CBUAE issues new regulation to safeguard outsourcing activities
- 08 Jun 2021
The Central Bank of the UAE (CBUAE) has issued a new Outsourcing Regulation and accompanying Standards for banks operating in the UAE, as part of its ongoing efforts to introduce robust regulatory frameworks that properly govern and safeguard the UAE’s banking sector.
The Regulation, which comes into effect one month following the date of publication in the Official Gazette, aims to ensure that banks are appropriately managing the risks when outsourcing certain functions. This includes the requirement for mandatory inclusion of board-approved policies and procedures for outsourcing activity in banks’ governance frameworks.
CBUAE also seeks through the introduction of this Regulation to ensure that banks’ approaches to managing the risks inherent in outsourcing arrangements are in line with leading international prudent practices to contribute in enhancing financial stability.
Under the Regulation, banks operating in the UAE must obtain a notice of non-objection from prior to outsourcing any material activity.
Commenting on the regulation, CBUAE Governor Khaled Mohamed Balama said, “Our introduction of the Outsourcing Regulation and accompanying Standards is testament to CBUAE’s robust efforts to ensure the integrity of banks’ risk management frameworks and operational stability. The Central Bank prioritises the utmost importance to data protection and risk management by issuing directives that govern and safeguard banks and their consumers, in line with international standards and best practice. We are confident that this Regulation will amplify the ability of banks operating within the UAE to mitigate potential threats from outsourcing activities, ultimately ensuring the continued security of their institutions and consumers.” A key principle underpinning this Regulation is that a bank’s outsourcing arrangements should not impair its ability to fulfil its obligations to its consumers and to CBUAE, nor impede on CBUAE’s supervisory provisions.
As stipulated by the Regulation and accompanying Standards, it must be ensured that banks’ consumers confidential data must not be shared outside the UAE without prior approval from both CBUAE and the concerned consumer.
ADIB, Visa partnership: Abu Dhabi Islamic Bank (ADIB) has announced it partnered with Visa to introduce the UAE’s first biometric authentication solution for e-commerce transactions. The solution leverages Visa Consumer Authentication Service to deliver a significant improvement in customer experience and reinforced data security.
Visa Consumer Authentication Service aims to enhance user experience, as well as mitigate security and fraud risks by replacing traditional verification methods, such as OTP requirements, with biometric authentication using fingerprint and facial biometrics.
Once the solution is implemented, ADIB customers can authenticate their e-commerce transaction by using their ADIB Mobile application biometric authentication instead of the conventional OTP that is sent by SMS or email. Unlike conventional procedures for user authentication, biometrics makes it difficult for intruders to use illegally obtained consumer credentials, allowing for stronger security and a time-efficient experience, even when the customer is travelling.
