
Abu Dhabi: Introduces New Cyber Security Rules for Financial Firms
The Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market has announced new cyber risk management requirements for financial institutions.
Key measures include:
- Mandatory integration of cyber risk management into existing frameworks
- Updated IT risk management guidance
- Revised requirements for IT service provider arrangements
- New cyber incident notification procedures
Implementation details:
- Six-month transition period for compliance
- Applies to all Authorised Persons and Recognised Bodies
- Changes follow Consultation Paper No. 3 of 2025
- Updated incident notification template to be released by year-end
The amendments were finalised following industry consultation, with modifications made to:
- Clarify proportionality principles
- Refine integration requirements
- Adjust IT service provider arrangements
- Update incident materiality assessment guidance
For more news and content, try Lexis Middle East. Click on lexis.ae/demo to begin your free trial of Lexis® Middle East platform.
You can also explore the legal landscape by subscribing to our Weekly Newsletter.
Want to learn more about Lexis® Middle East? Visit https://www.lexis.ae/lexis-middle-east-law/.