UAE Law and Practice Contributed by: Stefan Mrozinski, Gabrielle Margerison (nee Lowe) and Arnold Krutilins, White & Case LLP
work. These obligations are largely contained in the CBUAE’s Consumer Protection Regulation and Standards. The CBUAE’s data protection provisions require open banking providers to implement various policies, processes, man - agement and business practices in respect of data security, breach notifications, data retention and minimisation principles as well as ensuring that consumers are sufficiently informed to make choices in respect of their personal data. “Onshore UAE’s” first consolidation of the data protection law came into effect in 2022 and although banking and credit data is excluded from its scope to the extent that provisions exist elsewhere, open banking providers established in “onshore UAE” will also be required to comply with its provisions in respect of most other forms of personal data they process. Beyond this, the UAE’s financial services reg - ulators issued “Guidelines for Financial Insti- tution Adopting Enabling Technologies” (the “Guidelines” ). The Guidelines set out guidance in respect of the adoption of application perfor - mance interfaces (APIs), which are integral to the provision of open banking services.
challenge for the UAE, given its rapidly develop - ing financial sector. As a result of the concerns raised in the FATF’s report, a number of measures were taken includ - ing the establishment of an AML and CTF execu - tive office at the centre of the government, the adoption of new guidelines for financial institu - tions and designated non-financial businesses and professions aimed at AML and CTF, the establishment of a special court to prosecute financial crimes and the implementation of a new Penal Code. The financial regulators in the UAE are increas - ingly active in combating instances of fraud and money laundering. Among the most common violations in 2024 that have led to investiga - tions and sanctions are those relating to non- compliance with AML protocols, particularly in respect of notification requirements and devel - oping systems to adequately combat the risk of money laundering and illegal transfers between connected individuals. 12.2 Areas of Regulatory Focus The UAE’s logistics and commodities sectors present a particular risk for regulators. For exam - ple, Dubai’s role as a centre for trading gold and other high-value commodities leaves it vulner - able to the laundering of illicit funds. The UAE regulators are focused on ensuring that foreign investors in the financial services indus - try are not discouraged from doing business by risks of money laundering or non-compliance with international sanctions regimes. In 2022, the CBUAE issued guidance recommending the use of digital identification systems and the tracking of IP addresses to detect suspicious behaviour, including from sanctioned and high- risk jurisdictions.
12. Fraud 12.1 Elements of Fraud
During the period between March 2022 and Feb - ruary 2024, the UAE was on the FATF’s grey list. The UAE’s removal from the grey list was a result of it significantly strengthening the effectiveness of its AML/CTF regime to meet the commitments in its action plan regarding the strategic deficien - cies that the FATF had previously identified. The development of a robust regulatory framework to combat AML/CTF risks has previously been a
927 CHAMBERS.COM
Powered by FlippingBook