GR GR Administrators General Requirements Module
GR-A GR-A Introduction
GR-A.1 GR-A.1 Purpose
Executive Summary
GR-A.1.1
The General Requirements Module presents a variety of different requirements that are not extensive enough to warrant their own stand-alone Module, but for the most part are generally applicable. These include requirements on books and records; on the use of corporate and trade names; and on
controllers andclose links . Each set of requirements is contained in its own Chapter.Amended: July 2011
May 2011Legal Basis
GR-A.1.2
This Module contains the Central Bank of Bahrain ('CBB') Directive (as amended from time to time) regarding general requirements applicable to
administrators licensees , and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). Requirements regarding transfers of business (see Chapter GR-4) and controllers (see Chapter GR-5) are also included in Regulations, to be issued by the CBB.May 2011GR-A.1.3
For an explanation of the CBB's rule-making powers and different regulatory instruments, see section UG-1.1.
May 2011GR-A.2 GR-A.2 Module History
Evolution of Module
GR-A.2.1
This Module was first issued in May 2011 by the CBB. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.
May 2011GR-A.2.2
A list of recent changes made to this Module is detailed in the table below:
Module Ref. Change Date Description of Changes GR-A.1.1 07/2011 Minor correction made to Guidance. GR-5.3 04/2012 Amended to be in line with other Volumes of the CBB rulebook and to reflect the issuance of Resolution No.(43) of 2011. GR-7 04/2012 Clarified language on cessation of business to be in line with other Volumes of the CBB Rulebook. GR-1.1.4 04/2013 Corrected reference to 'transaction' records. GR-7.1.12 10/2016 Added an additional requirement for cessation of business to be consistent with other Volumes of the CBB Rulebook. GR-5.1.4 01/2017 Consistency of notification timeline rule on controllers with other Volumes of the CBB Rulebook. GR-1.2.1 07/2017 Amended paragraph according to the Legislative Decree No. (28) of 2002. GR-1.2.2 07/2017 Deleted paragraph. GR-3.1.3 10/2017 Added additional requirement to submit when requesting no-objection letter for proposed dividend. GR-9.1.2 10/2017 Amended Paragraph on outsourcing, to allow the utilization of cloud services. GR-9.1.3A 10/2017 Added a new Paragraph on outsourcing. GR-9.1.6 10/2017 Amended Paragraph. GR-9.1.9 10/2017 Amended Paragraph. GR-9.1.11 10/2017 Amended Paragraph. GR-9.1.11A 10/2017 Added a new Paragraph on outsourcing. GR-9.1.16 10/2017 Amended Paragraph. GR-9.1.17 10/2017 Amended Paragraph. GR-9.2.1 10/2017 Amended Paragraph. GR-9.2.2 10/2017 Amended Paragraph. GR-9.2.4 10/2017 Amended Paragraph. GR-9.2.11 10/2017 Amended Paragraph. GR-9.2.12 10/2017 Amended Paragraph. GR-9.2.13 10/2017 Amended Paragraph. GR-9.2.18 10/2017 Amended Paragraph. GR-9.2.19 10/2017 Added a new paragraph for security measures related to cloud services. GR-9.3.3 10/2017 Amended Paragraph. GR-9.3.4 10/2017 Amended Paragraph. GR-5.1.1A 04/2019 Added a new Paragraph on exposures to controllers. GR-5.1.1B 04/2019 Added a new Paragraph on exposures to controllers. GR-1.2.1 01/2020 Amended Paragraph. GR-7.1.7 04/2020 Amended Paragraph. GR-7.1.12 04/2020 Amended Paragraph. GR-C 10/2020 Added a new Chapter on Provision of Financial Services on a Non-discriminatory Basis. GR-2.1.1 01/2022 Amended Paragraph on change in licensee corporate and legal name. GR-2.1.2 01/2022 Amended Paragraph on change in licensee legal name. GR-9 07/2022 Replaced Chapter GR-9 with new Outsourcing Requirements. GR-B GR-B Scope of Application
GR-B.1 GR-B.1 Scope of Application
GR-B.1.1
The requirements in Module GR (General Requirements) apply to all
administrators licensees authorised in the Kingdom of Bahrain, thereafter referred to in this Module aslicensees .May 2011GR-C GR-C Provision of Financial Services on a Non-discriminatory Basis
GR-C.1 GR-C.1 Provision of Financial Services on a Non-discriminatory Basis
GR-C.1.1
Administrators licensees must ensure that all regulated financial services are provided without any discrimination based on gender, nationality, origin, language, faith, religion, physical ability or social standing.Added: October 2020GR-1 GR-1 Books and Records
GR-1.1 GR-1.1 General Requirements
GR-1.1.1
In accordance with Articles 59 of the CBB Law, all
licensees must maintain books and records (whether in electronic or hard copy form) sufficient to produce financial statements and show a complete record of the business undertaken by alicensee . These records must be retained for at least ten years according to Article 60 of the CBB Law.May 2011GR-1.1.2
GR-1.1.1 includes accounts, books, files and other records (e.g. trial balance, general ledger, nostro/vostro statements, reconciliations, list of counterparties). It also includes records that substantiate the value of the assets, liabilities and off-balance sheet activities of the
licensee (e.g. client activity files and valuation documentation).May 2011Corporate Records
GR-1.1.3
Licensees must maintain at all times the following records in original form or in hard copy at their premises in Bahrain:(a) Internal policies, procedures and operating manuals;(b) Corporate records, including minutes ofshareholders' ,Directors' and management meetings;(c) Correspondence with the CBB and records relevant to monitoring compliance with CBB requirements;(d) Reports prepared by thelicensee's internal and external auditors; and(e) Employee training manuals and records.May 2011GR-1.1.4
Separately, Bahrain Law currently requires other transaction records to be retained for at least five years (see Ministerial Order No. 23 of 2002, Article 5(2), made pursuant to the Amiri Decree Law No. 4 of 2001).
Amended: April 2013
May 2011Language of Records
GR-1.1.5
Unless otherwise agreed to by the CBB in writing, records must be kept in either English or Arabic. Any records kept in languages other than English or Arabic must be accompanied by a certified English or Arabic translation. Records must be kept current. The records must be sufficient to allow an audit of the
licensee's business or an on-site examination of thelicensee by the CBB.May 2011GR-1.1.6
Translations produced in compliance with Rule GR-1.1.4 may be undertaken in-house, by an employee or contractor of the
licensee , providing they are certified by an appropriate officer of thelicensee .May 2011Location of Records
GR-1.1.6
Records must be accessible at any time from within the Kingdom of Bahrain, or as otherwise agreed with the CBB in writing.
May 2011GR-1.1.7
Where older records have been archived, the CBB may accept that records be accessible within a reasonably short time frame (e.g. within 5 business days), instead of immediately. The CBB may also agree similar arrangements where elements of record retention and management have been centralised in another group company, whether inside or outside of Bahrain.
May 2011GR-1.2 GR-1.2 Transaction and Customer Records
Transaction Records
GR-1.2.1
Licensees must keep completed transaction records for as long as they are relevant for the purposes for which they were made (with a minimum period in all cases of five years from the date when the transaction was terminated). Records of terminated transactions must be kept whether in hard copy or electronic format as per the Legislative Decree No. (54) of 2018 with respect to Electronic Transactions “The Electronic Communications and Transactions Law” and its amendments.Amended: January 2020
Amended: July 2017
May 2011GR-1.2.2
[This Paragraph has been deleted in July 2017].
Deleted: July 2017
May 2011Customer Records
GR-1.2.3
Record-keeping requirements with respect to customer records, including customer identification and due diligence records, are contained in Module FC (Financial Crime).
May 2011GR 2 GR 2 Corporate and Trade Names
GR-2.1 GR-2.1 Vetting of Names
GR-2.1.1
Licensees must obtain CBB’s prior written approval for any change in their legal name.Licensees must notify the CBB of any change in their corporate name at least one week prior to effecting the proposed change.Amended: January 2022
Added: May 2011GR-2.1.2
In approving a change in a legal name, the CBB seeks to ensure that it is sufficiently distinct as to reduce possible confusion with other unconnected businesses, particularly those operating in the financial services sector.
Amended: January 2022
Added: May 2011GR-2.2 GR-2.2 Publication of Documents by the Licensee
GR-2.2.1
Any written communication, including stationery, business cards or other business documentation published by the
licensee , or used by its employees (agents, representatives, financial advisers or introducers) must include a statement that thelicensee is regulated by the CBB and the type of license (administrator).May 2011GR-3 GR-3 Dividends
GR-3.1 GR-3.1 CBB Non-Objection
GR-3.1.1
Licensees must obtain a letter of no-objection from the CBB to any dividend proposed and prior to submitting a proposal for a distribution of profits to ashareholder vote.May 2011GR-3.1.2
The CBB will grant a no-objection letter where it is satisfied that the level of dividend proposed is unlikely to leave the
licensee vulnerable — for the foreseeable future — to breaching the CBB's financial resources requirements, taking into account (as appropriate) trends in thelicensee's business volumes, expenses, trend performance and investment environment.May 2011GR-3.1.3
To facilitate the prior approval required under Paragraph GR-3.1.1,
licensees subject to Paragraph GR-3.1.1 must provide the CBB with:(a) Thelicensee's intended percentage and amount of proposed dividends for the coming year;(b) A letter of no objection from thelicensee's external auditor on such profit distribution; and(c) A detailed analysis of the impact of the proposed dividend on the capital adequacy requirements outlined in Module CA (Capital Adequacy) and the liquidity position of the licensee.Amended: October 2017
May 2011GR-4 GR-4 Business Transfers
GR-4.1 GR-4.1 CBB Approval
GR-4.1.1
Licensee must seek prior written approval from the CBB before transferring any of its business to a third party.May 2011GR-4.1.2
Rule GR-4.1.1 is intended to apply to circumstances where a
licensee wishes to sell all or part of its business to a third party. It does not apply where alicensee is simply transferringclient assets to a third party, on instruction from the client concerned.May 2011GR-4.1.3
In all cases, CBB approval to transfer business will only be given where:
(a) The transfer of business will not damage or otherwise prejudice the legitimate interests of thelicensee's customers;(b) The transferee is duly licensed to undertake the business which it is to receive; and(c) The CBB is satisfied that the transfer will not breach any applicable laws or regulations, and would not create any supervisory concerns.May 2011GR-4.1.4
In assessing the criteria outlined in Paragraph GR-4.1.3, the CBB will, amongst other factors, take into account the financial strength of the transferee; its capacity to manage the business being transferred; its track record in complying with applicable regulatory requirements; and (where applicable) its track record in treating customers fairly. The CBB will also take into account the impact of the transfer on the transferor, and any consequences this may have for the transferor‟s remaining customers.
May 2011GR-4.1.5
Licensees seeking to obtain the CBB's permission to transfer business must apply to the CBB in writing, in the form of a covering letter together with supporting attachments. Unless otherwise directed by the CBB, the application must provide:(a) Full details of the business to be transferred;(b) The rationale for the proposed transfer;(c) If applicable, an assessment of the impact of the transfer on any customers directly affected by the transfer, and any mitigating factors or measures;(d) If applicable, an assessment of the impact of the transfer on the transferor's remaining business and customers, and any mitigating factors or measures; and(e) Evidence that the proposed transfer has been duly authorised by the transferor (such as a certified copy of a Board resolution approving the transfer).May 2011GR-4.1.6
Licensees intending to apply to transfer business are advised to contact the CBB at the earliest possible opportunity, prior to submitting a formal application, in order that the CBB may determine the nature and level of documentation to be provided and the need for an auditor or other expert opinion to be provided to support the application. The documentation specified in Paragraph GR-4.1.6 may be varied by the CBB, depending on the nature of the proposed transfer, such as the materiality of the business concerned and its impact on customers.
May 2011GR-4.1.7
The CBB's approval may be given subject to any conditions deemed appropriate by the CBB. In all cases where additional requirements are imposed, the CBB shall state the reasons for doing so.
May 2011GR-4.1.8
At its discretion, the CBB may require that a notice of proposed transfer of business be published in the Official Gazette, and/or in at least two local daily newspapers (one in Arabic, the other in English), in order to give affected customers the right to comment on the proposed transfer. Where such a requirement has been imposed, the CBB's decision on the application will also be published in the Official Gazette and in at least two local daily newspapers. In all such cases, the costs of publication must be met by the transferor.
May 2011GR-4.1.9
Publication under paragraph GR-4.1.8 will generally only be required where a proposed transfer involves a large number of customers or is otherwise deemed necessary in order to protect customer interests.
May 2011GR-4.1.10
The requirements in this Chapter are based on the powers available to the CBB in Article 68 of the CBB Law.
May 2011GR-5 GR-5 Controllers
GR-5.1 GR-5.1 Key Provisions
GR-5.1.1
Whenever they are aware of such cases,
licensees must obtain prior approval from the CBB, as required under Paragraph BR-2.3.8, for any changes in the percentage holding of acontroller or a newcontroller (as defined in Section GR-5.2).May 2011GR-5.1.1A
Licensees must not incur or otherwise have an exposure (either directly or indirectly) to theircontrollers , includingsubsidiaries andassociated companies of suchcontrollers .Added: April 2019GR-5.1.1B
For the purpose of Paragraph GR-5.1.1A,
licensees that already have an exposure tocontrollers must have an action plan agreed with the CBB's supervisory point of contact to address such exposures within a timeline agreed with the CBB.Added: April 2019GR-5.1.2
Articles 52 to 56 of the CBB Law require notification to the CBB of all
controllers oflicensees and of listed companies; it further gives the CBB the right to refuse approval ofcontrollers if deemed damaging to the interests of the market, customers, or in contravention of the criteria set by the CBB.May 2011GR-5.1.3
Requests for approval under Paragraph GR-5.1.1 must be made by submitting a duly completed Form 2 (Application for Authorisation of Controller) to the CBB. Notification must be made by the
controller or intendedcontroller , and by thelicensee where it is aware of the change.May 2011GR-5.1.4
If, as a result of circumstances outside the
licensee's knowledge and/or control, changes specified in Paragraph GR-5.1.1 are triggered prior to CBB approval being sought or obtained, thelicensee must notify the CBB no later than 15 calendar days on which those changes have occurred.Amended: January 2017
May 2011GR-5.1.5
For approval under Rule GR-5.1.1 to be granted, the applicant must satisfy the CBB that the proposed change in
controller poses no undue risks to thelicensee or its customers, and is not damaging to the interests of the market, as defined in the suitability criteria forcontrollers , contained in Section GR-5.3.May 2011GR-5.1.6
An approval of
controller is valid for the period specified in the approval letter issued by the CBB. The CBB may impose any restrictions that it considers necessary to be observed when granting its approval.May 2011GR-5.1.7
The approval process is specified in Section GR-5.4.
May 2011GR-5.1.8
Licensees must submit, within 3 months of their financial year-end, a report on theircontrollers . This report must identify allcontrollers of thelicensee , as defined in Section GR-5.2.May 2011GR-5.2 GR-5.2 Definition of Controller
GR-5.2.1
A
controller of alicensee is a natural or legal person who, either alone or with his associates:(a) Holds 10% or more of the shares in thelicensee ('L'), or is able to exercise (or control the exercise of) more than 10% of the voting power in L; or(b) Holds 10% or more of the shares in aparent undertaking ('P') of L, or is able to exercise (or control the exercise of) more than 10% of the voting power in P; or(c) Is able to exercise significant influence over the management of L or P.May 2011GR-5.2.2
For the purposes of Paragraph GR-5.2.1, 'associate' includes:
(a) In the case of natural persons, the spouse or child of thecontroller ;(b) An undertaking of which acontroller is aDirector ;(c) A person who is an employee or partner of thecontroller ; and(d) If thecontroller is a corporate entity, aDirector of thecontroller , a subsidiary of thecontroller , or aDirector of any subsidiary undertaking of thecontroller .May 2011GR-5.2.3
Associate also includes any other person or undertaking with which the
controller has entered into an agreement or arrangement as to the acquisition, holding or disposal of shares or other interests in thelicensee , or under which they undertake to act together in exercising their voting power in relation to thelicensee .May 2011GR-5.3 GR-5.3 Suitability of Controllers
GR-5.3.1
All new
controllers or prospectivecontrollers (as defined in Section GR-5.2) of aBahraini specialised licensee must obtain the approval of the CBB. Any increases to existingcontrollers' holdings or voting control (as outlined under Paragraph BR-2.3.8) must also be approved by the CBB and are subject to the conditions outlined in this Section. Such changes in existingcontrollers (as defined in the Section GR-5.2) or new/prospectivecontrollers of alicensee must satisfy the CBB of their suitability and appropriateness according to the criteria outlined in Paragraphs GR-5.3.2 to GR-5.3.5. The CBB will issue an approval notice or notice of refusal of a controller according to the approval process outlined in Section GR-5.4 and Paragraph GR-5.1.6.Amended: April 2012
May 2011GR-5.3.1A
In line with Resolution No.(43) of 2011, the CBB may require, on a case-by-case basis, and at its sole discretion that at least one of the
controllers is a regulated financial institution holding at least 20% of thelicensee's shares.Added: April 2012GR-5.3.2
In assessing the suitability of
controllers who are natural persons, the CBB has regard to their professional and personal conduct, including, but not limited to, the following:(a) The propriety of a person's conduct, whether or not such conduct resulted in conviction for a criminal offence, the contravention of a law or regulation, or the institution of legal or disciplinary proceedings;(b) A conviction or finding of guilt in respect of any offence, other than a minor traffic offence, by any court or competent jurisdiction;(c) Any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct in connection with the formation or management of a corporation or partnership;(d) Whether the person has been the subject of any disciplinary proceeding by any government authority, regulatory agency or professional body or association;(e) The contravention of any financial services legislation or regulation;(f) Whether the person has ever been refused a license, authorisation, registration or other authority;(g) Dismissal or a request to resign from any office or employment;(h) Disqualification by a court, regulator or other competent body, as aDirector or as a manager of a corporation;(i) Whether the person has been aDirector , partner or manager of a corporation or partnership which has gone into liquidation or administration or where one or more partners or managers have been declared bankrupt whilst the person was connected with that partnership or corporation;(j) The extent to which the person, has been truthful and open with regulators;(k) Whether the person has ever been adjudged bankrupt, entered into any arrangement with creditors in relation to the inability to pay due debts, or failed to satisfy a judgement debt under a court order or has defaulted on any debts;(l) The financial resources of the person and the likely stability of their shareholding, and their track record as acontroller or significant investor in financial institutions;(m) Existing Directorships or ownership of more than 20% of the capital or voting rights of any financial institution in the Kingdom of Bahrain or elsewhere, and the potential for conflicts of interest that such Directorships or ownership may imply;(n) The legitimate interests of investors, creditors andshareholders (including minority shareholders) of thelicensee ;(o) Whether the approval of acontroller is or could be detrimental to Bahrain's financial sector; and(p) Whether the person is able to deal with existingshareholders and the Board in a constructive and co-operative manner.May 2011GR-5.3.3
Natural persons who intend to take a stake of 20% or more in a
licensee are subject to enhanced scrutiny, given the CBB's position ashome supervisor of suchlicensees . The level of scrutiny and the expected compliance with the above standards become more onerous as the level of proposed ownership increases. Natural persons will not normally be approved to take majority control (i.e. a stake of 50% or more of either the capital or voting rights) of alicensee .Amended: April 2012
May 2011GR-5.3.4
In assessing the suitability of
controllers who are legal persons, CBB has regard to their financial standing, judicial and regulatory record, and standards of business practice and reputation, including, but not limited to, the following:(a) The financial strength of thecontroller , its parent(s) and other members of its group, its implications for thelicensee and the likely stability of thecontroller's shareholding;(b) Whether thecontroller or members of its group has ever entered into any arrangement with creditors in relation to the inability to pay due debts;(c) Thecontroller's jurisdiction of incorporation, location of Head Office, group structure andclose links , and the implications for thelicensee as regards effective supervision of thelicensee and potential conflicts of interest;(d) Thecontroller's (and other group members') propriety and general standards of business conduct, including the contravention of any laws or regulations, or the institution of disciplinary proceedings by a government authority, regulatory agency or professional body;(e) Any adverse finding in a civil action by any court or competent jurisdiction, relating to fraud, misfeasance or other misconduct;(f) Any criminal actions instigated against thecontroller or other members of its group, whether or not this resulted in an adverse finding;(g) The extent to which thecontroller or other members of its group have been truthful and open with regulators and supervisors;(h) Whether the person has ever been refused a license, authorisation, registration or other authority;(i) The person's track record as acontroller or investor in financial institutions;(j) The legitimate interests of investors, creditors andshareholders of thelicensee ;(k) Whether their approval as acontroller is or could be detrimental to Bahrain's financial sector; and(l) Whether the person is able to deal with existingshareholders and the Board in a constructive manner.May 2011GR-5.3.5
Legal persons who intend to take a stake of 20% or more in a
licensee are subject to enhanced scrutiny, given the CBB's position ashome supervisor of suchlicensees . The level of scrutiny and of expected compliance with the above standards becomes more onerous as the level of proposed ownership increases. In particular, unregulated legal persons will not normally be approved to take majority control (i.e. a stake of 50% or more of either the capital or voting rights of alicensee , unless the proposed parent is a well-established business (that satisfies the above conditions), and its ownership would not pose undue conflicts of interest. Regulated legal persons will normally only be approved to take majority control where — in addition to the above conditions — the resulting group would be subject to effective consolidated supervision in accordance with relevant international standards; and thehome supervisor of the parent entity has agreed to the proposed acquisition, as well as to the sharing of relevant prudential information for supervisory purposes (expressed, if necessary, through the signing of a Memorandum of Understanding between the CBB and thehome supervisor , setting out their respective supervisory responsibilities).Amended: April 2012
May 2011GR-5.3.6
The CBB may contact references and supervisory bodies in connection with any information provided to support an application for
controller . The CBB may also ask for further information, in addition to that provided in the Form 2, if required to satisfy itself as to the suitability of the applicant.May 2011GR-5.4 GR-5.4 Approval Process
GR-5.4.1
Within 3 months of receipt of an approval request under Paragraph GR-5.1.1, the CBB will issue a written notice of approval (or of refusal, if it is not satisfied that the person concerned is suitable to become a
controller of thelicensee ). The notice of refusal will specify the reasons for the objection and specify the applicant's right of appeal. Where an approval notice is given, it will specify the period for which it is valid and any conditions that may be applied.May 2011GR-5.4.2
Article 53 allows the CBB up to 3 months in which to respond to an application, although the CBB normally aims to respond within 30 calendar days. Notices of refusal have to be approved by an Executive Director of the CBB. The applicant has 30 calendar days from the date of a notice in which to appeal a decision to refuse the application or any conditions imposed as a condition of approval. The CBB then has 30 calendar days from the date of the appeal in which to consider any mitigating evidence submitted and make a final determination. See Module EN (Enforcement).
May 2011GR-5.4.3
Where a person has become a
controller by virtue of their shareholding in contravention of Paragraph GR-5.1.1, or a notice of refusal has been served on them under Paragraph GR-5.4.1 and the period of appeal has expired, the CBB may, by notice in writing served on the person concerned, instruct the person concerned to transfer such shares, or refrain from exercising voting rights in respect of such shares.May 2011GR-5.4.4
If the person concerned fails to take the action specified under Paragraph GR-5.4.3, then the CBB may seek a court order to take appropriate measures: these may include forcing the person to sell their shares.
May 2011GR-5.4.5
The powers available to the CBB that are described in Paragraphs GR-5.4.3 and GR-5.4.4 are specified in Article 56 of the CBB Law.
May 2011GR-5.4.6
In addition to the above requirements,
licensees are encouraged to notify the CBB as soon as they become aware of events that are likely to lead to major changes in theircontrollers . Any supervisory implications of such changes can then be discussed prior to the filing of a formal approval request.May 2011GR-6 GR-6 Close Links
GR-6.1 GR-6.1 Key Provisions
GR-6.1.1
Condition 3 of the CBB‟s licensing conditions specifies, amongst other things, that
licensees must satisfy the CBB that theirclose links do not prevent the effective supervision of thelicensee and otherwise pose no undue risks to thelicensee . (See Paragraph AU-2.3.1).May 2011GR-6.1.2
Applicants for a
license must provide details of theirclose links , as provided for under Form 1 (Application for a License). (See Paragraph AU-5.1.1).May 2011GR-6.1.3
Licensees must submit to the CBB, within 3 months of their financial year-end, a report on theirclose links . The report must identify all undertakings closely linked to thelicensee , as defined in Section GR-6.2.May 2011GR-6.2 GR-6.2 Definition of Close Links
GR-6.2.1
A
licensee ('L') has close links with another undertaking ('U'), if:(a) U is aparent undertaking of L;(b) U is asubsidiary undertaking of L;(c) U is asubsidiary undertaking of aparent undertaking of L;(d) U, or any other subsidiary undertaking of its parent, owns or controls 20% or more of the voting rights or capital of L; or(e) L, any of its parent or subsidiary undertakings, or any of the subsidiary undertakings of its parent, owns or controls 20% or more of the voting rights or capital of U.May 2011GR-6.3 GR-6.3 Assessment Criteria
GR-6.3.1
In assessing whether a
licensee's close links may prevent the effective supervision of the firm, or otherwise poses no undue risks to thelicensee , the CBB takes into account the following:(a) Whether the CBB will receive adequate information from thelicensee , and those with whom thelicensee hasclose links , to enable it to determine whether thelicensee is complying with CBB requirements;(b) The structure and geographical spread of thelicensee , its group and other undertakings with which it hasclose links , and whether this might hinder the provision of adequate and reliable flows of information to the CBB, for instance because of operations in territories which restrict the free flow of information for supervisory purposes; and(c) Whether it is possible to assess with confidence the overall financial position of the group at any particular time, and whether there are factors that might hinder this, such as group members having different financial year ends or auditors, or the corporate structure being unnecessarily complex and opaque.May 2011GR-7 GR-7 Cessation of Business
GR-7.1 GR-7.1 CBB Approval
GR-7.1.1
As specified in Article 50 of the CBB Law, a
licensee wishing to cease to provide or suspend all or any of its licensed regulated services, completely or at any of its branches, must obtain prior written approval from the CBB.Amended: April 2012
May 2011GR-7.1.2
If the
licensee wishes to transfer client assets to a third party, it must also comply with the requirements contained in Chapter GR-4.Amended: April 2012
May 2011GR-7.1.2A
If the
licensee wishes to liquidate its business, the CBB will revise its license to restrict the firm from entering into new business. Thelicensee must continue to comply with all applicable CBB requirements until such time as it is formally notified by the CBB that its obligations have been discharged and that it may surrender its license.Added: April 2012GR-7.1.3
Licensees seeking to obtain the CBB's permission to cease business must apply to the CBB in writing, in the form of a formal request together with supporting documents. Unless otherwise directed by the CBB, the following requirements must be provided in support of the request:(a) Full details of the business to be terminated;(b) The rationale for the cessation;(c) How thelicensee proposes to cease business;(d) Notice of an Extraordinary Meeting setting out the agenda to discuss and approve the cessation, and inviting the CBB for such meeting;(e) Evidence that the proposed cessation has been duly authorised by thelicensee (such as a certified copy of a Board resolution approving the cessation);(f) Formal request to the CBB for the appointment of a liquidator acceptable to the CBB;(g) A cut-off date by which thelicensee will stop its operations;(h) If thelicensee wishes to cease its whole business, confirmation that thelicensee will not enter into new business with effect from the cut-off date;(i) Once the CBB has given its approval to an application to cease business, thelicensee must publish a notice of its intention to cease business in two local daily newspapers (one in Arabic, the other in English). Notices must also be displayed in the premises (including any branch offices) of thelicensee concerned. These notices must be given not less than 30 calendar days before the cessation is to take effect, and must include such information as the CBB may specify;(j) The audited accounts of thelicensee as of the last date on which it stopped operations. The commencement of such accounts should be the beginning of the financial year of thelicensee ;(k) If applicable, an assessment of the impact of the cessation on any customers directly affected by the cessation, and any mitigating factors or measures;(l) If applicable, an assessment of the impact of the cessation on thelicensee's remaining business and customers, and any mitigating factors or measures; and(m) The final liquidator's report of thelicensee .Amended: April 2012
May 2011GR-7.1.4
Licensees intending to apply to cease business are advised to contact the CBB at the earliest possible opportunity, prior to submitting a formal application, in order that the CBB may determine the nature and level of documentation to be provided and the need for an auditor or other expert opinion to be provided to support the application. The documentation specified in Paragraph GR-7.1.3 may be varied by the CBB, depending on the nature of the proposed cessation, such as the materiality of the business concerned and its impact on customers.May 2011GR-7.1.5
Approval to cease business will generally be given where adequate arrangements have been made to offer alternative arrangements to any affected customers. The CBB's approval may be given subject to any conditions deemed appropriate by the CBB. In all cases where additional requirements are imposed, the CBB shall state the reasons for doing so.
May 2011GR-7.1.6
The notice referred to in Subparagraph GR-7.1.3 (i) must include a statement that written representations concerning the liquidation may be submitted to the CBB before a specified day, which shall not be later than thirty calendar days after the day of the first publication of the notice. The CBB will not decide on the application until after considering any representations made to the CBB before the specified day.
Amended: April 2012
May 2011GR-7.1.7
Upon satisfactorily meeting the requirements set out in GR-7.1.3, the
licensee must surrender the original license certificate issued by the Licensing Directorate at the time of establishment, and submit confirmation of the cancellation of its Commercial Registration from the Ministry of Industry and Commerce.Amended: April 2020
Added: May 2011GR-7.1.8
Where the CBB has given its approval to cancel or amend a license, then it will also publish its decision in the Official Gazette, as well as in two local daily newspapers (one in Arabic, the other in English), once this decision has been implemented.
Amended: April 2012
May 2011GR-7.1.8A
The publication cost of the notices referred to in Paragraph GR-7.1.8 is to be met by the
licensee concerned.Added: April 2012GR-7.1.9
The
licensee must continue to comply with all applicable CBB requirements, until such time as it is formally notified by the CBB that its obligations have been discharged.May 2011GR-7.1.10
A
licensee in liquidation must continue to meet its contractual and regulatory obligations to customers and creditors.May 2011GR-7.1.11
If no objections to the liquidation are upheld by the CBB, the CBB may then issue a written notice of approval for the surrender of the license.
Added: April 2012GR-7.1.12
Upon satisfactorily meeting the requirements set out in GR-7.1.3, the
licensees must surrender the original license certificate issued by the Licensing Directorate at the time of establishment, and submit confirmation of the cancellation of its commercial registration from the Ministry of Industry, Commerce and Tourism.Amended: April 2020
Added: October 2016GR-8 GR-8 Professional Indemnity Coverage
GR-8.1 GR-8.1 Key Provisions
GR-8.1.1
Licensees must maintain professional indemnity coverage. The professional indemnity coverage must be obtained from an insurance firm acceptable to the CBB and licensed in the Kingdom of Bahrain.May 2011GR-8.1.2
Upon request,
licensees must provide to the CBB evidence of the coverage in force required under Paragraph GR-8.1.1.May 2011GR-8.1.3
A
licensee is encouraged to assess its insurance needs, through professional advice, to ensure its adequacy to the level of business undertaken, notwithstanding the minimum limit of indemnity.May 2011GR-8.1.4
The minimum limit of indemnity is BD 75,000.
May 2011GR-8.1.5
The maximum excess or deductible allowable under the policy shall be BD 15,000.
May 2011GR-8.1.6
In accordance with Paragraph EN-B.3.1,
licensees may not enter into or make a claim under a contract of insurance that is intended to, or has the effect of, indemnifying them from the financial penalties provided for in Module EN.May 2011GR-8.1.7
The requirement to maintain insurance coverage will normally be met by the
licensee concerned obtaining an insurance policy from an insurance firm. The CBB may also accept an insurance policy issued at group level, e.g. issued with respect to the parent of thelicensee , provided the terms of the policy explicitly provide coverage with respect to thelicensee .May 2011GR-8.1.8
Unless otherwise agreed in writing with the CBB, the policy must contain a clause that it may not be cancelled or lapsed without the prior approval of the CBB. The policy must also contain a provision for an automatic extended reporting period in the event that the policy is cancelled or lapsed, such that claims relating to the period during which the policy was in force may subsequently still be reported.
May 2011GR-9 GR-9 Outsourcing Requirements
GR-9.1 GR-9.1 Outsourcing Arrangements
GR-9.1.1
This Chapter sets out the CBB’s approach to outsourcing by licensees. It also sets out various requirements that licensees must address when considering outsourcing an activity or function.
Amended: July 2022
May 2011GR-9.1.2
In the context of this Chapter, ‘outsourcing’ means an arrangement whereby a third party performs on behalf of a licensee an activity which commonly would have been performed internally by the licensee. Examples of services that are typically outsourced include data processing, cloud services, customer call centres and back-office related activities.
Amended: July 2022
Amended: October 2017
May 2011GR-9.1.3
In the case of branches of foreign entities, the CBB may consider a third-party outsourcing arrangement entered into by the licensee’s head office/regional office or other offices of the foreign entity as an intragroup outsourcing, provided that the head office/regional office submits to the CBB a letter of comfort which includes, but is not limited to, the following conditions:
i. The head office/regional office declares its ultimate responsibility of ensuring that adequate control measures are in place; andii. The head office/regional office is responsible to take adequate rectification measures, including compensation to the affected customers, in cases where customers suffer any loss due to inadequate controls applied by the third-party service provider.Amended: July 2022
May 2011GR-9.1.4
The
licensee must not outsource the following functions:(i) Compliance;(ii) AML/CFT;(iii) Financial control;(iv) Risk management; and(v) Business line functions offering regulated services directly to the customers (refer to Regulation No. (1) of 2007 and its amendments for the list of CBB regulated services).Amended: July 2022
May 2011GR-9.1.5
For the purposes of Paragraph GR-9.1.4, certain support activities, processes and systems under these functions may be outsourced (e.g. call centres, data processing, credit recoveries, cyber security, e-KYC solutions) subject to compliance with Paragraph GR-9.1.7. However, strategic decision-making and managing and bearing the principal risks related to these functions must remain with the licensee.
Amended: July 2022
May 2011GR-9.1.6
Branches of foreign entities may be allowed to outsource to their head office, the risk management function stipulated in Subparagraph GR-9.1.4 (iv), subject to CBB’s prior approval.
Amended: July 2022
Amended: October 2017
May 2011GR-9.1.7
Licensees must comply with the following requirements:(i) Prior CBB approval is required on any outsourcing to a third-party outside Bahrain (excluding cloud data services). The request application must:a. include information on the legal and technical due diligence, risk assessment and detailed compliance assessment; andb. be made at least 30 calendar days before the licensee intends to commit to the arrangement.(ii) Post notification to the CBB, within 5 working days from the date of signing the outsourcing agreement, is required on any outsourcing to an intragroup entity within or outside Bahrain or to a third-party within Bahrain, provided that the outsourced service does not require a license, or to a third-party cloud data services provider inside or outside Bahrain.(iii)Licensees must have in place sufficient written requirements in their internal policies and procedures addressing all strategic, operational, logistical, business continuity and contingency planning, legal and risks issues in relation to outsourcing.(iv)Licensees must sign a service level agreement (SLA) or equivalent with every outsourcing service provider. The SLA must clearly address the scope, rights, confidentiality and encryption requirements, reporting and allocation of responsibilities. The SLA must also stipulate that the CBB, external auditors, internal audit function, compliance function and where relevant the Shari’a coordination and implementation and internal Shari’a audit functions of thelicensee have unrestricted access to all relevant information and documents maintained by the outsourcing service provider in relation to the outsourced activity.(v)Licensees must designate an approved person to act as coordinator for monitoring and assessing the outsourced arrangement.(vi)Licensee must submit to the CBB any report by any other regulatory authority on the quality of controls of an outsourcing service provider immediately after its receipt or after coming to know about it.(vii)Licensee must inform its normal supervisory point of contact at the CBB of any material problems encountered with the outsourcing service provider if they remain unresolved for a period of three months from its identification date.Amended: July 2022
May 2011GR-9.1.8
For the purpose of Subparagraph GR-9.1.7 (iv),
licensees as part of their assessments may use the following:a) Independent third-party certifications on the outsourcing service provider’s security and other controls;b) Third-party or internal audit reports of the outsourcing service provider; andc) Pooled audits organized by the outsourcing service provider, jointly with its other clients.When conducting on-site examinations,
licensees should ensure that the data of the outsourcing service provider’s other clients is not negatively impacted, including impact on service levels, availability of data and confidentiality.Amended: July 2022
May 2011GR-9.1.9
For the purpose of Subparagraph GR-9.1.7 (i), the CBB will provide a definitive response to any prior approval request for outsourcing within 10 working days of receiving the request complete with all the required information and documents.
Amended: July 2022
Amended: October 2017
May 2011GR-9.2 [This Section was deleted in July 2022]
GR-9.3 [This Section was deleted in July 2022]
GR-9.4 [This Section was deleted in July 2022]