Regulatory Focus: Dubai Financial Services Authority (DFSA) CPD Requirements

Regulators often shy away from prescribing CPD requirements for individuals working in regulated firms. This is because they can easily get into very difficult territory.

Lawyers and accountants in most jurisdictions are required to complete compulsory CPD, but the requirements are rarely explicit as to content and structure. It is tricky to prescribe a “one size fits all” approach and, therefore, it is easy to rely on general principles, such as the FCA’s rule which states that “a firm must employ personnel with the skills, knowledge and expertise necessary for the discharge of the responsibilities allocated to them”1.

The FCA then goes on to require qualifications for those staff whose roles involve giving advice to retail customers, requiring them to complete a minimum of 35 hours of CPD, of which 21 hours must be structured. It is quite rare for regulators to require CPD for the most senior members of a firm, but the DFSA made this decision last year and the requirements came into force in January of this year.

What is driving this change?

Before we look at the requirements, it is worth looking at why the DFSA decided to implement them. In their Consultation Paper 122, tucked away among other miscellaneous changes, were the drivers behind this. These included:

• The existing rules requiring competence at all levels did not provide the DFSA with “a high level of certainty as to what levels of competence are needed by their employees to carry out their functions effectively and in accordance with the applicable requirements”
• The DFSA recognises that there have been high profile instances of mis-selling and poor classification of customers
• The DFSA has noticed a lack of appropriately qualified candidates to fill the role of Head of Compliance 
• Staff misrepresenting what business could be conducted from offshore (i.e. the DIFC) and onshore offices

All of this has been set against the DFSA’s concern over the cost of compliance. The DFSA has stopped short of prescribing specific qualifications (which certain other regional regulators have imposed) but have not ruled this out in the future.

The result of this deliberation is that the Senior Executive Officer (SEO), Compliance Officer (CO) and Money Laundering Reporting Officer (MLRO) of authorised firms must complete a CPD requirement of 15 hours’ structured activity per year. The DFSA made it clear that its Supervision team will expect the requisite CPD records to be made available and will also look at a sample of people’s records to assess compliance with the Rules.

How should SEOs, COs and MLROs respond to this requirement?

What everybody needs is something which is flexible, relevant to their responsibilities and cost-effective. There is also the additional consideration of the extent to which COVID-19 will affect normal business activities in the coming months.

We have developed a solution that not only complies with the DFSA’s CPD requirement but also ensures that relevant individuals keep updated on the issues which are most relevant to the DFSA and to running a compliant, regulated business.

Meeting the DFSA requirements online: 12 video tutorials + 4 eLearning modules

We have constructed a series of twelve video tutorials, to be published over the course of the coming year, covering key regulatory topics.

These 12 hours of structured CPD will be supplemented by offering access to four 45-minute eLearning modules, thereby achieving the 15 hours of relevant, structured CPD for authorised individuals. Each tutorial will be available live approximately once a month. Each module will then be available to access through our CPD learning portal.

This means that SEOs, COs and MLROs will have the flexibility of attending either the live online seminars or viewing the same content at a time that suits them.

The series includes all of the most relevant topics for today’s senior executives in a DFSA-regulated business. The topics have been developed bearing in mind both key regulatory risks and the DFSA’s stated priorities. Click here for details of our DFSA SEO & Compliance CPD Programme.

That said, each Authorised Individual should look at their own role, consider the competencies required for that role and address their own training needs accordingly.

Our collection of subjects is designed to meet the needs of most Authorised Individuals who are subject to the requirements, but it is important that you should look at your own training needs and ensure that they are met.

Moreover, it is often the case in smaller firms that one individual will occupy more than one of the three functions. For example, the MLRO and Head of Compliance roles may be assumed by the same person. Individuals in these positions should adopt a sensible approach.

If there are common elements that are mandatory or compulsory for each role, they will be able to rely on those mandatory elements by doing them once, with the elements counting as part of the 15 hours for each role. However, care should ultimately be taken to ensure that each Authorised Individual can justify the full 15 hours for each of their roles.

If you are an Authorised Individual and you wish to discuss how we can assist you in meeting the requirements, contact us. 

Each tutorial will be given by one of the Academy’s seasoned trainers, all of whom have extensive experience in delivering training in the region. 

1. The FCA’s “Competent Employees Rule”