The Gulf’s AI-finance story is usually told through capital.
Sovereign funds. Data centers. Model partnerships. Enough launch-stage choreography to make a procurement officer forget the invoice.
That framing misses the first regulatory contact point. Gulf financial supervisors are not waiting for broad AI law to settle before acting. They are moving AI impersonation into the older machinery of fraud control, cyber resilience, customer authentication, outsourcing, and incident reporting.
That is less theatrical. It is also more important.
Deepfake calls, synthetic video, model-written phishing, and autonomous attack tooling do not arrive at a bank as an “AI strategy” question. They arrive as a failed onboarding check, a compromised relationship manager account, a mule account, a fraudulent withdrawal, a breached vendor, or a customer complaint. The compliance test is brutally simple: did the institution have controls that could handle the tactic in front of it?
The Problem Is Already in the Rulebooks
The clearest recent signal comes from Abu Dhabi Global Market’s Financial Services Regulatory Authority. In an April 30, 2026 notice to virtual-asset service providers, the FSRA named deepfake identity fraud and credential theft as current cyber threats. It warned that synthetic audio or video may be used to impersonate executives, employees, or customers to bypass onboarding controls, KYC processes, and multi-factor authentication.
That is not abstract policy language. It maps directly to regulated functions: customer onboarding, KYC, credential management, withdrawal governance, and custody. The same notice also identifies AI-driven autonomous attacks, where automated tools and AI-enabled techniques conduct reconnaissance, identify vulnerabilities, and execute attacks at scale.
The regulatory response is not a ban on models. It is a supervisory expectation. Firms are expected to assess exposure and implement risk-based measures: stronger key custody, multi-signature approvals, segregation of duties, phishing-resistant MFA, continuous monitoring, incident-response readiness, third-party risk management, and staff training. Material IT or cyber incidents still have to be reported to the FSRA within 24 hours under GEN 3.5.
This is the key move. The regulator does not need to define every future model behavior. It can attach AI-enabled fraud to obligations firms already understand.
Saudi Arabia is doing the same through fraud architecture. SAMA’s Counter-Fraud Fundamental Requirements, dated April 14, 2025 and effective April 13, 2026, apply as minimum standards to notified member organizations, with special attention to payment systems and payment-service providers. SAMA says the requirements are mandated and that in-scope organizations are responsible for implementing and complying with them.
The requirements cover governance, prevention, detection, response, and counter-fraud technology. The affected functions are practical: remote onboarding, customer authentication, payments, fraud monitoring, employee controls, customer education, and supervisory notification. For higher-risk products and services, SAMA expects real-time fraud detection and prevention, 24/7 monitoring, and controls for remote customer relationships where impersonation and mule-account setup are risks.
SAMA does not need to say “deepfake” in every control. A cloned voice used to reset credentials is still an impersonation risk. A synthetic document used to open an account is still onboarding fraud. A model-written script that convinces a customer to approve a transfer is still a payments control failure.
The fraudster got better tooling. The bank did not get a new excuse.
The UAE Is Making AI Governance Operational
The Central Bank of the UAE is taking a broader but related path. Its February 2026 guidance note on responsible AI and machine learning in financial services applies to licensed financial institutions operating in the UAE, including insurers. The note is framed around consumer protection, governance, transparency, fairness, human oversight, data management, and privacy.
The underlying guidance is non-binding, but it is still a supervisory marker. A mirrored copy of the note states that it is non-binding and intended to assist LFIs in developing policies and procedures for ethical and responsible AI use. It also urges institutions to consider AI consequences across financial and non-financial risk management.
That distinction matters. This is guidance, not a hard rule with a compliance deadline. But in regulated finance, non-binding guidance can still become the checklist used in the next uncomfortable meeting.
The UAE note pulls AI into board accountability, risk committees, internal audit, IT, model inventories, consumer disclosure, complaint handling, and outsourcing. That is the same infrastructure that will be asked to explain why an AI-assisted fraud event was or was not stopped.
It also affects vendor strategy. If a bank uses third-party AI for fraud scoring, customer interaction, document review, or AML triage, the bank still needs evidence. What model is deployed? What data does it use? Who can override it? Can the vendor be audited? Can the system be shut down quickly? How are customers told when AI affects a high-impact decision?
This is where many institutions are exposed. Procurement teams buy capability. Regulators examine accountability.
Impersonation Changes the Control Baseline
The practical implication is that Gulf financial firms need to stop treating identity as a static proof problem.
Documents can be synthetic. Faces can be rendered. Voices can be cloned. Messages can be written in polished Arabic or English with the correct bank tone. Customer-service workflows can be attacked through urgency, not malware. Executive approval chains can be simulated across email, voice, video, and messaging apps.
That changes the baseline for onboarding and payments.
For onboarding, liveness checks, device intelligence, document forensics, sanctions screening, and mule-risk analytics need to be treated as one control environment, not separate vendor boxes. For payments, high-risk instructions need step-up verification that does not depend on a channel the attacker can convincingly imitate. For trading and custody, withdrawal governance matters as much as perimeter defense. For incident reporting, firms need to know when a novel AI-enabled typology has appeared, not months later when the postmortem is tidier.
The ADGM notice is especially useful because it connects deepfake identity fraud to virtual-asset operations. Crypto firms are tempting targets because credential theft can become settlement finality. A bad withdrawal process does not produce a slow accounting dispute. It produces an empty wallet and a long memo.
The same logic applies to banks and payment firms. Faster settlement, mobile onboarding, instant transfers, and app-based service all increase customer convenience. They also reduce the time available to notice that the customer, employee, or executive in the loop is not real.
The Market Signal Is Control Maturity
For investors and operators, the Gulf AI-finance question should be read less as “which bank has the best model partnership?” and more as “which institution can prove control maturity under model-amplified fraud pressure?”
Large banks have an advantage if they can turn budget into evidence: model inventories, fraud analytics, security operations, red-team exercises, vendor audit rights, board reporting, and clean incident playbooks. Smaller fintechs and virtual-asset firms may face similar expectations with thinner compliance teams and more outsourced infrastructure.
That creates a quiet market split. AI adoption will be sold as productivity. AI impersonation risk will be priced through fraud losses, supervisory scrutiny, higher insurance costs, and vendor-contract rewrites.
The useful compliance teams will not respond by writing a 70-page AI policy and declaring the matter spiritually complete. They will map the attack paths into controls. Where can a voice clone authorize action? Where can a synthetic ID pass? Where can a vendor model create an unexplained denial or false clearance? Where would a material incident be detected? Who tells the regulator within 24 hours if the answer is ADGM?
That work is dull. It is also the difference between AI governance and AI theater.
The Gulf wants to be a capital hub and an AI hub at the same time. AI impersonation is forcing the missing third condition: a control hub.
The next regulatory fight will not be won in a keynote. It will be won in onboarding queues, payment approval flows, withdrawal controls, vendor contracts, call-center scripts, and board minutes.
The attacker does not need a national AI strategy. The bank does need working controls.
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.