Global Baseline + Host‑Law Appendices
Owner: General Counsel (GC) & Chief Compliance Officer (CCO)
Review cadence: Quarterly and upon any law/regulatory change
Purpose. Define hard boundaries so SNC, NatCos, Program SPVs, and consortium working groups deliver technology/operations only, while all regulated financial activities are executed exclusively by duly licensed partners‑of‑record in each jurisdiction. This policy governs conduct and contract design; it does not authorise any regulated activity.
1) Scope & Layering
- Applies to: All regional consortia (Singapore/APAC, UAE/Middle East, Kenya/East Africa, South Africa/Southern Africa, France/EU, USA/North America, Canada/North America+Arctic, Brazil/Latin America, Senegal/West Africa, Switzerland/GRF Seat), plus all NatCos and Program SPVs.
- Layering: (1) This global baseline; (2) Host‑law appendices per region/country; (3) where rules conflict, the most restrictive applies.
2) Definitions (common)
- Partner‑of‑Record (PoR): A licensed bank/insurer/securities/fund entity (or e‑money/money services/market operator) acting as principal for regulated steps, with license number(s) and supervisory authority identified in the SOW Regulatory Status Annex.
- Non‑custodial Tech/Ops: Software/services that do not: (i) control client funds/keys, (ii) provide investment/insurance advice, (iii) execute/arrange deals, (iv) underwrite insurance, or (v) operate a market/clearing facility.
3) Do‑Not‑Cross Matrix (global form)
Rule: SNC/NatCos/SPVs do not act as principal for any row below. If a project requires any such activity, the SOW must (i) appoint a PoR, (ii) describe SNC’s role as non‑custodial tech/ops, and (iii) include the Regulatory Status Annex completed and signed.
| Domain | Examples (non‑exhaustive) | Status for SNC/NatCos/SPVs | Permitted SNC/NatCo Role (illustrative) |
|---|---|---|---|
| Payments/Money Services | Account issuance; domestic/cross‑border money transfer; merchant acquiring; e‑money issuance; custody of customer funds; money changing; digital payment token (DPT)/virtual asset services | Prohibited as principal | Integrations to PoR; ISO 20022 telemetry; non‑custodial orchestration; reconciliations without fund control |
| Capital Markets | Dealing/arranging in securities/derivatives; market/ATS operation; clearing/settlement; custody of securities; research that is an inducement | Prohibited as principal | Data rails; analytics; surveillance tooling; conformance attestations; non‑advisory dashboards |
| Insurance | Underwriting/reinsurance; broking/intermediation; claims handling as regulated function; premium collection/escrow as principal | Prohibited as principal | Trigger engines; event verification; claims automation tooling; PoR‑controlled escrow/PoP telemetry |
| Funds/Advisory | Fund management; portfolio advice; discretionary mandates; investment research/advice | Prohibited as principal | Non‑advisory screens; risk metrics; model marketplaces (no recommendations); PoR‑delivered advice |
| Lending/Credit | Consumer/SME credit issuance; loan broking; servicing as regulated function | Prohibited as principal | Eligibility rules engines; data connectors; telemetry; non‑custodial servicing support |
| Custody/Keys | Holding client assets/keys; wallet control; private‑key management | Prohibited | Non‑custodial signing integrations; HSM/KMS provided and controlled by PoR/customer |
| KYC/AML as Principal | Onboarding as regulated entity; sanctions screenings as the accountable institution | Prohibited | Provide tooling to PoR; PoR remains the accountable institution |
Marketing/communications add‑on: Public materials must carry status disclaimers (see §6) and must not imply licensing status or guaranteed returns.
4) Triggers & Decision Tree (engagement gating)
Triggers that require Legal/Compliance pre‑clearance before scoping a SOW:
- Any funds flow touching SNC/NatCo accounts (must be removed; funds flow only to PoR).
- Any wallet/keys feature or data that enables SNC to control assets/PII beyond non‑custodial telemetry.
- Any advice or recommendations (investment, insurance, or suitability).
- Any order routing, execution, arranging, binding, or claims settlement authority.
- Any marketplace where orders meet orders (potential ATS/market operator).
- Any escrow where SNC is trustee/fiduciary (must be PoR/regulated trustee).
- Any fee structure that looks like regulated remuneration (commission/brokerage).
- Cross‑border flows with financial content.
Decision tree (summary):
- If no triggers, proceed with non‑custodial SOW (include Annex).
- If triggers present, identify PoR and redesign so SNC provides tech/ops only → route regulated steps to PoR → complete Annex → counsel sign‑off.
- If PoR unavailable, decline or re‑scope.
5) Contracts & Documentation (mandatory)
- SOW Regulatory Status Annex (template in §7): Completed for every engagement; lists PoR(s), license numbers, regulated steps mapping, disclaimers, and client confirmation.
- Role Clauses: (a) Non‑custodial representation; (b) No client‑funds covenant; (c) No advice/investment/insurance undertaking; (d) No market operation; (e) Telemetry only for ISO 20022/settlement; (f) Data‑protection addendum and SDZ.
- Funds‑Flow Exhibit: Diagram shows funds never touch SNC/NatCo accounts; escrow/PoP controlled by PoR.
- Vendor/Partner Diligence: Collect PoR licenses, policy attestations, and contacts; include audit rights.
- Change Control: Any scope change hitting a trigger reopens legal review.
6) Public Disclaimers (short forms)
- General: “SNC and its affiliates provide technology and operational support only and do not conduct regulated financial services. Regulated components are delivered by licensed partners.”
- Payments/VA/DPT: “Not a money‑services/e‑money/DPT service provider. No custody or control of client funds or keys.”
- Capital markets: “Not a broker, dealer, adviser, or market operator.”
- Insurance: “Not an insurer, reinsurer, or intermediary; no binding authority.”
7) SOW Regulatory Status Annex — Template (attach to every SOW)
A. Parties & Scope
- Client: [●]
- Project: [●]
- Jurisdictions: [●]
B. Regulated Steps & PoR Mapping
| Regulated Step | PoR Entity | License Type/No. | Supervisor | SNC/NatCo Role |
|---|---|---|---|---|
| Payments/Transfer/Settlement | [●] | [●] | [●] | Non‑custodial telemetry/integration |
| Custody/Wallet/Keys | [●] | [●] | [●] | No key custody; integration only |
| Capital‑Markets Dealing/Arranging | [●] | [●] | [●] | Data rails/analytics only |
| Market/ATS/Clearing | [●] | [●] | [●] | No market operation |
| Insurance Underwriting/Broking/Claims | [●] | [●] | [●] | Trigger/verification tooling only |
| Fund/Advisory | [●] | [●] | [●] | Non‑advisory dashboards only |
C. Funds‑Flow Diagram attached? Yes/No
D. Disclaimers included? Yes/No
E. Data‑Protection/SDZ Annex attached? Yes/No
F. Approvals: Client [●] • PoR [●] • SNC Legal [●] • Compliance [●]
8) Oversight, Training & Audits
- Registers: Maintain a PoR register with license details and contacts.
- Training: Induction + quarterly refreshers for sales, delivery, product, and legal.
- Audits: Quarterly sample of SOW Annexes, funds‑flow exhibits, public materials; remediation tracked.
9) Enforcement & Breach Handling
- Immediate pause on any scope touching the matrix without Annex/PoR.
- Incident report to GC/CCO within 24h; corrective actions may include contract amendment, suspension, or disengagement; report to regulators as required by PoR.
10) Host‑Law Appendices (equal footing)
Each appendix is authoritative for its region and must be read with this baseline. Do not commence a project without checking the relevant appendix.
-
Appendix SG (Singapore/APAC Host):
Primary laws: PSA 2019, SFA 2001, FAA 2001, Insurance Act 1966.
Supervisors: MAS.
Defaults: No DPT custody; ≥90‑day data lag for any market‑sensitive analytics; MAS sandbox participation only via licensed PoR. -
Appendix UAE (Middle East):
Primary: Federal & free‑zone regimes (ADGM/DFSA, DIFC); payment/market rules vary.
Supervisors: CBUAE, SCA, DFSA/FSRA.
Defaults: PoR must be locally licensed for payments/insurance/securities; free‑zone licence ≠ mainland approval. -
Appendix KE (Kenya/East Africa):
Primary: PSA‑like national laws, CMA, IRA; NIFC regimes.
Supervisors: CBK, CMA‑Kenya, IRA.
Defaults: Mobile money and cross‑border remittances require PoR; fintech sandboxes run via regulators/PoR. -
Appendix ZA (South Africa/Southern Africa):
Primary: FSR Act, FAIS, Banks Act, Insurance Act, PASA.
Supervisors: FSCA, SARB, PASA, PA.
Defaults: Payment clearing/settlement and insurance intermediation require PoR; TPPs via bank programmes. -
Appendix EU/FR (European Union):
Primary: MiCA (where applicable), MiFID II, PSD2, EMIR, IDD.
Supervisors: National (e.g., AMF/ACPR in France) + ESMA/EBA/EIOPA.
Defaults: PoR under local authorisation; passporting rules; RTS on outsourcing; strict advice/inducement rules. -
Appendix US (United States):
Primary: SEC, CFTC, FINRA; state MSB regimes; Banking (OCC/FDIC/FRB); NAIC for insurance; FinCEN for AML.
Defaults: Broker‑dealer/ATS/adviser require PoR; money transmission via licensed MSB/bank partner; surplus lines via licensed entities. -
Appendix CA (Canada):
Primary: CSA provincial securities; OSFI for federal banks; MSB (FINTRAC); insurance provincial.
Defaults: PoR per province; no advice without registration; MSB for transfers. -
Appendix BR (Brazil):
Primary: BACEN, CVM, SUSEP frameworks.
Defaults: Payment/e‑money under BACEN; securities under CVM; insurance under SUSEP; Pix integrations via licensed PoR. -
Appendix SN/WA (Senegal/West Africa):
Primary: BCEAO (UMOA) payments; CREPMF securities; CIMA insurance.
Defaults: Local PoR required; OHADA corporate law for entity formalities. -
Appendix CH (Switzerland/GRF Seat):
Primary: FINMA financial markets acts; FMIA, FinSA, FinIA, BA, AMLA.
Defaults: PoR needed for securities/advice/custody; GRF remains non‑financial; Swiss AML duties for relevant associations if triggered.
11) Governance & Amendments
- Incorporated by reference into all regional operator Charters/Bylaws.
- Class B to amend; Class A required to weaken controls or allow exceptions.
- Effective [●].
Views: 13