SAMA published additional licensing guidelines and criteria for digital-only banks in Saudi Arabia. These guidelines are applicable to digital-only bank license applications in Saudi Arabia. The guidelines must be considered as additional requirements to be met, along with the Banking Licensing Guidelines and Minimum Criteria published earlier by SAMA. The additional requirements are related to licensing conditions, capital and liquidity requirements, governance, technology and cybersecurity risks, independent assessment, outsourcing, exit plan, prudential and supervisory requirements, and consumer protection. SAMA has also published actuarial work rules for insurance and rules governing insurance aggregation activities.
Digital-only banks will be subject to the same set of prudential requirements as other banks. Digital-only banks are required to satisfy SAMA that their proposed risk management and control policies are adequate and appropriate for monitoring and limiting risk exposures as per section D of the SAMA Banking Licensing Guidelines and Minimum Criteria. Digital-only banks are required to follow the same principles of corporate governance for banks operating in Saudi Arabia as conventional banks. To apply for a digital-only bank license in Saudi Arabia, the following conditions must be met:
- The digital-only bank should be set up as a locally incorporated joint-stock company.
- A promoter should have experience and knowledge in the financial industry; appropriate technology-related experience; and financial capacity to support setting up the digital-only bank.
- An applicant must possess a team with adequate expertise to discuss relevant aspects of the application.
Along with the application, an applicant is required to present a clearly articulated business plan, covering as a minimum the IT infrastructure plan and innovative technologies that will be rolled out, the financial projections, the targeted segment, and the proposed products and services in line with the targeted segments. An applicant is also required to submit an Internal Capital Adequacy Assessment Plan (ICAAP) and an Internal Liquidity Adequacy Assessment Plan (ILAAP). SAMA will assess the adequacy of capital of applicants on a case-by-case basis considering the scale, nature, and complexity of the operations, as proposed in the Business Plan, ICAAP, and ILAAP of the applicants. SAMA may require the applicant to appoint a qualified and experienced third-party entity (assessor) to perform assessments on the specific technical areas such as the technology/cybersecurity arrangements at the expense of the applicant.
The actuarial work rules apply to insurance and reinsurance companies, their Boards of Directors and senior management, appointed actuaries or those who are entrusted to carry out the work on their behalf, Heads and staff of actuarial function, and actuarial services providers. The objectives of the rules are to regulate minimum standards of actuarial practice; for the role and responsibilities of appointed actuaries, along with the procedures for their appointment, for the actuarial function of insurance and/or reinsurance companies and for the authorization of actuarial services providers. The rules also aim to regulate responsibilities of the Board of Directors, senior management, and company regarding the appointed actuary and actuarial function. The rules governing insurance aggregation activities set out the requirements and controls necessary for granting the license to carry out online insurance aggregation activities in Saudi Arabia, in addition to the rules concerning the relationship between the insurance aggregator and insurance companies.
- Additional Licensing Guidelines (PDF)
- Actuarial Work Rules for Insurance (PDF)
- Rules Governing Insurance Aggregation Activities (PDF)
Keywords: Middle East and Africa, Saudi Arabia, Banking, Insurance, Licensing, Digital Banks, ICAAP, ILAAP, Cybersecurity, Governance, Capital Adequacy, Actuarial Function, SAMA
In a letter addressed to the industry, the Australian Prudential Regulation Authority (APRA) set out an updated schedule of policy priorities for the banking, insurance, and superannuation industries.
The European Commission (EC) adopted a comprehensive review package of Solvency II rules in the European Union.
The Office of the Comptroller of the Currency (OCC) issued Versions 1.0 of the "Earnings" and "Regulatory Reporting" booklets of the Comptroller's Handbook.
The European Central Bank (ECB) published results of its economy-wide climate stress test, which aimed to assess the resilience of non-financial corporates and euro area banks to climate risks.
The European Banking Authority (EBA) published a report on the use of digital platforms in the banking and payments sector in European Union.
The Hong Kong Monetary Authority (HKMA) published updates on the policy measures that were announced in context of the ongoing pandemic.
The International Swaps and Derivatives Association (ISDA), along with several other associations, submitted a joint response to the Basel Committee on Banking Supervision (BCBS) consultation on preliminary proposals for the prudential treatment of cryptoasset exposures.
BIS published the September issue of the Quarterly Review, which contains special features that analyze the rapid rise in equity funding for financial technology firms, the effectiveness of policy measures in response to pandemic, and the evolution of international banking.
The Basel Committee for Banking Supervision (BCBS) met in September 2021 and reviewed climate-related financial risks, discussed impact of digitalization, and welcomed efforts by the International Financial Reporting Standards (IFRS) Foundation to develop a common set of sustainability reporting standards
The Office of the Comptroller of the Currency (OCC) issued a Cease and Desist Order against MUFG Union Bank for deficiencies in technology and operational risk governance.