UNITED ARAB EMIRATES Law and Practice Contributed by: Arnold Krutilins and Gabrielle Margerison (nee Lowe), White & Case LLP
lowing consultation (CP 168), the DFSA implemented major updates effective 12 January 2026, including shifting responsibility to firms to assess suitability for most (non-fiat) crypto tokens, while retaining DFSA recognition/approval for fiat crypto tokens. The DFSA framework also includes prohibitions relating to cer - tain crypto token structures (including algorithmic tokens) and imposes conduct, disclosure and systems and controls requirements on authorised firms engag - ing in crypto token activities. ADGM In the ADGM, the FSRA has established and refined a framework for “fiat-referenced tokens” (“FRTs”) through amendments to its regulations and rulebooks, with a significant number of FRT-related rule changes effective 1 January 2026. In summary, key features include: • Redemption at Par: The concept of an FRT in the FSMR framework includes being redeemable “on demand” for the amount of fiat currency refer - enced. • Reserve Assets and Safeguarding: The FSRA’s Conduct of Business Rulebook amendments include requirements for an issuer to treat amounts received as “relevant money” and to hold backing assets either as segregated money (client account) and/or in specified “reserve investments” held through “reserve accounts” with approved third parties, subject to detailed conditions. • Ongoing Attestation/Disclosure: The regime includes a requirement for periodic (including monthly) written attestations by an independent third party approved by the regulator, covering (among other things) the value of reserve assets and whether these equal or exceed the redemption value of issued/outstanding FRTs. 11. Open Banking 11.1 Regulation of Open Banking In the UAE, open banking is regulated under the fol - lowing: • The RPSCS Regulation: Under this regulation, payment initiation service providers and account
information service providers are required to obtain a licence to operate in “onshore UAE”. • The Open Finance Regulation: The Open Finance Regulation issued by the CBUAE in 2024 intro - duced an “Open Finance Framework” which CBUAE-licensed financial institutions are mandat - ed to participate in. In summary, licensed financial institutions will, following consent from a customer, be able to access customer data (including that held by other licensed financial institutions) for the purpose of initiating transactions on customers’ accounts. In “offshore UAE”: • The DFSA General Rulebook Module was amend - ed in 2020 to include the provision of open bank - ing-related services within the scope of its licens - ing framework. • The FSRA introduced a new regulatory framework for Third-Party Financial Technology Services. The framework for Third-Party Financial Technology Services focuses on the activities provided by third parties that act as intermediaries between custom - ers and FSPs. 11.2 Concerns Raised by Open Banking In recent years in the UAE there has been an increased awareness of privacy and data security standards. This has been driven by the impact of the GDPR on international data flows and consumer and business expectations. The DIFC and the ADGM also amended their data protection regimes in 2020 and 2021 respectively. The DIFC and the ADGM frameworks are largely modelled on the GDPR and require open banking providers to implement the data privacy and security measures contained therein where they are established in the financial free zones or are processing the personal data of individuals in the financial free zones. The CBUAE also sets out extensive data protection provisions as part of its regulatory framework. These obligations are largely contained in the CBUAE’s Consumer Protection Regulation and Standards. The CBUAE’s data protection provisions require open banking providers to implement various policies,
927 CHAMBERS.COM
Powered by FlippingBook