Cyber risk management in the ADGM: an analysis of the new regulatory framework
On 29 July 2025, the Financial Services Regulatory Authority (FSRA) of the Abu Dhabi Global Market (ADGM) announced the implementation of a new Cyber Risk Management Framework that will apply to financial sector firms under its supervision1. The central purpose is to: (i) enhance the overall cyber resilience of the ADGM financial services sector, by establishing consistent cyber risk management standards; and (ii) align with the UAE government’s efforts to combat both cyber threats and financial crime at a national level.
The implemented framework takes account of industry feedback on the FSRA’s proposals in its Consultation Paper No. 3 of 20252. Firms now have a six-month transition period to ensure compliance with the requirements, which take effect from 31 January 2026.