SAMA published additional licensing guidelines and criteria for digital-only banks in Saudi Arabia. These guidelines are applicable to digital-only bank license applications in Saudi Arabia. The guidelines must be considered as additional requirements to be met, along with the Banking Licensing Guidelines and Minimum Criteria published earlier by SAMA. The additional requirements are related to licensing conditions, capital and liquidity requirements, governance, technology and cybersecurity risks, independent assessment, outsourcing, exit plan, prudential and supervisory requirements, and consumer protection. SAMA has also published actuarial work rules for insurance and rules governing insurance aggregation activities.
Digital-only banks will be subject to the same set of prudential requirements as other banks. Digital-only banks are required to satisfy SAMA that their proposed risk management and control policies are adequate and appropriate for monitoring and limiting risk exposures as per section D of the SAMA Banking Licensing Guidelines and Minimum Criteria. Digital-only banks are required to follow the same principles of corporate governance for banks operating in Saudi Arabia as conventional banks. To apply for a digital-only bank license in Saudi Arabia, the following conditions must be met:
- The digital-only bank should be set up as a locally incorporated joint-stock company.
- A promoter should have experience and knowledge in the financial industry; appropriate technology-related experience; and financial capacity to support setting up the digital-only bank.
- An applicant must possess a team with adequate expertise to discuss relevant aspects of the application.
Along with the application, an applicant is required to present a clearly articulated business plan, covering as a minimum the IT infrastructure plan and innovative technologies that will be rolled out, the financial projections, the targeted segment, and the proposed products and services in line with the targeted segments. An applicant is also required to submit an Internal Capital Adequacy Assessment Plan (ICAAP) and an Internal Liquidity Adequacy Assessment Plan (ILAAP). SAMA will assess the adequacy of capital of applicants on a case-by-case basis considering the scale, nature, and complexity of the operations, as proposed in the Business Plan, ICAAP, and ILAAP of the applicants. SAMA may require the applicant to appoint a qualified and experienced third-party entity (assessor) to perform assessments on the specific technical areas such as the technology/cybersecurity arrangements at the expense of the applicant.
The actuarial work rules apply to insurance and reinsurance companies, their Boards of Directors and senior management, appointed actuaries or those who are entrusted to carry out the work on their behalf, Heads and staff of actuarial function, and actuarial services providers. The objectives of the rules are to regulate minimum standards of actuarial practice; for the role and responsibilities of appointed actuaries, along with the procedures for their appointment, for the actuarial function of insurance and/or reinsurance companies and for the authorization of actuarial services providers. The rules also aim to regulate responsibilities of the Board of Directors, senior management, and company regarding the appointed actuary and actuarial function. The rules governing insurance aggregation activities set out the requirements and controls necessary for granting the license to carry out online insurance aggregation activities in Saudi Arabia, in addition to the rules concerning the relationship between the insurance aggregator and insurance companies.
- Additional Licensing Guidelines (PDF)
- Actuarial Work Rules for Insurance (PDF)
- Rules Governing Insurance Aggregation Activities (PDF)
Keywords: Middle East and Africa, Saudi Arabia, Banking, Insurance, Licensing, Digital Banks, ICAAP, ILAAP, Cybersecurity, Governance, Capital Adequacy, Actuarial Function, SAMA
BIS published a paper that provides an overview on the use of big data and machine learning in the central bank community.
APRA finalized the reporting standard ARS 115.0 on capital adequacy with respect to the standardized measurement approach to operational risk for authorized deposit-taking institutions in Australia.
ECB published a guide that outlines the principles and methods for calculating the penalties for regulatory breaches of prudential requirements by banks.
MAS and The Association of Banks in Singapore (ABS) jointly issued a paper that sets out good practices for the management of operational and other risks stemming from new work arrangements adopted by financial institutions amid the COVID-19 pandemic.
ACPR announced that a new data collection application, called DLPP (Datalake for Prudential), for collecting banking and insurance prudential data will go into production on April 12, 2021.
BCB announced that the Financial Stability Committee decided to maintain the countercyclical capital buffer (CCyB) for Brazil at 0%, at least until the end of 2021.
EIOPA has launched a European-wide comparative study on non-life underwriting risk in internal models, also kicking-off of the data collection phase.
SRB published an overview of the resolution tools available in the Banking Union and their impact on a bank’s ability to maintain continuity of access to financial market infrastructure services in resolution.
EBA is consulting on the implementing technical standards for Pillar 3 disclosures on environmental, social, and governance (ESG) risks, as set out in requirements under Article 449a of the Capital Requirements Regulation (CRR).
ESAs Issue Advice on KPIs on Sustainability for Nonfinancial Reporting