Introduction

1.1.     This Policy Statement is designed to clarify the approach of the Astana Financial Services Authority (AFSA) to a start-up entity applying for the authorisation to become a Bank, as defined in Rule 1.5 of the AIFC Banking Business Prudential Rules (BBR), in the AIFC.

1.2.     This approach does not apply to a start-up entity applying for the authorisation to become an Islamic Bank as defined in Rule 1.5 of the AIFC Islamic Banking Business Prudential Rules.

What are “start-up” entities?

2.1.     The AFSA considers a start-up entity to be either:

1. (a)     a newly formed business entity that is not owned by, or is not a branch of, an existing regulated financial institution; or
2. (b)     an entity (whether newly formed or not) that is part of a Group that does not contain any entities within the Group that are subject to financial services regulation broadly equivalent to the AFSA’s regulatory regime.

The AFSA’s approach to start-up Banks

3.1.     Generally, the AFSA takes a risk-based approach in considering any authorisation applications to carry on any proposed Regulated or Market Activities by an applicant. However, the AFSA considers that the nature of the risks posed by start-up Banks are unique and broader compared to related entities of pre-existing banks, for example a branch of a bank operating in multiple jurisdictions. The AFSA considers that start-up Banks present additional potential risks including, but not limited to, the lack of an adequate or established level of systems and controls, the absence of a previous regulatory history or track-record from which the AFSA may take some assurance, and the ability of the shareholders to maintain the financial soundness to comply with regulatory requirements and be a source of financial support.

3.2.     Considering the risks associated with the establishment of start-up Banks listed above, the AFSA considers that generally an applicant for authorisation to become a Bank must be:

1. (a)       a branch or a Subsidiary of an existing bank; or
2. (b)       a newly incorporated entity that is part of a Group that contains a regulated bank or similar comparable financial institution.

3.3.     An entity that does not fall under 3.2 (a) or (b) above shall not generally be considered by the AFSA to be suitable for authorisation as a Bank, and only in the most justifiably exceptional, or strategically important cases will the AFSA consider any variations to this policy.   

3.4.     In considering relevant authorisation applications, the AFSA will take into account factors including the applicant’s or their Group’s financial position, systems and controls and whether the bank is managed by Persons who have the necessary experience, expertise and knowledge to conduct such activities and a proven track-record in doing so.

3.5.     Any applicant seeking authorisation in the AIFC as a Bank should consider the implications of the absence of a central bank in the AIFC as either a lender of last resort or the issuer of any currency. For example, the AFSA would expect such applicant to address how this fact would affect its:

1. (a)     business plan, including any impact on current or prospective credit ratings;
2. (b)     adequacy of the capital and capital management plan;
3. (c)     plans for liquidity management; and
4. (d)     ability to deal with stressed situations, including a resolution plan.

3.6.     Even though the broad categories of risks for all applicants will be identical and that the AFSA will consider each application on its own merits, the nature of risks within a bank may be amplified for the above reasons. In this regard, the broad categories of risk and some of the unique elements of those risk categories that apply to new bank operations include financial risk, governance risk, compliance risk and business/operational risk.

Financial Risk

3.7.     Any applicant seeking authorisation in the AIFC as a Bank is required to demonstrate sufficient and available financial resources to be able to meet the relevant prudential requirements specified in the BBR, on an on-going basis. This includes holding enough capital resources to cover expenses even if expected revenues take time to materialise and ensuring that all liabilities may be met as and when they fall due and by a suitable margin above this on a constant basis. In this context, new bank operations can encounter greater financial risks as they seek to establish and grow in comparison to established bank operations.

3.8.     In addition to the risk of financial soundness of a bank, detailed scrutiny will be undertaken where the source of funds and shareholders’ wealth is concentrated with a small number of individuals who will ultimately be the source of its capital funding.

Governance Risk

3.9.     Any applicant seeking authorisation in the AIFC as a Bank must demonstrate robust governance arrangements together with the fitness and propriety of all Controllers, Directors, and senior management. Where the day-to-day management in smaller entities may lie with one or two dominant individuals who may also be amongst the shareholders of the applicant, the AFSA would expect the key business and Controlled Functions (i.e. Senior Executive Officer, Finance Officer, Compliance Officer, and any other control functions, such as internal audit) to be able to apply appropriate oversight arrangements which reflect the size and complexity of the business and are sufficiently robust and independent in their decision-making. An applicant bank must also ensure that there are adequate business continuity measures, including the mitigation of key-person risk within the entity.

Business/Operational Risk

3.10.   As part of any application, a Regulatory Business Plan should describe in detail the business proposition, containing information on how the business will be conducted, including the financial projections, which are drafted considering the business-specific risks of new bank operations.

3.11.   All applicants are required to establish appropriate systems and controls to demonstrate that the affairs of the applicant are managed and controlled effectively. The nature of the systems and controls may depend on the nature, size and complexity of the business. A proposed new bank operation may need to consider which additional systems and controls may be appropriate in the initial period of its operation in the AIFC, such as increased risk or compliance monitoring appropriate to the jurisdictions of clients it will be doing business with. 

Compliance Risk

3.12.   It is expected that new bank operations in the AIFC will be able to establish a strong compliance culture that is fully embedded within the applicant, and which demonstrates a high standard of compliance and corporate governance that is expected to already exist within the bank (if a branch) or its Group (if part of a banking group). The individuals fulfilling the Compliance Officer and MLRO roles will also be expected to demonstrate to the AFSA their competence to perform the proposed roles and have adequate knowledge of the relevant sections of the AIFC Acts and, in the case of the MLRO, the wider anti-money laundering laws.

In particular, whilst existing financial services groups may have existing AML/CFT and other compliance policies, procedures, systems and controls, all applicants must have sufficient regard to the requirements of the AIFC and Kazakhstan and apply local measures that take these into account.

3.13.   The AFSA expects that relevant applicants will in their applications comprehensively address and detail how the key risks and other factors set out in this document will be identified, monitored, and controlled. Such information may significantly assist the AFSA in reviewing applications by entities wishing to establish operations as Banks, either as branch offices or subsidiaries within a banking or financial services Group.