Etihad Law

Facebook X-twitter Linkedin Instagram Icon-mail

Digital Bank – Pre-License Stage​

Digital Bank - Pre-License Stage

Overview

Before any application for a digital bank license can be submitted to the CBI, a substantial body of legal, financial, governance, and technical work must be completed. The framework establishes a defined set of conditions precedent requirements that must be met, or meaningfully commenced, before the application will be assessed.

This article sets out those pre-license conditions in legal terms, organized by category. It is intended to serve as a practical guide for founders, legal advisers, and compliance teams preparing for the application process.

It is important to note that the pre-license conditions are assessed against a defined timeline. The deadline for submitting an application for preliminary approval together with the required documentation demonstrating compliance with initial conditions is 30 June 2026. Applications submitted after this date, or applications that are materially deficient in their supporting documentation, will not be processed in the first assessment cycle.

 

1. Capital

The first and most fundamental pre-license condition is financial: the founding shareholders must have paid up the initial tranche of IQD 30 billion before the application is submitted. This is not a commitment or an undertaking to pay it is a requirement for actual payment.

The application must be accompanied by evidence that this initial capital has been received and is available to the bank. The CBI will not process an application that does not demonstrate satisfaction of this condition.

The full capital requirements including the phased payment schedule, capital composition, and adequacy ratios are examined in Article 3 of this series.

 

2. Legal Incorporatio

A digital bank in Iraq must be established as a joint stock company under Iraqi company law. Before an application can be submitted, the founding entity must be legally constituted or be in an advanced stage of constitution in the required corporate form.

The application must include a copy of the company’s articles of association and internal regulations. These documents must reflect the mandatory provisions required by the digital bank framework, including the shareholder agreement conditions relating to nominee arrangements, pledge prohibitions, tag-along rights, and rights of first refusal.

The CBI will assess whether the corporate structure of the applicant is consistent with the licensing requirements. Any corporate structure that would result in non-compliance with ownership, governance, or related party rules will need to be restructured before the application can proceed.

 

3. Business Plan

The application must include a comprehensive business plan. This is not an optional supporting document,  it is a mandatory legal requirement. The business plan must cover the following elements:

  • A detailed strategic analysis incorporating both short-term and long-term requirements, principal products and services with associated pricing, target customer demographics, and planned investment commitments
  • A description of the operational model, including workforce planning, detailed organizational structure, remuneration and incentives policy, and job descriptions for critical roles
  • A financial plan demonstrating a clear path to profitability, supported by five-year financial projections with full income statements, balance sheets, and cash flow statements
  • A technology plan and architecture document identifying proposed core banking system providers and vendors, software to be used, preliminary contracts or agreements, and all other relevant planning elements
  • A detailed risk management framework covering governance, risk appetite, identification and assessment methodologies, monitoring systems, and mitigation controls
  • A compliance monitoring framework addressing the structure of the compliance function, risk identification and assessment, escalation procedures, reporting mechanisms, and training arrangements
  • A comprehensive AML/CFT and sanctions programme aligned with requirements issued by Iraqi regulatory authorities

 

4. Governance: Pre-License Board and Management Requirements

The application must demonstrate that the governance structure required by the framework has been established, or is in an advanced state of establishment. The key pre-license governance requirements are:

4.1 Board of Directors

The proposed board of directors must be identified and its composition must comply with the framework’s requirements nine members, all non-executive except the CEO, at least six independent directors, with at least three board members having sufficient technical expertise in digital banking.

At the pre-license stage, the application must declare the proposed board members including their names and qualifications for the position. An external assessment of board members’ fitness and propriety is required, but the full independent audit is completed at a later assessment cycle.

4.2 Senior Management

Similarly, the proposed senior management team must be identified, with names and qualifications declared. Fit and proper assessments for senior management are required at the pre-license stage, with the same phased verification approach applying.

4.3 Required Committees

The framework requires that the bank establish, in addition to the audit committee mandated by Iraqi banking legislation, the following board-level committees: a risk management committee, an ICT governance committee, an ESG and sustainability committee, and a nominations and remuneration committee. The existence and proper constitution of these committees must be demonstrated in the application.

 

5. Pre-License Planning Technology Requirements

While full technology deployment and certification is assessed at later stages, the pre-license application must include detailed technology planning documentation. This must cover:

  • A detailed technical plan for the proposed core banking system, including the names of proposed vendors and software, preliminary contracts or agreements, and all other relevant planning elements
  • The proposed online banking and mobile banking platforms, with similar vendor and planning information
  • The proposed data infrastructure and cybersecurity framework at a planning level
  • The proposed payment systems integration approach
  • The proposed business continuity and disaster recovery arrangements at a planning level

The technology plan must demonstrate that the applicant has engaged with reputable, internationally recognized vendors and has a credible implementation roadmap. Vague or undeveloped technology plans will not satisfy the CBI’s requirements.

 

6.: Pre-License Policy Framework Documentation

The application must include a governance handbook covering the bank’s internal policies and procedures as required by the framework. At the pre-license stage, the following policies must be in place:

  • Information security policy
  • Risk management policy
  • Compliance policy
  • Anti-money laundering and counter-terrorist financing policy
  • Anti-fraud, corruption, and bribery policy
  • Any other policies covering the activities and services to be launched

These policies must be substantive documents not high-level statements of intent. They must demonstrate that the applicant has genuinely addressed the relevant risk and compliance dimensions, and that the policies are capable of being operationalized once the bank commences pilot operations.

 

7. Pre-License Confirmation Qualified Institutional Investor:

The application must demonstrate that at least one Qualified Institutional Investor (QII) meeting all required criteria is a committed member of the founding ownership structure, holding or committed to hold no less than 9.999% of the bank’s shares. This is a pre-license condition applications that cannot demonstrate a compliant QII will not be processed.

 

8. Physical Headquarters:  

The proposed administrative headquarters of the digital bank must be identified and must be located within Iraqi territory. The application must demonstrate compliance with the physical headquarters requirements set out in the framework, including that the headquarters will be used exclusively for administrative functions and will not be accessible to the public for the provision of banking services.

 

9. ATM Coverage: Legal Obligation on Customer Access

Digital banks are legally required to enable their customers to access cash through an ATM network. At the pre-license stage, the application must demonstrate how this obligation will be met either through direct ownership of ATMs or through partnership agreements with traditional banks that own ATM networks. The minimum network coverage required (at least five ATMs accessible to the bank’s customers) must be demonstrably achievable through the proposed arrangement.