AFN AUT-NOTES Part 1: Core Information form notes

Past version: effective from 28/04/2011 - 31/08/2014
To view other versions open the versions tab on the right

Click here to download the notes in PDF FormatPDF Format.

This section contains information that may assist you in completing the Core Information form. Each note below relates to a question or statement in the Core Information form. Eg CF6 provides information to help you to complete the matrix at CF6 of the Core Information form.

Section 1

General information

CF1. -
CF2. We want information about the legal nature of your firm. Please refer to GEN Rule 7.2.2 – 7.2.3.
CF3. There are generally two high-level categories of firms applying to be Authorised Firms: DIFC entities and non-DIFC entities (or Branches).

DIFC entities are firms that have been created under DIFC legislation, such as DIFC Company Law or DIFC General Partnership Law.

Non-DIFC entities are firms that have been created outside of the DIFC under the laws of another jurisdiction, but who want to establish a place of business in the DIFC. Such firms are commonly referred to as Branch offices. Note that legally, the Branch is not a separate legal person to the firm.
CF4. Start-up entities are either new Financial Services businesses or existing Financial Services businesses which have not been subject to Financial Services regulation. Please refer to the section 2-5 of the RPP Sourcebook module.
Please note the DFSA does not accept applications for start-up banks.
CF5. Give the name of the supervisory contact person from the relevant regulator including postal address, telephone number, fax number and e-mail address.
CF6. Please refer to the GEN module for further details about Financial Services and Investment types. Please refer to GEN APP 4 for details about classes of insurance.
CF7. Please refer to GLO for the definition of Islamic Financial Business.
CF8. If you wish any of the DFSA Rules waived or modified you must submit the Form SUP 2.
CF9. Please refer to COB chapter 2 for Client classification.
CF10. If the company is going to be formed in the DIFC, please answer 'in formation'.
CF11. Your financial year-end will be used to determine the regulatory reporting requirements.
CF12. You will need to give details of any trading name(s) which you propose to use for the purpose of, or in connection with, any business carried out in or from the DIFC, if these are different from your legal name.
CF13. If you answered "yes", please detail whether you are reliant on IT systems for programmed trades and / or proprietary trading, that the firm has created/implemented and the degree of complexity involved. Indicate whether the firm's IT systems automatically interface with Clients and/or third parties such as traders.
Please note that you should answer "no" if a firm may be merely reliant on standard off the shelf products (e.g. Microsoft Office) which the majority of businesses use in their day-to-day activities.


CF14. Please refer to GEN Rule 11.8.3 for the definition of Controller.

Contact details

CF15. The contact person named should be the person who is responsible for the application during the authorisation process and who will liaise with the DFSA. This person must be a representative of the company. It may be helpful to provide a second contact name as back-up.
CF16. If you do not have an adviser assisting you with this application please go to question CF18.
CF17. You may have a professional adviser assisting with the application process. Please tick "yes" if the DFSA should copy correspondence in relation to this application to the adviser.
CF18. You need to give the full address of the registered and current / proposed place of business in the DIFC or Dubai. It is expected that prior to submitting this application you will have already approached the Dubai International Financial Centre Authority (DIFCA) in relation to securing premises.
CF19. Whether you are a DIFC or non-DIFC entity please provide your head office address.
CF20. -
CF21. You will need to state the name of your auditor, their address, the relevant contact person, telephone number and fax number. For Domestic Firms the auditor must be an auditor registered with the DFSA in accordance with GEN Chapter 8.


This section is a check list of all the documents you may need to submit to support your application. Please also see the section entitled Compulsory supporting documents.
CF22. Regulatory business plan

Please refer to 'Part 2: Notes on what the DFSA expect to see in a regulatory business plan'.
CF23. -
CF24. -
CF25. -
CF26. -
CF27. AUT-IND 1 forms

You must fill in an AUT-IND1 form for each individual who will be performing a Licensed Function. An Authorised Individual is a person who is approved by the DFSA to perform a Licensed Function for an Authorised Firm. Licensed Functions are defined in GEN Section 7.4. A person may perform more than one Licensed Function. However we do not expect to see the same individual carrying out both business and control responsibilities for example Senior Executive Officer and Compliance Officer roles.
CF28. Audited accounts

Your most recent audited accounts including the balance sheet, P&L and cash flow statement. (Where audited accounts are unavailable please supply interim unaudited accounts or management accounts.)
CF29. Audited group accounts (if applicable)

The Group's most recent audited accounts including the balance sheet, P&L and cash flow statement. (Where audited accounts are unavailable please supply interim unaudited accounts or management accounts.)
CF30. Financial projections

Please attach the following financial projections and assumptions commencing at the time of authorisation and on a quarterly basis for each of the first three financial years after licensing:
•   Balance sheet (if applicable)*
•   Profit and loss account, split into income streams; and
•   Cash flow statement (if applicable)*
Please provide the figures in the DFSA reporting return format relevant to the proposed Category of the applicant firm. A list of the key assumptions supporting these financial projections must also be submitted.

*These items may not be applicable in the case of a Branch

The financial projections requested here are generic in nature. Other forms may request additional information according to the Financial Services to be conducted eg Insurance Business.

Using the figures provided in your projections please attach a calculation showing your Capital Resources versus your Capital Requirement at the time of authorisation and quarterly for three financial years.

•   For Accepting Deposits, Providing Credit, Insurance Intermediation and Investment Business the Capital Requirement is the highest of the amounts outlined in PIB 2.3. The Capital Resources calculation should be performed in line with PIB 2.6 and the provisions in PIB sections 2.7 - PIB 2.10, and PIB chapters 4 and 5 as applicable.
•   For Insurance Business the Adjusted Capital Resources, Adjusted Cellular Capital Resources and Adjusted Non Cellular Capital Resources calculation should be performed in line with PIN sections 4.3 and 4.4 as applicable
•   For Insurers conducting Insurance Business as a Protected Cell Company an applicant will be required to demonstrate that it has adequate Capital Resources, Cellular Capital Resources, Adjusted Cellular Capital Resource or Adjusted Non Cellular Capital Resources (as applicable) to meet the Minimum Capital Requirement for the business it proposes to undertake.
Financial reporting and returns For Accepting Deposits, Providing Credit, Insurance Intermediation and Investment Business:
•  The prudential Rules are contained in the PIB module of the DFSA Rulebook
•   Chapter 1 of the PIB module provides the Rules in respect of the preparation and submission of returns
•   The relevant returns can be found in the PRU-EPRS Sourcebook, including instructional guidelines as to their use
•   Editable electronic versions of the return forms can be obtained from the DFSA
For Insurance Business:
•   The prudential Rules are contained in the PIN module of the DFSA Rulebook
•   Chapter 6 of PIN module provides the Rules in respect of the preparation and submission of returns
•   The relevant returns can be found in the PRU-EPRS Sourcebook, including instructional guidelines as to their use
•   Editable electronic versions of the return forms can be obtained from the DFSA
ISAE 3400 – The Examination of Prospective Financial Information
If you are applying to be a prudential Category 1 or 2 firm or an Insurer, you are required to submit to the DFSA a copy of the ISAE 3400 Examination of Prospective Financial Information report completed by the applicant's auditor. This is a standard implemented by IFAC (International Federation of Accountants). Under this report the auditor is required to obtain sufficient evidence to ascertain whether
•   Assumptions on which the prospective financial information is based are not unreasonable
•   Prospective financial information is properly prepared on the basis of the assumptions
•   The prospective financial information is properly presented and all material assumptions disclosed and a clear indication as to whether the assumptions are best estimate or hypothetical
•   Prospective financial information is prepared on a consistent basis with historical financial statements
CF31. Evidence of source of funds for start-up

Provide supporting evidence of the original source of funds which will be used to provide your initial Capital Resources. We usually require details of how the money sourced for the start-up entity has been generated. Please provide a bank reference. You may be asked for a declaration that the funds are not from the proceeds of crime.

Compulsory supporting documents

The documents required in this section can be self-certified by all firms except start-up firms who will need to supply all the documentation as part of the application. You should be aware that you may still be asked to supply all or any of the documents as part of the application.
CF32. Compliance manual This is a critical document which will impact the decision whether the firm should be authorised. The DFSA prefers that the compliance procedures are incorporated in one manual. Once you receive authorisation, our Supervision team will visit and ask to see the manual. The manual should include the points mentioned below. Please note this is not an exhaustive list.
•   the structural oversight and reporting arrangements that will ensure you continually meet your compliance obligations under applicable legislation in the DIFC;
•   how compliance reports are prepared, authorised, disseminated and followed up;
•   policies and procedures, systems and controls, and customer documentation should cover areas such as client classification, marketing material, suitability, disclosure of fees and commissions, inducements, and segregation of Client Assets;
•   how compliance breaches are detected, recorded, categorised and rectified;
•   how the DFSA and other Financial Services Regulators, if applicable, will be kept appraised of all relevant breaches;
•   how you will keep yourself updated on any changes to applicable legislation in the DIFC and DFSA Rules;
•   the arrangements for handling, resolving and recording complaints, with particular reference to the requirements of GEN chapter 9 (Complaints Handling and Dispute Resolution);
•   how you will embed a positive mind-set towards compliance issues in all your employees, not just your compliance staff;
•   how you will ensure compliance by any Person under a material outsourcing or delegation arrangement with relevant requirements and procedures;
•   how you will determine and maintain records of your Client verification;
•   how you will ensure training and competence are embedded into the culture of your firm;
•   who will be responsible for reviewing the compliance plan, how often the plan will be reviewed and what process will be followed;
•   how you will ensure compliance with financial reporting and regulatory Capital Requirements;
•   does the firm have a conflicts management policy? Describe how senior management and the board will identify and manage conflicts of interest between different clients, and between the firm and clients. We want to know how you plan to manage conflicts that may arise in the course of your business.
•   describe your employee code of conduct and how you deal with Employee Personal Account Transactions. Please see COB section 6.2;
If you want to carry on a Financial Service with or for a Retail Client, you must apply for and obtain a Licence endorsement ("Retail Endorsement"). An application for a Retail Endorsement can be made to the DFSA by an existing Authorised Firm or a new applicant. We will grant a Retail Endorsement only if we are satisfied that you can provide Financial Services to Retail Clients in accordance with all the regulatory requirements applicable to the relevant Financial Service.

You should also be able to demonstrate that your systems and controls (including policies and procedures) adequately provide for compliance with the requirements specifically dealing with Retail Clients, in particular:
•   marketing materials intended for Retail Clients;
•   content requirements for Client Agreements for Retail Clients;
•   suitability assessment for recommending a financial product for a Retail Client;
•   disclosure of fees and commissions and any inducements, to a Retail Client;
•   segregation of Client Money and/or Client Investments, where relevant.
Your systems and controls must be adequate to ensure on an ongoing basis, that your employees remain competent and capable to perform the functions which are assigned to them, including any additional factors that may be relevant if their functions involve interfacing with Retail Clients.

The adequacy of your Complaints handling policies and procedures will also be reviewed. You must have Complaints handling policies and procedures that meet the requirements in GEN chapter 9.

Your policies and procedures must provide for fair, consistent and prompt handling of Complaints. In addition to the matters set out in GEN chapter 9, the policies and procedures should explicitly deal with how you ensure that:
•   employees dealing with Complaints have adequate training and competencies to handle Complaints, appropriate impartiality and sufficient authority (see GEN Rules 5.3.19, 9.2.7 and 9.2.8);
•   a Retail Client is made aware of the firm's Complaints handling policies and procedures before obtaining its services (see COB Rule A2.1.2(1)(h)); and
•   your firm's Complaints handling policies and procedures are freely available to any Retail Client upon request.
CF33. Anti-money laundering procedures Your anti-money laundering procedures should include, amongst other things, arrangements to:
•   Ensure compliance with UAE Law No 4 and any other relevant UAE federal laws. The only exception is if another jurisdiction's laws or regulations prevent or inhibit you from complying with UAE Law No 4 or the DFSA Rules; in which case you should tell us. Also note that should such an event arise after you are authorised, you are obliged to notify us promptly in writing;
•   Ensure compliance with relevant resolutions or sanctions issued by the United Nations Security Council. Please refer to GEN Rule 5.3.29;
•   Monitor for, detect and report suspicious customers and transactions. You should ensure your procedures comply with the requirement for Suspicious Transaction Reports (STRs), to be made in the required format to the Anti-Money Laundering Suspicious Cases Unit (AMLSCU), with a copy provided to the DFSA. Details of the required format of the report and details for submission can be found on the DFSA website;
•   Establish and verify the identity of the customer and any other person on whose behalf the customer is acting, including that of the beneficial owner. Details will need to be provided if you intend to delegate any aspect of the customer identification process to a qualified professional or the Unitholder verification process to a Fund Administrator;
•   Establish and verify your business partners' identities, including correspondent banks;
•   Provide an audit trail of transactions;
•   Determine the duties and obligations of your Money Laundering Reporting Officer (MLRO);
•   Review the effectiveness of your Anti-Money Laundering policies, procedures, systems and controls at minimum on an annual basis;
•   Respond to any request for information made by UAE authorities or the DFSA. You will need to state where customer or Unitholder identification records will be kept and, if these are outside of the UAE, whether there is any secrecy or data protection legislation that would restrict access by you, the DFSA or the law enforcement agencies of the UAE. If this is the case, you will need to provide details of the arrangements that it will be put in place to ensure copies of these records are kept in a jurisdiction which allows access;
•   Maintain AML relevant documents and records;
•   Ensure that you obtain and make use of findings in relation to names of persons, groups, organisations or entities, or any other body where suspicion of money laundering or terrorist financing exists;
•   Assess your risks in relation to money laundering and perform enhanced due diligence investigations for higher risk products, services and customers;
•   Determine whether a customer is a Politically Exposed Person (PEP) and address the associated risks accordingly;
•   Establish and maintain anti-money laundering training programmes and awareness sessions. This should include a description of the arrangements in place to ensure you obtain and use any government, regulatory and international findings;
•   Ensure compliance with any other obligation in the DFSA's AML module. You must have arrangements in place to provide appropriate Anti-Money Laundering training (including the internal reporting duties and Client identification duties) to your employees. Please provide full details of what training you will provide for all your relevant employees and whether the MLRO will be in charge of this training. If the MLRO will not be in charge, then give the full name and job title of the person who will be;
•   If you will be Providing Fund Administration, ensure such procedures are also relevant with respect to Unitholders of a Fund;
•   If you will be Providing Trust Services, ensure such procedures include due diligence for settlors, trustees and principal names beneficiaries in accordance with COB section 5.10.
•   You will need to provide the details of the Deputy Money Laundering Reporting Officer, including surname/family name and given name.
•   You will need to state whether your Anti Money Laundering function will be subject to oversight, review or audit by either your Parent's Anti Money Laundering function, internal audit or another internal function or external organisation. If so, you will need to specify the arrangements including the nature of the oversight, review or audit and the scope and frequency with which it will be undertaken.
•   AML Rule 3.4.1 requires a firm to take reasonable steps to verify the identity of its customers. Please detail the policies, procedures, systems and controls that you will put in place to ensure that sufficient evidence of the identity of all your Clients (or a Fund'sUnitholders, if relevant) will be obtained.
•   Detail the procedures or systems that you will put in place to ensure that "Know Your Customer" (KYC) or Unitholder information is made available to your relevant employees. In addition, are there any systems that will be set up to obtain further information;
•   Detail the proposed disciplinary steps that you will put in place for any employee who fails to report promptly to the MLRO any suspicion or beliefs that money laundering is occurring as required in AML section 3.5;
•   Describe the record keeping arrangements you will put in place for records, as specified in the AML module of the DFSA Rulebook.
CF34. Compliance monitoring programme

Your programme should document how compliance is monitored within the business units.
CF35. Risk management policies

Your policy document should describe the risk management arrangements you will establish and maintain to identify, assess, mitigate, control and monitor the risks arising from the Financial Services activities carried on in or from the DIFC. Such arrangements should also take into account any Funds for which you are acting as the Manager.
Include the following: the nature, scope and organisational structure of your risk management functions; the reporting lines and nature, scope and frequency of risk reporting, including the composition and terms of reference of any risk committees and any appropriate links to Group risk reporting.


The application fee will vary according to the Financial Services to be carried on. Comprehensive details of fees can be found in the Fees module of the DFSA Rulebook.

Section 2 - Regulatory business plan

Please refer to 'Part 2: Notes on what the DFSA expect to see in a regulatory business plan'.

Section 3 – Prudential regulatory reporting

CF36. To determine the prudential Category relevant to you, please refer to PIB section 1.3. If you are conducting the Financial Services of Effecting Contracts of Insurance and/or Carrying out Contracts of Insurance, please answer "Insurer".
CF37. Refer to GEN section 8.2 to determine the accounting standards to be used in preparing your financial accounts and statements. The expected standard is International Financial Reporting Standards (IFRS) / Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI). If you are using a different standard you will need to apply for a waiver.
CF38. -

Section 4 – Fit and Proper questionnaire & Declaration

CF39-44. These questions are self-explanatory and are focused on the fitness and propriety of the firm. If you answer yes to any question please supply all relevant information - openness and honesty are essential. Should we need to examine your application more closely because of any disclosures you make, this will not necessarily count against you. However, deliberately withholding information or providing false or misleading information, will adversely impact the success of your application. If in doubt, disclose.