| 1. |
VASPs shall notify VARA in writing of—
|
| |
a. |
any changes to items set out in Rule I.H.3 of this Compliance and Risk Management Rulebook; and |
| |
b. |
any criminal or material civil action, charge or proceedings or Insolvency Proceedings, or any investigations, inspection or enquiries which may lead to any such action, charge or proceedings, made against the VASP or any of its Board members, UBOs or Senior Management immediately after the commencement of any such action, charge, proceeding, investigation, inspection or enquiry.
|
| 2. |
VASPs shall submit a report to VARA immediately upon the discovery of any violation or breach of any law, Regulation, Rule or Directive related to the conduct of any VA Activity. |
| 3. |
VASPs shall, upon request from VARA, disclose information regarding their activities in jurisdictions other than the Emirate. |
| 4. |
VASPs shall comply with all requirements in the Technology and Information Rulebook with regards to notifying VARA of incidents relating to a cybersecurity breach, including but not limited to incidents involving a loss of information or affecting Personal Data.
|