THE RESOLUTION OF BOARD OF THE AGENCY OF THE REPUBLIC OF KAZAKHSTAN ON REGULATION AND DEVELOPMENT OF THE FINANCIAL MARKET

of December 27, 2024 No. 93

About modification and amendments in the resolution of Board of National Bank of the Republic of Kazakhstan of July 28, 2017 No. 136 "About approval of Rules of provision of banking services and considerations by banks, the organizations performing separate types of banking activities, addresses of the clients arising in the course of provision of banking services" and the resolution of Board of National Bank of the Republic of Kazakhstan of November 12, 2019 No. 188 "About approval of Rules of forming of risk management system and internal control for banks of the second level, branches of nonresident banks of the Republic of Kazakhstan"

List of amending documents

Board of the Agency of the Republic of Kazakhstan on regulation and development of the DECIDES: financial market

1. Bring in the resolution of Board of National Bank of the Republic of Kazakhstan of July 28, 2017 No. 136 "About approval of Rules of provision of banking services and considerations by banks, the organizations performing separate types of banking activities, addresses of the clients arising in the course of provision of banking services" (it is registered in the Register of state registration of regulatory legal acts at No. 15541) the following changes and amendment:

in Rules of provision of banking services and considerations by banks, the organizations performing separate types of banking activities, addresses of the clients arising in the course of provision of the banking services approved by the specified resolution:

state Items 8-4, 8-6 and 8-7 in the following edition:

"8-4. The bank to the conclusion of the agreement of bank loan by means of the Internet enters data on subscriber number of the structure of cellular communication of the client, directs the one-time password to the specified number and carries out biometric identification of the client by means of use of services of the Center of exchange of identification data or with use of the biometric data obtained by means of devices of bank and represents to the client, in addition to the data and documents provided by the subitem 1) of Item 7 of Rules, the following information on bank loan:

1) term of provision of bank loan;

Limiting 2) amount and currency of bank loan;

3) remuneration rate type: fixed or floating, procedure of payments if the rate of remuneration is floating;

4) the remuneration rate size in annual interests and its size in reliable, annual, effective, comparable basis (actual cost) for date of the address of the client;

5) the exhaustive list and the sizes of the commissions, rates and other expenses connected with obtaining and servicing (repayment) of bank loan for benefit of bank;

6) responsibility and customer risks in case of default on obligations of the agreement of bank loan;

7) responsibility of the pledger, guarantor, guarantor and the other person, being the agreement party about providing loan.

The requirement about carrying out biometric identification of the client provided by part one of this Item does not extend in case of the conclusion by means of the Internet of the agreement of the bank loan providing use of payment card for implementation of payments and (or) money transfers within the amount of the issued bank loan.

8-6. In case of biometric identification of the client protection against use of the static image or video for counterfeit of biometric data of the client is provided.

8-7. In case of identification of illegal distribution of personal data of the client by bank the bank realizes additional security measures, including without limitation:

1) repeated biometric identification of the client;

2) check of accessory to the client of its subscriber number by reconciliation of the individual identification customer number with individual identification number of the owner of subscriber number in the database of mobile operator or receipt of information on accessory to the client of this subscriber number by reconciliation of the individual identification customer number in base of numbers of mobile phones of clients by means of the web portal of "the electronic government";

3) checking call on the subscriber number of the structure of cellular communication of the client with informing the client on stealing of its personal data specified by the client and the recommendation about establishment by the client of voluntary prohibition on registration of the credits.";

add with Item 29-1 of the following content:

"29-1. The addresses of clients arriving through objects of informatization of bank including through mobile application are registered according to the procedure, provided by internal documents of bank. For these purposes in objects of informatization, including in mobile application the functionality which is easily identified by the client for submission of the claim is (in the presence) provided.".

2. Bring in the resolution of Board of National Bank of the Republic of Kazakhstan of November 12, 2019 No. 188 "About approval of Rules of forming of risk management system and internal control for banks of the second level, branches of nonresident banks of the Republic of Kazakhstan" (it is registered in the Register of state registration of regulatory legal acts at No. 19632) the following changes and amendments:

in Rules of forming of risk management system and internal control for banks of the second level, branches of the nonresident banks of the Republic of Kazakhstan approved by the specified resolution:

state Item 2 in the following edition:

"2. In Rules the following concepts are used:

1) risk of information security - probable emergence of damage owing to violation of confidentiality, deliberate violation of integrity or availability of data assets of bank;

2) risk of information technologies - probability of emergence of damage owing to refusal (functioning violation) of the information and communication technologies operated by bank;

3) the center of data exchange for payment transactions with fraud signs – the legal entity of National Bank of the Republic of Kazakhstan who performs the measures directed to prevention of payment transactions with fraud signs (further – the NBRK antifrod-center);

4) the database of incidents with fraud signs - base of incidents with fraud signs which is conducted by bank in electronic form;

5) fraud risk – probability of emergence of financial losses and reputation risks owing to fraudulent actions from the third parties and (or) employees of bank;

6) antifrod-system of bank – complex of the technical and analytical measures directed to prevention and detection of transactions with fraud signs by provision of banking services;

7) authorized collegiate organ of bank - the board of directors, committee in case of the board of directors, board, committee under board;

8) reputation risk - probability of emergence of losses, non receipt of the planned income in result of narrowing of client base, decrease in other indicators of development owing to forming in the society of negative idea of reliability of bank, quality of the services rendered to them or nature of activities of bank in general;

9) dropper – the person which provided to the third party access to the bank account and (or) means of electronic payment, and equally gave the payment instruments to use to the third party including, for the material remuneration which entailed them unauthorized use in illegal transactions;

10) legal risk - probability of emergence of losses owing to non-compliance by bank or the partner of requirements of the civil, tax, bank law of the Republic of Kazakhstan, the legislation of the Republic of Kazakhstan on state regulation, control and supervision of the financial market and the financial organizations, legislations of the Republic of Kazakhstan on currency control and currency exchange control, on payments and payment systems, on provision of pensions, on the security market, on financial accounting and the financial reporting, on credit bureaus and forming of credit stories, on collection activities, on obligatory guaranteeing deposits, on counteraction of legalization (washing) of income gained in the criminal way, and to terrorism financing, about joint-stock companies, and in the relations with nonresidents of the Republic of Kazakhstan - legislations of the country of its origin, and also conditions of the signed agreements;

11) internal process of assessment of capital adequacy - set of processes of management of substantial risks, taking into account amount of assets, nature and level of complexity of activities, organizational structure, strategic plans, risk profile of bank, the regulatory legal base, assessment and aggregation of such risks for the purpose of determination of the target objective of capital adequacy of bank for maintenance of stable financial position and solvency.

The capital of branch of nonresident bank of the Republic of Kazakhstan is understood as the assets of branch of nonresident bank of the Republic of Kazakhstan accepted as reserve, calculated according to requirements of the resolution of Board of the Agency of the Republic of Kazakhstan for regulation and development of the financial market of February 12, 2021 No. 23 "About establishment of prudential standard rates and other regulations and limits, obligatory to observance, for branches of nonresident banks of the Republic of Kazakhstan (including branches of Islamic nonresident banks of the Republic of Kazakhstan), their normative values and technique of calculations, including procedure for forming of assets of branches of the nonresident banks of the Republic of Kazakhstan (including branches of Islamic nonresident banks of the Republic of Kazakhstan) accepted as reserve, and their minimum size", registered in the Register of state registration of regulatory legal acts at No. 22213 (further – the Resolution No. 23);

12) capital funding plan - set of procedures and the action plan for response to critical decrease in the capital of bank;

13) the statistical magazine of cost of mortgage providing - the internal magazine of costs of mortgage providing including the description and the characteristic of mortgage providing, information following the results of the first and most urgent estimates of independent quality evaluation (date of assessment, the name of independent quality evaluation, cost, evaluation method), the conclusions of mortgage service (date, cost), the reasons of distinction of costs, information on realization (in the presence);

14) unsecured consumer loan - the bank loan without condition about pledge at the time of issue granted physical person on the purposes which are not connected with implementation of business activity;

15) komplayens-risk - probability of emergence of losses owing to non-compliance by bank and its workers of requirements of the civil, tax, bank law of the Republic of Kazakhstan, the legislation of the Republic of Kazakhstan on state regulation, control and supervision of the financial market and the financial organizations, legislations of the Republic of Kazakhstan on currency control and currency exchange control, on payments and payment systems, on provision of pensions, on the security market, on financial accounting and the financial reporting, on credit bureaus and forming of credit stories, on collection activities, on obligatory guaranteeing deposits, on counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing, about joint-stock companies, the internal documents of bank regulating procedure for rendering by bank of services and carrying out transactions in the financial market and also the legislation of foreign states, the bank exerting impact on activities;

16) corporate management - system of relations between bank board (the relevant executive body of nonresident bank of the Republic of Kazakhstan which branch is open in the territory of the Republic of Kazakhstan leading employees of branch of nonresident bank of the Republic of Kazakhstan), the board of directors (relevant organ of management of nonresident bank of the Republic of Kazakhstan which branch is open in the territory of the Republic of Kazakhstan) of shareholders, leading employees and auditors, and also relations between authorized collegiate organs of bank.

The corporate management system allows to organize distribution of powers and responsibility, and also to construct corporate decision making process;

17) credit risk - the probability of emergence of losses arising owing to failure to carry out by the borrower or partner of the obligations in accordance with the terms of the agreement of bank loan;

18) creditworthness - the complex legal and financial characteristic of the borrower provided by financial and non-financial performance, allowing to estimate its opportunity in the future completely and in time to fulfill agreement obligations of bank loan;

19) the credit agreement - the agreement between bank and the borrower on financing provision (including conditional financing) as a result of which the bank has (or will arise in the future) requirements to the borrower;

20) funding plan on case of contingencies - set of procedures and the action plan for response to decline in the ability of bank timely to answer for the obligations;

21) supervising stress testing is the tool of authorized body directed to assessment of financial stability of banks to hypothetical (stressful) scenarios of succession of events. Banks based on methodology, single for all participants of supervising stress testing, and scenarios carry out calculations with use of internal models and stress testings report to authorized body results. At the same time banks are responsible for proper quality of the carried-out calculations and results of stress testing;

22) authorized body on financial monitoring - the state body performing financial monitoring and taking other measures for counteraction of legalization (washing) of income gained in the criminal way, to terrorism financing, financing of distribution of weapons of mass destruction;

23) division owner of the protected information - division of bank, the owner of information, violation of confidentiality, integrity or availability of which will lead to losses for bank;

24) critical data asset - the data asset determined according to the resolution of Board of National Bank of the Republic of Kazakhstan of March 27, 2018 No. 48 "About approval of Requirements to ensuring information security of the banks, branches of nonresident banks of the Republic of Kazakhstan and the organizations performing separate types of banking activities, Rules and terms of provision of information on incidents of information security, including data on violations, failures in information systems", registered in the Register of state registration of regulatory legal acts at No. 16772 (further – the Resolution No. 48);

25) substantial risk - risk which realization will lead to deterioration in financial stability of bank;

26) conflict of interest - situation in case of which there is contradiction between personal interest of officials of bank (officials of governing body, executive body of nonresident bank of the Republic of Kazakhstan which branch is open in the territory of the Republic of Kazakhstan, leading employees of branch of nonresident bank of the Republic of Kazakhstan), its shareholders and (or) his workers and proper execution of the ex-officio full powers by them or valuable and other interests of bank and (or) its workers and (or) clients which will entail adverse effects for bank and (or) its clients;

27) market risk - the probability of emergence of financial losses according to balance sheet and off-balance sheet items caused by adverse changes of market situation, which is expressed in changes of market interest rates, foreign exchange rates, market value of financial instruments, goods;

28) operational risk - probability of emergence of losses as a result of inadequate and insufficient internal processes, human resources and systems, or influences of external events, except for strategic risk and reputation risk;

29) information on sustainable development (ESG (Environmental, Social, Governance (Invayrenmentl, Soushl, Gavernens) - information which is the non-financial information in the field of sustainable development opened by bank within the report on sustainable development (ESG).

30) the report on sustainable development (ESG (Environmental, Social, Governance (Invayrenmentl, Soushl, Gavernens) - the report and (or) the annual statement including environmental issues, social responsibility and functioning of management system environmental and social risks, corporate management systems;

31) internal process of assessment of sufficiency of liquidity - set of risk management processes of liquidity, for the purpose of maintenance of the proper level of liquidity by bank and implementation of proper risk management system of liquidity in different time frames depending on types of activity, currencies;

32) liquidity risk - probability of emergence of financial losses as a result of inability of bank to fulfill the obligations at the scheduled time without substantial damages;

33) interest risk - risk of emergence of financial expenses (losses) owing to adverse interest rate realignment on assets, liabilities of bank;

34) policy - the internal document approved by the board of directors of bank determining the key quantitative and high-quality parameters, the principles, standards providing effective functioning of bank and compliance of its activities of strategy, risk profile, risk appetite. Within policy the board of directors of bank provides availability of the relevant internal documents, the describing separate procedures, processes, instructions;

35) strategic risk - probability of emergence of losses as a result of the mistakes (shortcomings) made in case of decision making, determining strategic development of bank and which are expressed in insufficient accounting of the possible dangers inherent in activities of bank, the wrong or insufficiently reasonable determination of perspective activities in which the bank will reach benefit before competitors, absence or providing in incomplete amount of the necessary resources and organizational measures providing achievement of strategic objectives of activities of bank;

36) stress testing - evaluation method of potential influence of exclusive, but possible events on financial condition of bank;

37) risk - probability that the expected or unexpected events will exert negative impact on financial stability of bank, its capital and (or) the income;

38) risk profile - set of types of risk and other data characterizing degree of exposure of bank to the risks inherent in all types of activity of bank for detection of weaknesses and determination of priority of the subsequent actions within risk management system;

39) risk appetite - the aggregated (aggregated) level (levels) of substantial risks (limits of the admissible extent of risk) which (which) the bank is ready to accept or intends to exclude in case of strategy implementation;

40) the statement risk appetite - the document approved by the board of directors of bank describing the aggregated (aggregated) level (levels) of substantial risks (limits of the admissible extent of risk) which (which) the bank is ready to accept or intends to exclude in case of strategy implementation. The statement risk appetite contains the statement of high-quality nature, and also quantitative nature, including indicators concerning profitability, the capital, liquidity, risks, other applicable indicators;

41) risk culture - the processes, procedures, internal regulations of bank directed to understanding, acceptance, management and control of risks for the purpose of minimization of their influence on financial condition of bank and also ethical standards and standards of professional activity of all participants of organizational structure. The risk culture supplements the existing approved procedures, processes and mechanisms of activities of bank and is the integral component of risk management system;

42) processing of risk - selection process and implementation of measures for change of risks;

43) the risk register - the structured list is risk, containing criteria and origins of risks, probability of their origin, impact (damage), priority and methods of processing of risk;

44) authorized body - the state body performing state regulation, control and supervision of the financial market and the financial organizations;

45) organizational structure - the internal document and (or) set of the internal documents installing the quantitative structure and system of governing bodies, leading employees and structural divisions of bank reflecting structure of subordination, accountability;

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info