The legal and regulatory landscape in the financial sector across the Middle East has continued to see a period of change and reform over the past year. In line with international best practice, regulators have continued their pursuit towards liberalisation and modernisation of laws to enhance business opportunities for investors. Similar themes have also been noted across the Middle East, for example, the introduction of Law No. 20 of 2019 on combating money laundering and terrorism in Qatar, the amendments to the Banking Law in Jordan in relation to corporate governance and the introduction of new laws in KSA to regulate the creation of security over movable property. It is also apparent that increased focus on the regulation of FinTech activities has been at the forefront of new regulations across the region. This is a significant recognition of the ever-growing importance that financial technology is playing in the financial sector.
This article looks back on some of the key financial services’ legal and regulatory developments in the Gulf and wider Middle East and also touches upon what’s to come.
United Arab Emirates
For the first time in the UAE, UAE Federal Law No. 8 of 2018 on Finance Lease (which came into effect on 1 January 2019) was introduced in order to provide a distinct regulatory framework for conducting finance lease business in the UAE. Key aspects of the law include: registration of a lease to make it binding on third parties and preserve priority; the requirement to obtain a licence from the Central Bank to undertake finance lease activities; and provisions relating to ownership of the asset upon expiry of its term. Compliance with the law is underpinned by strict penalties for those who are in breach.
On 28 January 2019 the Central Bank of the UAE issued Cabinet Resolution No. 10 of 2019 Concerning the Implementing Regulation of Federal Law No. of 2018 (the ‘Resolution’). The Resolution introduced a risk- based approach to be adopted by both financial institutions and designated non-financial businesses to assess a client’s money laundering risk. This includes carrying out prescribed customer due diligence to manage potential money laundering risks, submitting suspicious transaction reports to the Financial Information Unit, conducting additional risk assessment measures in respect of politically exposed persons who are UAE nationals and finally, ensuring the maintenance of records of all of the information which would be required as part of the customer due diligence process, while making this information available to the relevant authorities when so requested.
More recently, Federal Law No. (20) of 2016 on Mortgage of Movables as Guarantee for Debts has been amended pursuant to Federal Law no. 24 of 2019 (as amended, the ‘Movables Law). Two of the key amendments include: the right of an assignee under an assignment to register the assignment at the EMCR; and the Movables Law applying to mortgages by possession only. The former is a significant departure from the existing law as previously there was no requirement to register an assignment at the EMCR.
The new personal insolvency law is in force now and will seek to support individuals facing existing or anticipated financial difficulties. While, in the short term, there will be some uncertainty as to how these laws will unfold, generally they are a welcome addition to the insolvency laws introduced for companies in 2016.
Looking ahead, it is clear that regulators will remain active in the UAE during the course of 2020. The Central Bank of the UAE has proposed draft regulations for loan-based crowdfunding platforms operating in the UAE. As an attempt to develop the FinTech sector, the regulations provide a framework for licensing, regulating and monitoring loan-based crowdfunding platforms to enhance consumer protections and mitigate financial risk. Further, enhanced consumer protection measures, the regulation of crypto-assets and the regulation of outsourcing are also in the pipeline for 2020.
The Saudi Arabian Ministry of Commerce and Investment (‘MOCI’) announced, in March 2019, the issuance of the Regulations of the Unified Registry for Commercial Pledges (the ‘Regulations’). The Regulations are an important step in the implementation of the Commercial Pledge Law issued in April 2018 (the ‘CPL’). The CPL regulates the creation of security over movable property including current and future movable property as well as future rights (including receivables).
Clarity has now been provided under the Regulations as to the functions, operation and management of the registry for commercial pledges (the ‘Registry’). All services of the Registry under the Regulations will be provided electronically. The Regulations provide for the procedure for registering pledge contracts with the Registry and cancellation and renewal of such registration.
Where a specific special registry (the ‘Special Registry’) regulates the ownership of a particular movable property but does not record security interests over such property, the pledgee must ensure that the requirements for registration of pledge contracts are complied with and the Registry will notify the relevant Special Registry. In other cases, where the Special Registry registers a security interest (e.g. at the Depository Centre established by the Tadawul for listed shares), then such security interest is required to be registered at the Special Registry.
In line with the Regulations, MOCI has launched the electronic registration system to operate the Registry which allows the registration of pledge contracts (made in accordance with the CPL) for various types of movable assets.
MOCI has published the User Guide for the Regulations (the ‘User Guide’), clarifying how the Registry will be managed. The User Guide lists the processes (among others_ of: (i) registration of pledge contracts; (ii) conducting a search of the Registry; and (iii) uploading constitutional documents of the parties (to the extent relevant and applicable). The user of the Registry (KSA national/Muqeem, GCC national or SAGIA foreign investor) must first create an account through the portal: https://efile.mci.gov.sa. Following the creation of the account in the Registry, the services of the Registry can be accessed through the portal: https://rhn.mci.gov.sa.
Recognising the ever-growing importance financial technology is playing in the financial sector, the Central Bank of Kuwait (‘CBK’) has, over the past year, spent much of its time aiming to encourage and adapt to the growth of differing technology in the financial space while still trying to ensure the protection of the Kuwait financial and banking sector by adopting appropriate policies and regulations. To that end, the CBK issued the Regulatory Sandbox Framework (the ‘Framework’) with the stated objective of temporarily exempting participants from certain regulatory or licensing requirements in order to adopt and promote innovation in the Kuwait financial sector. The Framework is aimed at companies and individuals that provide financial products or services that are based on, or relate to, electronic payment of funds by using new or innovatively applied technology.
An applicant approved to participate by the CBK in the Framework has one year to complete a four-stage process. The first stage of the process is the application stage. During the application stage the participant must show the CBK that the product or service meets the eligibility criteria.
Specifically, an applicant must show: (i) that the service or product is to be launched in the local market; (ii) that the service or product does not contravene the laws and regulations of Kuwait; (iii) that the service or product has a benefit to both the customer and the market; and (iv) the service or product must be in an advanced enough development position to test.
The next stage is what the CBK is called the evaluation stage. During this stage, the applicant will be thoroughly evaluated from all technical, security and regulatory aspects relating to the service or product. The third stage is the experimental stage where, in collaboration with the CBK, the applicant initiates a technical, safety and operational testing of the proposed service or product in a controlled environment. Among other things, testing will include measuring the level of compliance of the product or service with existing CBK regulations, verifying that security measures are embedded within the proposed product or service and that customer confidentiality and privacy standards are upheld. The final stage is the accreditation stage. It is at the accreditation stage when the CBK will grant its initial approval or reject it for the proposed product or service.
The Central Bank of Bahrain (‘CBB’) issued regulations on open banking in November 2018 that apply to ‘account information service providers’ and ‘payment initiation service providers’. The regulations are the first of its kind in introducing open banking regulations in the MENA region and enables consumers’ personal information to be shared between organisations in a standardised and secured manner. Through the use of application programming interfaces, third-party financial service providers can access the information efficiently and cost effectively thus enabling the development of innovative FinTech solutions. The Open Banking Module is included in Volume 5 of the CBB Rulebook that governs ancillary service providers. In February 2019, the CBB also issued regulations to govern and license ‘regulated crypto-asset services’. Regulated crypto-asset services include trading, dealing, advisory and portfolio management services in ‘accepted crypto-assets’ either as a principal, agent, custodian or as a crypto-asset exchange within or from Bahrain. Overseas domiciled, incorporated persons and entities dealing in crypto-assets can obtain a licence and operate within Bahrain as an ‘overseas crypto-asset service license’. The Crypto Asset Module is included in Volume 6 of the CBB Rulebook that governs Capital Markets. Further, in March 2019, the CBB issued directives on ‘Digital Financial Advice’, which is the provision of financial advice using technology (also commonly known as robo-advice or automated advice). Digital financial advice is subject to a comprehensive governance and control framework given that the technology is based on algorithms and assumptions that translate consumer inputs into financial advice.
On 21 March 2019, the CBB issued Resolution No. 23 of 2019 regarding the Issuance of Regulations in respect of Short Selling and Giving Securities on Loan (the ‘Resolution’). The Resolution was issued pursuant to Article 92 of Decree No. 64 of 2006 with respect to promulgating the CBB and Financial Institutions Law. It provides that “the Central Bank shall specify the types of securities, which may be traded by loan and short sale, the terms and procedures of such transactions and the rights and obligations of all concerned parties.” The objective of this Resolution is to improve the efficiency of the capital markets in Bahrain by promoting new investment and trading strategies through diversification of investment instruments with a view to leading to better price discovery, enhanced liquidity, and attracting new sophisticated investors.
More recently in August 2019, the CBB issued regulations on insurance aggregators enabling customers to find and choose insurance quotes from several insurance companies under a single electronic platform or mobile device application. Insurance aggregators are the intermediaries with an insurance broker’s licence that operate online platforms (whether hosted on an internet website or available as a smart device application) to provide price comparisons and facilitate the purchase of insurance policies from several insurance licensees.
Finally, on 18 January 2019 and 1 August 2019, the Competition Law (Law No. 31 of 2018) and the Personal Data Protection Law (Law No. 30 of 2018) (‘PDPL’) came into force respectively. The PDPL, among other things, provides individuals with rights in relation to how their personal data is collected, processed and stored. It imposes new obligations on how businesses manage this information, including but not limited to, ensuring that personal data is processed fairly, that data owners are notified of when their personal data is collected and processed and that data owners can exercise their rights directly with businesses. Looking ahead, the draft Secured Transactions Law which has undergone industry consultation and review for the last few years is expected to come into force in 2020. The new law will significantly change the way security is created in Bahrain and will allow security to be created over future assets.
In May 2019, the Central Bank of Jordan (‘CBJ’) enacted the Amended Law No. (7) of 2019 (‘Amended Banking Law’), which amends the Banking Law No. (28) of 2000. On the corporate governance front, the Amended Banking Law seeks to better align a bank’s governance structure with its highly leveraged business model, thereby reinforcing the legitimacy of previously introduced legislative measures. For example, the Amended Banking Laws impose restrictions on board members’ remuneration and independence, as well as such members’ qualifications and experience. More importantly, the CBJ now requires every bank to establish an auditing committee for such committee’s specialised oversight over the bank’s audit processes and policies. Further, CBJ’s prior written consent is now required for the transfer of bank shares that may result in a significant change in ownership, or where there is an increase in the ownership of a significant shareholder.
With regard to facilitating greater stability within the banking industry, the CBJ introduced Instructions on Exposure Limitations and Credit Controls No. (2/2019) (‘IELCC’) for controlling risk levels borne by banks in credit grants. In line with the Basel standards, the IELCC sets the limit for a bank exposure to one single counterparty (defined as 10 per cent of Tier 1 capital) at 25 per cent of Tier 1 and requires lower thresholds for related persons. In effect, because the IELCC’s framework addresses both, on- and off-balance sheet exposures, it progressively reduces the banking industry’s exposure to concentrated risks.
Meanwhile, in light of increased usage of payment systems, the CBJ is in the process of finalising the issuance of new regulations and instructions for enhancing customer protection. Forthcoming regulations and instructions are anticipated that will require the accreditation and licensing of all international payment providers currently operating in Jordan. Such regulations and instructions aim to enhance CBJ’s oversight of this industry.
Finally, further to the Securing Rights by Moveable Assets Law No. (20) of 2018 and the Registry of Rights Over Moveable Assets Regulation No. (125) of 2018, the Ministry of Industry, Trade, and Supply has facilitated the registration and search process for security and assignment of interests over moveable assets by providing for their publication on a central registry. As such, security interest holders are advised to publish their interests by February 2020 in order to safeguard the priority of their security interests.
The Central Bank of Iraq (‘CBI’) has been active over the past year in developing Iraq’s banking infrastructure. These developments follow and supplement the successful removal of Iraq from the FATF’s list of ‘jurisdictions of strategic deficiencies’, a milestone that has catalysed the evolution of Iraq’s legal and regulatory architecture.
In line with the standards set forth under Basel III, CBI’s particular focus has shifted towards bank stability. Essential changes include CBI’s introduction of minimum liquidity thresholds, which require banks to adjust their liquidity on the basis of a delineated maturity scale model. Specifically, a bank must match high quality assets to certain liabilities on the basis of specified criteria to ensure it has the capacity to meet tentative payment obligations while it continues as a going concern. Moreover, the CBI has published a detailed stress testing manual that encompasses specifications for sensitivity and scenario analyses, among others. In addition to adjusting its operations on the basis of its specific test results and findings, a bank must submit its results and findings to the CBI in a timely manner. Standards articulated under this manual are merely floor thresholds for purposes of compliance. Furthermore, the CBI has published a comprehensive manual on risk management and internal control systems for conventional banks. This manual articulates operational and governance frameworks, among other guidelines, for a bank’s strategic plan to mitigate risks. It also encompasses supplementary guidance on stress testing.
Meanwhile, for fostering competition in the banking industry and consumer protection, two ancillary goals to bank stability, the CBI has introduced new instructions for bank mergers and acquisitions. Chiefly, these instructions require the CBI’s review and pre-approval of any potential bank merger or acquisition. This pre-approval condition permits the CBI to evaluate and, subsequently, manage, the systemic effects of bank mergers and acquisitions. Consequently, parties to a relevant transaction must submit an application to the CBI for its approval at least 60 days prior to the intended date of execution. The aforementioned application requires extensive disclosures to the CBI, including the filing of the transaction’s proposed agreement, profitability and feasibility study, and implementation plan, among others.
The regulatory regime governing the banking sector in Egypt has witnessed significant changes largely propelled by the implementation of Egypt’s general economic reform agenda with the aim of creating a more stable and safe banking industry in Egypt. It is expected that the New Banking Law, to be issued during the first quarter of 2020, will introduce a number of changes to the banking sector including, among other things: (1) strengthening the governance and independence of the Central Bank of Egypt (‘CBE’); (2) adopting internationally recognised banking standards; (3) raising the minimum capital requirements for banks operating in Egypt; and (4) regulating co-operation among the CBE, the Egyptian government and authorities tasked with monitoring the financial sector. Despite such significant developments, the recent move by Egyptian regulators towards creating robust and effective regulatory regimes, governing non-banking financial instruments has been the most notable shift in the Egyptian banking sector.
The aim of this shift is to create an inclusive non-banking financial system through the economic empowerment of marginalised groups by facilitating their access to financing. The non-banking financial market in Egypt is overseen by the Egyptian Financial Regulatory Authority (‘FRA’). A four-year strategy (2018/2022) for the development of the non-banking financial sector in Egypt has been adopted and is currently being implemented, whereby the strategy is based largely on carrying out comprehensive structural and legislative reforms. The most noteworthy regulatory updates in the non-banking financial market in Egypt include: (1) the issuance of law No. 176 of 2018 on financial leasing and factoring; (2) the issuance of a number of decisions by the FRA regulating microfinancing activities in Egypt; and (3) the introduction of amendments to the Egyptian capital markets law specifically regulating the issuance of Sukuk certificates. Expected regulatory updates in the Egyptian non-banking financial market include the issuance of a law governing consumer financing, a law governing the financing of small and medium enterprises as well as a law governing crowdfunding activities in Egypt. The FRA’s strategy also includes the proposition of appropriate legislative amendments required to adopt electronic means as an approved means of notification and as means of dealing with the entities which fall under the supervisory umbrella of the FRA.
Qatar (including Qatar Financial Centre)
The introduction of Law No. 20 of 2019 (‘New AML Law’) seeks to replace Law No. 4 of 2010 on combating money laundering and terrorism and to incorporate the latest international standards adopted by major international organisations including the Financial Action Task Force. The New AML Law focuses on increased due diligence measures and risk assessment procedures to be adopted by both financial institutions and designated non-financial businesses or professions and includes measures relating to sharing or exchanging of information and international co-operation between Qatari public authorities and their foreign counterparts. The New AML Law sees a significant increase in the penalties for violations of the provisions of the New AML Law, including financial sanctions and imprisonment for any person convicted under the New AML Law.
Following the recommendation of the International Chamber of Commerce (in co-ordination with International Chamber of Commerce, Qatar) for achieving best international practices, the Qatar Central Bank has recently introduced a unified form for letters of demand guarantee and has directed all locally licensed financial institutions to adopt the unified form. The aim is to standardise the form of the demand guarantees for all banks operating in Qatar as well as to reduce the risks associated with the interpretation and enforcement of demand guarantees, including the elimination of open-ended guarantees and the requirement to insert a termination date.
The Qatar Central Bank has also issued Decision No. (7) of 2019 on the instructions for licensing, organising and supervising the business of insurance support service providers, pursuant to the provisions of Law No. 13 of 2012 (the ‘QCB Law’) (the ‘QCB Insurance Support Service Provider Regulations’). The QCB Insurance Support Service Provider Regulations sets out a mechanism for licensing procedures and certain competencies and expertise that must be met by each insurance support service provider. The insurance support service providers include the representatives of the insurance company, insurance brokers, reinsurance brokers, insurance consultants, actuarial experts, inspection experts, damage assessment experts, insurance management company and banks authorised to practise bank insurance business.
Further the new Financial Services Rulebook issued in May 2019 (the ‘FSR’) by the Qatar Financial Markets Authority sees the replacement of the previous Financial Services Rulebook. The FSR sets out certain additional requirements in relation to the licensing and conduct of financial services activities including capital requirements for different types of brokers and financial services.
Finally, the Qatar Financial Centre (‘QFC’) has announced that the new Customer and Investor Protection Rules 2019 have been effective from 1 January 2020, and will replace the Conduct of Business Rules 2007. In addition, a new Customer Dispute Resolution Scheme Rules 2019 will be introduced by QFC effective from 1 January 2020 which will provide for the establishment of an independent body for dealing with complaints by customers of authorised firms.