C. Cybersecurity – other Legal and Regulatory Obligations
Effective from Feb 07 2023 - Feb 06 2023
To view other versions open the versions tab on the right
| 1. | VASPs must ensure that their technology governance and risk assessment framework complies with, to the extent applicable, cybersecurity laws, regulatory requirements and guidelines, including but not limited to— |
|||
| a. | the electronic security requirements and standards adopted by the Dubai Electronic Security Center per Law No. [9] of 2022 Regulating the Provision of Digital Services Provided in the Emirate of Dubai; | |||
| b. | the Federal-Decree Law No. [45] of 2021 on the Protection of Personal Data, its executive regulations and any other cybersecurity regulatory requirements as may be imposed by the UAE Data Office from time to time; and | |||
| c. | the Consumer Protection Regulation issued pursuant to Central Bank Notice No. [444] of 2021 and any other cybersecurity regulatory requirements as may be imposed by the CBUAE from time to time. |
|||