Learn about the CBUAE’s new regulatory requirements
On 23 May 2025, the Central Bank of the UAE issued Notice No. CBUAE/FCMCP/2025/3057, requiring financial institutions to adopt stronger user authentication methods. CBUAE also introduced requirements to enhance fraud detection and prevention for digital banking.
Download the white paper to learn more.
Why it matters
- The notice prohibits FIs from using SMS OTP, email OTP, or static credentials (e.g., passwords) as the sole authentication method for financial transactions or account provisioning.
- FIs must implement step-up authentication in mobile banking or web banking applications for sensitive actions.
- FIs must implement a “Confirmation of Payee” mechanism for instant payments.
- FIs must equip their mobile banking apps with controls to detect screen sharing (e.g., by remote access tools), malware, and active phone calls from the mobile device.
- And more…
Compliance deadline: 31 March 2026