The CBB will review the information provided and provide a definitive response within 6 weeks of receiving the request for prior approval. Where further information is requested from the licensee, however, the time taken to provide this further information will not be taken into account. The CBB may also contact home or host supervisors of the licensee or the service provider, to seek their comments — in such cases, the 6-week turnaround is also subject to the speed of their response.
Amended: October 2017
Amended: January 2011
October 2007OM-3.3.4
Once an activity has been outsourced, a licensee must immediately inform its normal supervisory contact at the CBB of any material problems encountered with the outsourcing provider. The CBB reserves the right to direct a licensee to make alternative arrangements for the outsourced activity.
Amended: October 2017
Amended: January 2011
October 2007OM-3.3.5
The CBB reserves the right to require a licensee to terminate or make alternative outsourcing arrangements if, among other reasons, the confidentiality of its customer information was, or is likely to be, breached or the ability of the CBB to carry out its supervisory functions in view of the outsourcing arrangement cannot be assured or executed.
Added: October 2017OM-3.4 OM-3.4 Risk Assessment
OM-3.4.1
Licensees must undertake a thorough risk assessment of an outsourcing proposal, before formally submitting the request for approval to CBB and committing itself to an agreement.
Amended: October 2017
Amended: January 2011
October 2007OM-3.4.2
The risk assessment must — amongst other things — include an analysis of:
(a) The business case;(b) The suitability of theoutsourcing provider ; including but not limited to the outsourcing provider's financial soundness, its technical competence, its commitment to the arrangement, its reputation, its adherence to international standards, and the associated country risk; a and(c) The impact of the outsourcing on the licensee's overall risk profile and its systems and controls framework.Amended: October 2017
Amended: July 2011
October 07OM-3.4.3
[This paragraph was deleted in October 2017].
Deleted: October 2017
October 07OM-3.4.4
Once an outsourcing agreement has been entered into, licensees must regularly review the suitability of the outsourcing provider and the on-going impact of the agreement on their risk profile and systems and controls framework. Such reviews must take place at least every year.
Amended: July 2011
October 07OM-3.4.5
A licensee must nominate a relevant approved person with day-to-day responsibility for handling the relationship with the outsourcing provider and ensuring that relevant risks are addressed. This person must be notified to the CBB as part of the request for prior approval required under Section OM-3.3 above. Any subsequent replacement of such person must also be notified to the CBB.
Amended: October 2017
Amended: July 2011
Amended: January 2011
October 2007OM-3.5 OM-3.5 Outsourcing Agreement
OM-3.5.1
The activities to be outsourced and respective contractual liabilities and obligations of the outsourcing provider and licensee must be clearly specified in an outsourcing agreement. This agreement must — amongst other things — address the following points:
(a) Control over outsourced activities1. The Board and management of licensees are held ultimately responsible by the CBB for the adequacy of systems and controls in outsourced activities. Licensees must therefore ensure that they have adequate mechanisms for monitoring the performance of, and managing the relationship with, the outsourcing provider.2. Aservice level agreement ("SLA") — setting out the standards of service to be provided — must form part of the outsourcing agreement. Where the outsourcing provider interacts directly with a licensee's customers, the SLA must — where relevant — reflect the licensee's own standards regarding customer care.3. Mechanisms for the regular monitoring by licensees of performance against the SLA and other targets, and for implementing remedies in case of any shortfalls, must also form part of the agreement.4. Clear reporting and escalation mechanisms must be specified in the agreement.5. Where an outsourcing provider in turn decides to sub-contract to other providers, CBB's prior written approval must be obtained, and the original provider must remain contractually liable to the licensee for the quality and level of service agreed, and its obligations to the licensee must remain unchanged.(b) Customer data confidentiality1. Licensees must ensure that outsourcing agreements comply with all applicable legal requirements regarding customer confidentiality.2. Licensees must ensure that the outsourcing provider implements adequate safeguards and procedures. Amongst other things, customer data must be properly segregated from those belonging to other clients the outsourcing provider may have. Outsourcing providers must give suitable undertakings that the company and its staff will comply with all applicable confidentiality rules. Licensees must have contractual rights to take action against the service provider in the event of a breach of confidentiality.3. Licensees must assess the impact of using an overseas-based outsourcing provider on their ability to maintain customer data confidentiality, for instance, because of the powers of local authorities to access such data.(c) Access to information1. Outsourcing agreements must ensure that the licensee's internal and external auditors have timely access to any relevant information they may require to fulfill their responsibilities. Such access must allow them to conduct on-site examinations of the outsourcing provider, if required.2. Licensees must also ensure that the CBB inspectors andappointed experts have timely access to any relevant information they may reasonably require under the law. Such access must allow the CBB to conduct on-site examinations of the outsourcing provider, if required.3. Where the outsourcing provider is based overseas, the outsourcing provider must confirm in the outsourcing agreement that there are no regulatory or legal impediments to either the licensee's internal and external auditors, or the CBB inspectors andappointed experts , having the access described above. Should such restrictions subsequently be imposed, the licensee must communicate this fact to the CBB as soon as it becomes aware of the matter.4. The outsourcing provider must commit itself, in the outsourcing agreement, to informing the licensee of any developments that may have a material impact on its ability to meet its obligations. These may include, for example, relevant control weaknesses identified by the outsourcing provider's internal or external auditors, and material adverse developments in the financial performance of the outsourcing provider.(d) Business continuity1. Licensees must ensure that service providers maintain, regularly review and test plans to ensure continuity in the provision of the outsourced service.2. Licensees must have an adequate understanding of the outsourcing provider's arrangements, to understand the implications for its own contingency arrangements (see Section OM-3.6).(e) Termination1. Licensees must have the right to terminate the agreement should the outsourcing provider undergo a change of ownership (whether direct or indirect) that poses a potentialconflict of interest ; becomes insolvent; or goes into liquidation or administration.2. Termination under any other circumstances allowed under the agreement must give licensees a sufficient notice period in which they can effect a smooth transfer of the service to another provider or bring it back in-house.3. In the event of termination, for whatever reason, the agreement must provide for the return of all customer data — where required by licensees — or destruction of the records.Amended: October 2017
Amended: July 2011
Amended: January 2011
October 2007OM-3.6 OM-3.6 Contingency Planning for Outsourcing Arrangements
OM-3.6.1
Licensees must maintain and regularly review
contingency plans to enable them to set up alternative arrangements — with minimum disruption to business — should the outsourcing contract be suddenly terminated or the outsourcing provider fails. This may involve the identification of alternative outsourcing providers or the provision of the service in-house. These plans must consider how long the transition would take and what interim arrangements would apply.Amended: July 2011
October 07OM-3.6.2
See Chapter OM-5 for further guidance on business continuity and contingency planning.
October 07OM-3.7 OM-3.7 Internal Audit Outsourcing
OM-3.7.1
Because of the critical importance of an effective internal audit function to a licensee's control framework, all proposals to outsource internal audit operations are to be considered material.
October 07OM-3.7.2
The CBB will not permit licensees to outsource their internal audit function to the same firm that acts as their external auditor.
Amended: October 2015
Amended: January 2011
October 2007OM-3.7.3
Licensees who have existing outsourcing arrangements in place with their external auditor relating to the provision of internal audit services are required to find suitable alternatives when the existing arrangements terminate or come up for renewal.
Amended: October 2015
October 07OM-3.7.4
In all circumstances, Board and management of licensees must retain responsibility for ensuring that an adequate internal audit programme is implemented, and will be held accountable in this respect by the CBB.
Amended: January 2011
October 2007OM-3.8 OM-3.8 Intragroup Outsourcing
OM-3.8.1
As with outsourcing to non-group companies, the Board and management of licensees are held ultimately responsible by the CBB for the adequacy of systems and controls in activities outsourced to group companies.
Amended: January 2011
October 2007OM-3.8.2
However, the degree of formality required — in terms of contractual agreements and control mechanisms — for outsourcing within a licensee's group is likely to be less, because of common management and enhanced knowledge of other group companies.
October 07OM-3.8.3
A licensee must seek the CBB's prior written approval at least 6 weeks before committing to a material
intragroup outsourcing . The request for approval must be made in writing to the licensee's normal supervisory contact, and must set out a summary of the proposed outsourcing, its rationale, and an analysis of its associated risks and proposed mitigating controls. The CBB will respond to the request for approval in the same manner and timescale as set in Section OM-3.3 above.Amended: October 2017
Amended: January 2011
October 2007OM-3.8.4
The CBB expects, as a minimum, an agreed statement of the standard of service to be provided by the group provider, including a clear statement of responsibilities allocated between the group provider and licensee.
Amended: January 2011
October 2007OM-3.8.5
The CBB also expects a licensee's management to have addressed the issues of customer confidentiality, access to information and business continuity covered above (Section OM-3.5).
Amended: January 2011
October 2007OM-3.9 OM-3.9 Outsourcing of Functions Containing Customer Information
OM-3.9.1
Licensees must seek the CBB's prior written approval for third party and intragroup outsourcing of functions/services containing customer information including but not limited to payment services, debt collection, card and data processing, IT function including cloud services, internal audit and electronic/internet banking services but excluding legal services.
Amended: October 2017
Added: July 2016OM-3.9.2
For a third party outsourcing of functions/services containing customer information, other than debt collection, IT function, internal audit, cards embossing, cheques personalization, data/documents storing and call centres, the service providers must be licensed by the CBB and located in Bahrain. If the outsourced service is not available in Bahrain after 30th June 2017, licensees must submit to the CBB a written request, at least within 30 days of the stated deadline. The request must provide details of the circumstances under which the extension of outsourcing activities is being requested.
Amended: July 2018
Amended: October 2017
Amended: January 2017
Added: July 2016OM-3.9.2A
In case of an outsourcing arrangement that involves transmission of customer information to the service provider, Licensees must make necessary changes to the terms of the customer agreements and send prior notices to the customer, who shall provide a consent in writing that his/her information would be transmitted to a service provider. Licensees may only effect the changes in the customer agreement following the receipt of customer consent.
Added: July 2018OM-3.9.3
Licensees must provide to the CBB quarterly progress reports on the steps and procedures taken in implementing the requirements of Paragraph OM-3.9.2. The progress report must be provided to the retail bank's supervisory point of contact at the CBB and the first report must be submitted by 31st July 2016.
Amended: October 2017
Added: July 2016OM-3.9.4
For intragroup outsourcing of functions/services containing customer information, the following conditions must also be met:
(a) Theoutsourcing providers must be annually audited by the group internal audit team and the audit findings must be reported to the CBB;(b) Theservice level agreement must clearly state that the CBB inspectors andappointed experts have the legal right to conduct onsite examinations of the outsourcing provider and such expenses are to be borne by thelicensee ; and(c) Any report by any other regulatory authority on the quality of controls of theoutsourcing provider must be submitted immediately by the licensee to the CBB.(d) [This sub-paragraph was deleted in October 2017].Amended: October 2017
Added: July 2016OM-3.9.5
[This Paragraph was deleted in October 2017].
Deleted: October 2017
Added: July 2016OM-3.9.6
In the case of overseas retail bank licensees, the CBB may consider a third party outsourcing arrangements entered by the licensee's head office as an intragroup outsourcing, provided that the head office submits to the CBB a letter of comfort which includes, but not limited to, the following conditions:
a. The head office declares its ultimate responsibility of ensuring that adequate controlling measures are in place; andb. The head office is responsible to take adequate rectification measures, including compensation to the affected customers, in cases where customers suffer any loss due to inadequate controls applied by the third party service provider.Added: January 2017Cloud Services
OM-3.9.7
For the purpose of outsourcing of cloud services, licensees must ensure that, at a minimum, the following security measures are in place:
(a)Customer information must be encrypted and licensees must ensure that all encryption keys or similar forms of authentication are kept secure within the licensee's control;(b) A secure audit trail must be maintained for all actions performed at the cloud servicesoutsourcing provider ;(c) A comprehensive change management procedure must be developed to account for future changes to technology with adequate testing of such changes;(d) The licensee's data must be logically segregated from other entities data at the outsourcing service provider's platform;(e) The cloud service provider must provide information on measures taken at its platform to ensure adequate information security, data security and confidentiality, including but not limited to forms of protection available against unauthorized access and incident management process in cases of data breach or data loss; and(f) The right to release customer information/data in case of foreign government/court orders must be the sole responsibility of the licensee, subject to the CBB Law.Added: October 2017OM-4 OM-4 Electronic Money and Electronic Banking Activities
OM-4.1 OM-4.1 Electronic Banking
OM-4.1.1
This Chapter refers to
Basel Committee papers that the CBB requires relevant licensees to use as guidance onelectronic banking activities.Amended: January 2011
October 2007OM-4.1.2
The CBB considers that the following papers represent best practice and provide guidelines for recognising, addressing and managing risk associated with this area. Banks should take appropriate steps for the implementation of relevant recommendations set out therein:
(a) 'Risk Management forElectronic Banking andElectronic Money Activities' issued in March 1998 (see OM-1.1 for further references to the paper);(b) 'Risk Management Principles forElectronic Banking ' issued in May 2001 (see OM-1.1 for further references to the paper).Amended: January 2011
October 2007OM-4.1.3
Licensees must use the 'Risk Management Principles and Sound Practices' in the Basel Committee paper in OM-1.1 as guidelines to recognise and prudently manage risks associated with e-banking.
October 07OM-5 OM-5 Business Continuity Planning
OM-5.1 OM-5.1 Introduction
Why Do Financial Institutions Need Business Continuity Plans?
OM-5.1.1
All businesses may experience serious disruptions to their business operations. These disruptions may be caused by external events such as flooding, power failure or terrorism, or by internal factors such as human error or a serious computer breakdown. The probability of some events may be small, but the potential consequences may be massive, whereas other events may be more frequent and with shorter time horizons. The Joint Forum (the Basel Committee on Banking Supervision (BCBS), the International Organisation of Securities Commissions (IOSCO) and the International Association of Insurance Supervisors (IAIS)) have given additional background and context to the need for business continuity in its paper of August 2006 titled "High Level Principles for Business Continuity" (
www.bis.org ).October 07OM-5.1.2
According to the Joint Forum, in its paper, Business Continuity is "a whole of business approach for insuring that specified operations can be maintained or recovered in a timely fashion in the event of disruption. Its purpose is to minimize the operational, financial, legal, reputational, and other material consequences arising from a disruption". The objectives of a good business continuity plan ("BCP") are:
(a) To minimise financial loss to the licensee;(b) To continue to serve customers and counterparties in the financial markets; and(c) To mitigate the negative effects that disruptions can have on a licensee's reputation, operations, liquidity, credit quality, its market position, and its ability to remain in compliance with applicable laws and regulations.October 07OM-5.1.3
Banks play a critical role in an economy, in providing payment services, as holders of people's savings, and as providers of finance. Hence, a BCP is especially critical for banks. It helps ensure that their business operations are resilient and the effects of disruptions in service are minimized and thus helps maintain confidence in the banking system.
October 07Scope and Key Elements of a BCP
OM-5.1.4
The requirements of this Chapter apply to all retail and wholesale banks (whether locally incorporated or a branch).
October 07OM-5.1.5
Branch Licensees of foreign banks may apply alternative arrangements to those specified in this module, where they are subject to comprehensive BCP arrangements implemented by their head office or other member of their group, provided that:
(a) They have notified the CBB in writing what alternative arrangements will apply;(b) They have satisfied the CBB that these alternative arrangements are equivalent to the measures contained in this chapter, or are otherwise suitable; and(c) The CBB has agreed in writing to these alternative arrangements being used.October 07Implementation
OM-5.1.6
The requirements in this Chapter must be complied with in full by 1 October 2007. Failure to comply with these requirements after that will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).
October 07OM-5.1.7
For contingency planning relating to outsourcing activities, see Section OM-3.6.
October 07OM-5.2 OM-5.2 General Requirements
OM-5.2.1
To ensure an ability to operate on an ongoing basis and limit losses in the event of severe business disruption all
Islamic bank licensees must maintain a business continuity plan (BCP) appropriate to the scale and complexity of their operations. A BCP must address the following key areas:(a) Data back up and recovery (hard copy and electronic);(b) Continuation of all critical systems, activities, and counterparty impact;(c) Financial and operational assessments;(d) Alternate communication arrangements between the licensee and its customers and its employees;(e) Alternate physical location of employees;(f) Communications with and reporting to the CBB and any other relevant regulators; and(g) Ensuring customers' prompt access to their funds in the event of a disruption.Amended: October 2012
October 07OM-5.2.2
Effective BCPs must be comprehensive, limited not just to disruption of business premises and information technology facilities, but covering all other critical areas, which affect the continuity of critical business operations or services (e.g. liquidity, human resources and others).
October 07OM-5.2.3
Licensees must notify the CBB promptly if their BCP is activated. They must also provide regular progress reports — as agreed with the CBB — until the BCP is deactivated.
October 07OM-5.2.4
The CBB recognises that BCPs involve costs, and that it may not be cost effective to have a fully developed and implemented BCP for all conceivable worst-case scenarios. However, the CBB expects licensees to plan for how they may cope with the complete destruction of buildings and surrounding infrastructure in which their key offices, installations, counterparties or service providers are located. The loss of key personnel, and a situation where back-up facilities might need to be used for an extended period of time are important factors in effective BCPs.
October 07OM-5.2.5
Licensees may find it useful to consider two-tier plans: one to deal with near-term problems; this should be fully developed and able to be put into immediate effect. The other, which might be in paper form; should deal with a longer-term scenario (e.g. how to accommodate processes that might not be critical immediately but would become so over time).
October 07OM-5.3 OM-5.3 Board and Senior Management Responsibilities
Establishment of a Policy, Processes&Responsibilities
OM-5.3.1
A Bank's Board of Directors and Senior Management are collectively responsible for a bank's business continuity. The Board must endorse the policies, standards and processes for a licensee's BCP, as established by its senior management. The Board and senior management must delegate adequate resources to develop the BCP, and for its maintenance and periodic testing.
October 07OM-5.3.2
Licensees must establish a Crisis Management Team (CMT) to develop, maintain and test their BCP, as well as to respond to and manage the various stages of a crisis. The CMT must comprise members of
senior management and heads of major support functions (e.g. building facilities, IT, corporate communications and human resources).Amended: July 2011
October 07OM-5.3.3
Licensees must establish (and document as part of the BCP) individuals' responsibilities in helping prepare for and manage a crisis; and the process by which a disaster is declared and the BCP initiated (and later terminated).
October 07Monitoring and Reporting
OM-5.3.4
The CMT must submit regular reports to the Board and senior management on the results of the testing of the BCP (refer to section OM-5.9). Major changes must be developed by CMT, reported to
senior management , and endorsed by the Board.Amended: July 2011
October 07OM-5.3.5
The Chief Executive of a licensee must sign a formal annual statement submitted to the Board on whether the recovery strategies adopted are still valid and whether the documented BCP is properly tested and maintained. The annual statement must be included in the BCP documentation and will be reviewed as part of the CBB's on-site examinations.
October 07OM-5.4 OM-5.4 Developing a Business Continuity Plan
Impact Analysis
OM-5.4.1
Licensees' BCPs must be based on (i) a business impact analysis (ii) an operational impact analysis, and (iii) a financial impact analysis. These analyses must be comprehensive, including all business functions and departments, not just IT or data processing.
October 07OM-5.4.2
The key objective of a Business Impact Analysis is to identify the different kinds of risk to business continuity and to quantify the operational and financial impact of disruptions on a licensee's ability to conduct its critical business processes.
October 07OM-5.4.3
A typical business impact analysis is normally comprised of two stages. The first is to identify and prioritise the critical business processes that must be continued in the event of a disaster. The first stage should take account of the impact on customers and reputation, the legal implications and the financial cost associated with downtime. The second stage is a time-frame assessment. This aims to determine how quickly the licensee needs to resume critical business processes identified in stage one.
October 07OM-5.4.4
Operational impact analysis focuses on the firm's ability to maintain communications with customers and to retrieve key activity records. It identifies the organizational implications associated with the loss of access, loss of utility, or loss of a facility. It highlights which functions may be interrupted by an outage, and the consequences to the public and customer of such interruptions.
October 07OM-5.4.5
A Financial Impact Analysis identifies the financial losses that (both immediate and also consequent to the event) arise out of an operational disruption.
October 07Risk Assessment
OM-5.4.6
In developing a BCP, licensees must consider realistic threat scenarios that may (potentially) cause disruptions to their business processes.
October 07OM-5.4.7
Licensees should analyse a threat by focusing on its impact on the business processes, rather than on the source of a threat. Certain scenarios can be viewed purely in terms of business disruption in specific work areas, systems or facilities. The scenarios should be sufficiently comprehensive to avoid the BCPs becoming too basic and thereby avoiding steps that could improve the resiliency of the licensee to disruptions.
October 07OM-5.4.8
Business continuity plans must take into account different types of likely or plausible scenarios to which the bank may be vulnerable. In particular, the following specific scenarios must at a minimum, be considered in the BCP:
• Utilities are not available (power, telecommunications);• Critical buildings are not available or specific facilities are not accessible;• Software and live data are not available or are corrupted;• Vendor assistance or (outsourced) service providers are not available;• Critical documents or records are not available;• Critical personnel are not available; and• Significant equipment malfunctions (hardware or telecom).Amended: October 2012
October 07OM-5.4.9
Licensees must distinguish between threats with a higher probability of occurrence and a lower impact to the business process (e.g. brief power interruptions) to those with a lower probability and higher impact (e.g. a terrorist bomb).
October 07OM-5.4.10
As a starting point, licensees must perform a "gap analysis". This gap analysis is a methodical comparison of what types of plans the licensee requires in order to maintain, resume or recover critical business operations or services in the event of a disruption, versus what the existing BCP provides. Management and the Board can address the areas that need development in the BCP, using the gap analysis.
Amended: July 2011
October 07OM-5.5 OM-5.5 BCP – Recovery Levels&Objectives
OM-5.5.1
The BCP must document strategies and procedures to maintain, resume and recover critical business operations or services. The plan must differentiate between critical and non-critical functions. The BCP must clearly describe the types of events that would lead up to the formal declaration of a business disruption and the process for activating the BCP.
October 07OM-5.5.2
The BCP must clearly identify alternate sites for different operations, the total number of recovery personnel, workspace requirements, and applications and technology requirements. Office facilities and records requirements must also be identified.
October 07OM-5.5.3
Licensees should take note that they might need to cater for processing volumes that exceed those under normal circumstances. The interdependency among critical services is another major consideration in determining the recovery strategies and priority. For example, the resumption of the front office operations is highly dependent on the recovery of the middle office and back office support functions.
October 07OM-5.5.4
Individual critical business and support functions must establish the minimum BCP recovery objectives for recovering essential business operations and supporting systems to a specified level of service ("recovery level") within a defined period following a disruption ("recovery time"). These recovery levels and recovery times must be approved by the senior management prior to proceeding to the development of the BCP.
October 07List of Contacts and Responsibilities
OM-5.5.5
The BCP must contain a list of all key personnel. The list must include personal contact information on each key employee such as their home address, home telephone number, and cell phone or pager number so they may be contacted in case of a disaster or other emergency.
October 07OM-5.5.6
The BCP must contain all the necessary process steps to complete each critical business operation or service. Each process must be explained in sufficient detail to allow another employee to perform the job in case of a disaster.
Amended: July 2011
October 07Alternate Sites for Business and Technology Recovery
OM-5.5.7
Most business continuity efforts are dependent on the availability of an alternate site (i.e. recovery site) for successful execution. The alternate site may be either an external site available through an agreement with a commercial vendor or a site within the Licensee's real estate portfolio. A useable, functional alternate site is an integral component of BCP.
October 07OM-5.5.8
Licensees must examine the extent to which key business functions are concentrated in the same or adjacent locations and the proximity of the alternate sites to primary sites. Alternate sites must be sufficiently remote from, and do not depend upon the same physical infrastructure components as a licensee's primary business location. This minimises the risk of both sites being affected by the same disaster (e.g. they must be on separate or alternative power grids and telecommunication circuits).
Amended: July 2011
October 07OM-5.5.9
Licensees' alternate sites must be readily accessible and available for occupancy (i.e. 24 hours a day, 7 days a week) within the time requirement specified in their BCP. Should the BCP so require, the alternate sites must have pre-installed workstations, power, telephones and ventilation, and sufficient space. Appropriate physical access controls such as access control systems and security guards must be implemented in accordance with Licensee's security policy.
Amended: July 2011
October 07OM-5.5.10
Other than the establishment of alternate sites, licensees should also pay particular attention to the transportation logistics for relocation of operations to alternate sites. Consideration should be given to the impact a disaster may have on the transportation system (e.g. closures of roads). Some staff may have difficulty in commuting from their homes to the alternate sites. Other logistics, such as how to re-route internal and external mail to alternate sites should also be considered. Moreover, pre-arrangement with telecommunication companies for automated telephone call diversion from the primary work locations to the alternate sites should be considered.
October 07OM-5.5.11
Alternate sites for technology recovery (i.e. back-up data centres), which may be separate from the primary business site, should have sufficient technical equipment (e.g. workstations, servers, printers, etc.) of appropriate model, size and capacity to meet recovery requirements as specified by licensees' BCPs. The sites should also have adequate telecommunication (including bandwidth) facilities and pre-installed network connections as specified by their BCP to handle the expected voice and data traffic volume.
October 07OM-5.5.12
Licensees should avoid placing excessive reliance on external vendors in providing BCP support, particularly where a number of institutions are using the services of the same vendor (e.g. to provide back-up facilities or additional hardware). Licensees should satisfy themselves that such vendors do actually have the capacity to provide the services when needed and the contractual responsibilities of the vendors should be clearly specified. Licensees should recognise that outsourcing a business operation does not transfer the associated business continuity management responsibilities.
October 07OM-5.5.13
The contractual terms should include the lead-time and capacity that vendors are committed to deliver in terms of back-up facilities, technical support or hardware. The vendor should be able to demonstrate its own recoverability including the specification of another recovery site in the event that the contracted site becomes unavailable.
October 07OM-5.5.14
Certain licensees may rely on a reciprocal recovery arrangement with other institutions to provide recovery capability (e.g. Cheque sorting and cash handling). Licensees should, however, note that such arrangements are often not appropriate for prolonged disruptions or an extended period of time. This arrangement could also make it difficult for Licensees to adequately test their BCP. Any reciprocal recovery agreement should therefore be subject to proper risk assessment and documentation by licensees, and formal approval by the Board.
October 07OM-5.6 OM-5.6 Detailed Procedures for the BCP
OM-5.6.1
Once the recovery levels and recovery objectives for individual business lines and support functions are determined, the development of the detailed BCP should commence. The objective of the detailed BCP is to provide detailed guidance and procedures in a crisis situation, of how to recover critical business operations or services identified in the Business Impact Analysis stage, and to ultimately return to operations as usual.
October 07Crisis Management Process
OM-5.6.2
A BCP must set out a Crisis Management Plan (CMP) that serves as a documented guidance to assist the CMT in dealing with a crisis situation to avoid spill over effects to the business as a whole. The overall CMP, at a minimum, must contain the following:
(a) A process for ensuring early detection of an emergency or a disaster situation and prompt notification to the CMT about the incident;(b) A process for the CMT to assess the overall impact of the crisis situation on the licensee and to make quick decisions on the appropriate responses for action (i.e. staff safety, incident containment and specific crisis management procedures);(c) Arrangements for safe evacuation from business locations (e.g. directing staff to a pre-arranged emergency assembly area, taking attendance of all employees and visitors at the time and tracking missing people through different means immediately after the disaster);(d) Clear criteria for activation of the BCP and/or alternate sites;(e) A process for gathering updated status information for the CMT (e.g. ensuring that regular conference calls are held among key staff from relevant business and support functions to report on the status of the recovery process);(f) A process for timely internal and external communications; and(g) A process for overseeing the recovery and restoration efforts of the affected facilities and the business services.Amended: July 2011
October 07OM-5.6.3
If CMT members need to be evacuated from their primary business locations, the licensee should set up a command centre to provide the necessary workspace and facilities for the CMT. Command centres should be sufficiently distanced from the licensee's primary business locations to avoid being affected by the same disaster.
October 07Business Resumption
OM-5.6.4
Each relevant business and support function must assign at least one member to be a part of the CMT to carry out the business resumption process for the relevant business and supported function. Appropriate recovery personnel with the required knowledge and skills must be assigned to the team.
Amended: July 2011
October 07OM-5.6.5
Generally, the business resumption process consists of three major phases:
(a) The mobilisation phase — This phase aims to notify the recovery teams (e.g. via a call-out tree) and to secure the resources (e.g. recovery services provided by vendors) required to resume business services.(b) The alternate processing phase — This phase emphasizes the resumption of the business and service delivery at the alternate site and/or in a different way than the normal process. This may entail record reconstruction and verification, establishment of new controls, alternate manual processes, and different ways of dealing with customers and counterparties; and(c) The full recovery phase — This phase refers to the process for moving back to a permanent site after a disaster. This phase may be as difficult and critical to the business as the process to activate the BCP.October 07OM-5.6.6
For the first two phases above, clear responsibilities should be established and activities prioritised. A recovery tasks checklist should be developed and included in the BCP.
October 07Technology Recovery
OM-5.6.7
Business resumption very often relies on the recovery of technology resources that include applications, hardware equipment and network infrastructure as well as electronic records. The technology requirements that are needed during recovery for individual business and support functions should be specified when the recovery strategies for the functions are determined.
October 07OM-5.6.8
Licensees should pay attention to the resilience of critical technology equipment and facilities such as the uninterruptible power supply (UPS) and the computer cooling systems. Such equipment and facilities should be subject to continuous monitoring and periodic maintenance and testing.
October 07OM-5.6.9
Appropriate personnel must be assigned with the responsibility for technology recovery. Alternative personnel need to be identified as back up for key technology recovery personnel in the case of the latter unavailability to perform the recovery process.
October 07Disaster Recovery Models
OM-5.6.10
There are various disaster recovery models that can be adopted by licensees to handle prolonged disruptions. The traditional model is an "active/back-up" model, which is widely used by many organizations. This traditional model is based on an "active" operating site with a corresponding alternate site (back-up site), both for data processing and for business operations.
October 07OM-5.6.11
A split operations model, which is increasingly being used by major institutions, operates with two or more widely separated active sites for the same critical operations, providing inherent back up for each other (e.g. branches). Each site has the capacity to take up some or all of the work of another site for an extended period of time. This strategy can provide nearly immediate resumption capacity and is normally able to handle the issue of prolonged disruptions.
October 07OM-5.6.12
The split operations model may incur higher operating costs, in terms of maintaining excess capacity at each site and added operating complexity. It may also be difficult to maintain appropriately trained staff and the split operations model can pose technological issues at multiple sites.
October 07OM-5.6.13
The question of what disaster recovery model to adopt is for individual licensees' judgment based on the risk assessment of their business environment and the characteristics of their own operations.
October 07OM-5.7 OM-5.7 Vital Records Management
OM-5.7.1
Each BCP must clearly identify information deemed vital for the recovery of critical business and support functions in the event of a disaster as well as the relevant protection measures to be taken for protecting vital information. Licensees must refer to Chapter OM-7 of the Rulebook when identifying vital information for business continuity. Vital information includes information stored on both electronic and non-electronic media.
Amended: July 2011
Amended: October 2009
October 2007OM-5.7.2
Copies of vital records must be stored off-site as soon as possible after creation. Back-up vital records must be readily accessible for emergency retrieval. Access to back-up vital records must be adequately controlled to ensure that they are reliable for business resumption purposes. For certain critical business operations or services, licensees must consider the need for instantaneous data back up to ensure prompt system and data recovery. There must be clear procedures indicating how and in what priority vital records are to be retrieved or recreated in the event that they are lost, damaged or destroyed.
Amended: July 2011
October 07OM-5.8 OM-5.8 Other Policies Standards, and Processes
Employee Awareness and Training Plan
OM-5.8.1
Licensees must implement an awareness plan and business continuity training for employees to ensure that all employees are continually aware of their responsibilities and know how to remain in contact and what to do in the event of a crisis.
October 07OM-5.8.2
Key employees should be involved in the business continuity development process, as well as periodic training exercises. Cross training should be utilised to anticipate restoring operations in the absence of key employees. Employee training should be regularly scheduled and updated to address changes to the BCP.
October 07Public Relations & Communication Planning
OM-5.8.3
Licensees must develop an awareness program and formulate a formal strategy for communication with key external parties (e.g. CBB and other regulators, investors, customers, counterparties, business partners, service providers, the media and other stakeholders) and provide for the type of information to be communicated. The strategy needs to set out all the parties the licensee must communicate to in the event of a disaster. This will ensure that consistent and up-to-date messages are conveyed to the relevant parties. During a disaster, ongoing and clear communication is likely to assist in maintaining the confidence of customers and counterparties as well as the public in general.
Amended: July 2011
October 07OM-5.8.4
The BCP must clearly indicate who may speak to the media and other key external parties, and have pre-arrangements for redirecting external communications to designated staff during a disaster. Important contact numbers and e-mail addresses of key external parties must be kept in a readily accessible manner (e.g. in wallet cards or licensees' intranet).
Amended: July 2011
October 07OM-5.8.5
Licensees may find it helpful to prepare draft press releases as part of their BCP. This will save the CMT time in determining the main messages to convey in a chaotic situation. Important conversations with external parties should be properly logged for future reference.
October 07OM-5.8.6
As regards internal communication, the BCP should set out how the status of recovery can be promptly and consistently communicated to all staff, parent bank, head office, branches and subsidiaries (where appropriate). This may entail the use of various communication channels (e.g. broadcasting of messages to mobile phones of staff, Licensees websites, e-mails, intranet and instant messaging).
October 07Insurance and other Risk Mitigating Measures
OM-5.8.7
Licensees must have proper insurance coverage to reduce the financial losses that they may face during a disaster. Licensees must regularly review the adequacy and coverage of their insurance policies in reducing any foreseeable risks caused by disasters (e.g. loss of offices, critical IT facilities and equipment).
October 07Government and Community
OM-5.8.8
Licensees may need to coordinate with community and government officials and the media to ensure the successful implementation of the BCP. This establishes proper protocol in case a city- wide or region- wide event impacts the licensee's operations. During the recovery phase, facilities access, power, and telecommunications systems should be coordinated with various entities to ensure timely resumption of operations. Facilities access should be coordinated with the police and fire department and, depending on the nature and extent of the disaster.
October 07Disclosure Requirements
OM-5.8.9
Licensees must disclose how their BCP addresses the possibility of a future significant business disruption and how the licensee will respond to events of varying scope. Licensees must also state whether they plan to continue business during disruptions and the planned recovery time. The licensees might make these disclosures on their websites, or through mailing to key external parties upon request. In all cases, BCP disclosures must be reviewed and updated to address changes to the BCP.
Amended: July 2011
October 07OM-5.9 OM-5.9 Maintenance, Testing and Review
Testing & Rehearsal
OM-5.9.1
A BCP is not complete if it has not been subject to proper testing. Testing is needed to ensure that the BCP is operable. Testing verifies the awareness of staff and the preparedness of differing departments/functions of the bank.
October 07OM-5.9.2
Licensees must test their BCPs at least annually. Senior management must participate in the annual testing, and demonstrate their awareness of what they are required to do in the event of the BCP being involved. Also, the recovery and alternate personnel must participate in testing rehearsals to familiarise themselves with their responsibilities and the back-up facilities and remote sites (where applicable).
October 07OM-5.9.3
All of the BCP's related risks and assumptions must be reviewed for relevancy and appropriateness as part of the annual planning of testing. The scope of testing must be comprehensive enough to cover the major components of the BCP as well as coordination and interfaces among important parties. A testing of particular components of the BCP or a fully integrated testing must be decided or depending on the situation. The following points must be included in the annual testing:
(a) Staff evacuation and communication arrangements (e.g. call-out trees) must be validated;(b) The alternate sites for business and technology recovery must be activated;(c) Important recovery services provided by vendors or counterparties must form part of the testing scope;(d) Licensees must consider testing the linkage of their back up IT systems with the primary and back up systems of service providers;(e) If back up facilities are shared with other parties (e.g. subsidiaries of the licensee), the licensee needs to verify whether all parties can be accommodated concurrently; and(f) Recovery of vital records must be performed as part of the testing.Amended: July 2011
October 07OM-5.9.4
Formal testing reviews of the BCP must be performed to assess the thoroughness and effectiveness of the testing. Specifically, a post-mortem review report must be prepared at the completion of the testing stage for formal sign-off by Licensees' senior management. If the testing results indicate weaknesses or gaps in the BCP, the plan and recovery strategies must be updated to remedy the situation.
Amended: July 2011
October 07Periodic Maintenance and Updating of a BCP
OM-5.9.5
Licensees must have formal procedures to keep their BCP updated with respect to any changes to their business. In the event of a plan having been activated, a review process must be carried out once normal operations are restored to identify areas for improvement. If vendors are needed to provide vital recovery services, there must be formal processes for regular (say, annual) reviews of the appropriateness of the relevant service level agreements.
Amended: July 2011
October 07OM-5.9.6
Individual business and support functions, with the assistance of the CMT, must review their business impact analysis and recovery strategy on an annual basis. This aims to confirm the validity of, or whether updates are needed to, the BCP requirements (including the technical specifications of equipment of the alternate sites) for the changing business and operating environment.
Amended: July 2011
October 07OM-5.9.7
The contact information for key staff, counterparties, customers and service providers must be updated as soon as possible when notification of changes is received.
Amended: July 2011
October 07OM-5.9.8
Significant internal changes (e.g. merger or acquisitions, business re-organisation or departure of key personnel) must be reflected in the plan immediately and reported to senior management.
October 07OM-5.9.9
Copies of the BCP document must be stored at locations separate from the primary site. A summary of key steps to be taken in an emergency situation must be made available to
senior management and other key personnel.Amended: July 2011
October 07Audit and Independent Review
OM-5.9.10
The internal audit function of a licensee or its external auditors must conduct periodic reviews of the BCP to determine whether the plan remains realistic and relevant, and whether it adheres to the policies and standards of the licensee. This review must include assessing the adequacy of business process identification, threat scenario development, business impact analysis and risk assessments, the written plan, testing scenarios and schedules, and communication of test results and recommendations to the Board.
Amended: July 2011
October 07OM-5.9.11
Significant findings must be brought to the attention of the Board and Senior Management within three months of the completion of the review. Furthermore, Senior Management and the Board must ensure that any gaps or shortcomings reported to them are addressed in an appropriate and timely manner.
Amended: July 2011
October 07OM-5.10 OM-5.10 Cyber Security Risk Management
OM-5.10.1
To prepare for the eventuality of cyber attacks, licensees must have a cyber attack response mechanism in place. The BCP of the licensee must also be properly enhanced to account for all CBB requirements and must be regularly tested to assure that the licensee is capable of dealing with cyber attacks.
Added: October 2016OM-6 OM-6 Security Measures for Banks
OM-6.1 OM-6.1 Physical Security Measures for Retail Banks
General Requirement
OM-6.1.1
Retail banks must maintain up to date Payment Card Industry Data Security Standards (PCI-DSS) certification. This initial certification must be obtained by 30th April 2017. Failure to comply with this requirement will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).
Amended: October 2016
Amended: April 2016
Amended: January 2011
October 2007OM-6.1.1.A
In order to maintain up to date PCI-DSS certification, retail banks will be periodically audited by PCI authorised companies for compliance.
Licensees are asked to make certified copies of such documents available if requested by the CBB.Added: April 2016External Measures
OM-6.1.2
All head offices are required to maintain Ministry of Interior ("MOI") guards or alternatively MOI trained and permanently licensed private security guards of licensed private security companies, on a 24 hours basis. All branches must also maintain a 24 hour MOI guard. However, if branches satisfy the criteria mentioned in Paragraphs OM-6.1.3 to OM-6.1.22 below, they may maintain MOI guards during opening hours only. Furthermore, branches will be allowed to replace MOI armed guards with private security guards subject to the approval of the MOI. Training and approval of private security guards will be given by the MOI. Head Offices must always have a 24 hour MOI.
Amended: July 2019
October 07OM-6.1.3
Public entrances to head offices and branches must be protected by measures such as steel rolling shutters, or the external doors must be of solid steel or a similar solid material of equivalent strength and resistance to fire.
October 07OM-6.1.4
Other external entrances must have steel doors or be protected by steel rolling shutters. Preferably, all other external entrances must have the following security measures:
(a) Magic eye;(b) Locking device (key externally and handle internally);(c) Door closing mechanism;(d) Contact sensor with alarm for prolonged opening time; and(e) Combination access control system (e.g. access card and key slot or swipe card and password).Amended: July 2011
Amended: April 2011
October 07OM-6.1.5
If additional security measures to those mentioned in OM-6.1.3 and OM-6.1.4 such as security cameras, motion detectors or intruder alarms are installed, the requirement for steel external doors or protection by steel rolling shutters is waived.
October 07OM-6.1.6
External windows must have security measures such as anti blast films and movement detectors. For ground floor windows, banks may also wish to add steel grills fastened into the wall.
Amended: July 2011
October 07OM-6.1.7
Branch alarm systems should have the following features:
(a) PIR motion detectors(b) Door sensors(c) Anti vibration/movement sensors on vaults(d) External siren(e) The intrusion detection system must be linked to the bank's (i.e. head office) monitoring unit and also the MOI Central Monitoring Unit.Amended: January 2011
October 2007Internal Measures
OM-6.1.8
Teller counters must be screened off from customers by a glass screen of no less than 1 meter in height from the counter work surface or 1.4 meters from the floor.
October 07OM-6.1.9
All areas where cash is handled must be screened off from customers and other staff areas.
October 07OM-6.1.10
Access to teller areas must be restricted to authorised staff only. The design of the teller area must not allow customers to pass through it.
Amended: July 2011
October 07OM-6.1.11
Panic alarm systems for teller staff must be installed. The choice between silent or audible panic alarms is left to individual banks. Kick bars and/or hold up buttons must be spread throughout the teller and customer service areas and the branch manager's office. The panic alarm must be linked to the MOI Central Monitoring Unit.
October 07Cash Safety
OM-6.1.12
Cash precious metals and bearer instruments must be kept in fireproof cabinets/safes. Preferably, these cabinets/safes must be located in strong rooms.
Amended: July 2011
October 07OM-6.1.13
Strong rooms must be made of reinforced solid concrete, or reinforced block work. Doors to strong rooms must be steel and preferably also have a steel shutter fitted. Dual locking devices must be installed in strong room doors. Strong room doors must be located out of the sight of customers.
Amended: July 2011
October 07OM-6.1.14
Strong rooms must not contain any other openings except the entry door and where necessary, an air conditioning outlet. The air conditioning outlet must be protected with a steel grill.
October 07OM-6.1.15
[This Paragraph was deleted in April 2016.]
Deleted: April 2016
Amended: July 2011
October 07OM-6.1.16
[This Paragraph was deleted in April 2016 and requirements were moved to Section OM-6.4.]
Deleted: April 2016
Amended: July 2011
October 07OM-6.1.17
[This Paragraph was deleted in April 2016.]
Amended: April 2016
October 07OM-6.1.18
[This Paragraph was deleted in April 2016 and requirements were moved to Section OM-6.4.]
Deleted: April 2016
October 07OM-6.1.19
[This Paragraph was deleted in April 2016 and requirements are now covered under Paragraph OM-6.4.14.]
Deleted: April 2016
October 07CCTV Network Systems
OM-6.1.20
All head offices and branches must have a CCTV network and alarm system which are connected to a central monitoring unit located in the head office, along with a Video Monitoring System (VMS) and to the MOI Central Monitoring Unit.
Amended: April 2016
October 07OM-6.1.21
At a minimum, CCTV cameras must cover the following areas:
(a) Main entrance;(b) Other external doors;(c) Any other access points (e.g. ground floor windows);(d) The banking hall;(e) Tellers' area;(f) Strongroom entrance; and(g) ATMs (by way of internal or external cameras) Refer to Section OM-6.3 for specific CCTV requirements related to ATMs.Amended: April 2016
Amended: July 2011
Amended: January 2011
October 2007OM-6.1.22
Notices of CCTV cameras in operation must be put up for the attention of the public. CCTV records must be maintained for a minimum 45-day period. The transmission rate (in terms of the number of frames per second) must be high enough to make for effective monitoring. Delayed transmission of pictures to the Central Monitoring Unit is not acceptable. The CCTV system must be operational 24 hours per day.
Amended: July 2011
October 07Training and Other Measures
OM-6.1.23
Banks must establish the formal position of security manager. This person will be responsible for ensuring all bank staff are given annual, comprehensive security training. Banks must produce a security manual or procedures for staff, especially those dealing directly with customers. For banks with three or more branches, this position must be a formally identified position. For banks with one or two branches, the responsibilities of this position may be added to the duties of a member of management.
Amended: July 2011
October 07OM-6.1.24
The security manager must maintain records on documented security related complaints by customers and take corrective action or make recommendations for action on a timely basis. Actions and recommendations must also be documented.
October 07OM-6.1.25
Banks must consider safety and security issues when selecting premises for new branches. Key security issues include prominence of location (i.e. Is the branch on a main street or a back street?), accessibility for emergency services, and assessment of surrounding premises (in terms of their safety or vulnerability), and the number of entrances to the branch. All banks are required to hold an Insurance Blanket Bond (which includes theft of cash in its cover).
Amended: July 2011
October 07OM-6.1.26
Further rules on ATM Physical Security Measures are contained in Section OM-6.4.
Added: April 2016OM-6.2 OM-6.2 Internet Security for all Banks
OM-6.2.1
All banks providing internet banking services must regularly test their systems against security breaches and verify the robustness of the security controls in place. These tests must be conducted by security professionals, such as ethical hackers, that provide penetration testing services and a vulnerability assessment of the system. The tests must be undertaken by external independent parties that are not employees of the bank nor associated with it.
Amended: April 2016
Amended: October 2013
Added: October 2011OM-6.2.2
The penetration testing referred to in Paragraph OM-6.2.1, must be conducted each year in June and December.
Amended: July 2013
Amended: April 2012
Added: October 2011OM-6.2.3
The vulnerability assessment report, along with the steps taken to mitigate the risks must be maintained by the bank for a 5-year period from the date of testing and must be provided to the CBB within two months following the end of the month where the testing took place, i.e. for the June test, the report must be submitted at the latest by 31st August and for the December test, by 28th February (see Section BR-4A.2).
Amended: July 2013
Added: October 2011OM-6.3 OM-6.3 ATM Security Measures: Hardware/Software for Retail Banks
Implementation
OM-6.3.1
The requirements in this Section must be complied with in full by 30th April 2017, or as specified otherwise. Failure to comply with these requirements will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).
Amended: July 2017
Added: April 2016Europay, MasterCard and Visa (EMV) Compliance
OM-6.3.1A
All cards (debit, credit, charge, prepaid, etc.) issued by licensees in the Kingdom of Bahrain must be EMV compliant. Moreover, all ATMs, CDMs, POS, etc. must be EMV compliant for accepting cards issued in the Kingdom of Bahrain. In this context, EMV compliant means using chip and online PIN authentication. However, contactless card payment transactions, where no PIN verification is required, are permitted for small amounts i.e. up to BD 20 per transaction, provided that
Islamic bank licensees bear full responsibility in case of fraud occurrence.Added: April 2018Provision of Cash Withdrawal and Payment Services through Various Channels
OM-6.3.1B
Islamic bank licensees are allowed to provide cash withdrawal and payment services using various channels, including but not limited to, contactless, cardless, QR code, e-wallets, biometrics (iris recognition, facial recognition, fingerprint, voiceprint, etc.), subject to enrolling customers through registration process wherein customers' acceptance of products/services terms and conditions are documented and customers are properly authenticated.Added: April 2018Near Field Communication ("NFC")
OM-6.3.1C
Islamic retail bank licensees must ensure that all currently installed ATMs support contactless payment using Near Field Communication "NFC" technology. The changes necessary to the software/hardware to meet this requirement must be completed no later than 1st April 2020.Added: October 2019OM-6.3.1D
Islamic retail bank licensees must ensure, with effect from 18th August 2019, that all new installations of ATM machines support contactless payment using Near Filed Communication "NFC" technology.Added: October 2019OM-6.3.1E
Islamic retail bank licensees must ensure, with effect from 1st October 2019, that any new POS terminals or devices support contactless payment using Near Filed Communication "NFC" technology.Added: October 2019OM-6.3.1F
Islamic retail bank licensees must ensure, that any payment card issued or reissued (credit, debit, prepaid and charge cards) on or after 12th October 2019 supports contactless payment using Near Field Communications "NFC" technology.Added: October 2019Geolocation Limitations
OM-6.3.2
All
Islamic bank licensees issuing debit, prepaid and/or credit cards must ensure that all Bahrain issued cards enable each customer to maintain a list of 'approved' countries for card ATM/Point of Sale (POS) transactions. Customers must be allowed to determine those countries in which their card must not be accepted as well as countries or merchant categories in which a card transaction would require a further level of authorisation, (for example, 2-way SMS).Amended: April 2018
Added: April 2016Prohibition of Double Swiping
OM-6.3.2A
All card acquirer licensees must communicate to the concerned merchants that the CBB has directed to stop the practice of double swiping of payment cards by some merchants at the merchant's POS terminals/ECR, with effect from 15th June, 2017.
Added: July 2017OM-6.3.2B
For the purpose of Paragraph OM-6.3.2A, card acquirer licensee means a CBB licensee that enters into a contractual relationship with a merchant and the payment card issuer, under a card payment scheme, for accepting and processing payment card transactions. Card acquirers include three-party payment card network operators, who have outsourced their acquiring services to third party service providers.
Added: July 2017OM-6.3.2C
For the purpose of Paragraph OM-6.3.2A, double swiping means swiping of a payment card by a merchant at the POS terminal/ECR for the second time, resulting in capturing and storing of payment cardholder data and sensitive authentication data encoded on the magnetic stripe of a customer's payment card, after the merchant received the required card payment authorisation response.
Added: July 2017OM-6.3.2D
All card acquirer licensees must include the following clause into the merchant agreements entered into with all their merchants and bring into force the said clause on or before 15th June, 2017: "Pursuant to the CBB directions and instructions, the merchant shall stop double swiping of a payment card at a merchant's point-of-sale (POS) terminal/electronic cash register (ECR) to capture or store cardholder and sensitive authentication data encoded on the magnetic stripe of a customer's payment card, after the merchant received the required card payment authorisation response. The merchant asserts its full compliance with the obligation contained in this clause and understands that any breach of this clause will expose the merchant to mandatory contractual and/or legal disciplinary actions by the relevant regulator and/or concerned Ministry."
Added: July 2017OM-6.3.2E
All card acquirer licensees must:
(i) Educate the concerned merchants on the regulatory requirement and continue to follow up the progress of the implementation to comply within the period stipulated in Paragraph OM-6.3.2A; and(ii) Educate and facilitate, where necessary, any merchant that has a valid business need to have cardholder data or non-sensitive information, to transmit such data/information through an integration option.Added: July 2017Integration of Hardware Components
OM-6.3.3
If the Automated Teller Machines (ATM) environment permits access to internal areas where account data is processed and/or stored (e.g., for service or maintenance), these areas must be effectively protected from access by unauthorised persons to mitigate the risk associated with attaching/inserting malicious additional components, especially those which may be designed to capture sensitive data. Banks must encrypt account data or secure access to such data by effective physical barriers such as strong walls, doors, and mechanical locks.
Added: April 2016OM-6.3.4
All entry to sensitive areas must be recorded, including the name of the persons accessing the area; the date; and the time of access to and exit from the area. CCTV cameras must be installed, and used to record all activities within the ATM environment.
Added: April 2016OM-6.3.5
Banks are required to implement best industry practice in respect of hardware and software development and integration, including but not limited to formal specification, test plans, and documentation. Hardware and software should only be introduced to the environment following a successful programme of testing.
Added: April 2016OM-6.3.6
All test plans and the outcomes of these plans must be retained by the bank for a minimum of five years from the date of testing and be available on request to the CBB or their authorised representatives. Examples of instances in which a detailed testing process must be undertaken prior to installation and integration of components include, but are not limited to, secure card readers or EPPs. In all instances the applicable standards relating to Payment Card Industry (PCI), PIN Transaction Security (PTS), and Point of Interaction (POI) requirements must be fully complied with.
Added: April 2016OM-6.3.7
Banks must ensure that the integration of Secure Card Readers, (SCRs) and, if applicable, any mechanism protecting the SCRs are properly implemented and fully comply with the guidelines provided by the device vendor. SCRs must be approved by and fully comply with all Payment Card Industry standards at all times.
Added: April 2016OM-6.3.8
Banks must ensure that all ATMs, including offsite ATMs, are equipped with mechanisms which prevent skimming attacks. There must be no known or demonstrable way to disable or defeat the above-mentioned mechanisms, or to install an external or internal skimming device.
Added: April 2016ATM Software
OM-6.3.9
Banks must ensure that their ATM software security measures comply with the following:
(a) Access to sensitive services is controlled by requiring authentication. Entering or exiting sensitive services must not reveal or otherwise compromise the security of sensitive information;(b) ATM software must include controls which are designed to prevent unauthorised modification of the software configuration, including the operating system, drivers, libraries, and individual applications. Software configuration includes the software platform, configuration data, applications loaded to and executed by the platform, and the associated data. The mechanisms must also ensure the integrity of third-party applications, using a controlled process to install such controls;(c) Access to all elements of the ATM environment must be strictly controlled to ensure an effective segregation of functions and an effective segregation of responsibilities exists for all personnel; and(d) The logging data must be stored in a way that data cannot be changed under any circumstances, and deleted only after authorisation by a member of bank staff who has specific responsibility delegated by the CEO.Added: April 2016OM-6.3.10
ATMs should incorporate dedicated tampering protection capabilities.
Added: April 2016Device Management/Operation
OM-6.3.11
Banks must ensure that their device management/operation controls comply with the following:
(a) Software is protected and stored in a manner which precludes unauthorised modification; and(b) Loading of software into ATMs is performed by a person who has the requisite knowledge and skills, and who has been nominated and authorised by a senior manager in the bank to undertake these tasks.Added: April 2016ATM Application Management
OM-6.3.12
Banks must ensure that their ATM application management complies with the following:
(a) The display of a cardholder PIN on the ATM display must not be in 'clear' mode;(b) Sensitive information must not be present any longer or used more often than strictly necessary. The ATM must automatically clear its internal buffers when either the transaction is completed, or the ATM has timed out whilst awaiting a response from the cardholder or host; and(c) Prevent the display or disclosure of cardholder account information on the ATM screen, printed on receipts, or audio transcripts for visually impaired cardholders.Added: April 2016OM-6.4 OM-6.4 ATM Security Measures: Physical Security for Retail Banks
Implementation
OM-6.4.1
The requirements in this Section must be complied with in full by 31st March 2017. Failure to comply with any of these requirements will trigger a supervisory response, which may include formal enforcement measures, as set out in Module EN (Enforcement).
Added: April 2016Record Keeping
OM-6.4.2
Banks must record the details of the site risk assessments and retain such records for a period of five years from the date of the ATM installation, or whatever other period required by the Ministry of the Interior or the CBB from time to time, whichever is the longer.
Added: April 2016Installation of an Off-site ATM in Bahrain
General Criteria
OM-6.4.5
The ownership and operations of any off-site ATMs is subject to the prior written approval of the CBB and must comply with the Rules outlined in Paragraph OM-6.4.6.
Amended: October 2016
Added: April 2016OM-6.4.6
Off-site ATMs must be owned either individually or jointly by banks orancillary service providers which are members of the BENEFIT Switch. Each relevant owning bank must already have linked its ATM capability to the BENEFIT Switch prior to requesting the CBB's permission to install an off-site ATM and, furthermore, must conform to the general standards set by the Benefit Company from time to time or by the ancillary service provider licensed by the CBB.Amended: October 2017
Added: April 2016OM-6.4.7
Banks must bear full legal responsibility for their respective off-site ATMs, as well as all costs associated with such ATMs (including, but not limited to, cash replenishment, installation, security etc.).
Added: April 2016OM-6.4.8
Banks wishing to install an off-site ATM must submit an application (in writing) for the CBB's approval (see Paragraph BR-5.3.3). A copy of the written permission (for installation of that
off-site ATM ) of the legal owner of the proposed location must be provided to the CBB, as well as a copy of the written permission of any other relevant authorities in this context (e.g. the Ministry of Interior).Added: April 2016OM-6.4.9
The CBB will consider applications on a 'first come, first served' basis for a particular location. If more than one application is received to install an
off-site ATM in the same location, the number of such applications which are approved will depend upon whether the location appears to the CBB to be capable of sustaining multipleoff-site ATMs subject to the exact details of each individual application regarding security being acceptable to the CBB.Added: April 2016OM-6.4.10
Each application will be assessed on its individual merits, and at the CBB's sole discretion, taking into account factors which the CBB considers relevant including, but not limited to:
(a) The suitability of the location in question;(b) The level of overall activities of the applicant in the market as well as the size and make-up of its customer base; and(c) The type and range of facilities which the applicant proposes offering through theoff-site ATM at the location in question.Added: April 2016OM-6.4.11
In addition to the information required by the CBB under Paragraph OM-6.4.8, the CBB may require further information/clarification to be provided to it before it takes a decision regarding the application. The CBB's decision in this regard will be notified to each relevant applicant bank in writing.
Added: April 2016OM-6.4.12
A bank must request in writing the CBB's permission to close any of its
off-site ATMs .Added: April 2016OM-6.4.13
The CBB may, at its sole discretion, require an
off-site ATM to be closed and decommissioned at any time.Added: April 2016ATM Alarms
OM-6.4.14
In addition to alarming the premises, banks must alarm the ATM itself, in a way which activates audibly when the ATM is under attack. The system must be monitored by remote signaling to an appropriate local police response designated by the Ministry of the Interior. Banks must consider the following:
(a) The design of the system must ensure that the ATM has a panic alarm installed;(b) The design of the system must give an immediate, system controlled warning of an attack on the ATM, and all ATMs must be fitted with fully operational fraud detection and inhibiting devices;(c) A maintenance record must be kept for the alarm detection system and routine maintenance must be conducted in accordance with at least the manufacturer's recommendations. The minimum must be two planned maintenance visits and tests every 6 months; and(d) The alarm system must be monitored from an ARC 24 hours daily. It must automatically generate an alarm signal if the telephone/internet line fails or is cut.Added: April 2016Closed-circuit Television (CCTV)
OM-6.4.15
Banks must ensure that ATMs are equipped with Closed-circuit television (CCTV). The location of camera installation must be carefully chosen to ensure that images of the ATM are recorded, however keypad entry are not recorded. The camera must support the detection of the attachment of alien devices to the fascia (external body) and possess the ability to generate an alarm for remote monitoring if the camera is blocked or otherwise disabled.
Added: April 2016OM-6.4.15A
For the purposes of Paragraph OM-6.4.15, the location of camera installation in drive-thru ATMs must be carefully chosen to ensure that the images of the vehicle number plates are clearly captured at both daytime and nighttime.
Added: October 2018OM-6.4.16
As a minimum, CCTV activity must be recorded (preferably in digital format) and, where risk dictates, remotely monitored by a third party ARC.
Added: April 2016OM-6.4.17
When an ATM is located in an area where a public CCTV system operates, the deployer or agent must liaise with the agency responsible for the CCTV system to include the ATM site in any preset automatic camera settings or to request regular sweeps of the site. The CCTV system must not be able to view the ATM keypad thereby preventing observation of PIN entry.
Added: April 2016OM-6.4.18
Banks must ensure that the specifications of CCTV cameras meet the following minimum requirements:
(a) Analogue Cameras:
Resolution — Minimum 700 TVL
Lens — Vari-focal lenses from 2.8 to 12mm
Sensitivity — Minimum 0.5 Luminance (Lux) without Infrared (IR), 0 Lux with IR
IR — At least 10 to 20 meters (Camera that detects motion)(b) IP Cameras:
Resolution — 2 MP — 1080 p
Lens — Vari-focal lenses from 2.8 to 12mm
Sensitivity — Minimum 0.5 Lux without IR, 0 Lux with IR
IR — At least 10 to 20 metersAdded: April 2016OM-6.4.19
Banks must ensure that the following network requirements are met for connecting the Banks CCTV system to MOI Control room:
(a) The minimum speed of the upload should be 2 Mbps for each node (ATM's and branches);(b) Speed/storage limit threshold must not be applied in a manner which permits a network delay; and(c) Access must be restricted to authorised personnel.Added: April 2016ATM Lighting
OM-6.4.20
Banks must ensure that adequate and effective lighting is operational at all times within the ATM environment. The standard of the proposed lighting must be agreed with the Ministry of the Interior and other relevant authorities, and tested at least once every three months to ensure that the lighting is in good working order.
Added: April 2016OM-6.4.20A
Banks must ensure that adequate and effective lighting is operational within drive-thru ATMs to enable the CCTV cameras to capture the vehicle number plates at both daytime and nighttime.
Added: October 2018OM-6.4.21
This Paragraph was deleted in July 2017
Deleted: July 2017
Added: April 2016[Deleted]
Deleted: April 2017OM-6.4.22
This Paragraph was deleted in April 2017.
Deleted: April 2017
Added: April 2016OM-6.4.23
This Paragraph was deleted in April 2017.
Deleted: April 2017
Added: April 2016Fire Alarm
OM-6.4.24
Banks must ensure that effective fire alarm and fire defense measures, such as a sprinkler, are installed and functioning for all ATMs. These alarms must be linked to the "General Directorate of Civil Defense" in Bahrain.
Added: April 2016Cash Replenishment
OM-6.4.25
All cash movements between branches, to and from the CBB and to
off-site ATMs must be performed by specialised service providers.Added: April 2016ATM Service/ Maintenance
OM-6.4.26
Banks must maintain a list of all maintenance, replenishment and inspection visits by staff or other authorised parties.
Added: April 2016OM-6.5 OM-6.5 ATM Security Measures: Additional Measures for Retail Banks
OM-6.5.1
Banks may ensure the adequacy and effectiveness of external security measures throughout the ATM environment through the additional security measures outlined in this Section.
Added: April 2016Sounders and Flashing Warning Lights
OM-6.5.2
Banks should ensure that street-based ATMs are installed with an audible alarm sounder, and a visual flashing warning light, to indicate when the ATM is under attack.
Added: April 2016Armored Anti-Bandit Shroud
OM-6.5.3
Banks should obtain and act upon advice provided by the Ministry of the Interior in respect of protecting the ATM installation with an armored anti-bandit shroud which is placed around the ATM to prevent any bombing or other physical attempts to damage the ATM.
Added: April 2016OM-6.6 OM-6.6 Cyber Security Measures
OM-6.6.1
Clear ownership and management accountability of the risks associated with cyber attacks and related risk management must be established, which cover not only the IT function but also all relevant business lines. Cyber security must be made part of the
licensee IT security policy.Added: October 2016OM-6.6.2
The Board and
senior management must ensure that the cyber security controls are periodically evaluated for adequacy, taking into account emerging cyber threats and establishing a credible benchmark of cyber security controls endorsed by the Board andsenior management . Should material gaps be identified, the Board andsenior management must ensure that corrective action is taken immediately.Added: October 2016OM-6.6.3
Licensees must report to the CBB within one week any instances of cyber attacks, whether internal or external, that compromise customer information or disrupt critical services that affect their operations. When reporting such instances, licensees must provide the root cause analysis of the cyber attack and measures taken by them to ensure that similar events do not recur.
Added: October 2016OM-7 OM-7 Books and Records
OM-7.1 OM-7.1 General Requirements
OM-7.1.1
The requirements in Section OM-7.1 apply to
Bahraini Islamic bank licensees , with respect to the business activities of the whole bank (whether booked in Bahrain or in a foreign branch). The requirements in Section OM-7.1 also apply tooverseas Islamic bank licensees , but only with respect to the business booked in their branch in Bahrain.October 07OM-7.1.2
With reference to Articles 59 and 60 of the CBB Law, all
Islamic bank licensees must maintain books and records (whether in electronic or hard copy form) sufficient to produce financial statements and show a complete record of the business undertaken by a licensee. These records must be retained for at least 10 years according to Article 60 of the CBB Law.Amended: January 2011
October 2007OM-7.1.3
OM-7.1.2 includes accounts, books, files and other records (e.g. trial balance, general ledger, nostro/vostro statements, reconciliations and list of counterparties). It also includes records that substantiate the value of the assets, liabilities and off-balance sheet activities of the licensee (e.g. client activity files and valuation documentation).
October 07OM-7.1.4
[This Paragraph was deleted in April 2011]
OM-7.1.5
Unless otherwise agreed with the CBB in writing, records must be kept in either English or Arabic; or else accompanied by a certified English or Arabic translation. Records must be kept current. The records must be sufficient to allow an audit of the licensee's business or an on-site examination of the licensee by the CBB.
October 07OM-7.1.6
If a licensee wishes to retain certain records in a language other than English or Arabic without translation, the licensee should write to the CBB, explaining which types of records it wishes to keep in a foreign language, and why systematically translating these may be unreasonable. Generally, only loan contracts or similar original transaction documents may be kept without translation. Where exemptions are granted by CBB, the licensee is nonetheless asked to confirm that it will make available certified translations of such documents, if requested by CBB for an inspection or other supervisory purpose.
October 07OM-7.1.7
Translations produced in compliance with Rule OM-7.1.5 may be undertaken in-house, by an employee or contractor of the licensee, provided they are certified by an appropriate officer of the licensee.
Amended: October 2011
October 2007OM-7.1.8
Records must be accessible at any time from within the Kingdom of Bahrain, or as otherwise agreed with the CBB in writing.
October 07OM-7.1.9
Where older records have been archived, or in the case of records relating to overseas branches of
Bahraini Islamic banks , the CBB may accept that records be accessible within a reasonably short time frame (e.g. within 5 business days), instead of immediately. The CBB may also agree similar arrangements foroverseas Islamic banks , as well asBahraini Islamic banks , where elements of record retention and management have been centralised in another group company, whether inside or outside of Bahrain.October 07OM-7.1.10
All original account opening documentation, due diligence and transaction documentation should normally be kept in Bahrain, if the business is booked in Bahrain. However, where a licensee books a transaction in Bahrain, but the transaction documentation is handled entirely by another (overseas) branch or affiliate of the licensee, the relevant transaction documentation may be held in the foreign office, provided electronic or hard copies are retained in Bahrain; the foreign office is located in a FATF member state; and the foreign office undertakes to provide the original documents should they be required.
October 07OM-7.1.11
Licensees should also note that to perform effective consolidated supervision of a group (or sub-group), the CBB needs to have access to financial information from foreign operations of a licensee, in order to gain a full picture of the financial condition of the group: see Module BR (CBB Reporting), regarding the submission of consolidated financial data. If a licensee is not able to provide to the CBB full financial information on the activities of its branches and subsidiaries, it should notify the CBB of the fact, to agree alternative arrangements: these may include requiring the group to restructure or limit its operations in the jurisdiction concerned.
October 07OM-7.1.12
In the case of
Bahraini Islamic banks with branch operations overseas, where local record-keeping requirements are different, the higher of the local requirements or those contained in this Chapter must be followed.October 07OM-7.2 OM-7.2 Transaction Records
OM-7.2.1
Islamic bank licensees must keep completed transaction records for as long as they are relevant for the purposes for which they were made (with a minimum period in all cases of five years from the date when the transaction was completed — see Module Section FC-7.1). Records of completed transactions must be kept whether in hard copy or electronic format, for at least five years from the date of the transaction as per the Legislative Decree No. (28) of 2002 with respect to Electronic Transactions "The Electronic Transaction Law" and its amendments.Amended: July 2017
October 07OM-7.2.2
[This paragraph has been deleted in July 2017].
Deleted: July 2017
October 07OM-7.2.3
Rule OM-7.2.1 applies to all transactions entered into by a
Bahraini Islamic bank licensee , whether booked in Bahrain or in an overseas branch. With respect to overseas Islamic bank licensees, it applies only to transactions booked in the Bahrain branch.October 07OM-7.2.4
In the case of
overseas Islamic bank licensees , Rule OM-7.2.1 therefore only applies to business booked in the Bahrain branch, not in the rest of the company.October 07OM-7.3 OM-7.3 Other Records
Corporate Records
OM-7.3.1
Islamic bank licensees must maintain the following records in original form or in hard copy at their premises in Bahrain:(a) Internal policies, procedures and operating manuals;(b) Corporate records, including minutes ofshareholders ',Directors ' and management meetings;(c) Correspondence with the CBB and records relevant to monitoring compliance with CBB requirements;(d) Reports prepared by theIslamic bank licensee's internal and external auditors; and(e) Employee training manuals and records.October 07OM-7.3.2
In the case of
Bahrain Islamic bank licensees , these requirements apply to the licensee as a whole, including any overseas branches. In the case ofoverseas Islamic bank licensees , all the requirements of Chapter OM-7 are limited to the business booked in their branch in Bahrain and the records of that branch (see Rule OM-7.1.1). They are thus not required to hold copies of shareholders' and Directors' meetings, except where relevant to the branch's operations.October 07Customer Records
OM-7.3.3
Record-keeping requirements with respect to customer records, including customer identification and due diligence records, are contained in Module FC (Financial Crime). These requirements address specific requirements under the Amiri Decree Law No. 4 of 2001, the standards promulgated by the Financial Action Task Force, as well as to the best practice requirements of the Basel Committee Core Principles methodology, and its paper on "Customer due diligence for banks".
October 07Promotional Schemes
OM-7.3.4
Islamic bank licensees must maintain all material related to promotional schemes as outlined in Section BC-1.1 for a minimum period of 5 years.Added: April 2011OM-8 OM-8 Qualitative Aspects
OM-8.1 OM-8.1 Introduction
OM-8.1.1
The contents of this Chapter apply in full to all
Bahraini Islamic bank licensees both on a consolidated basis and on a solo basis.Added: October 2012OM-8.1.1A
This Chapter may be used as guidance for
overseas Islamic bank licensees .Added: October 2012OM-8.1.1.B
Section CA-6.2 of the Capital Adequacy Module allows banks to use either the basic indicator approach or standardised approach to compute capital charge for operational risk. This chapter sets out the qualitative aspect of these two approaches.
Added: October 2012OM-8.1.2
Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events which includes but is not limited to, legal risk1 and Shariah compliance risk. This definition excludes strategic and reputational risk.
Added: October 2012
1 Legal risk includes, but is not limited to, exposure to fines, penalties, or punitive damages resulting from supervisory actions, as well as private settlements.
OM-8.1.3
Operational risk is inherent in all banking products, activities, processes and systems, and the effective management of operational risk must be a fundamental element of a bank's risk management programme. Sound operational risk governance relies upon three lines of defence:
(a) Business line management;(b) An independent operational risk management function; and(c) Independent review functions.Added: October 2012OM-8.1.4
In the context of this Chapter, 'independent' and 'independent review' have the following meanings. The review functions must be independent of the risk generating business lines or the process or system under review. An independent review would include the following components:
(a) Verification of theFramework is done on a periodic basis and would be typically performed by the bank's internal and/or external audit, but may involve other suitably qualified independent parties from external sources. Verification activities test the effectiveness of the overallFramework , consistent with policies approved by the board of directors, and also test validation processes to ensure that they are independent and implemented in a manner consistent with established bank policies; and(b) Validation ensures that the quantification systems used by the bank are sufficiently robust and provide assurance of the integrity of inputs, assumptions, processes and outputs. Specifically the independent validation process should provide enhanced assurance that the risk management methodology results in an operational risk capital charge that credibly reflects the operational risk profile of the bank. In addition to the quantitative aspects of internal validation, the validation of data inputs, methodology and outputs of operational risk models is important to the overall process.Added: October 2012OM-8.1.5
The operational risk management function must be functionally independent of the risk generating business lines and will be responsible for the design, maintenance and ongoing development of the operational risk Framework (
"Framework " – see also Paragraphs OM-8.2.12 and OM-8.2.13 for a description of the "Framework") within the bank.Added: October 2012OM-8.1.6
For the purpose of Paragraph OM-8.1.5, "functionally independent" means that the risk management function cannot report hierarchically and/or functionally to any person or function that is directly responsible for risk generation.
Added: October 2012OM-8.1.7
The operational risk management function should include the operational risk measurement and reporting processes, risk committees and responsibility for board reporting. A key function of the operational risk management function is to challenge the business lines' inputs to, and outputs from, the bank's risk management, risk measurement and reporting systems. The operational risk management function should have a sufficient number of personnel skilled in the management of operational risk to effectively address its many responsibilities.
Added: October 2012OM-8.1.8
The independent review functions are the audit and compliance functions and the staff occupying these functions must be competent and appropriately trained and not be involved in the development, implementation and operation of the operational risk
Framework (for example, internal audit and compliance must not be involved with the setting of risk appetite or risk tolerance, but internal audit should be reviewing the robustness of the process of how these limits are set and why and how they are adjusted in response to changing circumstances). Internal Audit should independently verify that theFramework has been implemented as intended and is functioning effectively. Internal audit coverage should include opining on the overall appropriateness and adequacy of theFramework and the associated governance processes across the bank. Internal audit should not simply be testing for compliance with board approved policies and procedures, but should be evaluating whether theFramework meets organisational needs and supervisory expectations. More details on the Internal Audit Function and the Role of the Audit Committee are to be found in Chapter HC-3.Added: October 2012OM-8.2 OM-8.2 Basic Indicator Approach
OM-8.2.1
Banks applying the basic indicator approach for capital adequacy purposes as detailed in Section CA-6.2 of Module CA (Capital Adequacy) are encouraged to comply with the principles set forth in this Section.
Added: October 2012Fundamental Principles of Operational Risk Management
OM-8.2.2
Principle 1: The board of directors must take the lead in establishing a strong risk management culture. The board of directors and senior management must establish a corporate culture that is guided by strong risk management and that supports and provides appropriate standards and incentives for professional and responsible behaviour. In this regard, it is the responsibility of the board of directors to ensure that a strong operational risk management culture exists throughout the whole organisation.
Added: October 2012OM-8.2.3
Banks with a strong culture of risk management and ethical business practices are less likely to experience potentially damaging operational risk events and are better placed to deal effectively with those events that do occur. The actions of the board and senior management, and policies, processes and systems provide the foundation for a sound risk management culture. More details on the role of the board and
senior management are to be found in Chapters HC-1, HC-2, and HC-6 as well as in Chapters CM-1 and OM-2.Added: October 2012OM-8.2.4
The board must establish a code of conduct or an ethics policy that sets clear expectations for integrity and ethical values of the highest standard and identify acceptable business practices and prohibited conflicts (see Section HC-2.2).
Added: October 2012OM-8.2.5
Clear expectations and accountabilities ensure that bank staff understand their roles and responsibilities for risk, as well as their authority to act. Strong and consistent
senior management support for risk management and ethical behaviour convincingly reinforces codes of conduct and ethics, compensation strategies, and training programmes.Added: October 2012OM-8.2.6
Compensation policies must be aligned to the bank's statement of risk appetite and tolerance, long-term strategic direction, financial goals and overall safety and soundness. They must also appropriately balance risk and reward (see Chapter HC-5 concerning remuneration).
Added: October 2012OM-8.2.7
Banks should refer to the Financial Stability Board's Principles for Sound Compensation Practices, published in September 2009 regarding compensation policies.
Added: October 2012OM-8.2.8
Senior management should ensure that an appropriate level of operational risk training is available at all levels throughout the organisation. Training that is provided should reflect the seniority, role and responsibilities of the individuals for whom it is intended.Added: October 2012OM-8.2.9
Principle 2: Banks must develop, implement and maintain a
Framework that is fully integrated into the bank's overall risk management processes. TheFramework for operational risk management chosen by an individual bank will depend on a range of factors, including its nature, size, complexity and risk profile.Added: October 2012OM-8.2.10
The fundamental premise of sound risk management is that the board of directors and bank management understand the nature and complexity of the risks inherent in the portfolio of bank products, services and activities. This is particularly important for operational risk, given that operational risk is inherent in all business products, activities, processes and systems.
Added: October 2012OM-8.2.11
A vital means of understanding the nature and complexity of operational risk is to have the components of the
Framework fully integrated into the overall risk management processes of the bank. TheFramework should be appropriately integrated into the risk management processes across all levels of the organisation including those at the group and business line levels, as well as into new business initiatives. products, activities, processes and systems. In addition, results of the bank's operational risk assessment should be incorporated into the overall bank business strategy development processes.Added: October 2012OM-8.2.12
The
Framework must be comprehensively and appropriately documented in board of directors approved policies and must include definitions of operational risk and operational loss. Banks that do not adequately describe and classify operational risk and loss exposure may significantly reduce the effectiveness of theirFramework .Added: October 2012OM-8.2.13
Framework documentation must clearly:(a) Identify the governance structures used to manage operational risk, including reporting lines and accountabilities;(b) Describe the risk assessment tools and how they are used;(c) Describe the bank's accepted operational risk appetite and tolerance (see Paragraphs OM-8.2.17 and OM-8.2.18), as well as thresholds or limits for inherent and residual risk, and approved risk mitigation strategies and instruments;(d) Describe the bank's approach to establishing and monitoring thresholds or limits for inherent and residual risk exposure;(e) Establish risk reporting and Management Information Systems (MIS);(f) Provide for a common taxonomy of operational risk terms to ensure consistency of risk identification, exposure rating and risk management objectives;(g) Provide for appropriate independent review and assessment of operational risk; and(h) Require the policies to be reviewed whenever a material change in the operational risk profile of the bank occurs, and revised as appropriate.Added: October 2012Governance: The Board of Directors
OM-8.2.14
Principle 3: The board of directors must establish, approve and periodically review the
Framework . The board of directors must overseesenior management to ensure that the policies, processes and systems are implemented effectively at all decision levels.Added: October 2012OM-8.2.15
The board of directors must:
(a) Establish a management culture, and supporting processes, to understand the nature and scope of the operational risk inherent in the bank's strategies and activities, and develop comprehensive, dynamic oversight and control environments that are fully integrated into or coordinated with the overallFramework for managing all risks across the enterprise;(b) Provide senior management with clear guidance and direction regarding the principles underlying theFramework and approve the corresponding policies developed by senior management;(c) Regularly review theFramework to ensure that the bank has identified and is managing the operational risk arising from external market changes and other environmental factors, as well as those operational risks associated with new products, activities, processes or systems, including changes in risk profiles and priorities (e.g. changing business volumes);(d) Ensure that the bank'sFramework is subject to effective independent review by audit or other appropriately trained parties such as the compliance function; and(e) Ensure that as best practice evolves, management is availing themselves of these advances.Added: October 2012OM-8.2.16
Strong internal controls are a critical aspect of operational risk management, and the board of directors must establish clear lines of management responsibility and accountability for implementing a strong control environment. The control environment must provide appropriate independence/separation of duties between operational risk management functions, business lines and support functions.
Added: October 2012OM-8.2.17
Principle 4: The board of directors must approve and review a risk appetite and tolerance statement for operational risk that articulates the nature, types and levels of operational risk that the bank is willing to assume.
Added: October 2012OM-8.2.18
When approving and reviewing the risk appetite and tolerance statement, the board of directors must consider all relevant risks, the bank's level of risk aversion, its current financial condition and the bank's strategic direction. The risk appetite and tolerance statement should encapsulate the various operational risk appetites within a bank and ensure that they are consistent. The board of directors must approve appropriate thresholds or limits for specific operational risks, and an overall operational risk appetite and tolerance.
Added: October 2012OM-8.2.19
The board of directors must regularly review the appropriateness of limits and the overall operational risk appetite and tolerance statement. This review must consider changes in the external environment, material increases in business or activity volumes, the quality of the control environment, the effectiveness of risk management or mitigation strategies, loss experience, and the frequency, volume or nature of limit breaches. The board must monitor management adherence to the risk appetite and tolerance statement and provide for timely detection and remediation of breaches.
Added: October 2012Senior Management
OM-8.2.20
Principle 5:
Senior management must develop for approval by the board of directors a clear, effective and robust governance structure with well defined, transparent and consistent lines of responsibility. Senior management is responsible for consistently implementing and maintaining throughout the organisation policies, processes and systems for managing operational risk in all of the bank's material products, activities, processes and systems consistent with the risk appetite and tolerance.Added: October 2012OM-8.2.21
Senior management is responsible for establishing and maintaining robust challenge mechanisms and effective issue-resolution processes. These must include systems to report, track and, when necessary, escalate issues to ensure resolution. Banks must be able to demonstrate that the three lines of defence (as highlighted in Paragraph OM-8.1.3) approach is operating satisfactorily and to explain how the board andsenior management ensure that this approach is implemented and operating in an appropriate and acceptable manner.Added: October 2012OM-8.2.22
Senior management must translate the operational risk managementFramework established by the board of directors into specific policies, processes and procedures that can be implemented and verified within the different business units.Senior management must clearly assign authority, responsibility and reporting relationships to encourage and maintain this accountability, and ensure that the necessary resources are available to manage operational risk in line with the bank's risk appetite and tolerance statement. Moreover,senior management must ensure that the management oversight process is appropriate for the risks inherent in a business unit's activity.Added: October 2012OM-8.2.23
Senior management must ensure that staff responsible for managing operational risk coordinate and communicate effectively with staff responsible for managing credit, market, and other risks, as well as with those in the bank who are responsible for the procurement of external services such as insurance risk transfer and outsourcing arrangements. Failure to do so could result in significant gaps or overlaps in a bank's overall risk management programme.Added: October 2012OM-8.2.24
A bank's risk management function should be commensurate with the nature, size, complexity and risk profile of the bank's activities. The managers of the corporate operational risk management function should be of sufficient stature within the bank to perform their duties effectively, ideally evidenced by title commensurate with other risk management functions such as credit, market and liquidity risk.
Added: October 2012OM-8.2.25
Senior management should ensure that bank activities are conducted by staff with the necessary experience, technical capabilities and access to resources. Staff responsible for monitoring and enforcing compliance with the institution's risk policy should have authority independent from the units they oversee.Added: October 2012OM-8.2.26
A bank's governance structure should be commensurate with the nature, size, complexity and risk profile of its activities. When designing the operational risk governance structure, a bank must take the following into consideration:
(a) Committee structure;(b) Committee composition; and(c) Committee operation.Added: October 2012OM-8.2.27
Sound industry practice for larger and more complex organisations with a central group function and separate business units is to utilise a board-created enterprise level risk committee for overseeing all risks, to which a management level operational risk committee reports. Depending on the nature, size and complexity of the bank, the enterprise level risk committee may receive input from operational risk committees by country, business or functional area. Smaller and less complex organisations may utilise a flatter organisational structure that oversees operational risk directly within the board's risk management committee.
Added: October 2012OM-8.2.28
Sound industry practice is for operational risk committees (or the risk committee in smaller banks) to include a combination of members with expertise in business activities and financial, as well as independent risk management (refer to Module HC for details on committee membership).
Added: October 2012OM-8.2.29
Committee meetings should be held at appropriate frequencies with adequate time and resources to permit productive discussion and decision-making. Records of committee operations should be adequate to permit review and evaluation of committee effectiveness.
Added: October 2012Risk Management Environment: Identification and Assessment
OM-8.2.30
Principle 6:
Senior management must ensure the identification and assessment of the operational risk inherent in all material products, activities, processes and systems to make sure the inherent risks and incentives are well understood.Added: October 2012OM-8.2.31
Risk identification and assessment are fundamental characteristics of an effective operational risk management system. Effective risk identification considers both internal factors (such as the bank's structure, the nature of the bank's activities, the quality of the bank's human resources, organisational changes and employee turnover) and external factors (such as changes in the broader environment and the industry and advances in technology). Sound risk assessment allows the bank to better understand its risk profile and allocate risk management resources and strategies most effectively.
Added: October 2012OM-8.2.32
Examples of tools that may be used for identifying and assessing operational risk include:
(a) Audit Findings: While audit findings primarily focus on control weaknesses and vulnerabilities, they can also provide insight into inherent risk due to internal or external factors;(b) Internal Loss Data Collection and Analysis: Internal operational loss data provides meaningful information for assessing a bank's exposure to operational risk and the effectiveness of internal controls. Analysis of loss events can provide insight into the causes of large losses and information on whether control failures are isolated or systematic. Banks may also find it useful to capture and monitor operational risk contributions to credit and market risk related losses in order to obtain a more complete view of their operational risk exposure;(c) External Data Collection and Analysis: External data elements consist of gross operational loss amounts, dates, recoveries, and relevant causal information for operational loss events occurring at organisations other than the bank. External loss data can be compared with internal loss data, or used to explore possible weaknesses in the control environment or consider previously unidentified risk exposures;(d) Risk Assessments: In a risk assessment, often referred to as a Risk Self Assessment (RSA), a bank assesses the processes underlying its operations against a library of potential threats and vulnerabilities and considers their potential impact. A similar approach, Risk Control Self Assessments (RCSA), typically evaluates inherent risk (the risk before controls are considered), the effectiveness of the control environment, and residual risk (the risk exposure after controls are considered). Scorecards build on RCSAs by weighting residual risks to provide a means of translating the RCSA output into metrics that give a relative ranking of the control environment;(e) Business Process Mapping: Business process mappings identify the key steps in business processes, activities and organisational functions. They also identify the key risk points in the overall business process. Process maps can reveal individual risks, risk interdependencies, and areas of control or risk management weakness. They also can help prioritise subsequent management action;(f) Risk and Performance Indicators: Risk and performance indicators are risk metrics and/or statistics that provide insight into a bank's risk exposure. Risk indicators, often referred to as Key Risk Indicators (KRIs), are used to monitor the main drivers of exposure associated with key risks. Performance indicators, often referred to as Key Performance Indicators (KPIs), provide insight into the status of operational processes, which may in turn provide insight into operational weaknesses, failures, and potential loss. Risk and performance indicators are often paired with escalation triggers to warn when risk levels approach or exceed thresholds or limits and prompt mitigation plans;(g) Scenario Analysis: Scenario analysis is a process of obtaining expert opinion of business line and risk managers to identify potential operational risk events and assess their potential outcome. Scenario analysis is an effective tool to consider potential sources of significant operational risk and the need for additional risk management controls or mitigation solutions. Given the subjectivity of the scenario process, a robust governanceFramework is essential to ensure the integrity and consistency of the process;(h) Measurement: Larger banks may find it useful to quantify their exposure to operational risk by using the output of the risk assessment tools as inputs into a model that estimates operational risk exposure. The results of the model can be used in an economic capital process and can be allocated to business lines to link risk and return; and(i) Comparative Analysis: Comparative analysis consists of comparing the results of the various assessment tools to provide a more comprehensive view of the bank.s operational risk profile. For example, comparison of the frequency and severity of internal data with RCSAs can help the bank determine whether self assessment processes are functioning effectively. Scenario data can be compared to internal and external data to gain a better understanding of the severity of the bank's exposure to potential risk events.Added: October 2012OM-8.2.33
The bank must ensure that the internal pricing and performance measurement mechanisms appropriately take into account operational risk. Where operational risk is not considered, risk-taking incentives might not be appropriately aligned with the risk appetite and tolerance.
Added: October 2012OM-8.2.34
Principle 7:
Senior management must ensure that there is an approval process for all new products, activities, processes and systems that fully assesses operational risk.Added: October 2012OM-8.2.35
In general, a bank's operational risk exposure is increased when a bank engages in new activities or develops new products; enters unfamiliar markets; implements new business processes or technology systems; and/or engages in businesses that are geographically distant from the head office. Moreover, the level of risk may escalate when new products activities, processes, or systems transition from an introductory level to a level that represents material sources of revenue or business-critical operations. A bank should ensure that its risk management control infrastructure is appropriate at inception and that it keeps pace with the rate of growth of, or changes to, products activities, processes and systems.
Added: October 2012OM-8.2.36
A bank must have policies and procedures that address the process for review and approval of new products, activities, processes and systems. The review and approval process should consider:
(a) Inherent risks in the new product, service, or activity;(b) Changes to the bank's operational risk profile and appetite and tolerance, including the risk of existing products or activities;(c) The necessary controls, risk management processes, and risk mitigation strategies;(d) The residual risk;(e) Changes to relevant risk thresholds or limits; and(f) The procedures and metrics to measure, monitor, and manage the risk of the new product or activity.Added: October 2012OM-8.2.37
The approval process should also include ensuring that appropriate investment has been made for human resources and technology infrastructure before new products are introduced. The implementation of new products, activities, processes and systems should be monitored in order to identify any material differences to the expected operational risk profile, and to manage any unexpected risks.
Added: October 2012Monitoring and Reporting
OM-8.2.38
Principle 8:
Senior management must implement a process to regularly monitor operational risk profiles and material exposures to losses. Appropriate reporting mechanisms must be in place at the board,senior management , and business line levels that support proactive management of operational risk.Added: October 2012OM-8.2.39
Banks are encouraged to continuously improve the quality of operational risk reporting. A bank should ensure that its reports are comprehensive, accurate, consistent and actionable across business lines and products. Reports should be manageable in scope and volume; effective decision-making is impeded by both excessive amounts and paucity of data.
Added: October 2012OM-8.2.40
Reporting should be timely and a bank should be able to produce reports in both normal and stressed market conditions. The frequency of reporting should reflect the risks involved and the pace and nature of changes in the operating environment. The results of these monitoring activities should be included in regular management and board reports, as should assessments of
Framework performed by the internal audit and/or risk management and compliance functions. Reports generated by (and/or for) supervisory authorities should also be reported internally tosenior management and the board, where appropriate.Added: October 2012OM-8.2.41
Operational risk reports may contain internal financial, operational, and compliance indicators, as well as external market or environmental information about events and conditions that are relevant to decision making. Operational risk reports should include:
(a) Breaches of the bank's risk appetite and tolerance statement, as well as thresholds or limits;(b) Details of recent significant internal operational risk events and losses; and(c) Relevant external events and any potential impact on the bank and operational risk capital.Added: October 2012OM-8.2.42
Data capture and risk reporting processes should be analysed periodically with a view to continuously enhancing risk management performance as well as advancing risk management policies, procedures and practices.
Added: October 2012Control and Mitigation
OM-8.2.43
Principle 9: Banks must have a strong control environment that utilises:
(a) Policies, processes and systems;(b) Appropriate internal controls; and(c) Appropriate risk mitigation and/or transfer strategies.Added: October 2012OM-8.2.44
Internal controls must be designed to provide assurance that a bank will:
(a) Have efficient and effective operations;(b) Safeguard its assets;(c) Produce reliable financial reports; and(d) Comply with applicable laws and regulations.Added: October 2012OM-8.2.45
A sound internal control programme consists of five components that are integral to the risk management process: control environment, risk assessment, control activities, information and communication, and monitoring activities. These components are outlined in more detail in the Basel Committee paper "Framework for Internal Control Systems in Banking Organisations".
Added: October 2012OM-8.2.46
Control processes and procedures should be established and banks should have a system in place for ensuring compliance with a documented set of internal policies concerning the risk management system. Principal elements of this could include, for example:
(a) Top-level reviews of the bank's progress towards the stated objectives;(b) Verifying compliance with management controls;(c) Review of the treatment and resolution of instances of non-compliance;(d) Evaluation of required approvals and authorisations to ensure accountability to an appropriate level of management; and(e) Tracking reports for approved exceptions to thresholds or limits, management overrides and other deviations from policy.Added: October 2012OM-8.2.47
An effective internal control environment also requires appropriate segregation of duties. Assignments that establish conflicting duties for individuals, or a team without dual controls or other countermeasures may enable concealment of losses, errors or inappropriate actions. Therefore, areas of potential conflicts of interest should be identified, minimised, and subject to careful independent monitoring and review.
Added: October 2012OM-8.2.48
In addition to segregation of duties and dual controls, banks should ensure that other traditional internal controls are in place as appropriate to address operational risk. Examples of these controls include:
(a) Clearly established authorities and/or processes for approval;(b) Close monitoring of adherence to assigned risk limits or thresholds;(c) Safeguards for access to, and use of, bank assets and records;(d) Appropriate staffing level and training to maintain expertise;(e) Ongoing processes to identify business lines or products where returns appear to be out of line with reasonable expectations;(f) Regular verification and reconciliation of transactions and accounts; and(g) A vacation policy that provides for officers and employees being absent from their duties for a period of not less than two consecutive weeks.Added: October 2012OM-8.2.49
Effective use and sound implementation of technology can contribute to the control environment. For example, automated processes are less prone to error than manual processes. However, automated processes introduce risks that must be addressed through sound technology governance and infrastructure risk management programmes.
Added: October 2012OM-8.2.50
The use of technology related products, activities, processes and delivery channels exposes a bank to strategic, operational, and reputational risks and the possibility of material financial loss. Consequently, a bank should have an integrated approach to identifying, measuring, monitoring and managing technology risks. Sound technology risk management uses the same precepts as operational risk management and includes:
(a) Governance and oversight controls that ensure technology, including outsourcing arrangements, is aligned with and supportive of the bank's business objectives;(b) Policies and procedures that facilitate identification and assessment of risk;(c) Establishment of a risk appetite and tolerance statement as well as performance expectations to assist in controlling and managing risk;(d) Implementation of an effective control environment and the use of risk transfer strategies that mitigate risk; and(e) Monitoring processes that test for compliance with policy thresholds or limits.Added: October 2012OM-8.2.51
Management should ensure the bank has a sound technology infrastructure that:
(a) Meets current and long-term business requirements by providing sufficient capacity for normal activity levels as well as peaks during periods of market stress;(b) Ensures data and system integrity, security, and availability; and(c) Supports integrated and comprehensive risk management.Added: October 2012OM-8.2.52
Mergers and acquisitions resulting in fragmented and disconnected infrastructure, cost-cutting measures or inadequate investment can undermine a bank's ability to aggregate and analyse information across risk dimensions or the consolidated enterprise, manage and report risk on a business line or legal entity basis, or oversee and manage risk in periods of high growth. Management should make appropriate capital investment or otherwise provide for a robust infrastructure at all times, particularly before mergers are consummated, high growth strategies are initiated, or new products are introduced.
Added: October 2012OM-8.2.53
In those circumstances where internal controls do not adequately address risk and exiting the risk is not a reasonable option, management can complement controls by seeking to transfer the risk to another party such as through insurance. The board of directors should determine the maximum loss exposure the bank is willing and has the financial capacity to assume, and should perform an annual review of the bank's risk and insurance management programme.
Added: October 2012OM-8.2.54
Because risk transfer is an imperfect substitute for sound controls and risk management programmes, banks should view risk transfer tools as complementary to, rather than a replacement for, thorough internal operational risk control. Having mechanisms in place to quickly identify, recognise and rectify distinct operational risk errors can greatly reduce exposures. Careful consideration also needs to be given to the extent to which risk mitigation tools such as insurance truly reduce risk, transfer the risk to another business sector or area, or create a new risk (e.g. counterparty risk).
Added: October 2012Role of Disclosure
OM-8.2.55
Principle 10: A bank's public disclosures must allow stakeholders to assess its approach to operational risk management.
Added: October 2012OM-8.2.56
A bank's public disclosure of relevant operational risk management information can lead to transparency and the development of better industry practice through market discipline. The amount and type of disclosure should be commensurate with the size, risk profile and complexity of a bank's operations, and evolving industry practice. See also Chapter HC-8 and Chapter PD-1 on disclosure requirements.
Added: October 2012OM-8.2.57
A bank should disclose its operational risk management
Framework in a manner that will allow stakeholders to determine whether the bank identifies, assesses, monitors and controls/mitigates operational risk effectively.Added: October 2012OM-8.2.58
A bank's disclosures should be consistent with how
senior management and the board of directors assess and manage the operational risk of the bank.Added: October 2012OM-8.2.59
A bank must have a formal disclosure policy approved by the board of directors that addresses the bank's approach for determining what operational risk disclosures it will make and the internal controls over the disclosure process. In addition, banks must implement a process for assessing the appropriateness of their disclosures, including the verification and frequency of them.
Added: October 2012OM-8.3 OM-8.3 Standardised Approach
OM-8.3.1
Banks applying standardised approach for capital adequacy purposes as detailed in section CA-6.2 of Capital Adequacy Module, must satisfy the principles set out in section OM-8.2 and in this Section. In order to qualify for use of the Standardised Approach, a bank must satisfy the CBB that, at a minimum:
(a) Its board of directors and senior management, as appropriate, are actively involved in the oversight of the operational risk management framework (see principles 1–3);(b) It has an operational risk management system that is conceptually sound and is implemented with integrity (see principles 4–7); and(c) It has sufficient resources in the use of the approach in the major business lines as well as the control and audit areas.Amended: October 2012
Added: April 08OM-8.3.2
The CBB will have the right to insist on a period of initial monitoring of a bank’s Standardised Approach before it is used for regulatory capital purposes.
Added: April 08OM-8.3.3
A bank must develop specific policies and have documented criteria for mapping gross income for current business lines and activities into the standardised framework. The criteria must be reviewed and adjusted for new or changing business activities as appropriate. Further guidance on business line mapping is set out in paragraph CA-6.2.8 of the Capital Adequacy Module.
Added: April 08OM-8.3.4
A bank using the standardised approach must meet the following additional criteria:
(a) The bank must have an operational risk management system with clear responsibilities assigned to an operational risk management function. The operational risk management function is responsible for developing strategies to identify, assess, monitor and control/mitigate operational risk; for codifying bank-level policies and procedures concerning operational risk management and controls; for the design and implementation of the bank's operational risk assessment methodology; and for the design and implementation of a risk-reporting system for operational risk;(b) As part of the bank's internal operational risk assessment system, the bank must systematically track relevant operational risk data including material losses by business line. Its operational risk assessment system must be closely integrated into the risk management processes of the bank. Its output must be an integral part of the process of monitoring and controlling the banks operational risk profile. For instance, this information must play a prominent role in risk reporting, management reporting, and risk analysis. The bank must have techniques for creating incentives to improve the management of operational risk throughout the bank;(c) There must be regular reporting of operational risk exposures, including material operational losses, to business unit management, senior management, and to the board of directors. The bank must have procedures for taking appropriate action according to the information within the management reports;(d) [This subparagraph was deleted in October 2012];(e) [This subparagraph was deleted in October 2012]; and(f) The bank's operational risk assessment system (including the internal validation processes) must be subject to regular review by external auditors and /or the CBB.Amended: October 2012
Added: April 08Appendix OM-1
Set out below are examples of Shariah requirements that are to be complied with by the banks in respect of the financing contracts. The list is for guidance purposes and not conclusive and may vary according to the views of the various Shariah Supervisory Board (SSB):
(a) Murabahah and Ijarah contracts• The asset is in existence at the time of sale or lease or, in case of Ijarah, the lease contract should be preceded by acquisition of the usufruct of the asset except if the asset was agreed upon based on a general specification.• The asset is legally owned by the bank when it is offered for sale.• The asset is intended to be used by the buyer/ lessee for activities or businesses permissible by Shariah; if the asset is leased back to its owner in the first lease period, it should not lead to contract of ‘inah, by varying the rent or the duration.• There is no late payment, penalty fee or increase in price in exchange for extending or rescheduling the date of payment of accounts receivable or lease receivable, irrespective of whether the debtor is solvent or insolvent.(b) Salam and Istisna’ contracts• A sale and purchase contract cannot be inter-dependent and inter-conditional on each other, such as Salam and Parallel Salam; Istisna’ and Parallel Istisna’.• It is not allowed to stipulate a penalty clause in respect of delay in delivery of a commodity that is purchased under Salam contract, however it is allowed under Istisna’ or Parallel Istisna’.• The subject-matter of an Istisna’ contract may not physically exist upon entering into the contract.(c) Musharakah and Mudarabah contracts• The capital of the bank is to be invested in Shariah compliant investments or business activities.• A partner in Musharakah cannot guarantee the capital of another partner or a Midrib guarantees the capital of the Mudarabah.• The purchase price of other partner’s share in a Musharakah with a binding promise to purchase can only be set as per the market value or as per the agreement at the date of buying. It is not permissible, however, to stipulate that the share be acquired at its face value.Added: April 08OM OM Operational Risk Management
OM-A OM-A Introduction
OM-A.1 OM-A.1 Purpose
OM-A.1.1
The purpose of this module is to provide rules and guidance to banks operating in Bahrain on establishing parameters and control procedures to monitor and mitigate operational risks.
OM-A.1.2
This module provides support for certain other parts of the Rulebook, mainly:
(a) Principles of Business; and(b) High Level Controls.OM-A.1.3
The contents of this Module apply to all banks, except where noted in individual chapters.
OM-A.2 OM-A.2 Key requirements
General procedures
OM-A.2.1
Banks' management must establish written policies and procedures to manage risks arising out of the banks' activities.
Outsourcing
OM-A.2.2
A licensee must formally notify the Agency and seek its prior approval before committing to a new material outsourcing arrangement. The notification must:
(a) be made in writing to the licensee's normal supervisory contact;(b) contain sufficient detail to demonstrate that relevant issues raised in section OM-2.4 onward of this chapter have been addressed; and(c) be made at least 6 weeks before the licensee intends to commit to the arrangement.OM-A.2.3
Once an outsourcing arrangement has been implemented, the Agency requires a licensee to continue to monitor the associated risks and the effectiveness of its mitigating controls.
Electronic money and electronic banking activities
OM-A.2.4
The Agency specifically urges the licensees to use the 'Fourteen Risk Management Principles and Sound Practices' set out in the Basel's Committee paper stated in section OM-3.1 below, as guidelines, in order to recognise, address and manage risks associated with e-banking in a prudent manner.
Business continuity, contingency planning and security
OM-A.2.5
Banks must submit their
succession plans for their senior management team to the Agency. Locally incorporated banks must confirm that the plan has been reviewed and endorsed at Board level. This information should be submitted to the Agency by the end of each calendar year.OM-A.2.6
All full commercial banks must implement security measures which satisfy the Agency's minimum requirements as laid out in Chapter OM-5. These measures include external physical security measures as well as internal measures for staff security and the handling of cash.
OM-A.3 OM-A.3 Regulation history
OM-A.3.1
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
OM-A.3.2
A list of most recent changes made to this module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes OM-5 01/04/05 New Securities Measures OM-4.2 01/10/05 Succession planning for locally incorporated banks OM-5.1 01/10/05 Clarification of security manager role for smaller banks and deletion of requirement for cash trays OM-B & OM-1.2 01/04/06 Minor amendments concerning roles of Board and management and editing of OM B. OM-5.1.15 –OM-5.1.24 01/04/06 New security requirements for ATM security arrangements and reporting of security related complaints Evolution of the Module
OM-A.3.3
Prior to the development of this Rulebook, the Agency had issued various circulars representing regulations covering different aspects of operational risk management. These circulars have now been consolidated into this module covering the operational risk management regulation. These circulars and their evolution into this module are listed below:
Circular Ref. Date of Issue Module Ref. Circular Subject BC/3/98 21 Feb 1998 OM-B Basel Committee on Banking Supervision Framework for the Evaluation of Internal Control Systems BS/9/03 14 Sep 2003 OM-1 Operational Risk Management ODG/162/03 21 May 2003 OM-2 Outsourcing BC/9/98 16 Jun 1998 OM-3 Electronic Money and Electronic Banking Activities BC/6/02 24 Jun 2002 OM-3 Risk Management Principles for Electronic Banking ODG/347/03 28 Sep 2003 OM-4.2 Succession Planning Effective date
OM-A.3.4
The contents in this module are effective from the date depicted in the original circulars (see paragraph OM-A.3.3) or from the date shown in the Module Footer.
OM-B OM-B General guidance and best practice
OM-B.1 OM-B.1 Guidance provided by other international bodies
OM-B.1.1
The papers below provide guidance which promotes best practice and can be generally applied by all licensees to their activities.
Basel Committee: Framework for Internal Controls Systems in Banking Organisations
OM-B.1.2
The paper (see www.bis.org/publ/bcbs40.pdf) issued in September 1998 presents the first internationally accepted framework for supervisors to use in evaluating the effectiveness of the internal controls over all on and off balance sheet activities of banking organizations.
OM-B.1.3
The paper describes elements that are essential to a sound internal control system, recommends principles that supervisors can apply in evaluating such systems, and discusses the role of bank supervisors and external auditors in this assessment process.
Basel Committee: Sound Practices for the Management and Supervision of Operational Risk
OM-B.1.4
The paper (see www.bis.org/publ/bcbs96.pdf) issued in February 2003 by the Risk Management Group of the
Basel Committee on Banking Supervision, outlines a set of principles that provide a framework for the effective management and supervision of operational risk, for use by banks and supervisory authorities when evaluating operational risk management policies and practices.OM-B.1.5
The paper also recognises that clear strategies and oversight by the Board of Directors and senior management, a strong operational risk culture and internal control culture (including, among other things, clear lines of responsibility and segregation of duties), effective internal reporting, and contingency planning are all crucial elements of an effective operational risk management framework for banks of any size and scope.
Basel Committee: Risk Management for Electronic Banking and Electronic Money Activities
OM-B.1.6
The paper (see www.bis.org/publ/bcbs35.pdf) issued in March 1998 provides guidelines for supervisory authorities and banking organisations as they develop methods for identifying, assessing, managing and controlling the risks associated with
electronic banking andelectronic money .OM-B.1.7
The paper indicates that, while providing new opportunities for banks,
electronic banking andelectronic money activities carry risks as well as benefits and it is important that these risks are recognised and managed in a prudent manner.Basel Committee: Risk Management Principles for Electronic Banking
OM-B.1.8
The paper (see www.bis.org/publ/bcbs98.pdf) issued in July 2003 recognizes new risks associated with the increase in distribution of financial services through electronic channels, or e-banking. To emphasize the importance of these risks, the Committee have placed responsibility on the shoulders of the Board and senior management to ensure their institutions have analysed, identified and modified operations to mitigate these risks.
OM-B.1.9
To facilitate these developments, the Committee has identified fourteen Risk Management Principles for
Electronic Banking to help banking institutions expand their existing risk oversight policies and processes to cover their e-banking activities.OM-B.1.10
The Risk Management Principles fall into three broad, and often overlapping, categories of issues that are grouped to provide clarity: Board and Management Oversight; Security Controls; and Legal and
Reputational Risk Management.OM-1 OM-1 General procedures
OM-1.1 OM-1.1 Overview
OM-1.1.1
Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and
reputational risk .OM-1.1.2
Operational risk is inherent in all types of banks' activities, and therefore all new products and services should be reviewed for operational risks prior to their implementation. As these risks are important and can result in substantial losses, bank auditors should include operational audits in the scope of all audits.
OM-1.1.3
The importance of operational risk has gained prominence as increasing reliance on sophisticated technology raises concerns of potential losses should unforeseen events cause technological failures. Banks have traditionally focused on controlling and mitigating credit and liquidity risks, however, enhanced levels of automation, while reducing costs and processing times, also pose potential risks. As such any one process or system failure may itself or through a series of systematic failures, could possibly cause financial or other losses to a bank. Therefore, it has become imperative that banks should establish policies and procedures to monitor and control operational risks.
OM-1.1.4
For detailed guidance on the management of operational risk within a bank, refer to the
Basel Committee paper 'Sound Practices for the Management and Supervision of Operational Risk' (see www.bis.org/publ/bcbs_wp96.htm).OM-1.1.5
The Agency will use the paper mentioned in paragraph OM-1.1.4 as a guideline in evaluation of the internal control systems of banks operating in Bahrain. Such evaluations will be made through the Agency's normal supervisory processes (e.g. meetings with management, on-site examinations (Module BR) and the use of reporting accountants (Module AU)).
OM-1.2 OM-1.2 Developing an appropriate risk management environment
OM-1.2.1
It should be standard practice for a bank's management to establish policies and procedures to manage risks arising out of its activities. The bank should maintain written policies and procedures that identify the risk tolerances of the Board of Directors and should clearly delineate lines of authority and responsibility for managing the risks. Banks' employees should be fully aware of all policies and procedures that relate to their specific duties.
OM-1.2.2
The bank's strategy should define its tolerance for risk and lay out the Board's understanding of the specific characteristics of operational risk.
The Board of Directors
OM-1.2.3
The Board of Directors should be aware of the major aspects of the bank's operational risk as a distinct and controllable risk category.
OM-1.2.4
The responsibilities of the Board of Directors of the bank should include:
(a) approving the bank's operational risk strategy;(b) periodically reviewing the bank's operational risk strategy;(c) approving the basic structure of the framework for managing operational risk; and(d) ensuring that senior management is carrying out its risk management responsibilities.Senior management
OM-1.2.5
The responsibilities of the Senior management of the bank should include:
(a) implementing the operational risk strategy approved by the Board of Directors;(b) ensuring that the strategy is implemented consistently throughout the whole banking organisation;(c) ensuring that all levels of staff understand their responsibilities with respect to operational risk management;(d) developing policies, processes and procedures for managing operational risk in all of the bank's products, activities, processes and systems; and(e) Developing succession plans for senior staff.Management information system
OM-1.2.6
The management information system of a banking organisation plays a key role in establishing and maintaining an effective operational risk management framework. Two key aspects of management information system are:
(a) 'Communication flow' serves the purpose of establishing a consistent operational risk management culture across the bank.(b) 'Reporting flow' enables:1. senior management to monitor the effectiveness of the risk management system for operational risk; and2. the Board of Directors to oversee senior management performance.OM-1.3 OM-1.3 Identification, measurement, monitoring, and control
OM-1.3.1
As part of an effective operational risk management system, banks should:
(a) identify critical processes, resources and loss events;(b) establish processes necessary for measuring operational risk;(c) monitor operational risk exposures and loss events on an on-going basis; and(d) develop policies, processes and procedures to control or mitigate operational risk.OM-1.3.2
Banks should assess the costs and benefits of alternative risk limitation and control strategies and should adjust their operational risk
exposure using appropriate strategies, in light of their overall risk profile.OM-2 OM-2 Outsourcing
OM-2.1 OM-2.1 Introduction
OM-2.1.1
This chapter sets out the Agency's approach to outsourcing by licensees. It also sets out various requirements that licensees must address when considering outsourcing an activity or function.
OM-2.1.2
In the context of this chapter, 'outsourcing' means an arrangement whereby a third party performs on behalf of a licensee an activity which was previously undertaken by the licensee itself (or in the case of a new activity, one which commonly would have been performed internally by the licensee). Examples of services that are typically outsourced include data processing, customer call centres and back-office related activities.
OM-2.1.3
Most of the Regulations in this chapter are concerned with situations where the third party provider is outside the licensee's group. Section OM-2.8, however, sets out the Agency's requirements when a service is outsourced to a company within the licensee's group.
OM-2.1.4
The requirements in this chapter only apply to 'material' outsourcing arrangements. These are arrangements that, if they failed in any way, would pose significant risks to the on-going operations of a licensee, its reputation and/or quality of service provided to its customers. For instance, the outsourcing of all or a substantial part of functions such as customer sales and relationship management, settlements and processing, IT and data processing and financial control, would normally be considered 'material'.
OM-2.1.5
Management should carefully consider whether a proposed outsourcing arrangement falls under this chapter's definition of 'material'. If in doubt, management should consult with the Agency.
OM-2.1.6
The requirements in this chapter only apply to outsourcing arrangements entered into after the issuance of the original circular as depicted in paragraph OM-A.3.3. In the case of pre-existing outsourcing agreements, the Agency requires licensees to apply the requirements of this chapter to the fullest extent possible when these arrangements are subsequently renewed.
Legal source
OM-2.1.7
The BMA "Standard Conditions and Licensing Criteria" require a licensee's activities to be conducted in an orderly manner and subject to appropriate sound risk management systems, in accordance with the regulations, circulars, notices and directions of the Agency.
OM-2.2 OM-2.2 Supervisory approach
OM-2.2.1
The Agency recognises the benefits that can potentially be achieved through outsourcing an activity to a third party provider. They can include reduced costs, enhanced service quality and a reduction in management time spent on non-core activities. However, outsourcing an activity also poses potential risks. These include the ability of the service provider to maintain service quality levels, reduced control over the activity and access to relevant information, and increased legal and client confidentiality risks.
OM-2.2.2
The Agency's approach is to allow licensees the freedom to enter into outsourcing arrangements, providing these have been properly structured and associated risks addressed. The Agency requires prior approval to be sought by licensees wishing to outsource material activities, to give the Agency the opportunity to verify that the proposed arrangements are adequate.
OM-2.2.3
The Agency expects licensees to have undertaken a thorough assessment of a proposal before formally submitting a notification to the Agency. However, the Agency is also willing to discuss ideas informally at an early stage of development, on a 'no-commitment' basis. It especially encourages an early approach when the proposed outsourcing is particularly material or innovative.
OM-2.2.4
Once an outsourcing arrangement has been implemented, the Agency requires a licensee to continue to monitor the associated risks and the effectiveness of its mitigating controls. It will verify this through the course of its normal on-site and off-site supervisory processes, such as on-site examinations and prudential meetings. The Agency also requires access to the outsourced activity, which it may occasionally want to examine itself, through management meetings or on-site examinations.
OM-2.2.5
Fundamental to the Agency's supervisory approach to outsourcing is that the Board and management of the licensee may not abdicate their responsibility for a licensee's business and the way its customers are treated. The Board and management remain ultimately responsible for the effectiveness of systems and controls in outsourced activities.
OM-2.3 OM-2.3 Notifications and prior approval
OM-2.3.1
A licensee must formally notify the Agency and seek its prior approval before committing to a new material outsourcing arrangement.
OM-2.3.2
The above notification must:
(a) be made in writing to the licensee's normal supervisory contact;(b) contain sufficient detail to demonstrate that relevant issues raised in section OM-2.4 onward of this chapter have been addressed; and(c) be made at least 6 weeks before the licensee intends to commit to the arrangement.OM-2.3.3
The Agency will review the information provided and provide a definitive response within 6 weeks of receiving the notification. Where further information is requested from the licensee, however, the time taken to provide this further information will not be taken into account. The Agency may also contact home or host supervisors of the licensee or the service provider, to seek their comments — in such cases, the 6-week turnaround is also subject to the speed of their response.
OM-2.3.4
Once an activity has been outsourced, a licensee must immediately inform its normal supervisory contact at the Agency of any material problems encountered with the outsourcing provider. In exceptional cases, the Agency reserves the right to direct a licensee to make alternative arrangements for the outsourced activity.
OM-2.4 OM-2.4 Risk assessment
OM-2.4.1
Licensees must undertake a thorough risk assessment of an outsourcing proposal, before formally notifying the Agency and committing itself to an agreement.
OM-2.4.2
The risk assessment should — amongst other things — include an analysis of:
(a) the business case;(b) the suitability of the outsourcing provider; and(c) the impact of the outsourcing on the licensee's overall risk profile and its systems and controls framework.OM-2.4.3
In assessing the suitability of the outsourcing provider, the licensee should amongst other things consider its financial soundness, its technical competence, its commitment to the arrangement, and its reputation.
OM-2.4.4
Once an outsourcing agreement has been entered into, licensees must regularly review the suitability of the outsourcing provider and the on-going impact of the agreement on their risk profile and systems and controls framework. Such reviews should take place at least every year.
OM-2.4.5
A licensee must nominate a member of senior management with day-to-day responsibility for handling the relationship with the outsourcing provider and ensuring that relevant risks are addressed. This person should be notified to the Agency as part of the notification required under section OM-2.3 above.
OM-2.5 OM-2.5 Outsourcing agreement
OM-2.5.1
The activities to be outsourced and respective contractual liabilities and obligations of the outsourcing provider and licensee must be clearly specified in an outsourcing agreement. This agreement must — amongst other things — address the following points:
(a) Control over outsourced activities1. The Board and management of licensees are held ultimately responsible by the Agency for the adequacy of systems and controls in outsourced activities. Licensees must therefore ensure that they have adequate mechanisms for monitoring the performance of, and managing the relationship with, the outsourcing provider.2. Aservice level agreement ("SLA") — setting out the standards of service to be provided — must form part of the outsourcing agreement. Where the outsourcing provider interacts directly with a licensee's customers, the SLA should — where relevant — reflect the licensee's own standards regarding customer care.3. Mechanisms for the regular monitoring by licensees of performance against SLA and other targets, and for implementing remedies in case of any shortfalls, should also form part of the agreement.4. Clear reporting and escalation mechanisms should be specified in the agreement.5. Where an outsourcing provider in turn decides to sub-contract to other providers, the original provider must remain contractually liable to the licensee for the quality and level of service agreed, and its obligations to the licensee must remain unchanged.(b) Customer data confidentiality1. Licensees should ensure that outsourcing agreements comply with all applicable legal requirements regarding customer confidentiality.2. Licensees should ensure that the outsourcing provider implements adequate safeguards and procedures. Amongst other things, customer data should be properly segregated from those belonging to other clients the outsourcing provider may have. Outsourcing providers should give suitable undertakings that the company and its staff will comply with all applicable confidentiality rules. Licensees should have contractual rights to take action against the service provider in the event of a breach of confidentiality.3. Licensees should assess the impact of using an overseas-based outsourcing provider on their ability to maintain customer data confidentiality, for instance, because of the powers of local authorities to access such data.(c) Access to information1. Outsourcing agreements must ensure that the licensee's internal and external auditors have timely access to any relevant information they may require to fulfil their responsibilities. Such access must allow them to conduct on-site examinations of the outsourcing provider, if required.2. Licensees must also ensure that the Agency has timely access to any relevant information it may reasonably require under the law. Such access must allow the Agency to conduct on-site examinations of the outsourcing provider, if required.3. Where the outsourcing provider is based overseas, the outsourcing provider must confirm in the outsourcing agreement that there are no regulatory or legal impediments to either the licensee's internal and external auditors, or the Agency, having the access described above. Should such restrictions subsequently be imposed, the licensee must communicate this fact to the Agency as soon as it becomes aware of the matter.4. The outsourcing provider must commit itself, in the outsourcing agreement, to informing the licensee of any developments that may have a material impact on its ability to meet its obligations. These may include, for example, relevant control weaknesses identified by the outsourcing provider's internal or external auditors, and material adverse developments in the financial performance of the outsourcing provider.(d) Business continuity1. Licensees should ensure that service providers maintain, regularly review and test plans to ensure continuity in the provision of the outsourced service.2. Licensees should have an adequate understanding of the outsourcing provider's arrangements, to understand the implications for its own contingency arrangements (see section OM-2.6).(e) Termination1. Licensees must have the right to terminate the agreement should the outsourcing provider undergo a change of ownership (whether direct or indirect) that poses a potentialconflict of interest ; becomes insolvent; or goes into liquidation or administration.2. Termination under any other circumstances allowed under the agreement must give licensees a sufficient notice period in which they can effect a smooth transfer of the service to another provider or bring it back in-house.3. In the event of termination, for whatever reason, the agreement should provide for the return of all customer data — where required by licensees — or their destruction.OM-2.6 OM-2.6 Contingency planning
OM-2.6.1
Licensees should maintain and regularly review
contingency plans to enable them to set up alternative arrangements — with minimum disruption to business — should the outsourcing contract be suddenly terminated or the outsourcing provider fails. This may involve the identification of alternative outsourcing providers or the provision of the service in-house. These plans should consider how long the transition would take and what interim arrangements would apply.OM-2.6.2
See chapter OM-4 for further guidance on business continuity and contingency planning.
OM-2.7 OM-2.7 Internal audit outsourcing
OM-2.7.1
Because of the critical importance of an effective internal audit function to a licensee's control framework, all proposals to outsource internal audit operations are to be considered material.
OM-2.7.2
The Agency will generally not permit licensees to outsource their internal audit function to the same firm that acts as their external auditors. However, the Agency may allow short-term outsourcing of internal audit operations to a licensee's external auditor, to meet unexpected urgent or short-term needs (for instance, on account of staff resignation or illness). Any such arrangement will normally be limited to a maximum of one year.
OM-2.7.3
Licensees who have existing outsourcing arrangements in place with their external auditors relating to the provision of internal audit services are required to find suitable alternatives when the existing arrangements terminate or come up for renewal.
OM-2.7.4
In all circumstances, Board and management of licensees must retain responsibility for ensuring that an adequate internal audit programme is implemented, and will be held accountable in this respect by the Agency.
OM-2.8 OM-2.8 Intra-group outsourcing
OM-2.8.1
As with outsourcing to non-group companies, the Board and management of licensees are held ultimately responsible by the Agency for the adequacy of systems and controls in activities outsourced to group companies.
OM-2.8.2
However, the degree of formality required — in terms of contractual agreements and control mechanisms — for outsourcing within a licensee's group is likely to be less, because of common management and enhanced knowledge of other group companies.
OM-2.8.3
A licensee must formally notify the Agency at least 6 weeks before committing to a material
intra-group outsourcing . The request must be made in writing to the licensee's normal supervisory contact, and must set out a summary of the proposed outsourcing, its rationale, and an analysis of its associated risks and proposed mitigating controls. The Agency will respond to the notification in the same manner and timescale as set in section OM-2.3 above.OM-2.8.4
The Agency expects, as a minimum, an agreed statement of the standard of service to be provided by the group provider, including a clear statement of responsibilities allocated between the group provider and licensee.
OM-3 OM-3 Electronic money and electronic banking activities
OM-3.1 OM-3.1 Electronic banking
OM-3.1.1
This chapter provides information on the
Basel Committee papers that the Agency requires the relevant licensees to use as guidance onelectronic banking risk management principles and best practice.OM-3.1.2
The Agency considers that the provisions of the following papers represent best practice and provide guidelines for recognising, addressing and managing risk associated with this area. Banks should take appropriate steps for the implementation of relevant recommendations set out therein:
(a) 'Risk Management forElectronic Banking andElectronic Money Activities' issued in March 1998 (see section OM-B.1 for further references to the paper)(b) 'Risk Management Principles forElectronic Banking ' issued in May 2001 (see section OM-B.1 for further references to the paper)OM-3.1.3
The Agency specifically urges the licensees to use the 'Fourteen Risk Management Principles and Sound Practices' set out in the Basel's Committee paper stated in paragraph OM-3.1.2(b) above, as guidelines, in order to recognise, address and manage risks associated with e-banking in a prudent manner. The paper stated in paragraph OM-3.1.2(a) above, should be used as guidance for best practice in this area.
OM-4 OM-4 Business continuity and contingency planning
OM-4.1 OM-4.1 Contingency planning
OM-4.1.1
Although operations risks are difficult to quantify, they can often be evaluated by examining a series of "worst-case" or "what-if" scenarios (stress testing), such as a power loss, a doubling of transaction volume or a mistake found in the pricing software for
collateral management. They can also be assessed through periodic reviews of procedures, documentation requirements, data processing systems,contingency plans and other operational practices. Such reviews may help to reduce the likelihood of errors and breakdowns in controls, improve the control of risk and the effectiveness of the limit system and prevent unsound marketing practices and the premature adoption of new products or lines of business.OM-4.1.2
Such stress tests should not be limited to quantitative exercises that compute potential losses or gains. They should also include more qualitative analyses of the actions management might take under particular scenarios.
Contingency plans are important products of such qualitative analyses.OM-4.1.3
Since the delivery of corporate and customer services represent key strategic and reputational issues, such problems could cause serious difficulties for banks and even jeopardise their ability to conduct key business activities. This requires the bank to establish business continuity and
contingency plans outlining operating procedures and lines of communication, both formal and informal, in the event of an unexpected disaster (also seeBasel Committee paper 'Framework for Internal Control Systems in Banking Organizations' for further guidance).OM-4.1.4
For contingency planning relating to outsourcing activities, see section OM-2.6.
OM-4.2 OM-4.2 Succession planning
OM-4.2.1
Succession planning is an essential precautionary measure for a bank if its leadership stability — and hence ultimately its financial stability — is to be protected. Succession planning is especially critical for smaller institutions, where management teams tend to be smaller and possibly reliant on a few key individuals.
OM-4.2.2
The Agency will generally monitor banks'
succession plans through the work of its on-site examiners. In order to supplement these efforts, the Agency requires its locally incorporated banks to submit to the Agency a description of theirsuccession plans for their senior management team. Locally incorporated banks must summarise who is covered by theirsuccession plan , and confirm that the plan has been reviewed and endorsed at Board level.OM-4.2.3
The information required in paragraph OM-4.2.2 should be submitted to the Agency by the end of each calendar year. It should be addressed to the Executive Director, Banking Supervision.
OM-5 OM-5 Security Measures for Banks
OM-5.1 OM-5.1 Physical Security Measures
External Measures
OM-5.1.1
The content of this section is applicable to all full commercial banks licensed by the Agency in the Kingdom of Bahrain.
OM-5.1.2
All head offices are required to maintain Ministry of Interior ("MOI") guards on a 24 hours basis. All branches must maintain a 24 hour MOI guard. However, if branches satisfy the criteria mentioned in paragraphs OM-5.1.3 to OM-5.1.20 below, they may maintain MOI guards during opening hours only. Furthermore, banks will be allowed to replace MOI armed guards with private security guards subject to the approval of the MOI. Training and approval of private security guards will be given by the MOI. Head Offices must always have a 24 hour MOI guard.
OM-5.1.3
Public entrances to head offices and branches must be protected by measures such as steel rolling shutters, or the external doors must be of solid steel or a similar solid material of equivalent strength and resistance to fire.
OM-5.1.4
Other external entrances should have steel doors or be protected by steel rolling shutters. Preferably, all other external entrances should have the following security measures:
• Magic eye.• Locking device (key externally and handle internally).• Door closing mechanism.• Contact sensor with alarm for prolonged opening time.• Combination access control system (e.g. access card and key slot or swipe card and password).OM-5.1.5
If additional security measures to those mentioned in OM-5.1.3 and OM-5.1.4 such as security cameras, motion detectors or intruder alarms are installed, the requirement for steel external doors or protection by steel rolling shutters is waived.
OM-5.1.6
External windows should have security measures such as anti blast films and movement detectors. For ground floor windows, banks may also wish to add steel grills fastened into the wall.
OM-5.1.7
Branch alarm systems should have the following features:
(a) PIR motion detectors(b) Door sensors(c) Anti vibration/movement sensors on vaults(d) External siren(e) The intrusion detection system must be linked to the bank's (i.e. head office) monitoring unit and also the MOI Central Monitoring Unit.Internal Measures
OM-5.1.8
Teller counters must be screened off from customers by a glass screen of no less than 1 meter in height from the counter work surface or 1.4 meters from the floor.
OM-5.1.9
All areas where cash is handled must be screened off from customers and other staff areas.
OM-5.1.10
Access to teller areas must be restricted to authorised staff only. The design of the teller area should not allow customers to pass through it.
OM-5.1.11
Panic alarm systems for teller staff must be installed. The choice between silent or audible panic alarms is left to individual banks. Kick bars and/or hold up buttons must be spread throughout the teller and customer service areas and the branch manager's office. The panic alarm must be linked to the MOI Central Monitoring Unit.
Cash Safety
OM-5.1.12
Cash, precious metals and bearer instruments must be kept in fireproof cabinets/safes. Preferably, these cabinets/safes should be located in strong rooms.
OM-5.1.13
Strong rooms must be made of reinforced solid concrete, or reinforced block work. Doors to strong rooms must be steel and preferably also have a steel shutter fitted. Dual locking devices should be installed in strong room doors. Strong room doors should be located out of the sight of customers.
OM-5.1.14
Strong rooms must not contain any other openings except the entry door and where necessary, an air conditioning outlet. The air conditioning outlet must be protected with a steel grill.
OM-5.1.15
ATMs should not normally be replenished during customer opening hours. Replenishment of off-site ATMs should be performed by specialised service providers, comprising a crew of at least two persons. ATM replenishment staff must carry a mobile phone or communication device in case of emergency.
OM-5.1.16
All cash movements between branches, to and from the BMA and to offsite ATMs should be performed by specialised service providers.
OM-5.1.17
All ATMs must be properly maintained and covered by service or maintenance agreements. All ATMs must be inspected daily by bank staff to check that they are functioning properly and have not been tampered with.
OM-5.1.18
All banks must maintain a list of all maintenance, replenishment and inspection visits by staff or other authorised parties.
OM-5.1.19
All ATMs must be fitted with fraud detection and inhibiting devices (mandatory by year end 2006).
CCTV Network Systems
OM-5.1.20
All head offices and branches must have a CCTV network which is connected to a central monitoring unit located in the head office, and to the MOI Central Monitoring Unit.
OM-5.1.21
The location and type of CCTV cameras is left to the discretion of banks. At a minimum, CCTV cameras should cover the following areas:
(a) Main entrance(b) Other external doors(c) Any other access points (e.g. ground floor windows)(d) The banking hall(e) Tellers' area(f) Strongroom entrance(g) ATMs (by way of internal or external cameras)OM-5.1.22
Notices of CCTV cameras in operation should be put up for the attention of the public. CCTV records should be maintained for a minimum 45 day period. The transmission rate (in terms of the number of frames per second) should be high enough to make for effective monitoring. Delayed transmission of pictures to the Central Monitoring Unit is not acceptable. The CCTV system should be operational 24 hours per day.
Training and Other Measures
OM-5.1.23
Banks should establish the formal position of security manager. This person will be responsible for ensuring all bank staff are given annual, comprehensive security training. Banks should produce a security manual or procedures for staff, especially those dealing directly with customers. For banks dealing with three or more branches, this position should be a formally identified position. For banks with one or two branches, the responsibilities of this position may be added to the duties of a member of management.
OM-5.1.24
The security manager must maintain records on documented security related complaints by customers and take corrective action or make recommendations for action on a timely basis. Actions and recommendations must also be documented.
OM-5.1.25
Banks should consider safety and security issues when selecting premises for new branches. Key security issues include prominence of location (i.e. Is the branch on a main street or a back street?), accessibility for emergency services, and assessment of surrounding premises (in terms of their safety or vulnerability), and the number of entrances to the branch. All banks are required to hold an Insurance Blanket Bond (which includes theft of cash in its cover).
OM-8.1 OM-8.1 Introduction [1 April 2008 to 30 September 2012]
OM-8.1.1
Section CA-6.2 of the Capital Adequacy Module allows banks to use either the basic indicator approach or standardised approach to compute capital charge for operational risk. This chapter sets out the qualitative aspect of these two approaches.
Added: April 08OM-8.1.2
Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events which includes but is not limited to, legal risk and Shariah compliance risk. This definition excludes strategic and reputational risk.
Added: April 08OM-8.1.3
Shariah compliance risk is a type of operational risk facing Islamic banks which can lead to non-recognition of income and resultant losses. See Appendix OM-1 for examples of Shariah requirements that must be complied with by the banks.
Added: April 08OM-8.2 OM-8.2 Basic Indicator Approach [1 April 2008 to 30 September 2012]
OM-8.2.1
Banks applying the basic indicator approach for capital adequacy purposes as detailed in section CA-6.2 of Capital Adequacy Module are encouraged to comply with the principles set forth in this section.
Added: April 08Developing an Appropriate Risk Management Environment
OM-8.2.2
Failure to understand and manage operational risk, which is present in virtually all bank transactions and activities, may greatly increase the likelihood that some risks will go unrecognised and uncontrolled. Both the board and senior management are responsible for creating an organisational culture that places high priority on effective operational risk management and adherence to sound operating controls. Operational risk management is most effective where a bank’s culture emphasises high standards of ethical behaviour at all levels of the bank. The board and senior management should promote an organisational culture which establishes through both actions and words the expectations of integrity for all employees in conducting the business of the bank.
Added: April 08OM-8.2.3
Principle 1: The board of directors must be aware of the major aspects of the bank's operational risks as a distinct risk category that must be managed, and it must approve and periodically review the bank's operational risk management framework. The framework must provide a bank-wide definition of operational risk and lay down the principles of how operational risk is to be identified, assessed, monitored, and controlled/mitigated.
Amended: July 2011
Added: April 08OM-8.2.4
The board of directors should approve the implementation of a bank-wide framework to explicitly manage operational risk as a distinct risk to the bank’s safety and soundness. The board should provide senior management with clear guidance and direction regarding the principles underlying the framework and approve the corresponding policies developed by senior management.
Added: April 08OM-8.2.5
An operational risk framework should be based on an appropriate definition of operational risk which clearly articulates what constitutes operational risk in that bank. The framework should cover the bank’s appetite and tolerance for operational risk, as specified through the policies for managing this risk and the bank’s prioritisation of operational risk management activities, including the extent of, and manner in which, operational risk is transferred outside the bank. It should also include policies outlining the bank’s approach to identifying, assessing, monitoring and controlling/mitigating the risk. The degree of formality and sophistication of the bank’s operational risk management framework should be commensurate with the bank’s risk profile.
Added: April 08OM-8.2.6
The board is responsible for establishing a management structure capable of implementing the bank’s operational risk management framework. Since a significant aspect of managing operational risk relates to the establishment of strong internal controls, it is particularly important that the board establishes clear lines of management responsibility, accountability and reporting. In addition, there should be separation of responsibilities and reporting lines between operational risk control functions, business lines and support functions in order to avoid conflicts of interest. The framework should also articulate the key processes the bank needs to have in place to manage operational risk.
Added: April 08OM-8.2.7
The board should review the framework regularly to ensure that the bank is managing the operational risks arising from external market changes and other environmental factors, as well as those operational risks associated with new products, activities or systems. This review process should also aim to assess industry best practice in operational risk management appropriate for the bank’s activities, systems and processes. If necessary, the board should ensure that the operational risk management framework is revised in light of this analysis, so that material operational risks are captured within the framework.
Added: April 08OM-8.2.8
Principle 2: The board of directors must ensure that the bank's operational risk management framework is subject to effective and comprehensive internal audit by operationally independent, appropriately trained and competent staff. The internal audit function must not be directly responsible for operational risk management.
Amended: July 2011
Added: April 08OM-8.2.9
Banks should have in place adequate internal audit coverage to verify that operating policies and procedures have been implemented effectively. The board (either directly or indirectly through its audit committee) should ensure that the scope and frequency of the audit programme is appropriate to the risk exposures. Audit should periodically validate that the bank’s operational risk management framework is being implemented effectively across the bank.
Added: April 08OM-8.2.10
To the extent that the audit function is involved in oversight of the operational risk management framework, the board should ensure that the independence of the audit function is maintained. This independence may be compromised if the audit function is directly involved in the operational risk management process. The audit function may provide valuable input to those responsible for operational risk management, but should not itself have direct operational risk management responsibilities. In practice, the CBB recognises that the audit function at some banks (particularly smaller banks) may have initial responsibility for developing an operational risk management programme. Where this is the case, banks should see that responsibility for day-to-day operational risk management is transferred elsewhere in a timely manner.
Added: April 08OM-8.2.11
Principle 3: Senior management must have responsibility for implementing the operational risk management framework approved by the board of directors. The framework must be consistently implemented throughout the whole banking organisation, and all levels of staff must understand their responsibilities with respect to operational risk management. Senior management must also have responsibility for developing policies, processes and procedures for managing operational risk in all of the bank's material products, activities, processes and systems.
Amended: July 2011
Added: April 08OM-8.2.12
Management should translate the operational risk management framework established by the board of directors into specific policies, processes and procedures that can be implemented and verified within the different business units. While each level of management is responsible for the appropriateness and effectiveness of policies, processes, procedures and controls within its purview, senior management should clearly assign authority, responsibility and reporting relationships to encourage and maintain this accountability, and ensure that the necessary resources are available to manage operational risk effectively. Moreover, senior management should assess the appropriateness of the management oversight process in light of the risks inherent in a business unit’s policy.
Added: April 08OM-8.2.13
Senior management should ensure that bank activities are conducted by qualified staff with the necessary experience, technical capabilities and access to resources, and that staff responsible for monitoring and enforcing compliance with the institution’s risk policy have authority independent from the units they oversee. Management should ensure that the bank’s operational risk management policy has been clearly communicated to staff at all levels in units that incur material operational risks.
Added: April 08OM-8.2.14
Senior management should ensure that staff responsible for managing operational risk communicate effectively with staff responsible for managing credit, market, and other risks, as well as with those in the bank who are responsible for the procurement of external services such as insurance purchasing and outsourcing agreements. Failure to do so could result in significant gaps or overlaps in a bank's overall risk management programme.
Added: April 08OM-8.2.15
Senior management should also ensure that the bank’s remuneration policies are consistent with its appetite for risk. Remuneration policies which reward staff that deviate from policies (e.g. by exceeding established limits) weaken the bank’s risk management processes.
Added: April 08OM-8.2.16
Particular attention should be given to the quality of documentation controls and to transaction-handling practices. Policies, processes and procedures related to advanced technologies supporting high transactions volumes, in particular, should be well documented and disseminated to all relevant personnel.
Added: April 08Risk Management: Identification, Assessment, Monitoring and Mitigation/Control
OM-8.2.17
Principle 4: Banks must identify and assess the operational risk inherent in all material products, activities, processes and systems. Banks must also ensure that before new products, activities, processes and systems are introduced or undertaken, the operational risk inherent in them is subject to adequate assessment procedures.
Amended: July 2011
Added: April 08OM-8.2.18
Risk identification is paramount for the subsequent development of a viable operational risk monitoring and control system. Effective risk identification considers both internal factors (such as the bank’s structure, the nature of the bank’s activities, the quality of the bank’s human resources, organisational changes and employee turnover) and external factors (such as changes in the industry and technological advances) that could adversely affect the achievement of the bank’s objectives.
Added: April 08OM-8.2.19
In addition to identifying the most potentially adverse risks, banks should assess their vulnerability to these risks. Effective risk assessment allows the bank to better understand its risk profile and most effectively target risk management resources.
Added: April 08OM-8.2.20
Amongst the possible tools used by banks for identifying and assessing operational risk are:
(a) Self- or Risk Assessment: a bank assesses its operations and activities against a menu of potential operational risk vulnerabilities. This process is internally driven and often incorporates checklists and/or workshops to identify the strengths and weaknesses of the operational risk environment. Scorecards, for example, provide a means of translating qualitative assessments into quantitative metrics that give a relative ranking of different types of operational risk exposures. Some scores may relate to risks unique to a specific business line while others may rank risks that cut across business lines. Scores may address inherent risks, as well as the controls to mitigate them. In addition, scorecards may be used by banks to allocate economic capital to business lines in relation to performance in managing and controlling various aspects of operational risk.(b) Risk Mapping: in this process, various business units, organisational functions or process flows are mapped by risk type. This exercise can reveal areas of weakness and help prioritise subsequent management action.(c) Risk Indicators: risk indicators are statistics and/or metrics, often financial, which can provide insight into a bank’s risk position. These indicators tend to be reviewed on a periodic basis (such as monthly or quarterly) to alert banks to changes that may be indicative of risk concerns. Such indicators may include the number of failed trades, staff turnover rates and the frequency and/or severity of errors and omissions.(d) Measurement: some banks have begun to quantify their exposure to operational risk using a variety of approaches. For example, data on a bank’s historical loss experience could provide meaningful information for assessing the bank’s exposure to operational risk and developing a policy to mitigate/control the risk. An effective way of making good use of this information is to establish a framework for systematically tracking and recording the frequency, severity and other relevant information on individual loss events. Some banks have also combined internal loss data with external loss data, scenario analyses, and risk assessment factors.Added: April 08OM-8.2.21
Principle 5: Banks must implement a process to regularly monitor operational risk profiles and material exposures to losses. There must be regular reporting of pertinent information to senior management and the board of directors that supports the proactive management of operational risk.
Amended: July 2011
Added: April 08OM-8.2.22
An effective monitoring process is essential for adequately managing operational risk. Regular monitoring activities can offer the advantage of quickly detecting and correcting deficiencies in the policies, processes and procedures for managing operational risk. Promptly detecting and addressing these deficiencies can substantially reduce the potential frequency and/or severity of a loss event.
Added: April 08OM-8.2.23
In addition to monitoring operational loss events, banks should identify appropriate indicators that provide early warning of an increased risk of future losses. Such indicators (often referred to as key risk indicators or early warning indicators) should be forward-looking and could reflect potential sources of operational risk such as rapid growth, the introduction of new products, employee turnover, transaction breaks, system downtime, and so on. When thresholds are directly linked to these indicators an effective monitoring process can help identify key material risks in a transparent manner and enable the bank to act upon these risks appropriately.
Added: April 08OM-8.2.24
The frequency of monitoring should reflect the risks involved and the frequency and nature of changes in the operating environment. Monitoring should be an integrated part of a bank's activities. The results of these monitoring activities should be included in regular management and board reports, as should compliance reviews performed by the internal audit and/or risk management functions. Reports generated by (and/or for) supervisory authorities may also inform this monitoring and should likewise be reported internally to senior management and the board, where appropriate.
Added: April 08OM-8.2.25
Senior management should receive regular reports from appropriate areas such as business units, group functions, the operational risk management office and internal audit. The operational risk reports should contain internal financial, operational, and compliance data, as well as external market information about events and conditions that are relevant to decision making. Reports should be distributed to appropriate levels of management and to areas of the bank on which areas of concern may have an impact. Reports should fully reflect any identified problem areas and should motivate timely corrective action on outstanding issues. To ensure the usefulness and reliability of these risk and audit reports, management should regularly verify the timeliness, accuracy, and relevance of reporting systems and internal controls in general. Management may also use reports prepared by external sources (auditors, supervisors) to assess the usefulness and reliability of internal reports. Reports should be analysed with a view to improving existing risk management performance as well as developing new risk management policies, procedures and practices.
Added: April 08OM-8.2.26
In general, the board of directors should receive sufficient higher-level information to enable them to understand the bank's overall operational risk profile and focus on the material and strategic implications for the business.
Added: April 08OM-8.2.27
Principle 6: Banks must have policies, processes and procedures to control and/or mitigate material operational risks. Banks must periodically review their risk limitation and control strategies and must adjust their operational risk profile accordingly using appropriate strategies, in light of their overall risk appetite and profile.
Amended: July 2011
Added: April 08OM-8.2.28
Control activities are designed to address the operational risks that a bank has identified. For all material operational risks that have been identified, the bank should decide whether to use appropriate procedures to control and/or mitigate the risks, or bear the risks. For those risks that cannot be controlled, the bank should decide whether to accept these risks, reduce the level of business activity involved, or withdraw from this activity completely. Control processes and procedures should be established and banks should have a system in place for ensuring compliance with a documented set of internal policies concerning the risk management system. Principle elements of this could include, for example:
(a) Top-level reviews of the bank's progress towards the stated objectives;(b) Checking for compliance with management controls;(c) Policies, processes and procedures concerning the review, treatment and resolution of non-compliance issues; and(d) A system of documented approvals and authorisations to ensure accountability to an appropriate level of management.Added: April 08OM-8.2.29
Although a framework of formal, written policies and procedures is critical, it needs to be reinforced through a strong control culture that promotes sound risk management practices. Both the board of directors and senior management are responsible for establishing a strong internal control culture in which control activities are an integral part of the regular activities of a bank. Controls that are an integral part of the regular activities enable quick responses to changing conditions and avoid unnecessary costs.
Added: April 08OM-8.2.30
An effective internal control system also requires that there be appropriate segregation of duties and that personnel are not assigned responsibilities which may create a conflict of interest. Assigning such conflicting duties to individuals, or a team, may enable them to conceal losses, errors or inappropriate actions. Therefore, areas of potential conflicts of interest should be identified, minimised, and subject to careful independent monitoring and review.
Added: April 08OM-8.2.31
In addition to segregation of duties, banks should ensure that other internal practices are in place as appropriate to control operational risk. Examples of these include:
(a) Close monitoring of adherence to assigned risk limits or thresholds;(b) Maintaining safeguards for access to, and use of, bank assets and records;(c) Ensuring that staff have appropriate expertise and training;(d) Identifying business lines or products where returns appear to be out of line with reasonable expectations (e.g., where a supposedly low risk, low margin trading activity generates high returns that could call into question whether such returns have been achieved as a result of an internal control breach); and(e) Regular verification and reconciliation of transactions and accounts.Failure to implement such practices has resulted in significant operational losses for some banks in recent years.Added: April 08OM-8.2.32
Operational risk can be more pronounced where banks engage in new activities or develop new products (particularly where these activities or products are not consistent with the bank's core business strategies), enter unfamiliar markets, and/or engage in businesses that are geographically distant from the head office. Moreover, in many such instances, banks do not ensure that the risk management control infrastructure keeps pace with the growth in the business activity. A number of the most sizeable and highest-profile losses in recent years have taken place where one or more of these conditions existed. Therefore, it is incumbent upon banks to ensure that special attention is paid to internal control activities where such conditions exist.
Added: April 08OM-8.2.33
Some significant operational risks have low probabilities but potentially very large financial impact. Moreover, not all risk events can be controlled (e.g., natural disasters). Risk mitigation tools or programmes can be used to reduce the exposure to, or frequency and/or severity of, such events. For example, insurance policies, particularly those with prompt and certain pay-out features, can be used to externalise the risk of "low frequency, high severity" losses which may occur as a result of events such as third-party claims resulting from errors and omissions, physical loss of securities, employee or third-party fraud, and natural disasters.
Added: April 08OM-8.2.34
However, banks should view risk mitigation tools as complementary to, rather than a replacement for, thorough internal operational risk control. Having mechanisms in place to quickly recognise and rectify legitimate operational risk errors can greatly reduce exposures. Careful consideration also needs to be given to the extent to which risk mitigation tools such as insurance truly reduce risk, or transfer the risk to another business sector or area, or even create a new risk (e.g. legal or counterparty risk).
Added: April 08OM-8.2.35
Investments in appropriate processing technology and information technology security are also important for risk mitigation. However, banks should be aware that increased automation could transform high-frequency, low-severity losses into low frequency, high-severity losses. The latter may be associated with loss or extended disruption of services caused by internal factors or by factors beyond the bank's immediate control (e.g., external events). Such problems may cause serious difficulties for banks and could jeopardise an institution's ability to conduct key business activities. As discussed below in Principle 7, banks should establish disaster recovery and business continuity plans that address this risk.
Added: April 08OM-8.2.36
Banks should also establish policies for managing the risks associated with outsourcing activities. Outsourcing of activities can reduce the institution's risk profile by transferring activities to others with greater expertise and scale to manage the risks associated with specialised business activities. However, a bank's use of third parties does not diminish the responsibility of the board of directors and management to ensure that the third-party activity is conducted in a safe and sound manner and in compliance with applicable laws. Outsourcing arrangements should be based on robust contracts and/or service level agreements that ensure a clear allocation of responsibilities between external service providers and the outsourcing bank. Furthermore, banks need to manage residual risks associated with outsourcing arrangements, including disruption of services.
Added: April 08OM-8.2.37
Depending on the scale and nature of the activity, banks should understand the potential impact on their operations and their customers of any potential deficiencies in services provided by vendors and other third-party or intra-group service providers, including both operational breakdowns and the potential business failure or default of the external parties. The board and management should ensure that the expectations and obligations of each party are clearly defined, understood and enforceable. The extent of the external party's liability and financial ability to compensate the bank for errors, negligence, and other operational failures should be explicitly considered as part of the risk assessment. Banks should carry out an initial due diligence test and monitor the activities of third party providers, especially those lacking experience of the banking industry's regulated environment, and review this process (including reevaluations of due diligence) on a regular basis. For critical activities, the bank may need to consider contingency plans, including the availability of alternative external parties and the costs and resources required to switch external parties, potentially on very short notice.
Added: April 08OM-8.2.38
In some instances, banks may decide to either retain a certain level of operational risk or self-insure against that risk. Where this is the case and the risk is material, the decision to retain or self-insure the risk should be transparent within the organisation and should be consistent with the bank's overall business strategy and appetite for risk.
Added: April 08OM-8.2.39
Principle 7: Banks must have in place contingency and business continuity plans to ensure their ability to operate on an ongoing basis and limit losses in the event of severe business disruption.
Amended: July 2011
Added: April 08OM-8.2.40
For reasons that may be beyond a bank's control, a severe event may result in the inability of the bank to fulfil some or all of its business obligations, particularly where the bank's physical, telecommunication, or information technology infrastructures have been damaged or made inaccessible. This can, in turn, result in significant financial losses to the bank, as well as broader disruptions to the financial system through channels such as the payments system. This potential requires that banks establish disaster recovery and business continuity plans that take into account different types of plausible scenarios to which the bank may be vulnerable, commensurate with the size and complexity of the bank's operations.
Added: April 08OM-8.2.41
Banks should identify critical business processes, including those where there is dependence on external vendors or other third parties, for which rapid resumption of service would be most essential. For these processes, banks should identify alternative mechanisms for resuming service in the event of an outage. Particular attention should be paid to the ability to restore electronic or physical records that are necessary for business resumption. Where such records are backed-up at an off-site facility, or where a bank's operations must be relocated to a new site, care should be taken that these sites are at an adequate distance from the impacted operations to minimise the risk that both primary and back-up records and facilities will be unavailable simultaneously.
Added: April 08OM-8.2.42
Banks should periodically review their disaster recovery and business continuity plans so that they are consistent with the bank's current operations and business strategies. Moreover, these plans should be tested periodically to ensure that the bank would be able to execute the plans in the unlikely event of a severe business disruption.
Added: April 08LM LM Liquidity Risk Management [Version up to 30 September 2007]
LM-A LM-A Introduction [Version up to 30 September 2007]
LM-A.1 LM-A.1 Purpose [Version up to 30 September 2007]
LM-A.1.1 [Version up to 30 September 2007]
The purpose of this module is to provide a checklist of the key elements of a sound Liquidity Risk Management system which supervisors can expect their banks to observe.
LM-A.1.2 [Version up to 30 September 2007]
This module provides support for certain other parts of the Rulebook, mainly:
(a) Licensing Requirements;(b) Principles of Business;(c) BMA Reporting Requirements;(d) Audit Firms; and(e) High Level Controls.LM-A.2 LM-A.2 Key requirements [Version up to 30 September 2007]
LM-A.2.1 [Version up to 30 September 2007]
It is the responsibility of the bank's Board of Directors and management to ensure that the bank has sufficient liquidity to meet its obligations as they fall due.
LM-A.2.1 [Version up to 30 September 2007]
A bank must inform the Agency of any concerns it has about its current or future liquidity profile, and of its plans to rectify/deal with any problems.
LM-A.2.2 [Version up to 30 September 2007]
The Agency has established certain limits for negative maturity mismatch positions. Positions within such periods should be reported on a monthly basis.
LM-A.2.3 [Version up to 30 September 2007]
Currencies should be translated into the reporting currency of the bank (which in any case would be either Bahraini Dinar or US Dollar) at the closing spot mid price on the reporting date and entered in the relevant time band. However, the Agency may also require institutions to provide management information on positions in individual currencies in the event of difficulties either in the individual institution or with the currency in question.
LM-A.3 LM-A.3 Regulation history [Version up to 30 September 2007]
LM-A.3.1 [Version up to 30 September 2007]
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
LM-A.3.2 [Version up to 30 September 2007]
A list of most recent changes made to this module are detailed in the table below:
Summary of changes
Module Ref. Change Date Description of Changes LM Evolution of the Module [Version up to 30 September 2007]
LM-A.3.3 [Version up to 30 September 2007]
The module incorporates the requirements set out under Section E of the Prudential Information Returns for Islamic Banks (PIRI) pack.
Effective date [Version up to 30 September 2007]
LM-A.3.4 [Version up to 30 September 2007]
The contents in this module are effective from the date depicted in the original circulars/pack (see paragraph LM-A.3.3) from which the requirements are compiled.
LM-1 LM-1 Prudential information [Version up to 30 September 2007]
LM-1.1 LM-1.1 Introduction [Version up to 30 September 2007]
LM-1.1.1 [Version up to 30 September 2007]
An important element of banking is managing liquidity. Long-term financing contracts may be financed by amounts received from customers for short-term investments. As a result of this, a bank is exposed to the risk that investors' demands for repayment might outstrip its ability to transform assets into cash.
Liquidity risk management reporting under section E of the PIRI [Version up to 30 September 2007]
LM-1.1.2 [Version up to 30 September 2007]
The purpose of this chapter is to introduce the Agency's supervisory approach with respect to reporting requirements and bank's obligations in terms of its liquidity management practices.
LM-1.1.3 [Version up to 30 September 2007]
The contents of this chapter should be read in conjunction with the guidelines set out under Section E of the PIRI (in Appendix BR 3) and PIRI reporting forms (in Appendix BR 4).
LM-1.2 LM-1.2 The bank's prudential obligation [Version up to 30 September 2007]
LM-1.2.1 [Version up to 30 September 2007]
It is the responsibility of the bank's Board of Directors and management to ensure that the bank has sufficient liquidity to meet its obligations as they fall due.
LM-1.2.2 [Version up to 30 September 2007]
A bank must inform the Agency of any concerns it has about its current or future liquidity profile, and of its plans to rectify/deal with any problems.
LM-1.2.3 [Version up to 30 September 2007]
Banks will be expected to have formal written policies which limit liquidity risk to acceptable levels; appropriate liquidity measurement and information systems and clearly defined managerial responsibilities for managing liquidity. These policies, controls and systems are to be observed on a daily basis and reviewed to take account of changing circumstances.
LM-1.3 LM-1.3 The Agency's obligation [Version up to 30 September 2007]
LM-1.3.1 [Version up to 30 September 2007]
The Agency will review with banks their policies, systems and controls for managing their liquidity.
LM-1.3.2 [Version up to 30 September 2007]
Banks are expected to monitor and maintain adequate liquidity not only for meeting the requirements of the unrestricted investment account holders, but also that arising for the restricted investment account holders.
LM-1.3.3 [Version up to 30 September 2007]
The Agency has established the following limits for negative maturity mismatch positions. Positions within such periods should be reported on a monthly basis (see section BR-4):
(i)
Self Financed and Current Accounts Only Period Limit 0-8 days 10% 8 days —1 month 20% (ii)
Unrestricted Investment Period Limit 0-8 days 10% 8 days — 1 month 20% (iii)
Restricted Investment Accounts Only Period Limit 0-8 days 10% 8 days — 1 month 20% (iv)
Self Financed, Restricted/ Unrestricted Investment Accounts & Current Accounts Period Limit 0-8 days 15% 8 days — 1 month 25% LM-1.4 LM-1.4 Liquidity reporting in individual currencies [Version up to 30 September 2007]
LM-1.4.1 [Version up to 30 September 2007]
Section E of the PIRI (Appendix BR 4) should be completed on the basis of all currencies combined.
LM-1.4.2 [Version up to 30 September 2007]
Currencies should be translated into the reporting currency of the bank (which in any case would be either Bahraini Dinar or US Dollar) at the closing spot mid price on the reporting date and entered in the relevant time band. However, the Agency may require institutions to provide management information on positions in individual currencies in the event of difficulties either in the individual institution or with the currency in question.
LM LM Liquidity Risk Management [Version 1 October 2007 to 31 July 2018]
LM-A LM-A Introduction [Version 1 October 2007 to 31 July 2018]
LM-A.1 LM-A.1 Purpose [Version 1 October 2007 to 31 July 2018]
Executive Summary [Version 1 October 2007 to 31 July 2018]
LM-A.1.1 [Version 1 October 2007 to 31 July 2018]
The purpose of this Module is to provide a checklist of the key elements of a sound Liquidity Risk Management system which supervisors can expect their banks to observe.
October 07LM-A.1.2 [Version 1 October 2007 to 31 July 2018]
This module provides support for certain other parts of the Rulebook, mainly:
(a) Licensing Requirements;(b) Principles of Business;(c) CBB Reporting Requirements;(d) Audit Firms; and(e) High-Level Controls.October 07Legal Basis [Version up to 31 July 2018]
LM-A.1.3 [Version up to 31 July 2018]
This Module contains the Central Bank of Bahrain's ('CBB') Directive (as amended from time to time) on liquidity risk management requirements for
Islamic bank licensees , and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 (CBB Law). The directive in this Module is applicable to allIslamic bank licensees .Amended: April 2011
Added: January 2011
LM-A.1.4 [Version up to 31 July 2018]
For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.
Added: January 2011
LM-A.2 LM-A.2 Key Requirements [Version up to 31 July 2018]
LM-A.2.1 [Version up to 31 July 2018]
It is the responsibility of the bank's Board of Directors and management to ensure that the bank has sufficient liquidity to meet its obligations as they fall due.
October 07LM-A.2.2 [Version 31 July 2018]
A bank must inform the CBB of any concerns it has about its current or future liquidity profile, and of its plans to rectify/deal with any problems.
Amended: January 2011
October 2007LM-A.2.3 [Version to 31 July 2018]
The CBB has established certain limits for negative maturity mismatch positions. Positions within such periods should be reported on a quarterly basis.
Amended: April 2014
Amended: January 2011
October 2007LM-A.2.4 [Version up to 31 July 2018]
Currencies should be translated into the reporting currency of the bank (which in any case would be either Bahrain Dinar or US Dollar) at the closing spot mid price on the reporting date and entered in the relevant time band. However, the CBB may also require institutions to provide management information on positions in individual currencies in the event of difficulties either in the individual institution or with the currency in question.
Amended: January 2011
October 2007LM-A.3 LM-A.3 Regulation history [Version up to 31 July 2018]
LM-A.3.1 [Version up to 31 July 2018]
This Module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
October 07LM-A.3.2 [Version up to 31 July 2018]
A list of most recent changes made to this Module are detailed in the table below:
Summary of Changes
Module Ref. Change Date Description of Changes LM 01/2011 Various minor amendments to ensure consistency in CBB Rulebook. LM-A.1.3 and LM-A.1.4 01/2011 Added legal basis LM-A.2.3 and LM-1.3.3 04/2014 Corrected frequency of reporting. LM-1.1.3 04/2014 Corrected cross reference. LM-1.1 and LM-1.4 04/2015 Corrected reference to PIRI. Evolution of the Module [Version up to 31 July 2018]
LM-A.3.3 [Version up to 31 July 2018]
The module incorporates the requirements set out under Section F of the Prudential Information Returns for Islamic Banks (PIRI) pack.
Amended July 09
October 07Effective Date [Version up to 31 July 2018]
LM-A.3.4 [Version up to 31 July 2018]
The contents in this Module are effective from the date depicted in the original circulars/pack (see Paragraph LM-A.3.3) from which the requirements are compiled.
October 07LM-1 LM-1 Prudential Information [Version up to 31 July 2018]
LM-1.1 LM-1.1 Introduction [Version up to 31 July 2018]
LM-1.1.1 [Version up to 31 July 2018]
An important element of banking is managing liquidity. Long-term financing contracts may be financed by amounts received from customers for short-term investments. As a result of this, a bank is exposed to the risk that investors' demands for repayment might outstrip its ability to transform assets into cash.
October 07Liquidity Risk Management Reporting under Section E of the PIRI [Version up to 31 July 2018]
LM-1.1.2 [Version up to 31 July 2018]
The purpose of this Chapter is to introduce the CBB's supervisory approach with respect to reporting requirements and bank's obligations in terms of its liquidity management practices.
Amended: January 2011
October 2007LM-1.1.3 [Version up to 31 July 2018]
The contents of this Chapter should be read in conjunction with the guidelines set out under Section E of the PIRI (in Appendix BR-4) and PIRI reporting forms (in Appendix BR-5).
Amended: April 2015
April 2014LM-1.2 LM-1.2 The Bank's Prudential Obligation [Version up to 31 July 2018]
LM-1.2.1 [Version up to 31 July 2018]
It is the responsibility of the bank's Board of Directors and management to ensure that the bank has sufficient liquidity to meet its obligations as they fall due.
October 07LM-1.2.2 [Version up to 31 July 2018]
A bank must inform the CBB of any concerns it has about its current or future liquidity profile, and of its plans to rectify/deal with any problems.
Amended: January 2011
October 2007LM-1.2.3 [Version up to 31 July 2018]
Banks will be expected to have formal written policies which limit liquidity risk to acceptable levels; appropriate liquidity measurement and information systems and clearly defined managerial responsibilities for managing liquidity. These policies, controls and systems are to be observed on a daily basis and reviewed to take account of changing circumstances.
October 07LM-1.3 LM-1.3 The CBB's Obligation [Version up to 31 July 2018]
LM-1.3.1 [Version up to 31 July 2018]
The CBB will review with banks their policies, systems and controls for managing their liquidity.
Amended: January 2011
October 2007LM-1.3.2 [Version up to 31 July 2018]
Banks are expected to monitor and maintain adequate liquidity not only for meeting the requirements of the unrestricted investment account holders, but also that arising for the restricted investment account holders.
October 07LM-1.3.3 [Version up to 31 July 2018]
The CBB has established the following limits for negative maturity mismatch positions. Positions within such periods should be reported on a quarterly basis as part of the PIRI (see Section BR-3):
(i) Self Financed and Current Accounts Only Period Limit* 0-8 days 10% 8 days - 1 month 20% (ii) Unrestricted Investment Period Limit* 0-8 days 10% 8 days - 1 month 20% (iii) Restricted Investment Accounts Only Period Limit* 0-8 days 10% 8 days - 1 month 20% (iv) Self Financed, Restricted/ Unrestricted Investment Accounts & Current Accounts Period Limit* 0-8 days 15% 8 days - 1 month 25% Amended: April 2014
Amended: January 2011
October 2007LM-1.4 LM-1.4 Liquidity Reporting in Individual Currencies [Version up to 31 July 2018]
LM-1.4.1 [Version up to 31 July 2018]
Section E of the PIRI (Appendix BR-5) should be completed on the basis of all currencies combined.
Amended: April 2015
July 09
October 07LM-1.4.2 [Version up to 31 July 2018]
Currencies should be translated into the reporting currency of the bank (which in any case would be either Bahrain Dinar or US Dollar) at the closing spot mid price on the reporting date and entered in the relevant time band. However, the CBB may require institutions to provide management information on positions in individual currencies in the event of difficulties either in the individual institution or with the currency in question.
Amended: January 2011
October 2007FC FC Financial Crimes
FC-A FC-A Introduction
FC-A.1 FC-A.1 Purpose
FC-A.1.1
This Module applies, to all
Islamic bank licensees , a comprehensive framework of Rules and Guidance aimed at combating money laundering and terrorist financing. In so doing, it helps implement the 40 Recommendations on money laundering and 9 Special Recommendations on terrorist financing, issued by the Financial Action Task Force (FATF), and the requirements of the Basel Committee "Customer Due Diligence for Banks" paper, that are relevant toIslamic bank licensees . (Further information on these can be found in Chapter FC-10.)FC-A.1.2
The Module requires
Islamic bank licensees to have effective anti-money laundering ('AML') policies and procedures, in addition to measures for combating the financing of terrorism ('CFT'). The Module contains detailed requirements relating to customer due diligence, reporting and the role and duties of the Money Laundering Reporting Officer (MLRO). Furthermore, examples of suspicious activity are provided, to assistIslamic bank licensees monitor transactions and fulfil their reporting obligations under Bahrain law.FC-A.2 FC-A.2 Module history
Changes to the Module
FC-A.2.1
This module was first issued on 1st January 2005 as part of the Islamic principles volume. All regulations in this volume have been effective since this date. All subsequent changes are dated with the month and year at the base of the relevant page and in the Table of Contents. Chapter 3 of Module UG provides further details on Rulebook maintenance and control.
FC-A.2.2
A list of recent changes made to this Module is detailed in the table below:
Module Ref. Change Date Description of Changes FC 01/04/05 Update to reflect revised FATF 40 + 9 recommendations FC-1.4 01/07/05 Technology abuse update FC-1.1 01/07/05 Nominee a/c clarification FC-1.3 FC-2.2 FC-5.2 01/07/05 Clarifications on risk-based approach, record keeping, and STRs FC-6.1 01/07/05 New references to "terrorist financing" FC-7.1 01/07/05 Prompt access to records is a rule FC-2.2 01/10/05 Up to date CDD documentation requirement FC-1.8 01/10/05 Location of correspondent FC-1.9 01/10/05 Location of introducer FC-4.2 , FC-4.3 01/10/05 Requirement to report to Board FC 01/10/05 Reordering of sections FC-1.11.1 01/01/06 New text for syndicated business FC-1.1.3, FC-1.2.8, FC-1.2.11, FC-3.1.4 01/01/06 Correction of minor typos Evolution of the Module
FC-A.2.3
Prior to the introduction of Volume 2 (Islamic Banks) of the BMA Rulebook, the BMA had issued various circulars containing requirements covering different aspects of financial crime. These requirements were consolidated into Version 01 of this Module. Some of these requirements remain in their original form; others have since been updated. These circulars and their original location in this Module are listed below:
Circular Ref. Date of Issue Module Ref. (Version 01) Circular Subject BC/17/97 10 Nov 1997 FC-B.1 Money Laundering OG/308/89 14 Oct 1989 FC-B.1 Money Laundering EDBC/6/01 14 Oct 2001 FC-1, FC-4–FC-7 Re: Money Laundering Regulation BC/1/02 27 Jan 2002 FC-3 FATF Special Recommendations on Terrorism Financing BC/3/00 5 Mar 2000 FC-1.5 Re: Accounts for Charity Organisations FC-B FC-B Scope of Application
FC-B.1 FC-B.1 License Categories
FC-B.1.1
This Module applies to all
Islamic bank licensees , including branches of banks incorporated outside of Bahrain, and Bahrain-incorporated subsidiaries of overseas groups.FC-B.1.2
The Rules and Guidance in this Module are in addition to and supplement the requirements contained in Decree Law No. (4) of 2001 with respect to the prevention and prohibition of the laundering of money ("The AML Law"). The AML Law imposes obligations on persons generally in relation to the prevention of money laundering. All
Islamic bank licensees are under the statutory obligations of that Law, a copy of which is contained in Part B of Volume 2, under 'Supplementary Information'. Nothing in this Module is intended to restrict the application of the AML Law.FC-B.2 FC-B.2 Overseas Subsidiaries and Branches
FC-B.2.1
Islamic bank licensees must apply the requirements in this Module to all their branches and subsidiaries operating both in the Kingdom of Bahrain and in foreign jurisdictions. Where local standards differ, the higher standard must be followed.Islamic bank licensees must pay particular attention to procedures in branches or subsidiaries in countries that do not or insufficiently apply the FATF Recommendations and Special Recommendations.FC-B.2.2
Where another jurisdiction's laws or regulations prevent a
Islamic bank licensee (or any of its foreign branches or subsidiaries) from applying the same standards contained in this Module or higher, the licensee must immediately inform the BMA in writing.FC-B.2.3
In such instances, the BMA will review alternatives with the
Islamic bank licensee . Should the BMA and the licensee be unable to reach agreement on the satisfactory implementation of this Module in a foreign subsidiary or branch, theIslamic bank licensee may be required by BMA to cease the operations of the subsidiary or branch in the foreign jurisdiction in question.FC-1 FC-1 Customer due diligence
FC-1.1 FC-1.1 General requirements
Verification of Identity and Source of Funds
FC-1.1.1
Islamic bank licensees must establish effective systematic internal procedures for establishing and verifying the identity of their customers and the source of their funds. Such procedures must be set out in writing and approved by the licensee's Board of Directors. They must be strictly adhered to.FC-1.1.2
Islamic bank licensees must implement the customer due diligence measures outlined in Chapters 1, 2 and 3 when:(a) establishing business relations with a new or existing customer;(b) a change to the signatory or beneficiary of an existing account or business relationship is made;(c) a significant transaction takes place;(d) there is a material change in the way that the bank account is operated or in the manner in which the business relationship is conducted;(e)customer documentation standards change substantially;(f) theIslamic bank licensee has doubts about the veracity or adequacy of previously obtained customer due diligence information;(g) carrying-out one-off or occasional transactions above BD 6,000, or where several smaller transactions that appear to be linked fall above this threshold; or(h) carrying out wire transfers irrespective of amount;(h) there is a suspicion of money laundering or terrorist financing.FC-1.1.3
For the purposes of this Module, "customer" includes counterparties such as financial markets counterparties, except where financial institutions are acting as principals where simplified due diligence measures may sometimes apply. These simplified measures are set out in Section FC-1.11.
FC-1.1.4
The BMA's specific minimum standards to be followed with respect to verifying customer identity and source of funds are contained in Section FC-1.2. Enhanced requirements apply under certain high-risk situations: these requirements are contained in Sections FC-1.3 to FC-1.8 inclusive. Additional requirements apply where an
Islamic bank licensee is relying on a professional intermediary to perform certain parts of the customer due diligence process: these are detailed in Section FC-1.10. Simplified customer due diligence measures may apply in defined circumstances: these are set out in Section FC-1.11 .Verification of Third Parties
FC-1.1.5
Islamic bank licensees must obtain a signed statement from all new customers confirming whether or not the customer is acting on their own behalf or not. This undertaking must be obtained prior to conducting any transactions with the customer concerned.FC-1.1.6
Where a customer is acting on behalf of a third party, the
Islamic bank licensee must also obtain a signed statement from the third party, confirming they have given authority to the customer to act on their behalf. Where the third party is a legal person, theIslamic bank licensee must have sight of the original Board resolution (or other applicable document) authorising the customer to act on the third party's behalf, and retain a certified copy.FC-1.1.7
Islamic bank licensee must establish and verify the identity of the customer and (where applicable) the party/parties on whose behalf the customer is acting, including the Beneficial Owner of the funds. Verification must take place in accordance with the requirements specified in this Chapter.FC-1.1.8
Where financial services are provided to a minor or other person lacking full legal capacity, the normal identification procedures as set out in this Chapter must be followed. In the case of minors, licensees must additionally verify the identity of the parent(s) or legal guardian(s). Where a third party on behalf of a person lacking full legal capacity wishes to open an account, the licensee must establish the identity of that third party as well as the intended account holder.
Anonymous and Nominee Accounts
FC-1.1.9
Islamic bank licensees must not establish or keep anonymous accounts or accounts in fictitious names. WhereIslamic bank licensees maintain a nominee account, which is controlled by or held for the benefit of another person, the identity of that person must be disclosed to theIslamic bank licensee and verified by it in accordance with the requirements specified in this Chapter.Timing of Verification
FC-1.1.10
Islamic bank licensees must not commence a business relationship or undertake a transaction with a customer before completion of the relevant customer due diligence measures specified in Chapters 1, 2 and 3. However, verification may be completed after receipt of funds in the case of non face-to-face business, or the subsequent submission of CDD documents by the customer after initial face-to face contact, providing that no disbursement of funds takes place until after the requirements of this Chapter have been fully met.Incomplete Customer Due Diligence
FC-1.1.11
Where an
Islamic bank licensee is unable to comply with the requirements specified in Chapters 1, 2 and 3, it must consider whether to terminate the relationship or not proceed with the transaction, and additionally, consider whether it should file a suspicious transaction report.FC-1.1.12
See also Chapter FC-5, which covers the filing of suspicious transaction reports.
FC-1.2 FC-1.2 Face-to-face Business
Natural persons
FC-1.2.1
If the customer is a natural person,
Islamic bank licensees must obtain and record the following information (in hard copy or electronic form), before providing financial services of any kind:(a) full legal name and any other names used;(b) full permanent address (i.e. the residential address of the customer; a post office box is not insufficient);(c) date and place of birth;*(d) nationality;(e) passport number (if customer is a passport holder);(f) CPR or Iqama number (for Bahraini or GCC residents only);(g) telephone/fax number and email address (where applicable);(h) occupation or public position held (where applicable);(i) employer's name and address (where applicable);(j) type of account, and nature and volume of anticipated business dealings with theIslamic bank licensee ;(k) Signature(s) of thecustomer(s) ; and(l) Source of funds.FC-1.2.2
See Part B, Volume 2 (Islamic Banks), for Guidance Notes on source of funds (FC-1.2.1(1)) and requirements for Bahraini residents (FC-1.2.1 (c) & (f)).
FC-1.2.3
Islamic bank licensees must verify the information in Paragraph FC-1.2.1 (a) to (f), by the following methods below; at least one of the copies of the identification documents mentioned in (a) and (b) below must include a clear photograph of the customer:(a) confirmation of the date of birth and legal name, by taking a copy of a current valid official original identification document (e.g. birth certificate, passport, CPR or Iqama);(b) confirmation of the permanent residential address by taking a copy of a recent utility bill, bank statement or similar statement from another licensee or financial institution, or some form of official correspondence or official documentation card, such as CPR, from a public/governmental authority, or a tenancy agreement or record of home visit by an official of theIslamic bank licensee ; and(c) where appropriate, direct contact with the customer by phone, letter or email to confirm relevant information, such as residential address information.FC-1.2.4
Any document copied for the purpose of identification verification must be an original. An authorised official of the licensee must certify the copy, by writing on it the words 'original sighted', together with the date and his signature. Equivalent measures must be taken for electronic copies.
FC-1.2.5
Identity documents which are not obtained by an authorised official of the licensee in original form (e.g. due to a customer sending a copy by post following an initial meeting) must instead be certified (as per FC-1.2.4) by one of the following from a GCC or FATF member state:
(a) a lawyer;(b) a notary;(c) a chartered/certified accountant;(d) an official of a government ministry;(e) an official of an embassy or consulate; or(f) an official of another licensed financial institution or of an associate company of the licensee.FC-1.2.6
The individual making the certification under FC-1.2.5 must give clear contact details (e.g. by attaching a business card or company stamp). The
Islamic bank licensee must verify the identity of the person providing the certification through checking membership of a professional organisation (for lawyers or accountants), or through checking against databases/websites, or by direct phone or email contact.Legal Entities or Legal Arrangements (such as trusts)
FC-1.2.7
If the customer is a legal entity or a legal arrangement such as a trust, the
Islamic bank licensee must obtain and record the following information from original identification documents, databases or websites, in hard copy or electronic form, to verify thecustomer's legal existence and structure:(a) the entity's full name and other trading names used;(b) registration number (or equivalent);(c) legal form;(d) registered address and trading address (where applicable);(e) type of business activity;(f) date and place of incorporation or establishment;(g) telephone, fax number and email address;(h) regulatory body or listing body (for regulated activities such as financial services and listed companies);(i) name of external auditor (where applicable);(j) type of account, and nature and volume of anticipated business dealings with theIslamic bank licensee ; and(k) source of funds.FC-1.2.8
The information provided under FC-1.2.7 must be verified by obtaining certified copies of the following documents, as applicable (depending on the legal form of the entity):
(a) certificate of incorporation and/or certificate of commercial registration or trust deed;(b) memorandum of association;(c) articles of association;(d) partnership agreement;(e) Board resolution seeking the banking services (only necessary in the case of private or unlisted companies);(f) identification documentation of the authorised signatories of the account;(g) copy of the latest financial report and accounts, audited where possible (audited copies do not need to be certified); and(h) list of authorised signatories of the company for the account and a Board resolution (or other applicable document) authorising the named signatories or their agent to operate the account (resolution only necessary for private or unlisted companies).FC-1.2.9
Documents obtained to satisfy the requirements in FC-1.2.8 above must be certified in the manner specified in FC-1.2.4 to FC-1.2.6.
FC-1.2.10
The documentary requirements in FC-1.2.8 above do not apply in the case of listed companies: see Section FC-1.11 below. Also, the documents listed in FC-1.2.8 above are not exhaustive: for customers from overseas jurisdictions, documents of an equivalent nature may be produced as satisfactory evidence of a customer's identity.
FC-1.2.11
Islamic bank licensees must also obtain and document the following due diligence information. These due diligence requirements must be incorporated in the licensee's new business procedures:(a) enquire as to the structure of the legal entity or trust sufficient to determine and verify the identity of the ultimate beneficial owner of the funds, the ultimate provider of funds (if different), and ultimate controller of the funds (if different);(b) ascertain whether the legal entity has been or is in the process of being wound up, dissolved, struck off or terminated;(c) obtain the names, country of residence and nationality of Directors or partners (only necessary for private or unlisted companies);(d) require, through new customer documentation or other transparent means, updates on significant changes to corporate ownership and/or legal structure;(e) obtain and verify the identity of shareholders holding 20% or more of the issued capital (where applicable). The requirement to verify the identity of these shareholders does not apply in the case of listed companies;(f) in the case of trusts or similar arrangements, establish the identity of the settlor(s), trustee(s), and beneficiaries (including making such reasonable enquiries as to ascertain the identity of any other potential beneficiary, in addition to the named beneficiaries of the trust); and(g) where a licensee has reasonable grounds for questioning the authenticity of the information supplied by a customer, conduct additional due diligence to confirm the above information.FC-1.2.12
For the purposes of Paragraph FC-1.2.11, acceptable means of undertaking such due diligence might include taking bank references; visiting or contacting the company by telephone; undertaking a company search or other commercial enquiries; accessing public and private databases (such as stock exchange lists); making enquiries through a business information service or credit bureau; confirming a company's status with an appropriate legal or accounting firm; or undertaking other enquiries that are commercially reasonable.
FC-1.3 FC-1.3 Enhanced Customer Due Diligence: General Requirements
FC-1.3.1
Enhanced customer due diligence must be performed on those customers identified as having a higher risk profile, and additional inquiries made or information obtained in respect of those customers.
FC-1.3.2
The additional information referred to in Paragraph FC-1.3.1 might include documents (either in hard copy or electronic format) relating to the following:
(a) evidence of a person's permanent address through the use of a credit reference agency search or through independent verification by home visit;(b) a personal reference (e.g. by an existing customer of theIslamic bank licensee );(c) another licensed entity's reference and contact with the concerned licensee regarding the customer;(d) documentation outlining the customer's source of wealth;(e) documentation outlining the customer's source of income; and(f) independent verification of employment, or public position held.FC-1.4 FC-1.4 Enhanced Customer Due Diligence: Non face-to-face Business and New Technologies
FC-1.4.1
Islamic bank licensees must establish specific procedures for verifying customer identity where no face-to-face contact takes place.FC-1.4.2
Where no face-to-face contact takes place,
Islamic bank licensees must take additional measures (to those specified in Section FC-1.2), in order to mitigate the potentially higher risk associated with such business. In particular,Islamic bank licensees must take measures:(a) to ensure that the customer is the person they claim to be; and(b) to ensure that the address provided is genuinely the customer's.FC-1.4.3
There are a number of checks that can provide a
Islamic bank licensee with a reasonable degree of assurance as to the authenticity of the applicant. They include:(a) telephone contact with the applicant on an independently verified home or business number;(b) with the customer's consent, contacting an employer to confirm employment, via phone through a listed number or in writing; and(c) salary details appearing on recent bank statements.FC-1.4.4
financial services provided via post, telephone or internet pose greater challenges for customer identification and AML/CFT purposes.
Islamic bank licensees must establish procedures to prevent the misuse of technological developments in money laundering or terrorist financing schemes. Specifically, banks which provide significant electronic and internet banking services to their customers, should connect a programme to such systems to highlight all unusual transactions so as to enable the concerned bank to report such transactions.Islamic bank licensees must also ensure that they comply with any e-commerce laws and/or BMA regulations issued from time to time.FC-1.5 FC-1.5 Enhanced Customer Due Diligence: Politically Exposed Persons ("PEPs")
FC-1.5.1
Islamic bank licensees must have appropriate risk management systems to determine whether a customer is aPolitically Exposed Person ('PEP') , both at the time of establishing business relations and thereafter on a periodic basis. Licensees must utilize publicly available databases and information to establish whether a customer is aPEP .FC-1.5.2
Islamic bank licensees must establish a client acceptance policy with regard toPEPs , taking into account the reputational and other risks involved. Senior management approval must be obtained before aPEP is accepted as a customer.FC-1.5.3
Where an existing customer is a
PEP , or subsequently becomes aPEP , enhanced monitoring and customer due diligence measures must include:(a) analysis of complex financial structures, including trusts, foundations or international business corporations;(b) a written record in the customer file to establish that reasonable measures have been taken to establish both the source of wealth and the source of funds;(c) development of a profile of anticipated customer activity, to be used in on-going monitoring;(d) approval of senior management for allowing the customer relationship to continue; and(e) ongoing account monitoring of thePEP's account by senior management (such as the MLRO).FC-1.5.4
"Politically Exposed Persons" mean individuals who are, or have been, entrusted with prominent public functions in Bahrain or a foreign country, such as Heads of State or government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations or important political party officials. Business relationships with family members or close associates of
PEPs involve reputational risks similar toPEPs themselves. The definition is not intended to cover middle-ranking or more junior officials in the foregoing categories. Bahraini PEPs would include all Ministers, all MPs, and all Ministry officials with the rank of Undersecretary or above.FC-1.6 FC-1.6 Enhanced Due Diligence: Charities, Clubs and Other Societies
FC-1.6.1
Financial services must not be provided to charitable funds and religious, sporting, social, cooperative and professional societies, before an original certificate authenticated by the relevant Ministry confirming the identities of those purporting to act on their behalf (and authorising them to obtain the said service) has been obtained. For Clubs and Societies registered with the General Organisation for Youth and Sports (GOYS), Islamic bank licensees must contact GOYS to clarify whether the account may be opened in accordance with the rules of GOYS.
FC-1.6.2
Islamic bank licensees are reminded that clubs and societies registered with GOYS may only have one account with banks in Bahrain.
FC-1.6.3
Charities should be subject to enhanced transaction monitoring by banks. Islamic bank licensees should develop a profile of anticipated account activity (in terms of payee countries and recipient organisations in particular).
FC-1.6.4
Islamic bank licensees must report all payments and transfers of BD3,000 (or equivalent in foreign currencies) and above, from accounts held by charities registered in Bahrain. The report must be submitted to the BMA's Compliance Unit (see FC-5.3 for contact address), giving details of the amount transferred, account name, number and beneficiary name account and bank details. Islamic bank licensees must ensure that such transfers are in accordance with the spending plans of the charity (in terms of amount, recipient and country).
FC-1.7 FC-1.7 Enhanced Due Diligence: "Pooled Funds"
FC-1.7.1
Where
Islamic bank licensees receive pooled funds managed by professional intermediaries (such as investment and pension fund managers, stockbrokers and lawyers or authorised money transferors), they must apply CDD measures contained in Section FC-1.9 to the professional intermediary. In addition,Islamic bank licensees must verify the identity of the beneficial owners of the funds where required as detailed in Paragraphs FC-1.7.2 or FC-1.7.3 below.FC-1.7.2
Where funds pooled in an account are not co-mingled (i.e. where there are "sub-accounts" attributable to each beneficiary) all beneficial owners must be identified by the Islamic bank licensee, and their identity verified in accordance with the requirements in Section FC-1.2.
FC-1.7.3
For accounts held by intermediaries resident in Bahrain, where such funds are co-mingled, the Islamic bank licensee must make a reasonable effort (in the context of the nature and amount of the funds received) to look beyond the intermediary and determine the identity of the beneficial owners or underlying clients, particularly where funds are banked and then transferred onward to other financial institutions (e.g. in the case of accounts held on behalf of authorised money transferors). Where, however, the intermediary is subject to equivalent regulatory and money laundering regulation and procedures (and, in particular, is subject to the same due diligence standards in respect of its client base) the BMA will not insist upon all beneficial owners being identified provided the Islamic bank licensee has undertaken reasonable measures to determine that the intermediary has engaged in a sound customer due diligence process, consistent with the requirements in Section FC-1.8.
FC-1.7.4
For accounts held by intermediaries from foreign jurisdictions, the intermediary must be subject to requirements to combat money laundering and terrorist financing consistent with the FATF 49 Recommendations and the intermediary must be supervised for compliance with those requirements. The bank must obtain documentary evidence to support the case for not carrying out customer due diligence measures beyond identifying the intermediary. The bank must satisfy itself that the intermediary has identified the underlying beneficiaries and has the systems and controls to allocate the assets in the pooled accounts to the relevant beneficiaries. The due diligence process contained in Section FC-1.8 must be followed.
FC-1.7.5
Where the intermediary is not empowered to provide the required information on beneficial owners (e.g. lawyers bound by professional confidentiality rules) or where the intermediary is not subject to the same due diligence standards referred to above, a bank must not permit the intermediary to open an account or allow the account to continue to operate, unless specific permission has been obtained in writing from the BMA.
FC-1.8 FC-1.8 Enhanced Due Diligence for Correspondent Banking Relationships
FC-1.8.1
The customer due diligence measures outlined under Section FC-1.2 must be carried out in the normal way on the respondent bank.
Islamic bank licensees which intend to act as correspondent banks must gather sufficient information (e.g. through a questionnaire) about their respondent banks to understand the nature of the respondent's business. Factors to consider to provide assurance that satisfactory measures are in place at the respondent bank include:(a) Information about the respondent bank's ownership structure and management;(b) Major business activities of the respondent and its location (i.e. whether it is located in a FATF compliant jurisdiction) as well as the location of its parent (where applicable);(c) Where the customers of the respondent bank are located;(d) The respondent's AML/CFT controls;(e) The purpose for which the account will be opened;(f) Confirmation that the respondent bank has verified the identity of any third party entities that will have direct access to the correspondent banking services without reference to the respondent bank (e.g. in the case of "payable through" accounts);(g) The extent to which the respondent bank performs ongoing due diligence on customers with direct access to the account, and the condition of bank regulation and supervision in the respondent's country (e.g. from published FATF reports). Banks should take into account the country where the respondent bank is located and whether that country abides by the FATF 40+ 9 Recommendations when establishing correspondent relationships with foreign banks. Banks should obtain where possible copies of the relevant laws and regulations concerning AML/CFT and satisfy themselves that respondent banks have effective customer due diligence measures consistent with the FATF 40+ 9 Recommendations;(h) Confirmation that the respondent bank is able to provide relevant customer identification data on request to the correspondent bank; and(i) Whether the respondent bank been subject to a money laundering or terrorist financing investigation.FC-1.8.2
Islamic bank licensees must implement the following additional measures, prior to opening a correspondent banking relationship:(a) Complete a signed statement that outlines the respective responsibilities of each institution in relation to money laundering detection and monitoring responsibilities; and(b) Ensure that the correspondent banking relationship has the approval of senior management.FC-1.8.3
Islamic bank licensees must refuse to enter into or continue a correspondent banking relationship with a bank incorporated in a jurisdiction in which it has no physical presence and which is unaffiliated with a regulated financial group (i.e. "shell banks", see Section FC-1.10). Banks must pay particular attention when entering into or continuing relationships with respondent banks located in jurisdictions that have poor KYC standards or have been identified by the FATF as being "non-cooperative" in the fight against money laundering/terrorist financing.FC-1.9 FC-1.9 Introduced Business from Professional Intermediaries
FC-1.9.1
An
Islamic bank licensee may only accept customers introduced to it by other financial institutions or intermediaries, if it has satisfied itself that the financial institution or intermediary concerned is subject to FATF-equivalent customer due diligence measures. WhereIslamic bank licensees delegate part of the customer due diligence measures to another financial institution or intermediary, the responsibility for meeting the requirements of Chapters 1 and 2 remains with theIslamic bank licensee , not the third party.FC-1.9.2
Islamic bank licensees may only accept introduced business if all of the following conditions are satisfied:(a) the customer due diligence measures applied by the introducer are consistent with those required by the FATF 40 + 9 Recommendations;(b) a formal agreement is in place defining the respective roles of the licensee and the introducer in relation to customer due diligence measures. The agreement must specify that the customer due diligence measures of the introducer will comply with the FATF 40 + 9 Recommendations;(c) the introducer is able to provide all relevant data pertaining to the customer's identity, the identity of the customer and beneficial owner of the funds (where different) and, where applicable, the party/parties on whose behalf the customer is acting; also, the introducer has confirmed that the licensee will be allowed to verify the customer due diligence measures undertaken by the introducer at any stage; and(d) written confirmation is provided by the introducer confirming that all customer due diligence measures required by the FATF 40 + 9 Recommendations have been followed and the customer's identity established and verified. In addition, the confirmation must state that any identification documents or other customer due diligence material can be accessed by theIslamic bank licensee and that these documents will be kept for at least five years after the business relationship has ended.FC-1.9.3
The
Islamic bank licensee must perform periodic reviews ensuring that any introducer on which it relies is in compliance with the FATF 40 + 9 Recommendations. Where the introducer is resident in another jurisdiction, the Islamic bank licensee must also perform periodic reviews to verify whether the jurisdiction is in compliance with the FATF 40 + 9 Recommendations.FC-1.9.4
Should the
Islamic bank licensee not be satisfied that the introducer is in compliance with the requirements of the FATF 40 + 9 Recommendations, the licensee must conduct its own customer due diligence on introduced business, or not accept further introductions, or discontinue the business relationship with the introducer.FC-1.10 FC-1.10 Shell Banks
FC-1.10.1
Islamic bank licensees must not establish business relations with banks, which have no physical presence or "mind and management" in the jurisdiction in which they are licensed ("shell banks"). Banks must not knowingly establish relations with banks that have relations with shell banks.FC-1.10.2
Islamic bank licensees must make a suspicious transaction report to the Anti-Money Laundering Unit and the Compliance Unit if they are approached by a shell bank or an institution they suspect of being a shell bank.FC-1.11 FC-1.11 Simplified Customer Due Diligence
FC-1.11.1
Islamic bank licensees may apply simplified customer due diligence measures, as described in Paragraphs FC-1.11.2 to FC-1.11.8, if:(a) the customer is the Bahrain Monetary Agency ('BMA'), the Bahrain Stock Exchange ('BSE') or a licensee of the BMA;(b) the customer is a Ministry of a Gulf Cooperation Council ('GCC') or Financial Action Task Force ('FATF') member state government, a company in which a GCC government is a majority shareholder, or a company established by decree in the GCC;(c) the customer is a company listed on a GCC or FATF member state stock exchange with equivalent disclosure standards to those of the BSE;(d) the customer is a financial institution whose entire operations are subject to AML/CFT requirements consistent with the FATF Recommendations / Special Recommendations and it is supervised by a financial services supervisor in a FATF or GCC member state for compliance with those requirements;(e) the customer is a financial institution which is a subsidiary of a financial institution located in a FATF or GCC member state, and the AML/CFT requirements applied to its parent also apply to the subsidiary; or(f) the customer is a borrower in a syndicated transaction where the agent bank is a financial institution whose entire operations are subject to AML/CFT requirements consistent with the FATF Recommendations / Special Recommendations and it is supervised by a financial services supervisor in a FATF or GCC member state for compliance with those requirements.(g) the transaction is a one-off or occasional transaction not exceeding BD 6,000 (or equivalent in other currencies), or one of a number of transactions which are related and, when taken together, do not exceed BD 6,000 per year (or equivalent in other currencies).FC-1.11.2
For customers falling under categories a–f specified in Paragraph FC-1.11.1, the information required under Paragraph FC-1.2.1 (for natural persons) or FC-1.2.7 (for legal entities or legal arrangements such as trusts) must be obtained. However, the verification and certification requirements in Paragraphs FC-1.2.3 and FC-1.2.8, and the due diligence requirements in Paragraph FC-1.2.11, may be dispensed with. Where the account is a correspondent banking relationship, enhanced due diligence applies. Refer to Section FC-1.8.
FC-1.11.3
For customers falling under category (g) in paragraph FC-1.11.1, the customer's name and contact information must be recorded. However, the verification, certification and due diligence requirements in Paragraphs FC-1.2.3, FC-1.2.8 and FC-1.2.11 may be dispensed with. As a matter of prudence, it is recommended that identification documentation is checked by the Islamic Bank Licensee.
Islamic bank licensees may, of course, continue to apply the verification, certification and due diligence requirements mentioned in Paragraph FC-1.11.2 for their own purposes.FC-1.11.4
Islamic bank licensees wishing to apply simplified due diligence measures as allowed for under Paragraph FC-1.11.1 must retain documentary evidence supporting their categorisation of the customer.FC-1.11.5
Examples of such documentary evidence may include a printout from a regulator's website, confirming the licensed status of an institution, and internal papers attesting to a review of the AML/CFT measures applied in a jurisdiction.
FC-1.11.6
Islamic bank licensees may use authenticated SWIFT messages as a basis for confirmation of the identity of a financial institution under FC-1.11.1 (d) and (e) where it is dealing as principal. For customers coming under Paragraph FC-1.11.1 (d) and (e),Islamic bank licensees must also obtain and retain a written statement from the parent institution of the subsidiary concerned, confirming that the subsidiary is subject to the same AML/CFT measures as its parent.FC-1.11.7
Simplified customer due diligence measures must not be applied where an
Islamic bank licensee knows, suspects, or has reason to suspect, that the applicant is engaged in money laundering or terrorism financing or that the transaction is carried out on behalf of another person engaged in money laundering or terrorism financing.FC-1.11.8
Simplified customer due diligence measures must not be applied where an
Islamic bank licensee knows, suspects, or has reason to suspect, that transactions are linked, such that they exceed the threshold specified in Paragraph FC-1.11.1 (g).FC-2 FC-2 AML / CFT Systems and Controls
FC-2.1 FC-2.1 General Requirements
FC-2.1.1
Islamic bank licensees must take reasonable care to establish and maintain appropriate systems and controls for compliance with the requirements of this Module and to limit their vulnerability to financial crime. These systems and controls must be documented, and approved and reviewed annually by the Board of the licensee. The documentation, and the Board's review and approval, must be made available upon request to the BMA.FC-2.1.2
The above systems and controls, and associated documented policies and procedures, should cover standards for customer acceptance, on-going monitoring of high-risk accounts, staff training and adequate screening procedures to ensure high standards when hiring employees.
FC-2.1.3
Islamic bank licensees must incorporate Key Performance Indicators (KPIs) to ensure compliance with AML/CFT requirements by all staff. The performance against the KPIs must be adequately reflected in their annual performance evaluation and in their remuneration (See also Paragraph HC-5.4.9A).Added: April 2020FC-2.2 FC-2.2 Ongoing Customer Due Diligence and Transaction Monitoring
Risk Based Monitoring
FC-2.2.1
Islamic bank licensees must develop risk-based monitoring systems appropriate to the complexity of their business, their number of clients and types of transactions. These systems must be configured to identify significant or abnormal transactions or patterns of activity. Such systems must include limits on the number, types or size of transactions undertaken outside expected norms; and must include limits for cash and non-cash transactions.FC-2.2.2
Islamic bank licensees' risk-based monitoring systems should therefore be configured to help identify:(a) transactions which do not appear to have a clear purpose or which make no obvious economic sense;(b) significant or large transactions not consistent with the normal or expected behaviour of a customer; and(c) unusual patterns of activity (relative to other customers of the same profile or of similar types of transactions, for instance because of differences in terms of volumes, transaction type, or flows to or from certain countries), or activity outside the expected or regular pattern of a customer's account activity.Automated Transaction Monitoring
FC-2.2.3
Islamic bank licensees must consider the need to include automated transaction monitoring as part of their risk-based monitoring systems to spot abnormal or unusual flows of funds. In the absence of automated transaction monitoring systems, all transactions above BD 6,000 must be viewed as "significant" and be captured in a daily transactions report for monitoring by the MLRO or a relevant delegated official, and records retained by theIslamic bank licensees for five years after the date of the transaction.Unusual Transactions or Customer Behaviour
FC-2.2.5
Where a
Islamic bank licensee's risk-based monitoring systems identify significant or abnormal transactions (as defined in FC-2.2.2 and FC-2.2.3), it must verify the source of funds for those transactions, particularly where the transactions are above the occasional transactions threshold of BD 6,000. Furthermore,Islamic bank licensees must examine the background and purpose to those transactions and document their findings.FC-2.2.6
The investigations required under FC-2.2.5 must be carried out by the MLRO (or relevant delegated official). The documents relating to these findings must be maintained for five years from the date when the transaction was completed (see also FC-7.1.1 (b)).
FC-2.2.7
Islamic bank licensees must consider instances where there is a significant, unexpected or unexplained change in customer activity.FC-2.2.8
When an existing customer closes one account and opens another, the
Islamic bank licensee must review its customer identity information and update its records accordingly. Where the information available falls short of the requirements contained in Chapter FC-1, the missing or out of date information must be obtained and re-verified with the customer.FC-2.2.9
Once identification procedures have been satisfactorily completed and, as long as records concerning the customer are maintained in line with Chapters FC-1 and FC-7, no further evidence of identity is needed when transactions are subsequently undertaken within the expected level and type of activity for that customer, provided reasonably regular contact has been maintained between the parties and no doubts have arisen as to the customer's identity.
Maintaining Documentation
FC-2.2.10
Islamic bank licensees must take reasonable steps to ensure that they receive and maintain up-to-date copies of the identification documents specified in Chapter FC-1.Islamic bank licensees must require all customers to provide up-to-date identification documents in their standard terms and conditions of business.FC-2.2.11
Islamic bank licensees must review and update their customer due diligence information at least every three years. If, upon performing such a review, copies of identification documents are more than 12 months out of date, theIslamic bank licensee must take steps to obtain updated copies as soon as possible.FC-3 FC-3 Money transfers and alternative remittances
FC-3.1 FC-3.1 Electronic transfers
Outward Transfers
FC-3.1.1
Islamic bank licensees must include all required originator information details with the accompanying electronic transfers of funds they make on behalf of their customers. Non-routine transfers must not be batched, if batching increases the risks of money laundering or terrorist financing. This obligation does not apply where the transfer is made by a bank acting as principal or acting on behalf of another bank as principal such as in the case of payment of spot FX transactions.FC-3.1.2
For the purposes of this Chapter, "Originator Information" means:
(a) The name of the payer;(b) The address of the payer; and(c) The account number of the payer (where funds are being remitted from an account with your bank).FC-3.1.3
It is not necessary for the recipient institution to pass the originator information on to the payee. The obligation is discharged simply by notifying the recipient institution of the originator information at the time the transfer is made.
Inward Transfers
FC-3.1.4
Banks must:
(a) Maintain records (in accordance with Chapter FC-7 of this Module) of all originator information received with an inward transfer; and(b) Carefully scrutinise inward transfers which do not contain originator information (i.e. full name, address and account number or a unique customer identification number). Licensees should presume that such transfers are "suspicious transactions" and pass them to the MLRO for review for determination as to possible filing of an STR, unless (a), the sending institution is able to promptly (i.e. within two business days) advise the licensee in writing of the originator information upon the licensee's request; or (b) the sending institution and the licensee are acting on their own behalf (as principals).FC-3.2 FC-3.2 Remittances on behalf of other Money Transferors
FC-3.2.1
Whenever a
Islamic bank licensee uses the services of Authorised Money Transferors to effect the transfer of funds for a customer to a person or organisation in another country, that licensee must, in respect of the amount so transferred, maintain records of:(a) The identity of its customer(s) in accordance with Chapters FC-1 and FC-7 of this Regulation; and(b) The exact amount transferred for each such customer (particularly where a single transfer is effected for more than one customer).FC-3.2.2
Islamic bank licensees must be able to produce this information for inspection immediately upon request by the BMA.FC-3.2.3
Islamic bank licensees must not transfer funds for customers to a person or organisation in another country by any means other than through an Authorised Money Transferor. Where a licensee is found to be in contravention of this rule, the Agency will not hesitate to impose sanctions upon that licensee (and in serious cases may revoke that licensee's license).FC-4 FC-4 Money Laundering Reporting Officer (MLRO)
FC-4.1 FC-4.1 Appointment of MLRO
FC-4.1.1
Islamic bank licensees must appoint a money laundering reporting officer ("MLRO"). The MLRO must be approved by BMA prior to his appointment. The Agency should be notified of the appointment of the MLRO, using the MLRO Form (Appendix FC-4).FC-4.1.2
The position of MLRO must not be combined with functions that create potential conflicts of interest, such as an internal auditor or business line head. The position of MLRO may not be outsourced.
FC-4.1.3
Subject to Paragraph FC-4.1.2, however, the position of MLRO may otherwise be combined with other functions in the
Islamic bank licensee , such as that of Compliance officer, in cases where the volume and geographical spread of the business is limited and, therefore, the demands of the function are not likely to require a full time resource. Paragraph FC-4.1.6 requires that the MLRO is a Director or employee of the licensee, so the function may not be outsourced to a third party employee.FC-4.1.4
Islamic bank licensees must appoint a deputy MLRO to act for the MLRO in his absence. The deputy MLRO must be resident in Bahrain unless otherwise agreed with the BMA.FC-4.1.5
Islamic bank licensees should note that although the MLRO may delegate some of his functions, either within the licensee or even possibly (in the case of larger groups) to individuals performing similar functions for other group entities, that the responsibility for compliance with the requirements of this Module remains with the licensee and the designated MLROFC-4.1.6
So that he can carry out his functions effectively,
Islamic bank licensees must ensure that their MLRO:(a) is a Director or a member of senior management of the licensee;(b) has a sufficient level of seniority within theIslamic bank licensee , has the authority to act without interference from business line management and has direct access to the Board and senior management (where necessary);(c) has sufficient resources, including sufficient time and (if necessary) support staff, and has designated a replacement to carry out the function should the MLRO be unable to perform his duties;(d) has unrestricted access to all transactional information relating to any financial services provided by theIslamic bank licensee to that customer, or any transactions conducted by theIslamic bank licensee on behalf of a customer;(e) is provided with timely information needed to identify, analyse and effectively monitor customer accounts;(f) has access to all customer due diligence information obtained by theIslamic bank licensee ; and(g) is resident in Bahrain.FC-4.1.7
In addition,
Islamic bank licensees must ensure that their MLRO is able to:(a) monitor the day-to-day operation of its policies and procedures relevant to this Module; and(b) respond promptly to any reasonable request for information made by the Anti-Money Laundering Unit or the BMA.FC-4.1.8
If the position of MLRO falls vacant, the
Islamic bank licensee must appoint a permanent replacement (after obtaining BMA approval), within 120 calendar days of the vacancy occurring. Pending the appointment of a permanent replacement, the licensee must make immediate interim arrangements (including the appointment of an acting MLRO) to ensure continuity in the MLRO function's performance. These interim arrangements must be approved by the BMA.FC-4.2 FC-4.2 Responsibilities of the MLRO
FC-4.2.1
The MLRO is responsible for:
(a) establishing and maintaining theIslamic bank licensee's AML/CFT policies and procedures;(b) ensuring that the licensee complies with the AML Law and any other applicable AML/CFT legislation and regulations;(c) ensuring day-to-day compliance with the licensee's own internal AML/CFT policies and procedures;(d) acting as theIslamic bank licensee's main point of contact in respect of handling internal suspicious transactions reports from the licensee's staff (refer to Section FC-5.1) and as the main contact for the Financial Intelligence Unit, the BMA and other concerned bodies regarding AML/CFT;(e) making external suspicious transactions reports to the Anti-Money Laundering Unit and Compliance Unit (refer to Section FC-5.2);(f) taking reasonable steps to establish and maintain adequate arrangements for staff awareness and training on AML/CFT matters (whether internal or external), as per Chapter FC-5;(g) producing annual reports on the effectiveness of the licensee's AML / CFT controls, for consideration by senior management, as per Paragraph FC-4.3.3;(h) on-going monitoring of what may, in his opinion, constitute high-risk customer accounts; and(i) maintaining all necessary CDD, transactions, STR and staff training records for the required periods (refer to Section FC-7.1).FC-4.3 FC-4.3 Compliance monitoring
Annual Compliance Review
FC-4.3.1
An
Islamic bank licensee must review the effectiveness of its AML/CFT procedures, systems and controls at least once each calendar year. The review must cover theIslamic bank licensee and its branches and subsidiaries both inside and outside the Kingdom of Bahrain. The scope of the review must include:(a) a report, containing the number of internal reports made in accordance with Section FC-5.1, a breakdown of all the results of those internal reports and their outcomes for each segment of the licensee's business, and an analysis of whether controls or training need to be enhanced;(b) a report, indicating the number of external reports made in accordance with Section FC-5.2 and, where aIslamic bank licensee has made an internal report but not made an external report, noting why no external report was made;(c) a sample test of compliance with this Module's customer due diligence requirements; and(d) a report as to the quality of theIslamic bank licensee's anti-money laundering procedures, systems and controls, and compliance with the AML Law and this Module.FC-4.3.2
The reports listed under Paragraph FC-4.3.1 (a) and (b) must be made by the MLRO. The sample testing required under Paragraph FC-4.3.1 (c) must be undertaken either by the licensee's internal audit function or its external auditors. The report required under Paragraph FC-4.3.1 (d) must be made by the licensee's external auditors.
FC-4.3.3
The reports listed under Paragraph FC-4.3.1 must be submitted to the licensee's Board, for it to review and commission any required remedial measures, and copied to the licensee's senior management.
FC-4.3.4
The purpose of the annual compliance review is to assist a licensee's Board and senior management to assess, amongst other things, whether internal and external reports are being made (as required under Chapter FC-5), and whether the overall number of such reports (which may otherwise appear satisfactory) does not conceal inadequate reporting in a particular segment of the licensee's business (or, where relevant, in particular branches or subsidiaries).
Islamic bank licensees should use their judgement as to how the reports listed under Paragraph FC-4.3.1 (a) and (b) should be broken down in order to achieve this aim (e.g. by branches, departments, product lines, etc).FC-4.3.5
Islamic bank licensees must instruct their external auditors to produce the report referred to in Paragraph FC-4.3.1 (d). The report must be submitted to the BMA by the 30th of April of the following year. The findings of this review must be received and acted upon by the licensee.FC-4.3.6
The external auditors may rely upon work performed by the licensee's internal audit function, as part of their procedures for producing the statement referred to in Paragraph FC-4.3.5.
FC-5 FC-5 Suspicious Transactions Reporting
FC-5.1 FC-5.1 Internal reporting
FC-5.1.1
Islamic bank licensees must implement procedures to ensure that staff who handle customer business (or are managerially responsible for such staff) make a report promptly to the MLRO if they know or suspect that a customer (or a person on whose behalf a customer may be acting) is engaged in money laundering or terrorism financing, or if the transaction or the customer's conduct otherwise appears unusual or suspicious. These procedures must include arrangements for disciplining any member of staff who fails, without reasonable excuse, to make such a report.FC-5.1.2
Where
Islamic bank licensees' internal processes provide for staff to consult with their line managers before sending a report to the MLRO, such processes must not be used to prevent reports reaching the MLRO, where staff have stated that they have knowledge or suspicion that a transaction may involve money laundering or terrorist financing.FC-5.2 FC-5.2 External reporting
FC-5.2.1
Islamic bank licensees must take reasonable steps to ensure that all reports made under Section FC-5.1 are considered by the MLRO (or his duly authorised delegate). Having considered the report and any other relevant information the MLRO (or his duly authorised delegate), if he still suspects that a person has been engaged in money laundering or terrorism financing, or the activity concerned is otherwise still regarded as suspicious, must report the fact promptly to therelevant authorities . Where no report is made, the MLRO must document the reasons why.FC-5.2.2
To take reasonable steps, as required under Paragraph FC-5.2.1,
Islamic bank licensees must:(a) require the MLRO to consider reports made under Section FC-5.1.3 in the light of all relevant information accessible to or reasonably obtainable by the MLRO;(b) permit the MLRO to have access to any information, including know your customer information, in theIslamic bank licensee's possession which could be relevant; and(c) ensure that where the MLRO, or his duly authorised delegate, suspects that a person has been engaged in money laundering or terrorist financing, a report is made by the MLRO which is not subject to the consent or approval of any other person.FC-5.2.3
Reports to the
relevant authorities made under Paragraph FC-5.2.1 must be sent to the Anti-Money Laundering Unit at the Ministry of the Interior, with a copy sent to the BMA's Compliance Directorate. Reports must be made using the Suspicious Transaction Report (STR) form and related instructions, included in Part B of Volume 2 (Islamic Banks).FC-5.2.4
Islamic bank licensees must report all suspicious transactions or attempted transactions. This reporting requirement applies regardless of whether the transaction involves tax matters.FC-5.2.5
Islamic bank licensees must retain all relevant details of STRs submitted to the relevant authorities, for at least five years.FC-5.2.6
In accordance with the AML Law,
Islamic bank licensees , their Directors, officers and employees must not warn or inform ("tipping off") their customers, the beneficial owner or other subjects of the STR when information relating to them is being reported to therelevant authorities .FC-5.3 FC-5.3 Contacting the Relevant Authorities
FC-5.3.1
Reports made by the MLRO or his duly authorised delegate under Section FC-5.2 must be sent to the Anti-Money Laundering Unit at the Ministry of the Interior and copied to the Compliance Unit at the Bahrain Monetary Agency at the following addresses:
Anti-Money Laundering Unit
General Directorate of Criminal Investigation
Ministry of Interior
P.O. Box 26698
Manama, Kingdom of Bahrain
Telephone: 17 718888
Fax: 17 715818
E-mail: aecd@batelco.com.bh or amlu@batelco.com.bhHead of Compliance Unit
Bahrain Monetary Agency
P.O. Box 27
Manama, Kingdom of Bahrain
Telephone: 17 547922
Fax: 17 535673
E-mail: cunit@bma.gov.bh;aljaber@bma.gov.bhFC-6 FC-6 Staff Training and Recruitment
FC-6.1 FC-6.1 General Requirements
FC-6.1.1
An
Islamic bank licensee must take reasonable steps to provide periodic training and information to ensure that staff who handle customer transactions, or are managerially responsible for such transactions, are made aware of:(a) their responsibilities under the AML Law, this Module, and any other relevant AML / CFT laws and regulations;(b) the identity and responsibilities of the MLRO and his deputy;(c) the potential consequences, both individual and corporate, of any breach of the AML Law, this Module and any other relevant AML / CFT laws or regulations;(d) theIslamic bank licensee's current AML/CFT policies and procedures;(e) money laundering and terrorist financing typologies and trends;(f) the type of customer activity or transaction that may justify an internal STR;(g) theIslamic bank licensee's procedures for making internal STRs; and(h) customer due diligence measures with respect to establishing business relations with customers.FC-6.1.2
The information referred to in Paragraph FC-6.1.1 must be brought to the attention of relevant new employees of
Islamic bank licensees , and must remain available for reference by staff during their period of employmentFC-6.1.3
Relevant new employees must be given AML/CFT training within three months of joining an
Islamic bank licensee .FC-6.1.4
Islamic bank licensees must ensure that their AML/CFT training for relevant staff remains up-to-date, and is appropriate given the licensee's activities and customer base.FC-6.1.5
The BMA would normally expect AML/CFT training to be provided to relevant staff at least once a year.
FC-6.1.6
Islamic bank licensees must develop adequate screening procedures to ensure high standards when hiring employees. These procedures must include controls to prevent criminals or their associates from being employed by licensees.FC-7 FC-7 Record Keeping
FC-7.1 FC-7.1 General Requirements
CDD and Transaction Records
FC-7.1.1
Islamic bank licensees must comply with the record keeping requirements contained in the AML Law.Islamic bank licensees must therefore retain adequate records (including accounting and identification records), for the following minimum periods:(a) for customers, in relation to evidence of identity and business relationship records (such as application forms and business correspondence), for at least five years after the customer relationship has ceased; and(b) for transactions, in relation to documents enabling a reconstitution of the transaction concerned, for at least five years after the transaction was completed.Compliance Records
FC-7.1.2
Islamic bank licensees must retain copies of the reports produced for their annual compliance review, as specified in Paragraph FC-4.3.1, for at least five years. Licensees must also maintain for 5 years reports made to, or by, the MLRO made in accordance with Sections FC-5.1 and FC-5.2, and records showing how these reports were dealt with and what action, if any, was taken as a consequence of those reports.Training Records
FC-7.1.3
Islamic bank licensees must maintain for at least five years, records showing the dates when AML/CFT training was given, the nature of the training, and the names of the staff that received the training.Access
FC-7.1.4
All records required to be kept under this Section must be made available for prompt and swift access by the relevant authorities or other authorised persons.
FC-7.1.5
Islamic bank licensees are also reminded of the requirements contained in Chapter LR-6 (Books and Records).FC-8 FC-8 NCCT Measures and Terrorist Financing
FC-8.1 FC-8.1 Special Measures for Non-Cooperative Countries or Territories ('NCCTs')
FC-8.1.1
Islamic bank licensees must give special attention to any dealings they may have with entities or persons domiciled in countries or territories which are:(a) identified by the FATF as being "non-cooperative"; or(b) notified toIslamic bank licensees from time to time by the BMA.FC-8.1.2
Whenever transactions with such parties have no apparent economic or visible lawful purpose, their background and purpose must be re-examined and the findings documented. If suspicions remain about the transaction, these must be reported to the
relevant authorities in accordance with Section FC-5.2.FC-8.2 FC-8.2 Terrorist Financing
FC-8.2.1
Islamic bank licensees must comply in full with the provisions of the UN Security Council Anti-terrorism Resolution No. 1373 of 2001 ('UNSCR 1373').FC-8.2.2
Any
Islamic bank licensee that wishes, intends or has been requested to do anything that might contravene, in its reasonable opinion, the provisions of UNSCR 1373 (and in particular Article 1, paragraphs c) and d) of UNSCR 1373) must seek, in writing, the prior written opinion of the BMA on the matter.FC-8.2.3
A copy of UNSCR 1373 is included in Part B of Volume 2 (Islamic Banks), under 'Supplementary Information'.
FC-8.2.4
Islamic bank licensees must report to the BMA details of:(a) funds or other financial assets or economic resources held with them which may be the subject of Article 1, paragraphs c) and d) of UNSCR 1373; and(b) all claims, whether actual or contingent, which theIslamic bank licensee has on persons and entities which may be the subject of Article 1, paragraphs c) and d) of UNSCR 1373.FC-8.2.5
For the purposes of Paragraph FC-8.2.4, 'funds or other financial resources' includes (but is not limited to) shares in any undertaking owned or controlled by the persons and entities referred to in Article 1, paragraph c) and d) of UNSCR 1373, and any associated dividends received by the licensee.
FC-8.2.6
All reports or notifications under this Section must be made to the BMA's Compliance Unit.
FC-8.2.7
See Section FC-5.3 for the Compliance Unit's contact details.
FC-8.3 FC-8.3 Designated Persons and Entities
FC-8.3.1
Without prejudice to the general duty of all
Islamic bank licensees to exercise the utmost care when dealing with persons or entities who might come under Article 1, paragraphs (c) and (d) of UNSCR 1373,Islamic bank licensees must not deal with any persons or entities designated by the BMA as potentially linked to terrorist activity.FC-8.3.2
The BMA from time to time issues to licensees lists of designated persons and entities believed linked to terrorism. Licensees are required to verify that they have no dealings with these designated persons and entities, and report back their findings to the BMA. Names designated by BMA include persons and entities designated by the United Nations, under UN Security Council Resolution 1267 ("UNSCR 1267").
FC-8.3.3
Islamic bank licensees must report to therelevant authorities , using the procedures contained in Section FC-5.2, details of any accounts or other dealings with designated persons and entities, and comply with any subsequent directions issued by therelevant authorities .FC-9 FC-9 Enforcement Measures
FC-9.1 FC-9.1 Regulatory Penalties
FC-9.1.1
Without prejudice to any other penalty imposed by the BMA Law or the AML Law or the Penal Code of the Kingdom of Bahrain, failure by a bank to comply with this Regulation or any direction given hereunder shall result in the levying by the Agency, without need of a court order and at the Agency's discretion, of a fine of up to BD 20,000.
FC-9.1.2
Module EN provides further information on the assessment of financial penalties and the criteria taken into account prior to imposing such fines (reference to Paragraph EN-5.1.4). Other enforcement measures may also be applied by BMA in response to a failure by a licensee to comply with this Module; these other measures are also set out in Module EN.
FC-9.1.3
The BMA will endeavour to assist
Islamic bank licensees to interpret and apply the rules and guidance in this Module.Islamic bank licensees may seek clarification on any issue by contacting the Compliance Unit (see Section FC-5.3 for contact details).FC-9.1.4
Without prejudice to the BMA's general powers under the law, the BMA may amend, clarify or issue further directions on any provision of this Module from time to time, by notice to its licensees.
FC-10 FC-10 AML / CFT Guidance and Best Practice
FC-10.1 FC-10.1 Guidance Provided by International Bodies
FATF: 40 Recommendations and 9 Special Recommendations
FC-10.1.1
The Forty Recommendations (see www.FATF-gafi.org) and Nine Special Recommendations (together with their associated interpretative notes and best practices papers) issued by the Financial Action Task Force (FATF), provide the basic framework for combating money laundering activities and the financing of terrorism. FATF Recommendations 4–6, 8–11, 13–15, 17, 21–23, 25, 29–32 and 40 as well as Special Recommendations IV–IX, and the AML/CFT Methodology are specifically relevant to the banking sector.
FC-10.1.2
The
relevant authorities in Bahrain believe that the principles established by these Recommendations and Special Recommendations should be followed by licensees in all material respects, as representing best practice and prudence in this area.Basel Committee: Statement on money laundering and Customer Due Diligence for banks
FC-10.1.3
In December 1988, the
Basel Committee on Banking Supervision issued a "Statement of Principles" followed by the Customer Due Diligence for Banks paper in October 2001 (with attachment dated February 2003 — see www.bis.org/publ/) with which internationally active banks of member states are expected to comply. These papers cover identifying customers, avoiding suspicious transactions, and co-operating with law enforcement agencies.FC-10.1.4
The BMA supports the above papers and the desirability of all
Islamic bank licensees adhering to their requirements and guidance.Other Website References Relevant to AML/CFT
FC-10.1.5
The following lists a selection of other websites relevant to AML/CFT:
(a) the Middle East North Africa Financial Action Task Force: www.menafatf.org;(b) the Egmont Group: www.egmontgroup.org;(c) the United Nations: www.un.org/terrorism;(d) the UN Counter-Terrorism Committee: www.un.org/Docs/sc/committees/1373/;(e) the UN list of designated individuals: www.un.org/Docs/sc/committees/1267/1267ListEng.htm;(f) the Wolfsberg Group: www.wolfsberg-principles.com; and(g) the Association of Certified Anti-money laundering Specialists: www.acams.org.
