Photo: Al Tamimi & Company
After years of deliberation the UAE Central Bank (the “CBUAE”) has issued the Corporate Governance Regulation (the “CGR”). The draft corporate governance guidelines were last updated in 2006 (the “Guidelines”). The CGR was published in the Official Gazette on 15 August 2019 and is now in effect. The CGR requires UAE banks to comply with the CGR within a period of three years. The CGR comprises of corporate governance regulations and accompanying standards for the purpose of implementing the CGR (the “Standards”).
In addition to relying on the Guidelines, UAE banks have previously undertaken independent efforts to adopt suitable corporate governance guidelines in certain issues and where applicable, the provisions of corporate governance regulations issued by the Securities and Commodities Authority (“SCA”) applying to public companies generally and the international best practices.
It should be noted that the CBUAE had regulations in place, which deal with some aspects of corporate governance. For example, the CBUAE has issued the Internal Controls, Compliance and Internal Audit Regulation (“ICCIA Regulation”) in 2018 requiring all banks to have strong internal control frameworks and establish permanent, independent and effective compliance and internal audit functions. The ICCIA Regulation must be read in conjunction with the CGR, which establishes the overarching prudential framework.
The CGR repeals and replaces several important CBUAE notices and circulars which mainly deal with the appointment of the board members and senior management.
The CGR and the Standards are in addition to the provisions relating to public joint stock companies in the Federal Law No. 2 of 2015 on Commercial Companies (the “CCL”), and SCA Board of Directors' Resolution No. (7 R.M) of 2016 Concerning the Standards of Institutional Discipline and Governance of Public Shareholding Companies (“SCA Regulation”), as applicable. In the event of contradiction with any provisions of the SCA Regulation, the provisions of the CGR and Standards shall prevail.
The CGR and the Standards apply to all banks established in the UAE. For banks operating within a group, such banks must ensure compliance with the CGR and Standards on a group level. Branches of foreign banks licensed by the CBUAE must either comply with the CGR and Standards or establish equivalent arrangements. Branches of foreign banks shall be exempt from the requirements of Article (3) of the CGR in relation to board composition and qualifications.
The CGR emphasizes that the onus is on the board of each bank to demonstrate to the CBUAE that the bank has complied with the corporate governance rules.
The CBUAE has noted in the CGR that it will apply the principle of proportionality in the enforcement of the CGR and the Standards, whereby smaller banks may demonstrate to the CBUAE that the objectives of the CGR are met without necessarily addressing all of the specifics cited therein. As usual, the banks should communicate with the supervision team of the CBUAE their compliance requirements to ensure that the CBUAE is satisfied with the banks’ specific approach to corporate governance.
The CGR has listed some important definitions, such as the definition of control functions, duty of care, duty of loyalty, duty of confidentiality, related parties and related party transactions. The CGR also covers corporate governance requirements of Islamic banks and the importance of adherence with the directions of the Higher Shari’a Authority.
Under the CGR, banks are required to comply with Pillar 3 disclosure requirements set out under the consolidated and enhanced framework issued by the Basel Committee on Banking Supervision in March 2017 and any subsequent revisions.
For the first time, the CBUAE has introduced some new concepts to govern and deal with the disclosure of information, transparency, conflict of interest, assessment of senior management performance and their compensation.
The breach of any provisions of the CGR and the Standards may be subject to supervisory action and sanctions by the CBUAE, which may include withdrawing, replacing or restricting the powers of senior management or members of the board, providing for the interim management of the violating bank, or barring individuals from the UAE banking sector.
It appears that the CBUAE did not adopt the common ‘comply or explain’ approach in this case, which generally allows the banks to decide what corporate governance policies and procedures are appropriate to their business. In fact, the CBUAE has made it clear under the CGR that banks must comply within the three years period prescribed by the CBUAE.