Dubai FSA Consults on Cyber Risk Rules & Aspects of Innovation Program
The Dubai Financial Services Authority (Dubai FSA) is consulting on the cyber risk management requirements for regulated firms and on its role in supporting innovation in financial services. The consultation period ends on April 25, 2023 while the proposed compliance date for the cyber risk management rules is January 01, 2024.
As part of this consultation, Dubai FSA proposes to modify the legacy provisions in certain parts of the Dubai FSA Rulebook with respect to requiring firms to protect their information technology assets from information security threats. The amendments are being introduced to the GEN (General), AUD (Auditor), COB (Conduct of Business), AMI (Authorized Market Institutions), and PIB (Prudential: Investment, Insurance Intermediation, and Banking) modules in the Rulebook. To facilitate innovation and to support the further development of a technology and innovation-focused community in the Dubai International Financial Center (DIFC) and in Dubai, Dubai FSA has introduced new and amended rules in areas such as Crowdfunding, Fund Platforms, Money Services, Venture Capital, Investment Tokens, Credit Funds, and Crypto Tokens. Dubai FSA is planning to review some of these regimes in 2023. The authority intends to publish a Call for Evidence shortly as part of a review of the Crowdfunding regime and will welcome feedback from stakeholders on the need for further evolution of this regime.
Dubai FSA, in 2017, had introduced the Innovation Testing License (ITL) program, which is its version of regulatory sandbox. The authority is concerned that the program is at risk of being used as a vehicle to support start-up entities and entities with no regulatory history, who are not adequately prepared to apply for a DFSA license in the normal way. Thus, it seeks public comments on a series of proposals aimed at refocusing the
ITL program even more clearly on innovation and proposes to clarify some of the processes involved and the related regulatory expectations, such as the application process, the entry into and exit out of the ITL program, and changes in relation to the application criteria, timeline, and regulatory interaction. While not part of the proposals that will result in any Rulebook changes, Dubai FSA is also seeking feedback on ideas related to its engagement with technology firms providing certain non-regulated services in or from the DIFC.
Keywords: Middle East and Africa, UAE, Dubai, Banking, Cyber Risk, Regtech, Regulatory Sandbox, Crowdfunding Service Providers, Lending, Dubai FSA
Previous ArticleEBA Issues No-Action Letter on Trading Book Boundary Provisions
ECB Finds Banks Unprepared for Pillar 3 Climate Risk Disclosures
The European Central Bank (ECB) published results of the 2022 supervisory assessment of climate-related and environmental risk disclosures among significant institutions (103) and a selected number of less significant institutions (28).
NCUA Assesses Credit Union Exposure to Climate-Related Physical Risks
The National Credit Union Administration (NCUA) released a Research Note that examines the exposure of credit unions to climate-related physical risks. In a related development
EBA Issues Multiple Regulatory and Reporting Updates for Banks
The European Banking Authority (EBA) is seeking comments, until July 31, 2023, on the draft Guidelines on the proposed common approach to the resubmission of historical data under the EBA reporting framework.
EC Adopts Regulation on Own Funds, Issues Other Updates
The European Commission adopted Delegated Regulations on own funds and eligible liabilities, on requirements for the internal methodology under the internal default risk model
CDP Platform to Report Plastic-Related Impact, Issues Other Updates
The Carbon Disclosure Project (CDP) announced that its global environmental disclosure platform has enabled reporting on plastic-related impact for nearly 7,000 companies worldwide
IASB to Enhance Reporting of Climate Risks, Proposes IFRS 9 Amendments
The International Accounting Standards Board (IASB) updated its work plan to enhance the reporting of climate-related risks in the financial statements,
BIS Addresses Data Gaps and Macro-Prudential Policy for Climate Risks
The Financial Stability Institute (FSI) of the Bank for International Settlements (BIS) published a brief paper that examines challenges associated with the use of macro-prudential policies to address climate-related financial risks.
FCA Sets Out Business Plan, Launches TechSprint on Greenwashing
The Financial Conduct Authority (FCA) published its business plan for 2023-24. The plan sets out details of the work planned for the next 12 months to achieve better outcomes for consumers and markets
UK Committee Sets Out Recommendations for Next Phase of Open Banking
The Joint Regulatory Oversight Committee (JROC), comprising the Financial Conduct Authority (FCA) and the Payment Systems Regulator (PSR) as co-chairs and the HM Treasury and the Competition and Markets Authority (CMA) as members
ECB Publishes Multiple Regulatory Updates for Banking Institutions
The European Central Bank (ECB) published the results of the 2022 climate risk stress test of the Eurosystem balance sheet,