Payment Token Services Regulation
United Arab Emirates
2024
Payments
AML/CFT
Overview
Key Obligations
- Obtain a license from CBUAE before offering payment token services
- Restrict activities to approved tokens only (non-speculative, payment-focused)
- Implement AML/CFT measures in line with Federal Decree-Law No. 20 of 2018 and FATF guidance on virtual assets
- Ensure consumer protection, clear disclosure of risks, fees, and terms
- Maintain capital adequacy, governance, and cybersecurity controls
- Segregate customer assets and ensure safe custody arrangements
- Submit to supervision, inspections, and reporting by CBUAE
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
Transaction Monitoring
Monitor transactions in real-time and analyse past behaviour to identify suspicious activities and ensure regulatory compliance across the user journey.
Business Verification
Verify businesses with reliable documents OCR, EIN checks, UBO data, sanctions screening, global registry checks, and more.
MENA API Marketplace
A comprehensive API marketplace for the Middle East and North Africa, offering localized verification and compliance solutions.
Related Regulations
FAQ
Who regulates Payment Token Services in the UAE?
The Central Bank of the UAE (CBUAE).
Can all crypto assets be used for payments?
No. Only CBUAE-approved tokens (non-speculative, recognized for payments) are permitted.
Do AML rules apply to payment token services?
Yes. Entities must comply with AML/CFT laws and file suspicious transaction reports via goAML.
What are the penalties for non-compliance?
Administrative fines, license suspension, or criminal liability under UAE AML and financial regulations.