AFN AUT-NOTES Part 2: Notes on what the DFSA expect to see in a regulatory business plan

Click here to download the notes in PDF FormatPDF Format.

The regulatory business plan should set out the strategy and rationale for establishing an operation in the DIFC and also demonstrate how the business will be managed and controlled. We recommend you attach the regulatory business plan as a separate document, which should be no longer than 50 pages, depending on the nature and complexity of the business.

We need to understand the business model of your firm so we can ensure it is authorised for the correct Financial Services, Investment types and Client types and to enable us to assess the adequacy of your resources.

You will need to:
•   identify all the Financial Services and any other activities you intend to carry on;
•   identify all the likely business and regulatory risk factors;
•   explain at high level how you will monitor and control these risks; and
•   take into account any intended future developments.
Please remember that your description of your business is an important part of the overall application and integral to our decision making. The amount of detail submitted should be proportionate to the nature of the business you intend to carry on, and should be appropriate to the risks to your Clients.

Introduction and background

This is an opportunity to provide a very brief introduction/history of the firm, including what experience, if any, you have in carrying on the proposed business in Dubai or other jurisdictions.

Strategy and rationale for establishing in the DIFC

BP1. Business activities
Describe your proposed activities in terms of the permitted Financial Services defined in the GEN module of the DFSA Rulebook and the type of products and/or services you propose to offer, together with a rationale for these conclusions. Please document how each Financial Service listed below will relate to your day-to-day business activities.
•   Accepting Deposits;
•   Providing Credit;
•   Dealing in Investments as Principal;
•   Dealing in Investments as Agent;
•   Arranging Credit or Deals in Investments;
•   Managing Assets;
•   Advising on Financial Products or Credit;
•   Managing a Collective Investment Fund;
•   Providing Custody;
•   Arranging Custody;
•   Effecting Contracts of Insurance;
•   Carrying out Contracts of Insurance;
•   Insurance Intermediation;
•   Insurance Management;
•   Managing a Profit Sharing Investment Account;
•   Operating an Alternative Trading System;
•   Acting as the Trustee of a Fund;
•   Providing Trust Services; and
•   Providing Fund Administration.
Please note that, if the applicant is a branch of a non-DIFC entity, it may only apply for financial service activities for which its head office has already been licensed by its home state regulator.
BP2. Target markets (geographical areas)
Which markets / regions you will target.
BP3. Product(s)
Describe your financial products / investments in detail.
BP4. Clients
Describe in detail the types of Clients that you intend to target, including the approximate size of the target Client base eg institutional, high net worth, Professional Clients, Retail Clients related / group company, geographical location, high net worth, professionals, retail etc. Please refer to COB chapter 2 for Client classification.

We also expect you to identify existing and target clients, and to identify ultimate beneficial owners in relation to each client and each transaction that you are involved in. This would include understanding the beneficial ownership or having access to beneficial ownership information of holdings in any pooled investment vehicle that you manage.

Detail should also be provided as to how you plan to source your clients eg by referral, marketing, advertising or transfer from within your Group. Where Clients will be transferred, please explain, in detail, the process, timescale and the due diligence that will be undertaken to ensure full compliance with the requirements of the COB and AML modules of the DFSA Rulebook.
Document in detail how you plan to derive an income from your Clients eg premiums, commission, interest, etc.
BP5. Competition
Who do you see as your main competitors? How will you go about increasing your share of the market?

Organisational structure

BP6. Proposed legal entity structure
In this section, we are seeking information on corporate structure and the proposed legal structure and where it fits into existing operations. We want to know the type of legal entity to be used and then whether this entity will be applying as a DIFC entity or non-DIFC entity.
BP7. Relationship with group to include organogram and description of intra-group commercial activities
Organogram of group structure identifying all Controllers, ultimate beneficial owners, other shareholders and Close Links. Include a clear breakdown of percentage shareholding sizes, jurisdiction in which the entity/individual is based, identification of any other regulated entities and each entity's principal activity. Where shares are held by a trust, you must also provide details of all trustees, settlors and beneficiaries.

You should also provide narrative regarding intra-group transactions and business relationships eg guarantees, cash flows and their rationale.
BP8. Other regulators of group
Describe the extent to which overseas regulators supervise the group and whether they carry out supervision of the firm on a consolidated group basis.

Management structure and organisation (corporate governance)

BP9. Board: executive and non-executive members
Describe the board composition - experience, non-executive directors and the frequency of board meetings. Brief biographies for each individual will be helpful.
BP10. Senior management
Provide brief biographies of the senior management team of the entity/group. Indicate the allocation of individual and where applicable, shared significant responsibilities among the senior management team; as well as the titles and role descriptions of the relevant senior managers to whom significant responsibilities are allocated. Also provide the basis on which you have assessed their ability and qualifications to discharge the allocated responsibilities.
Please also provide details regarding your/group corporate governance structure in terms of how business decisions are made and controls implemented. This should include information concerning the management information flows within the firm; and how the governing body and other relevant corporate governance structures receive the information needed to run the business.
BP11. Main committees (insight into decision making and how risk will be monitored)
Describe any board committees and main committees which will make decisions, monitor and control risk. Describe the scope, remit, composition, responsibilities and reporting lines of each committee.
BP12. Organogram of legal entity eg reporting lines to demonstrate separation of functions and independence of compliance/internal audit
The employee organogram should identify the senior management / head functions with significant influence and any reporting lines to the Governing Body. Please ensure the CO and MLRO have access to both the Senior Executive Officer and board of Directors.

Proposed resources (non-financial resources)

BP13. Human resources: staffing and recruitment
Describe your proposed staffing and overall headcount including details regarding where they are located locally, regionally and globally if applicable. Outline how you will supervise, train and monitor your employees to ensure they remain fit and proper, competent and capable of performing the functions to which they are assigned.
BP14. Premises
Where is the principal/proposed principal place of business? Is it fully operational? If not, when will you have fully operational premises? When will the contract on the premises run out?
BP15. Outsourcing arrangements (if relevant)
Provide details relating to any arrangements made with third parties / Service Provider in connection with the Financial Services you are carrying on, and explain fully how the activity will be operated. Points to consider are:
•   the rationale for outsourcing/delegating;
•   function/activity/Financial Service to be outsourced / delegated;
•   whether this will be outsourced externally or to a Group entity and the name of the provider;
•   why you have chosen this entity, any contingency plan, and how you will monitor and review the third party's performance;
•   the arrangements for the selection and appointment of outsource providers and how control over the outsourced function(s) will be maintained;
•   location of third party / Service Provider.

High level controls

BP16. Risk management including risk tolerance / approach and risk policies to include credit, market, liquidity, operational, underwriting and reserving.
Identify the main external and internal risks for your business and how you intend to manage those risks. Document what policies will be in place (eg credit, market, liquidity, operational, underwriting and reserving) to mitigate these risks.
BP17. Compliance (including AML/CTF policies)
Describe the role of compliance and AML; the resourcing of the function(s) and its internal and external reporting line and how employees will be made aware of their regulatory obligations. Specify how senior management will ensure a culture of compliance is embedded in each of the business units, as well as the systems and controls that will be in place to monitor compliance. It is important that senior management and the board of a firm look to instil an appropriate culture for compliance and risk management throughout the firm. Document how you promote this eg through an appropriate remuneration policy, incentives for client retention, staff recruitment process (background checks), and management information.
Describe the AML/CTF policies and procedures that you will have in place to prevent money laundering and terrorist financing. Document whether your compliance/MLRO functions will be subject to oversight, review or audit by a parent or Group compliance function, internal audit or another internal function or external organisation. Specify the arrangements including the nature of the oversight, review or audit and the scope and frequency with which it will be undertaken.
BP18. Internal audit
Provide details of the nature, scope, remit, organisational structure, reporting lines and staffing of the internal audit function. If your firm is part of a Group, you will also need to provide details of the relationship between your internal audit function and the internal audit function of the Group.

Financial projections

BP19. Assumptions and projections demonstrating adequate financial resources

To reflect the financial projections requested in the Core Information form please document your approach to the assumptions made, capitalisation, liquidity, earnings and any associated risks. Please also describe what stress testing has been carried out in relation to expected revenues and costs. Please note assumptions and projections should cover 3 years of operation shown on a quarterly basis.

Additional notes for certain Financial Services

This section contains information that may assist you in completing the regulatory business plan if you are carrying on the following Financial Services:
•   Providing Fund Administration
•   Providing Trust Services
•   Acting as the Trustee of a Fund
You should cover each of the following points when producing your regulatory business plan. There are no supplements for these Financial Services. If you wish to conduct only these Financial Services, you are required to complete the Core Information form and regulatory business plan only.
BP20. Providing Fund Administration
Provide a description of the proposed activities you will carry on while conducting the Financial Service of Fund Administration to be provided in or from the DIFC with reference to the activities set out below and under GEN Rule 2.24:
•   processing dealing instructions including subscriptions, redemptions, stock transfers and arranging settlements;
•   valuation of assets and performing net asset value calculations;
•   maintaining the share register and Unitholder registration detail;
•   performing anti-money laundering requirements;
•   undertaking transaction monitoring and reconciliation functions;
•   performing administrative activities in relation to banking, cash management, treasury and foreign exchange; and
•   producing financial statements; or communication with participants, the Fund, the Fund Manager, investment managers, custodian, trustee, prime brokers, regulators and any other parties in relation to the administration of the fund.
A description of any other administrative functions or services proposed which are not captured by the above activities.

A description of any circumstances where the Fund Administrator will not be appointed either by the Fund itself, or the Manager of the Fund. Details should be provided of any sub-delegation arrangements.

A description of the arrangements for the maintenance of records in compliance with section CIR 5.1.6 - CIR 5.1.7.

If your services involve holding cheques to the order of a Fund's bank account, or holding a mandate over a Fund's bank account, an outline of the circumstances and the controls that you will have in place to ensure compliance with CIR Rule 5.1.3 will need to be given.
BP21. Providing Trust Services
In conjunction with Part 2 of these notes your regulatory business plan should also describe the nature of the activities you will carry on while conducting the Financial Service of Providing Trust Services.

Detail regarding the following activities as per GEN Rule 2.23.1:
•   the provision of services with respect to the creation of an express trust;
•   arranging for any Person to act as a trustee in respect to any express trust;
•   acting as trustee in relation to an express trust;
•   the provision of Trust Administration Services in relation to an express trust; or
•   acting as a protector or enforcer in relation to an express trust.
Please refer to GEN Rule 2.23.1 and COB chapter 5. Please note the activity of Providing Trust Services does not include the activity of Acting as the Trustee of a Fund, which is a separate Financial Service.

How you will mitigate the potential for any money laundering risks inherent to the structures used by trusts / express trusts. Please refer to the AML module of the DFSA Rulebook.

Whether you will be delegating any duties or powers and outline the circumstances and the controls that you will operate to ensure compliance with COB Rule 5.2.9.

A description of the procedures that ensure regular reviews are conducted in accordance with COB Rule 5.3.1. A description of your arrangements to ensure compliance with the principle of dual control detailed at COB section 5.5. A description of your procedures for conducting due diligence on settlors, trustees and principal named beneficiaries in accordance with COB section
BP22. Acting as the Trustee of a Fund
You should provide the full name and business address of the Trustee. Indicate whether the Trustee is an Authorised Firm authorised to Act as the Trustee of a Fund; or an applicant to be an Authorised Firm.

Confirm whether the Operator has entered or will enter into a Trust Deed with the Trustee in accordance with the requirements of Art 13 of the Investment Trust Law 2006 and other applicable requirements under the Collective Investment Law and CIR Rules.

What resources you will have to carry out the duties of the Trustee as required under Part 5 of the Investment Trust Law 2006, and how you will ensure a Trustee has the requisite experience and independence.

What measures you will take before carrying out an Operator's instructions to ensure that those measures comply with the requirements of CIR Rules 7.1.3 (1) and (2) (concerning the issue of Units). The arrangements you will implement to ensure the Fund'sUnitholder register is maintained in accordance with CIR Rule 8.7 and the Investment Trust Law 2006.

If you intend to delegate the Financial Service of Providing Fund Administration and Providing Custody and whether under CIR Rule 8.12.3 you have obtained consent from the Fund Manager. If so, please provide full details, including the name of the Service Provider(s) involved, details of whom it is regulated by, and a summary of the due diligence required under CIR Rule 8.12.4 and App 1.

If you will you be carrying out the fund oversight function required under the CIR Rules in respect of the Fund, please describe what arrangements you will implement in order to ensure you are meeting your obligations under CIR Rules (concerning general oversight duties).