Category: Blog

Strengthening trust across Payment Services, Virtual Assets, and Fiat-Referenced Tokens

The Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM) has issued significant updates to its Conduct of Business Rulebook (COBS), effective from 1 January 2026. The revised framework aims to reinforce client asset protection, operational resilience, and regulatory clarity across both traditional and digital financial activities.
 

Enhanced Safeguarding Framework

The amendments introduce stricter requirements for the segregation and record-keeping of Client Money, Relevant Money, and Safe Custody Assets — including Reserve Investments and Fiat-Referenced Tokens (FRTs). Firms will now require prior regulatory non-objection when appointing third-party custodians to hold reserve assets.
 

Strengthened Oversight of Fiat-Referenced Tokens

A new Chapter 19A establishes a comprehensive regime for FRT issuers, mandating monthly independent attestations of reserves, restricting the conduct of additional regulated activities, and prohibiting the issuance of tokens denominated in AED. The FSRA has also set out clearer guidance on how it will determine an “Accepted Fiat-Referenced Token”.
 
Elevation of the Payment Service Provider Regime
 
The revised Chapter 19 aligns ADGM’s Payment Service Provider (PSP) framework with leading global standards. Key provisions address client disclosures, safeguarding of both money and tokens, operational restrictions (including prohibitions on cash handling), and ongoing reporting. PSPs must now segregate Relevant Money and Fiat-Referenced Tokens into dedicated Payment Accounts, ensuring robust end-to-end protection for users.
 
Custody and Virtual Asset Governance
 
The treatment of Virtual Assets and FRTs under the Safe Custody Rules (Chapter 15) has been clarified, introducing weekly reconciliations and enhanced due diligence requirements for custodians. New governance measures on wallet management, transaction traceability, and technology oversight have also been formalised.
 
Greater Transparency and Accountability
 
From enhanced client disclosures to independent attestations, the updated COBS framework underscores the FSRA’s focus on transparency, accountability, and proactive regulatory engagement.
 
At Clarity Solutions, we help firms interpret and implement regulatory developments across ADGM and DIFC, ensuring compliance frameworks remain robust, proportionate, and aligned with supervisory expectations. Our team supports payment service providers, virtual asset firms, and regulated entities through practical advice, tailored implementation planning, and ongoing compliance support.

The Financial Services Regulatory Authority (FSRA) of the Abu Dhabi Global Market (ADGM) has launched a set of amendments to its Funds Rulebook (FUNDS), ushering in enhanced reporting obligations for funds operating under its jurisdiction.

Formalised Reporting Cycles

The amendments codify discrete reporting timetables for different fund types:

Fund Type	Reporting Frequency	Reporting Deadline
Public Funds & open-ended Exempt	Quarterly	1 month after period end
Closed-ended Exempt, Qualified Investor and Foreign Funds	Semi-annual	6 months after period end

 

The FSRA retains discretion to alter reporting dates or request supplementary information.

What This Means for Fund Managers

Existing fund managers should assess their readiness against the new requirements.

The amended Rulebook is now live, and firms operating or planning to manage funds under ADGM should carefully evaluate how the changes affect their licensing, operations, and disclosure systems.

Your Next Step With Clarity

Navigating these new requirements does not need to slow you down.

At Clarity, we combine deep regulatory expertise with hands-on experience to help fund managers adapt quickly and confidently.

From assessing your oversight structures to ensuring your reporting and valuation processes meet FSRA standards, we make compliance seamless so you can stay focused on growth.

If you are managing or planning to launch a fund in ADGM, now is the time to act.

Get in touch with Clarity today and let us help you turn regulation into a competitive advantage.

The Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM) has finalised a series of amendments to its Prudential Rulebook (PRU), marking a strategic recalibration of capital and liquidity requirements for lower-risk financial institutions operating in the jurisdiction.

In a move that balances supervisory rigour with proportionality, the updated framework introduces more nuanced requirements for firms such as fund managers, investment advisers, custody providers, and other regulated entities that do not pose systemic risk. While the changes streamline certain obligations, they also set clearer expectations around capital adequacy, liquidity management, and internal risk assessment—particularly for firms handling client assets or digital instruments like fiat-referenced tokens.

Crucially, the revised PRU introduces recalibrated capital thresholds based on business activity and risk category. Category 3C and Category 4 firms, typically comprising asset managers, custodians, arrangers, and advisory firms, will now fall under new capital and liquidity obligations that reflect both the size and nature of their operations. Firms issuing fiat-referenced tokens, for example, face significantly higher minimum capital requirements under the updated rules.

The FSRA has also embedded liquidity safeguards, requiring applicable firms to maintain a buffer of unencumbered, high-quality liquid assets. These rules are designed to ensure that firms can meet liabilities as they fall due, even under stress scenarios.

At the same time, the amendments strengthen the regulator’s supervisory toolkit. The revised rules mandate internal assessments of capital adequacy and risk exposure (IRAP and ICAAP) for most domestic firms, depending on their regulatory category. These internal reviews will feed into the FSRA’s broader Supervisory Review and Evaluation Process (SREP), enabling the regulator to impose firm-specific capital requirements where warranted.

Taken together, the amendments reinforce the FSRA’s commitment to a risk-sensitive, forward-looking approach. This approach seeks to avoid regulatory overreach while safeguarding the integrity of ADGM’s financial ecosystem.

The updated Rulebook is now in effect. Firms operating in ADGM should assess the implications for their current Financial Services Permissions, capital position, and reporting obligations.

You can view the FSRA’s announcement and access the full amended Rulebook here:
ADGM FSRA announcement and Rulebook amendments

Need help understanding how the new PRU rules affect your firm?

Clarity works with regulated firms across ADGM to navigate supervisory change with confidence. Whether you need support understanding you capital resource requirements or preparing internal assessments (IRAP/ICAAP), our team is here to help.

Get in touch for a confidential discussion on how we can support your compliance and strategic planning.

The ADGM Registration Authority (RA) has issued two new reports setting out the results of its 2024 supervisory reviews into Designated Non-Financial Businesses and Professions (DNFBPs). The message is unmistakable: firms in this category, ranging from legal and accountancy practices to real estate agencies, CSPs and dealers in high-value goods, must raise the bar on anti-money laundering (AML) compliance, or face the consequences.

Drawing on a mix of thematic and onsite inspections, the RA has identified recurring weaknesses in how DNFBPs assess risk, report suspicions, and manage compliance frameworks. And while many firms appear to tick the right boxes on paper, the reviews suggest that too many still fall short in implementation and oversight.

From paperwork to practice

The thematic review, published in June 2024, examined how firms approach their Business Risk Assessments (BRAs), suspicious activity reporting, and AML training. Although the majority of DNFBPs had policies in place, the RA found widespread shortcomings in how those policies were applied.

In particular, many firms failed to distinguish clearly between different types of financial crime risk (money laundering, terrorist financing, and proliferation financing) despite this being a core requirement under ADGM rules. Others used off-the-shelf documentation that bore little relevance to the firm’s actual operations or client base. And in too many cases, the findings of the BRA were never communicated to staff, leaving front-line employees unaware of the risks they were meant to manage.

Suspicious activity reporting also came under scrutiny. While most firms had procedures in place to file Suspicious Activity Reports (SARs) with the UAE Financial Intelligence Unit via the goAML portal, the RA identified a disconnect between policy and practice. Some firms required senior management sign-off before filing a SAR, undermining the independence of the MLRO, while others failed to maintain accurate contact records or adequately explain how suspicions were identified.

Onsite assessments reinforce concerns

These issues were echoed in a second report detailing the results of 32 onsite inspections carried out across the DNFBP sector. The most common failings included:

• inadequate enhanced due diligence for high-risk customers, particularly in verifying source of funds and wealth;

• failure to assess TFS risks within the BRA;

• outdated AML and TFS controls that hadn’t been reviewed or tested for effectiveness;

• weak ongoing monitoring and poor client screening post-onboarding;

• failure to obtain certified copies of ID documents; and

• ineffective succession planning for MLROs.

Although many firms demonstrated a willingness to engage with the process, undertaking risk assessments, updating policies, and launching training programmes, the RA emphasised that compliance must be embedded, not just documented.

A harder line

The tone of both reports is more direct than in previous years. The RA is signalling that supervisory tolerance is narrowing. DNFBPs found to be non-compliant may be subject to follow-up inspections, enforcement action, or even license suspension. With ADGM aligning closely to national AML strategy and FATF priorities, firms that fail to meet expectations risk reputational as well as regulatory damage.

For firms operating in or through ADGM, the takeaway is clear: risk-based compliance is no longer optional, and a superficial approach is unlikely to survive regulatory scrutiny. These reports provide not only a window into the RA’s expectations but also a practical roadmap for remediation.

Where to find more information

Firms can read the full findings and recommendations directly on the ADGM webpage, where the thematic and onsite review reports are now available.

Need help closing the gaps?

At Clarity, we help DNFBPs go beyond box-ticking.

Whether you need to overhaul your BRA, stress test your AML/TFS controls, or prepare for an ADGM inspection, we offer practical, sector-specific support.

Get in touch to discuss a health check or tailored remediation plan.

  

The Dubai Financial Services Authority (DFSA) has unveiled a comprehensive update to its Client Assets regime, signalling a significant evolution in how authorised firms must manage, report on, and protect client money, investments, and crypto tokens within the Dubai International Financial Centre (DIFC). The new rules will come into effect on 1 January 2026, following consultation through CP160 and the associated Feedback Statement.

Published last week, the DFSA’s updated regime and accompanying Frequently Asked Questions (FAQ) highlight a series of structural and supervisory shifts aimed at improving investor protection, clarifying responsibilities for auditors and firms, and preparing the industry for crisis scenarios.

Key Reforms

At the heart of the overhaul are four core updates:

• Clarified obligations for firms that control but do not hold client assets, reducing ambiguity in the regulatory perimeter.

• Exclusion of Fund Property (including investments and crypto tokens) from the Client Assets regime, where those assets form part of a fund’s portfolio.

• Introduction of a Client Asset Crisis Preparedness Pack, mandating firms to maintain essential information to facilitate asset return in the event of insolvency or disruption.

• New auditing responsibilities, requiring more specific reporting across client money, investments, and crypto token custody.

The revised framework comes amid a growing regional push to elevate financial infrastructure standards and align with global best practice. While most firms are expected to operate on a calendar-year basis, the DFSA has acknowledged transitional complexity for firms with non-calendar financial years, with dual reporting potentially required during the crossover period.

FAQs: What the Industry Needs to Know

The DFSA’s 24-question FAQ document, published alongside the online summary, offers detailed guidance for firms and auditors preparing for implementation. Key areas covered include:

• Timeline & Transitional Guidance: Confirmation that the current rules remain in effect until 31 December 2025, with dual compliance issues addressed for non-calendar-year firms.

• Audit and Reporting Requirements: Firms must submit Client Assets Auditor’s Reports — including separate reports for client money, safe custody of investments, and crypto tokens — within four months of their financial year-end. A further summary of non-compliance findings must follow within 30 days.

• Third-Party Agent (TPA) Assessments: Emphasis is placed on due diligence, creditworthiness evaluation, and diversification considerations when entrusting TPAs with client assets.

• Client Disclosure Rules: Firms must disclose insolvency regimes and depositor preference frameworks applicable in TPA jurisdictions.

• Reconciliation & Recordkeeping: Monthly reconciliations are the baseline, with more frequent checks expected depending on transaction volume and risk. Firms must also maintain robust TPA assessment records.

• Client Asset Crisis Preparedness Pack: A central innovation of the new regime, the Pack must be maintained by firms that hold or provide custody of client assets, but not by those that merely control them. It must be kept up to date within five business days of any material change and may be integrated into existing business continuity plans.

• Fund Management Exemptions: The rules explicitly exempt firms engaged solely in delegated fund management from holding a Client Assets endorsement, provided they do not also offer wealth management services.

Sector Response and Outlook

While the DFSA has committed to running outreach sessions ahead of implementation, firms are being urged to conduct gap analyses and update internal systems and controls without delay. Registered Auditors are similarly expected to revise their audit methodologies in line with the new scope and structure.

With its phased rollout and technical clarifications, the new Client Assets regime is positioned to provide greater certainty and security across the DIFC ecosystem, particularly as the market expands its exposure to crypto assets, cross-border custody, and outsourced operations.

The full FAQ and further details can be accessed via the DFSA’s website.

Need help preparing for the DFSA’s revised Client Assets regime?

At Clarity, we work with authorised firms and auditors to ensure full readiness ahead of the 1 January 2026 deadline. Whether you need help conducting a gap analysis, updating audit processes, reviewing your client disclosures, we’re here to support you.

Get in touch today to discuss how we can help you meet the new requirements with confidence.

  

  

The Dubai Financial Services Authority (DFSA) has published a wide-ranging report spotlighting the escalating risks posed by artificial intelligence (AI), cyber threats, and quantum computing within global financial markets. The report draws on insights from the DFSA’s inaugural Cyber and AI Risk Regulatory College, convened in May 2025, and marks a call to action for greater international collaboration in navigating emerging technologies.

Attended by 70 senior officials from 18 financial authorities worldwide, the event facilitated candid discussion on how supervisory bodies can stay ahead of increasingly complex digital threats. The resulting report offers both a reflection on current vulnerabilities and a roadmap for regulatory evolution.

Mounting Cyber Threats and Supply Chain Weaknesses

The report underscores a rising volume and sophistication of cyberattacks, particularly through digital supply chains and third-party service providers. As financial institutions become more reliant on technology partners, regulators are urged to heighten scrutiny of interconnected risk exposures, especially in cross-border contexts.

The DFSA advocates proactive threat intelligence sharing and enhanced due diligence across the financial services ecosystem—both within and between jurisdictions.

AI: Opportunity Meets Accountability

Artificial intelligence, a cornerstone of modern financial innovation, is also identified as a significant regulatory blind spot. The report highlights concerns over explainability, model bias, data governance, and dependency on opaque third-party AI vendors.

In response, the DFSA calls for robust supervisory frameworks that can hold firms accountable for how AI is developed, deployed, and monitored—ensuring human oversight remains central even as automation advances.

Preparing for the Quantum Leap

One of the report’s more forward-looking themes is the risk posed by quantum computing. With current encryption standards potentially obsolete in the face of quantum breakthroughs, the DFSA stresses the urgency of transitioning to post-quantum cryptography (PQC). Financial institutions are advised to begin risk assessments and scenario planning now, well ahead of any mainstream quantum deployment.

Global Dialogue and the DFSA’s Role

Crucially, the report positions collaboration—not competition—as the cornerstone of digital risk regulation. It champions collective action via supervisory colleges, international forums, and knowledge exchange platforms.

For its part, the DFSA will continue investing in its Threat Intelligence Platform, enhancing AI risk capabilities, and supporting innovation hubs within the Dubai International Financial Centre (DIFC).

A Wake-Up Call

The DFSA’s publication is both a technical assessment and a strategic signal. At a time when regulatory frameworks often trail behind technological change, this report reinforces the need for agile supervision grounded in global cooperation. It also cements Dubai’s ambition to be not just a hub for financial innovation—but a thought leader in how it is governed.

The Dubai Financial Services Authority has finalised a series of reforms to its prudential framework, following industry feedback on Consultation Paper 161 (issued in October 2024).

 

The Authority’s Board approved the rule changes on 30th April 2025, with revised rules published and coming into force on 1st July 2025. Certain new requirements will take effect after a transitional period, from 1st July 2026.

 

The reforms are designed to ensure capital and liquidity requirements are proportionate to firms’ size, complexity, and risk profile, supporting a more efficient and internationally aligned regulatory environment in the Dubai International Financial Centre.

 

Summary of Feedback

 

• Removal of the Expenditure Based Capital Minimum – The Dubai Financial Services Authority’s proposal to remove the Expenditure Based Capital Minimum (EBCM) requirement for Category 3 firms (except those undertaking specific licensed activities) that do not hold client assets or insurance monies was broadly welcomed. Some respondents favoured maintaining a blanket requirement for all firms in this category, but the Authority confirmed that wind-down capital will now only be required for firms holding client assets or insurance monies, with ongoing risks addressed via a new activity-based capital requirement.

 

• Liquidity Requirements – The Dubai Financial Services Authority clarified their proposal for firms in Category 3 to hold liquid assets in the form of their applicable Base Capital Requirement (BCR), even if they are no longer subject to the EBCM. This aligns with the current rules for most Category 4 firms and is meant to ensure firms remain financially sound.

 

• Eligibility Criteria for Liquid Assets – Respondents supported widening the scope of liquid assets to improve flexibility. Based on feedback, the Authority expanded eligible currencies for government bonds used to meet liquidity requirements to include British pounds and euros, in addition to United States dollars and United Arab Emirates dirhams. Proposals to allow exchange-traded funds and securitisations were rejected due to their market and liquidity risk profiles.

 

• Activity Based Capital Requirement – Industry respondents supported the introduction of an activity-based capital requirement to ensure firms maintain an appropriate level of loss-absorbing capital. Some firms requested further clarification on how specific components would apply to their business models. The Authority advised that firms should consult their supervisory contacts during the transitional period. Proposals to introduce additional factors, such as daily trading flow, were not adopted.

 

• Matched Principal Dealers and Prudential Category Changes – The Authority’s decision to move firms dealing as matched principal from Category 3A to Category 2 was largely accepted. Some firms sought clarification on prudential implications. The Authority confirmed that these firms will continue to follow the Basel framework but will be exempt from requirements such as the leverage ratio and capital conservation buffer.

 

• Removal of Internal Capital and Risk Assessment Processes – The removal of the requirement for internal capital and risk assessment processes for Category 3 firms was supported. The Authority emphasised that it retains the power to impose additional capital or liquidity requirements where justified by a firm’s risk profile.

 

• Professional Indemnity Insurance Requirements – Opinions were divided. The Authority will proceed with its proposal to remove mandatory professional indemnity insurance for firms subject to the activity-based capital requirement, except where international standards suggest it should remain (for example, insurance intermediaries and financial advisers). The required cover period was reduced from continuous to four years.

 

• Implementation Timeline – Respondents supported a phased approach. Easing measures, such as the removal of the Expenditure Based Capital Minimum, will take effect from 1 July 2025. New requirements, such as the activity-based capital requirement and revised professional indemnity insurance rules, will take effect from 1 July 2026.

 

What is Consultation Paper 161?

 

As a reminder, Consultation Paper 161, issued in October 2024 by the Dubai Financial Services Authority, proposed reforms to enhance the proportionality of prudential regulation for authorised firms operating in the Dubai International Financial Centre.

 

The reforms aim to ensure that capital and liquidity requirements are better aligned to firms’ size, complexity and risk profiles, reducing unnecessary regulatory burden while maintaining market integrity and client protection.

 

The changes particularly affect firms in Category 3 but also introduce targeted adjustments for firms in Categories 2 and 4. The proposals build on earlier reforms to the framework for Category 4 firms and draw on international standards, including those used in the European Union and the United Kingdom.

 

How Clarity Can Help

 

With the Dubai Financial Services Authority finalising key reforms under Consultation Paper 161, firms must review how the new capital, liquidity and reporting requirements will affect their business.

 

Clarity provides expert support to help firms interpret the revised rules, assess their capital planning, and prepare for both the 2025 and 2026 implementation milestones.

For expert assistance in adapting to the updated prudential regime, contact Clarity today.