Middle East Regulatory Update – March 2022

The Dubai International Financial Centre (“DIFC”), in collaboration with the United Arab Emirates (“UAE”) Artificial Intelligence (“AI”) Office, launched its AI and coding licence. A first of its kind, the licence will advance the UAE’s AI Strategy 2031 by increasing the global attraction of coders and AI companies to the DIFC. Licensees will have access to the DIFC Innovation Hub and an opportunity to obtain a UAE Golden Visa for employees.

The Dubai Financial Services Authority (“DFSA”) issued amendments to legislation following Consultation Paper (“CP”) No. 141 “Whistleblowing”.

The DFSA rulebook updates are summarised as:

• General Module (“GEN”), Auditors Module (“AUD”) and Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module (“AML”)
  • inclusion of a dedicated whistleblowing section which requires Authorised Persons, Auditors and Designated Non-Financial Businesses and Professions (“DNFBP”) to:
    • draft appropriate, written and effective policies and procedures to:
      • facilitate reporting of regulatory concerns
      • outline the assessment and escalation of regulatory concerns
      • implement reasonable measures to protect the identity and confidentiality of the whistleblower
      • implement reasonable measures to protect the whistleblower from suffering detriment
      • ensure appropriate and feasible feedback to the whistleblower
      • outline mechanisms for managing conflicts of interests and ensuring the fair treatment of any person subject to an allegation
      • conduct a periodic review of any whistleblowing policies and procedures
      • draft a written report of each concern raised including details of the concern and the outcome
      • provide protection under Regulatory Law, i.e., exemption to liability, dismissal or detriment to any person who makes a disclosure
• Authorised Market Institutions (“AMI”)
  • removal of the current whistleblowing section to refer to GEN.

The amendments are enforceable from 7 April 2022. Read the updates here.

The DIFC has enacted the DIFC Laws Amendment Law, DIFC Law No.2 of 2022 to modernise the regulatory framework established by the Data Protection Law of 2020, Insolvency Law of 2019, Electronic Transaction Law of 2017, Trust Law of 2018, Strata Title Law of 2007 and the Common Reporting Standards Law of 2018.

The law updates are summarised as:

• Data Protection Law
  • administrative fines to include a $75,000 fine for each breach of Article 59(4) regarding a failure to comply with a direction from the Commissioner
  • the general requirement section has been updated to require personal data to be readily accessible for compliance with the law
  • the ‘right to access’ which allows personal data to be provided to the data subject in an appropriate format
  • controllers must now maintain a register where a data subject request has been refused or a fee has been charged
  • update to the application process through the courts to:
    • allow the appellant the right to rely on material before the Commissioner at the time of the finding
  • allow for appeal from the Court of First Instance to the Court of Appeal without leave to appeal from the Court of Appeal, so long as there are no other rules to consider which may limit the rights to a second appeal.
  • Changes to the Commissioner include:
    • requirement to pay court fees
    • ability to issue a finding or make a declaration of a contravention or no contravention of the law
    • thresholds (from ‘material contravention’ to ‘contravention’) for initiating a claim for compensation on behalf of a data subject
    • new power to initiate mediation between the complainant and the controller
    • ability to exceed the predefined fines in Schedule 2 where appropriate and proportionate.
• Insolvency Law and Insolvency Regulations
  • update to notification requirements in liquidation requiring a liquidator report at the end of each year-end to the Registrar
  • definitions added for:
    • Security Interest
    • Final Account
    • Liquidator’s Report
    • Statement of Affairs
  • definition of Rehabilitation Plan Notification removed
  • requirement to ensure consistency in the liquidators’ reporting obligations with reference to different liquidation procedures under the insolvency laws
  • update to the schedule of fines to include:
    • “Liquidator failing to comply with the requirements in respect of a Final Account on the conclusion of compulsory winding up”, incurring a fine of up to $5,000
    • “Liquidator failing to make a year-end Liquidator’s Report in a compulsory winding up”, incurring a fine of up to $5,000.
• Electronic Transactions Law
  • expanded to include:
    • electronic records
    • electronic contacts
    • electronic signatures for sale, purchase or long-term lease of real property.
• Trust Law
  • the definition of ‘ultimate beneficial owner’ has been amended to read as:
    a natural person (other than a person acting solely in the capacity of a professional adviser or professional manager) who:
    • in relation to a company, owns or controls (directly or indirectly):
      • shares or other ownership interests in the company of at least the relevant percentage (25%)
      • voting rights in the company of at least the Relevant Percentage
      • the right to appoint or remove the majority of the directors of the company
    • in relation to a partnership, has the legal right to exercise, or actually exercises, significant control or influence over the activities of the partnership
    • in relation to a foundation or a non-profit incorporated organisation, has the legal right to exercise, or actually exercises, significant control or influence over the activities of the governing body, person or other arrangement administering the property or carrying out the objects of the foundation or the Non-Profit Incorporated Organisation

• If no natural person is identified as an ultimate beneficial owner in accordance with the above, any natural person upon whose instructions the body corporate is required or is accustomed to act, shall be an ultimate beneficial owner
• Beneficial ownership may be traced through any number of persons or arrangements of any description. If two or more natural persons jointly own or control an ultimate beneficial interest, each of them is treated as owning or controlling that interest.
• Strata Title Law
  • Minor updates to align definitions with the Real Property Law including:
    • ‘By-law’ to read: the by-laws made under Article 75
    • ‘Insolvency Law’ to read: the Insolvency Law DIFC Law No. 1 of 2019
    • ‘Occupier’ to read: any occupier, tenant, licensee or person with any other right of possession or occupation (including any Mortgagee in possession) of a Lot or the Common Property (or any part thereof)
    • ‘Proxy’ to read: a duly executed proxy in the form approved by the Registrar from an Owner appointing a person to vote on behalf of the Owner as at a General Meeting
    • ‘Resolution’ to read: an Extraordinary Resolution, an Ordinary Resolution and a Special Resolution, as the context so provides
    • ‘Strata Plan’ to read: a Survey Plan prepared by a Licensed Surveyor in the form approved by the Registrar that divides the Strata Development or any Real Property within the Strata Development into Lots or into Lots and Common Property. A reference in this Law to a Strata Plan includes a reference to a Principal Strata Plan and a Staged Strata Plan unless expressly excluded.
• Common Reporting Standards Law
  • changes to:
    • penalties framework to remove the contravention of:
      • “a Reporting Financial Institution knowingly or recklessly signing or otherwise positively affirming a false self-certification”
      • “a Reporting Financial Institution failing to report the information required to be reported in terms of the regulations”
      • “penalties that remain outstanding for a period of longer than 30 days, or a reporting financial institution fails to perform an action ordered by the relevant authority for a period of longer than 30 days, as the case may be, the relevant authority may serve further default notices in accordance with these regulations on the said reporting financial institution imposing with each successive notice double the amount of the said penalties, provided that each such successive note shall supersede the previous notice served on the reporting financial institution for the same default, but any payment made in respect of that previous notice shall be taken into account accordingly”
    • penalties framework to include the contravention of:
      • “a reporting financial institution that fails to submit the information return in the form, manner and by the date specified in the regulations (or as otherwise advised by the UAE competent authority or the relevant authority)”, incurring a fine of US$14,000 and a further US$280 for every subsequent day, up to US$28,000
      • “a reporting financial institution that fails to submit the information return confirming that the institution maintains no reportable accounts (Nil Return) in respect of that year within the timeframe stipulated in the regulations (or as otherwise advised by the UAE competent authority or the relevant authority)” incurring a fine of US$2,800 and a further US$280 for every subsequent day up to US$8,400
      • “a reporting financial institution that otherwise fails to comply with any other provision(s) of this law or the regulations”, incurring a fine of between US$2,800 and US$8,400
      • “a reporting financial institution that adopts any practices with the intent to circumvent this law or the regulations”, incurring a fine of US$70,000
    • an amendment to the penalties framework to read as:
      • a “contravention” being “a reporting financial institution that files a report which fails to state the information in a complete and accurate manner, that is required to be reported under this Law or the, in terms of the regulations”
      • a reporting financial institution that commits the contravention described in the immediately following reporting year
      • a reporting financial institution that commits the contravention in any further successive reporting year(s) following the second consecuitive reporting year
    • enforcement process:
      • the relevant authority will provide a written notice which must now include, in addition to the existing particulars, a description of each alleged contravention, including the date of the contravention and the reasons for imposing the fine and the amount of the fine
      • the Financial Institution (“FI”) no longer has the defence of a “reasonable excuse for contravening the law” to avoid a fine
      • the FI has 15 days to pay any fine issued by written notice
      • the court can require the FI to pay any outstanding fines issued by the relevant authority
    • investigation and inspections to allow a relevant authority to request a FI to provide records including information in respect of an account holder and, if applicable, a controlling person
    • right to appeal will not be accepted on the grounds of:
      • disputing the reasons for the fine
      • disputing the amount of the fine
      • disputing the validity of the action of the relevant authority
    • right to appeal will be accepted on the grounds of:
      • the FI did not commit the contravention
      • the fine is not proportionate to the contravention
      • the find exceeds the limits set by the law
    • definitions removed include:
      • ‘Companies Law’
      • ‘Companies Regulations’
    • other miscellaneous enhancements.
• Rules of Interpretation
  • updates have been made to various laws to update:
    • ‘day’ to be read as: a calendar day, unless expressly stated otherwise. If an obligation falls on a calendar day which is either a Friday, Saturday, Sunday or an official public holiday, the obligation shall take place on the next calendar day, which is a business day
    • ‘business day’ to be read as: a calendar day, excluding Saturdays, Sundays and official public holidays
    • ‘weekend’ to be read as: a consecutive two day period falling on either a Friday and Saturday or a Saturday and Sunday, as determined by the employer and, if not determined by the employer, shall be a Saturday and Sunday.

The DFSA issued CP no.143 “Regulation of Crypto Tokens” (“CP143”), addressing the AML and Counter-Terrorist Financing (“CTF”) risks as well as general issuance and integration risks with mainstream financial systems. CP143 is intended to compliment CP138 on Investment Tokens therefore, the DFSA proposes to regulate security and derivative tokens under the Investment Token definition and crypto tokens that meet the “approved crypto token” criteria set in CP143.

Within CP138 the DFSA proposed the definition of a ‘Token’, which has since been added to the Glossary (GLO) Module. The definition of a “Token” has been defined as “a Token is a cryptographically secured digital representation of value, rights or obligations, which may be issued, transferred and stored electronically, using Distributed Ledger Technology (DLT) or other similar technology”.

Under CP143, the DFSA has taken this further and proposed a broad definition of a ‘Crypto Token,’ to read as “a Crypto Token is a Token that is used, or is intended to be used, as a medium of exchange or for payment or investment purposes but excludes an Investment Token, or any other type of Investment, or an Excluded Token. A Crypto Token includes a right or interest in the relevant Crypto Token”. The following are the main types of Tokens that will fall within the definition of a Crypto Token:

• Cryptocurrencies
• Hybrid Utility Tokens
• Asset Referenced Tokens
• The DFSA has proposed that certain Crypto Tokens would not be captured under the definition of a Crypto Token and will be considered an “Excluded Token’’ or “Prohibited Token. The DFSA has proposed the following:
  • Utility Tokens (Excluded)
  • Non-fungible Tokens (Excluded)
  • Central Bank Digital Currencies (Excluded)
  • Privacy Tokens and Devices (Prohibited)
  • Algorithmic Tokens (Prohibited)

Whlist the above Crypto Tokens may not be captured under the proposed regulatory scope, the DFSA has indicated it will “monitor” the developments of the excluded Crypto Tokens, which indicates these may be included under the definition of an Accepted Crypto Token in the future. Whereas the Prohibited Tokens mentioned will not be considered an as Accepted Crypto Token, and the DFSA proposes to impose a complete ban on any public offering or promotion of these Crypto Tokens.

The CP proposed the below requirements for a Token to be considered an ‘Accepted Crypto Token’ which can be managed as a financial service in and from the DIFC:

• regulatory status of the Crypto Token in other jurisdictions and the appropriateness of centralised or decentralised governance arrangements
• size, liquidity and volatility of the Crypto Token, as demonstrated through regulated or unregulated markets internationally
• sufficient transparency around the technology, protocols and significant stakeholders in the ecosystem around the Crypto Token
• adequacy and suitability of the technology used in relation to the Crypto Token
• risks associated with the use of the Crypto Token, and appropriateness of controls to mitigate these risks
• Additionally, Fiat Crypto Tokens will be assessed against adequacy arrangements around the reserves, stabilisation and redemption mechanisms of a Crypto Token that purport to be used as a Fiat Crypto Token

The CP proposes:

• to apply financial promotion prohibition to firms unable to meet GEN chapter 3 marketing requirements
• for firms offering Crypto Tokens to establish in the DIFC as a body corporate and be incorporated under DIFC; only subsidiaries of foreign financial institutions may offer financial services for Crypto Tokens in or from the DIFC
• for firms to comply with GEN 6.5, ensuring day-to-day management and oversight of the business in or from the DIFC, including main operational control, management and administrative arrangements
• a prohibition for representative offices to promote Crypto Token-related products or services
• a prohibition on money services firms to provide services relating to fiat currency and Crypto Tokens (excluding digital currency that is legal tender). However, they may use Crypto Tokens that rely on blockchain for limited purposes
• a prohibition on operators of crowdfunding platforms to use Crypto Tokens in the provision of products or services
• a prohibition on any authorised person to provide services in relation to both Crypto Tokens and Excluded Tokens
• to allow authorised firms to hold Accepted Crypto Tokens for their own balance sheet in line with Bank of International Settlement (“BIS”) guidance
• all DFSA licences to be applicable to firms offering financial services in Crypto Tokens
• the trading and clearing of Crypto Tokens in limited circumstances
• requirement for trading venues to either impose a clearing house (with appropriate clearing and settlement arrangements) between the counterparties, to use an airtight blockchain solution or have a clearing guarantee fund approved by the DFSA
• allow clients direct access to trading venues for investment tokens and Crypto Tokens in limited circumstances
• Crypto Token trading venues are to comply with technology governance requirements set out in Authorised Market Institutions (“AMI”) 5A and Code of Business (“COB”) 14.1
• require an annual independent technology audit
• require an operator of a trading facility to have rules and procedures to ensure only Investments (securities or derivatives) in which there is a ‘proper market’ are traded on its venues
• require client classification of each client and an agreement with direct clients which ensures that they comply with the business and operating rules of the venue; the venue or operator must undertake monitoring of both requirements
• for AMI and Alternative Trading Systems (“ATS”) to make the following data available in relation to the accepted crypto token:
  • total supply, including where the supply is set to increase/decrease following a pre-defined path
  • total number and market capitalisation being traded on markets globally
  • the workings and schedule of any inflationary/deflationary mechanisms taking place, other than through the normal mining process
  • total number being held by the developing team, held in reserves for rewards and other promotional mechanisms, or otherwise locked away from the total supply
  • the breakdown of largest holders across the native / largest blockchains (those holding 10% or more of total supply)
• for custodian/ digital wallet requirements to be the same as the requirements for investment tokens
• for client agreements to be comprehensive and cover set requirements
  • to prohibit the use of privacy devices
• to include risk warnings that are clear, fair and not misleading on financial products, services and promotions
• to have a key feature document which will be provided to clients
• to publish the Accepted Crypto Whitepaper
• the possible inclusion of Crypto Tokens within the professional client classification net asset test (at a maximum of 80% value)
• for suitable retail client protections, including communication and marketing materials, appropriate tests for suitability, restriction on purchases using credit cards, limitation on leverage, margin close-outs, restriction on incentives
• an increase of prudential requirements to require custodians that provide Crypto Tokens to have a base capital of US$1M
• to implement Financial Action Task Force (“FATF”) standards in relation to Virtual Asset Service Providers (“VASPs”) as well as the UAE’s Decree Law no.26 of 2021 and Law no.20 of 2018 in relation to financial crime
• to apply the Markets Law and Code of Market Conduct to persons using Crypto Tokens
• a restriction on the use of the phrase “Islamic Crypto Token” unless the Crypto Token is Shari’a compliant and the Islamic Finance Rules (“IFR”) has been applied
• for all persons engaging in Crypto Tokens to comply with the DFSA framework and guidance on cyber security
• to apply a set fee for authorisation, annual licence to operate, direct access membership, Multilateral Trading Facility (“MTF”) endorsement, retail client endorsement and a client asset endorsement
• to apply an annual trade dependant fee
• to apply a fee for variation of licence for authorised firms or AMI’s
• that collective investments funds:
  • may only hold itself out as being a Crypto Token Fund where its main purpose is investing in Accepted Crypto Tokens
  • have a prospectus meeting the requirements in Collective Investment Rules (“CIR”) 14, where units are offered to the public (further disclosure requirements may be applicable)
  • must comply with Market Rules (“MKT”) App7.1.2(a), (c), (e), (h), (i), and (j) where accepted Crypto Tokens are fund property
  • where the collective investment funds use a benchmark or index provided by a price information provider, the price information provider complies with CIR App9
  • will require an eligible custodian as self custody of Crypto Tokens is not permitted
  • which are foreign funds are not allowed to be offered, promoted, or marketed, in or from the DIFC, unless the relevant fund and its fund manager are subject to adequate, comparable regulation in a jurisdiction acceptable to the DFSA
  • will not require a de minimis threshold

Lastly, the DFSA has also outlined the proposed licencing fees, which have been based on the additional amount of work during the authorisation stage and ongoing supervision work required for this sector. The DFSA has proposed both an initial and ongoing fee for the annual licence, which could substantially increase depending on the Firm’s average daily trading volume.

Comments are welcome until 6 May 2022 by completing an online response form found here.

The DFSA published decision notices against Dalma Capital Management Limited (“Dalma”), imposing a fine of US$170,000 and a fine of US$300,000 on the SEO/licensed director of Dalma, Mr Zachary Cefaratti. The notice included a prohibition on Cefaratti of holding office in a regulated entity and a restriction to perform functions related to financial services in the DIFC. Cefaratti has also been directed to dispose of his holdings in Dalma in due course.

Both decisions have been referred to the Financial Markets Tribunal (“FMT”) for appeal.

Read the DFSA notice on Dalma here and Cefaratti here.

The DFSA has taken enforcement action against two firms in the Adenium group and two individuals for breaches of DFSA rules: Mr Wassef El Sawaf, Chief Executive Officer of Adenium Cayman and SEO of Adenium Energy Capital Advisors Limited (“AECAL”), and Mr Youssef Fouad Chaker, Chief Legal Officer of Adenium Cayman and a Licensed Director of AECAL. The DFSA found that Adenium Cayman illegally marketed unregulated Collective Investment Funds, and AECAL – a DFSA authorised firm – was knowingly aware of both the Cayman entity’s breaches, as well as breaches in customer onboarding, client classification, capital requirements, and systems and controls. The DFSA found that El Sawaf and Chaker were aware of both entities’ failings and breached a number of DFSA principles for authorised individuals.

The initial fines issued, without considering discounts for cooperation and settlement, were:

• AED4,613,483 on Adenium Cayman
• AED506,199 on AECAL
• AED863,037 on El Sawaf
• AED271,471 on Chaker

You can read the full decision for Adenium Energy Capital Ltd here, AECAL here, Chaker here and El Sawaf here.

The DFSA issued a public censure against Paymentology Ltd for disseminating misleading and deceptive information. Paymentology Ltd was found to have falsely claimed that it had an office in, and was licensed to operate in, the DIFC. The DFSA found that Paymentology Ltd misled customers to believe they were authorised to provide money services in or from the DIFC.
The decision notice can be found here.

The DIFC Data Protection Office has launched a data protection awareness series to inform firms of new developments relating to the DIFC Data Protection Law no.5 of 2020 and other relevant data protection developments globally.

This month’s session covered:

• overview of the DIFC Data Protection Law
• best practices internationally
• tools for compliance
• the new amendments law updating the data protection law in the DIFC

Firms should:

• review the Standard Contractual Clauses (“SCC”): where the firm relies on General Data Protection Regulation (“GDPR”) SCCs or does not comply with the newly updated SCCs, the SCCs relied upon must be updated within a year, or data transfers may be restricted or must cease
• review the new amendments law and update the firm’s data protection policy and supporting policies and procedures
• draft a register for the rejection or charge of data subject requests

The Abu Dhabi Global Market (“ADGM”) Financial Services Regulatory Authority (“FSRA”) has published CP No. 2 of 2022 ‘Proposals for revised fees for late regulatory filings’. Once finalised, the changes will be reflected in the fees rules (“FEES”), Prudential – Investment, Insurance Intermediation and Banking Rules (“PRU”), Prudential –Insurance Business (“PIN”) and Glossary (“GLO”).

The proposals include:

• update to the definition of regulatory filings to include:
  • AML return, global, cell and fund returns, financial group capital adequacy report, written report relating to general insurance business prepared by an actuary, actuarial report for long-term insurance business, client money auditor’s report, safe custody auditor’s report, reports produced by auditor, annual report on controllers, Shari’a supervisory board annual report, annual regulatory return, quarterly regulatory return, prudential monthly, capital adequacy summary report, leverage ratio report, internal risk assessment process and internal capital adequacy assessment process
  • an accrued fee structure of US$100 for each business day, or part thereof

The paper can be read in full here. Comments are welcome until 18 April 2022 by emailing [email protected].

The ADGM FSRA published CP No.1 of 2022 ‘Proposals for enhancements to capital markets and virtual assets in ADGM’ to advance its capital markets framework and ecosystem covering virtual assets, spot commodities, securities, derivatives, benchmarks and emissions.

The paper proposes:

• new profit-based and asset-based eligibility tests
• update to rules on restricted securities
• added flexibility for capital structures and capital raising
• update to the regime on offers and listings by mining and petroleum entities
• enhancements to the continuous disclosure framework
• new price and position limits for derivatives
• update to the definition of ‘Specified Investments’ and ‘Financial Instruments’ to include emission allowances
• introduction of a spot commodity framework
• new general requirements concerning governance, systems and controls, and record-keeping for benchmark administrators
• introduction of reporting and disclosure requirements for sustainable finance
• a narrowing of exemptions for controllers/group members of a recognised body when undertaking dealing activities
• renaming ‘rules of market conduct’ to ‘code of market conduct’ and expansion of the code to address insider dealing in relation to commodity derivatives, accepted virtual assets and accepted spot commodities
• amendments to the virtual assets framework
• amendments to virtual assets and Non-Fungible Tokens (“NFT”) guidance.

You can read the full paper here. Comments are welcome until 20 May 2022 by emailing [email protected].

The recently merged Appeals Panel has appointed five new members as appointed by the ADGM Board of Directors. Mr Michael Brindle QC is appointed as President, with Ms Jane Diplock AO as Deputy President. Ms Patricia Robertson QC, Ms Rachel Eng and Mr Andrew Whittaker bring their expertise in banking and finance, financial services regulation, commercial litigation, regulatory supervision, international arbitration, and commercial dispute resolution, amongst other relevant areas.

Further details of the members can be found here.

The ADGM hosted its second Abu Dhabi-Israel forum to explore bilateral growth and investment opportunities. Senior leadership from an array of industry areas discussed insights, knowledge on investment trends, and cross-border growth opportunities, as well as growing diversification and investment opportunities in both jurisdictions. Bilateral trade between the nations is already predicted to be over US$1Bn and is projected to grow a further US$2Bn by the end of 2022.

The FATF issued a decision to add the UAE to the FATF grey list for increased monitoring. The DFSA, FSRA and Dubai International Financial Centre Authority (“DIFCA”) have committed to working closely with the FATF to address the concerns raised in the report and consequently, the UAE has put in place an action plan to build on the foundations already established in the region. The FATF did acknowledge the progress made so far by the UAE in addressing concerns flagged in the February 2020 assessment, but noticed weaknesses that still need to be addressed.

The UAE aims to address the FATF’s concerns by:

• demonstrating through case studies and statistics a sustained increase in outbound Mutual Legal Assistance (“MLA”) requests to help facilitate investigation of Terrorist Financing (“TF”), Money Laundering (“ML”), and high-risk predicates
• identifying and maintaining a shared understanding of the ML/TF risks between the different DNFBP sectors and financial institutions
• showing an increase in the number and quality of suspicious transaction reports filed by financial institutions and DNFBPs
• achieving a more granular understanding of the risk of abuse of legal persons and, where applicable, legal arrangements for ML/TF purposes
• providing additional resources to the Financial Intelligence Unit (“FIU”) to strengthen its analysis function and enhance the use of financial intelligence to pursue high-risk ML threats, such as proceeds of foreign predicate offences, trade-based ML, and third-party laundering
• demonstrating a sustained increase in effective investigations and prosecutions of different types of ML cases consistent with the UAE’s risk profile
• proactively identifying and combating sanctions evasion, including using detailed TF sanctions guidance in sustained awareness-raising exercises with the private sector, and demonstrating a better understanding of sanctions evasion among the private sector.

The decision can be read in full here.

His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai announced the enactment of Law no.4 of 2022 ‘Regulating Virtual Assets in the Emirate of Dubai’. The law will be the first of its kind in the region and will enable the UAE to compete with the US as the first regulated landscape for virtual assets. It covers Dubai, including the development zones and freezones (but excludes the DIFC) and will be overseen by the Dubai Virtual Asset Regulatory Authority (“VARA”). The VARA will be linked with the Dubai World Trade Centre Authority.

Firms will only be allowed to deal in virtual assets where they:

• are authorised by the VARA
• hold one of the following VARA permits:
  • operating and managing virtual asset platforms services
  • exchange services between virtual assets and currencies, whether national or foreign
  • exchange services between one or more forms of virtual assets
  • virtual asset transfer services
  • virtual asset custody and management services
  • services related to the virtual asset portfolio
  • services related to the offering and trading of virtual tokens.

You can read the law in full here.

The Securities and Commodities Authority (“SCA”) published an amendment to their provisions regulating the listing of commodities, options, and futures contracts.

Key amendments include:

• key definitions:
  • options will now be defined as: where an owner of the contract is granted the right to purchase or sell a specified quantity of goods, indices, currencies or other financial instruments approved by SCA, on a specified date or within a certain period of time at an agreed price
  • futures will now be defined as: contracts for the purchase or sale of goods, indicators, currencies or other financial instruments approved by SCA, at a specified date at an agreed price at the time of contract, and the criteria for future contracts shall be in accordance with the quality, quantity, date and place of delivery in accordance with market regulations
  • commodity will be defined as: contracts on other commodities, indicators, currencies or financial instruments approved by the SCA such as Options and Futures contracts
• changes to the review of listings:
  • the Committee’s decision will be submitted within 15 days to the SCA
  • the SCA to make their decision on the listing within 30 days of the date of submission
  • the SCA has the power to request further information necessary to make a decision on the listing
  • the relevant person will be notified within a period of not more than a week of issuance of the SCA decision
  • the SCA’s decision to approve the inclusion/listing of any Options, Futures or Commodity contracts entitles the market submitted to the listing application to include all of the relevant contracts; the market is then committed to providing the SCA with a registration within a period of not more than one week from the date of registration.

Read the article in Arabic here.

The Saudi Central Bank (“SAMA”) hosted an Islamic finance workshop on ‘the role of financial inclusion in enhancing the Islamic finance industry both in theory and practice’. The event is one of SAMA’s quarterly focused workshops attended by industry experts and stakeholders. The delegates attended two workshops to discuss crucial matters affecting the Kingdom’s financial services sector. The first workshop, ‘Financial Inclusion Prospects’, addressed the need for financial inclusion and the role of banks and financial institutions in this development. The second workshop, ‘The Impact of Islamic Financial Services on the Promotion of Financial Inclusion’, discussed the relationship between financial inclusion and Islamic finance and the role of technology in bridging the gap.

SAMA announced the release of draft principles and rules for the protection of financial institution clients. The paper forms part of SAMA’s ongoing efforts to ensure clients are getting fair and transparent financial services and preserve their rights.

You can read the full consultation paper here.

SAMA announced the extension of the guaranteed private sector financing programme for a further year in support of micro, small and medium enterprises. The move promotes financial sector stability to overcome challenges businesses face following COVID-19. The programme was launched on 14 March 2022 and will be extended to 14 March 2023.

The Association of Corporate Counsel (“ACC”) hosted the first of its Middle East and North Africa Region (“MENA”) privacy series in 2022. The first event covers ‘Privacy in a Ready Stance: A MENA Perspective’ hosted by Dale Waterman, Breakwater Solutions, and Trevor Hughes, IAPP President. The event included discussions about the leading global data protection laws as seen in China, India, Europe and the possibility of a US federal data protection law. The ACC expects that 65% of the global population will be subject to a data protection law and firms must be aware of the repercussions of managing personal data in the digital economy in each jurisdiction.

Future events include:

• the complexity of consent
• data retention
• data protection impact assessment
• the rise of privacy technology
• the anatomy of a data breach
• data subject access requests.

You can register for future events here.

The International Organisation of Securities Commissions (“IOSCO”) issued a report on the decentralised finance markets (“DeFi”) evolution to mirror conventional financial markets. The report includes a review of the DeFi market and its new products, services and principal participants and also highlights the similarity between DeFi and conventional financial markets. However, it found that DeFi has significantly weaker regulation, rises in conflicts of interests and currently presents a higher risk for investors.

IOSCO has established a new task force to review the significant opportunities as well as risks that DeFi can bring to the market.

Read the report in full here. Comments can be submitted to [email protected].

FATF reviews various jurisdictions’ progress to meet their anti-money laundering (“AML”) and CTF obligations reported in their Mutual Evaluation Reports (“MER”). The MERs assess jurisdictions’ effectiveness against 40 FATF Recommendations.

The updates are as follows:

• Vietnam has been reported as compliant in 2, largely compliant in 11, partially compliant in 23 and not compliant in 4 recommendations
• Ireland has been reported as compliant in 17, largely compliant in 17, and partially compliant in 6 recommendations
• Cuba has been reported as compliant in 19, largely compliant in 19, and partially compliant in 2 recommendations
• St Kitts and Nevis has been reported as compliant in 11, largely compliant in 15, and partially compliant in 14 recommendations
• Poland has been reported as compliant in 2, largely compliant in 21, and partially compliant in 17 recommendations
• Croatia has been reported as compliant in 4, largely compliant in 17, and partially compliant in 19 recommendations

The updated consolidated rating table can be found here.

The Executive Office of the Committee for Goods and Materials Subject to Import and Export Control has updated the United Nations Security Council Sanctions List. One entity has been added relating to ISIL and Al-Qaida, and seven individuals have been removed pertaining to Iraq.

Firms are reminded to monitor geopolitical events, and any resulting updates to international sanctions lists to assess their exposure to sanctioned individuals and entities. Sanction contraventions must be reported to the relevant authorities without delay, and regulators will expect to be notified of any sanctions matters that may result in reputational consequences for the firm.

The updated sanction list can be found here.

The UK’s Financial Conduct Authority (“FCA”) has temporarily extended its deadline from 31 March 2022 to 2023 for 12 cryptocurrency firms to register with the FCA or cease operating in the UK. Firms granted the extension include BCB Group, Blockchain.com, CEX.IO, Copper Technologies, GlobalBlock, GCEX, ITI Digital, BC Bitcoin, Revolut, Moneybrain, Monolith and Coindirect. The FCA’s push for registration allows the FCA to tackle money laundering and other financial crimes that may be associated with unregulated cryptocurrency companies. To date, only 33 cryptocurrency firms’ applications have been approved, with over 80% of firms either being withdrawn or rejected.

The Danish Financial Services Authority (“FSA”) conducted an inspection on SEB bank’s branch in Denmark, focusing on money laundering compliance. The findings follow investigations stemming from the Dankse Bank money laundering scandal in 2018 and the subsequent FSA investigation of AML compliance throughout the banking sector.

SEB was ordered to:

• revise its risk assessment procedures and prepare a new AML policy
• secure business processes and strengthen internal control over employees in AML
• strengthen its know-your-customer (“KYC”) processes, particularly with regards to international customers.

The Advertising Standards Authority has issued an enforcement notice to all cryptoasset and cryptocurrency firms advertising in and from the UK. The notice requires that crypto advertisements carry prominent warnings that cryptocurrencies are unregulated in the UK and that the value of investments can go down. Crypto firms must be able to substantiate any claims they make about their products’ annual returns. The notice also bans crypto providers from claiming their products are regulated.

All crypto firms should conduct an immediate review of all promotional materials to ensure they are compliant with Advertising Standards Authority guides. Firms have until 2 May 2022 to comply.