CBUAE Compliance for Insurance Brokers: A Practical Checklist

Licensing and registration requirements

• Current, valid CBUAE insurance broker licence displayed and accessible
• Professional indemnity insurance maintained at the required level
• All licensed professionals listed with the regulator are actively employed
• Any changes in ownership, directors, or licensed staff notified within the required window
• Annual renewal submitted before the deadline with all required financial statements

Client records and documentation

Client records are one of the most scrutinised areas in any CBUAE inspection. The regulator expects brokers to maintain a complete file for each client that includes identification documents, needs analysis, communications, and the basis on which specific products were recommended.

In practice, many brokerages fail this requirement not because they lack the documents but because they cannot retrieve them quickly. A customer file distributed across WhatsApp, email, and a shared drive is technically complete but operationally incomplete — it cannot be produced in a coherent form on short notice.

• Client identification verified and documents retained (Emirates ID / passport)
• Needs analysis or fact-find documented for each client
• Product recommendation rationale recorded
• All client communications (including digital) stored and retrievable
• Document retention policy in place (minimum 5 years post-policy expiry)

Anti-money laundering (AML) and KYC

Insurance brokers are subject to UAE AML/CFT requirements and must conduct Know Your Customer (KYC) checks on all clients. This is especially relevant for high-value policies and corporate clients.

• Formal AML/CFT policy and procedures in place
• Customer due diligence (CDD) conducted for all new clients
• Enhanced due diligence applied to higher-risk clients (PEPs, high-value policies)
• Suspicious transaction reporting procedures understood by all staff
• Staff trained on AML/CFT obligations at least annually

Professional conduct and complaints handling

• Written complaints procedure available to clients
• All complaints logged with date received, nature, and resolution
• Complaints escalated within defined timeframes
• Staff remuneration policy does not incentivise mis-selling
• Conflict of interest policy documented and applied

Operational controls

• Segregation of client money from brokerage operating funds
• Premium collection and disbursement records reconciled monthly
• Insurer payments made within contractually agreed timelines
• Access controls on client data — not all staff access all records
• Business continuity plan in place and tested

How technology can help

The common thread in all of the above is record-keeping and audit trail. Modern broker management platforms automatically generate timestamped records of every client interaction, document submission, status change, and communication. This does not eliminate the need for sound compliance processes — but it dramatically reduces the effort of evidencing them.

When a CBUAE inspector asks to see all communications related to a specific client, the answer should be a few clicks, not a multi-day archive search.