The UAE, including the Abu Dhabi Global Market (‘ADGM’) and the Dubai International Financial Centre (‘DIFC’) continues to be actively involved in the development of the financial technology ecosystem within the MENA region particularly around areas of cryptoassets, the regulatory laboratories and testing licenses, financial technology licensing, digital banking and crowdfunding.

Given the vastness of the subject, this article focuses on areas of cryptoasset and the regulatory laboratories and the testing licenses.

Cryptoassets and Initial Coin Offerings (‘ICOs’)

Central Bank and SCA

There are currently no regulations on cryptoassets or ICOs onshore in the UAE. There have been several press releases and statements issued by the UAE Central Bank confirming that it does not approve any private cryptocurrencies or schemes and has not issued any licenses in the UAE. However, no formal notification or set of guidelines have been issued by the Central Bank in this regard.

Initially the UAE Securities and Commodities Authority (‘SCA’) issued a public warning statement, in February 2018, on ICOs reiterating that the SCA does not regulate, mandate, or recognise any ICOs. The statement also highlighted the risks associated with investments in ICOs. This was followed by an announcement, later that year, indicating the SCA’s intention to regulate ICOs and recognise digital tokens as securities.

Taking a step further, the SCA, in October 2019, issued draft regulations relating to cryptoassets. SCA invited feedback from various market players regarding these regulations. The draft regulations primarily dealt with token issuance requirements, trading and safekeeping practices with an emphasis on protecting investor interests, financial crime prevention measures, cryptoasset safe-keeping standards, information security controls, technology governance norms and conduct of business requirements for all market intermediaries.

In the midst of these developments, the Dubai Multi Commodities Centre (‘DMCC’), one of the free zones in the UAE issued licenses for conducting ‘proprietary trading in cryptocommodities’. Activities of the entities holding such licenses are limited to trading in cryptoassets for and on their own behalf.

Dubai Financial Services Authority (‘DFSA’)

Similar to the onshore position, there are no laws or regulations around cryptoassets in the DIFC. In 2017, DFSA issued a statement highlighting that issuance and offering of cryptoassets and the systems and technology that support them are complex and therefore have a high risk associated to them. In the said statement, it was confirmed that it does not regulate product offerings in connection with cryptoassets and also that it would not licence firms undertaking such activities. There has been no change in this position since then.

Financial Services Regulatory Authority (‘FSRA’)

Taking a lead on the regulation of cryptoassets in the ADGM, in June 2018 the FSRA issued guidance on conducting cryptoasset activities and has accordingly amended the relevant financial regulations applicable to ADGM. This guidance is supplementary to and should be read in conjunction with FSRA’s earlier guidance on regulation of ICOs, token offerings and virtual currencies issued in October 2017.

These guidelines were supported by an additional guidance “Regulation of Digital Security Offerings and Cryptoassets under the Financial Services and Markets Regulations” and “Cryptoasset Activities” both of which were issued by the FSRA earlier in 2019.

The former is applicable to those considering the use of ICOs to raise funds including those considering transacting in, and the general use of, virtual tokens and cryptoassets. Whereas, the latter sets out the FSRA’s approach to the regulation of cryptoasset activities in ADGM, including activities conducted by cryptoasset exchanges, cryptoasset custodians and cryptoasset intermediaries.

The guidance on cryptoasset activities applies to: (a) applicants intending to carry on the regulated activity of operating a cryptoasset business (‘OCAB’) in or from the ADGM; (b) licensed entities in respect of carrying on the regulated activity of OCAB in or from the ADGM; (c) recognised investment exchanges with a stipulation on its recognition order permitting it to carry on the regulated activity of OCAB within the ADGM; and (d) applicants and licensed entities in respect of the use of stablecoins in or from the ADGM.

Guidance on the use of stable coins seems to be a recent addition to the OCAB framework. Stablecoins are blockchain based tokens that are valued by reference to an underlying fiat currency or basket of assets. These typically are less volatile than typical cryptoassets, which makes them a more lucrative option as a medium of transfer of value within the cryptoasset domain. In addition to being a safe store of value, the ability to liquidate a stablecoin to fiat currencies seem to be higher than cryptoassets, therefore leading to a growing demand for such digital tokens.

Testing Laboratories

Sandbox

Under the SCA’s announcement in September 2018, indicating its intention to regulate ICOs and recognise digital tokens as securities, it also approved draft regulations setting the regulatory controls for the FinTech sector in the form of a pilot regulatory environment (i.e. the sandbox) in order to enhance and support the financial integrity of financial technology companies.

The draft regulations explained Sandbox as a process-based framework that shall allow entities to test innovative products, services, solutions and business models in a relaxed regulatory environment, but within a defined space and duration. Under this framework, SCA intends to work together with the participants to evaluate the innovative products, services, solutions or business models with a view to identifying legal and regulatory requirements which can potentially be relaxed or waived throughout the duration when the participants are within the Sandbox regulatory regime.

SCA continues to discuss the said framework as well as the draft regulations with the relevant market players and is currently inviting comments on Sandbox controls from these players.

FinTech Hive Accelerator

Similar to the SCA’s proposed Sandbox regime, FinTech hive is an accelerator programme of the DIFC aimed at encouraging technology entities that have a product or service offering that benefits the financial services sector or the digital space. The programme allows FinTechs, InsurTechs, RegTechs and Islamic FinTechs, an opportunity to develop, test and adapt their technologies in the DIFC, in collaboration with top executives from the DIFC and regional established financial institutions.

To the extent applicants intend to provide innovative solutions in the financial services sector, the DFSA offers an innovation testing licence to such applicants. This restricted financial services licence allows qualifying applicants (i.e. participants) to develop and test innovative concepts from within the DIFC, without being subjected to all the regulatory requirements that normally apply to regulated firms. In order to determine the level of restriction and support the DFSA works with the participants to understand the business proposal and establish the appropriate controls for the safety of clients (if any) involved, on a case-by-case basis.

The validity of such a licence typically ranges from a period of six to twelve months, during which the participants are expected to complete the testing and development of the solution. At the end of the prescribed period, if the participant meets the outcomes detailed in the regulatory test plan, it can opt for migration to full authorisation. If it does not meet the outcomes, the participant will be required to cease activities within the accelerator programme.

RegLab

The ADGM RegLab is a regulatory framework introduced by the FSRA to provide a controlled environment to FinTech participants to develop and test innovative solutions.

The FSRA offers licenses for developing financial technology services within the RegLab. Such a licence permits the participants to develop and test innovative FinTech services, business models and delivery mechanisms. Similar to the DFSA model, in order to facilitate such development and testing, the FSRA assesses the risks posed in each FinTech participant’s business model and accordingly tailors a set of appropriate regulatory controls on a specific, case-by-case basis. These regulatory controls are less onerous than those applicable to regulated entities in general in the ADGM. The tailoring of regulatory controls are usually subject to restrictions regarding the scope and scale of the test activities in order to mitigate the associated risks and impact.

The licence is typically valid for a period of two years, during which period the participants are expected to successfully develop and test their FinTech solution, to a point it can be commercially launched. Similar to the DFSA approach, at the end of the testing period, the participant is provided an option to migrate to a full licence, if the trial is successfully completed and the innovation is ready to be commercially launched. However, if this is not the case, the participant is required to cease its activities in the ADGM and exit the RegLab.

Conclusion

Whilst the Central Bank, the SCA, FSRA and DFSA have their own set of laws, rules, regulations as well as guidelines for regulating FinTech activities within their respective jurisdictions, efforts are being made to align the regulatory landscape and boost the overall development of the FinTech ecosystem.

These jurisdictions do not provide for any passporting arrangements. Accordingly, the FinTech participants will have to limit their activities within the jurisdiction in which they are incorporated and would therefore require additional licensing for conducting activities in other jurisdictions.