Key Requirements for Service Providers
- Service providers must ensure the accuracy and validity of all documents and data uploaded through the Gateway System.
- Only submissions made by the company’s legal representative (Chief Executive Officer or General Manager) or an authorized employee (Compliance Officer or designated staff member) will be accepted.
- Providers are required to notify the CBK of any resignations among authorized users and promptly request their access rights be revoked.
- The retention of original copies of all documents, especially official government-issued documents like criminal record certificates for partners and leadership candidates, is mandatory.
The circular underscores CBK’s commitment to improving digital oversight and ensuring legal accountability. By strengthening internal controls, protecting against unauthorized actions, and reducing operational and reputational risks, the directive aims to bolster customer trust in the security and integrity of national e-payment systems.
Additional regulatory frameworks cited include Article 33 of the CBK’s Instructions for Regulating Electronic Payment Business (effective from May 14, 2023), which requires firms to establish governance policies, procedures, and oversight mechanisms. Article 27 mandates compliance with Anti-Money Laundering/Countering the Financing of Terrorism (AML/CTF) obligations under Law No. 106/2013 and relevant Financial Action Task Force (FATF) standards.
Furthermore, the CBK has referenced leadership appointment regulations from July 5, 2023, as well as documentation requirements for registering partners and board members effective October 20, 2024. Service providers are required to conduct annual reviews to ensure that board members and key employees are aware of the standards for solvency, integrity, and technical competence. Any changes must be reported immediately, along with proper documentation.
These measures aim to establish a secure and transparent electronic financial environment in Kuwait.