Corporate Governance Regulation for Insurance Companies
C 24/2022 Effective from 29/9/2022The Board of Directors,
Having perused Decretal Federal Law No. (14) of 2018 Regarding the Central Bank and Organization of Financial Institutions and Activities and the amendments thereof;
Federal Law No. (6) of 2007 Concerning the Organization of Insurance Operations, the amendments thereof and its Executive Regulations;
Insurance Authority Board of Directors' Decision number (25) of 2014 Pertinent to Financial Regulations for Insurance Companies and Insurance Authority Board of Directors' Decision number (26) of 2014 Pertinent to Financial Regulations for Takaful Insurance Companies;
Cabinet Resolution No. (42) of 2009 Concerning Insurance Company Minimum Capital Regulation, as amended;
And, based on the recommendation of the Governor and the approval of the Board of Directors;
Has resolved,
Introduction
The Central Bank seeks to promote the effective and efficient development and functioning of the insurance sector. To this end, Companies are required to implement comprehensive corporate governance frameworks to ensure their resiliency and enhance overall financial stability. In particular, Companies and Groups must have robust corporate governance policies and processes covering, but not limited to, strategy, organizational structure, the control environment, risk management responsibilities and compensation of Boards and Staff.
In implementing this Regulation and the accompanying Standards, the Central Bank's goal is to ensure that Companies' approaches to corporate governance are in line with leading international standards. The Central Bank expects that each Company will establish and implement a corporate governance framework, which provides for sound and prudent management and oversight of its business and adequately recognizes and protects the interests of policyholders.
This Regulation and the accompanying Standards establish the overarching prudential framework for corporate governance. Regulatory requirements for selected governance areas such as risk management, internal controls, compliance, outsourcing and financial reporting are established in separate Central Bank Regulations and Standards.
This Regulation and the accompanying Standards are issued pursuant to the powers vested in the Central Bank under the Central Bank Law.
This Regulation and the accompanying Standards supplement Federal Law No. (6) of 2007 On the Organization of Insurance Operations, the amendments thereof and its Executive Regulations, the Insurance Authority's Board of Directors' Decision No. (19) of 2020 Concerning the Guidance Manual for Insurance Companies and Related Professions to Submitting the Data, information and Supervisory Reports, the Insurance Authority Board of Directors' Decision number (25) of 2014 Pertinent to Financial Regulations for Insurance Companies, the Insurance Authority Board of Directors' Decision number (26) of 2014 Pertinent to Financial Regulations for Takaful Insurance Companies, and The Insurance Authority's Board of Directors Resolution No (4) of 2010 Concerning the Takaful Insurance Regulations. Additional requirements may be imposed pursuant to decisions to be issued by the Central Bank in this regard.
Objective
The objective of this Regulation is to establish the minimum acceptable standards for Companies' approach to Corporate Governance, with a view to:i. Ensuring the soundness of the Companies; and;
ii. Contributing to financial stability and policyholder protection.
The accompanying Standards supplement the Regulation to elaborate on the supervisory expectations of the Central Bank with respect to Corporate Governance for Companies.The Company's Board is in control of the Company and accordingly ultimately responsible for the Company's Corporate Governance. Since each Company may comply with elements of the minimum requirements of the Regulation and Standards in a different way, the onus is on the Board to demonstrate to the Central Bank that it has implemented a comprehensive approach to Corporate Governance and has met the requirements of the Regulation and Standards. Companies are encouraged to adopt leading practices that exceed the minimum requirements of the Regulation and Standards.
Scope of Application
This Regulation and the accompanying Standards apply to all Companies. Companies established in the UAE with Group relationships including Subsidiaries, Affiliates, or international branches, must ensure that the Regulation and Standards are adhered to on a solo and Group-wide basis.
The Central Bank will apply the principle of proportionality in the enforcement of the Regulation and Standards, whereby smaller Companies may demonstrate to the Central Bank that the objectives are met without necessarily addressing all of the specifics cited therein. The Central Bank will decide on the extent to which a Company is expected to meet the requirements.
Branches of foreign Companies licensed to operate in the State must adhere to this Regulation and Standards, or establish equivalent arrangements so as to ensure regulatory comparability and consistency, with the exception of Article (5) of this Regulation. Branches of foreign Companies must establish local governance structures that meet the objectives of Articles (2), (3) and (4) of this Regulation.
The requirements established within the Regulation and the accompanying Standards are in addition to the provisions relating to Public Joint Stock Companies in the Federal Law No. 32 of 2021 on Commercial Companies (the "Commercial Companies Law"), and the Chairman of Authority's Board of Directors' Resolution No. (3/Chairman) of 2020 Concerning approval of the Public Joint Stock Companies' Governance Guide ("SCA Regulation") or their amendments. In the event of contradiction with any provisions of the SCA Regulation, the requirements of the Central Bank's Regulation and Standards shall prevail.
The Regulation and Standards are equally enforceable and must be complied with.
Article (1): Definitions
The following terms shall have the meaning assigned to them below for the purposes of this Regulation:
1. Affiliate: An entity that, directly or indirectly, controls, is controlled by, or is under common control with another entity. The term control as used herein shall mean the holding, directly or indirectly, of voting rights in another entity, or of the power to direct or cause the direction of the management of another entity.
2. Authorised Manager: The person appointed by the foreign insurance company to manage its branch in the State.
3. Board: The Company's board of directors.
4. Central Bank: The Central Bank of the United Arab Emirates.
5. Central Bank Law: Decretal Federal Law No. (14) of 2018 Regarding the Central Bank and Organization of Financial Institutions and Activities, as amended.
6. Chief Executive Officer: The most senior executive appointed by the Board; and in the case of foreign branches, this refers to the Authorized Manager.
7. Company: The insurance company incorporated in the State, and the foreign branch of an insurance company, that is licensed to underwrite primary insurance and reinsurance, including Takaful insurance companies.
8. Compliance with Islamic Shari’ah: refers to compliance with Shari’ah in accordance with:
a. cresolutions, fatwas, regulations, and standards issued by the Higher Shari’ah Authority in relation to the Company's activities and businesses ("HSA's Resolutions"), and
b. resolutions and fatwas issued by the Internal Shariah Supervision Committee ("ISSC") of the Company, in relation to its activities and businesses ("the Committee's Resolutions"), provided they do not contradict HSA's Resolutions.
9. Conflict of Interest: A situation of actual or perceived conflict between the duty and private interests of a person, which could improperly influence the performance of his/her duties and responsibilities.
10. Control Function: Function (whether in the form of a person, unit or department) that has a responsibility in a Company to provide objective assessment, reporting and/or assurance; this includes the risk management, compliance, actuarial, internal audit and where applicable Shari’ah control and Shari’ah audit functions.
11. Controlling Shareholder: A shareholder who has the ability to directly or indirectly influence or control the appointment of the majority of the Board, or the decisions made by the Board or by the general assembly of the Company, through the ownership of a percentage of the shares or stocks or under an agreement or other arrangement providing for such influence.
12. Corporate Governance: A set of relationships between a Company's Board, Senior Management, customers and other stakeholders; and a structure through which the objectives of the Company are set, and the means of attaining those objectives and monitoring performance are determined.
13. Duty of Care: The duty to decide and act on an informed and prudent basis with respect to the Company. Often interpreted as requiring a member of the Board to approach the affairs of the Company and policyholders ahead of his/her own interests.
14. Duty of Confidentiality: The duty to observe confidentiality applies to all information of a confidential nature with which a member of the Board is entrusted by the Company or which is brought to his or her attention during or at any time after the carrying out of his/her assignment.
15. Duty of Loyalty: The duty to act in the good faith in the interest of the Company. The duty of loyalty should prevent individual Members of the Board from acting in their own interest, or the interest of another individual or group, at the expense of the Company and shareholders.
16. Financial Regulations: Insurance Authority Board of Directors’ Decision number (25) of 2014 Pertinent to Financial Regulations for Insurance Companies and the Insurance Authority Board of Directors’ Decision number (26) of 2014 Pertinent to Financial Regulations for Takaful Insurance Companies.
17. Fit and Proper Process: The evaluation of a Company's proposed members of the Board, Senior Management and other persons as determined by the Central Bank from time to time, in terms of expertise and integrity. The specific fit and proper criteria are listed in article 5.20.e.l of the Standards.
18. Government: The UAE Federal Government or one of the governments of the member Emirates of the Union.
19. Group: A group of entities which includes an entity (the ‘first entity’) and:
a. any Parent of the first entity;
b. any Subsidiary of the first entity or of any Parent of the first entity;
c. any Affiliate
20. Higher Sharfah Authority: The Higher Shari’ah Authority that was established at the Central Bank.
21. Independent Member of the Board: A member of the Board who has no relationship with the Company or Group that could lead to benefit which may affect his/her decisions. He/she must not be under any other undue influence, internal or external, ownership or control, which would impede the Independent Member's exercise of objective judgment. The Independent Member of the Board forfeits his/her independence in the cases specified in Article 5.7 of the Standards.
22. Insurance Agent: The person approved and authorised by the Company to carry out insurance operations on behalf of the Company or any of its branches.
23. Insurance Broker: The person who independently intermediates in insurance and reinsurance operations between the applicant of the insurance or reinsurance on one side and any insurance or reinsurance company on the other side and receives for his efforts commission from the insurance company or the reinsurance company with which the insurance or the reinsurance has been accomplished.
24. Material Risk Takers: Staff whose work is deemed to have a significant impact on the overall risk profile of the Company or the Group.
25. Non-Executive Member of the Board: A member of the Board who does not have any management responsibilities within the Company, and may or may not qualify as an Independent Member of the Board.
26. Parent: An entity (the ‘first entity’) which:
a. holds a majority of the voting rights in another entity (the ‘second entity’);
b. is a shareholder of the second entity and has the right to appoint or remove a majority of the Board of directors or managers of the second entity; or
c. is a shareholder of the second entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the second entity; or
d. if the second entity is a subsidiary of another entity which is itself a subsidiary of the first entity.
27. Public Joint Stock Company: A Public Joint Stock Company is a company whose capital is divided into equal and negotiable shares. The founders shall subscribe to part of such shares while the other shares are to be offered to the public under a public subscription. A shareholder shall be liable only to the extent of his share in the capital of the company, as per the Commercial Companies Law.
28. Regulations: Any resolution, regulation, circular, rule, standard or notice issued by the Central Bank.
29. Relatives: Father, mother, brother, sister, children, spouse, father-in-law, mother-in-law and children of the spouse.
30. Related Parties: The Group and its Controlling Shareholders, members of the Board and Senior Management (and their Relatives) and persons with control, joint control or significant influence over the Company (and their Relatives).
31. Related Party Transactions: Include onbalance sheet and off-balance sheet credit exposures and claims as well as dealings such as service contracts, asset purchases and sales, construction contracts, lease agreements, derivative transactions, borrowings, and writeoffs. The term transaction incorporates not only transactions that are entered into with Related Parties but also situations in which an unrelated party (with whom a Company has an existing exposure) subsequently becomes a Related Party; disclosures must reflect all Related Party events and transactions for the financial period.
32. Risk Appetite: The aggregate level and types of risk a Company is willing to assume, within its risk capacity, to achieve its strategic objectives and business plan.
33. Risk Governance Framework: As part of the overall approach to Corporate Governance, the framework through which the Board and Senior Management establish and make decisions about the Company's strategy and risk approach; articulate and monitor adherence to the Risk Appetite and risks limits relative to the Company's strategy; and identify, measure, manage and control risks.
34. Senior Management: The individuals or body responsible for managing the Company on a day-to-day basis in accordance with strategies, policies and procedures set out by the Board, generally including, but not limited to, the Chief Executive Officer, chief financial officer, chief risk officer, and heads of the compliance and internal audit functions.
35. State: The United Arab Emirates.
36. Subsidiary: An entity (the ‘first entity’) is a subsidiary of another entity (the ‘second entity’) if the second entity:
a. holds a majority of the voting rights in the first entity;
b. is a shareholder of the first entity and has the right to appoint or remove a majority of the Board of directors or managers of the first entity; or
c. if the first entity is a subsidiary of another entity which is itself a subsidiary of the second entity.
37. Staff: All the persons working for a Company including the members of Senior Management, except for the members of its Board.
38. Takaful Insurance: A collective contractual arrangement aiming at achieving cooperation among a group of participants against certain risks whereby each participant pays certain contribution amount to form an account called the participants’ account through which entitled compensations are paid to the member in respect of whom the risk has realized. The Takaful Insurance company shall manage this account and invest the funds collected therein against certain compensation.
39. Takaful Regulation: The Insurance Authority's Board of Directors Resolution No (4) of 2010 Concerning the Takaful Insurance Regulations, as amended from time to time.
Article (2): Corporate Governance Framework
1. A Company must have a Corporate Governance framework that offers comprehensive management and oversight of the Company's business in a manner that protects the rights of policyholders.
2. The Corporate Governance framework must contain the following components, at a minimum:
a. Policies that define and support the Company's strategy and objectives.
b. Definition of the roles and responsibilities of persons accountable for management and oversight.
c. Description on the manner in which decisions are taken.
d. Sound compensation practices.
e. Requirements for active engagement and communication with the Central Bank relating to the management and oversight of the Company.
f. Corrective actions for non-compliance or weak oversight, controls or management.
g. An appropriate corporate culture that promotes integrity, transparency and accountability, which leads to achieving the Company's long-term objectives and the protection of the rights of policyholders and other stakeholders.
3. A Company must establish a transparent organisational structure, at the entity level and Group-wide level if applicable, that supports its objectives, including executing the key responsibilities of the Board and specifying any delegations and the key responsibilities and authorities of its committees, Senior Management and key persons in Control Functions. In this context key persons in Control Functions refers to persons responsible for heading control functions. Groups must ensure that their Corporate Governance frameworks are appropriate to their structure, business and risks.
4. The Board and Senior Management must understand the Group organisational structures, both at the level of the legal entity and business line, and the origin and responsibility for risks posed.
5. The Board is responsible for establishing and operating a clear governance framework for the Group, which must be appropriate to the structure, business and risks of the parent Company and all its related entities, including subsidiaries, Affiliates and international branches.
6. When setting up a Group, the following factors must be taken into consideration, at both the Group and entity levels:
a. Clear division of roles and responsibilities
b. Legal obligations, governance and risks associated at each level
c. Effective coordination and communication.
7. The Board must exercise appropriate/due oversight over the Group while respecting the independent legal and governance responsibilities that might apply to the individual entities.
Article (3): Oversight and Management Responsibilities
1. The Board must ensure that a Company and, if applicable, Group has in place robust Corporate Governance policies and processes commensurate with its risk profile and the nature and scale of activity. Such policies must be based on clear segregation between the oversight function and the management responsibilities.
2. The Board must ensure that there is a clear allocation of roles and responsibilities to the Board as a whole, to committees of the Board, to Senior Management and key persons in Control Functions, in a manner that guarantees appropriate segregation of duties. The Board must supervise Senior Management through creating a flexible and transparent organisational structure that guarantees the timely flow of information to decision makers, the accountability of Senior Management towards the Board and the accountability of Board Members towards shareholders and other stakeholders.
3. The Board must oversee Senior Management and their performance in order to ensure that the Company's activities are carried out in a manner consistent with the business strategy, Risk Governance Framework, compensation and other policies approved by the Board.
4. The Board must establish a Fit and Proper Process for the selection and continued assessment of Board members, Senior Management, including key persons in Control Functions and other persons as determined by the Central Bank from time to time, and the maintenance of succession plans for Board members and Senior Management. The Board must set appropriate standards for performance, compensation and on-going training and development in line with business operations for all Staff, consistent with the long-term strategy of the Company.
5. The Board must properly disclose the financial status of the Company, and is required to provide the Central Bank with such information in a timely manner in accordance with the applicable legal framework in the State and Regulations.
6. The Board must take the necessary measures to prevent any Board member from attaining personal gain at the cost of the Company's interests.
7. The Board must approve a compensation policy that is applicable to all Staff, which does not encourage excessive risk taking and must be in line with the Company's strategy and Risk Governance Framework.
8. The Board may delegate some of its tasks, under clear and well-defined terms, in a manner that does not create undue concentration of powers with the potential to influence the Company's business negatively.
9. A Company offering Takaful Insurance must demonstrate full Compliance with Islamic Shari'ah rules and establish a sound and effective Shari'ah governance framework with the key mechanisms and functionalities to ensure effective and independent Shari'ah oversight, as per the requirements set out by the Central Bank and the Higher Shari'ah Authority.
Article (4): Corporate Culture, Business Objectives and Strategies
1. The Board must set the strategies and policies for the Company, and for supervising Senior Management in implementing the business and risk strategy to ensure that the Company meets its goals, leaving daily function responsibilities to Senior Management. Strategies and polices must cover fair treatment of policyholders; Risk Appetite; choice of lines of insurance; introduction of new products; appointing competent persons with relevant qualifications commensurate with their roles and responsibilities; pricing underwriting; provision of reinsurance cover; investment; asset-liability management and the assessment of solvency requirements.
2. The Board must establish, communicate and oversee the implementation of corporate culture and values by reinforcing appropriate norms for responsible and ethical behaviour. The Board must set the "tone from the top", particularly as it relates to the ethical behavior expectations of Staff, through approving supporting policies, including, but not limited to, a written code of conduct, a conflict of interest policy, a whistleblowing policy mechanism and an insider trading policy.
3. A Company must enter into all transactions with Related Parties on an arm's length basis, monitor these transactions, and take appropriate steps to control or mitigate the risks to Related Parties in accordance with Board approved policies and procedures.
4. The Central Bank may set, on a general or case-by-case basis, limits for exposures to Related Parties, deduct such exposures from capital when assessing capital adequacy, or require collateralisation of such exposures.
5. The allocation of responsibilities to individual Board members to serve on one of the Board's committees must take account of whether the relevant Board member exercises the independence and objectivity required to carry out the functions of the said committee. Oversight of executive functions should be performed by the non-executive Board members.
Article (5): Structure and Governance of the Board
1. A Company's Board must be sufficiently diverse in its composition. Collectively, the Board must have knowledge of all significant businesses of the Company and, if applicable, the Group. The Board must have, and continue to maintain, an appropriate balance of skills, diversity and expertise commensurate with the size, nature of activities, complexity and risk profile of the Company and, if applicable, the Group. Such skills include, but are not limited to, the lines of insurance underwritten by the Company, actuarial and underwriting risks, investment analysis, the role of control functions, finance, accounting and obligations related to fair treatment of customers.
2. A Company's Board must be comprised of at least seven (7) members and a maximum of eleven (11) members, each with a maximum three (3) year renewable term of membership. All members of the Board must be Non-Executive, of which at least one third (1/3) must be Independent Members. It is recommended the chair of the Board is an independent Member of the Board. The Board should not contain any executive members with management responsibilities in the Company.
3. The Chairman and the majority of members of the Board must be UAE nationals.
4. The maximum tenure as an Independent Member of the Board in the same Company is twelve (12) consecutive years from the date of his/her first appointment. At the expiration of the tenure, the Member is no longer regarded as Independent. On the effective date of this Regulation the calculation of the twelve (12) years will consider the time already spent by a Board member in his/her directorship at the Company. Independence of a Board member shall not be affected solely on the basis of being an employee of the parent company or any of its subsidiaries if any of them is a Government entity or a company owned by at least 75% by the Government or any of its subsidiaries.
5. a. The Chairman and the members of the Board must prevent or manage conflicts of interest, and, in particular, must not:
1. Participate in managing other Companies.
2. Compete with the Company's operations or perform any actions or activities in a private or business capacity that could conflict with the Company's interests.
3. Carry out operations of an Insurance Agent or an Insurance Broker.
4. Receive any commission from any insurance operation.
b. A member of the Board must obtain permission from the Company's Board before accepting nomination to serve on another board of a Public Joint Stock Company (PJSC) and no conflict of interest must be present. The provisions of this Article shall apply equally to persons appointed by a Government shareholder.
6. A member of the Board may hold membership in the Board of only one (1) Company in the UAE. A member of the Board may hold memberships in the boards of up to a total of five (5) PJSCs in the UAE including the Company's Board. Board memberships of PJSCs inside the Group are included within this limit.
7. If the Government owns 5% or more of the Company's capital, it may appoint persons to represent it on the Board with the same proportion to the number of members of the Board. At least one member shall be appointed if the percentage required for appointing a member exceeds that percentage. A Government-owned Company's Board composition must allow the exercise of objective and independent judgment
8. At least 20% of candidates for consideration for the Board's membership must be female.
9. The non-objection of the Central Bank must be obtained prior to the nomination, appointment or renewal of any person for membership of the Board. In all cases, a Company must immediately notify the Central Bank if it becomes aware of any material information that may negatively affect the fit and proper assessment of a member of the Board. The non-objection of the Central Bank must be obtained prior to the removal of a member of the Board during his/her term of membership.
10. The Board must meet at least six (6) times a year. The Company must appoint a secretary to the Board who is not a member of the Board and independent of the Company's management. The Board and its committees must maintain appropriate minutes, which reflect details of issues discussed, recommendations made, decisions taken, rationales and dissenting opinions.
11. a. The chair of the Board is responsible for providing leadership and for the overall effective functioning of the Board and its committees.
b. The Board may delegate specific authority, but not its responsibilities, to specialized Board committees. Each committee created by the Board must have an approved charter or other instrument that sets out its membership, mandate, scope, working procedures and means of accountability to the Board. The committees must have access to resources and to external expert advice, where needed, to ensure a collective balance of skills and expert knowledge commensurate with the nature of business, operations and complexity of the Company and the duties to be performed.
c. The Board and its committees may invite members of the Company's staff and external independent experts to attend meetings as deemed appropriate. In this context external independent experts include, but are not limited to, risk management consultants and actuarial and reinsurance professionals. Staff of the Central Bank may attend meetings of the Board and/or its committees and shall have access to their minutes and any other relevant documents.
d. The Board operational structure must include committees with responsibilities for audit, risk, nomination, investment and compensation. The Board may also establish other specialised committees (e.g. ethics, assets and liabilities).
e. The audit and risk committees must not be merged neither with each other, nor with any other Board committees. Both committees' chairs must be Independent Members of the Board, who are distinct from the chair of the Board and the chairs of other committees. The audit committee must be made up of a majority of Independent Members of the Board and include members who collectively have experience in audit practices, financial reporting, accounting and an understanding of risk management. It is recommended that the audit committee be made up of only Independent Members of the Board. The risk committee must be made up of a majority of Independent Members of the Board and include members who individually have noteworthy experience in risk management issues, practices, challenges and mitigation techniques.
f. Companies may merge the nomination and compensation committees.
12. The Board must carry out annual assessments, alone or with the assistance of external experts, of the functioning of the Board as a whole, its committees, and individual members.
13. The Board must periodically review and make recommendations to update the Company's memorandum of incorporation/articles of association if needed, along with procedural rules or other similar documents setting out its organisation responsibilities and key activities.
Article (6): Duties of Individual Board Members
1. Members of the Board must act in good faith, honesty and integrity while exercising their Duty of Care, Duty of Confidentiality and Duty of Loyalty. They are responsible for ensuring effective control over the Company's entire business.
2. Members of the Board must disclose to the Board, in a timely manner, any potential Conflict of Interest or apparent Conflict of Interest.
3. Members of the Board must exercise independent judgement and objectivity in their decision-making taking into account the interests of the Company, policyholders and stakeholders.
Article (7): Duties Related to Risk Management and Internal Controls
1. A Company must have an appropriate Risk Governance Framework that provides a Company-wide and, if applicable, Group-wide view of all material risks pursuant to the Financial Regulation and Takaful Regulation, as the case may be. This includes policies, processes, procedures, systems and controls to identify, measure, evaluate, monitor, report, and control or mitigate material sources of risk, on a timely basis. The Company's risk management function must be independent of the management and decision-making of the Company's risk-taking functions and have a direct reporting line to the Board and/or the Board risk committee.
2. The Board is responsible for the design and implementation of effective risk management systems and internal controls, approving and overseeing implementation of the Company's Risk Governance Framework and the alignment of its strategic objectives with its Risk Appetite.
3. a. A Company must have strong internal control frameworks pursuant to the Financial Regulations and Takaful Regulation, as the case may be, and establish permanent, independent and effective compliance and internal audit functions, and where applicable Compliance with Islamic Sharia'ah and internal Shari'ah audit. The Company's compliance function must have primary reporting obligations to the Chief Executive Officer and a right of direct access to the Board, the Board audit committee and Board risk committee. The Company's internal audit function must report directly to the Board or the Board audit committee.
b. The Company's actuarial function must have primary reporting obligations to the Chief Executive Officer and a right of direct access to the Board or the Board audit committee and/or Board risk committee. Further governance requirements for internal control and internal audit are contained in the accompanying Standards.
Article (8): Duties Related to Compensation
1. A Company must have a Board-approved compensation system that supports sound Corporate Governance and risk management, including appropriate incentives aligned with prudent risk-taking. Performance standards must be consistent with the long-term sustainability and financial soundness of the Company.
2. The Board, must approve the compensation of Senior Management and oversee the development and operation of compensation policies, systems and related control processes.
3. Compensation outcomes must be symmetric with risk outcomes. Compensation payout schedules must be sensitive to the time horizon of risks through arrangements that defer a sufficiently large portion of the compensation until risk outcomes become better known. The compensation framework must provide for mechanisms to adjust variable compensation, including through in year adjustment, and malus or clawback arrangements, which can reduce variable compensation after it is awarded or paid. Any arrangement conducted after the effective date of this Regulation must take claw backs and deferrals into consideration.
4. Members of the Board must be compensated only with fixed compensation comprising the payment of an annual fixed amount and the reimbursement of costs directly related to the discharge of their responsibilities. Bonus or any incentive-based mechanisms based on the performance of the Company must be excluded.
5. The compensation of Staff in the control functions of risk management, compliance and internal audit must be predominantly fixed, to reflect the nature of their responsibilities; and determined independently of the performance of the Company. The variable compensation must be based on performance targets related to their functions and independent of the lines of business they monitor and control.
6. For Senior Management and Material Risk Takers, a proportion of the total compensation must be performance-based. Provisions must be included so that compensation can be reduced or reversed based on realised risks and violations of laws, Regulations, codes of conduct or other policies, before compensation vests.
7. The annual individual bonus for Senior Management and Material Risk Takers must not exceed 100% of the fixed proportion of their total compensation. A higher bonus of up to 150% must be approved by the Board. A bonus of up to 200%) requires approval by the general assembly of the Company.
8. The annual total bonus for all Staff must generally not exceed 5% of the Company's net profit. A higher bonus must be approved by the General Assembly of the Company before disbursement, along with an attestation signed by all members of the Board that the Company is in compliance with all relevant laws and Regulations issued by the Central Bank.
Article (9): Financial Reporting and External Audit
A Company must maintain appropriate records; prepare financial statements in accordance with the International Financial Reporting Standards (IFRS) frameworks pursuant to the Financial Regulations and Takaful Regulation, as the case may be, and the instructions of the Central Bank; and publish annual financial statements bearing the opinion of an external auditor approved by the Central Bank. Governance requirements for financial reporting and external audit must be adhered to according to the accompanying Standards, Financial Regulations, and Insurance Authority's Broad of Directors' Decision No. (19) of 2020 Concerning the Guidance Manual for Insurance Companies and Related Professions to Submitting the Data, Information and Supervisory Reports.
Article (10): Communications
1. The Company's Corporate Governance policies and processes must ensure effective engagement with the Central Bank, and that timely and accurate disclosure is made on all material matters regarding the Company, including the financial situation, performance, ownership, and governance of the Company.
2. A Company must publish a comprehensive Corporate Governance statement in a clearly identifiable section of its annual report. In this regard, Corporate Governance statement refers to a periodic, integrated report that clarifies the relations between the operational and functional units of the Company and the resources they use or affect thereon. The main purpose of the Corporate Governance statement is to submit an integrated image about the operational sustainability of the Company.
More frequent disclosure of Corporate Governance matters is encouraged.
3. A Company must include in its Corporate Governance statement, the following, at a minimum:
a. clear, comprehensive and timely information about its compensation practices to facilitate constructive engagement with all stakeholders.
b. details of transactions with Related Parties during the reporting period and the aggregate amount of all Related Party exposures at the end of the reporting period.
c. an attestation in the form of a detailed report must be signed by the chair of the Board (or, in the case of a branch of a foreign Company, the Authorized Manager), confirming that all internal policies required to ensure compliance with the Central Bank's Regulations and Standards on Corporate Governance, risk management, internal controls, compliance, internal audit, financial reporting, external audit, outsourcing and, where applicable, Compliance with Islamic Sharia'ah and internal Sharia'ah audit, have been implemented and reviewed for adequacy by the Board, within the last year. Otherwise, the attestation must specify those requirements not met and the date by which the Company intends to comply fully.
Article (11): Duties of Senior Management
1. A Company must have a clearly defined organisational structure and decision-making process with authorities delegated by the Board to Senior Management.
2. Under the direction and oversight of the Board, Senior Management must carry out and manage the Company's activities in a manner consistent with the business strategy, Risk Appetite, compensation and other policies approved by the Board. They must also promote rigorous risk management and internal controls through personal conduct and transparent policies.
3. Senior Management must provide the Board with the information it requires to carry out its responsibilities, including the supervision and assessment of the performance of Senior Management.
4. Senior Management must report and take timely remedial action towards any breach of any applicable laws and Regulations or internal policies, and must maintain adequate and orderly records of the Company.
5. A member of Senior Management may not hold a Staff position in any other entity, neither inside nor outside of the Group, where applicable. A member of Senior Management may hold memberships in the boards of up to two (2) non-insurance entities outside of the Group. In addition, the members of Senior Management, with the exception of chief risk officers and heads of the compliance and internal audit functions, may hold memberships in the boards of entities inside the insurance Group. The member of Senior Management must obtain approval from the Board before accepting nomination to serve on a board in any other entity; and no conflict of interest must be present.
6. The non-objection of the Central Bank must be obtained prior to the appointment or renewal of employment contracts of any member of Senior Management and other persons as determined by the Central Bank from time to time. In all cases, a Company must immediately notify the Central Bank if it becomes aware of any material information that may negatively affect the fit and proper assessment of a member of Senior Management or any other person determined by the Central Bank.
7. a. Senior Management are subject to the same requirements as specified in sub-article (5) of Article (5) of this Regulation.
b. Staff, including Senior Management, may not represent on the Board, any of the shareholders of the Company.
Article (12): Takaful Insurance
1. A Company offering Takaful Insurance products must ensure that its Corporate Governance framework complies with the Takaful Regulation, and provides for:
a. Internal Shari'ah controls review and Shari'ah governance reporting to ensure compliance with Shari'ah rules;
b. The processes and controls for protecting the rights of the participants in line with the general terms and conditions and Shari'ah requirements;
c. Establishment of the ISSC in the governance of the Company; and
d. Transparency of financial reporting in respect of the participants' rights.
2. A Company offering Takaful Insurance must ensure compliance with the Takaful Regulation and any direction or guidance issued by the Higher Shari'ah Authority with respect to its Shari'ah governance framework.
3. A Company offering Takaful Insurance must immediately notify the Central Bank if it becomes aware of any material information that may negatively affect the fit and proper assessment or independence of an ISSC member.
4. A Company offering Takaful Insurance must issue an annual Shari'ah report stating the extent of the company's Compliance with Islamic Shari'ah and publish it within the financial statement in the Company's disclosures and other available means.
Article (13) The General Assembly
1. In all cases, the national shareholding percentage should not be less than the percentage specified in Cabinet Resolution No. (42) of 2009 Concerning Insurance Company Minimum Capital Regulation, as amended;
2. a. The Board and shareholders of a Company must ensure that national shareholding is in accordance with the minimum requirements set out in sub-article (1) of Article (13) of this Regulation and shall take reasonable measures to achieve compliance with this minimum requirement.
b. The Board shall ensure that voting decisions of a shareholder, or shareholders, at a general assembly meeting comply fully with the Central Bank Law and Federal Law No. (6) of 2007 Concerning the Organization of Insurance Operations.
3. Companies must inform the Central Bank at the time of the invitation by the Company's Board to a general assembly meeting when a proposed shareholding change is on the agenda.
4. The Central Bank may send one or more representatives to attend a general assembly meeting including when a proposed shareholding change is on the agenda, without having any right to vote. The presence of such representatives shall be stated in the minutes of meeting.
5. a. The Central Bank may take all measures it deems appropriate to maintain conduct of operations of Companies, within the frameworks and limits set by the Board of Directors of the Central Bank.
b. The Central Bank may:
1. Request to hold a meeting of a general assembly of the Company to discuss any issue the Central Bank deems important;
2. Request to include any item that the Central Bank deems necessary into the agenda of a general assembly meeting of the Company;
3. Stop the implementation of any decision issued by a general assembly of the Company in the event that it violates the laws or Regulations in force.
Article (14): Enforcement and Sanctions
1. Violation of any provision of this Regulation and the accompanying Standards may be subject to supervisory action and sanctions as deemed appropriate by the Central Bank.
2. Without prejudice to the provisions of the Central Bank Law, supervisory action and sanctions by the Central Bank may include withdrawing, replacing or restricting the powers of Senior Management or members of the Board, providing for the interim management of the Company, or barring individuals from the UAE insurance sector.
Article (15): Interpretation of Regulation
The Regulatory Development Division of the Central Bank shall be the reference for interpretation of the provisions of this Regulation.
Article (16): Publication and Application
1. This Regulation and the accompanying Standards shall be published in the Official Gazette in both Arabic and English and shall come into effect one month from the date of publication.
2. On the effective date of this Regulation, any Company which does not comply with this Regulation and the accompanying Standards, must, within ninety (90) days, provide the Central Bank with a detailed plan for coming into compliance with the requirements herein. The Central Bank will decide on the adequacy of the proposed plan. The plan should not exceed three years to ensure full compliance with requirements of this Regulation.