Regulatory Update January 2025 – ME Region

On 15 January, the Dubai Financial Services Authority (‘DFSA’) released its Findings from the 2024 Whistleblowing Thematic Review, which aimed to assess the effectiveness of whistleblowing frameworks across DFSA regulated entities.

The review identified weaknesses in the following areas:

• whistleblower protection:
  • there was a lack of measures to protect the identity and confidentiality of whistleblowers, including protecting them from suffering any detriment
  • any protections that were in place were often not communicated to employees in the policies and procedures
• policies and procedures:
  • in some areas the quality of the policies and procedures was poor and did not address DFSA Guidance under the General (‘GEN’) and Anti-Money Laundering (‘AML’) Rulebook
  • some policies did not include information on how to deal, assess and, where appropriate, escalate reports to senior management or the DFSA
• governance:
  • some firms did not have arrangements to provide their respective governing bodies or senior management with management information on whistleblowing
• training and awareness:
  • some firms did not adequately train their employees i.e. whistleblowing arrangements were not part of employee onboarding or ongoing training
• reporting channels:
  • some firms had inaccurate or outdated information in their policies and procedures regarding the reporting channels available
  • some firms did not address the reporting process for third parties such as ex-employees and service providers
• feedback mechanisms:
  • a common issue was that whistleblowing policies and procedures did not ensure that feedback is provided to whistleblowers where appropriate and feasible
• monitoring and testing:
  • several firms did not include whistleblowing arrangements in their compliance monitoring programme
• record keeping:
  • firms did not maintain adequate records of regulatory concerns reported by whistleblowers
  • some firms did not keep records of all individuals who had knowledge of the whistleblowing report, as required.

The DFSA expects regulated entities to apply the key themes and findings from the review to their specific business activities and obligations. Entities may need to demonstrate their compliance in future interactions with the DFSA.

You can read the Thematic Review here.

On 28 January, the DFSA announced the release of a new report on artificial intelligence (‘AI’), which it co-led with the UK’s Financial Conduct Authority (‘FCA’) on behalf of the Global Financial Innovation Network (‘GFIN’). The report, explores important topics, including the transformative impact of AI and machine learning (‘ML’), particularly in areas such as risk management, customer service, fraud detection, and investment strategies.

The key insights include:

• risks of robo-advice:
  • ensuring the protection of sensitive consumer data, particularly for vulnerable individuals
  • the need for human oversight in decision-making to avoid errors and inaccuracies
  • addressing ethical concerns, potential bias, and the risk of misleading information from AI systems
  • navigating domestic and international ethical guidelines and promoting collaboration among ethics organisations to ensure responsible AI use
  • the need for clarity and accuracy in decisions made between humans and robo-advisors
• risks and opportunities in personalised finance:
  • emerging risks, such as hallucinations in AI systems
  • the increasing application of personalisation across financial services, such as banking, insurance and credit, due to data sharing and open finance developments
  • the effectiveness of outcomes-based regulatory approaches in adapting to changes in the financial services landscape
• consumer education and information:
  • benefits of using AI to generate easily digestible information for consumers with limited financial knowledge, improving access to products and services
  • the challenge of determining consumer comprehension and whether a framework is needed to assess varying levels of understanding, based on complexity
  • the risk of inadequately addressing the needs of diverse groups (e.g. age, ethnicity, religion) when creating financial education content, potentially leading to gaps in financial inclusion.

You can read the full report here.

On 2 January, the Financial Services Regulatory Authority (‘FSRA’) published its updated regulatory framework to ensure continued alignment with international best practices, as outlined in the Core Principles for effective banking supervision by the Basel Committee on Banking Supervision.

Key amendments to Financial Services Market Regulations 2015 (‘FSMR’) include:

• Section 5A(3): Authorised Persons conducting a Regulated Activity in relation to Virtual Assets or Spot Commodities
  • clarification regarding the FSRA’s decision-making authority over Authorised Persons conducting regulated activities related to virtual assets (‘VA’) or spot commodities (‘SC’), allowing the regulator to exercise its ‘Own-Initiative Requirement Power’ as outlined in section 42 of FSMR
• Section 30(8): Granting Financial Services Permission
  • exclusion of partnerships classified as a Body Corporate and domiciled outside of Abu Dhabi Global Market (‘ADGM’) from the scope of the regulation
• Section 133: Additional power to direct Recognised Clearing Houses and Remote Clearing House
  • removal of specific waivers introduced for clearing houses and remote clearing houses that are not required to comply with the recognition requirements or remote recognition requirements, or where these institutions have failed to adhere to FSRA regulations
• Section 246: Requirement to give warning notices
  • removal of the warning notice by the FSRA related to: (1) the name change of a Fund or Sub-Fund by the Fund Manager, (2) the suspension or withdrawal of the registration of a Designated Non-Financial Businesses and Professions (‘DNFBP’), (3) the refusal of an application for DNFBP, (4) the refusal of an application for the registration of a Public Fund that does not meet the registration requirements, (5) the refusal of an application concerning a Reporting Entity, and (6) the removal of the notice related to the refusal of an application for the listing or admission of securities to the Official List
• Section 258: Definitions
  • addition of a clarification for the definition of ‘e-money’
  • removal of the definition of ‘foreign fund’
  • removal of definitions related to partnerships classified as a Body Corporate and domiciled outside of ADGM, which are excluded from the scope of the regulation

Key amendments implemented to FSRA Rulebooks include:

• AML and Sanctions Rulebook
  • addition of Guidance under 6.1,9.1,9.3.2 on prohibition on Payment Service Providers (‘PSPs’) accepting, directly or indirectly physical cash in the form of banknotes and coins from any Payment Service Users except through appropriately regulated financial institutions, in line with Conduct of Business (‘COB’) 19.7.1
• COB Rulebook
  • addition of references to GEN 3.3 and COB 3.5 in Guidance under Disclosures in Investment Research (6.4.3)
  • addition of references to ADGM Foreign Account Tax Compliance Regulations 2022 (17.4.1 and 22.6.1)
  • addition of clarifications to Safeguarding requirements (19.7) to include exemptions and prohibitions in relation to Payment Service Providers
• Market Rulebook (‘MKT’) with associated changes to Fees Rulebook (‘FEES’) 9.1, FSMR, section 64
  • amendment to the relevant provisions in MKT to align with FSMR (section 64) by incorporating appropriate references to “admission to trading,” in relation to requirement for issuance of a Prospectus
  • clarification in FEES 9.1 in relation to filing fee applicable when a Prospectus is submitted for the purpose of seeking admission to trading
  • amendment to section 64 of FSMR to clarify that it covers the use of foreign documents for the purpose of seeking admission to trading
  • MKT 3.9.1(1) clarifying the disclosure of annual and interim reports must be prepared in accordance with the content requirements outlined in the Fund Rulebook (‘FUNDS’) but disclosed within the time periods outlined in MKT 10.1.8

• General Rulebook (‘GEN’) 3.3.41A(1)
  • addition of a requirement for Banks, Insurers (excluding Captive Insurers (‘CI’) or authorised Insurance Special Purpose Vehicles (‘ISPVs’)), Authorised Persons holding permission to manage a profit-sharing investment account (‘PSIAu’), and other Authorised Persons
  • addition of the Regulator’s powers to request an increase in the proportion or number of Non-Executive Directors (‘NEDs’) and Independent Non-Executive Directors (‘Independent NEDs’), the establishment of an Audit Committee, Risk Committee, Nomination Committee, Remuneration Committee, or other committees
  • for branches, the Regulator may also require the establishment of a committee to implement corporate governance within the branch
• GEN: Guidance to Senior Manager under 5.3.7
  • the Regulator expects that, for a Bank or an Insurer (excluding Captive Insurers or Authorised ISPVs), at least one individual, other than the Senior Executive Officer, is appointed as a Senior Manager to advise the Governing Body and senior management on relevant risks
• GEN 8.10.6: Regulatory Impact
  • addition of a requirement for Authorised Persons to notify the FSRA if an individual performing a Controller Function is no longer fit and proper to carry out this role
• GEN 8.10.6: A major acquisition or establishment of subsidiary
  • addition of a requirement for Authorised Person in Categories 1, 2, or 5 to notify the FSRA in writing before acquiring or establishing a subsidiary
  • addition of a requirement for Branches in Categories 1, 2, or 5 to notify the FSRA regarding acquisitions or investments
• GEN APP1 (9A): to committees of the governing body
  • inclusion of the roles and responsibilities of various committees, including the Audit Committee, Risk Committee, Nomination Committee, Remuneration Committee, and Ethics/Compliance Committee
• GEN APP1(11): best practice relating to corporate governance and remuneration
  • addition of conditions under which a Non-Executive Director will not be considered an independent director
• Prudential – Investment, Insurance Intermediation and Banking Rulebook (‘PRU’)
  • amendments to the relevant references in PRU to refer exclusively to external credit ratings (‘ECAIs’) and eliminate the use of other terms
  • amendments to consistently use the corresponding ’Credit Quality Grades’ in relation to external credit ratings, as outlined in the FSRA mapping table, instead of explicitly referencing ECAIs
  • addition of a new rule (PRU 9.3.14) to grant the FSRA the power to adjust the application of the New Stable Funding Ration (‘NSFR’)
• PRU 1.4
  • addition of Guidance regarding the criteria for designating an Authorised Firm as a Domestic Systemically Important Bank (‘D-SIB’) based on factors outlined by the Basel Committee, including the size, interconnectedness, substitutability, and complexity of the firm
• PRU APP3
  • addition of Guidance regarding the implementation of stress and scenario testing that includes the requirement for firms to conduct such tests to assess the resilience of their risk management frameworks under varying conditions
• PRU 70 and 75
  • expansion of rule regarding country risk and transfer risk to include a more detailed description of methodology used for calculating provisions related to country risk and transfer risk, ensuring transparency and consistency in the approach
  • the Senior Management of an Authorised Person, including its risk management and compliance functions, is responsible for developing and implementing country risk and transfer risk management policies and procedures and must report the results to the Governing Body, providing appropriate details, and at the required frequency.

You can find full details on the implemented changes here.

On 2 January, the ADGM revealed an updated fee schedule for obtaining and renewing commercial licenses for firms established in Al Maryah and Al Reem Islands. Effective from 1 January 2025, the new fee structure introduces reductions of 50% or more for non-financial and retail businesses within the ADGM jurisdiction. These adjustments aim to enhance ADGM’s business ecosystem, making it more attractive and accessible to a broader range of enterprises.

• Non-Financial Category
  • initial registration fees are reduced from US$ 10,000 to US$ 5,500
  • annual licence renewal fees are reduced from US$ 8,000 to US$ 5,000
• Financial Category
  • initial registration fees are reduced from US$ 6,000 to US$ 2,500
  • annual licence renewal fees are reduced from US$ 4,000 to US$ 2,000.

You can read more on the updated fees here.

On 9 January, the ADGM Registration Authority (‘RA’) published the Employment Regulations 2024 (‘new Employment Regulation’) which comes into effect on 1 April 2025 and replace the ADGM Employment Regulations 2019. The new Employment Regulations include substantial changes to the workplace practices and offer extra clarity to both employers and employees regarding their rights and responsibilities.

The key changes apply to the following areas of employment law:

• application:
  • the new Regulation does not apply to employers holding a dual licence from the Abu Dhabi Department of Economic Development, where the employees are governed by UAE federal labour law
• remote employee:
  • introduction of a new definition of a remote employee (‘RE’), who have different rights and responsibilities compared to ‘standard’ employees
  • REs who live and work outside the UAE are no longer required to obtain a UAE residence visa or an ADGM work permit
• immigration:
  • employers must cancel an employee’s residence visa and/or work permit as soon as reasonably possible after the termination of their employment
  • employers are explicitly prohibited from conditioning the cancellation of an employee’s UAE residence visa and/or work permit on the employee waiving any of their rights
• employment contracts:
  • employers are required to provide an employee with a written employment contract that complies with the new Regulations within one month of the employee’s start date
  • any non-administrative changes to the employment contract must be mutually agreed upon in writing by both the employer and the employee
• part-time employment:
  • introduction of concept of a part-time employee, which will help employers calculate leave and other entitlements for employees working reduced hours
• discrimination:
  • pregnancy and maternity will be considered protected characteristics
  • employees who face discrimination, harassment, or victimisation will have access to specific remedies, including compensation of up to three years’ wages.

Employers are advised to prepare in advance to avoid fines and other potential liabilities.

You can read more about the change here.

On 27 January, the ADGM officially launched its all-in-one mobile app, the ADGM App. The app aims to transform how businesses, employees, and residents interact within the financial district. It is designed to improve connectivity and offers seamless access to a range of exclusive tools and services, enhancing the overall experience within ADGM’s dynamic ecosystem.

The keys features include:

• real-time updates on industry news, events and essential district information
• an exclusive chat feature for ADGM professionals to connect and collaborate.

You can read more about the announcement here.

On 8 January, the Executive Office for Control and Non-Proliferation (‘EOCN’) implemented Cabinet Resolution No.1 to 2025 Adding Entries on Local Terrorist List.

The following individuals and entities have been added to the local UAE terrorist list:

• Yousef Hassan Ahmad Al Mulla
• Saeed Khadem Ahmed Bintouq Almarri
• Ibrahim Ahmed Ibrahim Ali Alhammadi
• Elham Abdulla Ahmad Alhashemi
• Jaem Rashed Khalfan Rashed Alshamsi
• Khalid Obaid Yousif Buataba Alzaabi
• Abdul Rahman Hasan Munif A Aljaberi
• Humaid Abdulla Abdulrahman J Alnuaimi
• Abdelrahman Omar Salim Bajubair Alhadhrami
• Ali Hasan Ali Husain Alhammadi
• Mohamed Ali Hassan Ali Alhammadi
• Cambridge Education and Training Center Ltd
• Ima6ine Ltd
• Wembley Tree Ltd
• Waslaforall
• Future Graduates Ltd
• Yas For Investment and Real Estate
• Holdco UK Properties Limited
• Nafel Capital

You can find more information here.

On 15 January, the Saudi Central Bank (‘SAMA’) announced that it has agreed to introduce Google Pay to Saudi Arabia in 2025 via the national payment system ‘mada’. This initiative supports Saudi Vision 2030 by enhancing the Kingdom’s digital payments ecosystem and promoting a shift toward a less cash-dependent society. The move aims to meet market demands and position Saudi Arabia as a global leader in FinTech.

You can read the SAMA article here.

On 22 January, the Securities and Commodities Authorities (‘SCA’) published draft regulations on security and commodity tokens. The deadline for submitting feedback is 14 February 2025.

The regulation, comprising 18 articles, delineates the scope of application and provides definitions for security tokens and commodity tokens. It details the legal and regulatory implications associated with the issuance of such tokens, prescribes the applicable technical standards, and establishes comprehensive provisions governing trading, settlement, pledging, and cancellation. The regulation also imposes specific obligations upon issuers of security tokens and commodity tokens, alongside addressing other substantive matters within its purview.

The key provisions include the following requirements:

• establishment of a ledger to record rights, operations of the ledger, and registration agreements
• transfer of securities in accordance with registration agreements
• the right of beneficiaries of security tokens or commodity tokens to cancel the token instrument upon request to the court
• minimum information in contracts with owners should include the working method of the distributed ledger, risks associated with these types of investments, details of disaster recovery, and the general roles and responsibilities between the owner and operator of the ledger
• applicable technical standards
• the right of the SCA to publish the names of the violators of this regulation.

You can read the SCA draft regulations here.

On 23 January, the SCA published draft regulations for robo-advisor services. The draft outlines the regulatory framework for automated investment platforms and invites stakeholders to provide their inputs and insight. The deadline for submitting feedback is 14 February 2025.

Under the draft regulation, provisions will be added to Article 9 of Chapter 5, Part 3: The Robo-Advisor Service. These provisions outline the compliance and operational obligations for entities running automated robo-advisor platforms, ensuring that they deliver high-quality services while safeguarding investors’ interests.

The key provisions include the following requirements:

• appointment of independent external IT auditors
• IT audit report before the platform begins operations and at least annually thereafter
• cyber security audit
• mandatory client disclosures regarding any limitations of the robo-advisor algorithms and potential conflicts of interest
• clear protocols for managing or halting automated trading during periods of high market fluctuations
• client disclosures regarding any modifications to robo-advisor algorithms that may affect portfolio results
• client consent for trading activities
• contracts with brokers
• quarterly reporting to regulators
• prescribed timeframes for reporting breaches.

The draft regulation also provides definitions for “robo-advisor service”, “robo-advisor algorithm”, and outlines requirements for stress testing of robo-advisor algorithms.

You can read the SCA draft regulations here.

On 21 January, the Capital Markets Authority (‘CMA’) held an awareness workshop on Passported Funds, targeting individuals licensed to manage collective investment schemes or act as subscription agents. This workshop follows the introduction of a new regulatory framework and passporting regulations for investment funds between the Gulf Cooperation Council (‘GCC’) member states in December 2024.

The key points from the workshop include:

• definition of ‘passporting’ and the regulatory entities involved (‘Registering Entity’ and ‘Host Regulatory Entity’)
• process for activating passporting for locally licensed funds by the CMA and GCC funds
• clarification of the requirements for GCC funds to enter the State of Kuwait
• passporting-related fees
• required amendments to the passported fund’s prospectus for GCC markets.

You can read the CMA article here.

On 27 January, the Abu Dhabi Securities Exchange (‘ADX’) signed a Memorandum of Understanding (‘MoU’) with the Iraqi Securities Commission. The agreement strengthens collaboration between the financial markets of both jurisdictions, focusing on trade and investment opportunities. ADX and the Iraqi Stock Exchange will cooperate in technology, trading practices, investor education, and market development. The MoU also facilitates the Iraqi Stock Exchange’s participation in the Tabadul digital trading platform, enhancing cross-border investment connectivity.

You can read the ADX article here.

On 28 January, the FATF published an updated consolidated ratings table. The table summarises jurisdictions’ progress against the 40 FATF recommendations. The recommendations assess the jurisdiction’s maturity against AML, counter terrorist financing (‘CTF’) and proliferation financing measures.

You can read the consolidated rating table here.

On 24 January, the DFSA published a Decision Notice against Al Ramz Capital LLC, fining it for failing to report suspicious transactions and imposing a penalty of US$ 25,000.

A summary of the sequence of events were as follows:

• trades were executed through AL Ramz’s online trading platform where there was no change in the ultimate beneficial ownership, otherwise known as a ‘wash trade’
  • a wash trade constitutes a potential form of market abuse as it may generate a deceptive impression regarding the supply, demand, or price of an investment
• the wash trades resulted in a temporary increase of 27% in the share price on the final day of trading activity
• the trades were executed on the Nasdaq Exchange who flagged them as a suspected wash trade
• notwithstanding this, Al Ramz failed to discharge its obligation to report the suspicious transactions to the DFSA, as mandated under Recognition Rule 3.4.5(1).

Al Ramz has contested the DFSA’s findings, and the Decision Notice has been referred to the Financial Markets Tribunal (‘FMT’). Consequently, the DFSA’s decision remains provisional, pending the FMT’s review, which may confirm, amend, or overturn it. Pending the completion of the review, the DFSA does not intend to offer any further public comment.

You can read the DFSA article here.