Common Volume
Part A
Table of Contents Module Title Module
CodeDate last
changedFAQ Introduction Environmental, Social and Governance ESG Jan 24 PDF Version Fit and Proper FP Mar 25 PDF Version Fit and Proper Requirements Environmental, Social and Governance Requirements
ESG-A: Introduction
ESG-A.1 Introduction and Scope
ESG-A.1.1
The ESG reporting landscape is in a state of constant change, as companies now face mounting pressure from investors, regulators, and other stakeholders to disclose information relating to their stance on climate change, social issues, and governance factors. This heightened interest has led to a surge in sustainable investments such as ESG funds and Green Bonds, as more and more investors recognise the significance of taking into account the financial and economic ramifications of environmental, social and governance ("ESG") issues when making investment decisions. ESG factors also have an influence on a company's capacity to execute its business plan and produce value in the long run. ESG refers to the following:
(a) Environmental: This factor includes a company's impact on the natural environment, such as its carbon emissions, energy use, waste management, and water usage.(b) Social: This factor encompasses a company's impact on society, including its treatment of employees, customer relations, community engagement, and human rights policies.(c) Governance: This factor relates to a company's internal management and oversight, including issues such as executive compensation, board diversity, and transparency.Added: January 2024ESG-A.1.2
ESG reporting is recognized as one of the diverse approaches accessible for assessing the company's overall performance. It offers insights into a company's performance that extend beyond the information conveyed in financial statements. Investors and other stakeholders seeking to evaluate the long-term sustainability and ethical impact of companies’ operations use such information in their decision-making process.
Added: January 2024ESG-A.1.3
Sustainability reporting and ESG are related but distinct concepts. ESG reports conform to a more specific set of criteria that companies can measure and report against, whereas sustainability reporting provides a wide-ranging overview of a company's sustainability initiatives, goals, and strategies, as well as its progress in achieving them. While reporting on ESG metrics is important from a stakeholder perspective, it is imperative that companies proactively implement strategies to improve environmental and social performance, and to ensure good governance practices.
Added: January 2024ESG-A.1.4
The Central Bank of Bahrain (“CBB”) views that ESG reporting is an effective tool for stakeholders to better examine a company’s efficiency, sustainability, and risk exposure. The objective of this Module is to establish a uniform framework for listed companies and licensees to disclose their ESG performance and sustainability efforts. Considering that companies are at different stages on their sustainability journey, this document contains information on important aspects of ESG reporting, such as stages involved in creating an ESG report, recommendations, resources, and requirements when preparing the report. These topics collectively offer a thorough approach to ESG reporting and are to be viewed in conjunction with relevant international best practices, frameworks and guidelines referred to within this document (Appendix 2).
Added: January 2024Purpose
ESG-A.1.5
The objective of this Module is to foster consistency and reliability in ESG reporting, with the goal of facilitating the development of transparent and comparable ESG disclosures that align with both national and international targets and commitments.
Added: January 2024Legal Basis
Scope
ESG-A.1.7
This Module applies to the following companies:
(a) Listed Companies;(b) Banks;(c) Insurance Firms;(d) Category 1 Investment Firms;(e) Category 2 Investment Firms; and(f) Financing Companies.Added: January 2024ESG-A.2 Module History
Evolution of the Module
ESG-A.2.1
This Module was first issued in November 2023. Any material changes that are subsequently made to this Module are annotated with the calendar quarter date in which the change is made.
Added: January 2024ESG-A.2.2
A list of recent changes made to this Module is provided below:
Module Ref. Change Date Description of Changes ESG-1: Reporting Requirements
ESG-1.1 ESG Key Performance Indicators
ESG-1.1.1
Listed companies and licensees must submit an ESG report to the CBB on an annual basis. The ESG report must incorporate the ESG Key Performance Indicators (KPIs) stipulated under Appendix 1. The ESG report can either be a separate document or be included as part of the company's annual report.
Added: January 2024ESG-1.1.2
The branches of foreign financial institutions must either submit the ESG Report of their respective head offices or provide a separate report. Similarly, companies operating under a group governance framework must either submit the consolidated group ESG Report or provide a separate report.
Added: January 2024ESG-1.1.3
Listed companies and licensees must comply with the following requirements with respect to their ESG reports:
(a) Disclosures must remain consistent over time. This entails using consistent formats, language, and metrics from one period to another to enable inter-period comparisons;(b) In cases where certain breakdowns are not easily discernible or relevant, alternative methods or simplified reporting mechanisms can be explored by the company. However, it is essential that the report adequately describes the mechanisms, assumptions, and other relevant details;(c) Organisations must refrain from providing generic or simplistic disclosures that offer little value. It is also important that any additional metrics are sufficiently descriptive;(d) Companies must avoid greenwashing1 their ESG reports. This can damage a company's reputation and erode stakeholder trust. Avoid making unsupported claims or using vague, undefined terms such as "green" or "sustainable" and instead provide specific and measurable information.(e) Provide definitions, reference period(s) and assumptions where relevant; and(f) Provide an explanation in case of non- or partial disclosure of KPIs stipulated under Appendix 1.Added: January 20241 Greenwashing refers to the practice of making misleading or exaggerated claims about the environmental or social benefits of a product, service, or business practice.
ESG-1.2 ESG Reporting Process
ESG-1.2.1
Listed companies and licensees must have in place an adequate governance framework and reporting process for ESG reporting.
Added: January 2024ESG-1.2.2
A standardised set of ESG metrics with clear definitions and guidance is advantageous for companies that are commencing their sustainability reporting journey (see diagram below).
Added: January 2024ESG-1.2.3
The ESG reporting process should include the following steps:
(a) First: Understand the purpose and importance of ESGs
A clear ‘ESG purpose’ should be determined to help align reporting efforts consistent with overall business strategy. ESG reporting leads to several benefits, for example:
Risk Management: ESG factors can affect a company's performance and future viability. Companies can identify potential risks and opportunities by assessing ESG factors.
Investor Attraction: More investors are considering ESG factors in their decision-making process. A company clearly conveying comparable and consistent ESG performance can gain a competitive edge and attract more investment.
Reputation Enhancement: Companies that report on ESG can improve their public image, fostering trust and loyalty among stakeholders.
(b) Second: Construct a working group
Establishing a cross-functional ESG team is one of the most crucial stages in taking the company’s ESG plan to the next level. This team includes members from various departments (such as finance, legal, risk management, investor relations etc.), to ensure a varied perspective and a comprehensive approach towards achieving the company’s sustainability and ESG reporting goals. Clear ownership should be established with key authorities to ensure that sustainability initiatives are prioritised and integrated into the company’s overall strategy and operations. The Board of Directors is responsible and accountable for ensuring ESG reporting.
The organisation should ideally construct a management-level committee to oversee sustainability objectives and goals. Where needed, expert advice should be sought.
(c) Third: Understand the Reporting Frameworks
The company should identify the relevant ESG issues and data sources, set targets, and establish a reporting process to ensure accurate disclosure of ESG information. The frameworks should be studied closely to determine which approach to use for each KPI. It is encouraged that the working group begin by reviewing the ESG issues raised in international reporting standards and guidelines to establish boundaries.
Detailed guidance on what topics to report on, how to measure and report on them, and what best practices to follow are presented in international frameworks/guidelines (see Appendix 2).
(d) Fourth: Conduct a Materiality Assessment
A key tool to prepare the company's ESG report is conducting an ESG materiality assessment to identify and prioritise ESG issues relevant to the organisation. Companies use the concept of materiality to guide their sustainability strategic planning processes. A material sustainability issue is an economic, environmental, social or governance issue on which a company has an impact or may be impacted by (both positive and negative). It may also be one that significantly influences the assessments and decisions of stakeholders. Materiality analysis includes determining where your company's value chain may generate externalities, its effects, and which issues, practices, and policies are most essential to ESG goals.
After the company’s most important ESG risks and opportunities have been identified, the insights can be utilised to improve strategic planning and reporting. Companies that focus on material ESG topics from a strategic perspective may benefit in the long run, while those that focus on immaterial elements may incur an implicit opportunity cost.
In the initial stages of materiality assessment, a company should identify its key stakeholders. Building support from significant internal and external stakeholders, while ensuring participation across all divisions and functions, maintains the objectivity and independence of the evaluation process.
Furthermore, it is imperative to establish robust data collection and management systems. The working group should develop a data collection plan that outlines the metrics and indicators to be tracked, taking into account both quantitative and qualitative data sources, encompassing internal and external data. The data collection process should prioritize accuracy, reliability, and the absence of errors or inconsistencies in the collected information. This entails implementing measures to verify the integrity of the data, ensure its accuracy, and promptly address any discrepancies or issues that may surface. It is also important to openly disclose any challenges or gaps encountered during the data collection process and provide a clear plan for addressing them.
Materiality Matrix
The materiality matrix is a visual tool used to identify and prioritise ESG issues that are most relevant to a company and its stakeholders. The following is an example of how to create a materiality matrix for ESG disclosures:
i. Identify the relevant ESG issues: Start by identifying the ESG issues that are pertinent to the company's operations, industry, and stakeholders. This can be done through a materiality assessment, which involves gathering input from internal and external stakeholders as explained above.ii. Determine the impact and importance of each issue: Evaluate each issue based on its potential impact on the company's financial performance, reputation, and stakeholders.iii. Plot the issues on a matrix: Once you have identified and evaluated the ESG issues, plot them on a matrix with two axes: impact and importance. The impact axis measures the potential impact of the issue on the company's financial performance and reputation, while the importance axis measures the issue's importance to stakeholders.iv. Categorise the issues: Plot the issues into four quadrants:
1. Material: High impact and high importance issues that should be disclosed in the company's ESG report and given priority in the company's sustainability strategy.2. Significant: High impact but lower importance issues that should be monitored and managed but may not require immediate disclosure.3. Moderate: Lower impact but high importance issues that should be monitored and managed to maintain stakeholder trust and meet stakeholder expectations.4. Minimal: Lower impact and lower importance issues that may not require significant attention but should still be monitored for potential risks or opportunities.
Several resources are available to provide guidance on the creation of a Materiality Matrix, such as Climate Disclosures Standards Board2 and the Sustainability Accounting Standards Board’s Materiality Map3.
(e) Fifth: Set Targets and Goals
ESG targets and goals should be specific, measurable, and associated with the overarching strategy of the company; they should also be quantitative or directional. Targets should also be regularly reviewed and updated to ensure they remain relevant and achievable.
(f) Sixth: Reporting ESGs
The ESG report may begin by including a statement on the company’s ESG purpose, how ESGs are governed and the reporting boundary, to allow readers to understand the scope of the report. Further, the company can explain its materiality determination process and stakeholders the company has engaged with. The company should conclude by stating its targets and goals and how it aims to progress its ESG journey, as well as how this aligns with its corporate strategy.
Added: January 20242 https://www.cdsb.net/what-we-do/reporting-guidance/materiality
3 https://sasb.org/standards/materiality-map/Appendix 1 – ESG KPIs and Guidance
The list provides the KPIs as well as guidance on how to report and disclose data for each ESG aspect. It is intended to be used as a reference tool, with references to major international frameworks to provide additional guidance.
KPI Reference(s) Main Reporting Component(s) Environmental E.1: Environmental Oversight
The company should describe its management and board oversight on climate-related risks and opportunities.
Unit: Statement /Description
1. A statement on how the company addresses its environmental impact (e.g., explain whether senior management and/or the board address sustainability issues in meetings or have dedicated committees to do so.)2. A statement of purpose and approach of the board/management towards sustainability matters.3. A description of the following (where applicable):
3.1 Policies3.2 Commitments3.3 Goals and targets (e.g., a description of how management/the board oversee progress against climate/sustainability related targets)3.4 Responsibilities (e.g., if responsibilities are delegated to management-level positions; dedicated sustainability officer(s); Board committees etc.)3.5 Specific actions, such as processes, projects, programs, initiatives and frequency at which the board is informed about climate/sustainability targets and processes.E.2: Energy Consumption
The company should provide information on both direct and indirect energy usage. Direct energy usage refers to energy that is generated and used on property owned or operated by the company. Indirect energy usage refers to energy that is generated elsewhere, such as through utilities, but is used by the company.
Unit: megawatt hours (MWh) or gigajoules (GJ) or multiples
1. Report total energy consumed and breakdown by type;
1.1 Indirect energy consumed in the form of electricity, heating, cooling (i.e., total of energy purchases)1.2 Direct energy consumed, classified by renewable and non-renewable sources.2. State the standards, techniques, assumptions, and/or calculation tools utilised.E.3: Energy Intensity
The company should report total annual energy usage per output scaling factor (such as sales or revenue).
Unit: gigawatt-hours (GWh) per million BHD/USD or multiples
1. Report total energy consumed during the year divided by the selected scaling factor (e.g., sales, revenue etc.).2. State the standards, techniques, assumptions, and/or calculation tools utilised.E.4: Energy Mix
The company should provide a breakdown of its energy consumption by source.
Unit: Percentage (%)
1. Report the percentage of energy used by source, as part of total energy consumption.2. Report the percentage of renewable and non-renewable energy used, as part of total energy consumption.E.5: Green House Gas (GHG) Emissions
The company should report its total Green House Gas Emissions
Unit: metric tons of CO2 or equivalent
1. Report total absolute emissions by scope;
1. Total amount, in CO2 equivalents, for Scope 12. Total amount, in CO2 equivalents, for Scope 23. Total amount, in CO2 equivalents, for Scope 3 (if applicable).2. State the standards, techniques, assumptions, and/or calculation tools utilised.Note: GHG emissions should be calculated in line with the GHG Protocol4 methodology to allow for aggregation and comparability across companies and jurisdictions.
Term definitions:
▪ Scope 1 – Direct emissions from operations that are owned or controlled by the company;▪ Scope 2 – Indirect emissions resulting from the generation of purchased or acquired electricity, heating, cooling, and steam consumed within the company; and▪ Scope 3 – All other indirect emissions that occur outside the company, including both upstream and downstream emissions (if applicable).E.6: Emission Intensity
The company should report annual GHG emission scaled by a relevant scaling factor (such as size (e.g. m2 floor space), employment (e.g. headcount) and monetary units (e.g. revenue or sales)).
Unit: metric tons of CO2 or multiples per unit of scaling factor
1. Report total annual GHG emission during the year divided by the selected scaling factor.2. State the standards, techniques, assumptions, and/or calculation tools utilised.E.7: Climate Risk Mitigation
The company should describe its climate risk identification process, assessment, management processes, and report annual investment in infrastructure, resilience, and product development.
Unit: Statement / Description and monetary value in BHD/USD
1. Describe how your company identifies, assesses, and manages climate-related risks (including physical risks and transition risks).2. Report the amount invested annually in climate-related issues (in BHD or USD) (e.g., research and product innovation).E.8: Water Usage
The company should report total annual amount of water withdrawn, consumed, recycled.
Unit: cubic meters (m3) or equivalent
1. Report the total annual amount of water consumed by the organisation.2. Report the total annual amount of water withdrawn by the organisation.3. Report the total annual amount of water recycled/reclaimed by the organisation.Note: Companies should refer to CDP term definitions of water withdrawal, consumption and recycling.
E.9: Waste Generation
The company should report total weight of waste generated and a description of its waste disposal method.
Unit: Statement /Description and weight in metric tons or equivalent.
1. Total weight of waste generated in metric tons, and a breakdown of this total by composition of the waste (hazardous and non-hazardous).2. Description of the company’s waste disposal method(s).
2.1 Description of the company’s sustainable waste management practices (such as recycling initiatives and waste reduction strategies).3. State the standards, techniques, assumptions, and/or calculation tools utilised.E.10: Emission Targets
The company should provide a description of emission targets set, and steps taken to achieve them, including energy conservation measures.
Unit: Statement/ Description
1. A statement on how the company addresses its total emission.2. A statement of the board/management approach towards its total emissions, including whether it is subject to any country, regional, or industry-level emissions regulations and policies.3. A description of the following (where applicable):
3.1 Policies3.2 Commitments3.3 Goals and targets (e.g., a description of how management/the board oversee progress against climate/sustainability related targets)3.4 Responsibilities (e.g., if responsibilities are delegated to management-level positions; dedicated sustainability officer; Board committees etc.)3.5 Specific actions, such as processes, projects, programs, initiatives, and frequency at which the board is informed about emission targets and process.Social S.1: Total Workforce by sex, age-group, and employment type
The company should report the composition of its total workforce by sex, employment type and age group.
Unit: Amount and Percentage (%)
1. Report total number of employees currently employed within the organisation and the composition of the total workforce as per the below:
1.1 By sex, as percentage of the total workforce1.2 By age-group (as per the GRI’s employee age group categories: (a) under 30 years old, (b) 30-50 years old, and (c) over 50 years old), as a percentage of the total workforce.1.3 By employment type (e.g., full-time, part-time, intern etc.), as a percentage of the total workforce.S.2: Child and Forced Labour
The company should provide a statement of policies it applies to prohibit child/and or forced labour within the company, and if it considers policies that prohibit that same for their suppliers and/or vendors.
Unit: Statement/Description
1. A statement on how the organisation addresses prohibition of child and or/forced labour.2. A statement of the board/management approach's direction, including whether it is subject to any country, regional, or industry-level regulations and policies.3. A description of the following (where applicable):
3.1 Policies3.2 Commitments3.3 Goals and targets3.4 Responsibilities3.5 Specific actions, such as processes, projects, programs, initiatives and frequency at which the board is informed about any issues concerning child and or/forced labour relating to the company.S.3: Employee Turnover
The company should report the total annual turnover (whether voluntary or involuntary) categorised by sex and age group.
Unit: Amount and Percentage (%)
1. Report total annual employee turnover rate (whether voluntary or involuntary) for full-time employees during the reporting period, as per the below categories:
1.1 By sex1.2 By age-group (as per the GRI’s employee age group categories: (a) under 30 years old, (b) 30-50 years old, and (c) over 50 years old).S.4: Gender Pay Ratio
The company should report the median total compensation for men compared to the median total compensation for women (as a ratio).
Unit: Ratio
1. Report the median total compensation for women compared to the median total compensation for men (as a ratio).S.5: Health and Safety
The company should report the total number of injuries and fatalities occurred, lost days due to work injury and a description of occupational health and safety measures.
Unit: Amount and Description
1. Report on the total number of injuries and fatalities occurred in each of the past three years including the reporting year.2. Report lost days due to work injury in each of the past three years including the reporting year.3. A description of occupational health and safety measures adopted, and how they are implemented and monitored.S.6: Non-Discrimination
The company should provide a description of its harassment and/or non-discrimination policy.
Unit: Statement /Description
1. A statement on how the organisation addresses harassment and discrimination matters.2. A statement of the board/management approach, including whether it is subject to any country, regional, or industry-level regulations and policies.S.7: Nationalisation
The company should report on the number and percentage of national employees, as well as initiatives to increase nationalisation.
Unit: Amount and Statement/ Description
1. A statement of the board/management approach to increase nationalisation, including whether it is subject to any country regulations and policies.2. Report the number and percentage of national employees, as part of the total workforce.*Note: Applicable to Bahrain only.
S.8: Community Investment
The company should provide detailed information on the scope and impact of its community investment activities, as well as amount invested in community as a percentage of company revenue.
Unit: Description and Percentage (%)
1. Report the amount invested in the community as a percentage of company revenues.2. Provide a description of the scope and impact of its community investment initiatives.S.9: Human rights
The company should provide a description of its policy on human rights.
Unit: Statement /Description
1. A statement on how the organisation addresses human rights.2. A statement of the board/management approach's direction, including whether it is subject to any country, regional, or industry-level regulations and policies.3. A description of the following (where applicable):
3.1 Policies (and if it also covers suppliers and vendors).3.2 Commitments3.3 Goals and targets3.4 ResponsibilitiesS.10: Management Composition/Diversity
The company should report the percentage of male to female metrics broken down by various organisational levels.
Unit: Percentage (%)
1. Report percentage of male to female metrics, as per the below categories:
1.1 Entry-level1.2 Mid-level1.3 Senior/Executive level positionsS.11: Development and Training
The company should report average hours of training that its employees have undertaken during the reporting period.
Unit: Percentage (%)
1. Report average hours of training, as per the below categories:
1.1 By Sex1.2 By Employee category (Full-time, part-time, internship etc.)Governance G.1: Board Composition
The company should report the composition of the Board categorised by directors, such as the chairman, executive directors, non-executive directors, and independent non-executive directors.
Unit: Statement/ Description
1. Report board size2. Report female board directors by number and percentage of the Board size.3. Report composition of the board and its committees by:
3.1 Executive or non-executive.3.2 Independence.3.3 Tenure.3.4 Representation (appointed or elected)3.5 Details of non-compliance with regulations, as well as a description of the corrective actions taken.G.2: Collective Bargaining
The company should report on the total enterprise headcount covered by collective bargaining agreements (Unions) and the process in which employees’ contracts with their employers to determine their terms of employment.
Unit: Description and amount
1. Report total enterprise headcount covered by collective bargaining agreements (Unions) (if applicable).2. Provide a description of the process by which employees negotiate their contracts with the organisation to determine their terms of employment (e.g., compensation, benefits, hours, leave, occupational health and safety standards, initiatives to balance work and family etc.)Note: Companies should refer to International Labour Organisation (ILO) Convention 1545 term definition of ‘Collective Bargaining’.
G.3: Whistleblowing
The company should provide a description of the mechanisms used to discuss and report on behaviour.
Unit: Statement / Description
1. Provide a description of internal and external mechanisms for seeking advice and reporting concerns on organisational integrity.2. Provide a description on awareness initiatives conducted by the organisation.G.4: Data privacy
The company should Report if it follows a Data Privacy policy and if the company has taken steps to comply with Personal Data Protection Law (PDPL) rules.
Unit: Statement / Description
1. Provide a description of the company’s Data Privacy policy.2. Provide a statement of the steps taken to comply with Personal Data Protection Law (PDPL) rules.G.5: Disclosure Practices
The company should provide a description of its sustainability disclosure practices.
Unit: Statement / Description
1. Report if the company provides its sustainability data to sustainability supporting organisations such as the Global Reporting Initiative (GRI) Secretariat, United Nations (UN), CDP etc.2. Report if the company focuses on specific UN Sustainable Development Goals (SDGs), including setting targets and reporting progress.3. State whether the company publishes a sustainability report and/or how it integrates sustainability data in its disclosures.G.6: Conflict of interest
The company shall describe the processes for the highest governance body to ensure that conflicts of interest are prevented and mitigated.
Unit: Statement / Description
1. Report whether conflicts of interest are disclosed to stakeholders, including, at a minimum, conflicts of interest relating to:
1.1 Cross-board membership1.2 Cross-shareholding with suppliers and other stakeholders;1.3 Existence of controlling shareholders;1.4 Related parties, their relationships, nature, transactions, and outstanding balances.G.7: Supplier Code of Conduct
The company should report if it has established a Supplier Code of Conduct.
Unit: Statement / Description and Percentage (%)
1. Provide a description of the company’s Supplier Code of Conduct.2. Report the percentage of suppliers that comply with the company’s code of conduct and the compliance assessment mechanism.Note: A Supplier Code of Conduct refers to a set of principles and standards that outline the company’s expectations for responsible business practices by its supplier.
G.8: Incentivised Pay
The company should describe the processes for incentivising executives to perform sustainably.
Unit: Statement / Description
1. Report if executives are formally incentivised to perform on sustainability.2. Report the percentage of executive compensation tied to ESG performance metrics.3. Provide a description of other links between executive performance and sustainability performance (if any).G.9: Ethics & Anti-corruption
The company should describe its policy on ethical conduct and anti-corruption.
Unit: Statement / Description and Percentage (%)
1. Report if your company follows an Ethics and/or Anti-Corruption policy.
1.1 If yes, report the percentage of the workforce that has formally certified its compliance with the policy (provide description of certification and process).2. Provide a statement of the company’s commitment towards its ethics and/or anti-Corruption policy/position.G.10: Assurance
The company shall describe the processes by which its sustainability disclosures are assured or validated.
Unit: Statement / Description
1. Provide a description of the process by which sustainability disclosures are assured or validated.
1.1 Report if the company’s sustainability disclosures are assured or validated by an independent third party.Added: January 20245 https://www.ilo.org/ C154 - Collective Bargaining Convention, 1981 (No. 154)
Appendix 2 – ESG Reporting Frameworks and Global Initiatives
A range of the most widely used and accepted frameworks are provided below:
The Global Reporting Initiative (GRI): The Global Reporting Initiative (GRI) is a non-profit multinational organisation that offers a complete framework for sustainability reporting. The organisation was created in 1997 with the intention of supporting long-term development via transparency and accountability. The GRI Standards are classified into three series: Universal Standards, Topic-specific Standards, and Sector-specific Standards. They provide a comprehensive set of disclosures across a range of sustainability topics, including governance, labour practices, human rights, environmental impacts, product responsibility, and community engagement. The GRI Standards are designed to be flexible and adaptable to different types of companies, industries, and geographic regions. The framework encourages companies to report not only on their positive sustainability performance but also on their challenges and areas for improvement. This helps to promote transparency and accountability and enables stakeholders to make informed decisions based on reliable and comparable information.
Link: https://www.globalreporting.org/
Task Force on Climate-related Financial Disclosures (TCFD): The TCFD is a global voluntary framework that provides guidelines for companies to disclose climate-related financial risks and opportunities. Established by the Financial Stability Board, TCFD recommendations cover four core areas: governance, strategy, risk management, and metrics and targets. The TCFD recommendations are designed to be flexible and scalable to different types of companies and industries. They are also intended to help companies identify and seize opportunities related to the transition to a low-carbon economy.
Link: http://www.fsb-tcfd.org/
CDP (formerly the Carbon Disclosure Project): CDP is a global environmental impact non-profit that runs a disclosure system for companies to report on their environmental performance. CDP focuses on climate change, water security, and deforestation, and provides a standardised framework for companies to measure and manage their environmental impacts. It provides a standardised questionnaire that companies can use to report on their environmental impacts and risks, as well as their strategies for mitigating these impacts.
Link: http://www.cdp.net/en
Integrated Reporting Framework (IR): A comprehensive view of an organisation's strategy, governance, performance, and prospects—including ESG factors—is offered by the IR Framework. It encourages businesses to communicate how they are managing their stakeholder relationships as well as how they are creating value over the short, medium, and long term. The IR Framework can be used in conjunction with other reporting frameworks, such as the GRI Standards and the SASB Standards, and is intended to be adaptable to different types of companies and industries.
Link: http://www.integratedreporting.org/
Sustainability Accounting Standards Board (SASB): The SASB Standards are intended to assist businesses in providing investors with financial material ESG information. The framework focuses on 77 sustainability issues that are particular to each industry and are most likely to influence a company's financial performance. Environment, social capital, human capital, business model and innovation, and leadership and governance are the five categories into which these subjects are divided. The SASB Standards offer guidance on how to incorporate ESG information into financial reporting and are made to be compatible with frameworks like the Generally Accepted Accounting Principles (GAAP).
Link: http://www.sasb.org/
Climate Disclosure Standards Board (CDSB): The CDSB develops and publishes a set of globally recognised reporting standards called the Climate Change Reporting Framework. This framework provides guidance on how companies can report on their climate-related risks and opportunities in a clear, comprehensive, and consistent manner. The CDSB also provides guidance on how companies can report on other ESG issues, such as their impact on natural resources, social and human capital, and governance.
Link: https://www.cdsb.net/
International Sustainability Standards Board (ISSB): An independent body established by the IFRS Foundation to develop global sustainability reporting standards. The IFRS Sustainability Disclosure Standards (IFRS SDS) provide a structured framework for companies to disclose material sustainability information in a consistent and comparable manner, covering a wide range of environmental, social, and governance (ESG) topics. IFRS S1 establishes disclosure requirements that allow companies to communicate sustainability-related risks and opportunities to investors over the short, medium, and long term. Complementing this, IFRS S2 provides detailed guidelines for disclosing climate-related information and is meant to be used in conjunction with IFRS S1. Together, these standards enhance companies' ability to provide comprehensive and relevant sustainability reporting, enabling investors to make well-informed decisions.
Link: https://www.ifrs.org/
Added: January 2024Fit and Proper Requirements
FP-A: Introduction
FP-A.1 Introduction and Scope
Purpose
FP-A.1.1
This Module presents the CBB requirements that should be met by the licensees with regards to certain persons identified in this Module with respect to fitness and propriety as specified in this Module. Directors on the boards of licensees and certain senior management functions require the CBB’s approval prior to their appointment.
Added: March 2025Legal Basis
Scope
FP-A.1.3
This Module applies to all licensees. It contains the CBB’s principles regarding ensuring suitability of directors and individuals heading senior management functions. It also sets out the fit and proper criteria and the CBB’s requirements relating to appointments, identification of senior managers, ongoing fit and proper assessments, training, notifications, reporting and record keeping. It also identifies certain positions, the holders of which, would require prior approval of the CBB in writing before holding such positions.
Added: March 2025FP-A.1.4
For licensees that are branches of overseas institutions, references to the board of directors or board should be interpreted as their head offices or regional offices as appropriate.
Added: March 2025FP-A.2 Module History
Evolution of the Module
FP-A.2.1
This Module was first issued in March 2025. It supersedes the existing Training and Competency Modules in the CBB Rulebook, the requirements relating to approved persons in the Licensing Requirements Modules, Authorisation Modules of the CBB Rulebook, Volumes 1 to 5, and relevant sections of the Modules in the CBB Rulebook Volume 6. With the introduction of this Module, the references to the terms “approved persons” and “controlled functions” will be removed from the CBB Rulebook. The Modules within the CBB Rulebook titled “Training and Competency” will also be removed.
Added: March 2025FP-A.2.2
A list of recent changes made to this Module is provided below:
Module Ref. Change Date Description of Changes Added: March 2025FP-1: Fit and Proper
FP-1.1 Principles and Outcomes
FP-1.1.1
Licensees must adhere to the following key principles and outcomes regarding the suitability of persons covered within the scope of this Module:
(a) Ensure that unsuitable persons are not appointed to the board, or to senior management functions as identified by the licensee. A person is unsuitable if the person does not meet the fit and proper criteria set out in this Module;(b) Conduct comprehensive assessments prior to the appointment of persons covered within the scope of this Module to ensure they satisfy the CBB’s fit and proper criteria;(c) The board of directors and the chief executive officer are responsible for the organisation structure and for identifying the senior management functions;(d) Ensure the persons covered within the scope of this Module continue to meet the fit and proper criteria;(e) Establish documented board approved policies for recruitment, training and competency, including minimum competency standards addressing academic and/or professional qualifications and past experience, periodic competency assessments and training for persons covered within the scope of this Module; and(f) Promptly report to the CBB if the licensee identifies material deficiency in suitability of the persons covered within the scope of this Module.Added: March 2025FP-1.1.2
While licensees are afforded flexibility in determining how best to achieve the above outcomes based on their specific/ unique circumstances, they are responsible for maintaining adequate records that demonstrate their decisions and how the related outcomes have been achieved.
Added: March 2025FP-1.1.3
With regards to competency standards referred to in Paragraph FP-1.1.1(e), Appendix FP-1 provides illustrative guidance for certain positions relevant to banks, insurance firms, category 1 investment firms and licensed exchanges. All licensees should develop their own standards. The illustrative qualifications and core competencies are not the minimum requirements.
Added: March 2025FP-1.2 Senior Management Functions
FP-1.2.1
The board and the chief executive officer are responsible for the design and documentation of the organisation structure, for identifying senior management functions and ensuring compliance with the fit and proper requirements.
Added: March 2025Identifying Senior Management Functions
FP-1.2.2
Senior management functions are those functions that are identified in accordance with Paragraph FP-1.2.1. In identifying senior management functions, the licensee should consider the size and nature of the activities, complexity of business, organisational structure, reporting lines and the delegated authorities. The following additional criteria may be considered for such identification:
(a) A person who has significant authority to make decisions for the whole or a substantial part of the business of the licensee (e.g. positions with board delegated authority to oversee revenue generation of 20% or more) and can significantly impact the licensee’s safety and soundness or cause material harm to the licensee’s customers (e.g., CEO/general manager, heads of key business functions);(b) A person who enforces policies and implements strategies approved by the board of the licensee;(c) A person heading a function reporting to the board and/ or those heading control functions (i.e. chief financial officer, chief risk officer, chief internal auditor, chief information security officer, chief compliance officer etc.); or(d) For a licensee which is a branch of an overseas entity, a person who is nominated as the senior officer by the head office to the extent that the person meets the definition in subparagraphs (a), (b) or (c) above.Added: March 2025FP-1.2.3
Licensees must maintain a statement of responsibilities (SOR) for all senior management functions which sets out the description of the job role, the job objectives, function related responsibilities, reporting responsibilities, oversight responsibilities, delegated authorities and personal accountability. The SORs must be signed by the person in that relevant senior management function within one month of appointment.
Added: March 2025FP-1.3 Fit and Proper Criteria
FP-1.3.1
Licensees must ensure that their fit and proper criteria cover the following areas:
(a) Honesty, integrity and reputation;(b) Financial soundness; and(c) Competency (i.e. knowledge, skills and experience).Added: March 2025FP-1.3.2
Licensees must establish competency standards and consistently apply policies and procedures for fit and proper assessments. Licensees must assess the suitability:
(a) When individuals are proposed for appointment to relevant positions; and(b) During annual assessments of an individual’s ongoing suitability.Added: March 2025Honesty, Integrity and Reputation
FP-1.3.3
Licensees must consider the person to have not met the criteria under FP-1.3.1 (a) whenever he displays one or more of the following:
(a) Has previously been convicted of any felony or crime related to honesty and/or integrity unless subsequently restored to good standing;(b) Was the subject of civil or criminal proceedings or enforcement action, in relation to the management of an entity, or commercial or professional activities, which were determined adversely to the person and which reflected adversely on the person’s diligence, judgment, honesty or integrity;(c) Has been an officer found liable for an offence committed by a body corporate where the offense was proven to have been committed with the consent, connivance, or neglect attributable to that officer;(d) Has been refused the right or had restrictions placed on the individual’s right to carry on any trade, business, or profession requiring a specific license, registration, or other authorisation by law in any jurisdiction;(e) Has been disqualified by a court, regulator, or other competent body from acting as a board director, manager or employee of a company in any jurisdiction; or(f) Has been reprimanded, or disqualified, or removed by a professional or regulatory body in relation to matters relating to the person’s honesty, integrity or business conduct.Added: March 2025FP-1.3.4
In assessing if the criteria under FP-1.3.1(a) have been satisfied, the licensee shall also consider previous professional and personal conduct (in the Kingdom of Bahrain or elsewhere) including, but not limited to, the following:
(a) The propriety of a person’s conduct, whether or not such conduct resulted in a criminal offence being committed, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;(b) A conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;(c) Any adverse finding in a civil action by any court or competent jurisdiction, relating to misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;(d) Whether the person, or any body corporate, partnership or unincorporated institution to which the applicant has, or has been associated with as a board director, controller, manager or company secretary been the subject of any disciplinary proceeding, investigation or fines by any government authority, regulatory agency or professional body or association;(e) Whether the person is in breach of any financial services legislation;(f) Whether the person has ever been refused a license, authorisation, registration or other authority;(g) Is or has been subject to disciplinary proceedings by his current or former employer(s), whether in Bahrain or elsewhere;(h) Dismissal or a request to resign from any office or employment;(i) Whether the person has been a board member, partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners have been declared bankrupt whilst the person was connected with that partnership;(j) Whether he has been censured, disciplined, suspended or refused membership or registration by regulators, an operator of a market, trade repository or clearing facility, any professional body or government agency, whether in Bahrain or elsewhere;(k) A finding of guilt in respect of a complaint relating to activities that are regulated by the CBB or under any law in any jurisdiction;(l) Whether he has accepted civil liability for fraud or misrepresentation under any law in any jurisdiction; or(m) Whether there is evidence that the individual has not been transparent, open, and cooperative in his or her dealings with supervisory or regulatory authorities.Added: March 2025Financial Soundness
FP-1.3.5
FP-1.3.5 In determining if a person is financially sound as required under FP-1.3.1 (b) the following factors may be relevant and would require careful consideration as regards the circumstances and the reasons for such occurrence:
(a) Such person was adjudged bankrupt by a court, unless a period of 5 years has passed, during which the person has been able to meet all his obligations;(b) Such person has failed to satisfy a judgement debt under a court order resulting from a business relationship; or(c) Such person has seriously or persistently failed to manage personal debts or financial affairs satisfactorily, in circumstances where such failure caused loss to others.Added: March 2025Competency
FP-1.3.6
Licensees must consider a person’s level of knowledge, skills and experience to assess competency. A person is deemed not competent, as required under the criteria in FP-1.3.1 (c), if he does not meet the qualifications, experience, skills or other competency standards set by the licensee. The criteria must consider the following:
(a) Suitable academic and/or professional qualifications and/or other certifications;(b) Expertise or past experience having regard to the nature of the role; and(c) The ability to manage and supervise the operations that fall under his responsibilities.Added: March 2025FP-1.3.7
Licensees should ensure that the competency standards for all management positions whether senior or otherwise consider the following:
(a) The necessary academic, professional or industry qualifications and certifications;(b) Knowledge about the industry /business segment/ financial products or the operations or control activity as may be relevant to the job role;(c) Sufficiency of industry and management experience (where applicable);(d) Understanding of the regulatory framework, including the laws, regulations and associated codes governing the industry sectors; and(e) Knowledge and expertise for the tasks relevant to the job role.Added: March 2025FP-1.3.8
The licensees’ competency standards for the CEO and senior management functions must consider:
(a) Suitable academic and/or professional qualifications and/or other certifications;(b) Experience of working in financial services and other occupations including sufficient experience in a managerial capacity (taking into account the functions performed in previous employment and the nature, scale and complexity of the businesses in which the individual was employed);(c) Sufficiency of the level of knowledge, for example, of:
i. Financial marketsii. Strategic and business planningiii. Risk managementiv. Governance, compliance oversight and controlsv. Financial reportingvi. Regulatory framework and requirements;(d) Skillsets:
i. Technical/analytical/business skills etc.ii. Leadership/management skills.Added: March 2025FP-1.3.9
Persons appointed as directors must have:
(a) Suitable academic and/or professional qualifications and/or other certifications;(b) Sufficient knowledge and experience to demonstrate sound business decision-making ability to challenge senior management;(c) A good understanding of the industry and the regulatory environment;(d) Experience in governance and oversight; and(e) The ability to commit sufficient time to the role, given other commitments.Added: March 2025FP-1.3.10
Licensees must conduct comprehensive due diligence to satisfy themselves that persons being considered for appointment meet their fit and proper criteria and the CBB requirements in this Module.
Added: March 2025FP-1.3.11
Licensees must maintain adequate documentation of due diligence and checks.
Added: March 2025FP-1.3.12
Due diligence and screening checks should consider reference checks, discussions with past employers, review of CVs, interview process, certificates and proof of credentials, reputation, brand and profile of past employers, police verifications where appropriate, credit scores or credit registry checks, LinkedIn profile checks, etc. and self-declarations.
Added: March 2025FP-1.4 Maintaining Competence
Directors
FP-1.4.1
A licensee must establish appropriate induction and ongoing training and continuing professional development (‘CPD’) arrangements to educate the directors on topics of relevance to the licensee’s business, the industry and compliance obligations.
Added: March 2025FP-1.4.2
Directors of the licensee have a key role in ensuring the licensee remains solvent, in safeguarding the interests of the licensee’s customers and counterparts and, more broadly, in setting the standards that help promote financial stability and soundness. Accordingly, the licensee’s directors should keep abreast of developments in the industry, the emerging risks and trends and on matters that help them fulfil their roles. Given the broad nature of their role, board training plans should be aligned to the training needs of the individual directors. Such programmes may include providing the directors with a detailed overview and risk profile of the institution’s significant or new business lines and periodic updates on regulatory developments.
Added: March 2025Senior Management Functions
FP-1.4.3
Licensees must annually assess the training needs of persons heading senior management functions and update their annual training plans to ensure that the relevant individuals remain competent for their respective job roles. The training plan must address:
(a) The specific training needs;(b) The methods for learning /training;(c) The time period during which training must be completed;(d) Annual review and assessments; and(e) A programme for CPD which must not be less than 15 hours per annum.Added: March 2025FP-1.4.4
In almost every situation, and for most individuals, it is likely that competence will be developed most effectively by a mix of training methods including on-the-job training. In-house training, seminars, conferences, further qualifications, product presentations, computer-based training and one-to-one tuition may also be considered.
Added: March 2025FP-1.5 Shared Responsibilities and Residency
FP-1.5.1
Licensees may adopt shared responsibility structures (senior managers undertaking more than one function within the licensee’s organisation or within the group) subject to the following considerations:
(a) The responsibilities, scope of authority and reporting lines for each senior manager function are clearly specified;(b) There is no conflict of interest inherent in or arising from simultaneously performing such functions;(c) Appropriate systems and controls are in place to manage the risks associated with the licensee’s offerings or transactions in Bahrain;(d) The licensee’s operations in Bahrain are not adversely impacted due to the shared responsibility structure, for example, there is:
i. No impact on effective oversight of delegates and operations in Bahrain;ii. No material impact on, or compromise of the interests of, customers in Bahrain;iii. No disruption to the licensee’s day-to-day business or activities; andiv. No impairment in ability of the licensee to continue complying with the applicable laws, regulatory requirements, or codes of conduct, whether in Bahrain or elsewhere.Added: March 2025FP-1.5.2
Licensees must ensure that adequate mind and management, proportionate to their nature, size and complexity, are resident in Bahrain for managing their day-to-day operations and the conditions in sub-paragraph FP-1.5.1 (d) are met.
Added: March 2025FP-2: CBB Approval Requirements
FP-2.1 Prior Approval by the CBB
FP-2.1.1
Licensees must seek the CBB’s prior written approval for appointment of board directors and persons holding key senior management functions set out in Appendix FP-2 of this Module. The licensees must submit a Form 3 – Application for Approval of Board Directors and Senior Management available on CBB’s website under ‘E-services/online Forms’ for the CBB’s review.
Added: March 2025FP-2.1.2
Licensees must perform their due diligence on applications for persons proposed to be appointed/elected on the Board and for senior management functions (Appendix FP-2) before seeking the CBB’s approval. Applications for approval must only be made for persons that meet the fit and proper criteria.
Added: March 2025FP-2.1.3
In evaluating the proposal by the licensee, the CBB may make inquiries regarding a person’s previous conduct (in the Kingdom of Bahrain or elsewhere). The CBB decisions are binding on the applicant unless the CBB has agreed to reconsider pursuant to an appeal by the licensee. In making its own assessments regarding matters specified in Paragraphs FP-1.3.3 to FP-1.3.5, the CBB will take into consideration the circumstances of each case prior to making a decision for approval or refusal:
(a) the seriousness of the event or failure and the surrounding circumstances resulting in the person not meeting a specific criterion;(b) the relevance of the event or failure, to the role and responsibilities to be assumed by the said function; or(c) the length of time since the event or failure occurred.Added: March 2025FP-2.1.4
Following the approval of a person, if the CBB becomes aware of information which indicates that the person did not meet the fit and proper criteria, the CBB reserves the right to consider the approval as ‘revoked’. In such circumstances, the CBB will inform the licensee and agree with it a plan for the licensee to take the necessary corrective actions. Licensees or the nominated persons may, within 30 calendar days of the notification, appeal against the CBB’s decision to refuse the application for approval. The CBB shall decide on the appeal and notify the licensees of its decision within 30 calendar days from the date of submitting the appeal.
Added: March 2025FP-3: Other Requirements
FP-3.1 Notification Requirements
FP-3.1.1
Licensees must notify the CBB, within 5 working days, if they become aware of information that indicates that a board director or a person heading a senior management function does not or no longer meets the ‘fit and proper’ requirements of the licensee or those required by the CBB under this Module, e.g. criminal offence being committed, or when the licensee becomes aware of persistent failure to repay personal debts or the occurrence of credit default.
Added: March 2025FP-3.1.2
Licensees must notify the CBB as at the end of each quarter, any new appointments to a senior management function (other than those that are approved by the CBB). The notification must be made through the institutional information system (IIS), and must include the official name of the person, the title and position and telephone and email contact details of such person.
Added: March 2025FP-3.1.3
Licensees must notify the CBB when a board director or person holding senior management functions has resigned, been suspended or dismissed, or when disciplinary action has been taken against such person, or when a member of senior management is transferred to another function within the licensee, or else to another group entity. Such notification must be made within 5 working days of the acceptance of the resignation letter, decision of suspension or dismissal, transfer etc.
Added: March 2025FP-3.1.4
If a person who was approved by the CBB to undertake a certain function was transferred by the licensee to another position requiring the CBB’s approval, then the CBB approval of such transfer is required.
Added: March 2025FP-3.2 Interim Arrangements
FP-3.2.1
If a senior management function falls vacant, licensees must ensure that pending the appointment of a replacement, interim arrangements are made to ensure continuity of the duties. The licensee must take reasonable care to ensure that any person temporarily filling the senior management position is suitably qualified, experienced, and capable of performing the role’s responsibilities effectively during the interim period. These requirements must be included in licensee’s policies. The vacant position must be filled, unless agreed with the CBB, with a permanent appointment within 180 days of the vacancy occurring.
Added: March 2025FP-3.3 Record keeping
FP-3.3.1
Licensees must retain the following records for all persons covered under the scope of this Module for a minimum period of five years following termination of their employment with the licensee:
(a) Fit and proper assessments, including but not limited to:
a. Recruitment records, CVs, and proof of the candidates’ knowledge and skills and their previous activities and training;b. Results of the initial screening for the purposes of appointments;c. Background and reference checks; andd. Details of any professional qualifications;(b) Evidence for competence, including but not limited to:
a. Competency standards;b. Annual training plans;c. Material for training, attendance and evaluation;d. Documentation to show annual assessment of competence and criteria used; ande. Record of CPD hours undertaken by each person.Added: March 2025FP-3.4 Non-Compliance with CBB Requirements
FP-3.4.1
The CBB has the power to examine, investigate and or require independent expert assessments of compliance with the requirements in this Module. Where there are deficiencies in a licensee’s compliance with the requirements of this Module, the CBB will direct the licensee to take appropriate remedial action. Where this is not done or is ineffective, it may call into question whether the licensee continues to satisfy the relevant licensing conditions. It may also cast doubt on the fitness and propriety of the board of directors and CEO. Based on the circumstances of the case, the CBB will consider whether formal supervisory action should be taken against the licensee, or the individuals concerned. The CBB has the power to take the necessary enforcement actions in accordance with the CBB Law and Module EN against the licensee, its board and senior management as appropriate.
Added: March 2025FP-3.4.2
The CBB may take, after due process, any of the following actions, as applicable, against individuals not meeting fitness and/or propriety standards of the licensee or the CBB:
(a) Remediation requirements: CBB can require individuals in senior positions to take specific actions to remedy deficiencies, such as obtaining necessary qualifications, or addressing conflicts of interest;(b) Disqualification: CBB may disqualify/bar a person from holding senior roles in CBB licensees when CBB believes the individual does not meet the fit and proper criteria;(c) Direction to remove/move: CBB may issue a formal direction to remove or move the person to another activity within the organisation; or(d) Criminal penalties: In extreme cases, where there is evidence of fraud or dishonesty with respect to provision/withholding of information, CBB can refer matters for criminal prosecution.Added: March 2025Appendix FP-1 Illustrative Qualifications and Core Competencies
Note: The titles mentioned in this Module or Appendix should be interpreted as referring to individuals fulfilling roles or functions corresponding to the respective title. The below qualifications and core competencies represent illustrative guidance only and are not minimum criteria.
Added: March 2025Board Director
Core Competencies
Board directors should have:
(a) A good understanding of the industry and the regulatory environment;(b) Sufficient experience to demonstrate sound business decision-making ability to challenge of senior management;(c) Experience in governance and oversight;(d) The ability to commit sufficient time to the role, given other commitments;(e) Reputation in the industry, relationships with key stakeholders, regulators, government and clients; and(f) Persons considered for independent director appointments should have industry, role related expertise and sufficient years of experience to complement the collective competency of the board of directors as a whole.Added: March 2025How can competence be demonstrated?
Competence is demonstrated by:
(a) A minimum experience of 5 years in business and/or government/quasi government of which at least 4 years at a senior management level; and(b) Holds a minimum of a bachelor’s degree.Added: March 2025Chief Executive, Deputy CEO or equivalent
Core Competencies
The Chief Executive or General Manager and their Deputies should:
(a) Bring extensive experience in the financial services activity relevant to the licensee, with a track record of success in senior management roles;(b) Have a good understanding of the markets, in which the licensee operates, and products and offerings needed to compete effectively;(c) Demonstrate success in leading an organisation or business unit with significant financial and operational responsibilities;(d) Demonstrate ability to build and maintain relationships with all stakeholders, including regulators, investors and customers;(e) Have the ability to influence others to support the strategic objectives through compelling communication and negotiation;(f) Display ability to communicate and manage shareholders, regulators, customer groups and eco-system players;(g) Demonstrate ability to build strategic alliances and partnerships; and(h) Demonstrate high level awareness of sound corporate governance and risk practices and the regulatory and compliance obligations, in particular capital and liquidity that has an impact on the strategies.Added: March 2025Experience and Qualifications
(a) A minimum experience of 7 to 10 years in the relevant sector (banking, insurance, asset management etc.) of which at least 5 years at a senior management level; and(b) An academic degree from a university at bachelor level, master’s level or other professional qualification(s).Added: March 2025Chief Financial Officer or equivalent
Core Competencies
The Chief Financial Officer/ Head of Financial Control should have:
(a) A clear understanding of the roles and responsibilities associated with the position;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) The relevant experience and qualifications to fulfill his responsibilities;(d) Strong understanding of financial analysis, budgeting, forecasting, and financial reporting;(e) Ability to manage financial operations and drive business growth;(f) A good knowledge and understanding of international accounting standards and how they are applied in a business context, including IFRS, and where appropriate AAOIFI;(g) Good knowledge of valuation practices for different classes of assets; and(h) Good knowledge of impairment provisions and the underlying measurement process.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 to 7 years in a finance function; and(b) Hold a relevant academic/professional qualification which include, but are not limited to:
(i) The Association of Chartered Certified Accountants (ACCA);(ii) Certified Public Accountant (CPA), US, Canada, Philippines or equivalent;(iii) Members of the institutes of chartered accountancy (ACA or FCA qualifications) of UK, Australia, New Zealand, India, Pakistan, Sri Lanka etc(iv) Chartered Financial Analyst (CFA), USA;(v) Certified Islamic Professional Accountant (CIPA) from AAOIFI.Added: March 2025Chief Risk Officer or equivalent
Core Competencies
The Chief Risk Officer/Head of Risk Management should have:
(a) A clear understanding of the role and responsibilities associated with the position;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) The relevant experience and qualifications to fulfill his responsibilities;(d) Strong understanding of risk management practices, prudential risk measures and methodologies, risk analytics, models and reporting;(e) Strong understanding of regulatory standards (e.g., Basel III for banking, Solvency modeling for insurance) and their impact on risk controls;(f) Good knowledge of enterprise-wide risk management process, risk appetite setting, risk limits setting, capital allocation and capital and liquidity management;(g) Experience dealing with risk reporting for the board/committees, prudential and regulatory reporting, risk disclosures in annual reports;(h) Good knowledge of some of key risk management areas – credit, market, operational, capital adequacy management, (underwriting and reinsurance risks for insurance) etc;(i) Good understanding of data flows and financial reporting practices and conventions;(j) Familiar with asset and liability and portfolio management and allocation;(k) Good knowledge of valuation practices for different classes of assets;(l) Good understanding of the stress testing principles and practices; and(m) Deep understanding of the competencies required within the risk function to manage all risk activities.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 to 7 years in risk management function; and(b) Hold a relevant academic/professional qualification which include, but are not limited to:
(i) Financial Risk Manager (FRM);(ii) Professional Risk Manager (PRM);(iii) Chartered Financial Analyst (CFA);(iv) Associate in Risk Management (ARM), The Institutes Knowledge Group;(v) Professional qualification in actuarial sciences.Added: March 2025Chief Internal Auditor or equivalent
Core Competencies
The Chief Internal Auditor /Head of Internal Audit should have:
(a) A clear understanding of the role and responsibilities associated with the position;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) Strong understanding of internal or external audit;(d) Ability to design comprehensive audit plans, including risk assessments, internal control evaluations, and identifying areas of potential financial, operational, or compliance risk;(e) Ability to lead audits across various departments such as credit, operations, IT, and finance;(f) Proficiency in evaluating and improving internal controls and risk management frameworks, ensuring alignment with organisational risk appetite and regulatory requirements;(g) Familiarity with regulatory standards (e.g., Basel III for banking, Solvency modeling for insurance) and their impact on risk controls;(h) Expertise in assessing the effectiveness of internal controls, identifying control deficiencies, and recommending remediation strategies;(i) Understanding the control frameworks like COSO (Committee of Sponsoring Organizations) or COBIT (Control Objectives for Information Technologies);(j) Strong knowledge of IFRS (International Financial Reporting Standards) and other regulatory accounting standards;(k) Ability to assess compliance with key regulations;(l) Competence in forensic auditing techniques, identifying fraudulent activities, and implementing fraud prevention frameworks;(m) Use of data analytics and continuous auditing to spot anomalies or risks that indicate potential fraud;(n) Strong analytical skills to evaluate audit evidence, discern root causes of control deficiencies, and develop practical, risk-based solutions; and(o) Ability to think critically when encountering complex or ambiguous issues and to provide clear, well-justified conclusions.Added: March 2025Experience and Qualifications
(i) A minimum experience of 5 to 7 years experience in internal audit function or external audit; and(ii) Hold a relevant academic/professional qualification which include but are not limited to:(iii) Certified Internal Auditor (CIA), IIA;(iv) Certified Information Systems Auditor, ISACA;(v) Association of Chartered Certified Accountants (ACCA);(vi) Certified Public Accountant (CPA), US, Canada, Philippines or equivalent;(vii) Members of the institutes of chartered accountancy (ACA or FCA qualifications) of UK, Australia, New Zealand, India, Pakistan, Sri Lanka etc(viii) Chartered Financial Analyst (CFA), USA.Added: March 2025Compliance Officer or equivalent
Core Competencies
A Compliance Officer/ Head of Compliance should have:
(a) A clear understanding of the role and responsibilities associated with the position;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) The relevant experience and qualifications to fulfill his responsibilities;(d) Strong understanding of regulatory requirements in Bahrain and other jurisdictions in which the licensee has operations;(a) Very good knowledge of compliance risk universe and compliance risk assessments and compliance risk management;(b) Good knowledge of regulatory frameworks (e.g., GDPR/Bahrain PDPL, AML laws, FATCA, Prudential standards rules etc. relevant to the licensee);(c) Good knowledge of prudential, conduct, legal and other compliance obligations;(d) Ability to independently investigate and act on matters related to compliance breaches;(e) Hands on experience dealing with compliance risk identification, compliance monitoring, maintaining compliance dashboards, compliance testing and reporting;(f) Ability to act as advisor to the CEO and other functions on strategic issues from a compliance perspective; and(g) Experience in conducting compliance training sessions or workshops.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 years in compliance function or internal audit function with compliance experience; and(b) Hold a relevant academic/professional qualification which include but are not limited to International Compliance Association (ICA) Diploma in Governance, Risk and Compliance.Added: March 2025Money Laundering Reporting Officer (MLRO)
Core Competencies
The MLRO should have:
(a) A clear understanding of the role and responsibilities associated with the position;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) The relevant experience and qualifications to fulfill his responsibilities;(d) Strong understanding of FATF guidelines and regulatory requirements in Bahrain;(e) Experience in creating and executing an institution-wide AML strategy that integrates with broader risk management and compliance programs;(f) Proficiency in developing and maintaining AML policies and procedures that align with regulatory requirements and industry best practices;(g) Competence in updating policies in response to changes in the legal landscape, emerging financial crimes, or audit recommendations;(h) Proficiency in developing, managing, and improving KYC and CDD, EDD frameworks to ensure the institution collects appropriate customer data;(i) Expertise in using, configuring and overseeing AML software tools to monitor suspicious transactions, detect unusual activity patterns, and ensure compliance with regulatory reporting obligations;(j) Ability to implement a risk-based approach to AML compliance, where resources are allocated according to the risk levels of different products, clients, or geographies;(k) Expertise in conducting AML risk assessments to evaluate the inherent risks within the organization, and adjusting policies, procedures, and controls accordingly;(l) Strong investigative skills to analyze complex customer transactions, payment flows, and financial patterns that might indicate potential money laundering activities;(m) Knowledge of how to file Suspicious Transaction Reports (STRs) with relevant financial authorities; and(n) Knowledge of international sanctions screening software and ensuring the company is not doing business with blacklisted entities or individuals.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 years in anti-money laundering and terrorist financing role; and(b) Hold a relevant academic/professional qualification which include, but are not limited to:
(i) Certified Anti-Money Laundering Specialist (CAMS)(ii) Diploma in Anti-Money Laundering offered by the International Compliance Association.Added: March 2025Head of Internal Shari’a Audit Function
Core Competencies
The Head of Internal Shari’a Audit Function should have:
(a) The relevant accounting and auditing experience and qualifications to fulfill his responsibilities;(b) Knowledge of Islamic financial regulatory standards like AAOIFI (Accounting and Auditing Organization for Islamic Financial Institutions) and IFSB (Islamic Financial Services Board) guidelines, which govern Sharia compliance and corporate governance in Islamic financial institutions;(c) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(d) Experience in designing and delivering Sharia compliance training programs for employees at all levels, ensuring they understand Islamic finance principles and how to comply with Sharia requirements in day-to-day operations;(e) Expertise in assessing compliance with Sharia governance frameworks, including the Sharia Supervisory Board (SSB) decisions, policies, and Fatwas (Islamic rulings);(f) Expertise in understanding and applying Fiqh Al-Muamalat (Islamic commercial jurisprudence), which governs the conduct of financial transactions;(g) Familiarity with Islamic contracts such as Murabaha (cost-plus financing), Ijara (leasing), Mudaraba (profit-sharing), Musharaka (partnership), and Tawarruq, Takaful (Islamic insurance) products to ensure compliance with Sharia principles, particularly in profit-sharing (Mudaraba) or cooperative (Waqf) models;(h) Proficiency in designing and executing Sharia-compliant audit plans, focusing on ensuring that all financial products, services, and operations align with Sharia principles;(i) Expertise in identifying and assessing Sharia non-compliance risks in various operational and financial areas; and(j) Ability to conduct thorough audits of financial transactions and documentation to confirm compliance with Sharia rulings issued by the Sharia Supervisory Board.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 years in the Internal Shari’a audit function, internal audit function of a financial institution dealing with Islamic products and services; and(b) Hold a relevant academic/professional qualification which include, but are not limited to:
(i) Relevant bachelor or higher-level university degree;(ii) Certified Islamic Professional Accountant (CIPA);(iii) Chartered Internal Auditor (CIA);(iv) Certified Shari’a Advisor & Auditor (CSAA);(v) Advance Diploma in Islamic Finance (ADIF) or Advanced Diploma in Islamic Commercial Jurisprudence (ADICJ) from BIBF, other Islamic Shari’a studies or by any other means.Added: March 2025Financial Advisor
Core Competencies
The Financial Advisor should have:
(a) A thorough understanding of financial products, financial markets, capital markets, structured products, portfolio and wealth management practices;(b) A good understanding of financial services activity relevant to the licensee and the wider industry and its regulatory environment;(c) In-depth knowledge of financial planning principles and expertise in creating and executing customised financial plans based on the unique needs and goals of clients;(d) Expertise in identifying and managing risks related to clients' portfolios, such as market risk, inflation risk, interest rate risk, and liquidity risk;(e) Ability to assess clients’ risk tolerance, risk capacity, and time horizon, and to recommend appropriate investment strategies based on these factors;(f) Comprehensive understanding of investment products such as stocks, bonds, mutual funds, ETFs (Exchange Traded Funds), REITs (Real Estate Investment Trusts), and alternative investments like private equity and hedge funds;(g) Familiarity with asset allocation, diversification, and portfolio management strategies, as well as understanding risk tolerance and how it influences investment decisions;(h) Strong understanding of deal structuring, investment research, financial planning and financial analysis;(i) Understanding of AML (Anti-Money Laundering) and Know Your Customer (KYC) regulations, ensuring that the advisor performs due diligence on clients and monitors financial activity for suspicious behaviors;(j) Ability to use financial models and software to forecast outcomes and recommend strategic changes; and(k) Knowledge of ethical codes such as those set by professional bodies like Certified Financial Planner Board (CFP Board), Chartered Financial Analyst (CFA Institute), or other relevant regulatory bodies.Added: March 2025Experience and Qualifications
(a) A minimum experience of 3 to 5 years in financial advice or asset management; and(b) Hold a relevant academic/professional qualification which include but are not limited to:
(i) Certified Financial Analyst (CFA);(ii) IFA Certificate for Financial Advisers;(iii) Chartered Alternative Investment Analyst (CAIA);(iv) General Securities Representative Qualification (Series 7);(v) Diploma in Regulated Financial Planning (The Chartered Insurance Institute - CII);(vi) ACI Dealing Diploma/Certificate (The Financial Markets Association);(vii) Any Securities Institute certification.Added: March 2025Head of Insurance/ Reinsurance Underwriting
Core Competencies
The Head of Insurance /Reinsurance underwriting should have:
(a) Deep knowledge of market trends and developments in both the primary insurance and reinsurance markets. Familiarity with pricing cycles, capacity shifts, and industry disruptors (e.g., Insurtech, regulatory changes);(b) A strong understanding of insurance and reinsurance markets, classes of business and products;(c) In-depth knowledge of insurance and reinsurance products, including the ability to collaborate with product development teams to create innovative solutions tailored to client needs;(d) A good understanding of regulatory environment;(e) Comprehensive understanding of underwriting principles for various lines of business, such as life insurance, property and casualty (P&C) insurance, reinsurance, health insurance, and specialty insurance;(f) Proficiency in developing and managing underwriting strategies that balance risk and profitability;(g) Ability to oversee underwriting for complex risks, ensuring decisions align with the organisation’s risk appetite and long-term goals;(h) Expertise in reviewing and enhancing existing products to ensure they are competitive and compliant with current regulations and market trends;(i) Expertise in structuring and negotiating reinsurance treaties, including proportional, non-proportional, facultative, and treaty reinsurance;(j) Familiarity with global reinsurance markets and the ability to assess the creditworthiness and risk profiles of reinsurance partners; and(k) Knowledge of retrocession arrangements and understanding of how to transfer risk across multiple layers.Added: March 2025Experience and Qualifications
(a) A minimum of 5 to 7 years of practical experience in an underwriting or comparable function (underwriting/claims) within the insurance industry; and(b) An academic degree from a university at bachelor level or higher in addition to professional qualification(s) related to underwriting and claims and other relevant certification(s) specific to this role. Such certifications may include but are not limited to:
(i) Advanced Diploma in Insurance (ACII) - The Chartered Insurance Institute (CII);(ii) Insurance Management Diploma, Bahrain Institute for Banking and Finance (BIBF);(iii) BIBF Professional Award for Certified Insurance Practitioner (BPACIP);(iv) BIBF Professional Award for Specialist Insurance Practitioner (BPASIP).Added: March 2025Signing Actuary – Insurance firms
Core Competencies
A Signing Actuary should have:
(a) A clear understanding of the role and responsibilities associated with this position;(b) A thorough understanding of insurance and reinsurance markets, classes of business and products;(c) Advanced knowledge of actuarial science, and expertise in applying actuarial methodologies to areas such as pricing, reserving, underwriting, and capital modelling;(d) Ability to lead complex actuarial analyses, proficiency in pricing various insurance products using actuarial techniques such as loss ratio analysis, experience rating, and frequency-severity modeling;(e) Expertise in calculating technical reserves (e.g., IBNR - Incurred But Not Reported) and other liabilities, ensuring that the organization holds adequate reserves for claims;(f) Proficiency in developing and implementing risk management frameworks that evaluate key risks such as market risk, credit risk, insurance risk, and operational risk;(g) Expertise in capital modeling techniques, such as Economic Capital Models (ECM) and Solvency II Standard Formula/Internal Models, to ensure that the company holds adequate capital to meet regulatory requirements and internal risk appetite;(h) Familiarity with financial reporting standards such as IFRS 17, and Solvency modeling, and their implications on the actuarial function; and(i) Competence in providing actuarial input for financial statements and disclosures, ensuring compliance with applicable accounting standards and regulatory requirements;(j) A good understanding of regulatory environment.Added: March 2025Experience and Qualifications
(a) A minimum experience of 5 years in an actuarial role; and(b) Bachelor’s in actuarial sciences; or(c) A professional qualification(s) related to actuary and other relevant certification(s) specific to this role. Such professional qualifications may include but are not limited to:
(i) Fellow of Institute of Actuaries (FIA) or Fellow of Faculty of Actuaries (FFA), the Institute and Faculty of Actuaries; and(ii) Fellow of Society of Actuaries (FSA), the Society of Actuaries. and(d) An active membership of Institute of the Faculty of Actuaries, UK; Society of Actuaries, USA; or other recognized equivalent actuarial institution.Added: March 2025Appendix FP-2 – List of senior management positions/persons requiring CBB Approval
Note: The titles mentioned in this Module or Appendix should be interpreted as referring to individuals fulfilling roles or functions corresponding to the respective title.
Added: March 2025A. Bahraini bank licensees
Title /position 1 Chief Executive Officer (CEO) or equivalent and Deputy CEO (D-CEO) if such a position exists 2 Chief Financial Officer 3 Chief Risk Officer 4 Chief Compliance Officer 5 Chief Internal Auditor 6 Money Laundering Reporting Officer (MLRO) Added: March 2025B Insurance firms
Title /position 1 Chief Executive Officer (CEO) or equivalent and Deputy CEO (D-CEO) if such a position exists 2 Chief Financial Officer 3 Chief Risk Officer 4 Signing /Head of Actuary 5 Chief Compliance Officer 6 Chief Internal Auditor 7 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025C Insurance brokers, insurance consultants, insurance aggregators and insurance exchanges
Title /position 1 Chief Executive Officer (CEO) or equivalent and Deputy CEO (D-CEO) if such a position exists 2 Chief Compliance Officer (Insurance brokers/aggregators) 3 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025D Investment firms
Title /position 1 Chief Executive Officer (CEO) or equivalent and Deputy CEO (D-CEO) if such a position exists 2 Chief Financial Officer for Category 1 and Category 2 Licensees only 3 Chief Risk Officer for Category 1 and Category 2 Licensees only (may be a combined role with an existing independent control function) 4 Chief Compliance Officer 5 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025E Money changers, financing companies, micro financing licensees, payment service providers, crowdfunding platform operators and trust service providers
Title /position 1 Chief Executive Officer (CEO) 2 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025F Capital market licensees
Title /position 1 Chief Executive Officer (CEO) 2 Chief Financial Officer (CFO) (for exchanges) 3 Chief Internal Auditor (for exchanges) 4 Chief Compliance Officer (for exchanges) 5 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025G Crypto asset licensees
Title /position 1 Chief Executive Officer (CEO) 2 Chief Risk Officer (CRO) (excluding category 1) 3 Chief Financial Officer (CFO) (excluding category 1) 4 Chief Internal Auditor (excluding category 1) 5 Chief Compliance Officer 6 Money Laundering Reporting Officer (MLRO) (may be combined with Compliance officer role) Added: March 2025H Administrators, third party administrators, Sharia’ advisory/review services, account information service providers and payment initiation service providers
Title /position 1 Chief Executive Officer (CEO) Added: March 2025I Branches of foreign licensees and representative offices
Title /position 1 Chief Executive Officer, Country Head, General Manager or equivalent role 2 Chief Financial Officer (for branches of foreign retail banks) 3 Chief Compliance Officer and Money Laundering Reporting Officer (MLRO)(for Branches only) Added: March 2025Part B
Quartely Updates
Ad-Hoc Communications
Archived Part A
FAQ
Fit and Proper Requirements
Click here to download the FAQ in PDF format.
