Factors that CIMA considers when deciding whether to approve an application for a licence include whether the directors and management are fit and proper to carry out the responsibilities entrusted to them, who will have ownership and control, financial resources, internal systems and controls, the entity’s record keeping and know-your-customer policy (KYC is an important part of the fight against financial crime), compliance with industry standards, track record and viability. In the case of entities that are part of larger, international entities, another factor it takes into account when deciding on a licence application is whether the applicant is in good standing with the home country supervisor and whether the entity will be included in the consolidated supervision of the home country supervisor.
Once entities are licensed, CIMA’s role becomes one of supervision.
On-site monitoring involves carrying out inspections at a licensee’s offices. CIMA teams go in and examine the licensee’s documentation, reviews procedures, etc. and provides a report to the licensee regarding any issues, with recommendations for any corrective action. It then monitors the institution to ensure the recommendations are implemented.
Off-site monitoring involves analysing documents that licensees/registrants must submit (e.g. audited financial statements and statutory filings), as well as holding meetings with licensees/registrants to discuss developments and plans (which it refers to as prudential meetings).
CIMA will do a risk-assessment of the entity and will attach a risk rating to the entity. This is a classification that CIMA uses to decide how much monitoring the entity needs. The risk rating will determine how often CIMA carries out inspections and meetings for each licensee/registrant. This system is known as the risk-based approach to supervision and is used by many regulators around the world.
CIMA provides further ongoing supervision by requiring licensees and registrants to notify CIMA of any significant changes to the business. The regulatory laws specify that licensees must get CIMA’s approval before making changes, for example, to business plans, shareholdings or directors. They also are required to notify CIMA about certain other changes. In the case of funds, the fund operators are to notify CIMA of any material changes to the fund offering documents/private placement memorandums within 21 days of those changes.
Compliance and enforcement
The general issues that may result in CIMA taking action include: if a licensee is, or appears to be, unable to meet its obligations as they fall due; if it is carrying on business that is, or is likely be detrimental to the interests of the public, stakeholders or any other third party; if it contravenes regulatory laws, regulations, a condition of its licence or CIMA rules, if the direction and management of the company is not being carried out in a fit and proper manner or a person holding a position as a director, manager or officer of a regulated entity’s business is not a fit and proper person to hold the respective position.
Where appropriate, CIMA will work with the entity in an attempt to resolve the issue before taking formal enforcement action. The range of enforcement actions include: the revocation of an entity’s licence or registration; requiring the entity to substitute a director, manager, or officer; imposing or adding conditions on a license; appointing a person to advise the entity on the conduct of its affairs; appointing a person to assume control of the affairs of the entity; or applying to the Grand Court of the C ayman Islands for the entity to be wound-up.