Credit Risk Management in AIFC

Credit Risk Management in AIFC

Ramadan Khairullin Yerbol Nazhmidenov

Law Council Group

www.lcg.kz

Introduction

The Astana International Financial Centre (AIFC) is a special financial zone in Astana, Kazakhstan, established to create a hub with its own legal and regulatory regime based on common-law principles. It officially launched in 2018 under a Constitutional Statute of December 2015, which provides the legal framework for the AIFC’s operation and a favorable environment for its participants. Within this framework, credit risk management is a critical component, ensuring that banks and financial firms operate safely and that investors and counterparties are protected from undue credit exposure risks.

Regulatory Authorities and Institutions

The independent regulator of the AIFC is the Astana Financial Services Authority (AFSA), which administers AIFC’s financial regulations and oversees authorized firms. The AIFC also features its own court and arbitration centre to adjudicate disputes in a neutral forum. This institutional setup – an independent regulator (AFSA) and an autonomous AIFC Court – underpins the enforcement of credit risk rules and investor protections. AFSA issues the AIFC’s financial regulations and rules, supervises financial institutions, and has powers to take enforcement action for non-compliance. (court.aifc.kz) Together, these institutions ensure that credit risk is managed within a sound legal framework that instills confidence among investors and counterparties.

In this study, the term insolvency risk is understood as credit risk, as it is traditionally referred to in English-language legal literature. This term encompasses not only the risk of loan default but also a broader range of risks related to the non-performance of obligations under various financial instruments, which, in modern practice, are considered tradable assets on the financial market. These instruments possess inherent value and can be transferred, assigned, or executed for a corresponding fee. For the financial regulator, such obligations represent a subject of legal regulation aimed at ensuring the stability and balance of the financial system.

Legislative and Regulatory Framework for Credit Risk in AIFC

Key Legislation and Rules: Credit risk management in the AIFC is governed by a hierarchy of laws and rules. At the top level is the AIFC Financial Services Framework Regulations (FSFR), which sets out the licensing regime for financial services and the powers of AFSA. Detailed requirements for risk management are contained in the AIFC Banking Business Prudential Rules (BBPR) – a comprehensive rulebook aligned with Basel III standards. These Prudential Rules (AIFC Rules No. FR0023) cover capital adequacy, risk management systems, asset classification, large exposures, and more.

In addition, the AIFC has General Rules and Conduct of Business (COB) Rules that impose broad obligations such as corporate governance, internal controls, and client classification (e.g. distinguishing Retail vs. Professional Clients) to ensure appropriate protections in credit activities.

Under AIFC rules, any firm carrying out a regulated activity related to credit (such as Providing Credit or banking business) must be authorized by AFSA and comply with these regulations. For example, an AIFC firm engaging in lending must hold a license for the regulated activity of “Providing Credit,” and is subject to prudential supervision by AFSA (afsa.aifc.kz). AFSA’s rulebooks explicitly require such firms to establish robust risk management policies covering credit risk, liquidity risk, market risk, etc.

Credit Risk Management Policies: A cornerstone of the AIFC’s legal framework is the requirement that banks and credit institutions maintain an effective credit risk management policy. The Banking Business Prudential Rules state that “a Bank must have an adequate Credit Risk management policy that takes into account the Bank’s risk tolerance, its risk profile and the market and macroeconomic conditions”, and that this policy must “identify, measure, evaluate, monitor, report and control or mitigate Credit Risk in a timely way.” (aifc.kz).

In practice, this means AIFC-authorised banks are legally obliged to have internal processes to assess the creditworthiness of borrowers, set prudent lending limits, monitor exposures, and take action to minimize losses. The rules also require early identification and management of problem assets, and the maintenance of adequate provisions and reserves for bad debts

Capital Adequacy and Exposure Limits: The AIFC’s prudential framework closely follows Basel III norms to ensure institutions hold sufficient capital against credit risks. Banks must maintain capital ratios calculated on risk-weighted assets (RWAs) for credit risk. Notably, the Credit Risk Capital Requirement is defined as 8% of the bank’s risk-weighted on-balance-sheet and off-balance-sheet credit exposures, By law, credit exposures are assigned risk weights according to the nature of the counterparty or collateral (using a standardized approach akin to Basel). Higher-risk loans (e.g. unsecured or to weaker credit counterparties) carry heavier capital charges, incentivizing banks to manage their credit risk profile conservatively. The AIFC also imposes large exposure limits to prevent over-concentration of credit risk. The Prudential Rules dedicate Part II of Chapter 5 to Concentration Risk, including limits on exposures to a single counterparty or group.

Asset Classification and Provisioning: The legal framework requires systematic classification of credit exposures and prompt recognition of impairment. Chapter 5 of the BBPR sets out how banks must classify loans (e.g. performing, past-due, non-performing) and defines “Problem Assets and Impaired Assets” If an asset becomes non-performing (e.g. over 90 days past due) or is otherwise doubtful, the bank must categorize it appropriately and calculate provisions. The rules mandate that provisioning for expected losses be made “before profit is earned”, underscoring that banks cannot ignore credit losses to inflate profits. By enforcing rigorous provisioning and asset classification, the AIFC framework protects investors by ensuring that a bank’s financial statements reflect realistic asset values and that capital is not overstated. These requirements mirror international accounting and prudential standards, reinforcing confidence that AIFC banks manage credit risk prudently.

Investor Protections: The AIFC legal regime builds in several investor protection mechanisms related to credit risk. First, the Conduct of Business (COB) Rules require firms to classify clients as Retail, Professional, or Market Counterparty, and to only offer certain credit services to appropriate client categories. Retail clients enjoy the highest level of protection and can generally only be offered credit if additional safeguards are met. In fact, since the AIFC’s inception, retail banking has been limited. As of a recent assessment, “AIFC banks do not provide retail deposits” and consequently “there is no deposit insurance framework” in place (elibrary.imf.org). This indicates that AIFC-authorised banks largely deal with professional or institutional clients, reducing the risk of retail consumer harm. For non-deposit investments, the AIFC rules on client money and asset safeguarding ensure that investors’ funds are protected (orderly.myafsa.com). Another investor protection aspect is transparency and disclosure. While extending credit, authorised firms must provide clear information on terms and risks. The AIFC’s consumer protection framework (overseen by AFSA’s Consumer department) includes guidance that investors consider their risk appetite and understand obligations before taking on credit or investment products (afsa.aifc.kz). Taken together, these measures aim to ensure that investors (whether as borrowers, lenders, or depositors) are not unknowingly exposed to excessive credit risk and have legal recourse if their rights are violated.

Credit Risk Management in Practice: Examples from AIFC

The AIFC’s legal framework for credit risk is not merely theoretical – it has been tested in practice through AFSA’s supervision and enforcement actions. A notable case study is the 2023 Cashdrive case, which illustrates how the AIFC’s rules function and protect investors in real scenarios. Cashdrive Ltd, an AIFC-licensed finance company, was authorised to carry out the activity of Providing Credit under the condition that it only lend to certain categories of clients (essentially non-retail). In late 2021, the AIFC introduced new currency regulation rules that “prohibited the grant of loans to natural persons resident in Kazakhstan,” allowing AIFC firms to lend only to Kazakh legal entities (in foreign currency) or to individuals who are non-residents (court.aifc.kz). This rule was aimed at protecting local consumers and aligning with national monetary policy – effectively preventing AIFC firms from offering retail loans in local currency which could circumvent domestic financial regulations. In 2022, AFSA’s oversight detected that Cashdrive had entered into multiple loan agreements with individual Kazakh residents, contrary to these restrictions. Upon reviewing quarterly regulatory filings, AFSA found evidence that Cashdrive made 15 loans to natural person clients in Kazakhstan who were not classified as Professional Clients (court.aifc.kz). This raised red flags since it suggested the firm breached both the currency regulation and the client classification rules in the COB module (which require retail clients to meet strict criteria to be treated as professional). AFSA promptly took action by issuing a Written Directive in March 2023, imposing requirements on Cashdrive’s operations and effectively ordering it to cease the non-compliant lending activity. The Cashdrive case went before the AIFC Court (Case No. 35 of 2023) as the firm appealed the regulator’s directive. In its judgment, the AIFC Court outlined the regulatory breaches: Cashdrive had lent to at least 44 individual Kazakh residents by Q4 2022 without proper client classification, a clear violation of the AIFC Currency Rules and COB Rules. The court proceedings examined whether AFSA followed due process and affirmed the importance of complying with AIFC’s credit risk limits. This case demonstrates in practice how the AIFC’s institutional framework handles credit risk management: AFSA used its supervisory tools (reporting requirements and directives) to enforce the rules, and the independent AIFC Court provided a venue for appeal, ensuring fairness and rule-of-law. The outcome underlined that AIFC-authorised firms have strict obligations to know their customers’ status and adhere to prudential limits – ultimately safeguarding the integrity of the AIFC system and the interests of investors. It also showcased that investor protection is taken seriously, as extending credit to unsophisticated borrowers outside permitted parameters triggered decisive regulatory intervention (court.aifc.kz).

Comparative Perspective: AIFC and Other Jurisdictions

The AIFC’s legal framework for credit risk management is largely modeled on international best practices, and it bears many similarities to frameworks in other financial centers such as the Dubai International Financial Centre (DIFC), the United Kingdom, and Singapore. Like the AIFC, these jurisdictions employ Basel Committee standards as the backbone of credit risk regulation, though each adapts them to local context.

DIFC (Dubai): The DIFC in the UAE is an analogous financial free zone with its own regulator, the Dubai Financial Services Authority (DFSA). The DFSA’s prudential regime for banks is also rooted in Basel III. In recent updates, the DFSA has explicitly aimed to implement the “Standardised Approach under Basel III for the calculation of capital requirements for Credit…Risks”, designing a framework “harmonised with Basel III” while “tailored to the risk profile” of firms in its jurisdiction In practical terms, DIFC banks must maintain capital against credit RWAs in the same way (minimum 8% plus buffers), have credit risk mitigation techniques (collateral, guarantees) recognized in capital calculations, and observe large exposure limits comparable to those in AIFC. DFSA rules, like AIFC, mandate that authorised firms have robust internal credit risk management systems and board-approved risk appetite statements. Both jurisdictions also require early identification of problem loans and timely provisioning to protect solvency. A distinctive feature of the AIFC, compared to the general currency regulation regime in Kazakhstan, is the absence of restrictions on attracting non-resident borrowers. In other international financial centers, including the DIFC, this is also a standard practice. Overall, however, the legal architecture in AIFC and DIFC is comparable, with both providing an English-law style environment, independent courts, and regulators that enforce global standards to protect investors and ensure financial stability.

United Kingdom: As the origin of much of AIFC’s legal inspiration, the UK’s regulatory framework (overseen by the Prudential Regulation Authority and Financial Conduct Authority) also emphasizes rigorous credit risk management. UK banks follow the Capital Requirements Regulation (CRR) and PRA Rulebook, which enshrine Basel principles – e.g. minimum capital ratios, standardized and internal ratings-based approaches to credit risk, and limits on large exposures. AIFC’s requirement of 8% capital for credit RWAs mirrors the international Basel/CRR requirement, which the UK has historically applied (and is refining under “Basel 3.1” revisions). The PRA also obliges banks to have detailed credit risk policies, governance (with board oversight similar to AIFC’s requirement for the Governing Body’s role aifc.kz), and stress testing of credit portfolios. One point of divergence is that UK banks engage heavily in retail lending, but they are backed by depositor protection schemes (FSCS insurance) – whereas AIFC’s current framework has avoided retail deposits and thus foregone the need for deposit insurance. Nonetheless, the fundamental legal obligations – to maintain adequate capital and systems to manage credit risk – are consistent between AIFC and the UK. This comparability gives comfort that AIFC’s young regime is on par with established jurisdictions in terms of protecting investors and counterparties from credit risks.

Singapore: The Monetary Authority of Singapore (MAS) similarly imposes strict credit risk management through its regulations and guidelines. Banks in Singapore must adhere to risk-based capital requirements (also using Basel III 8% minima), maintain limits on exposures (Singapore adopts the Basel large exposure framework with a 25% of capital limit in most cases), and follow MAS guidelines on credit risk governance. For instance, MAS requires banks to perform due diligence on credit counterparties and to hold “adequate capital…against credit risks assumed,” including counterparty credit risk. Investors can thus take comfort that the AIFC’s credit risk regulations are benchmarked against those of leading global financial centers.

Conclusion

In summary, the AIFC’s credit risk management framework is not an outlier; it aligns with global norms observed in the DIFC, UK, Singapore and other jurisdictions. Each of these has an independent regulator ensuring that firms manage credit exposures responsibly, maintain adequate financial buffers, and treat clients fairly – objectives that are clearly echoed in the AIFC’s legislation and rules. One distinguishing aspect of the AIFC is its mission to develop a financial market in a transition economy – thus it has taken a cautious approach (e.g. limiting retail banking initially) to build trust. This approach complements the legal framework by reducing the likelihood of credit risk crises in the early stages of the Centre’s development.

Going forward, as the AIFC continues to grow, its legal framework for credit risk will likely evolve – incorporating new Basel reforms and expanding to cover a broader range of financial products. Yet the fundamental commitment is already in place: to safeguard the stability of the financial system and the interests of investors through a rigorous legal and regulatory approach to credit risk management.

References

AFSA (Astana Financial Services Authority). (n.d.-a). AIFC Banking Business Prudential Rules (BBPR) [AIFC Rules No. FR0023].Retrieved from https://afsa.aifc.kz/

AFSA (Astana Financial Services Authority). (n.d.-b). Conduct of Business Rules (COB). Retrieved from https://afsa.aifc.kz/

AFSA (Astana Financial Services Authority). (n.d.-c). Financial Services Framework Regulations. Retrieved from https://afsa.aifc.kz/

AFSA (Astana Financial Services Authority). (n.d.-d). Client classification guidance.Retrieved from https://afsa.aifc.kz/

AFSA (Astana Financial Services Authority). (2023, March). Written directive to Cashdrive Ltd.Retrieved from https://afsa.aifc.kz/

AFSA (Astana Financial Services Authority). (2023). AIFC Currency Regulation Guidance Notes. Retrieved from https://afsa.aifc.kz/

AIFC (Astana International Financial Centre). (n.d.). About AIFC. Retrieved from https://aifc.kz/

AIFC Court. (2023). Cashdrive Ltd v. AFSA, Case No. 35 of 2023. Retrieved from https://court.aifc.kz/

Dubai Financial Services Authority. (2022). Consultation Paper No. 150: Capital requirements and credit risk standardised approach under Basel III. Retrieved from https://dfsa.ae/

Financial Conduct Authority (FCA). (2021). Prudential Regulation Authority Rulebook. Retrieved from https://www.bankofengland.co.uk/prudential-regulation

Monetary Authority of Singapore. (2020). Guidelines on Risk Management Practices – Credit Risk. Retrieved from https://www.mas.gov.sg/

World Bank. (2022). Kazakhstan Financial Sector Assessment Program: A review of the AIFC’s regulatory framework. Retrieved from https://www.worldbank.org/

International Monetary Fund. (2023). Kazakhstan: Article IV Consultation Report. Retrieved from https://www.imf.org/