Outsourcing Compliance Services in the DIFC:
DIFC is one of the world’s top eight onshore financial centers and offers a secure and efficient platform for businesses and financial institutions to reach into and out of the emerging markets of the region. The quality and independence of DIFC’s regulator, the prevailing common law framework, excellent infrastructure and tax efficiencies make it the perfect base to take advantage of the rapidly growing demand for financial and business services in the MENASA region.
DIFC fills the time-zone gap for a global financial centre between the leading financial centres of London and New York in the West and Hong Kong and Tokyo in the East.
Does the DFSA allow compliance outsourcing?
Yes, the DFSA does allow outsourcing of core functions such as Compliance, MLRO and Finance. However, the DFSA does consider the type of financial service, the projected volume of business, additional endorsements (such as endorsements enabling firms to deal with Retail Clients), and the overall team composition before issuing approvals to outsource these functions.
For higher categories, especially for Asset Managers and Brokerage houses, outsourcing may not be an option. In these cases, we recommend that the firm opt for our compliance support services.
Do I hire a compliance officer before, or after authorisations?
Firms that apply for authorisation to the DFSA have to, at the time of application, identify the individuals that will carry out the Authorised Functions, including Compliance and Money-Laundering Reporting. While these individuals do not have to be employed by the firm yet, it would be unusual for a compliance officer to commit to carrying out the function while being in employment with another firm. In such cases, the compliance officer would usually resign from their current employment, and come on board the new firm once it is authorised.
However, in many instances, the authorisation process itself can take 4-6 months or even more. Hence the applicant firm can also request to make the identification of the compliance officer an In-Principle condition.
The third, and most-often opted for route is to outsource the compliance function. Here, the compliance outsourcing provider would second a competent (and mostly already authorised) individual to act as the Compliance and Money Laundering Reporting Officer at the time of application itself, thus speeding up the process.
How important is the compliance function?
The Dubai Financial Services Authority (DFSA) is the regulator of DIFC financial service firms. It authorizes and supervises financial entities that conduct activities across five licensed categories.
The DFSA mandates three (and in some cases, four) mandatory appointments for all firms that wish to carry out financial services from the DIFC. The Compliance function is one of them.
The DIFC is a well-regulated jurisdiction and hence the Compliance function is critical to the authorisation and ongoing operation of all financial firms registered in the centre. The DFSA places a lot of emphasis on Compliance with it’s extensive rules and regulations, including Conduct of Business, Prudential, Investment and Data Protection Rules. A licensed firm is expected to develop and maintain a culture of compliance, starting with the senior management and across all employees and stakeholders.
The repercussions of non-compliance can be severe, ranging from financial penalties to loss of reputation and even closing of the business. While compliance does not generate revenues for the firm, it forms the cornerstone of a successful financial business. In fact, robust compliance processes can result in increased efficiencies and lead to indirect revenue-generation for the firm.
Financial firms in the DIFC must appoint a Compliance Officer and a Money Laundering Reporting Officer (CO/MLRO) at the time of application to the DFSA. These functions are usually combined for smaller firms and so one individual can be proposed as the CO/MLRO. The DFSA expects an application from an individual with sufficient knowledge, experience, and seniority to perform the role effectively. Also, the Compliance Officer is expected to be resident in the UAE once licensed.
The Compliance Officer thus forms an integral part of the core team that the DFSA reviews and considers when making a authorisation decision.
What is an Authorised Individual?
Authorised Individuals are employees or responsible officers who carry out the mandatory Licensed Functions within firms authorised to conduct financial services in the DIFC. The Compliance and Money-Laundering Reporting function is one such mandatory licensed function, the others being the Senior Executive Officer and the Finance Officer.
The DFSA considers these functions are materially linked to the firm’s management and provision of financial services, and hence they expect that Authorised Individuals must meet certain standards relating to their experience, knowledge and qualifications.
Applicants have to submit a detailed online application to carry out the Compliance function, and this is usually done during the application process that the firm goes through before being licensed. Compliace Officers will also have to attend a formal interview with the DFSA before being authorised. The DFSA will have to be satisfied that the applicant Compliance Officer is Fit and Proper, and that the functions of their role will be conducted and managed in a sound and prudent manner.
What are compliance support services?
As mentioned earlier, the DFSA does not allow for compliance outsourcing in the case of firms that carry out financial activities with higher risks, such as asset management, brokerage or provision of credit. An in-house resource must be hired in these cases. However, as seen above, in-house compliance functions can have some drawbacks, and here is where compliance support services can help bridge gaps.
A compliance support service helps to support the in-house compliance officer with tools and information that he/she requires to carry out compliance responsibilities effectively. This can mean access to tools such as World Check, LogicGate and EHS Insight, information and knowledge bases and customised alerts and explanations in case of relevant regulatory updates.
The compliance support service function can also help excute the firm’s compliance monitoring program,
The support service can also cover for the compliance officer when he/she goes on leave.
We provide comprehensive compliance services for regulated firms in the DIFC. Starting from consulting on establishing in the centre, to assistance in authorisations, to assistance in preparation of all compliance documentation, 10 Leaves helps you navigate the DFSA Rulebook and submit an application that is comprehensive, complete and compliant.
Our services include:
- Reviewing the business model and advice on the applicable regulatory framework;
- Preparation of the Regulatory Business Plan and comprehensive financial projections;
- Preparation of all policies, processes and customised manuals required;
- Provision of Outsourced Compliance Officer and Outsourced Finance Officer services;
- Finalising the legal structure, including holding company setup and customisation of Memorandums; and
- Finalisation of leased space, bank account opening and obtaining Financial Services Permissions.
- Preparation of all compliance and legal documentation for operational purposes*
*through 10 Leaves Legability
- 10 Leaves Compliset* – a fully digital comprehensive library of policies and processes relevant to your business in the DIFC.
- Acting as the Outsourced Compliance officer.
- Maintenance and updating of all compliance documentation, including Compliance Manuals, Compliance Monitoring Plans and AML Manuals.
- Compliance Support Services.
- Regulatory filings and reporting.
- Risk Management.
- Business Continuity Planning and Management.
- Ongoing documentation review – marketing material, promotional literature, online privacy and access polices and terms and conditions.
- Ongoing compliance and AML training for employees.
Documentation that we prepare:
- Compliance Manual.
- AML and CTF Manual.
- Corporate Governance Policies and Charters.
- Operating Procedures Manual.
- Code of Ethics.
- Risk Management Policies and Framework.
- Business Continuity Manual.
- Information Technology and Cyber Security Manual.
- Internal Risk Assessment Process (IRAP).
- Internal Capital Adequacy Assessment Process (ICAAP).
Get in touch today! to know more about outsourcing compliance services in the difc