United Arab Emirates September Regulatory Moves


Coinfirm’s Regulatory Affairs have looked into the UAE’s crypto regulatory moves from September, including the:

  • VARA – Dubai Virtual Assets Regulator Issues Regulatory Guidelines for Virtual Assets Marketing
  • ADGM Publishes Guiding Principles on its Approach to Virtual Asset Regulation and Supervision

VARA- Dubai Virtual Assets Regulator Issues Regulatory Guidelines for Virtual Assets Marketing


VARA marketing regulation applies to all marketing, promotions and advertisements which relate to VA or VA activities in the Emirate. Specifically:

  • It applies to all relevant entities – domestic or foreign, whether or not licensed by VARA
  • If an entity facilitates VA marketing in relation to VA or VA activities in the Emirate or targeting its residents, they must adhere to VARA marketing regulation (among other applicable laws and guidelines). In this case, if the marketing entity is not authorised by VARA, it must also
    • seek authorisation from VARA prior to marketing
    • provide relevel authorization from their country authority
  • If the marketing entity meets all three below conditions:
    • is not conducting VA Activity in the Emirate
    • originates outside of the UAE
    • is not targeting residents of the UAE

It is not required to comply with this Marketing Regulation (however VARA reserves the right to act if it concludes that such marketing poses risks to UAE management of VA sector).


All marketing materials must:

  • Be fair, clear, not misleading and clearly identifiable as promotional material
  • Not mislead in relation to the advantages of VA
  • Include a disclaimer that the value of VA is variable/ volatile
  • Not imply that investment decisions are simple and suitable for all
  • Not imply that past performance is a guide for return
  • Not imply an urgency to buy VA in anticipation of future gains
  • Not advocate the purchase of VA using credit
  • Ensure that marketing is undertaken responsibly by licensed entities presenting products appropriate for the target audience
  • Comply with all relevant laws (e.g. marketing, data protection, consumer protection)

Additionally, if published / posted marketing content has been paid for, there should be a clear indication the content is paid.

The guidelines introduce a record keeping requirement: all relevant content, audience details etc must be kept for minimum 2 years of the last publication.


Entity that is deemed to be in violation of this regulation:

  • Will be issued a notification to cease and desist
  • Must comply in accordance immediately upon receipt

VARA reserves the right to call for marketing activity suspension if it believes that this regulation requirements have not been met.

ADGM Publishes Guiding Principles on its Approach to Virtual Asset Regulation and Supervision

Abu Dhabi Global Market (ADGM), the International Financial Centre of the UAE’s capital city announced that its financial regulator, the Financial Services Regulatory Authority (FSRA), has published Guiding Principles on its approach to virtual asset regulation and supervision.

The guiding principles are not legally binding; however, they should be viewed as a complement to ADGM virtual asset regulatory framework set initially in 2018.

The aim of the guiding principles document is:

  • To support engagement with other regulatory agencies in the UAE, across the region and globally and consider the views of international standard setters
  • Clearly articulate at a high level the approach to VA regulation in ADGM
  • Declare FSRA risk appetite

The document sets 7 guiding principles for ADGM:

Principle 1: A Robust and Transparent Risk-Based Regulatory Framework

The FSRA believes that bringing definable VA activities within its regulatory perimeter ensures greater oversight and mitigation of the risks inherent in the sector. The existing framework includes a clear taxonomy defining VAs and requiring the licensing of entities engaged in regulated activities using VAs.

Principle 2: High Standards for Authorisation

Since 2018 the FSRA has issued a number of licences.

Prior to issuing a full license, FSRA provides the possibility of:

  • Sandbox-type initiatives aiming at the close collaboration of start-ups with traditional financial institutions and the regulator
  • ‘In-principle’ approval – approval outlining conditions to be met prior to granting the full license available if the applicant’s business model and controls are within FSRA risk appetite

In line with the FSRA’s risk appetite, the full license is granted to the applicants ‘who at the outset can unequivocally meet the transparent, high standards’.

Principle 3: Preventing Money Laundering and Other Financial Crime

The FSRA’s dedicated Financial & Cyber Crime Prevention Unit is tasked with leading ADGM’s efforts in anti-financial crime compliance. FSRA requires the following rules to be applied to VA activities:

  • UAE-wide Federal Laws and Cabinet Resolutions on AML/ CTF
  • FSRA AML and CFT rules
  • FATF Guidance and Recommendations

FSRA requires that ADGM VA firms avoid transactions where a counter-party’s identity is unknown at any stage in the process.

With regards to taxation, FSRA expects authorized firms to follow FATCA and Common Reporting Standards Regimes.

Principle 4: Risk Sensitive Supervision

FSRA authorized VA firms are required to conduct their business risk assessment, similarly to all regulated firms. While financial crime risks are seen to be most prevalent in the VAs sector, ADGM’s framework also includes safeguards targeting at market integrity, investor protection and financial stability. The following risk drivers are focus areas on the FSRA supervision (in addition to FinCrime):

  • Custody of VAs (custodian is held to the requirements applicable to client investments)
  • Technology and governance controls (bespoke requirements linked to VA technology- maintenance of operating systems, cryptographic keys and wallet storage; password encryption; origin/destination of VA funds; fork protocols)
  • Exchange- type operations (‘fair and orderly trading’ and Market Abuse requirements)
  • Investor protection (product suitability, communication of risks and resolution of conflicts)

Principle 5: Commitment to Enforce on Regulatory Breaches

This principle outlines ADGM’s enforcement actions capabilities, i.e. the powers and tools FSRA has at its disposal to address non-compliance with the regulations, specifically:

  • Powers to gather evidence
  • Legal basis to conduct investigations
  • Powers of investigation
  • A range of varied regulatory and disciplinary actions to address non-compliance

Principle 6: International Cooperation

FSRA has undertaken a number of steps to foster international cooperation on addressing VA risks:

  • Entering into a material number of bilateral and multilateral Memorandum of Understandings (MoUs) to support the exchange of information between regulators
  • Undertaking gap analyses against other regulators’ regimes
  • Supporting the development of international minimum standards (e.g. FATF)
  • Acting as a thought leader in the MENA region on understanding VA risks due to proactive engagement with the sector

Looking to comply with crypto AML compliance stipulations?

Contact Coinfirm or sign up/log in to the AML Platform to experience the most flexible crypto RegTech platform powered by more than 350 proprietary risk analysis algorithms.