DIFC Corporate Governance Review Reveals Big Problems for Growing Firms
In 2013 the Dubai Financial Services Authority ("DFSA") carried out a review of the corporate governance arrangements of all authorised firms in the DIFC. The DFSA has now published a report based on that review. The report is publically available, and should be of interest to all senior management and board members of DIFC firms.
The most significant finding of the review is that the practice of many DIFC firms falls far short of their own policies. In other words, many firms might have perfectly good policies on, for example, risk management. The day-to-day reality is that their actual risk management is different to the policy set out in their own risk-management documentation.
In advising numerous clients in the DIFC, we recognise that this is a common issue. Authorised firms are required to prepare a significant number of corporate governance policies when applying to the DFSA for initial authorisation. These policies are frequently drafted with the assistance of external advisors. Very rarely do they receive material input from the employees who will be tasked with implementing the policies. Once authorised, many firms will file away their policy and procedure documents, referring to them only if specifically requested to do so. We are aware of DIFC firms who have been sanctioned by the DFSA for failures to act in accordance with their own policies and procedures. The actual courses of action of the firms in question did not, in themselves, breach any provision of the DFSA Rulebook.
However, the failure to comply with their own stated policies lead to the DFSA taking action against these firms.
Another significant finding of the review was the failure by directors and senior management to enhance their own education and development through ongoing training initiatives. Again, this trait is something that we recognise from our interaction with clients in the DIFC. Many authorised firms in the DIFC are, by global standards, relatively small, and have a heavy sales focus. The value of ongoing training for senior management in these organisations is likely to be less valued or appreciated than it might be in other, more developed jurisdictions. The training requirements that would be mandatory in the head office of these firms often do not apply to their DIFC operations. The pace of regulatory change is increasing, and senior management are exposing themselves to personal liability if they do not remain up to date with their myriad obligations in this regard. ?
DIFC Amendment Law Highlights Pressure Points with the Centre
DIFC Law 1 of 2014 (the "Amendment Law") came into force in August 2014. The law makes changes to a variety of existing DIFC laws, and in doing so reveals some of the pressure points that have arisen in recent years.
One of the more significant amendments is a new prohibition against misleading, deceptive, fraudulent or dishonest conduct in relation to financial products or services in the DIFC. The DFSA already had broad powers to prevent conduct of this sort. The amendment suggests that the regulator may have faced some difficulties in recent years in stopping practices it considered misleading, deceptive, fraudulent or dishonest.
Another significant change contained in the Amendment Law is the creation of a new type of fund, the Qualified Investor Fund ("QIF"). The introduction of QIF's, the latest in a line of changes to the DIFC's funds regime, is an acknowledgement that the funds industry has yet to warm to the DIFC as a jurisdiction of choice. The Centre has been operational for a decade, but has yet to gain any real traction with the global funds community. QIF's will be regulated in a less heavy-handed manner, limited to 50 investors, and require an individual minimum investment of US$500,000. ?
Case Note: Rafed Al Khorafi v Bank Sarasin-Alpen (ME) Ltd
The recent decision of the DIFC Courts in CFI 026/2009 Rafed Al Khorafi v Bank Sarasin-Alpen (ME) Ltd, has important implications for financial service providers in the Dubai International Financial Centre (the “DIFC”). In particular, authorized firms in the DIFC should ensure they properly categorize clients and assess the suitability of recommendations and products they offer, especially where complex and high risk investment products are concerned.
In its ruling, the DIFC Court of First Instance (the “Court”) found: (i) Bank Sarasin & Co. Ltd, a Swiss incorporated bank with no registered office in the DIFC (“Bank Sarasin”); and (ii) its DIFC based subsidiary, Bank Sarasin-Alpen ME Limited (“Sarasin-Alpen”), to be in breach of the DIFC Regulatory Law and DFSA regulations. Bank Sarasin and Sarasin-Alpen (together, the “Banks”) were collectively ordered to compensate the Claimants for losses the Claimants incurred as a result of investing in structured financial products offered by the Banks. The Court found that the Banks mis-sold approximately US$200 million worth of financial products to the Claimants and the Banks were ordered to compensate the Claimant an amount likely to exceed US$26.5 million in damages.
The dispute relates to the Claimants’ purchase of certain structured financial products from the Banks in 2007 and early 2008. The total investment by the Claimants amounted to US$200 million. The Claimants financed the investments with loans from a Kuwaiti bank and Bank Sarasin. Following the global financial crisis in 2009, the Claimants’ investments lost value with the result that Bank Sarasin made margin calls which the Claimants could not meet. Consequently, Bank Sarasin liquidated the Claimants’ investments resulting in substantial loss for the Claimants.
The Claimants’ Action
The Claimants’ action against the Banks involved claims in tort and contract, as well as claims for breach of the Dubai Financial Services Authority’s (the “DFSA”) Conduct of Business Module (“COB”) regulations. The key aspect of the judgment centered on an analysis of whether Sarasin-Alpen complied with the COB with respect to (i) verifying whether the Claimants were “[Professional] Clients” or “Retail Clients”, and (ii) the suitability of the bank’s recommendations and transactions in light of the Claimants’ objectives and risk tolerance.
The central issue was whether the Claimants fell within the DFSA regulatory definitions of (i) “Professional Client”1, i.e. sophisticated and experienced purchasers of complex financial instruments, or (ii) whether the Claimants were “Retail Clients”2 i.e. persons who are not a professional and likely inexperienced in the purchase of complex financial products. The category into which the Claimants fell was vital, as the DFSA rules prohibited Sarasin-Alpen from carrying out any investment business with “Retail Customers”. The DFSA rules required Sarasin-Alpen to first carry out a comprehensive assessment in order to determine which category of client it was dealing with, and it was found that Sarasin-Alpen failed to do this properly. The Claimants argued that Sarasin-Alpen breached DFSA regulations by entering into a contract for financial services with a prohibited category of customer, having wrongly categorized the Claimants as “Clients” when they should have been categorized as “Retail Customers.”
The Court held that the Claimants did not meet the DFSA regulatory definition of “Client” and therefore ought to have been treated as “Retail Customers”. The Court found that Sarasin-Alpen did not conduct an adequate investigation to determine (i) whether or not the Claimants could be properly categorized as “Professional Clients,” or (ii) whether or not the financial products were suitable for the Claimants. Although the Court found that the Claimants had executed agreements and declarations wherein they confirmed that they were “Professional Clients”, the Court found on this point: (i) that these agreements and declarations were inter alia incomplete; and (ii) even if they had been completed correctly, Sarasin-Alpen, nonetheless failed to conduct the necessary due diligence to properly ascertain whether the Claimants should properly be designated as “Professional Clients”.
Suitability of recommendations and transactions
It should also be noted that in the Court’s opinion, even if the Claimants had been properly classified as “Professional Clients”, Sarasin-Alpen would still be found to have breached the COB regulations. This is because Sarasin-Alpen failed to exercise reasonable skill and care by recommending and selling the concerned financial products to the Claimants, as they did so without adequately considering the suitability of the recommendation or transaction having regard to the Claimants objectives, risk tolerance and other requirements, as required by DFSA regulations.
The Court concluded that the Banks had committed “a clear case of mis-selling unsuitable investments to an unsophisticated investor . . . without regard to the protection that the Regulatory Law was intended to afford Retail Customers.”3
Regulatory claims against Bank Sarasin
With respect to Bank Sarasin, Sarasin-Alpen’s Swiss based parent company, the Court found that because constituent parts of financial services / transactions took place “in” or “from” the DIFC between the Claimants and Bank Sarasin, the DFSA regulatory regime applied. The Court found that Bank Sarasin provided financial services in the DIFC in breach of the Financial Services Prohibition in Article 41 of the Regulatory Law. The finding was based on the “overwhelming” evidence that Sarasin-Alpen employees based in the DIFC were dealing with the Claimants in the conduct of the business of Bank Sarasin4 and that the client relationship manager’s role “vis a vis Bank Sarasin, was indistinguishable from what it would have been if he had been employed by Bank Sarasin.”5
As a consequence, Bank Sarasin’s contracts with the Claimants were unenforceable and accordingly, the Claimants were entitled to compensation for their losses.
Financial service providers should ensure that they have appropriate internal protocols in place to gather all relevant information on the experience and sophistication of each client to enable them to determine which category of customer they are dealing with, “Professional Client” or “Retail Client”. Firms would also be well-advised to appreciate and exercise reasonable skill and care when assessing the suitability of products and services they recommend and sell given each client’s individual risk tolerance.
Additionally foreign / non-DIFC parent and group entities must be careful to ensure that they are not perceived to be providing financial services in the DIFC without authorization. Similarly, DIFC firms should reassess the presentation and conduct of their business and personnel to ensure that the services they provide are not confused with services and activities of foreign non-DIFC parent or group entities. ?
1 The definition of a Professional Client has changed since the relevant transactions between the Claimants and the Banks took place. The amended definition of Professional Client is set out at COB Rule 2.3.2. Previously, a Client was defined as a Person who the Authorised Firm has determined, prior to the establishment of a relationship, is:
- An individual who:
- has at least $1 million in liquid assets and has provided the Authorised Firm with written confirmation of this fact;
- appears to the Authorised Firm, after analysis, to have sufficient financial experience and understanding to participate in financial markets; and
- has consented in writing to being treated as a Client.
- Any Person who does not meet the criteria in (1) is a Retail Customer.
2 COB Rule 2.3.5 defines a Retail Client as follows: “A Client is a Retail Client to the extent he is not a Professional Client.”
3 See paragraph 432 of the Judgment
4 See paragraph 393 of the Judgment
5 See paragraph 395 of the Judgment