← ChatGCC LexAIDocuments →
🇦🇪

United Arab Emirates

The UAE has the most developed AI and fintech regulatory framework in the GCC, with distinct federal and free zone regimes across ADGM (Abu Dhabi) and DIFC (Dubai).

98+ documents·8 regulatory bodies
Ask about United Arab Emirates regulations →Browse documents

Regulatory Bodies

CBUAECentral Bank of UAEFintech, payments, open banking, BNPL, crypto licensing
ADGMAbu Dhabi Global MarketFinancial services, virtual assets, data protection (Abu Dhabi free zone)
FSRAFinancial Services Regulatory AuthorityInvestment management, digital assets, capital markets within ADGM
DIFCDubai International Financial CentreData protection law, financial services, AI ethics (Dubai free zone)
DFSADubai Financial Services AuthorityRegulated activities within DIFC, innovation testing licence
TDRATelecom & Digital Regulatory AuthorityTelecommunications, digital infrastructure, cybersecurity
SCASecurities and Commodities AuthorityFederal securities regulation, crowdfunding, crypto assets
MoIATMinistry of Industry & Advanced TechnologyFederal AI policy, UAE National AI Strategy, PDPL enforcement

Frequently Asked Questions

What data protection laws apply in the UAE?

The UAE has three overlapping regimes: the federal PDPL (2021) administered by MoIAT, the ADGM Data Protection Regulations (2021) for Abu Dhabi's financial free zone, and the DIFC Data Protection Law 2020. If you operate within ADGM or DIFC, the free zone law applies instead of federal law. All three require lawful basis for processing, data subject rights, and breach notification.

How does the UAE regulate virtual assets and crypto?

Three regulators cover virtual assets: FSRA (under ADGM) licenses VASPs in Abu Dhabi's financial free zone; DFSA (under DIFC) covers crypto in Dubai's financial free zone; and VARA (Virtual Assets Regulatory Authority) governs crypto activity across the Emirate of Dubai outside DIFC. Licensed activities include exchange, broker-dealer, custody, and lending.

What is the CBUAE Open Finance Framework?

The CBUAE published its Open Finance Policy in 2023, requiring licensed financial institutions to share customer data via APIs with customer consent. The framework covers banks, payment service providers, and insurance companies. It builds on the earlier Retail Payment Services and Card Schemes Regulation, which licenses non-bank payment providers.

Does the UAE have specific AI regulations?

The UAE National AI Strategy 2031 (updated 2022) sets an aspirational framework. Sector-specific AI guidance has been published by FSRA, DFSA, and CBUAE for financial services AI/ML. ADGM published AI Ethics Guidelines in 2024. The federal PDPL creates implicit AI obligations around transparency in automated decision-making.

Need a specific answer? Search the full United Arab Emirates regulatory corpus with AI.

Open GCC LexAI →
Get notified when new United Arab Emirates documents are added: