Abu dhabi: The Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM) today announced the implementation of amendments to its regulatory framework for Authorised Persons and Recognised Bodies concerning cyber risk management. Compliance with these amendments will be required starting 31st January 2026.
According to Emirates News Agency, the implementation follows extensive industry engagement and feedback received on Consultation Paper No. 3 of 2025. The amendments mandate firms to integrate cyber risk management into their existing risk frameworks. This builds upon the FSRA's Information Technology Risk Management Guidance and Governance Principles and Practices to Mitigate Cyber Threats and Crime.
Feedback during the consultation period supported the amendments as a natural evolution of the FSRA's regulatory framework in this dynamic risk area. In response, the FSRA has enhanced the proposed amendments by allowing firms a six-month period to ensure compliance, clarifying the principles of proportionality, and integrating cyber risk management frameworks. Additionally, the requirements for arrangements with IT service providers have been adapted.
The FSRA has also revised its guidance to assist firms in assessing the materiality of cyber incidents and plans to update its cyber incident notification template before the end of the year.
Emmanuel Givanakis, Chief Executive Officer of ADGM's FSRA, stated, 'These amendments reflect the FSRA's ongoing commitment to operational resilience and cybersecurity. By continuing to integrate global best practices into our framework, we safeguard the integrity of the financial services industry in ADGM. These recent developments demonstrate our ongoing dedication to responsible innovation and further position ADGM as a leading jurisdiction for secure and forward-looking financial activity.'
