Dubai’s Financial Watchdog Unveils Regulations To Shield Whistleblowers 

The Dubai Financial Services Authority (DFSA) has today launched its regulatory regime for Whistleblowing. The regime is the first of its kind to be introduced by a financial service regulator in the UAE. 

Whistleblowing is a term that is used when a worker passes on information concerning wrongdoing. A whistleblower happens to be a person, often an employee, who reveals information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe or fraudulent. 

It applies to all DFSA Regulated Entities operating in or from the Dubai International Financial Centre (DIFC). 

The regime provides enhanced legal protection for persons who report misconduct internally within DFSA Regulated Entities or externally to their auditor, the DFSA, or a law enforcement agency.  

It also aims to improve the Whistleblowing culture in these Entities by increasing transparency around how they handle regulatory concerns, assess those concerns and, wherever appropriate, escalate those concerns. 

According to DFSA, the policies and procedures put in place by the regulated entities should be appropriate to the nature, scale and complexity of that entity’s business and must be reviewed periodically to ensure they are adequate, effective and up to date. 

The regulated entity should also inform all its officers and employees of the protections available to them, as part of implementing these new requirements. 

Importantly, a DFSA Regulated entity must also put in place measures to protect the identity of the Whistleblower and to protect him or her from suffering any detriment. 

F. Christopher Calabia, Chief Executive of the DFSA remarked: “Whistleblowers form a key part of a firm’s ability to detect, identify and escalate issues of misconduct, and the required Whistleblower policies and procedures play an important role in encouraging appropriate disclosures. We expect all Regulated Entities to be ready to discuss and demonstrate the application of their policies and procedures when engaging with the DFSA.” 

Changes were made to the Regulatory Law 2004 to enhance the legal protection provided to persons who report suspected misconduct internally within the entity or externally to their auditor, the DFSA, or a law enforcement agency. 

It said any information reported to the DFSA is treated confidentially and will respond to that report within 28 working days of receiving it. This would include an initial assessment of the report and potential requests for further information. 

The regulator has set up a specific DFSA Whistleblowing email address,, where a regulatory concern can be reported directly to it regardless of whether an internal report has been made or not. 

Connect with NRI experts via WhatsApp | Click here