Regulatory Update November 2025 – ME Region

On 8 November, the Dubai Financial Services Authority (‘DFSA’) and Hong Kong Monetary Authority (‘HKMA’) published the joint report “Scaling Sustainable Debt in Emerging Markets”, highlighting that labelled sustainable debt issuance in the Middle East and North Africa (‘MENA’) and emerging Asia Pacific markets has tripled to US$ 94 billion since 2020.

The report underscores the potential for financial institutions to support sustainable and transition finance through stronger disclosure standards, innovative sustainable instruments, and adherence to emerging climate-related frameworks.

The DFSA, as part of the UAE Sustainable Finance Working Group, has issued draft principles for climate transition planning, which require financial institutions to:

• develop credible and transparent climate transition plans
• align financing activities with sustainable and transition objectives
• monitor emerging practices in green, blue, social, and sustainability-linked debt instruments.

The report’s findings were discussed by the DFSA and HKMA at the Joint Climate Finance Conference on 26 November 2025 in Dubai.

You can read the DFSA report here.

On 10 November, the DFSA hosted a cyber risk webinar examining how post‑quantum cryptography (‘PQC’) can help the financial sector strengthen resilience against quantum‑era threats.

As the financial industry becomes increasingly reliant on digital technology and secure data exchange, the advent of quantum computing introduces new risks to traditional cryptographic systems. The session explored the transition to quantum‑safe cryptography and highlighted what financial institutions should be doing today to prepare for these emerging challenges.

The webinar’s key highlights centred on the following topics:

• core cyber risk challenges
  • identifying and standardising secure, efficient, and interoperable quantum‑resistant algorithms
  • replacing or upgrading legacy systems, hardware, and protocols across global networks
  • managing transition risks, as sensitive data encrypted today could be exposed once quantum decryption becomes practical
• risks of inaction
  • failure to transition could lead to confidentiality breaches, authentication failures, and threats to the integrity of legal records
• regulatory momentum
  • EU digital operational resilience act (‘DORA’) issued guidance on cyber risk
  • India enforced rules under its cybersecurity and cyber resilience framework
• consensus and proposals
  • limited agreement exists around target dates for transition
  • guidance from authorities should establish a coordinated global timeline, drive a top‑down approach in financial institutions, and set clear milestones to enforce action, facilitate compliance, and reduce backward‑compatibility burdens.

Firms were reminded that post‑quantum resilience is not a competition but a collaborative effort across regulators, firms, and jurisdictions.

On 12 November, the DFSA released the results of its AI Survey 2025, revealing a sharp rise in artificial intelligence (‘AI’) adoption amongst Authorised Firms in the Dubai International Financial Centre (“DIFC”). The survey shows that 52% of firms are now actively using AI, up from 33% in 2024, with generative AI usage nearly tripling over the past year (+166%).

Momentum is set to continue, with 60% of firms expecting to expand AI use in the next 12 months and 75% over the next three years, signalling AI’s emergence as a core operational component of financial services in the Centre. While 60% of firms reported having governance structures in place, 21% still lack clear accountability or oversight, underscoring the need for stronger frameworks.

Firms also called for greater regulatory clarity on AI governance, ethical use, and supervisory expectations, alongside harmonisation of standards across the UAE financial sector. The DFSA emphasised that innovation must be supported by effective governance, ethical data use, and robust risk management, and confirmed its ongoing engagement with industry to shape guidance for responsible AI adoption.

You can read the DFSA report in full here.

On 18 November, the DIFC Authority hosted a virtual awareness session on the DIFC ultimate beneficial owners (‘UBO’) regulations and provided an overview of the anti-money laundering/combatting the financing of terrorism (‘AML/CFT’) framework.

The workshop covered an overview of DIFC UBO regulations, the latest insights from the national risk assessment (‘NRA’), technological initiatives undertaken by the UAE, and case studies that illustrated key points.

On 19 November, the DFSA hosted an annual supervision outreach bringing together regulated firms to share supervisory priorities, expectations, and recent developments in the DIFC. The session covered updates across banking, wealth and asset management, capital markets, and fintech, with insights into key developments from the past year and a forward look to 2026.

Thematic reviews conducted by the DFSA in 2025 covered areas such as whistleblowing, high‑growth firms, self‑custody, conflicts of interest, and complaints management.

Key risks identified in conduct of business supervision for 2025 include:

• misconduct
• suitability assessment
• financial crime
• market abuse
• governance weaknesses
• resource constraints
• deficiencies in trading-related oversight.

Looking ahead to 2026, the DFSA identified several supervisory priorities. These include ensuring the suitability of products and services, reviewing the operation of fund platforms, assessing brokerage business models, and strengthening risk assessment processes. In addition, the DFSA will provide further workshops to support newly authorised firms.

You can access the DFSA presentation here.

On 26 November, the DIFC Academy to support alignment with the National Strategy, introduced a series of training programs. The session provided practical insights into Sharia-compliant banking, sukuk structures, and Islamic funds, equipping professionals with the knowledge to leverage opportunities arising from the strategy.

The UAE formally launched its national strategy for Islamic finance, halal industry and Islamic philanthropy, setting ambitious targets to be achieved by 2031. The strategy is designed to reinforce the UAE’s position as a global hub for Islamic finance and related sectors, with the Central Bank of the UAE (‘CBUAE’) leading implementation in collaboration with key stakeholders.

You can read the DIFC announcement here.

On 27 November 2025, the DFSA hosted its Newly Authorised Firms engagement sessions. These sessions are part of the DFSA’s ongoing initiative, launched in June 2025, to support newly authorised firms in building a strong compliance foundation and understanding regulatory requirements from the outset and as they grow.

The programme featured presentations from DFSA teams, with supervisors sharing both common pitfalls and examples of good practice. Key topics included DFSA “Essentials” such as general requirements, conduct of business requirements, and AML, CTF and sanctions obligations. The sessions also addressed operational resilience and cyber risk, market risk, and prudential requirements with proportionality.

You can find the DIFC presentation here.

On 27 November, the DFSA published findings from a thematic review on Continuing Professional Development (‘CPD’) for Money Laundering Reporting Officers (‘MLROs’) of firms operating in or from the DIFC.

The review aimed to evaluate the effectiveness of the CPD rule by examining how MLROs interpret and comply with its requirements on an ongoing basis.

CPD requirements were introduced by the DFSA in January 2020, aligning with practices in other leading international financial centres. Under the CPD rule, SEOs, MLROs and Compliance Officers (‘COs’) must complete at least 15 hours of valid CPD activities each calendar year.

The DFSA views CPD for MLROs as essential to maintaining effective compliance with evolving regulatory frameworks and protecting firms from the risks of money laundering, terrorist financing, and proliferation financing. As financial crime becomes increasingly sophisticated, MLROs must remain up to date with emerging trends, legislative changes, and best practices. Ongoing CPD ensures that MLROs are equipped with the knowledge and skills required to proactively identify risks, strengthen compliance frameworks, and safeguard the integrity of the financial system.

The key findings from the review include:

• 79% of MLROs completed at least 15 hours of valid CPD activities in the reporting period
• most CPD activities were relevant, but some were irrelevant, too basic, or non‑compliant with DFSA CPD rule requirements
• MLROs often prioritised free‑of‑cost CPD activities over content relevance or addressing specific learning needs
• firms provided good financial support for CPD but lacked sufficient non‑financial support such as learning and development frameworks and dedicated time.

In the future, the DFSA expects firms to demonstrate risk assessments the measures taken to fulfil their CPD obligations and the responsibilities of MLROs under the CPD rule and the AML Module of the DFSA Rulebook. In response to feedback from MLROs, the DFSA will also explore initiatives to clarify CPD rule requirements and provide guidance to support MLROs in carrying out their duties.

You can read the DFSA Thematic Review here.

On 28 November 2025, the DFSA announced three upcoming thematic reviews for 2026. These reviews form part of the DFSA’s supervisory toolkit to identify risks and share good practice across multiple firms and sectors, reflecting the continued growth and complexity of the DIFC financial services environment.

The following key areas were identified:

• suitability
  • assess adequacy of firms’ suitability frameworks to prevent mis‑selling and protect client interests
  • review both design and operation in practice of suitability systems and controls
  • data analysis, surveys, and on‑site visits will inform findings
• fund platforms
  • evaluate how firms with fund platform endorsements have implemented rules
  • focus on governance, business models, and high‑growth characteristics (resources, systems, staffing)
  • reviews of regulatory reporting, supplemented by targeted information requests and desk‑based reviews
• brokerage and oversight of trading environment
  • examine governance, systems, and controls to ensure effective oversight of trading
  • priority areas to include personal account dealing, best execution and communication channels and record keeping
  • market abuse controls remain a priority, with firms reminded of obligations to detect and report suspicious activity (‘STORs’)
  • engagement will include deep‑dive sessions, surveys, and on‑site visits.

The DFSA will publish key findings from each review and conduct outreach sessions to share examples of good practice within the industry.

In November 2025, the DFSA issued warnings regarding two scams misusing its name and credentials, one firm falsely claiming to operate legally in the DIFC, and another entity falsely claiming to be regulated by the DFSA.

The DFSA has warned of two separate scams involving false claims of authorisation. In the first case, fraudsters circulated a fake DFSA licence for Emirati Global Markets (‘EGM’), misusing the details of a legitimate firm and fabricating official stamps and names. The DFSA confirmed that EGM has never been registered or authorised in the DIFC. In the second case, scammers impersonated Dalma Capital Management Limited by creating a fraudulent entity called D Finance Capital Management Ltd, misusing Dalma’s licence number, logo, and contact details to offer personal loans with upfront fees. The DFSA confirmed that this entity is not incorporated in the DIFC and has never been authorised.

The DFSA has warned that Souq Capital is falsely claiming to be authorised by the regulator and is using a fake DFSA registration number. The firm is not, and has never been, authorised by the DFSA. The public is strongly advised to exercise caution and avoid any dealings with this entity.

The DFSA issued a warning about Berkshire Consulting Co, a firm falsely implying that it is regulated by the DFSA. On its website, the firm uses an address suggesting it operates in the DIFC, but the DFSA confirmed that Berkshire Consulting Co is not authorised and has misused the address of a legitimate DFSA‑authorised firm without permission. The DFSA strongly advises the public to exercise caution and avoid responding to any communications from this firm. It also reminds consumers to consult the DFSA’s alerts page, review guidance on common scams, and verify regulated firms and authorised individuals through the DFSA Public Register.

The DFSA strongly advises the public not to engage with these scams and never to send money or personal information to parties connected with them. Further details and guidance on avoiding scams are available on the DFSA website.

You can read the DFSA alerts here.

In November, the DIFC in partnership with GRC World Forums, announced that it will host Risk GCC 2025 in December, a two-day event focused on privacy, data protection, AI, and governance, risk and compliance (‘GRC’).

The event will bring together governance, risk, compliance, privacy, and risk professionals from across the region to share knowledge, enhance learning, and promote innovation.

You can read the DIFC announcement  here.

On 6 November, the Financial Services Regulatory Authority (‘FSRA’) held its annual outreach session reflecting on key achievements of 2025 and outlining priorities for 2026. This flagship event served as a platform to provide insight into FSRA’s evolving regulatory framework and its implications for firms operating within and beyond Abu Dhabi Global Market (‘ADGM’).

The programme featured panel discussions across FSRA’s core areas, including authorisations, markets, supervision, financial crime, policy, enforcement, and innovation. It also highlighted how the FSRA is advancing international regulatory alignment, fostering responsible innovation and regulatory technology adoption, and strengthening operational resilience in the face of evolving cyber, fraud, and geopolitical risks.

The key points around innovation include:

• the FSRA reaffirmed that innovation has been central since ADGM’s inception e.g. RegLab
• virtual assets framework now follows a self‑assessment and notification model, giving firms flexibility while ensuring accountability
• expanded oversight to staking, decentralized finance (‘DeFi’), tokenisation, and virtual‑asset lending/borrowing
• from 1 January 2026, fiat reference token regulation framework will include custody, mediation, and conduct obligations
• safeguards for tokenisation with emphasis on valuation, custody, and investor protection
• disclosures, segregation of duties, and suitability assessments highlighted as essential to avoid conflicts of interest
• firms encouraged to engage early, even with incomplete concepts, as FSRA maintains a collaborative stance
• development of RiskAnalyser and FSRA Connect upgrades
• continued emphasis on outsourcing, business‑continuity planning, and alignment with international standards.

You can read the FSRA announcement here.

On 10 – 12 November, the FSRA hosted the Africa and Middle East Regional Committee (‘AMERC’) of the International Organisation of Securities Commissions (‘IOSCO’) in Abu Dhabi. The event comprised both the AMERC Plenary Meeting and the AMERC Public Conference.

The AMERC Plenary Meeting, held on 11 November, was attended by 29 IOSCO member regulators from across the Middle East and North Africa (‘MENA’). The discussions centred on the development of capital markets in the region, with particular emphasis on deepening, diversification, and integration. Key themes included the alignment of regulatory frameworks with global standards, the strengthening of cross-border cooperation, and the enhancement of supervisory capabilities. The outcomes of these deliberations will feed into IOSCO’s forward-looking agenda, shaping priorities around market resilience, digital innovation, and financial integrity.

The AMERC Public Conference, held on 12 November, was open to the wider public and industry stakeholders. The event featured high-level panels that explored current market shifts, policy considerations, and innovation in capital markets. Discussions highlighted the evolving opportunities and challenges facing regulators and market participants across the region. Dedicated sessions focused on key themes shaping the future of financial markets, including tokenisation and distributed ledger technology (‘DLT’), sustainability and financial materiality, and the rise of private credit, examining both its benefits and associated concerns.

You can read the FSRA announcement here.

On 17 November, the FSRA issued Dear SEO/MLRO/PR Letter on “Unlicensed Virtual Asset activities”. The notice reminded all firms, including financial firms and Designated Non-Financial Businesses or Professions (‘DNFBPs’), that conducting activities involving virtual assets (‘VA’) without the appropriate licence is prohibited.

The key requirements for firms include:

• avoid engaging with or facilitating unlicensed Virtual Asset Service Providers (‘VASPs’) in the UAE
• report any unlicensed VASP activity within the ADGM to the FSRA via the FSRA complaints portal
• notify the relevant competent authority of any unlicensed VASP activity occurring outside the ADGM
• where applicable, consider submitting a Suspicious Activity Report (‘SAR’) to the UAE Financial Intelligence Unit (‘FIU’).

The FSRA emphasised the importance of cooperation between the private sector and national authorities in detecting and deterring unlicensed VASP activity, supporting integrity across the ADGM and UAE financial markets.

You can read the FSRA notice here.

On 24 November, the FSRA issued Consultation Paper No. 12 of 2025, outlining proposed enhancements to its framework for funds and fund managers. The paper seeks industry feedback on several aspects of the current regime.

The key proposals include:

• simplified regulatory requirements for fund managers of smaller funds and those managing funds exclusively for institutional investors
• amendments to facilitate employee participation in private funds managed by their employer
• revisions to the framework applicable to overseas managers operating within ADGM.

You can read the FSRA consultation paper here. Comments are welcome until 30 January 2026.

On 26 November, the FSRA issued Consultation Paper No. 13 of 2025, setting out proposals to further align its regulatory framework with the Insurance Core Principles issued by the International Association of Insurance Supervisors.

The key proposals include:

• enhancements to market conduct and reinsurance practices
• continuation of FSRA’s benchmarking approach, following recent updates aligned with Basel Committee and IOSCO principles
• operationalisation of International Financial Reporting Standards (‘IFRS’) 17 Insurance Contracts and removal of unnecessary regulatory requirements through miscellaneous amendments
• introduction of proportionate requirements for all Authorised Persons and Recognised Bodies to consider and manage material climate-related risks.

You can access the FSRA consultation paper here. Comments are welcome until 30 January 2026.

On 3 November, the CBUAE hosted the Cybersecurity Seminar and the second cybersecurity drill for BRICS Central Banks at the Emirates Institute of Finance Innovation Hub in Dubai. BRICS is an intergovernmental organisation comprising ten countries: Brazil, China, Egypt, Ethiopia, India, Indonesia, Iran, Russia, South Africa and the United Arab Emirates.

The key points of the seminar include:

• emerging threats from advanced technologies and evolving cyber risks
• the drill tested real‑time responses through simulated cyberattacks to identify strengths and weaknesses
• participants shared best practices and techniques to enhance resilience of the global financial system.

You can read the CBUAE announcement here.

In November, the AML/CFT Supervisory Subcommittee (‘SSC’) held a series of virtual outreach sessions, designed to strengthen understanding of key AML/CFT areas among licensed entities and VASPs.

The programme included the following three sessions:

• correspondent banking held on 4 November
• CDD, KYC and record‑keeping held on 6 November
• guidance on TBML and transhipment on 26 November.

The key highlights from the session on correspondent banking covered risk factors, applicable controls, and risk mitigation measures:

• firms should conduct a comprehensive risk assessment of their business relationships relating to cross-border transactions and determine whether any of these relationships requires enhanced due diligence (‘EDD’)
• simplified due diligence measures are not acceptable in the context of cross-border correspondent banking and additional measures are necessary because cross border correspondent banking relationships are inherently higher risk than domestic relationships
• to ensure effective risk management, firms should establish clear criteria for implementing EDD measures based on specific risk factors such as:
  • transaction types and volumes
  • geographic locations
  • ownership structure.
• firms are also required to identify, assess, and understand their money laundering, terrorist financing, proliferation financing (‘ML/TF/PF’) risk exposure to appropriately manage them
• correspondent banks need to assess the risk factors of their respondents through a review of their customers, geographies, products and services, and delivery channels risks
• firms should ensure that their enterprise-wide ML/TF/FP risk assessment covers all business units, including those of branches, subsidiaries, parent entities, or other affiliates located outside the UAE.

The key highlights from the session on CDD, KYC and record-keeping include:

• digital identification and verification
• beneficial ownership identification and verification
• establishing a customer risk profile
  • while there is no universal customer risk rating model that should be used across the financial sector, firms should consider the ongoing publication of information by the CBUAE and other UAE competent authorities

General factors to consider while assessing customer risk profile are (i) products and services used by the customer, (ii) geographic location, both of the customer and the counterparties they transact with, and (iii) type of customer’s business, customers and counterparties.

Each session was tailored to compliance professionals, including MLROs, Deputy MLROs, Compliance Officers, and KYC/CDD teams, providing practical insights into regulatory expectations and best practices.

The SSC emphasised the importance of these sessions in supporting firms’ compliance frameworks and reinforcing the UAE’s commitment to combating financial crime.

On 7 November, VARA issued the circular “Rule III D Risk Assessments” to strengthen the requirements for AML/CFT Business Risk Assessments across all VASPs. The circular addresses deficiencies identified during supervisory inspections in 2024 and 2025 and sets out clear expectations for maintaining robust, documented and data-driven risk assessment frameworks.

VASPs are required to assess ML/TF/PF risks across their business models, incorporate emerging risks (including AI-enabled processes, anonymity-enhanced transactions and new virtual asset products), and align their frameworks with the UAE National Risk Assessment and relevant sectoral findings. The circular also mandates Board-approved methodologies, quarterly reviews of BRAs, integration of outcomes into AML/CFT controls and governance processes, and detailed documentation and version control. VARA will conduct a thematic review of compliance in Q2 2026, and non-compliant firms may be subject to remediation timelines and regulatory action.

You can read the VARA announcement here.

On 9 November, the Capital Markets Authority of Kuwait hosted the eleventh meeting of the Ministerial Committee of the Board of Directors’ Heads of the Regulatory Entities of GCC Capital Markets. The meeting was attended by representatives from all member states, including the Securities and Commodities Authority (‘SCA’) of the UAE.

• Key discussions covered:
  • updates on ongoing projects led by the Gulf Markets Committee, including measures to promote cross listing, dual listing, and trading of bonds and sukuks across regional markets
  • presentation by the Saudi Capital Market Authority on the Muslim programme, recent awareness campaigns, and developments in the Gulf Smart Investor Award
  • review of recent progress on the GCC passporting list and statistical updates on financial market performance for the first half of 2025.

The committee reaffirmed the importance of advancing regulatory alignment to support deeper integration of GCC financial markets.

You can read the press release here.

On 21 November, VARA issued a circular to all regulated VASPs regarding the updated Guidance on Targeted Financial Sanctions (‘TFS Guidance’). VARA reminded VASPs of their obligation to align their TFS controls with the TFS Guidelines, the Executive Office for Control and Non-Proliferation (‘EOCN’) regulatory standards, and UAE federal legislation.

As part of the UAE’s commitment to preventing the misuse of financial systems for illicit activities such as terrorism financing, proliferation financing, and sanctions evasion, VASPs are required to comply with specific obligations. These include reviewing the updated EOCN TFS Guidelines, conducting a gap assessment of their current frameworks, and ensuring that their compliance measures are robust and effective in line with the UAE’s TFS legal framework.

VASPs are also required to conduct ongoing training and awareness sessions for relevant employees and senior management. Firms must also establish and maintain internal controls and procedures to effectively implement TFS measures. In addition, VASPs are expected to cooperate with the EOCN and VARA in verifying the accuracy of information contained in submitted reports. Finally, they must implement the freezing and lifting of freezing measures without delay, upon designation or de‑listing, in line with United Nations Security Council Resolutions (‘UNSCRs’) or Cabinet decisions regarding the UAE Local Terrorist List.

The VARA reminded firms of the serious penalties associated with non‑compliance. Any person found to violate or fail to comply with the obligations set out in Cabinet Decision No. 74 of 2020, or who does not implement reasonable procedures to ensure compliance, may face imprisonment for a period of not less than one year and not more than seven years. In addition, offenders may be subject to a financial penalty of no less than AED 50,000 and no more than AED 5M.

You can read the VARA announcement here.

On 24 November, VARA announced mandatory gap analysis requirements for VAPSPs following the entry into force of the Federal Decree‑Law No. (10) of 2025 on Anti‑Money Laundering, Combating the Financing of Terrorism, and Proliferation Financing (“2025 AML Decree‑Law”). The law was issued on 30 September 2025 and became effective on 14 October 2025.

These actions are designed to ensure VASPs align fully with the updated AML framework, strengthen compliance, and demonstrate proactive risk management.

The key requirements of the gap analysis are as follows:

• VASPs must review their AML/CFT/CPF policies, procedures, systems, and controls against the 2025 AML Decree-Law, and submit a “GAP Assessment Report” within 60 days, including clause‑by‑clause mapping, a Board‑approved remediation plan, and evidence of immediate mitigations for high‑risk gaps
• within 90 days, firms must implement priority fixes and deliver targeted training for staff, role‑holders, and senior management
• within 120 days, all remaining gaps must be closed, with completion confirmed by the compliance officer and approved by the board or audit risk and compliance committee (or equivalent committee)
• firms must maintain internal documentation, including working papers, testing results, and Board minutes, and be prepared to provide these records upon request.

You can read the VARA announcement here.

Following the publication of the Strategic Analysis Report on Precious Metals and Stones – 2025 in October, the FIU organised two awareness sessions that brought together nearly 500 participants, including money laundering reporting officers, compliance professionals from major financial institutions, and traders in precious metals and stones. During these sessions, the FIU highlighted sector‑specific risks, outlined patterns of money laundering and terrorist financing, and introduced updated risk indicators relevant to both financial institutions and the precious metals and stones sector.

The FIU also provided constructive feedback to reporting entities, pointing out areas where the quality and effectiveness of submitted reports could be improved. The session with financial institutions concluded with a discussion on how to monitor sector risks more effectively, while the session dedicated to the precious metals and minerals sector featured a Q&A led by the Operational and Strategic Analysis teams.

These initiatives underscore the FIU’s commitment to advancing national efforts against money laundering and terrorist financing through dialogue, collaboration, and knowledge sharing. Reporting entities are further reminded to review the updated Strategic Analysis Report on the misuse of precious metals and stones in financial crimes and to take into account the recommendations and improvement areas identified.

You can read the FIU report in full here.

The SCA issued three warnings in November 2025. The first warning concerns the Gulf Higher Authority for Financial Conduct, which is operating through https://www.financialgcc.com and unlawfully claiming SCA regulatory authority. The second warning highlights an unidentified entity impersonating Emirates Investment Bank by using falsified documents with the SCA’s logo and other financial institution logos, and by running fraudulent platforms and cloned websites, including www.uaeinvbank.com. The third warning relates to Neom Line Investment Limited and Neom Line Investment Co. L.L.C, which are operating through https://neomlineinvest.com but are not licensed to conduct regulated financial activities.

The SCA urges investors to exercise extreme caution, verify licensing status through its official Public Register, and avoid dealings with unlicensed or fraudulent entities to protect against potential financial fraud.

You can access the SCA warnings here.

On 3 November, the Middle East and North Africa Financial Action Task Force (‘MENAFATF’) held its 41st Plenary Meeting and associated Working Group sessions, which concluded on 13 November in Manama, Kingdom of Bahrain. The gathering brought together heads of delegations, experts from member and observer countries, as well as representatives of international organisations and Financial Sector Regional Bodies (‘FSRBs’). Discussions covered the outcomes of the high‑level meeting of Arab Central Bank Governors and Monetary Authorities, reaffirming their support for MENAFATF, and ongoing projects to strengthen its governance. Delegates also reviewed studies conducted by MENAFATF and shared national experiences, addressing challenges in implementing targeted financial sanctions, tackling emerging crimes and cybercrime, and identifying new patterns of money laundering and terrorist financing.

Several follow‑up reports from member countries were adopted during the meeting. The Kingdom of Bahrain was confirmed as Vice‑President of MENAFATF for 2026, and priorities for the joint presidency of the United Arab Emirates and Bahrain for 2026 and 2027 were formally approved.

You can read the MENAFATF announcement here.

On 11 November, INTERPOL convened the Global Conference on Anti‑Corruption and Asset Recovery alongside the 15th Annual Match Fixing Task Force in Abu Dhabi. The events, organised by INTERPOL’s Financial Crime and Anti‑Corruption Centre in partnership with the Government of the United Arab Emirates, brought together more than 500 specialists from over 90 countries.

The conferences served as a critical platform to unify international strategies against corruption, financial crime, and match fixing, reinforcing global law enforcement efforts to dismantle criminal networks, recover illicit assets, and safeguard integrity in sport. Discussions highlighted the links between corruption, money laundering, environmental crime, and organised crime, while delegates called for institutional and legal reforms, stronger financial oversight, and robust reporting systems to enhance accountability. Participants also exchanged experiences on mechanisms to improve cooperation between national and international entities and explored INTERPOL’s role in supporting asset recovery, with particular emphasis on the operational use of the INTERPOL Silver Notice to trace assets tied to criminal activity. Contributions from the Financial Action Task Force (‘FATF’), the Organisation for Economic Co‑operation and Development (‘OECD’), and the United Nations Office on Drugs and Crime (‘UNODC’) underscored the importance of multi‑agency approaches in disrupting criminal financing and advancing transparency and accountability worldwide.

The UAEFIU also participated in the Anti‑Corruption and Asset Recovery event contributing to the session titled “The Role of the FIU and Central Authorities to Fight Corruption and Facilitate Asset Recovery.” The discussions emphasised mechanisms to strengthen international cooperation among FIUs, joint efforts with law enforcement to combat corruption, and highlighted the UAEFIU’s latest initiatives to enhance asset recovery and financial transparency. The UAEFIU reaffirmed its commitment to advancing transparency, accountability, and global coordination in the fight against financial crime and corruption.

You can read the INTERPOL announcement here.

On 16 November, the FATF announced amendments to its Recommendations, equipping law enforcement agencies, financial intelligence units, prosecutors, asset recovery practitioners, and other competent authorities with a stronger toolkit to identify, target, and confiscate criminal assets.

The key changes to Recommendations include:

• countries must treat asset recovery as a domestic and international priority, regularly reviewing confiscation policies and operational frameworks
• authorities are required to share information internally to identify criminal property, mainstreaming asset recovery at the start of investigations
• countries must establish regimes allowing confiscation without a criminal conviction, consistent with domestic legal principles, especially useful in corruption‑related laundering cases
• criminals can be deprived of assets linked to a criminal lifestyle or exceeding lawful income, where consistent with domestic law, proven effective against organised crime
• stronger tools to freeze, seize, and restrain suspected criminal property at early stages of investigations, including suspending transactions, to prevent dissipation of illicit proceeds and counter cyber‑enabled crime
• countries must recognise each other’s preliminary and final confiscation orders, improving efficiency in transnational money laundering cases
• emphasis on good communication and informal cooperation between countries, supported by mutual legal assistance treaties and multilateral networks, to enable faster and more constructive asset recovery collaboration.

You can read the FATF announcement here.

On 18 November, the FATF published an updated consolidated ratings table. The table summarises jurisdictions’ progress against the 40 FATF recommendations. The recommendations assess the jurisdiction’s maturity against money laundering, counter terrorist financing and proliferation financing measures.

You can read the consolidated rating table here.

On 21 November, the FATF hosted a virtual webinar dedicated to financial inclusion and the adoption of proportionate, risk‑based strategies to counter illicit finance. The session examined practical ways to promote financial inclusion by highlighting proportionality and simplified measures within a risk‑based framework for anti‑money laundering and counter‑terrorist financing. It also aimed to support countries in effectively implementing the updated FATF Standards and Guidance.

You can watch the FATF webinar here.

International Fraud Awareness Week 2025 was observed worldwide from 9 to 15 November, marking its 25th anniversary. This year’s campaign focuses on addressing increasingly sophisticated forms of fraud, with particular attention to the rise of digital scams.

The 2025 edition underscores that fraud prevention is a shared responsibility. By raising awareness, updating risk indicators, and encouraging vigilance, the initiative seeks to reduce financial losses, protect communities, and strengthen trust across global markets.

The UAEFIU reaffirmed its commitment to promoting transparency, integrity, and public awareness in order to safeguard the UAE’s financial ecosystem. As part of its ongoing national efforts, the UAEFIU continues to strengthen the investigation of fraud incidents in close coordination with law enforcement and domestic authorities, enhance understanding of fraud typologies and risk indicators, and provide guidance to financial institutions on effective risk detection and reporting. It also works with regional and international partners to counter organised financial fraud. Through sustained awareness campaigns, targeted research, and collaborative initiatives, the UAEFIU remains dedicated to empowering stakeholders and the wider public to recognise, report, and combat fraudulent activity.

On 23 November, the ADGM Registration Authority (‘RA’) issued a notice in relation to a serious case of misconduct involving a public relations officer (‘PRO’) engaged by a retail business in ADGM. An investigation confirmed that the retailer was provided with, and publicly displayed, a falsified ADGM commercial licence. The PRO, who had been engaged to renew the licence, accepted payment but failed to submit the renewal to the RA. Instead, the PRO falsely claimed the renewal was completed and issued a fabricated licence, which the retailer then displayed on its premises.

The RA strongly advises all ADGM entities to:

• implement strong controls and ensure oversight of all regulatory documentation processes, including work permits
• ensure that documents are authentic, valid and current
• use the ADGM Portal tool to leverage the free document verification tool to check authenticity via the printed verification code
• report irregularities and immediately raise concerns through the RA complaints portal.

The ADGM RA reiterated its commitment to upholding the highest standards of integrity, promoting robust compliance, and safeguarding the trust and confidence that underpin ADGM’s position as a premier international financial centre.  The RA stressed that inadequate oversight could expose businesses to significant financial penalties and reputational damage. Entities remain fully responsible for the conduct and actions of their staff and representatives.

Firm are also reminded that under the ADGM Companies Regulations 2020, failure to prevent falsification of company records can result in enforcement action, including fines of up to US$ 1,000,000 for serious breaches.

You can read the FSRA RA notice here.

On 24 November, the FSRA issued a final notice imposing a financial penalty of US$ 51,000 on FWS Group Ltd (‘FWS’) under section 232 of the Financial Services and Markets Regulations 2015. FWS was incorporated and registered in the ADGM to hold commercial licence to conduct non‑financial business activities as a “Business Centre” and “Registered Office Provider.

FWS incurred a fine as a result of the following deficiencies identified between 1 December 2022 and 30 December 2023:

• failure to implement adequate AML policies and procedures covering requirements under the AML rules and federal AML legislation
• failure to conduct a business risk assessment (‘BRA’), including a target financial sanctions risk (‘TFS’) assessment
• failure to undertake customer risk assessments prior to establishing business relationships
• failure to perform customer due diligence, including enhanced due diligence where required, and ongoing monitoring
• failure to appoint a new MLRO promptly and notify the FSRA of any changes in MLRO appointment.

You can read the FSRA notice here.

The SCA announced two disciplinary measures in November. On 2 November, an investor was found to have engaged in front‑running to profit from price movements, in violation of Article 17 of the SCA Board’s Decision No. 2 of 2001. As a result, the SCA imposed a financial penalty of AED 100,000.

On 3 November, an employee of an SCA‑licensed company was discovered to have cheated during the UAE financial rules and regulations exam, breaching Articles 3 and 4 of the rulebooks for financial activities. Consequently, the SCA revoked the initial approval granted to the employee to serve as a “promotion manager.”

These actions highlight the SCA’s commitment to maintaining integrity, professional competence, and market fairness, while reminding firms and individuals of the importance of strict compliance with regulatory standards.

You can read the SCA enforcement notices here.