Abu Dhabi Global Market Issues Regulations on Distributed Ledger Technology Foundations

Recognizing new realities in decentralization, the regulations aim to provide market players with governance flexibility within distributed ledger technology foundations.

By Stuart Davis, Brian Meenagh, Andrew Moyle, and Ksenia Koroleva

On October 2, 2023, the Board of Directors of Abu Dhabi Global Market (ADGM), a financial free zone in the United Arab Emirates (UAE), enacted the Distributed Ledger Technology Foundations Regulations 2023 (Regulations). The Regulations were published on November 1, 2023.

Latham & Watkins has advised ADGM in drafting the Regulations. The Regulations were developed following extensive benchmarking across a number of peer jurisdictions and incorporate stakeholder feedback from ADGM’s April 2023 consultation paper. The adoption of the Regulations is part of the strategy to promote ADGM as a global center for digital assets.

The Regulations recognize the suitability of common law foundation structures for projects related to digital assets, and aim to allow maximum flexibility for the sector with respect to governance.

DIFC Proposes to Amend Data Protection Rules to Regulate Use of AI

By Latham & Watkins on May 5, 2023 Posted in United Arab Emirates

The Dubai International Financial Centre urges companies to protect personal data when using artificial intelligence.

By Brian A. Meenagh, Ksenia Koroleva, and Lucy Tucker

On 18 April 2023, the Dubai International Financial Centre (DIFC), a financial free zone with its own data protection laws, published a consultation paper (the Consultation Paper) regarding amendments to DIFC Data Protection Regulations (the Regulations) for a 30-day public consultation.

The Consultation Paper acknowledges that AI systems are important and useful but carry risks to personal data processing. The DIFC’s proposed approach urges all companies using AI systems to adopt and reinforce technical and organisational means to protect personal data when using AI.

Ready for Takeoff: A Look at the Space Sector in the Middle East

By Latham & Watkins on February 27, 2023 Posted in Kuwait, Project Development and Finance, Qatar, Saudi Arabia, Technology, United Arab Emirates

The Middle East’s rapidly advancing space sector has seen a slew of landmark achievements in the last few years.

By Alexander Hendry

In 2014, the UAE established the UAE Space Agency to oversee and grow its space sector, and it has since successfully completed numerous projects. In July 2020, it became the fifth country in the world to launch a probe to Mars, and in December 2022, the UAE-built Rashid Rover was launched on a path to the moon. Emirati astronaut Hazza Al Mansouri was the first person from the UAE in space, and Emirati astronaut Sultan Al Neyadi will soon embark on a six-month mission to the International Space Station. The Mohammed bin Rashid Space Centre has launched four satellites, and UAE-based satellite company Yahsat currently manages a fleet of five satellites and provides services in more than 150 countries. In 2022, the UAE established an US$817 million fund to support its space sector, including the development of a constellation of advanced radar imaging satellites.

Dubai Virtual Assets Regulation Authority Enacts New Regime to Regulate Virtual Assets

By Latham & Watkins on February 16, 2023 Posted in Fintech

The new regime specifies licensing and reporting requirements for a range of activities related to virtual assets in the Emirate of Dubai.

By Brian A. Meenagh, Matthew Rodwell, and Ksenia Koroleva

On February 7, 2023, the Dubai Virtual Assets Regulation Authority (VARA) adopted the Virtual Assets and Related Activities Regulations 2023 (the Regulations) together with four compulsory and seven activity-specific rulebooks.

VARA adopted these Regulations further to Dubai Law No. 4 of March 11, 2022 on the Regulation of Virtual Assets in the Emirate of Dubai (the Law) (for more information, see Latham’s blog post).

The Law granted VARA powers to regulate activities relating to virtual assets in the Emirate of Dubai (excluding the Dubai International Financial Center (DIFC); DIFC has its own regime regulating virtual assets — see Latham’s blog post).

The Law laid down key definitions (such as the definitions of virtual assets (VAs) and distributed ledger technology (DLT)), and provided a broad list of activities requiring a license. The Law entitled VARA to adopt regulations for all relevant activities and VAs.

Dubai Financial Services Authority Issues New Regime to Regulate Crypto Tokens

By Latham & Watkins on November 17, 2022 Posted in Fintech

The regime introduces rules on various crypto tokens, including cryptocurrencies and stablecoins, in the Dubai International Financial Centre.

By Brian A. Meenagh, Matthew Rodwell, and Ksenia Koroleva

On November 1, 2022, the Dubai Financial Services Authority (DFSA) crypto token regulatory regime came into effect.

The rules expand upon the DFSA framework for regulating investment tokens established in 2021 (the 2021 Rules). The Dubai International Financial Centre (DIFC) regime defines a token as a cryptographically secured digital representation of value, rights, or obligations which may be issued, transferred, and stored electronically, using distributed ledger technology (DLT) or other similar technology. The 2021 Rules only regulated investment tokens, which comprised security tokens and derivative tokens (in essence, tokenized equivalents of conventional securities and derivatives, respectively) (the Investment Tokens). Pursuant to the 2021 Rules, persons carrying out certain activities with Investment Tokens (e.g., issuing, offering, holding, promoting, dealing, advising, brokering) need to obtain approval from the DFSA and comply with certain obligations.

UAE Central Bank Issues Guidance on Anti-Money Laundering Risks in the Payment Sector

By Latham & Watkins on August 25, 2022 Posted in Banking and Finance, Regulatory, United Arab Emirates

The guidance is part of the rapidly evolving rules on anti-money laundering and aims to promote UAE as a jurisdiction compliant with best practices.

By Brian Meenagh, Ksenia Koroleva, and Matthew Rodwell

On August 1, 2022, the UAE Central Bank (CBUAE) issued the Guidance for Licensed Financial Institutions on the Risks Relating to Payments.[1]

The guidance was issued to implement the requirements of Federal Decree Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations. It sets out the CBUAE’s expectations as to the appropriate compliance measures to be adopted within payments ecosystems. The guidance is not intended to amend or replace existing CBUAE requirements and should be read in conjunction with the CBUAE’s existing rules[2] and guidance materials[3]. Continue Reading

UAE Publishes First Federal Data Protection Law

By Latham & Watkins on December 14, 2021 Posted in Regulatory, United Arab Emirates

Organisations subject to the law should carry out a gap analysis of their current compliance position against the new requirements.

By Brian A. Meenagh, Alexander Hendry, and Lucy Tucker

The United Arab Emirates (UAE) has issued its first federal data protection law (Federal Decree Law No. 45/2021 on the Protection of Personal Data) (the Data Protection Law), alongside a law establishing the new UAE Data Office (Federal Decree Law No. 44/2021 on Establishing the UAE Data Office).

The issuance of the Data Protection Law follows a trend of new data protection laws in the Middle East, including a data protection law in Saudi Arabia that will come into force on 23 March 2022. Continue Reading

UAE Decision on Health Data Law Provides Clarity

By Latham & Watkins on August 30, 2021 Posted in Healthcare, United Arab Emirates

The decision will likely provide comfort to businesses operating in the healthcare sector both in the UAE and globally.

By Brian A. Meenagh and Avinash Balendran

On 28 April 2021 the United Arab Emirates (UAE) federal government issued Ministerial Decision No. 51 of 2021 (the Decision) to clarify when health information may be stored or transferred outside of the UAE. The Decision should pave the way for many domestic and overseas healthcare service providers to continue processing, storing, and transferring health information outside of the UAE.

The Decision reiterates the default position established in 2019 that health information must be kept within the UAE unless such activity has been approved by a decision of the health authority or the UAE Minister of Health and Prevention. Crucially, however, the Decision provides a series of exemptions to that default position.

To see a table of the exemptions, read Latham’s Client Alert.

UAE’s New Consumer Protection Law: An End to Direct Marketing?

By Latham & Watkins on March 24, 2021 Posted in Regulatory

The new legislation extends both the protections available to consumers, as well as the obligations applicable to e-commerce retailers.

By Brian A. Meenagh and Avinash Balendran

With its recent implementation of a new consumer protection law, the United Arab Emirates has taken a significant step forward in protecting the rights of consumers. The new legislation — Federal Law No. (15) of 2020 (the New CPL) — entered into force on 16 November 2020, repealing Federal Law No. (24) of 2006. In particular, the New CPL extends both the protections available to consumers, as well as the obligations applicable to e-commerce retailers.

One stand-out provision in the New CPL is Article 4(5), which places an obligation on Entities (as defined below) to protect “consumers’ privacy and data security”. Article 4(5) also implies that Entities should not use consumer data for “the purposes of promotion or marketing”. Continue Reading