QFC Legislation | Rulebook



Notes for completing form Q02

Application for regulated activities authorisation

Core Details

Section 1 - Declaration

All applicants must complete the declaration. Where possible, this must be signed by two individuals who have been authorised to make the application on behalf of the applicant. All applicants must also provide evidence that the individual(s) signing the declaration on behalf of the firm have been given authority to do so. This can be in the form of meeting notes from a board resolution or power of attorney.

Question 2.1

This question relates to the name of the firm applying for a licence and authorisation in the QFC. If a parent entity is applying on behalf of an intended branch or subsidiary, we request the name of the intended branch or subsidiary and not the parent completing the form on behalf of the branch or subsidiary.

Question 3.1

The conducting of any permitted activities in or from the QFC can only be carried on by an LLC or LLP incorporated in the QFC by the Companies Registration Office (CRO), or by a branch of a non-QFC legal entity registered with the CRO.

Question 3.3

This question only relates to applicants seeking to establish a branch in the QFC, and refers to the applicant’s head office’s company registration number.

Question 3.13

The QFC's principal objective is to help grow the capacity of Qatar's financial sector. The QFC Law, No 7 of 2005 (Schedule 3), prescribes a range of activities that may be carried on in or from the QFC. The activities are those most commonly recognised as financial services, as well as a number of related and corporate management or headquarters activities.

Firms are advised to have preliminary meetings and discussions with the QFC Authority (QFCA) before applying for authorisation. This will be helpful in establishing strategic fit.

Your answer to question 3.13, therefore, should provide both an overview of the applicant’s proposed business in the QFC and strategic rationale for establishing in the QFC.

Applicants must also submit a business plan as a separate attachment to this form covering the following key areas:

▪ Background of the applicant (including)

- history

- organisation structure

- divisions and business units

- international locations

- corporate governance

▪ Opportunities identified in the QFC

- rationale for establishing in the QFC

- details of existing regional presence

- previous experience of providing the regulated activities

- experience of the governing body

▪ Business Planning

- products and services

- target markets

- type of clients

- type of products

- marketing approach and delivery channels

- strategy for managing and controlling the business

- strategy going forward

- 3 years’ financial projections, including detailed notes on the assumptions behind them

- balance sheet, profit and loss account and cash flows

- commitment to provide necessary capital and ongoing funding

- target returns

- growth plans and assumptions

▪ Organisation in Qatar

- staffing levels, headcount and organisation chart for the QFC entity

- reporting lines and allocation of responsibilities

- senior management roles and responsibilities

- risk management strategy

- identification and management of conflicts

- project plan for the establishment of the QFC office including timescales

- IT systems

- transaction flowcharts

- group support and outsourcing

If the applicant intends to carry on Regulated Activities of managing investments and/or operating a collective investment fund, please provide in addition

- proposed nature of the funds under management and the anticipated account structure(s) e.g. individual client funds; registered funds (funds established in the QFC), foreign funds, group funds, pooled accounts, etc.

- estimate of the amount of funds under management at the end of the first six months and at the end of the first twelve months following authorisation

- details on whether the operator has appointed an investment committee (if yes, provide details of terms of reference, structure and experience of the committee. If no, explain how these functions will be performed?)

- details of the underlying assets which the applicant intends to invest in, e.g. cash, equities, debt, property, derivatives, etc. and, if applicable, details of the products, such as derivatives if only used for hedging purpose.

If the applicant intends to carry on Regulated Activities of effecting a contract of insurance or carrying out a contract of insurance, please provide in addition

- business plan split by lines of business

- geographical split

- details of premium income split between primary insurance and inwards reinsurance i.e. give an indication of how much reinsurance business is being written.

- rationale for entering the market in these classes at this time in the insurance industry cycle

- realistic disaster scenarios

- structure of reinsurance programme and strategy

- overview of investment strategy

- overview of the underwriting team and its experience

- claims handling

- exit strategies

- identify proposed sources of capital that will be available to support the new underwriting operation

Questions 3.15 – 3.16

The conducting of any permitted activities in or from the QFC can only be carried on by entities incorporated in the QFC or registered as a branch with the CRO.

If the applicant is considering premises in Qatar, other than premises already designated for the QFC, it will need to arrange for the designation of those premises and therefore must consult with the QFCA as early as possible.

Question 3.17

This application relates to activities to be carried on in or from the QFC. If an authorised firm wishes to establish an additional office in Qatar outside the QFC to carry on non-QFC business, it must comply with the other laws of the State of Qatar, as well as any restrictions or requirements that may be imposed under Qatari law.

Questions 3.18 – 3.35

If you have answered yes to question 3.19, please attach a group structure chart to this application, indicating on the chart any regulated financial institutions within the group and their relevant overseas regulators.

A group would include any parent entity of the applicant, and/or any subsidiary (direct and indirect) of the parent entity or of the applicant itself.

The group structure chart should state the % size of each controller’s holding. It is important to show all the beneficial owners of controlling interests of which the applicant is aware, including those with an indirect controlling interest. Please also show any person who has a contractual arrangement with the applicant under which the person can exert a significant influence over the applicant.

If there is a parent entity, the chart must also show details of shareholders with 10% or more of the share capital in the parent entity.

If shares are held by a trust, the applicant must also provide details of all trustees and beneficiaries.

These questions relate to the Regulatory Authority’s obligation to satisfy itself that an applicant’s controllers, close links, governing body and other connections are not likely to prevent the effective supervision of the applicant by the Regulatory Authority.

Applicants are advised to familiarise themselves with the QFC definition of a controller in the Regulatory Authority’s General Rulebook (GENE), chapter 8. Firms must provide details of all corporate and individual controllers.

Question 3.22

The relevant pages refer to the identification page and signature page i.e. the pages with the passport photograph and the passport holder’s signature. Copies must be certified by a signature of a director of the applicant or its parent entity, or by the person authorised to complete and submit the application (see section 1 – declaration).

Question 3.23

Under consolidated supervision the overseas regulator of the home state of the applicant’s head office or its group would have ultimate responsibility for prudential supervision globally.

Question 3.24

Please provide contact details including name, email address and telephone number of the contact person at the overseas regulator. Please note that it is our standard practice to contact the overseas regulator to confirm its awareness of the application, and that it has no objections to it.

Question 3.33

A significant business interest might be where an individual has a holding of 10% or more in a business or is in a position to influence the decision making process.

Question 3.36

An application to register an approved individual must be made in writing using QFC form Q03 in respect of each individual performing controlled function(s). The application fee is $500 for each individual and the Regulatory Authority will send you an invoice for the total. A separate application form should be submitted for each individual. There are controlled functions that are required functions for every authorised firm, while others will depend on the firm's regulated activities. Firms should read chapters 2 to 4 of the Individuals Rulebook (INDI) before answering question 3.36. You should also read the notes to questions 12.4 – 12.6 and 12.7.

Question 3.37

You should list all other directors who will not be seeking approved individual status as set out in question 3.36.

A significant business interest might be where an individual has a holding of 10% or more in a business or is in a position to influence the decision making process.

Question 3.38

Please list all auditors currently appointed by the applicant.

Question 3.45

It is a requirement for a firm setting up as an LLC or LLP within the QFC to appoint a qualified and QFCA approved auditor. See the list of approved auditors on the QFCA website at .qa

Questions 4.1 – 4.6

These questions relate to both the applicant (the firm applying for authorisation) and the group i.e. the applicant’s parent entity and other firms that form part of the group.

Question 5.1

The Financial Services Regulations (FSR) schedule 3 details regulated activities and permitted activities within the QFC. QFC Law provides that no activities other than permitted activities may be carried on in the QFC (see Part 4 of Schedule 3 of the FSR). Applicants should familiarise themselves with these permitted activities in relation to the proposed business activities before answering these questions.

Please note that by completing this matrix the applicant is confirming that it has reconciled its proposed business model to the FSR definitions of regulated activities and specified products. (This is available to review on the QFC legislation website; you should refer specifically to FSR Schedule 3).

Applicants intending to perform the regulated activities of carrying out contracts of insurance and effecting contracts of insurance should consider whether they are also performing the regulated activity of advising on investments (even though this might be limited to contracts of insurance) and check the relevant boxes in matrix 5.1(a). These applicants will still be subject to prudential regulation under the Regulatory Authority’s Prudential-Insurance Rulebook (PINS).

Please note that insurance intermediaries may be advising on investments, arranging deals in investments, managing investments and dealing in investments (limited to insurance contracts) and will be subject to prudential regulation under PIIB.

Retail insurance business

Applicants intending to carry on retail business in relation to contracts of insurance (including insurance mediation) must provide the following as part of their policies and procedures and/or as part of the business plan:

• The nature of the business and products and services being provided (COND 1.1.1).

• The process for customer identification/client classification and the class of customer e.g. market counterparty, business customer, commercial customer or retail customer (COND 2.3.1)

• The language of disclosure (COND 2.1.2).

• Details of who will be perform the Customer Facing Function and whether the individual is an employee or approved representative.

• Details of any restrictions, placed by the applicant, on the extent and range of regulated activities individuals performing the Customer Facing Function can do e.g. wholesale only, retail only etc.

• If the applicant intends using approved representatives, provide a copy of the terms and conditions of the contract (COND 2.2.3(1)).

• Details of the systems and controls to monitor and supervise the activities of the applicant’s approved representatives, if it has any.

• Procedures for dealing with complaints submitted against approved representatives.

• Details of how potential conflicts of interest will be identified and managed (COND 2.5.1)

• Detail of the procedures around inducements (COND 2.5.4 (2), commission disclosure (COND 2.5.5) and soft dollar agreements (COND 2.5.8).

• Complaint handling procedures (COND 2.6.1). Applicants are expected to have a nominated individual or function that deals with complaints, and the individual or function must deal with complaints in a timely manner and have the authority to settle claims arising from complaints.

• Claim handling procedures (COND 2.6.3). All claims are required to be dealt with fairly and timely.

• Financial promotions procedures (COND 3.1). Applicants will need to comply with COND 3.2, and firms intending to issue financial promotions to retail customers will need to comply with COND 3.3

• Procedures used to accept and reject applications; service standards for issuing policy documentation; and procedures for dealing with customer enquiries.

• Procedures to ensure that application forms provided to its customers are clear, fair and not misleading and enable customers to understand the conditions and provisions of the insurance policy.

• Procedures to ensure that application forms provided to customers make it clear that it is the customer’s duty to make all material disclosures relating to the insurance application, including potential implications of the inaccuracies in the information being disclosed.

• Policies and procedures to train staff to deal with retail customers efficiently and effectively.

• Policies and procedures to ensure that the applicant only deals with intermediaries approved by the regulatory authority to transact insurance mediation business.

• Procedures to transact investment business, as specified in Part 4 of COND (please note that the current regulatory regime with the QFC limits any retail investment business to contracts of insurance only).

• A copy of the initial disclosure document (IDD) as required in COND 4.2.1 and procedures to ensure the IDD complies with the content requirements of COND 4.2.3.

• A copy of the applicant’s terms of business agreement (COND 4.2.2) and the procedures to ensure that it complies with the contents requirements of COND 4.2.6.

• The applicant’s record keeping arrangements to ensure copies of the IDD and Terms of Business are retained in accordance with COND 4.2.9.

• Procedures covering “Know Your Customer” checks for suitability and AML verification requirements (COND 4.3.3)

• Procedures covering the necessary disclosures in respect of independence (COND 4.3.6)

• Procedures to ensure compliance with COND 4.3.10 where the applicant intends selling packaged products.

• Procedures to ensure compliance with COND 4.3.15 where the applicant intends selling life policies.

• If insurance intermediary, confirmation of status i.e. “independent” or “tied”.

• Procedures for adequate disclosure of status (be it “independent” or “tied” that complies with COND 5.2.3.

• If the applicant offers advice, procedures for offering advice on Insurance that cover “Know Your Customer” (COND 5.3.2); Suitability (COND 5.3.3); and assessment of the risk profile of the client (COND 5.3.4).

• Procedures and controls to ensure that the form and content of the disclosure within product literature complies with COND 5.4.

• Procedures in place to comply with post contractual obligations as detailed in COND 5.5.

• Confirmation of Professional Indemnity (PI) cover in place (for insurance intermediaries), and a summary of what it covers.

• Procedures, systems and controls covering the following areas:

o Dealing with retail customers

o Cooling off periods

o Cancellation of contracts (COND 6.2)

o Production of cover notes/policy documentation

o Claims handling (COND 6.3)

o Insurance renewals

o Complaints handling

Collective investment funds

Applicants intending to establish a collective investment fund in the QFC, i.e. operators, must be authorised to carry on the regulated activities of:

• Operating a collective investment fund

• Managing investments

• Dealing in investments (as agent)

Applicants intending to establish a private placement fund in the QFC must, in addition, be authorised to carry on the regulated activities of:

• Providing Custody Services

Applicants intending to provide custody services to a collective investment fund, or otherwise act in the capacity of independent entity, must be authorised to carry on the regulated activities of:

• Operating a collective investment fund

• Providing custody services

Question 5.3

Non-regulated activities are set out in FSR, Schedule 3, Part 4, sections 1.2(10) to (15).

Question 5.5

An Islamic financial institution means an authorised firm whose entire business operations are conducted in accordance with Shari’a. Islamic window refers to a situation where an authorised firm conducts Islamic financial business as a part of its business operations.

An authorised firm must not hold itself out as conducting Islamic financial business unless its authorisation includes an endorsement from the Regulatory Authority authorising it to conduct Islamic financial business as an Islamic financial institution, or by operating an Islamic window, as detailed in the Islamic Finance Rulebook (ISFI), chapter 2

Business risks and controls

Question 6.1

The accounting reference date is the date the financial year of a company ends. It defines the period for which its statutory accounts are to be prepared.

Please note that all authorised firms other than those conducting Islamic financial business must use UK or US GAAP or IFRS for financial reporting.

Question 6.6

Details of the requirements relating to subordinated debt can be found in section 2.10 of the Regulatory Authority’s Interim Prudential – Investment, Insurance Mediation & Banking Business Rulebook (PIIB).

Question 6.14

If the applicant is incorporated or formed outside the QFC, i.e. if you intend to set up a branch in the QFC rather than a new legal entity, all forecast figures should be at the branch level rather than based on the whole firm.

The Regulatory Authority may, at its sole discretion, exempt branches from the financial resources requirements of PIIB. In this respect, the Regulatory Authority may seek to rely on the applicant’s overseas regulator when it comes to prudential supervision, provided it is satisfied that the rules are broadly equivalent to those of the Regulatory Authority, and that appropriate arrangements exist or are expected to exist within the relevant overseas regulator.

Question 6.15

An authorised firm that conducts Islamic financial business must disclose in its financial statements the matters set out in the Accounting and Auditing Organisations of Islamic Financial Institutions (AAOIFI) Financial Accounting Standard (FAS) 12 – AAOIFI FAS 12 and AAOIFI FAS 13.

Question 6.16

Please see INAP for definitions.

Summary of base capital requirements

An authorised firm conducting investment business has a capital requirement, as at the time of authorisation, calculated in accordance with PIIB 2.3.1 that is the higher of its base capital requirement and its expenditure based capital minimum. At no time after authorisation must the regulatory capital of an authorised firm fall below the applicable minimum capital requirement.

An insurer’s minimum capital requirement is the higher of the applicable base capital requirement as determined by PINS 3.4.1 and its risk based capital requirement, calculated in accordance with PINS 3.5.1.

Therefore, initial minimum requirements will differ according to the type of business an authorised firm conducts. For example:

Banks $10 million

Islamic Financial Institutions* $10 million

Principal trading firms $2 million

Agency brokers $500,000

Certain fund managers $500,000

Arrangers or advisers $250,000

Reinsurers $20 million

Insurers (direct) $10 million

Captive insurers

(Class 1) $150,000

(Class 2) $1 million

(Class 3) $250,000

*where the entire business is conducted in accordance with Shari’a and the firm operates a profit sharing investment account.

Additional capital requirements

The higher of the minimum base capital requirement or the following additional capital requirement will apply on authorisation for the following categories of firm:

l deposit takers – tier one capital must be greater than 8% of total assets;

l captives follow the same risk-based capital requirement model as insurers as outlined in PINS A3, with modifications (for example being exempt from concentration risk) but the credit risk requirements are the same as for any insurer.

l for all insurers the minimum capital requirement is the higher of the base capital requirement or the amount determined through the risk based capital requirement model outlined in PINS A3. Insurers can also determine their minimum capital requirement, with prior Regulatory Authority approval, using internal modelling as noted in PINS 3.8.

Other activities, for example project finance – 13/52 of projected annual expenditure (18/52 for authorised firms holding client money).

Auditor’s Report

The auditor’s report on financial resources must be signed by a person who is qualified to practise as an auditor, who has a current practising certificate.

Question 7.1

In compliance with the Regulatory Authority’s Controls Rulebook (CTRL) 4.4, an authorised firm must establish and regularly review its risk management policy. An authorised firm must also appoint an individual to advise its governing body and senior management on matters of risk.

Question 7.2

Responsibility for the risk management strategy of an authorised firm includes setting the strategy, implementing it, monitoring adherence to it and reporting on it to senior management and the governing body.

Question 7.5

The risk management manual should cover the following risks as they apply to your business:

Market risk

▪ the risks arising from the type and nature of market(s) the applicant operates in, or intends operating in, including the applicant’s risk appetite and the nature of market risk exposures involved in the products and services the applicant proposes to offer.

Credit risk

▪ the applicant’s risk appetite, the nature of counterparty exposures involved in the applicant’s products and services, portfolio characteristics and the nature and extent of credit risk mitigation.

If the applicant is applying to carry on the regulated activity of deposit taking, it must provide the following additional information under credit risk (either as supporting documents or as part of the risk management manual):

▪ the structure and terms of reference for credit, arrears, and provisioning committees, or of any other committees that determine the applicant’s credit policy

▪ details of lending authorities

▪ details of portfolio limits (based on geographical, industry, and concentration risk)

▪ policies and procedures for arrears

▪ policies and procedures for provisioning

▪ polices and procedures for collections

▪ credit related policies and procedures to deal with

o criteria for granting credit and how assessments need to be undertaken (e.g. valuations)

o syndicated loans

o security

o insurance renewals

o excesses

o extensions

o annual credit reviews

Operational risk

▪ risks of direct or indirect loss due to inadequate or failed internal processes, people and systems or from external events

Liquidity risk

▪ the risks arising from the type and nature of the applicant’s liquidity or asset and liability mix, including the liquidity management framework and the composition of liquidity to allow funding of the operational and financial obligations of the business, both day-to-day and in crisis situations

Legal risk

▪ risks arising from the type and nature of the applicant’s contractual agreements, including the risk that contracts may not be enforceable under applicable law

Insurance underwriting risk (insurers only)

▪ risks arising from the type and nature of the applicant’s insurance underwriting risk, including the nature of insurance underwriting exposures involved in the applicant’s products and services and the nature and extent of reinsurance cover

If the applicant is applying to carry on the regulated activity of carrying out a contract of insurance or effecting a contract of insurance, it must provide the following additional information under insurance underwriting risk (either as supporting documents or as part of the risk management manual)

▪ Underwriting overview

o reporting lines for the underwriting function

o details of how the applicant will assess potential business to decide pricing or whether a risk should be accepted

o details of the underwriting limits at the various levels (junior underwriter, senior underwriter etc.) for the different lines of business

o details of how the underwriting function is monitored and the controls in place to ensure that underwriters do not exceed limits or write unauthorised business

▪ Claims overview

o reporting lines for the claims function

o details of how the applicant will process and investigate a claim

o details of the frequency and type of reviews of claims data by management

o details of how claims and reserving are recorded

▪ Reinsurance overview

o details of the planned reinsurance program by line of business, including list of re-insurers, the layers each one will reinsure, and the overall retention by the applicant

o details of the applicant’s overall reinsurance strategy

o details of the frequency and type of reviews and monitoring carried out by the applicant to ensure that adequate reinsurance coverage is maintained according to the applicant’s risk management strategy

▪ Investment (asset management) overview

o overview of the applicant’s investment strategy including asset mix

o details as to how investment management will be monitored by senior management

Question 8.1

Before conducting business with a client, an authorised firm must take reasonable steps to establish whether the client is a retail customer, business customer or market counterparty as detailed in the Regulatory Authority’s Conduct of Business Rulebook (COND).

Question 8.2

An authorised firm’s systems and controls must include appropriate checks to support each assessment it undertakes to classify a client in a customer category (COND 2.3.4).

Question 8.3

Before conducting insurance broking business with a client, an authorised firm must classify such client as a retail customer or commercial customer (COND 2.3.1).

Question 8.4

Before an authorised firm communicates, approves or issues any financial communication it must ensure that it is accurate and true, and clear, fair and not misleading (see COND 3).

An authorised firm must not make or approve a financial promotion in relation to a collective investment fund that is addressed to, or disseminated in such a way that it is likely to be received by, a person who is not a qualified investor (see COLL 9)

Question 8.8

A registered fund is a collective investment fund that is established in the QFC and registered under COLL. Currently all funds established in the QFC must be registered as a qualified investor fund. Only qualified investors may hold units in a registered qualified investor fund.

Foreign funds are funds established outside the QFC. Currently foreign funds may only be offered or sold to qualified investors.

Private placement funds, in accordance with COLL rule 1.2.1, are:

A) fund’s registered as qualified investor funds; and

B) the number of unitholders does not at any time exceed 100; and

C) the fund’s constitutional document contains the statements required by COLL Part S2.3 (Additional constitution requirements for private placement funds).

Question 8.9

Before an authorised firm issues or approves a financial communication, it must ensure that the material states which Shari’a supervisory board has reviewed the products and services to which the material relates.

Question 8.10

COND4, Division 4.5C details the Regulatory Authority’s requirements for dealing and managing. It sets out the requirements for subjects such as best execution, timely execution, timely allocation and fair allocation, amongst other requirements.

Question 8.11

An investment manager is defined in INAP as:

A person who, acting only on behalf of a client:

A) manages relevant investments in an account or portfolio on a discretionary basis under the terms of a discretionary management agreement; or

B) manages relevant investments in an account or portfolio on a non-discretionary basis under the terms of a non-discretionary management agreement.

Questions 8.13 and 8.14

All applicants must read Regulatory Authority’s Assets Rulebook (ASET) 2 for the definition of client money to decide whether or not they will be holding client money.

Questions 8.16 – 8.19

A designated bank is defined in INAP as:

An undertaking incorporated in a designated jurisdiction that is -

A) regulated as a bank; and

B) principally regulated (for prudential purposes) by an overseas regulator

in that designated jurisdiction.

A designated jurisdiction is defined in INAP as:

Any jurisdiction that meets the requirements for such from time to time stipulated by the Regulatory Authority or designated as such in a list published by the Regulatory Authority, from time to time.

Question 8.18

When assessing the suitability of a designated bank, an authorised firm must have regard to all the relevant circumstances, including those listed in ASET 2.5.6

Question 8.20

Under ASET 2.12, an authorised firm that holds client money must arrange for its auditors to prepare a report and submit it to the Regulatory Authority in accordance with the Regulatory Authority’s General Rulebook (GENE) 9.5.

Questions 8.21 and 8.22

ASET 7 defines the term insurance money, and sets out the Regulatory Authority’s requirements relating to insurance money segregation, reporting and record keeping.

Question 8.23

Under ASET 7.4 an authorised firm that holds insurance money must arrange for its auditors to prepare a report and submit it to the Regulatory Authority in accordance with GENE 9.5.

Question 8.25

Applicants are reminded of PIIB rule 2.4.1, which sets the base capital requirement at $10 million for firms providing custody services to collective investment funds.

Question 8.26

All relevant investments belonging to a client (including a collective investment fund) in respect of an authorised firm that provides custody services or arranges the provision of custody services in or from the QFC are custody investments (ASET 4.2.1).

An authorised firm that holds or controls custody investments must have systems and controls in place to identify and safeguard them at all times (ASET 4.3).

Questions 8.28

An authorised firm may only hold a custody investment with an eligible custodian or arrange the provision of custody services through an eligible custodian if it has undertaken a prior assessment of the suitability of the eligible custodian, and has concluded on reasonable grounds that the eligible custodian is suitable to hold those custody investments (ASET 4.5.1). See ASET 4.5.3 for guidance on what should be considered as part of the suitability assessment.

Question 8.31

ASET 4.6 - 4.11 deal with the regulatory authority’s requirements on the use of custody investments, client notifications, client reporting, reconciliation, auditor’s reports and record keeping.

COLL rules 4.2.5 – 4.2.7 apply to persons providing custody services to collective investment funds, i.e. acting as an independent entity, and deal with the Regulatory Authority’s requirements on the additional safekeeping functions, duties, and record keeping requirements of the independent entity. COLL rule 6.1.8 deals with stock lending.

Questions 8.32 to 8.34

In compliance with CTRL chapter 4, an authorised firm must take adequate steps to ensure that its systems, resources, procedures and controls are at all times appropriate to its business.

Questions 8.35 and 8.36

Authorised firms are required to provide their customers with terms of business setting out the basis on which the investment business or deposit taking business is to be conducted, with or for the customer, within a reasonable time before it carries out business. The terms of business must set out in detail the basis on which the firm will conduct business with the customer (COND 4.2.6 and Schedule 1).

Please attach a copy of the terms of business the applicant intends providing to its customers (see COND 4.2B for guidance of the provisions that must be included within the terms of business). It is generally required that such terms of business must be in place prior to authorisation.

Question 8.37

COND 4, Part 4.4 details the reporting requirements with which an authorised firm that conducts investment business, with or for customers, has to comply. This includes the issuing of confirmation notes and periodic statements, and the record keeping requirements in relation to these.

Question 8.38

An authorised firm must disclose to each client with whom or on behalf of whom it conducts or proposes to conduct Islamic financial business, the members of the authorised firm’s Shari’a supervisory board and, if the client asks, the manner and frequency of Shari’a reviews. These disclosures must be made before conducting Islamic financial business with or on behalf of that client, and thereafter whenever the information changes (see ISFI 3).

Question 8.39

Details of specified products may be found in FSR Schedule 3, Part 3. You should ensure that the Shari’a products your firm will seek to offer can be reconciled to one or more of these.

Question 8.40

COND 4, 5 and 6 details the type of information an authorised firm must provide to and obtain from its customers, the assessment of suitability of the product service being offered, and how to handle claims made by customers.

Question 8.42

A registered fund is a collective investment fund that is established in the QFC and registered under COLL. Currently all funds established in the QFC must be registered as a qualified investor fund.

Foreign funds are funds established outside the QFC.

Private placement funds, in accordance with COLL rule 1.2.1, are:

A) funds registered as qualified investor funds; and

B) the number of unitholders does not at any time exceed 100; and

C) the fund’s constitutional document contains the statements required by COLL Part S2.3 (Additional constitution requirements for private placement funds).

Question 8.44 – 8.45

The COLL Rulebook part 7.4 provides provisions for outsourcing functions to third parties.

Provide the following details about any investment advisers, fund administrators or other services providers appointed to undertake functions in relation to the collective investment fund:

▪ details of the functions being outsourced;

▪ full name of the service provider;

▪ registered address of service provider;

▪ regulatory status of service provider (name of regulator and authorisation or license number);

▪ an explanation of the rationale behind the decision to use the service provider;

▪ main details of the agreement or arrangement between the operator and the service provider; and

▪ details of the contingency plans that are, or will be in place.

Question 8.46

A registered qualified investor fund other than a private placement fund must have an independent entity. The independent entity is the person responsible for the safekeeping of the fund property, or where the fund is a trust, the person holding the fund property on trust for the participants of the fund.

The operator is responsible for the appointment of the independent entity of the collective investment fund. The independent entity can be based in or outside the QFC.

Where the independent entity is based in the QFC it must be an Authorised Firm, and must be authorised to:

▪ operate a collective investment fund; and

▪ provide custody services; and

▪ be permitted under its scope of authorisation to be the independent entity of the fund, registered funds of that kind or any registered fund.

Where the independent entity is not based in the QFC, the operator of the fund must certify in writing to the Regulatory Authority that:

▪ the independent entity is an appropriate person to be the independent entity of the fund;

▪ the independent entity can effectively carry out the independent entity’s functions under COLL;

▪ the appointment of the independent entity of the fund is in the interest of participants and potential participants in the fund.

In providing this certificate the operator must undertake detailed due diligence and assessment of the independent entity and consider a number of matters which are set out in the rules (COLL rule 4.2.1(2)). Please provide evidence and documentation on the assessment.

The Regulatory Authority will also make a decision as to whether the proposed independent entity is appropriate and may refuse to register the collective investment fund unless the proposed independent entity is appropriate.

Question 8.47

Applicants must consider the following provisions as part of the operator’s systems, controls and procedures, to ensure compliance with COLL

a) the investment and borrowing decisions under COLL 4.1.3;

b) identification and segregation of fund property under COLL 4.1.3;

c) register of unit holders under COLL 4.1.6 and part 7.2;

d) making of records under COLL 4.1.7

e) affected person transactions under COLL 5.1.1;

f) investor relations under COLL chapter 5;

g) investment and borrowing restrictions under COLL chapter 6;

h) the valuation, pricing and dealing provisions under COLL 7.1.; and

i) any other relevant provisions under COLL.

If the operator has appointed an investment committee, provide details of its terms of reference, structure and experience of the committee. If there is not an investment committee, explain how the above provisions are overseen.

Question 8.54

The oversight responsibilities of the independent entity of a registered fund are set out in COLL 4.2.3 (Oversight function of independent entity). Applicants that will be acting as an independent entity should provide details of its systems and controls (including policies and procedures) for ensuring that the fund is managed by the operator in accordance with COLL 4.2.3.

The applicant should also describe the arrangements for reporting breaches in accordance with COLL 4.2.4.

Questions 9.1 – 9.2

Under COND 2, Part 2.5 an authorised firm must establish systems and controls to identify and manage any actual and potential conflicts of interest and material interest.

In the management of conflicts, you should give consideration to such tools as Chinese walls, disclosure and a written policy of independence.

Question 9.3

Please refer to COND 4.5.1 - 4.5.4 for an understanding of the Regulatory Authority’s requirements regarding investment research.

Question 9.4

Please refer to COND 2, Part 2.5 for an understanding of the Regulatory Authority’s requirements regarding inducements and soft dollar agreements.

Questions 9.5 – 9.6

Authorised firms should ensure that their staff remuneration policies are clearly documented and do not result in conflicts of interest between staff and either clients’ or the authorised firm’s best interests. In particular, regard should be had to the awarding of bonuses.

Question 9.7

Please refer to COND 2, Part 2.5 and COND 4.5.5 – 4.5.6 for an understanding of the Regulatory Authority’s requirements regarding inducements and personal account transactions.

COND 4.5.5 requires an authorised firm to establish systems and controls including:

• a permissions and restrictions notice

• making compliance with the notice a term in the employee’s contract

• maintaining a restricted list

• record keeping

Question 9.8

A party to a transaction will be related if, in respect of one entity, the first entity, being in the position relative to that entity of:

(A) a second entity that is a subsidiary, associate or holding company of the first entity;

(B) a second entity that is a subsidiary or associate of the holding company of the first entity;

(C) a director or officer of the first entity or of an entity that is related to the first entity by reason of (A) or (B) above;

(D) the spouse or minor child of a natural person referred to in (C) above; or

(E) a company that is a subsidiary of or subject to significant influence by or from a natural person referred to in (C) or (D) above.

Questions 10.1 and 10.2

CTRL 3 provides more information on the Regulatory Authority’s requirements regarding allocation of responsibilities. An authorised firm must clearly allocate responsibility at all times for all aspects of its business amongst appropriately senior levels of management so that it may be effectively monitored.

Question 10.3

The Regulatory Authority would normally expect this responsibility to be undertaken by the individual carrying out the senior executive function or, in certain circumstances, by an individual carrying out the executive governance function.

Question 10.11

For example, the Regulatory Authority would normally expect the money laundering reporting function and compliance oversight function to be kept separate from the senior executive function, finance function and customer facing function.

Question 10.17

If appropriate, you should place the organisation structure for compliance within the context of -

• the overall risk and control framework

• the overall nature of the relationship between group compliance and specific business line or entity compliance functions

• the independence of compliance staff

Questions 10.19 and 10.21

To be effective, a compliance plan must be tailored to the business and appropriate to the nature, scale and complexity of the authorised firm. The contents of a compliance manual, therefore, may differ depending on the regulated activities the firm is authorised to conduct.

The following list sets out the generic content of a compliance manual. Applicants and authorised firms may choose to provide some of the detail in other operational documents but we would expect to see at least a cross-reference to where and how the obligations are met.

Overview

• the governing body is ultimately responsible for oversight and periodic review of an authorised firm’s compliance framework and culture. Senior management is responsible for implementing a continuous compliance program that consists of manual, procedures, reporting and review regime.

• ultimately, a compliance framework supported by a manual and procedures that are easily understood and implemented by staff will assist the governing body in achieving its compliance objectives.

Compliance Manual Content

In broad terms, a compliance manual should address the following issues, drawing upon elements of both COND, CTRL and, if applicable, COLL.

• purpose of the compliance manual

• definition and objectives of compliance

• how the manual is updated, amended and approved

• overview of the Regulatory Authority

• the legislation applicable in the QFC (Law, Regulations / Rulebooks)

• the principles for authorised firms (from the Principles Rulebook - PRIN)

• activities and scope of authorisation of the authorised firm

• key contacts at the Regulatory Authority

• procedures for reporting of compliance breaches

• policy for dealing with staff who breach compliance procedures

• the investment and borrowing decisions under COLL 4.1.3;

• identification and segregation of fund property under COLL 4.1.3;

• register of unitholders under COLL 4.1.6 and part 7.2;

• making of records under COLL 4.1.7

• affected person transactions under COLL 5.1.1;

• investor relations under COLL chapter 5;

• investment and borrowing restrictions under COLL chapter 6;

• the valuation, pricing and dealing provisions under COLL 7.1.; and

• any other relevant provisions under COLL.

Compliance governance framework

• Role of the governing body

o committees

o reporting and review framework

• Senior management

o committees

o reporting and review framework

• Business Line Staff

o obligations for staff in relation to compliance and the manual (such as confirmation of receipt, understanding and training)

• Compliance Function

o staffing and key responsibilities

o roles of the compliance oversight function, audit and risk

o compliance monitoring, testing, indicators

o breach monitoring, logging and reporting

o review framework

o independence

• Access to information

o conduct of investigations

o duty to communicate

o right of access to senior management and governing body

• Group compliance organisation/reporting chart

Key obligations and how they are met

General

• organisation charts/reporting lines/segregation of duties

• allocation of responsibilities

• reference to the authorised firm’s risk manual

• reference to the authorised firm’s business continuity procedures (BCP)

• record-keeping requirements

• outsourcing (assessment/notification/reviews)

• reference to AML procedures

• approval of financial communications

• required disclosures on key documents and other communication

• procedures for identifying / managing conflicts

• complaints handling

• inducements, gifts and soft dollar arrangements

• personal account transactions

• data protection, in particular, the obligations imposed under the QFC’s Data Protection Regulations 2005 and the Data Protection Rules

• classification of clients (how are the obligations to classify clients met, what documentation is collected and maintained to support classification)

• client take-on procedures

• Specific to investment business

o keeping records of advice / transactions

o suitability

o record-keeping

o documentation provide to clients

▪ terms of business

▪ confirmation notes

▪ periodic statements

▪ client money

▪ best execution

▪ timely execution

▪ aggregation of customer orders

▪ allocation of relevant investments

▪ customer order priority

▪ excessive dealing and switching

• Specific to banking business

o keeping records of advice and transactions

o suitability

o record-keeping

o documentation provided to clients

▪ terms of business

▪ periodic statements

o referral process for regulated sales

• Specific to operating a collective investment fund

o monitoring of adherence to COLL, constitutional document and prospectus

o observation of international best practice standards, e.g. AIMA

o role and responsibilities of various functionaries, e.g. operator, independent entity, fund administrator.

o outsourcing arrangements and compliance monitoring procedures

o fund property arrangements

o valuations and unit price calculations

o investment and borrowings

o issues and redemptions

o income, distribution and re-investment

o promotions and marketing

o conflicts and related party transactions identification, managing and monitoring

o unitholder complaints

o record-keeping

• Specific to insurance business

o monitoring of adherence to business plan/underwriting model;

o policyholder complaints

o independent review/peer review

o renewal

o intermediaries

o regulatory requirements

o record-keeping

Staff

• fitness and propriety of approved individuals

• principles of conduct for approved individuals

• temporary staff or those who visit the local office regularly

• approved individuals and controlled functions

• staff training and competence (identify training requirements, scheduling and recording)

• testing

Reporting to the Regulatory Authority

• prudential reporting

• financial reports and statements

• changes in controllers and annual controllers report

• close links reporting

• notifications

• AML reports

• breaches

Questions 10.29 and 10.30

It is a general requirement that an Islamic financial institution establishes and maintains systems and controls which ensure that its entire business operations comply with Shari’a. An authorised firm must implement and maintain an Islamic financial business policy and a procedure manual which addresses the matters set out in ISFI 5.2.1.

Question 10.31

An authorised firm must appoint a Shari’a supervisory board and ensure that it complies with the requirements of ISFI 6.1.1(B). Further, an authorised firm must document its policy in relation to its Shari’a supervisory board and retain records of its assessment and the agreed terms of engagement.

Question 10.32

Where a transaction will involve a client becoming a profit sharing investment account holder, an authorised firm must warn the client in writing that the risk of loss rests with the client and that the authorised firm will not share in the losses unless there is negligence or misconduct for which it is responsible.

Further, an authorised firm must ensure that its terms of business provided to a client comply with the requirements of ISFI 7.1.2.

A profit sharing investment account is defined in INAP.

Question 10.33

Under COND 2, Part 2.6 an authorised firm must establish and operate appropriate and effective, written internal complaints handling procedures for dealing with complaints made against it by customers in relation to regulated activities (whether justified or not) fairly, efficiently and with due diligence and consideration.

COND 2.6.5 sets out the relevant record-keeping requirements.

Questions 10.34 – 10.37

Under CTRL 4.9, an authorised firm must have procedures in place to ensure, as far as possible, that it can continue to function to meet its obligations in the event of an unforeseen interruption.

Questions 10.38 – 10.44

Please refer to CTRL 5 for more information on the Regulatory Authority’s requirements regarding outsourcing.

In particular, you should bear in mind that the act of outsourcing certain functions does not relieve an authorised firm of its regulatory obligations.

You should also consider whether one or more outsourcing arrangements, either singly or taken together, are such as to constitute material outsourcing.

For authorised firms acting in the capacity of an operator or independent entity of a collective investment fund, there are specific provisions in COLL Part 7.4 in relation to outsourcing.

Questions 10.45 – 10.49

Under CTRL 4.1.2, an authorised firm must undertake a review, at least annually, to examine and evaluate the adequacy and effectiveness of its systems, procedures and controls.

Where appropriate, given the size of the firm and the nature of its business, this may be performed by an internal audit function. Please refer to CTRL 4.7.

Question 10.53

Please refer to CTRL 4.5 for further information.

Question 11.1

Under the Regulatory Authority’s Individuals Rulebook (INDI) 2.1.6, the money laundering reporting function is the function of acting as an authorised firm’s MLRO in accordance with the duty in the AML Regulations Article 8.

Every authorised firm must have at least one individual registered to carry out this function.

Under INDI rule 2.2.2, the money laundering reporting function must be carried out by an individual who is ordinarily resident in Qatar.

Question 11.3

The job description for the individual performing the money laundering reporting function should cover, at a minimum -

• the seniority of the individual

• reporting lines

• experience required

• independence

• key day-to-day responsibilities

• training of staff

• receipt (internal) and submission (external) of suspicious transaction reports

• relations with regulators

Questions 11.6 – 11.8

In broad terms, an authorised firm’s anti-money laundering (AML) policies, procedures and manual should address the following matters.

Policies and procedures

• outline an adequate framework given the nature, scale and complexity of the authorised firm

• the implications of failing to meet regulatory obligations

• the requirements for each business area covered

• the ethical and business reasons for combating money laundering

• ready availability of policies and procedures to staff

• how often and by whom the policies and procedures are reviewed

• where reviews are escalated once completed

• how changes or updates to policies and procedures are relayed to relevant employees

• how the authorised firm monitors changes to money laundering legislation and practices

• the adequacy of the authorised firm’s conflict of interest policy to monitor AML, especially in relation to sales staff whose remuneration is based on levels of sales

MLRO

• the individual who performs the money laundering reporting function (MLRO) for the authorised firm

• the appropriateness of the appointment given the organisational structure?

• whether the MLRO is of sufficient seniority, competence and authority to perform the controlled function effectively

• roles and responsibilities are clearly documented

• access of the MLRO to senior management

• the reporting structure for staff to the MLRO

• how often compliance reports are provided to senior management

• sufficiency of resources available to the MLRO, including the assistance of trained employees to effectively perform his duties

• unrestricted access of the MLRO to all customer information

• unrestricted access of the MLRO to all transaction information

• details and responsibilities of the deputy MLRO

• establishment of an AML training program for employees

Training

• regularity

• provision

• basis for any exceptions to staff training

• specific new starter training

• nature and content of the training material

• record-keeping of AML training

• certification that employees have received and understood training

Reporting

• procedures for internal suspicious transaction reports

• what is done with a suspicious transaction report

• procedures for reporting to the FIU and the Regulatory Authority

• reporting to the governing body

• forms

• independent monitoring

Know your customer

• know your customer (KYC) requirements in accordance with AML Regulation 9(1) by obtaining and verifying

• the true full name and current permanent addresses of customers

• the purpose of opening the account

• information with respect to the nature of business the customer intends to undertake

• details of beneficial owners

• payment details

• source of wealth

• With respect to applicants acting in the capacity of an operator of a collective investment fund, such procedures must also be relevant with respect to unitholders of the fund; documentary evidence used to verify customer identity additional KYC measures including

• verifying documents

• direct mailing

• requiring initial transactions be carried out through institutions subject to the Anti-money Laundering Rulebook (AMLR) or regulated in a FATF country

• establishing telephone contact with customers before accounts are opened

• obtaining local legal opinions on the ability of the customer to open an account and transact business

• obtaining an introduction certificate from other regulated institutions

• requiring a deposit cheque drawn on a personal account in the customer’s name

• measures to identify customers (including unitholders of a fund) as politically exposed persons (PEPs)

▪ How PEPs are monitored: due diligence process including -

▪ analysis of complex structures (trusts, multiple jurisdictions)

▪ appropriate measures to establish sources of wealth

▪ development of profiles of expected activity (transaction and account monitoring)

▪ senior management approval for account opening

▪ senior management oversight of the relationship

Money laundering risks

• assessment of the money laundering risks posed by the products and services offered

• specific policies and procedures to deal with:

• non face-to-face business relationships or transactions

• internet based products

• correspondent bank relationships

• customers from high risk countries

• PEPs

• aggregation and monitoring of significant balances and activities in accounts on a consolidated basis

Examples of suspicious activity

• relevant examples

• what staff should regard as suspicious activity

• whether staff suspicions are directly reported to the MLRO

• one off transactions compared with regular transfers

• how large cash transactions are handled

• examples of specific monitoring practices

• methodology for identifying transactions for review

Systems

• automation of processes

Record keeping

• customer records

o appropriate account opening procedures

o retention of documentation (6 years)

• transaction records

o what documentation is retained on file

o retention of documentation (means of retention, time period - 6 years)

o transaction audit trail

The AML Manual

• to be effective, AML frameworks and supporting documentation must be tailored to the business and appropriate to the nature, scale and complexity of the authorised firm

• authorised firms are expected to review the regulations and rulebooks and design a framework that ensures rules, requirements and standards will be met on a continuing basis

• the governing body is ultimately responsible for oversight and periodic review of an authorised firm’s AML framework and culture. The MLRO is responsible for implementing a continuous AML program which comprises policy, procedures, reporting and review regime

• the QFC’s Anti Money Laundering Regulations 2005 and the AML Regulations set out general and specific provisions regarding AML. The state of Qatar also has an AML regime that places obligations on authorised firms

• staff of authorised firms must be aware of the obligations imposed on the firm as well as any obligations imposed on them as individuals through the regulatory framework or through their contract of employment.

Question 11.19

E-commerce might involve, for example, distributing, buying, selling, marketing and servicing of investment products or services over electronic systems such as the Internet and other computer networks and would include activities such as electronic funds transfer, e-marketing, online transaction processing, electronic data interchange.

Questions 12.4 – 12.6

Please refer to INDI 4 & 5 for more information regarding the Regulatory Authority’s requirements regarding an authorised firm’s assessment of an individual’s fitness and propriety to perform a controlled function.

The criteria for the assessment of an individual’s fitness and propriety are set out in INDI 4.2.1 and relate to

• honesty, integrity and reputation

• competence and capability

• financial soundness

The Regulatory Authority expects authorised firms to have in place, as part of their recruitment policies, adequate systems and procedures to carry out comprehensive due diligence on individuals who will perform controlled functions. These should include, at a minimum

• the taking up of personal, academic and professional references

• standard background checks

• verification of identity

• verification of address

• verification of academic and professional qualifications

• verification of employment history, with an explanation for any significant gaps

• verification of experience

The authorised firm should keep records of its due diligence as part of its human resources procedures. The Regulatory Authority may ask to inspect those records.

The authorised firm should also make a record of its assessment of the individual’s competence and capability to perform the controlled function(s) in question. This assessment should be carried out on the basis of criteria set out in INDI 5, and should be made available for the Regulatory Authority’s inspection upon request.

Particular consideration should be given to the assessment of an individual who is to perform a customer facing function or money laundering reporting function. Firms should clearly indicate the skills, experience, background and qualifications that demonstrate competence relevant to the controlled function. Firms should consider similar experience in previous roles in the individual’s career history and the length of time in each of these roles.

Question 12.7

Under INDI 5.2, an authorised firm must implement procedures to ensure that an individual it has assessed as competent is and remains competent, taking into account the functions performed and any changes to the products and services offered by the authorised firm. Again, the Regulatory Authority may ask to inspect these procedures.

Questions 12.9 – 12.18

In establishing and documenting its IT policies, staffing, systems and security, an authorised firm should, at a minimum, consider the following matters.

IT policy and staffing

• suitability and adequacy of IT resources for the authorised firm’s business

• methodology used in deciding the viability of proposed projects

• project approval and prioritisation process

• resources to police the IT security policy

• process for dealing with security threats or security breaches

• virus management policy and procedure

• frequency of security testing

• forecast of future capacity requirements

• BCP-disaster recovery systems and frequency of testing

• administrative access to IT systems (during maintenance or for updates)

• adequate segregation of IT duties

IT systems used

• what IT systems are being used

• IT systems are sufficient to support the regulated activities

• summary of each application including the system name and primary function

• where the server is kept

• whether accounting software complies with acceptable accounting practices?

• whether internal data processing systems have a significant amount of customisation or in-house development

• whether pilot technology is used that is new to the market

• the outsourcing of any systems

• dependence on IT to provide products or services

• project management skills and monitoring and reporting processes

• the nature of business unit involvement in the implementation process

• system integration requirements

• procedures for system testing, verification, user training and IT support

• IT system security policy

Question 12.13

Please note that financial reporting must be in line with UK or US GAAP or IFRS.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download