1.
On June 12, 2025, the online media outlet KazTAG published an article titled “ARRFR Conducted an Unscheduled Inspection of Freedom Finance and Issued More Than 40 Administrative Fines.”
In this publication, KazTAG provides fragmented information from the Agency of the Republic of Kazakhstan for Regulation and Development of the Financial Market (hereinafter – the ARRFR) stating that 41 administrative fines were imposed on JSC Freedom Finance following the results of an unscheduled inspection of JSC Freedom Finance (hereinafter – the Company).
On October 28, 2024, the ARRFR initiated an unscheduled (selective) inspection of the Company’s activities to assess compliance with the legislation of the Republic of Kazakhstan when providing services related to access to the securities market via information systems; specifically, the TRADERNET trading platform was inspected. This trading platform is used by all brokerage organizations within the structure of Freedom Holding Corp. At the same time, taking into account the requirements of the legislation of each jurisdiction, the platform is configured accordingly.
The inspection was completed on December 6, 2024, following which 20 administrative protocols were drawn up for the same violation of a subordinate regulatory act, namely paragraph 8-1 of Resolution No. 27 of the Board of the National Bank of the Republic of Kazakhstan dated January 28, 2016, “On Approval of the Rules for the Provision of Electronic Services by Nominee Holders.”
In particular, these Rules allow brokers (nominee holders) to use dynamic and/or biometric client identification when clients submit instructions to execute trading operations in brokers’ mobile applications.
However, unlike the similar Resolution No. 48 of the Board of the National Bank of the Republic of Kazakhstan dated March 27, 2018, “On Approval of Requirements for Ensuring Information Security of Banks,” brokers are not permitted to use their own information systems to verify biometric data and are required to additionally verify such data through state-owned entities, such as the Identification Data Exchange Center (IDEC) of the National Payment Corporation of Kazakhstan and the State Credit Bureau (SCB), which provide their services on a commercial basis. It should be noted that state databases do not contain information on non-residents of the Republic of Kazakhstan, who are also clients of financial organizations; accordingly, it is not possible to verify them through the IDEC and the SCB.
In other words, the biometric identification function in mobile applications is the standard Face ID function of smartphones, the use of which depends on the choice and settings of the smartphone user. As a result, this functionality is permitted for users of banking mobile applications, but not for brokerage applications.
At the time the Company’s trading platform was created and the first mobile applications were introduced, such functionality did not exist; it became available as technologies for identification in mobile devices evolved and developed—from PIN codes and Touch ID to Face ID biometric identification.
Accordingly, 20 protocols were drawn up for each client instruction submitted using the Face ID function in the Company’s mobile application, taking into account the limitation under the Code of Administrative Offenses on the number and amount of fines for the same violation.
The remaining 21 protocols were issued (but have not yet been reviewed by an authorized official of the ARRFR, based on the same facts as in December 2024) for the same violation after the completion of the inspection, since the Company required time to modify the mobile application, disable the Face ID function by default in its mobile application, and switch exclusively to dynamic identification (use of PIN codes). This required the release of an updated version, its testing, and subsequent placement and moderation by the App Store and Google Play.
In its written order, the ARRFR required the immediate disabling of this functionality in the mobile application as of the date of receipt of the order. However, the Company was technically unable to disable this functionality instantly, as otherwise all clients would have lost access to the mobile application. The Company informed the regulator of this circumstance twice and requested approval of an action plan providing for a timeframe to finalize the mobile application by June 2025.
Unfortunately, this request was disregarded by the regulator, and on May 30, 2025, an additional 21 administrative protocols were issued for the same violation.
The Company eliminated the violation and fulfilled the ARRFR’s requirement on May 26, 2025, of which it notified the regulator. As of that date, the TRADERNET mobile application uses dynamic client identification, i.e., PIN codes.
Existing gaps in regulatory acts governing the procedure for providing electronic services by the state authority were, unfortunately, interpreted not in favor of the Company. The Company sincerely believes that restricting the use of Face ID exclusively in conjunction with state databases is an anachronism, and that the relevant subordinate regulatory act should be modernized by analogy with banking regulation in this area.
It should also be noted that administrative offense protocols are not procedural documents establishing the fact of an offense and are not directly related to complaints filed with the ARRFR by individuals mentioned in KazTAG publications regarding the actions of former Company employees, in particular V. Svetov and T. Bekov.
2.
On June 12, 2025, the online media outlet KazTAG published an article titled “ARRFR Assists the Investigation in Criminal Cases Against the Top Management of Freedom Finance” – https://kaztag.kz/ru/news/arrfr-sodeystvuet-sledstviyu-po-ugolovnym-delam-protiv-top-menedzhmenta-fridom-finans.
JSC Freedom Finance (hereinafter – the Company), for its part, also fully cooperates with and provides assistance to investigative authorities by supplying the necessary materials. Moreover, the criminal case against a former employee of the Company was initiated on the basis of the Company’s own statement, prepared following the results of an internal internal investigation conducted last year.
At the same time, the “former employee of the Company” mentioned in the ARRFR’s response and in the publication was never a member of the Company’s top management, but merely performed managerial functions (as an executive director) in one of the areas within the Company’s sales department. Accordingly, the information presented in the KazTAG publication is not accurate.
