The Cayman Islands Monetary Authority (CIMA) released an updated rule in April 2023 in relation to corporate governance for regulated entities (Rule) and associated statement of guidance for mutual funds and private funds (Guidance).
The Rule will bring about several changes to the previous corporate governance requirements for regulated entities and the Guidance extends to private funds, which was not previously covered. The Rule and Guidance create binding obligations on all entities regulated by CIMA. A breach of a Rule may lead to the issuance of a fine or regulatory action being taken by CIMA.
Which regulated entities does the Rule apply to?
The Rule applies to the following entities that are regulated by CIMA: banks, trust companies, company management, insurance companies, mutual funds, private funds, money services businesses, credit unions and building societies.
What is the objective of the Rule and the Guidance?
Under the Rule, the governing body (which can be the board of directors, general partner or managing members) of a regulated entity (Governing Body) must establish, implement and maintain a corporate governance framework that provides for diligent management oversight and protects the legitimate interests of all its stakeholders.
The Guidance is intended to assist mutual funds and private funds with interpreting the Rules for implementation in the funds context.
What governance measures must be in place?
- Corporate Governance Manual: A corporate governance manual that establishes the entity's corporate culture, business objectives and business strategy and explains how the business objectives and strategy will be achieved in line with the entity's long term goals.
The manual should also include (i) a succession plan for directors and Senior Management[1], (ii) clearly defined roles and responsibilities allocated to the Governing Body, Senior Management and the Control Functions[2].
- Communication of Corporate Governance Manual: The corporate governance manual should be communicated to Senior Management and persons responsible for Control Functions.
- Skills of Governing Body: The Governing Body should be compromised of an adequate number of individuals with a variety of skills, backgrounds and experience that ensure that there is an appropriate level of competence in order for the entity to have prudent and ethical oversight and governance. The Governing Body must perform its function with the care, skill and diligence that would be exercised by a reasonably diligent person with the general knowledge, skill and experience of an individual part of the Governing Body of the entity and in accordance with any applicable fiduciary duties.
- Internal Governance and Procedures: Internal governance and procedures should be documented to support efficient, objective, independent judgement and decision making by the Governing Body such as policies on managing conflict of interests, private transactions, self-dealing, and preferential treatment of favoured internal and external entities.
The areas that the governance procedures must cover are as follows:
- Independence criteria: There must be a clear and objective independence criteria which must be met by the Governing Body to promote objectivity in decision making and prevent undue influence by the Senior Management.
- Complaints procedure: The Governing Body must be made aware of any issues or complaints raised and be satisfied that an appropriate and timely course of action is taken and documented.
- Code of conduct: A code of conduct must be put in place upholding the following principles: selflessness, integrity, objectivity, accountability, openness, honesty and leadership.
- Remuneration policy: The Governing Body must adopt and implement a remuneration policy for the remuneration of the Governing Body, Senior Management and employees in a Control Function and the policy must (i) not permit excessive or improper risk taking, (ii) align with the risk appetite, culture, objectives, strategy and long-term interests of the entity, and (iii) consider the interests of the stakeholders of the entity.
- Outsourcing: All outsourcing by the Governing Body must be documented and monitored to ensure the services provided continue to meet the needs of the entity and comply with its obligations. The Governing Body retains responsibility for the functions delegated.
- Documentation: Decisions taken by the Governing Body should be adequately documented and maintained in accordance with the entity's recordkeeping policy and statutory obligations.
- Appointment & Termination Procedures: The nomination, appointment, resignation, disqualification and termination procedures for directors and Senior Management and sub-committees should be documented and it should be ensured that no single person has unfettered control of the business.
- Minimum Time Commitment: Non-executive directors must state a minimum time commitment with respect to their role in their letter of appointment. For engagements already in place, the Governing Body should confirm with the non-executive directors the time commitment required.
- Compliance Committee: The Governing Body must appoint a compliance committee or individual with the duty to report directly to the Governing Body on all compliance matters. The nature and complexity of the business should be taken into consideration when determining whether the role can be undertaken by a committee or an individual.
For mutual or private funds, taking into account the complexity, size, nature of business and risk profile of the fund, this obligation may be discharged by the Governing Body by receiving a report, at least annually, directly from the anti-money laundering compliance officer, or another suitability qualified compliance or legal professional.
- Audit Committee: The Governing Body must appoint an audit committee to be responsible for:
- the financial reporting process, oversight of the entities internal and external auditors;
- recommending to the Governing Body the approval, appointment, compensation and dismissal of auditors;
- reviewing and approving the audit scope and frequency; and
- receiving key audit reports and ensuring that Senior Management take appropriate action to correct any issues highlighted by the auditors.
The nature and complexity of the business should be taken into consideration when determining whether the role can be undertaken by a committee or an individual.
What are the ongoing obligations of the Governing Body?
- Management Structure: The Governing Body has responsibilities to ensure that the entity's management structure is proportionate, and aligned with its size, complexity, structure, nature of business and the risk profile of its operations. For regulated mutual or private funds, the Governing Body should take into account the assets under management and number of investors.
- Communication with CIMA: The Governing Body has various obligations to communicate with CIMA with transparency and honesty, in relation any substantive issues which would materially affect the entity, including financial soundness and non-compliance, and is required to respond promptly to any requests received from CIMA.
- Oversight: The Governing Body must consistently monitor Senior Management and service providers to ensure effective governance and compliance with regulations, constitutional documents, policies and procedures and investment criteria and strategies (where applicable). Where non-compliance is identified, it should implement measures for remediation where necessary.
- Communication with Investors: For mutual or private funds, material changes should be communicated to investors.
- Annual obligations: At least once per year, the Governing Body should[3]:
- conduct and document in formal minutes a meeting of the Governing Body;
- disclose conflicts of interest in a meeting;
- review the strategic objectives and policies of the entity and either amend or re-adopt them as appropriate;
- evaluate the progress made towards achieving the strategic objectives;
- review the collective skill set of the Governing Body and determine if any training or outsourcing is required;
- self-assess the performance of the Governing Body members and document and remedy any gaps identified;
- review the risk assessment and risk management systems to ensure that all significant risks are being adequately measured, monitored and mitigated;
- review the internal controls of the entity, ensuring they are operating effectively and that any deficiencies are adequately addressed;
- review the remuneration policy; and
- confirm to the non-executive directors the minimum time commitment expected on an annual basis at the beginning of the entity's financial year.
Deadline for Implementation
The Rule is effective on 14 October 2023.
Regulated entities must review and update or adopt appropriate measures prior to the deadline.
How can we help?
It is crucial for regulated entities to review their current record-keeping practices and make any necessary adjustments to ensure compliance. Our team of legal and regulatory experts can assist you with the following services:
- Compliance Review: conducting a gap analysis of your existing corporate governance framework to identify any areas that may need improvement or adjustment to meet the Rule and Guidance.
- Drafting and Reviewing Corporate Governance Policies: We can help you develop or update your corporate governance policy in compliance with the Rule and Guidance.
- Offering Document Updates: We can review your offering documents or other disclosure materials to determine if they need amendment to reflect your updated corporate governance policies and can help you draft these revisions.
Please contact your usual Collas Crill contact or regulatory@collascrill.com for further details and assistance.
References
[1] Senior Management includes the heads of divisions and persons who fulfil the role of a senior manager by conducting functions such as daily planning, supervision, administration and the execution of the entity's objectives and strategy
[2] Control Functions properly authorised functions, whether in the form of a person, unit or department, serving a control or checks and balances function from a governance standpoint and which carry out specific activities including strategy setting, risk management, compliance, actuarial matters, internal audit, and similar functions.
[3] Additional obligations apply to portfolio insurance companies.