The Work Guide of the Internal Controller at Insurance Brokerage Companies

The Work Guide of the Internal Controller at Insurance Brokerage Companies

Firstly: The Introduction
The procedures and processes of internal control have evolved from traditional methods to modern methods that are emanating from international professional associations that have established international standards for compliance processes in terms of planning and implementing internal control activities. The internal auditor's efforts are focused on the most critical and important areas of the company. Insurance brokerage is one of the most required companies to implement internal control and auditing procedures for the purpose of providing effective services and results based on a strong qualitative service delivery system, Also, seeking effective ways to ensure sound decision, minimize manipulation, embezzlement, fraud and all the risks encountered by insurance brokers.
The job of the Internal Controller in the insurance companies and insurance brokers is one of the new jobs being created. The job description of the Internal Controller can be summarized as following:
•To carry out internal control functions as an organized and systematic activity that is objective and aims at adding a participatory value in achieving the objectives of the institution.
•The Internal Controller must be fully independent in the institutional organization in order to be able to carry out the tasks entrusted to him.
•The Internal Controller provides assurance regarding the assessment and effectiveness of risk management, internal control systems of the company, governance and compliance with policies and regulations.
Thus, the internal auditor's task can be summed up by making sure that the insurance broker's bushiness and procedures taken in certain fields of insurance activity are consistent with the provisions of the laws issued in the State in general and with the laws, regulations, instructions and decisions issued by the Insurance Authority in particular. He is also responsible for providing information, data and documents required by the Insurance Regulatory Authority in respect of those particular fields.
The Authority affirms that it is the responsibility of the senior management to take all necessary measures to ensure the continuity of the internal auditor's work, especially in terms of providing information and data and facilitating the work of the internal auditor, and emphasizes the need for the Internal Controller to prove in his work a high degree of professionalism and objectivity. So that the Internal Controller would be disentangled from any interests that would affect his judgments and make it biased.

Secondly: The Basic Principles of Practicing the Profession of an Internal Auditor:
•Continuity: the Internal control activities should be consistent and sustainable in terms of carrying out their tasks and duties. For this purpose, senior management is responsible for taking all necessary measures to ensure the continuity of the internal auditor's work, especially in providing information and data and facilitating the work of the internal auditor.
•Independence: The independence of the Internal Controller requires that his organizational subordination should be to the highest level of executive management and has direct communication with this level. It is also necessary for the independence of the internal auditor, not to be the decision maker in setting policies and procedures (it is possible to contribute to the company's team) or perform another executive work in the company.
•Integrity: The Internal Controller must be free from the intellectual subordination of the Management, make high professional care in carrying out all the internal control work, and the Internal Controller should act in the interest of the institution, not in contradiction with the ethical values of the profession.
•Objectivity: The Internal Controller must demonstrate in his work a high degree of professionalism and objectivity so that the Internal Controller is disentangled from any interests that would affect his judgments and make it biased.

Thirdly: Audit and Compliance Procedures:
•The internal control program is the work plan of the Internal Controller to review the registers and books and the data contained therein and review it to implement the written policies and procedures and to be in conformity with the laws, regulations and instructions issued by the regulatory authorities. This plan also contains the objectives to be achieved and the steps to be taken in order to achieve these objectives, the specified time to finish each step, and the person responsible for the implementation. The program achieves several objectives as a control and planning tool by which the auditor can track the monitoring process and the number of hours spent in each process. It is important to take into consideration in designing the internal audit program the following:
- The efficiency of the internal control system in the insurance brokerage company and based on the degree of efficiency, the scope of the internal audit, control and control process is determined.
- Objectives to be achieved because internal audit is a means, not a goal, hence, the program must enable the achievement of those objectives.
- Use the means of review and control that enable the auditor to obtain strong evidence in their validity. "To follow the audit methods that are appropriate to the
  circumstances of each case, each facility has its own circumstances against which
  the Internal Controller prepares the appropriate observer program.
- Types of audit programs:
- "It is not possible to develop a unified program for auditing and inspection of all types to be applied to different or even similar establishments because of the different circumstances of each brokerage company that distinguish them from others." In general, there are two types of audit programs:
1. Periodic and fixed or pre-determined audit programs.
2. Emergency inspection programs arising from the occurrence of any kind of problems that affect the performance of the company and are in clear violation of regulations and instructions or policies and procedures.

Fourthly: The Elements of Work of the Internal Control and Compliance
•The internal control job provides services to both the company's management and its board of directors. They are responsible for providing the Internal Controller with all the information that helps him to evaluate and adapt the internal control system and its effectiveness. It is the company's management responsibly to enable the Internal Controller to submit periodic reports to the Insurance Authority. The Inspection and control process is divided into several key elements according to their sequence and importance based on the following:
A. Obtaining a general knowledge about the institution and the auditor needs technical and legal indicators about the company he intends to audit.
B. Inspection and evaluation of the internal control system and internal tests of the internal control on operations (policy compliance tests) .The Internal Controller uses the practical and statistical methods of determining the sample size of the situation due to its huge quantity. In this context, the Internal Controller must act in accordance with the written procedures used in the institution in order to evaluate if the internal control system is comprehensive and reliable or not. The most important step taken by the auditor is to study the internal control system .In the light of this study, subsequent steps are determined and the size of the tests is determined.
C. Examine processes and procedures and submit reports on the extent of their compliance with the regulations, instructions and circulars issued by the Insurance Authority and work on sending a copy of the Internal Control reports through the company's management, provided that they are signed by the Authority's management and the internal auditor.
D. Ensuring that the internal control system of the company is effective at its minimum. In this context, it ensures that no mistakes or acts of fraud are committed, and then moves on to processes that are difficult for the internal control system to detect, review its analysis by comparing and studying their evolution from one cycle to the next.
E. Preparation of the audit report. In order for the Internal Controller to achieve success in his duties, he must be at the best level of professional and personal relations with all employees of the insurance brokerage company in which he works so as to create the best atmosphere for effective cooperation between him and the departments and sections of the company. Without such cooperation, the task of the Internal Controller would be difficult.

Fifthly: The Duties and Responsibilities of the Internal Controller in Insurance Brokerage Companies
The following terms include some of the main and core functions of the Internal Controller in the insurance brokerage companies:
1. Review the relevant laws and has the full knowledge of all laws, regulations and instructions issued by the Insurance Authority and the work of the insurance broker (and the subsequent amendments, or regulations and instructions issued thereafter), attached herewith the list of the most important laws, regulations and instructions to be reviewed.
2. Continue to update the senior management of the board of directors, board of managers and key employees of all the applicable rules and policies of compliance to which the company must comply.
3. To inform all employees of the company through the senior management of all the policies and compliance regulations and its updates
4. Develop comprehensive internal control policies and procedures in insurance brokers that include an effective internal audit of the regulations, instructions and practices applied in the company’s activities, and should be approved by the board of directors of the bank.
5. Updating the policies and procedures periodically to ensure that the company complies with the latest regulations and instructions related to all the company's operations and activities.
6. Conduct annual and quarterly review of all the instructions included in the policies and procedures manuals applied in the company to ensure their conformity, consistency and compliance with their implementation in accordance with the requirements of the law and the Regulation and the amendments thereof and the regulations, instructions and circulars issued by the Insurance Authority.
7. Conduct an emergency and sudden review after coordination with the company's management to ensure the validity of the procedures and policies applied as mentioned in the previous paragraph.
8. Prepare a comprehensive plan for examination and ensure that all written policies and procedures approved by the Bank are compliant with applicable compliance rules.
9. Upload the annual and quarterly reports on internal controls on the website of the Insurance Authority. The Internal Controller may submit monthly reports if necessary, or if requested by the Authority's management.
10. Ensure that the management of the company and its employees apply the correction plan approved by the company's board of directors in accordance with the approved internal control reports.

Sixthly: The Specialized Functions of the Internal Auditor

The internal control of the technical departments’ performance in the insurance brokerage companies is one of the most important aspects that the Internal Controller must follow up and know all their aspects. These special tasks include reviewing the performance of all departments and the technical departments, especially those related to technical works in insurance brokerage. The following represent the key functions of the internal auditor.

Firstly: The Implementation of The Insurance Authority Board of Directors’ Resolution No.15 of 2013 concerning Insurance Brokerage Regulations, Decision No (58) of 2013 Concerning the Implementation of Insurance Authority Board of Directors’ Resolution No. 15 of 2013 and Insurance Authority Board of Directors Resolution No. 20 of 2014 On the Amendment of Some Provisions of the Insurance Authority Board of Directors Resolution No. 15 of 2013

The internal controller of the insurance brokerage company must complete a periodic review on the company's implementation of the Insurance Authority Board of Directors’ decision No. (15) of 2013 and its amendments in subsequent decisions or executive decisions issued by the Authority's management, specifically the obligations of the brokerage company stated in Section No. (4) of the said decision ,which stipulate the obligations of the brokerage company towards the Insurance Authority, Insurance companies and customers . The report must clarify the defect points and the corrective actions agreed upon with the management of the insurance brokerage company and what is the time frame of the proposed plan.

Secondly: The Implementation of the regulations of Anti- money laundering and combating terrorist financing in insurance activities:

• The Insurance Authority has issued the regulations of Anti- money laundering and combating terrorist financing in insurance activities by the Board of Directors resolution No. (13) of 2015. The regulations included clear definitions of insurance business, money laundering and terrorist financing, in addition to the definition of suspicious transactions and extraordinary transactions. The following is a summary of the main tasks assigned to the Internal Controller in this respect, pointing out the need to fully comply with all the provisions of the mentioned regulations.

• The Internal Controller should confirm the validity of the procedures used to open a customer account in the company, including full knowledge of customer information according to a clear form approved by the company management.

The most important information to be verified by the Internal Controller is:

1. If the client is a close partner of foreign persons who are politically exposed, this includes
a. The politically exposed foreigner.
B. The direct family members (spouses, children, their spouses and parents.)
C. The partners known to be close to the individual are:
• Individuals who have joint ownership of a legal entity, legal arrangement or any close working relationship with a politically exposed foreigner.
• Individuals who have sole ownership of a legal entity or legal arrangement established for the benefit of the politically exposed foreigner.

2. The Internal Controller shall ensure that the company obtains all necessary information and documents for the customers which include:

A. The Natural persons: full name, nationality, place and date of birth, current address, place of permanent residence, place of work, passport and / or identity card for individual clients, and keeping a certified copy. For incompetent persons, documents relating to them and their legal representative should be obtained, as appropriate.
B. The Corporate persons: full information and documents should be obtained and in particular (the Commercial Registration and the Articles of Association)mentioning the date of renewal and keeping a copy thereof. Also, the name and address of the owner and the names and addresses of the partners and their nationalities shall be obtained.
C. Public Shareholding Companies: The names and addresses of the Chairman and members of the Board of Directors and shareholders, each of which exceeds 5% or more, shall be obtained.
3. In the event that the transaction is for the benefit of another person or entity, the Internal Controller shall ensure that the company obtains a copy of identity of that person or that entity and keep a certified copy of the authorization letter, acquire and register adequate information about them.
4. When dealing with cooperatives, social or professional associations, a copy of the declaration decision of this association issued and signed by the Minister of Social Affairs must be obtained.
5. The Internal Controller shall confirm the prohibition of opening an account under a pseudonym. The name of the account holder must always be authenticated as in the identity, passport or commercial license, and the official responsible for opening the account must carry out a physical inspection of the passport, trade license or any identity card, The documents shall be marked as a true copy and signed.
6. The Internal Controller of the company shall be knowledgeable with the persons listed on the United Nations list of terrorism, compare the names of all the company's clients with that list, notify the unit of any transaction related to that list, and periodically update the list of persons through the United Nations website WWW.UN.ORG .

7. The Internal Controller shall work to determine the necessary bases for classifying the clients of the insurance company according to the degree of risk of their association with money laundering and terrorist financing. He shall adopt a system of classification of customers based on logical basis, with constant updating. Pursuant to the administrative decision No. (79) of 2015 concerning the guidelines of Anti-Money laundering and combating terrorist financing in the insurance activities .This system shall include at least the following risks:
a. The risks related to Services and Products.
B. The risks of Customers.
C. The risks related to specific geographical areas.

• With regard to terrorist financing operations, we refer to the Federal Law No. (7) of 2014 (issued on 20/08/2014, concerning combating terrorist crimes, particularly the definition of terrorist crime, terrorist purpose and terrorist result in Article (1) of this Law, and to article No (29) - (30) of the law relating to crimes of financing terrorism, where the Internal Controller must review the provisions of this law and work to apply them strictly.
• If there are serious reasons to suspect the existence of a money laundering or terrorist financing process, the Internal Controller(behind the scenes) checks the identity of the client or the concerned person without drawing the client or the person attention of these suspicions regardless of how much the subject amount of the process.
• In case of any of the above mentioned cases,
A. The Internal Controller(after taking the opinion of the company management)shall freeze the transaction.
B. The Internal Controller and the Company shall immediately notify the Financial Intelligence Unit for Anti- money laundering and suspicious cases unit (AMLSCU) of the Central Bank of the State through the electronic system or any appropriate method, and notify the Authority of what has been reported to the Unit.
C. The Internal Controller in his department shall keep a copy of the information sent to the Central Bank and the Insurance Authority.
D. The freezing of funds in suspicious cases is by order of the Central Bank.
E. The Public Prosecution may, after having been notified by the Central Bank of the reservation of the funds or the means used in the suspicious operations, and in the end the operation shall be subject to the decision of the competent court.
F. The Internal Controller does not assume that the possibility of money laundering or terrorist financing in this type or branch of insurance may be excluded. However, the most insurance branches of insurance that is liable to be used for the sepurposes:
A. Life Insurance and Family Takaful (Mixed Insurance).
B. Marine insurance of goods.
C. Insurance of jewelry stores and precious stones.

At the end of this part of the Guide, we emphasize the need for the Internal Controller to adhere to the following:
a. Full Implementation of the Board of Directors Resolution No. (13) of 2015 Concerning Anti-Money Laundering and Combating Terrorist Financing in Insurance Activities and Guidelines No. (79) of 2015, concerning Anti- Money Laundering and Combating Terrorist Financing in Insurance Activities
B. No to initiate procedures unless there are serious reasons for suspicion.
C. The proceedings take place in a strictly confidential manner.

Thirdly: Functions related to the disclosures and financial and non-financial statements of the insurance brokerage company.

The internal auditor, in cooperation with the company's management, shall notify and provide the Authority with the following:

A. A quarterly report signed by the Chairman of the Board of Directors or the General Manager or the Executive of insurance brokerage activities and related accounts, including a report on the financial solvency in accordance with the specified requirements within a period not exceeding 30 days from the end of the quarterly period.
B. An annual report signed by the Board of Directors or Board of Managers, containing all insurance brokerage activities conducted during the year and the final audited annual financial statements accompanied by the report of the external auditor, within a period not exceeding 60 working days from the end of the fiscal year.
C. An annual statement of the general framework of risk management which includes its internal procedures to assess its financial solvency and in proportion to the risks that may affect its financial position and strategy in allocating capital to encounter these risks.
D. A copy of any brokerage agreements concluded with the companies within seven working days of signing them on the electronic system of the Insurance Authority.
E. Notification on the appointment of accredited personnel and any amendment or change in their transfer or end of service and the reasons for such change with in two working days. He shall also notify the Authority of the appointment of an alternative until the vacancy is permanently filled within a period of 60 working days from the date of vacancy.
F. Notification on any change to any of the data or documents that have been registered based on it, within five days from the date of the change.
G. All data and statistics that are requested and in accordance with the periods specified by the Authority.
H. The insurance broker shall ensure that his annual and interim financial statements contain all necessary data and information relating to his financial solvency, regulations and objectives to manage the risks of his financial position, including a detailed breakdown of the durability and balances of payables as well as revenues from premiums and commissions from each company.

Internal Control Quarterly report

Company

Licensed Activities

Report Date

Period of invesigation

Internal controller

Contact Details

Firstly: verifying the extent of compliance with the decisions, laws and regulations

The Board of Directors Decision No. (15) of 2013 concerning the insurance brokerage regulations

degree of

No.

Decision provisions

committed

Non committed

nuder process

Reasons of Non-compliance

Internal controller recommendations

Higher Management recommendations

corrective procedures

Period for correction

Attachment

Article

The proposed documents and data to be reviewed to ensure the compliance with the legal provisions . The Compliance officers can develop procedures, evidences and other supporting documents that are not mentioned in the description to ensure compliance with the laws, regulations and legal provisions.

Article (2), clause (2) "No one may practice the Insurance Brokerage activity in the UAE without obtaining a license from the IA. Such license shall be renewed annually in accordance with the "provisions of these Regulations

verify that the insurance company's license is valid and effective

Article (3), clause (1) "An Insurance Broker may combine brokerage business in personal insurances and funds accumulation operations on the one hand, and brokerage of property and liability insurance on the other hand, provided that both classes of business are completely separated in terms of books and records or personnel working in each class "

Ensure the separation between the two types of insurance by establishing clear policies to separate the concerned departments and not to overlap between the work and the existence of a clear separation mechanism in the records of the company.

Article (3), clause (3) "An Insurance Broker may not combine their role as an insurance broker on the one hand and the role of an insurance agent, insurance consultant, surveyor and loss adjuster, or actuary on the other hand"

Periodic review of the services provided by the company and review of the statute, internal regulations and internal policies and procedures for job description of each department to verify the provision of insurance brokerage services and not to provide any services for the professions mentioned in Article

Article (3), clause (4) "An Insurance Broker may combine the Insurance Brokerage business in accordance with the provisions of these Regulations and the re-insurance brokerage business, subject to not combining both roles (insurance broker and re-insurance broker) for the same transaction and for the same party he works for "

The Broker may add reinsurance brokerage business after approval by the Authority and interview with the specialized reinsurer. The Compliance Officer shall ensure that the Company's statute, internal Bylaws and work procedures allow and regulate the practice of insurance brokerage

Article (3), clause (5) "A company incorporated in the UAE in accordance with the Commercial Companies Law, having the objective of practicing the Insurance Brokerage activity. "

Checking the company's investments in the financial records and contracts with any other broker, if any

Article (4), clause (1) , sub-clause (a) " An Insurance Broker may not be partner or agent of any other Insurance Broker "

Ensuring the activities stipulated in the commercial license and the statutes and submitting a request for approval in the event of modification of the form or purposes of the company.

Article (4),clause (1) , sub-clause (b) " A branch of a company incorporated in a financial free zone in the UAE, or a branch of a foreign company, provided that such company is licensed to practice this activity in the said financial free zone or in the country of origin in the same insurance type and class; and should be subject to the control of a counterpart supervisory authority, with a minimum five years of practice in Insurance Brokerage, and subject to any controls or conditions set by the IA. "

Ensure the activities in the license granted to the company by the regulatory authority and the statute and submit a request for approval in the event of modification of the form or purposes of the company. Verify the validity and effectiveness of the license in the home country and inform the Authority of any significant changes occur in the parent company.

Article (4), clause (2) " The paid capital may not be less than (AED 3,000,000) three million Dirhams for a company incorporated in the UAE and (AED 10,000,000) ten million Dirhams for the branch of a company incorporated in a financial free zone or the branch of a foreign company. "

Check the company's Articles of Association, confirm the Memorandum of Association, ensure the latest audited financial statements of the parent company, the company's registration certificate in the original supervisory authority.

Article (4), clause (3) " A Letter of Guarantee produced by a bank in favor of the IA must be submitted in accordance with the terms and conditions referred to herein. "

You must return to the form published on the website of the Insurance Authority and always make sure that there is a bank guarantee, you must work to inform the Authority directly in the event of any amendment to the bank guarantee data.

The Letter of Guarantee shall be:

1. Issued by a bank operating in the UAE, in favor of the Chairman of the IA Board of Directors in his capacity according to the form designated by the IA.

2. Unconditional, unrestricted, payable on demand – by the IA – at any time and may only be canceled under a written consent of the IA.

3. Issued for the purpose of guaranteeing the settlement of the Insurance Broker's transactions and meeting their obligations arising from practicing Insurance Brokerage towards companies, clients or beneficiaries, or in implementation of the IA's decisions.

4. Its value may not be less than (AED3,000,000) three million Dirhams for companies incorporated in the UAE and (AED1,000,000) one million Dirhams for any branch there of. For the branch of a foreign company or companies incorporated in any financial free zone, its value may not be less than(AED 5,000,000) five million Dirhams for the branch and (AED 3,000,000) three million Dirhams for any addition branch thereof in the UAE.

A professional indemnity insurance policy in favor of the IA must be submitted in accordance with the terms and conditions referred to herein.

The Professional Indemnity Policy shall be:

1. Issued by a company licensed by and registered with the IA, after the IA's approval of the conditions of such policy.

2. The insured shall be the Insurance Broker and the beneficiary shall be the Chairman of the IA Board of Directors in his capacity.

3. Issued for the purpose of guaranteeing any liability arising from damages resulting from practicing Insurance Brokerage, unintentional error, omission and unintentional negligence.

4. Valid throughout the license term and applicable to the annual renewal of the license. The Insurance Brokerage activity may not be practiced unless such policy is available and valid.

5. The insured sum under the policy may not be less than (AED 2,000,000) two million Dirhams for companies incorporated in the UAE, provided that the deductible amount may not exceed (AED 30,000) thirty thousand Dirhams for each accident. As for the branch of a foreign company or companies incorporated in any financial free zone, the insured sum under the policy may not be less than (AED 3,000,000) three million Dirhams, provided that the deductible amount may not exceed (AED 50,000) fifty thous and Dirhams for each accident.

Ensure that the conditions set out in the Professional Indemnity Insurance Policy are met in the Authority

Individuals to be appointed in the technical and administrative staff must satisfy the following conditions:

a) Be a natural person enjoying full capacity.

b) Be of good conduct and behavior, and has never been sentenced for a freedom restricting punishment in a moral turpitude crime without being rehabilitated.

c) Has not stopped the payment of his commercial debts even if not associated with bankruptcy declaration, or has been judged bankrupt without being rehabilitated.

To ensure the availability of technical staff and inform the Authority in the event of any amendment to the technical staff of the Authority

An Insurance Broker must continuously have the technical staff required to practice the licensed activity and must at least appoint employees to assuming the following jobs: a) General Manager or Chief Executive Officer. b) Operations Manager. c) Internal Auditor. d) At least one specialized employee for each licensed insurance type or class.

Specialized employees (persons and fund accumulation Insurance Officer -Property and Liability Insurance Officer - Reinsurance Broker) The company can appoint more than one specialist provided that they inform the authority in the event of an amendment and may appoint specialized staff in a particular type of insurance such as health insurance.

No one may combine two jobs of the jobs approved by the IA at the same time.

Ensure that no one combine between two approved jobs and that the internal controller has no executive tasks.

An Insurance Broker shall notify the IA of the appointment of any accredited personnel, and of any modification or alteration that may arise regarding their transfer or termination, stating the reasons thereof. An Insurance Broker shall also notify the IA once any of the accredited posts becomes vacant and an alternative is appointed until such vacant post is permanently filled within a maximum period of 60 business days from the date of vacancy.

The necessity to inform the Authority about the transfer and termination of the services of any of the approved staff and to provide new documentation on the new employees within the period specified in the article

A suitable headquarters, software and technical systems required to practice the activity must be provided.

Not to change the company's headquarters without informing the insurance company. The conditions of the place: Provide a suitable place to carry out the work, including a separate place for the Director General and the internal controller. The existance of the electronic systems that provide assistance in the performance of work and the availability of data and information security systems. Making a list of the authorities on the systems of the company and the auditor shall review these procedures periodically and on a regular basis and inform the Authority in case of any violations or material information affecting the performance of the company (including the occurrence of any breach of information security , the company's headquarters exposure to fire, theft ... etc)

An internal control system to ensure the sound application of law, regulations, instructions, resolutions and circulars issued thereunder must be provided.

The explanation of the internal controller's duties in the company, the scope of work of the internal controller from the administrative aspects and how to auditing them, an explanation of the rules and regulations that must be applied by the controller and the the company Bylaws, which the broker must work on auditing them. The explanation of the mechanism of reporting to the Board of Directors and its periodicity, The mechanism of auditing the technical departments and their compliance with the regulations and instructions of the Authority and internal Bylaws.

The application of a license to practice the activities of the Insurance Brokerage shall be submitted to the IA according to the designated form enclosing information, data and documents supporting the application for license, particularly:

1. The legal form of the applicant, along with a report stating the names of the partners, members of the board of directors or management board and the executive management.

2. An acknowledgment that the partners and the Director General or Chief Executive Officer have never been declared bankrupt, as well as providing certificates of good conduct confirming that none of them has been sentenced for a freedom restricting punishment.

3. A statement showing any legal or judicial obligations or liabilities related to the applicant.

4. A statement showing the technical systems used and the work procedures proposed for practicing the activity of Insurance Brokerage.

5. Types and classes of the insurance business applied for.

6. Training and Emiratization plan for AUE nationals.

The Compliance Officer shall keep all records and documents related to the Company's license, the partners and managers and review them periodically to ensure their validity. In the event of any change in the work , he shall report directly to the Authority. This must be included in the Internal Control Guide and the interim and annual audit plan approved by the Company's Board of Directors .

7. In addition to the above, a branch of a foreign company, or a branch of a company incorporated in a financial free zone shall submit the following:

a. An official certificate issued by the competent authority showing the company’s incorporation, registration and licensing to practice the activity of Insurance Brokerage in the types and classes of insurance to be practiced in the UAE.

b. A copy of the financial statements for the last two years audited, approved and prepared in the UAE Dirhams.

c. A true copy of the board of directors' or management board’s decision approving the opening of a branch in the UAE.

8. An undertaking to satisfy all license conditions required in case of approving the application for license within the period determined by the IA; otherwise the approval shall be null and void; as well as undertaking not to start practicing the activity before the IA ensures that the applicant has satisfied all license conditions and IA’s approval in this regard is issued.

An Insurance Broker may add a type or class of insurance to the granted license under an application to be submitted to the IA on the form designated for this purpose after meeting all the related conditions and requirements.

The broker may add brokerage to a type of insurance and can add insurance brokerages, and notify the Authority of any additions made to the previously licensed services.

The license shall be renewable under an application to be submitted to the IA at least one month prior to the expiry date ،

The compliance officer must ensure that the license conditions in the regulations are met, especially during the last month during renewal of the license (automatic or electronic renewal).

The Insurance Broker may not practice their activity during the suspension period. In all cases, the Insurance Broker may request to resume the practice before the end of the suspension period whether the suspension was optional or when the preventing cause ceases to exist.

Ensure that the suspended broker or the broker who requested for suspension does not exercise any new work and confirming that the broker continue to follow up on the interests of existing companies, clients and beneficiaries before issuing the suspension decision.

Producing of written internal bylaws within (3) months from the date of obtaining the license, and providing the IA with a copy thereof, subject to amendment of such bylaws in accordance with any amendments made to the Law, regulations, instructions, resolutions and circulars issued by the IA and notifying the IA thereof.

The Compliance Officer shall review the internal Bylaws adopted by the Board of Directors of the Company and submit the amendment proposals for approval by the company's Board of Directors and notify the Authority through the quarterly internal control report to review the procedures and ensure their application and inform the Authority in case of amendment thereto.

The Internal Bylaws shall include the following data:

a) The documentary cycle to be followed as of the beginning of dealing with a company and client, until the full completion of the insurance transaction.

b) The organizational structure of the Insurance Broker showing the actual functions, responsibilities and powers of directors and other employees working for the Insurance Broker.

c) The relationship between the headquarters of the Insurance Broker and its branches; and determining the powers that the branch is authorized to practice.

d)Correspondences recording system.

e)Internal record-keeping system.

f)Clients' complaints recording system.

The documentary course to be followed in dealing with brokers and insurance companies: It is a simple explanation of how to implement the service to the customer and contact with the insurance company with illustrations for the documentary course , the organizational structure of the broker, explaining responsibilities and tasks , powers of the branches of the company ( powers of the branch and the director and what types of insurance brokerage, Mailing system: a simple explanation of the outgoing and incoming mail system and that there is a specific mail for each department mentioning it a mail for complaints and a separate mail to respond to inquiries of customers. The system of keeping the internal records and the way they are saved (archiving). The electronic system of the company in terms of keeping files and records of customers and where to they are saved.

Producing an Operational Guide for risk management to include the listing and definition of the specific risks that could be encountered and how to address them once realized. The Guide shall be updated and reviewed periodically as appropriate to the nature of the Insurance Broker business and according to the applicable rules in this regard.

The Operational Guide for Risk Management Operational (includes definition, enumeration and treatment of risks related to brokerage business), such as the risk of nonpayment by the customer, the risks of customer unreliability, the risk of money laundering, the risk of electronic system security breach. The risks of labor turnover, etc. This shall be reviewed and verified periodically.

Development of a professional code of conduct for the Insurance Broker employees; and supervising and organizing their undertakings to ensure compliance with the Law, regulations, instructions, resolutions and circulars issued by the IA, especially those related to trust, integrity and conflict of interest.

The Compliance Officer shall ensure that the Company has established a Code of Conduct and that the Company's management is required to send all regulations and instructions to all the concerned employees of the Company and ensure that they are informed of the circulars issued by the Insurance Authority which regulate the work.It is preferable to register all queries received by employees and the response received by the company's management through the compliance officer, which helps to control the compliance mechanism.

When practicing the activity of Insurance Brokerage, the Insurance Broker and their branches shall be independent from any other party in terms of place or organizational, technical or administrational aspects.

Ensure the separatation of the headquarters of the broker and not to be engaged in any activity other than insurance brokerag.

Cooperation and coordination with the internal controller, enabling him/her to perform the assigned tasks and notifying the IA of any violation of the Law or the regulations, instructions, resolutions or rules issued thereunder, or the applicable internal bylaws.

The internal controller and the company's management shall cooperate in order to implement the regulations and laws. The internal controller shall submit reports of the non-compliance of the senior management with the application of the regulations and instructions and the non-implementation of the corrective plans.The company's management must provide justification for not complying with the corrective plans approved by the Authority.

Not to dismiss the internal controller except by a decision of the board of directors or management board of the Insurance Broker, provided that the IA and the internal controller are notified of the dismissal decision at least (30) working days before such dismissal, explaining the causes and justifications of the dismissal.

The internal controller shall immediately notify the Authority in case he submitted his resignition to the company management. Also, the company management shall notify the Insurance Authority in case of the dismissal of the internal controller in accordance with the provisions of Article

Open an independent account with a bank operating in the UAE to be designated for the financial transactions related only to the Insurance Brokerage business. Such account shall be subject to audit by the IA.

Ensuring that there is an independent insurance brokerage business in terms of receiving and paying insurance premiums

Complete separation between the Insurance Broker's personal accounts and the accounts related to the Insurance Brokerage practice.

Ensure the separation of the accounts of the broker through the review of the agreement to open the account with the bank and review the periodic bank statements of the contracted accounts to confirm the cash inflows and outflows.

Refrain from obtaining any interests on the funds deposited in the account of the Insurance Brokerage business, or from holding such funds in the form of time deposits, or to obtain credit facilities or bank loans secured by such funds.

Ensure that the type of account dedicated to practicing insurance brokerage activity is the type of current accounts not related to access to credit facilities or bank loans with the guarantee of these funds or the placement of funds obtained in the form of fixed deposits and the the agreements for opening the account must review.

Maintain the financial solvency required to practice the activity in a manner to ensure the continued performance of its obligations according to the rules set by the IA.

The terms of financial solvency mentioned in Decision No. 58 shall be reviewed in terms of the availability of the minimum paid-up capital and, on a permanent basis, availability of bank guarantees and availability of adequate liquidity in accordance with the decisions of the Insurance Authority.

Abide by the limits of insurance types and classes which the Insurance Broker is licensed to practice.

Not to practice insurance brokerage in a new type or branch of insurance before obtaining the license.

Not to manage or bear any insurance risks.

The commitment to the insurance brokerage and the broker shall not take the insurance company place to insure risks or shoulder risks of insurance .

Conclude Insurance Brokerage agreements with companies; and providing the IA with true copies thereof within a maximum period of one week after the date of their signature, as well as any amendments or alternations thereon once made.

All agreements signed with insurance companies must be uploaded on the website, and the insurance companiesshall be followed up in order to approve the agreements on the system.

Conclude at least two Insurance Brokerage agreements with companies within (60) working days after the license date. .

There must be at least two agreements with the insurance companies. In case of non-existence, the Authority shall be notified if the number is less than two in any case.

Not to depend only on one company at any time to practice the activity in the UAE.

If the concentration ratio increases above 75%, a plan should be developed to reduce the concentration to the average for one company.

Maintain the records, documents, accounts and financial statements that show the Insurance Broker's financial position, transactions, Insurance Brokerage agreements concluded with companies, authorizations issued by Clients, Clients' data, copies of insurance policies issued to such clients, and any other documents or data related to the practice for a period of (10) years,

Develop a plan to maintain all documents in electronic and paper format and to inform the Authority directly in the event of any type of damage.

Back-up copies of all such statements and documents shall be maintained for the same period in order to protect the clients’ data and transactions against any causes of damage. The IA shall be allowed access to obtain and review same on demand.

A plan should be developed to maintain backup copies of the data and documents and make periodic reviews to verify the mechanism of conservation and ensure that it can not to be damaged or hacked.

The fiscal year shall commence on the first day of January and ends on the thirty-first day of December every year, provided that the balance sheet and the closing accounts are prepared in the UAE Dirham.

Ensure that the audited financial statements submitted to the Authority are prepared in accordance with international standards in the preparation of financial statements. The fiscal year begins on the 1st of January and ends on 31st December of each year. The financial statements are prepared in the UAE Dirhams.

A quarterly report signed by the Chairman of the IA Board of Directors, the Director General or Chief Executive Officer, and audited by the external auditor. This report shall address the Insurance Brokerage business and the accounts related thereto, and shall be submitted within a maximum period of (20) working days from the end of the quarterly period.

The commitment to submit data and documents within the allowed period.

An annual report signed by the Board of Directors or Management Board and audited by the external auditor. This report shall include all Insurance Brokerage business performed during the year, the accounts related thereto, the closing accounts and the annual balance sheet; and shall enclose a copy of the Insurance Brokerage agreements that have been concluded with companies. This report shall be submitted within a maximum period of (60) working days from the end of the fiscal year.

The commitment to submit data and documents within the allowed period.

To immediately notify the IA of any change occurring on the data or documents based on which the license was granted within (5) working days from the date of occurrence of such change; and of any deficit affecting its financial position.

Any amendments shall be notified to the Authority within the specified period

Inform the IA of the content of advertising campaigns to promote its services before presenting to the public. .

Obtain the approval of the Authority before making any public announcement.

Insert their name and registration number with the IA on all its papers, correspondence and documents in both Arabic and English languages.

This includes, but is not limited to, paper correspondence, any other paper advertising documents and electronic correspondence

Sign an Insurance Brokerage agreement with each Company they deal with. The agreement must be executed in Arabic language, signed by both parties and authenticated before the official authorities. It shall remain in force throughout the period of dealing with the respective Company, and shall include the rights and obligations of each party in conformity with the provisions of these Regulations

Review the agreements concluded with the companies

The agreement shall include the following: a) The term of the agreement, how and why it can be terminated;

b) Types and classes of insurance subject of brokerage;

c) Geographical scope;

d) A provision authorizing the Insurance Broker to receive the premiums in favor of the Company in cases where the Insurance Broker is permitted to collect the premiums. However, the Insurance Broker may not use the collected premiums for any other purpose.

e) The agreed commission for the Insurance Broker, the manner to calculate such, when its due date for payment and its collection procedures.

Review the agreements concluded with the companies

The agreement may not include the following: a) Authorization to the Insurance Broker to issue insurance policies or endorsements thereto, or to amend policies or endorsements except for the issuance of motor insurance certificates if both parties wish so.

b) Authorization to the Insurance Broker to receive compensations payable to clients or beneficiaries to be paid to the entitled recipients.

c) Preventing the Insurance Broker from practicing its activity with any other company.

The insurance broker is entitled to issue vehicle insurance certificates only if the agreement includes this. The agreement may not include any authorization to receive compensation due to customers or beneficiaries for payment to its beneficiaries.

Submit all customer information and data which may affect the decision to be taken by the Company regarding the insurance cover, rates and conditions, in order to enable the Company to assess the risks to be insured or to renew its insurance.

Ensure the establishment of internal procedures to send all customer information and data that affect the insurance companies' decision for coverage.

Confirming that the Insurance broker sid not receive insurance premiums related to insurance types and classes shown below : a. Life insurance and fund accumulation operations; b. Group health insurance; c. Marine and air cargo insurance; d. Hull insurance; and e. Petroleum insurance.

The agreements and the internal financial and technical procedures must be reviewed to ensure that premiums are not received from these types.

Not to use the letterhead of the Company - for which the Insurance Broker works - for their own correspondence or correspondence to their Clients.

maintain the confidentiality of conditions, rates, information and data obtained from the Company and not to disclose such information to other companies. .

Establish procedures to maintain the confidentiality of information or data and periodically review them to ensure that employees and management comply with their obligations.

Sign a written authorization with all its Clients to authorize it to perform the Insurance Brokerage business according to the form designed for this purpose and approved by the IA.

The authorization process must be documented through written or electronic authorization.

The authorities of the Insurance Broker to communicate with any company licensed by the IA or with any licensed company nominated by the Client.

Ensure that the authorization contains the powers.

The responsibilities and authorities of the Insurance Broker regarding the claim procedures for compensation which may be entitled by a Client who reports an insured accident.

Ensure that the authorization contains responsibilities and tasks before and after selling.

Not to restrict the Client’s freedom to withdraw or cancel the authorization, and not to charge the Client for any financial costs as a result thereof.

The procedures and accredited authorization must be reviewed.

Provide technical advice and on sultation, and inform the Client of the best conditions and rates of the companies and keep the documents proving such and register them in duly organized records. In addition, they must negotiate in favor of the Client and represent them before the Company and not to receive any commission for such negotiation.