DIFC and DFSA Latest Developments

The DFSA is launching a Cyber Threat Intelligence Platform to help firms in the DIFC implement appropriate safeguards to mitigate cyber risks. Formed through the collaboration of various cyber security teams and organisations, the platform will go live in January 2020.

All Senior Executive Officers (SEOs) received a “Dear SEO” letter on 29th December 2019 which informed them of the planned platform launch and explained the purpose of the platform, which is to establish “a cybersecurity community in the DIFC and to facilitate the detection and prevention of cyberattacks through sharing of cyber threat intelligence information”.

Joining the platform will be voluntary and with no cost to firms, therefore providing a valuable resource for firms looking to enhance their cyber security framework.

The DFSA has invited firms to attend an Outreach Session on 21st January to find out more and further discuss the platform. Interested firms will need to register their attendance through the link in the Dear SEO letter.

The Financial Markets Tribunal (FMT) has affirmed the decision by the DFSA to fine Ms Anna Waterhouse and restrict her from providing any function in connection with financial services in or from the DIFC and further to Ms Waterhouse’s appeal against the DFSA’s decision, the FMT concluded that Ms Waterhouse lacked integrity and was not a fit and proper person to perform the functions she had previously been undertaking.

Ms Waterhouse, former Head of Compliance for the DIFC branch of Deutsche Bank AG (DBDIFC), was found to have given false and misleading information to the DFSA. The FMT found that she repeatedly advised the DFSA that DBDIFC’S Private Wealth Management (PWM) team did not provide clients with any financial services but only referred prospective clients to other offices of Deutsche Bank AG.  Both the decision and the fine of US$100,000 were upheld.

Following the DFSA’s Consultation Papers No. 122 and No. 127 regarding Miscellaneous Changes, the DFSA has implemented proposed changes to its GEN and COB Rulebooks.

Within the GEN Rulebook the DFSA has added its requirements for Continuing Professional Development (CPD) hours for SEOs, Compliance Officers and Money Laundering Reporting Officers (COMLRO).

The key points for firms to note are as follows:

  • Firms need to make sure a documented training plan is in place for their SEOs and COMLROs.
  • Firms should note that the 15 hours of structured activities is defined as courses, seminars, lectures, conferences, workshops, web-based seminars or e-learning which require a commitment of thirty minutes or more.
  • Firms should implement controls to oversee the completion of CPD.
  • Firms should note that the DFSA intends to carry out sample checks, and SEOs and COMLROs can be called upon to provide records.

In August 2019 the DFSA issued Consultation Paper No. 127 to make several amendments to the DFSA’s Rulebook to strengthen the current requirements relating to the limitation of suitability assessments for Professional Clients. Proposed changes came into effect on 1 January 2020 and whilst they are not intended to have any retrospective effect, firms must consider what impact the changes will have on existing arrangements with clients.

The full Regulatory Insight on the limitation of suitability assessments for professional clients can be found here.

The DFSA has released consultation paper No. 130 – Miscellaneous Changes.

While the DFSA proposes changes to 11 rulebooks, several key proposals are as follows:

  • Amendments to the classification of assessed professional clients to recognise industry and professional associations.
  • Amendments that clarify that Arranging and Advising on Credit should not be carried out on retail clients
  • Amendments to the Collective Investment Rules and Islamic Finance Rules modules regarding an increase in borrowing limited from 50% Gross Asset Value to 65% for a Fund Manager of a Property Fund and Islamic Real Estate Investment Trust.
  • Clarification that Employee Share Schemes fall outside the scope of financial promotions under the DFSA definition.

Firms are encouraged to read the consultation paper in full to grasp all the proposed amendments. Any comments should be provided to the DFSA by 26th January 2020.

Firms are reminded that Designated Non-Financial Business or Professions (DNFBPs) should be submitting an Annual Information Return by the 31st January 2020, however this year the submission date has been extended to 13th February 2020.

All registered DNFBPs should complete the return including:

  • Accounting, Audit, Insolvency Firms
  • Company Service Providers
  • Dealers in precious metals and/or precious stones
  • Law, notary, other independent legal businesses
  • Real estate developer and/or agents
  • Single Family Offices

DNFBPs with any queries concerning the return should contact the DFSA through the Supervised Contact Form.

On 22nd December 2019, the DFSA sent all Money Laundering Reporting Officers (MLROs) of Authorised Firms a letter regarding changes made to the United Nations Security Council Assets Freeze and Sanctions List.

The letter informed firms of the United Nations Security Council’s amendment to its Sanctions List concerning Mali individuals and associated groups, undertakings and entities.

An updated version of the consolidated list can be found on the UN Security Council website..

When receiving these updates firms should:

  • Make sure they are reviewing the updates communicated by the DFSA
  • Update company sanctions lists, where necessary.
  • Review client databases and information obtained in relation to potential or existing clients against the updated sanctions list
  • Take any other action required under UAE and DFSA law and regulation, if positive matches are identified.
ADGM and FSRA Latest Developments

The Abu Dhabi Global Market (ADGM)’s Financial Services Regulatory Authority (FSRA) Outreach Session on 12th December was the fourth Outreach Session of 2019.

The first half of the session related to corporate governance, with SEOs, Compliance Officers (COs), Money Laundering Reporting Officers (MLROs) and Risk Officer (Ros) of Financial Institutions (FIs) present. The second half of the session related to a new networking group and was attended only by COs, MLROs and ROs of FIs and Designated Non-Financial Business or Professions (DNFBPs).

Session one was presented by Matt Gamble, Executive Director Capital Markets Intermediaries, Darren Williams, Senior Manager Banking & Insurance Supervision and Nadya Al Hadhrami, Senior Manager Capital Markets Intermediaries.

The introduction was a discussion about the key fundamentals of corporate governance, which are to:

  • Take an interest – in staff activity, conduct in the business, are clients being treated fairly?
  • Set a good example – set the right “tone at the top”
  • Be firm but fair
  • Communication – listening, challenging decisions, encourage discussions and open dialogue

The discussion then moved on to the definition of governance. One example is that which is used by the UK Financial Reporting Council and is: ‘the system by which companies are directed and controlled.’. By ‘directed and controlled’, the FSRA spoke of having clear strategies, objectives, monitoring progress, identifying issues and implementing an effective training and competence regime.

The FSRA emphasised the importance of effective leadership and how it plays a key part in the success and growth of an organisation, ultimately leading to compliance with regulatory standards. The phrase ‘tone at the top’ was used to emphasise the importance of the leadership team in setting the culture and values of an organisation. The FSRA also noted that being visible, promoting good behaviour, having open communication and identifying the root cause of an issue demonstrates effective corporate governance.

The FSRA discussed key areas of focus of which firms, whether they are a domestic firm, subsidiary or a branch, should be aware. Depending on the type and structure of business, examples of specific areas that are typically assessed by the FSRA during visits include:

  • Risk Management
  • Compliance/AML framework
  • Engagement with auditors
  • Performance management (e.g. objectives, incentives, management information, oversight & supervision)
  • Business plan and strategy
  • Board composition and effectiveness
  • Senior management oversight and decision making
  • Organisation and allocation of responsibilities
  • Intra-group and outsourcing relationships
  • Compliance Officer/MLRO reports

Firms should be aware of the requirements relating to corporate governance in GEN Chapter 3 Management, Systems and Controls and Principle 11 – Compliance with High Standards of Corporate Governance and GPM 3.1.15. Best practice relating to governance is outlined in GEN APP1 and the FSRA recommends that firms should review their corporate governance arrangements against the best practice guidance.

The FSRA commented that progress is being made by firms, however there is still more work to be done. Firms must bear in mind that having a well implemented governance structure is important, but the outcome and effectiveness is key. General weaknesses in the following areas were noted:

  • Leadership
  • Accountability/Responsibility
  • Effectiveness
  • Risk Management

Examples of good and bad practice identified during the FSRA reviews were then shared, some of which are outlined below.

Bad Practice

[Example 1] Business plan and strategy - The business plan and strategy were not updated to take into account the firm’s current business activities and those forecast for the next 12 months. The plan was also not reviewed and approved by the board.

[Example 2] Frequency and structure of Board meetings - The terms of reference state that the Board meets a minimum of 4 times per year. However, no Board meetings have been held since it obtained its Financial Services Permission. The SEO keeps the Board members updated informally through mobile phone calls and chat applications. Failing to document key decisions or the rationale, challenges and discussions that took place to reach the decision.

Good Practice

[Example 1] Risk and compliance reporting - The development of a monthly report of issues and risk KPIs provided to the Board, including updates on FSRA notifications, KYC onboarding, breaches, training etc.

[Example 2] Board Oversight & Composition - The firm’s Board of Directors hold senior management positions within the Group plc, this ensures that the Group maintains adequate oversight. The Board has the necessary skills, qualifications and experience.

Session 2 was not held in the presence of the FSRA but was an introduction of a proposed networking group for COs, MLROs and ROs. The FSRA has encouraged compliance and risk professionals to establish a networking group so that officers can, in a confidential way:

  • share best practice
  • discuss issues and find resolutions
  • discuss the latest hot topics

Individuals who attended were asked to leave their business card if they wished to be a part of future networking sessions to be held in 2020. Individuals looking to be part of the future networking sessions but did not leave their details should contact the ADGM. 

The ADGM has published a consultation paper on its proposed amendments to:

  • Companies Regulations 2015
  • Foundations Regulations 2017
  • Limited Liability Partnership Regulations 2015
  • Beneficial Ownership Regulations 2018

Various changes have been proposed include (but are not limited to):

  • Abolishing the requirement to issue paper certificates & licences
  • Amending the definition of “members of the same family” in the Companies’ Regulations
  • Changing the name of “Annual Returns” to “Confirmation Statements”
  • Aligning the Beneficial Ownership Regulations with Federal Cabinet Resolution No.10 of 2019 concerning Anti-Money Laundering, Counter Terrorism Financing and Financing of Illegal Organisations.

The aim of the changes is it to improve efficiency and allow more flexibility to family offices which utilise restricted scope companies.

The FSRA has fined AT Capital Markets Limited (ATCM) $320,000 for carrying out regulated activities prior to gaining the relevant permission. This was aggravated by the fact that the firm dealt with retail clients when they were prohibited from doing so. Furthermore, the FSRA found failures in ATCM’s internal governance, systems and controls, client classification and anti-money laundering processes. 

The SEO, Mr Ryan Tsui, was also fined $40,000 for being actively involved in ATCM’s unauthorised activities and failed to take reasonable steps to ensure that ATCM complied with regulations. The FSRA noted that Mr Tsui provided false and misleading information to the FSRA.

Following the investigation, ATCM and Mr Tsui agreed to settle the matter and the licence of ATCM was suspended until the FSRA can be satisfied certain regulatory requirements are being met.

Firms applying for financial permissions with the FSRA are reminded:

  • Do not solicit business until your licence has been granted by the FSRA
  • Be open, honest and cooperative and have a transparent relationship with the regulator
  • Assess what your firm has permission to do and ensure employees are aware of any licence restrictions
Middle East Regulatory Updates

The Saudi Arabian Monetary Authority (SAMA), Saudi Arabia’s Central Bank and regulator, has issued a ban on combining insurance and reinsurance brokerage activities within the same company.

The decision to separate the areas of business is believed to help reduce wrong practices in contractual relations for reinsurance business while also stabilising the insurance industry and boosting economic contributions to the national economy.

Firms who conduct both insurance and reinsurance in Saudi Arabia have three months from the 29th February 2020 to submit plans on how they will implement the decision and then one year to implement the necessary changes.

Enforcement Action

The UK’s Financial Conduct Authority (FCA) has fined Kevin Gorman, a former managing director at Braemar Shipping Services plc (Braemar), £45,000 for failure to notify personal trades.

Mr Gorman carried out the trades as a Person Discharging Managerial Responsibility (PDMR) at Braemar. This breached Market Abuse Regulations which states that PDMRs and those closely associated with them are required to notify the FCA and issuer of every transaction conducted on their own account above a certain threshold within 3 business days.

Mr Gorman sold shares worth £71,235.28 on three occasions between 24th August 2016 and 18 January 2017 without informing the FCA or Braemar within three business days. 

The FCA reiterated that notifying the FCA in these cases is integral in maintaining transparency for market participants and confidence in the markets.

The Financial Conduct Authority (FCA) has fined Professional Personal Claims Limited (PPC) £70,000 for misleading consumers through its websites and printed materials.

PPC’s website and their printed materials used logos of five banks which misled customers into believing they were submitting redress claims for mis-sold payment protection insurance directly to their banks rather than engaging PPC as a claims management company to pursue claims on their behalf. 

The Claims Management Regulator (CMR) launched an investigation following a number of complaints and after an appeal which caused the FCA to take over from the CMR a £70,000 fine was imposed.

The US Financial Industry Regulatory Authority (FINRA), Cboe Global Markets, The Nasdaq Stock Market LLC, the New York Stock Exchange, and their affiliated exchanges have collectively fined Credit Suisse Securities (USA) LLC a total of $6.5 million for supervisory violations and violations of various provisions of Rule 15c3-5 of the Securities Exchange Act of 1934 (known as the Market Access Rule).

Between 2010 and 2014, Credit Suisse offered clients direct market access to numerous exchanges. The firm then executed over 300 billion shares on behalf of its direct market access clients. There was also a period of time whereby trading activity by clients of Credit Suisse generated 50,000 alerts at FINRA and the exchanges for potential manipulative trading, including spoofing, layering, wash sales and pre-arranged trading.

FINRA and the exchanges found that during most of the relevant time period, Credit Suisse did not establish a supervisory system with adequate systems and controls to monitor its trading for example monitor potential spoofing, layering and wash sales.

Credit Suisse neither admitted nor denied the charges but consented to the entry of FINRA’s and the exchanges’ findings. The fine was apportioned among FINRA and the exchanges.

Share this