Image: Supplied
Cybersecurity is now a central pillar of regulatory strategy in the UAE. With the Financial Action Task Force’s Mutual Evaluation approaching in 2026, national and sector-level regulators are sharpening their focus on how firms manage cyber risk.
Most recently, on July 29 earlier this year, the Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM) introduced a strengthened cybersecurity framework designed to elevate how financial firms manage cyber risk. These new rules are based on the guidance provided to firms and shaped by industry feedback from Consultation Paper No. 3 of 2025.
The new rules mark a shift: cybersecurity is no longer just a technical concern; it’s a strategic imperative.
With a compliance deadline of January 31, 2026, firms operating in or entering ADGM must act now. The FSRA’s expectations are clear, and the time to prepare is limited.
A framework that reflects today’s risk landscape
The cornerstone of the FSRA’s update is a documented, board-approved Cyber Risk Management Framework (CRMF). Firms’ investment exchanges and clearing houses regulated by the FSRA must implement a CRMF that is…
