SAMA Publishes Guidelines and Rules for Banks and Insurers

Digital-only banks will be subject to the same set of prudential requirements as other banks. Digital-only banks are required to satisfy SAMA that their proposed risk management and control policies are adequate and appropriate for monitoring and limiting risk exposures as per section D of the SAMA Banking Licensing Guidelines and Minimum Criteria. Digital-only banks are required to follow the same principles of corporate governance for banks operating in Saudi Arabia as conventional banks. To apply for a digital-only bank license in Saudi Arabia, the following conditions must be met:

• The digital-only bank should be set up as a locally incorporated joint-stock company.
• A promoter should have experience and knowledge in the financial industry; appropriate technology-related experience; and financial capacity to support setting up the digital-only bank.
• An applicant must possess a team with adequate expertise to discuss relevant aspects of the application.

Along with the application, an applicant is required to present a clearly articulated business plan, covering as a minimum the IT infrastructure plan and innovative technologies that will be rolled out, the financial projections, the targeted segment, and the proposed products and services in line with the targeted segments. An applicant is also required to submit an Internal Capital Adequacy Assessment Plan (ICAAP) and an Internal Liquidity Adequacy Assessment Plan (ILAAP). SAMA will assess the adequacy of capital of applicants on a case-by-case basis considering the scale, nature, and complexity of the operations, as proposed in the Business Plan, ICAAP, and ILAAP of the applicants. SAMA may require the applicant to appoint a qualified and experienced third-party entity (assessor) to perform assessments on the specific technical areas such as the technology/cybersecurity arrangements at the expense of the applicant. 

The actuarial work rules apply to insurance and reinsurance companies, their Boards of Directors and senior management, appointed actuaries or those who are entrusted to carry out the work on their behalf, Heads and staff of actuarial function, and actuarial services providers. The objectives of the rules are to regulate minimum standards of actuarial practice; for the role and responsibilities of appointed actuaries, along with the procedures for their appointment, for the actuarial function of insurance and/or reinsurance companies and for the authorization of actuarial services providers. The rules also aim to regulate responsibilities of the Board of Directors, senior management, and company regarding the appointed actuary and actuarial function. The rules governing insurance aggregation activities set out the requirements and controls necessary for granting the license to carry out online insurance aggregation activities in Saudi Arabia, in addition to the rules concerning the relationship between the insurance aggregator and insurance companies.

Related Links 

• Additional Licensing Guidelines (PDF)
• Actuarial Work Rules for Insurance (PDF)
• Rules Governing Insurance Aggregation Activities (PDF)

Keywords: Middle East and Africa, Saudi Arabia, Banking, Insurance, Licensing, Digital Banks, ICAAP, ILAAP, Cybersecurity, Governance, Capital Adequacy, Actuarial Function, SAMA