Licensed entities should plan ahead to ensure regulatory compliance rather than risk penalties being imposed as a result of deficiencies uncovered following a visit from the Bermuda Monetary Authority.

Regulated entities, including those licensed under the Investment Business Act 2003, the Investment Funds Act 2006 and the Insurance Act 1978, must meet certain minimum criteria. Such entities must make an annual filing with the BMA, certifying that the entity has met these minimum criteria. Consequently, entities should evaluate the minimum criteria regularly, at least annually, and create a plan and timeline for any deficiencies found by their internal review or audit.

The minimum criteria includes, but is not limited to:

• Fit and proper person test;

• Corporate governance; and

• Whether business is conducted in a prudent manner.

Regulated entities are required to evaluate each of their officers, directors, employees and consultants to confirm their fitness and propriety to perform the duties assigned to them. This must be carried out prior to their appointment and at least annually.

The fitness and propriety of an individual encompasses the experience, skills and knowledge relative to the duties and responsibilities that they will fulfil as well as experience, qualifications, and the person’s previous conduct, reputation and character including whether that person has a criminal record, a record of past misconduct, or a record of non-compliance with codes of conduct.

This is probably an area that is best co-ordinated with the human resources department of the regulated entity.

Regulated entities are required to implement corporate governance policies and processes as the BMA considers appropriate given the nature, size, complexity and risk profile of the regulated entity. This requires that the business of the regulated entity be effectively directed by at least two individuals and under the oversight of such number of non-executive directors as the BMA considers appropriate.

The governance framework should establish a structure through which the objectives of the regulated entity can be set, monitored and achieved. In support of this objective, the entity should have a formal business plan that is reviewed at least annually by the Board.

To ensure an effective corporate governance framework, elements that should be considered include:

• Composition and experience of the board, including chairperson and non-executive directors;

• Any committee, their related mandate and frequency of reports to the board;

• Outsourced functions and related contracts;

• Regular meetings of the board with a clear agenda;

• Training to ensure understanding of the role of the board; and

• Sufficient available time to discharge their duties.

In addition, the board should carry out a periodic assessment of the board, as a whole and of individual board members, and senior management.

The board are also responsible for reviewing key policies including risk management, internal controls and compliance.

Regulated entities are required to conduct business in a prudent manner. This means a regulated entity must ensure that it complies with applicable laws and regulations, such as relevant legislation, applicable AML/ATF laws and regulations, codes of conduct issued by the BMA as well as any international sanctions in force in Bermuda.

In addition, certain regulated entities may be required to:

• Have a policy of insurance to cover risks inherent in the operation of its business of an amount that is commensurate with the nature and scale of operations;

• Maintain adequate accounting and other records of its business and systems of control of its business and records; and

• Maintain minimum net asset, capital and liquidity requirements.

An important element is the policies, procedures, risk assessments, document retention, and ongoing monitoring and training to ensure compliance with applicable AML/ATF laws and regulations.

The BMA supervises licensed entities on an ongoing basis to evaluate whether they satisfy the minimum criteria for licensing — and reviews the nature of the provider’s business, the quality of management, the effectiveness of its controls and compliance, the fairness of its treatment of customers and its financial viability. This is designed to ensure that minimum standards are being maintained.

Prudential meetings are generally scheduled annually, while on-site visits are normally scheduled on a three-year rolling basis but may be more frequent depending on the BMA’s assessment of the degree of risk in the business and the effectiveness of the investment provider’s personnel, systems and controls for monitoring risk.

Breaches uncovered by the BMA’s prudential and on-site visits may result in a request to remediate or, if the breach is more serious, could result in severe fines, restrictions placed on the licence or even revocation of licence. The BMA may also publish details of any serious breaches and fines levied.

Consequently, all regulated entities should create a clear and consistent plan of action to evaluate their ability to meet the minimum criteria of licensing under the relevant legislation. Entities should not wait for prudential meetings and/or on-site visits to reveal deficiencies and should instead take a proactive approach.

Lawyer Jennifer Eve is Counsel and a member of the Funds & Investment Services and Private Equity Teams within the Corporate Department at Appleby. A copy of this column is available on the firm’s web site at www.applebyglobal.com

This column should not be used as a substitute for professional legal advice. Before proceeding with any matters discussed here, persons are advised to consult with a lawyer.