SAMA published additional licensing guidelines and criteria for digital-only banks in Saudi Arabia. These guidelines are applicable to digital-only bank license applications in Saudi Arabia. The guidelines must be considered as additional requirements to be met, along with the Banking Licensing Guidelines and Minimum Criteria published earlier by SAMA. The additional requirements are related to licensing conditions, capital and liquidity requirements, governance, technology and cybersecurity risks, independent assessment, outsourcing, exit plan, prudential and supervisory requirements, and consumer protection. SAMA has also published actuarial work rules for insurance and rules governing insurance aggregation activities.
Digital-only banks will be subject to the same set of prudential requirements as other banks. Digital-only banks are required to satisfy SAMA that their proposed risk management and control policies are adequate and appropriate for monitoring and limiting risk exposures as per section D of the SAMA Banking Licensing Guidelines and Minimum Criteria. Digital-only banks are required to follow the same principles of corporate governance for banks operating in Saudi Arabia as conventional banks. To apply for a digital-only bank license in Saudi Arabia, the following conditions must be met:
- The digital-only bank should be set up as a locally incorporated joint-stock company.
- A promoter should have experience and knowledge in the financial industry; appropriate technology-related experience; and financial capacity to support setting up the digital-only bank.
- An applicant must possess a team with adequate expertise to discuss relevant aspects of the application.
Along with the application, an applicant is required to present a clearly articulated business plan, covering as a minimum the IT infrastructure plan and innovative technologies that will be rolled out, the financial projections, the targeted segment, and the proposed products and services in line with the targeted segments. An applicant is also required to submit an Internal Capital Adequacy Assessment Plan (ICAAP) and an Internal Liquidity Adequacy Assessment Plan (ILAAP). SAMA will assess the adequacy of capital of applicants on a case-by-case basis considering the scale, nature, and complexity of the operations, as proposed in the Business Plan, ICAAP, and ILAAP of the applicants. SAMA may require the applicant to appoint a qualified and experienced third-party entity (assessor) to perform assessments on the specific technical areas such as the technology/cybersecurity arrangements at the expense of the applicant.
The actuarial work rules apply to insurance and reinsurance companies, their Boards of Directors and senior management, appointed actuaries or those who are entrusted to carry out the work on their behalf, Heads and staff of actuarial function, and actuarial services providers. The objectives of the rules are to regulate minimum standards of actuarial practice; for the role and responsibilities of appointed actuaries, along with the procedures for their appointment, for the actuarial function of insurance and/or reinsurance companies and for the authorization of actuarial services providers. The rules also aim to regulate responsibilities of the Board of Directors, senior management, and company regarding the appointed actuary and actuarial function. The rules governing insurance aggregation activities set out the requirements and controls necessary for granting the license to carry out online insurance aggregation activities in Saudi Arabia, in addition to the rules concerning the relationship between the insurance aggregator and insurance companies.
- Additional Licensing Guidelines (PDF)
- Actuarial Work Rules for Insurance (PDF)
- Rules Governing Insurance Aggregation Activities (PDF)
Keywords: Middle East and Africa, Saudi Arabia, Banking, Insurance, Licensing, Digital Banks, ICAAP, ILAAP, Cybersecurity, Governance, Capital Adequacy, Actuarial Function, SAMA
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.
The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.
The Basel Committee on Banking Supervision (BCBS) issued principles for the effective management and supervision of climate-related financial risks.