Playbook · United Arab Emirates · Financial services

AI governance for UAE banks & financial services:
a supervisor-ready roadmap

The CBUAE, the DFSA and FSRA, the Federal PDPL and DIFC Regulation 10 now define how UAE financial institutions build, deploy and prove their AI — and enterprise buyers ask for the evidence in every security review. Here is the 5-phase roadmap regulators and buyers inspect, and the runtime gap your existing stack cannot close.

CBUAE · DFSA · FSRA UAE PDPL Art. 18 DIFC Regulation 10 ISO 42001 · NIST · OWASP
The mandate

What UAE regulators and buyers now expect

Onshore and in the financial free zones, three bodies of expectation set the bar for any UAE financial firm building or deploying AI.

CBUAE / DFSA / FSRA

Supervisory · financial regulators

The Central Bank of the UAE plus DIFC (DFSA) and ADGM (FSRA). Model-risk, outsourcing, cyber and consumer-protection expectations extend to AI.

PDPL + DIFC Regulation 10

Enforceable · data & AI

Federal PDPL (Decree-Law 45/2021, Art. 18 automated processing) onshore; DIFC Regulation 10 on autonomous systems in the DIFC; ADGM Data Protection Regulations.

Global baselines

Procurement · cross-border

ISO/IEC 42001 and the NIST AI RMF that buyers ask for, and the EU AI Act where you serve the EU. Rising bar in every vendor security review.

Overlays that may apply: SDAIA principles if you also operate in Saudi Arabia · sector rules from the CBUAE, DFSA or FSRA · OWASP LLM Top 10 & MITRE ATLAS for AI security.
The through-line

What every UAE expectation converges on

Accountability sits with the institution, not the model
Lawful, transparent processing of personal data
Human oversight of autonomous systems
Documented evidence, not assertions
The roadmap

Five phases regulators & buyers will inspect

A supervisor-ready sequence that maps to CBUAE and DFSA expectations, the PDPL and DIFC Regulation 10.

PHASE 0
Govern
Own the risk before AI ships
AI policy & board oversight · AI inventory & risk tiering · DIFC Reg 10 / PDPL mapping · roles
PHASE 1
Build & Test
Prove it's safe before it ships
Red-teaming · OWASP LLM Top 10 & MITRE ATLAS · impact assessment · bias & safety testing
PHASE 2
Deploy & Enforce
Control what the AI can access & do
Access control & agent guardrails · human oversight (Reg 10) · shadow-AI & PDPL data controls
PHASE 3
Monitor & Respond
See it, contain it, report it
Monitoring & logging · drift & output checks · incident response · outsourcing oversight
CONTINUOUS
Assure & Disclose
Answer regulators, buyers & the board
Audit-ready evidence · ISO 42001 alignment · transparency disclosures · security-questionnaire responses
The readiness gap

Why this is urgent, not theoretical

Adoption has outpaced control — and that gap is the exposure.

88%
had a confirmed or suspected AI-agent security incident this year
80%
report moderate-to-pervasive shadow AI
18%
have a formal AI security policy
21%
have mature governance for AI agents
Sources: Gravitee (survey of 919 organizations), ISACA & industry surveys, 2026.
The blind spot

The gap your existing stack cannot close

Your IAM/PAM, WAF and API gateways, DLP/CASB, SIEM and EDR are built for deterministic software. None can catch a legitimately-authorised AI agent, driven by untrusted input, doing something inside its permissions but outside your policy — the dominant 2026 failure mode (prompt injection, the "lethal trifecta", agentic data exfiltration).
IAM / PAM
identity authenticated, in scope
waved through
WAF / API gateway
request well-formed
waved through
DLP / CASB
sanctioned tool & channel
waved through
SIEM / EDR
no known-bad signature
waved through
Every layer says "yes." None can see the AI's intent vs your policy.
Where Trampolyne fits

Make your AI stay within intended bounds — and prove it

From pre-deployment testing, through runtime, to audit-ready evidence. Trampolyne supplies the technical controls and evidence that make each phase credible — the policies, documentation and processes stay yours.

Product Govern Build & Test Deploy & Enforce Monitor & Respond Assure
AI Red-Teaming
Shadow AI Detection & Runtime Control
Enterprise AI Security & Runtime Control
AI Compliance Assistant
core control & evidence Trampolyne provides  ·  supporting input.

AI Red-TeamingAWS Marketplace

Continuous adversarial testing on a scheduled cadence and on every material change. 27+ attack classes, working exploits + fixes, mapped to OWASP LLM Top 10 & MITRE ATLAS — the validation and buyer evidence your security reviews ask for.

OWASP LLM Top 10MITRE ATLASNIST MAP + MEASUREImpact-assessment input

Enterprise AI Security & Runtime Control

Sits inline and evaluates every request before the model or agent acts — RBAC/ABAC/PBAC/NGAC enforcement in milliseconds. A deterministic guardrail over a non-deterministic model. No model rewrites.

Human oversight (Reg 10)NIST MANAGEISO 42001 controls

Shadow AI Detection & Runtime Control

Sits between employees and every public AI tool. Classifies data by type, provenance and role, blocks sensitive data before it leaves, and logs every interaction — without killing productivity.

Data leakage to public AIUAE PDPL / DIFCISO 42001 data controls

AI Compliance Assistant

Turns enforcement, red-team and runtime evidence into review-ready answers — a continuous, per-decision audit trail for CBUAE and DFSA supervision, your board and enterprise-buyer security questionnaires.

ISO 42001 audit evidenceDIFC Reg 10 transparencyBoard reporting
FAQ

AI governance questions we hear from UAE financial firms

Which rules govern AI for financial firms in the UAE?
It depends on where you are licensed. Onshore, the CBUAE sets model-risk, outsourcing, cyber and consumer-protection expectations that extend to AI, and the Federal PDPL (Decree-Law 45/2021) governs personal data including automated processing (Art. 18). In the free zones, the DIFC (DFSA) applies DIFC Regulation 10 on autonomous systems, while ADGM (FSRA) applies its own Data Protection Regulations. Global baselines — ISO/IEC 42001, the NIST AI RMF and the EU AI Act — increasingly feature in vendor reviews.
What is DIFC Regulation 10?
DIFC Regulation 10 sets obligations for organisations that process personal data using autonomous and semi-autonomous systems — effectively an AI-specific data-protection regime in the DIFC. It requires accountability, transparency, human oversight and safeguards, with financial penalties for non-compliance. Firms in the DIFC should map their AI systems against it directly.
Does the UAE PDPL restrict automated decision-making?
Yes. The Federal PDPL gives data subjects rights around automated processing and profiling and requires a lawful basis, transparency and safeguards. Institutions using AI in customer decisions need to document the basis, provide transparency, and enable explanation and, where required, human review of outcomes.
Can our existing security stack secure AI agents?
No. IAM, DLP, WAF and SIEM are built for deterministic software. They cannot catch a legitimately-authorised AI agent, driven by untrusted input, doing something inside its permissions but outside your policy — the dominant 2026 failure mode. CBUAE, DFSA and DIFC Regulation 10 expectations point directly at closing this runtime gap.
More playbooks

Governance playbooks for other markets

Same 5-phase structure, tuned to each market’s regulators and buyers.

See where your UAE AI program stands

Take the 2-page roadmap to your board, regulators and buyers — then pressure-test your position in a 20-minute call.

Positioning collateral, not legal advice. Trampolyne AI helps you align with regulatory and supervisory expectations; it does not issue certifications.