The Financial Sector Conduct Authority has changed its mind about how it will roll out the cross-sectoral Conduct of Business Return (OMNI-CBR) – the reporting tool will now be integrated into its supervisory technology (SupTech) platform.
As a result, until the Authority issues further communication about the Integrated Regulatory System (IRS) and the OMNI Risk Return, financial institutions do not have to initiate or continue with any internal OMNI-CBR-related initiatives or system development and implementation efforts.
However, insurers that have been submitting quarterly insurance conduct of business returns over the past few years must continue to do so using the data upload facility on the FSCA’s website until further guidance is provided in this regard, Deputy Commissioner Farzana Badat (pictured) said in Communication 12 of 2025, which was issued yesterday.
The OMNI-CBR is a regulatory reporting tool, to collect standardised conduct-related data from financial institutions across various sectors.
In parallel with the development of the OMNI-CBR, Badat said the FSCA has been undergoing a broader strategic transformation aimed at modernising its regulatory framework and enhancing its operational efficiency. This transformation is guided by the FSCA’s Regulatory Strategy for 2025–2028, which was published on 6 May. A central pillar of this strategy is the preparation for the implementation of the Conduct of Financial Institutions Bill.
Read: FSCA’s three-year regulatory strategy anchored in COFI roll-out
To support this agenda, the FSCA has adopted a Digital Transformation Strategy. This strategy focuses on leveraging technology to streamline regulatory processes, improve data collection and analysis, and enable a more risk-based approach to supervision. At the heart of this digital transformation is the IRS, a SupTech platform that will improve how the FSCA interacts with financial institutions.
The FSCA believes the IRS will significantly enhance the Authority’s ability to monitor and regulate the financial sector. By automating key processes and centralising data, the IRS will allow the FSCA to respond faster to emerging risks and trends, ultimately leading to better outcomes for financial customers.
The IRS is designed to provide end-to-end SupTech services, covering the full supervisory lifecycle – from licensing to ongoing supervision and enforcement.
Read: FSCA says new digital platform will streamline compliance and regulation
Connection between the IRS and the OMNI-CBR
The original concept for the OMNI-CBR predated the Digital Transformation Strategy and the procurement of the IRS, Badat said. As a result, the initial design of the OMNI-CBR was suited to a more manual, less modernised supervisory environment. This led to the complexities and challenges highlighted by industry stakeholders, particularly regarding the volume of data required and the structure of the reporting template.
With the introduction of the IRS, the FSCA has recognised an opportunity to re-imagine the OMNI-CBR and align it with its new technological capabilities.
“Implementing the IRS has provided the FSCA with an invaluable opportunity to re-think the supervisory data collection model initially contemplated under the OMNI-CBR and instead explore a more streamlined, intuitive, and incremental approach leveraging the new technological capabilities being introduced through the SupTech platform,” Badat said.
“The previous version of the OMNI-CBR was a combination of harmonised conduct data requirements applicable to all financial institutions (the ALL SHEETS component), as well as more granular sector-specific requirements applicable only to certain financial institutions depending on industry, activity, or product type.”
This approach has been revised in an attempt to significantly reduce the amount of data requested from financial institutions, and to minimise regulatory burden by introducing different components of the OMNI-CBR (with some revisions) over time in a phased and agile manner, Badat said.
First component: Risk Model and OMNI-Risk Return
The first phase of the revised OMNI-CBR approach is the introduction of the OMNI-Risk Return, which will support the IRS’s automated Risk Model. This component is critical to the FSCA’s new risk-based supervisory framework.
The Risk Model is a standardised, system-driven mechanism within the IRS that calculates uniform risk scores for all supervised entities. It uses three key elements to generate these scores:
- Data from the OMNI-Risk Return and entity profiles. This includes both the risk-related data submitted by financial institutions and basic profile information about each entity.
- Defined risk indicators and measurements. The FSCA has established specific risk indicators that will be used to assess the conduct risks posed by each institution. These indicators are informed by the data collected through the OMNI-Risk Return.
- Structured control assessment questions: FSCA supervisory teams will complete these questions as part of their ongoing supervisory activities. The answers will provide additional context and insights into each institution’s risk profile.
The FSCA said the automated Risk Model offers several benefits:
- Less duplication and greater clarity regarding specific risk data requested of financial institutions.
- More consistent and comparable risk ratings across financial institutions.
- Better insights on higher risk areas to help inform the intensity of certain supervisory activities and direct FSCA resources accordingly.
- Improved collaboration and co-ordination across different FSCA teams dealing with the same supervised entity.
Badat said the FSCA is finalising the refinement of the OMNI-Risk Return and its integration onto the IRS. “This is being prioritised for further industry engagement in the upcoming months,” she said.
Second component: sector-specific data requirements
While the OMNI-Risk Return addresses the immediate need for risk-related data, the FSCA recognises that additional, more granular data will be required for ongoing supervision and regulatory purposes. This is where the second component of the revised OMNI-CBR approach comes into play.
The second component involves the gradual introduction of sector-specific data requirements. These requirements will be tailored to the unique characteristics of different industries, activities, or product types within the financial sector. For example, banks, insurers, and investment firms may each have distinct reporting obligations based on the specific conduct risks associated with their business models.
The FSCA has started work on identifying the additional sector specific data requirements, but it envisages that this will be rolled out in the longer term.
What happens next with the OMNI-CBR?
Badat said the implementation of the IRS and the introduction of the Risk Model “will significantly re-shape the manner in which the FSCA interacts with supervised entities going forward”.
As such, the Authority will roll out comprehensive and targeted industry engagement and change management activities to ensure that both the FSCA and market participants are prepared to interact through the IRS.
The FSCA is working on a detailed communication and engagement plan, which will provide further information on the operationalisation of the IRS, planned industry readiness and awareness initiatives, further consultations on the revised OMNI-Risk Return and a clearer timeline for overall implementation.
Details of a planned industry pilot for testing of the IRS will also be provided in the third quarter of 2025. It is envisaged that financial institutions will then have a year to get ready before the anticipated go-live date of the new platform.
