THE INS AND OUTS OF ESTABLISHING A FINANCIAL SERVICES FIRM IN THE DIFC

This article has been researched and written by the Business Development Team at Creation Business Consultants. AI has not been used in generating this article.

Explore how to set up a financial services firm in Dubai International Financial Centre (DIFC), including DFSA license categories, capital requirements, regulatory approvals, and tax considerations.

INTRODUCTION

The Dubai International Financial Centre (DIFC) is a leading global hub for financial services, offering independent regulation, world-class standards, and a strategic location. Governed by the Dubai Financial Services Authority (DFSA) and DIFC Courts based on English common law, it provides transparent and predictable oversight, separate from UAE federal law. DIFC adheres to international best practices in governance, compliance, and AML, mirroring top jurisdictions like London and Singapore, and meeting OECD and FATF standards that enhance investor confidence. Strategically located between Europe, Asia, and Africa, DIFC connects institutions to over 3 billion people and serves as a gateway to the GCC, South Asian, and African markets, making it a preferred base for cross-border finance and investment.

Within this article, we will explore the different types of financial service licenses available for use in the DIFC, outline the DFSA regulatory requirements for each category, and, lastly, examine the capital requirements to establishing a financial firm in the UAE.

UNDERSTANDING DIFC AND THE REGULATORY FRAMEWORK

The Dubai International Financial Centre (DIFC) operates under a unique legal and regulatory framework that distinguishes it from the wider UAE jurisdiction. It follows a common law system, with its own set of civil and commercial laws, written in English and administered by the DIFC Courts, ensuring legal certainty and investor protection. The Dubai Financial Services Authority (DFSA) serves as the Centre’s independent regulator, overseeing all financial and ancillary services within the DIFC. The DFSA’s role is to maintain financial stability, market integrity, and investor confidence through robust supervision and enforcement. It ensures that firms adhere to stringent capital adequacy, governance, and risk management standards, while enforcing anti-money laundering (AML) and counter-terrorism financing (CTF) regulations, aligned with FATF and OECD guidelines. Additionally, the DFSA upholds client protection by mandating transparency, fair treatment, and proper disclosure by financial institutions. By aligning with global best practices and maintaining regulatory independence, the DFSA helps position the DIFC as a trusted, transparent, and internationally respected financial centre.

The DFSA General (GEN) Rulebook is one of the core components of the Dubai Financial Services Authority’s regulatory framework and serves as the primary guide for firms operating within the DIFC. It outlines the fundamental principles, licensing requirements, and conduct standards that apply to all regulated entities and individuals. The GEN Rulebook defines who needs authorization to carry out financial services in or from the DIFC, sets out the categories of licenses available, and details the obligations of Authorised Firms, Authorised Individuals, and Recognised Members. It also establishes the core principles for business conduct, including integrity, fair dealing, client protection, risk management, and compliance with applicable laws.

In addition to licensing and conduct, the GEN Rulebook provides the overarching framework for corporate governance, systems and controls, and regulatory reporting. It acts as the foundation for other specialized DFSA rulebooks (such as those covering prudential requirements, AML, and markets), ensuring consistency and accountability across the financial ecosystem. By embedding international standards and best practices, the GEN Rulebook promotes transparency, market integrity, and trust key elements that support the DIFC’s position as a world-class financial centre.

DEFINING YOUR FINANCIAL SERVICE ACTIVITY

Before applying for a license in the Dubai International Financial Centre (DIFC), it is essential for firms to clearly identify their specific financial service activity, as the Dubai Financial Services Authority (DFSA) regulates each activity under distinct categories with tailored licensing, capital, and compliance requirements. Properly defining the nature of the intended business ensures the correct authorisation type, avoids regulatory breaches, and streamlines the application and supervision process.

The DFSA permits a wide range of regulated activities within the DIFC, including investment advisory (providing advice on investments or financial products), asset management (managing client funds or portfolios), custody services (safekeeping and administration of financial assets), brokerage and dealing (arranging or executing transactions in investments), fintech and digital platforms (innovative financial technology solutions, crowdfunding, or digital asset services), insurance and reinsurance services, and fund administration (managing operational, accounting, and compliance functions for investment funds).

Identifying the correct activity also determines the applicable capital requirements, compliance obligations, and corporate structure, as well as which parts of the DFSA Rulebooks—such as GEN, PIB (Prudential – Investment, Insurance, and Banking), or AML—will apply. This clarity is fundamental to maintaining regulatory alignment and ensuring that the firm’s operations are consistent with the DIFC’s standards of transparency, integrity, and investor protection.

SELECTING THE APPROPRIATE ACTIVITY AND CATEGORY OF LICENSE

Financial Services Licenses (Regulated by the DFSA) – These licenses are required for businesses engaged in financial activities and are categorized based on the nature and risk level of the activities. The DFSA issues these licenses under specific categories:

CATEGORY 1: ACCEPTING DEPOSITS

• For institutions such as banks that accept deposits from customers.
• Example activities: Retail and commercial banking.
• High regulatory oversight and capital requirements (e.g., a base capital of USD 10 million).

CATEGORY 2: DEALING IN INVESTMENTS AS PRINCIPAL

• For firms acting as market makers or providing credit.
• Example activities: Proprietary trading, credit provision.
• Base capital requirement: USD 2 million.

CATEGORY 3A: DEALING IN INVESTMENTS AS AGENT

• For brokers dealing on a matched principal basis (e.g., Straight-Through Processing brokers).
• Example activities: Securities brokerage.
• Base capital requirement: USD 500,000.

CATEGORY 3B: PROVIDING CUSTODY

• For firms providing safekeeping and administration of financial instruments.
• Example activities: Custodial services.
• Base capital requirement varies but is typically lower than that of Category 1 or 2.

CATEGORY 3C: MANAGING ASSETS

• For firms managing collective investment funds, discretionary portfolios, or other assets.
• Example activities: Fund management, wealth management.
• Base capital requirement: USD 140,000.

CATEGORY 4: ARRANGING OR ADVISING

• For firms offering advisory or intermediary services with lower risk.
• Example activities: Financial advisory, arranging deals in investments.
• Base capital requirement: USD 10,000.

CATEGORY 5: ISLAMIC FINANCE

• For firms conducting financial services in compliance with Shari’a principles.
• This category can overlap with others depending on the activity.

STEP-BY-STEP DFSA LICENSING PROCESS

PRE-APPLICATION CONSULTATION

1. Your dedicated Creation consultant will contact the DFSA or use the DIFC/DFSA pre-application channels to discuss the proposed activity and confirm the correct licensing category.
2. Next, we will confirm whether the activity requires full authorisation, a limited set of permissions, or is outside the DFSA’s remit.
3. Your Creation consultant, in coordination with the DIFC, will confirm any preliminary prudential, capital, and AML expectations the DFSA may have and identify any special permissions required (e.g., collective investment schemes, custody).
4. Once the above is confirmed, your Creation consultant will prepare a checklist of documents that the DFSA will expect with the formal application.

DOCUMENTATION SUBMISSION (FORMAL APPLICATION PROCESS)

1. Your consultant will pre-fill and share the DFSA application form for the chosen license class and pay the application fee on your behalf.
2. Submit the core business documents (see the checklist below). The DFSA, at the time of submission, will confirm whether any further information is required.
3. Provide originals or certified copies where required, and ensure all documents are in English or have been officially translated.

TYPICAL DOCUMENT CHECKLIST REQUIRED FOR A FORMAL APPLICATION

• Any corporate constitutional documents (Memorandum and Articles of Association MOA/AOA or equivalent), a shareholder register, and a group ownership structure diagram.
• Detailed business plan (activities, products, target clients, markets, and revenue model).
• Financial projections and proof that you have the appropriate funds to support this.
• Organogram and CVs of proposed senior managers, directors, and controllers.
• A breakdown of your company’s planned policies and procedures to cover the following areas: AML/CTF, KYC, conflicts of interest, complaints handling, and record-keeping.
• A breakdown of how your company will handle risk management, internal controls, and a description of IT/operational resilience.
• Compliance monitoring plan and training framework.
• A copy of a facility/office lease and evidence of physical presence in the DIFC (if required).
• Outsourcing arrangements and third-party agreements (if critical functions will be outsourced and/or are allowed to be outsourced).
• For funds: offering documents, trustee/administrator agreements, and fund governance documents.

FIT & PROPER ASSESSMENT OF MANAGEMENT, OWNERS, AND CONTROLLERS

1. The DFSA will conduct a review to determine if the directors, officers, beneficial owners, and persons in control are deemed “fit and proper”.
2. Assessment criteria include honesty, reputation, competence, experience, financial soundness, and any regulatory history.
3. The authority will complete background checks, verify references, obtain CV verification, seek proof of qualifications, and, lastly, require disclosure of prior regulatory or criminal matters.
4. The DFSA will most likely interview key personnel and request any additional information or replacements if these interviews raise doubts or concerns.

ASSESSMENT OF GOVERNANCE, COMPLIANCE SYSTEMS, AND BUSINESS PLAN

1. The DFSA will then assess whether your proposed governance framework fits the risk profile of the license category you have chosen, including board composition, independent oversight, committees, and escalation lines.
2. Following on, DFSA review your prudential strength — ensuring you have the correct capital adequacy, liquidity (where relevant), financial projections, and stress testing.
3. Next, they will evaluate risk management and internal control models, including risk registers, policies, internal audit plans, business continuity, and disaster recovery.
4. The internal AML/CTF and KYC frameworks you have laid out will be examined for sufficiency and alignment with DFSA/FATF expectations.
5. DFSA will assess your operational resilience: IT systems, cybersecurity, outsourcing controls, custody arrangements, and trade/transaction processing are stress-tested to see how they will fare long term.
6. The DFSA checks whether the business plan is realistic, supported by people and systems, and whether projected revenues justify the licence type.

The DFSA looks for a clear ownership structure, a robust compliance/risk model function, and, lastly, that you have planned to operate with an independent auditor while maintaining adequate senior management oversight.

ONGOING COMPLIANCE & SUPERVISORY OBLIGATIONS

Once you are adequately licensed and operational, it is crucial to maintain continuous compliance with DFSA regulations. Ongoing obligations include submitting periodic regulatory returns, prudential reports, and notifications of material events, as well as filing annual audited financial statements with the DFSA.

You DIFC company must uphold robust AML/CTF frameworks by maintaining transaction monitoring, ensuring customer due diligence and proper KYC, and reporting suspicious activities. Adequate capital and liquidity levels must be maintained, with prompt notification to the DFSA if any material changes occur.

Your firm will also be required to report any updates in its internal governance, including any changes or rehiring of senior management positions, directors, controllers, or ownership. As new appointees typically require DFSA approval under the fit and proper test, they will need to be interviewed before starting their role.

Your firm’s internal policies and procedures must be regularly reviewed and updated, supported by ongoing compliance monitoring and periodic internal or independent third-party audits.

The main point of focus for the DFSA will be client protection, which, as a financial services entity, should be the central focus of your internal systems. This includes ensuring fair treatment, transparent disclosures, effective complaint handling, and segregation of client assets where applicable.

Lastly, for strategic longevity, it is in your own interest to continually test your business continuity and cybersecurity plans, renew licences, and pay annual fees on time. The DFSA, throughout your operational period, will regularly conduct site visits. When they do, you must ensure that any suggestions or instructions given during these visits are addressed promptly.

APPLYING FOR A DIFC LICENSE

TAKE AWAY

Setting up a financial services company in the DIFC can be complex, but with the right guidance, it’s a clear and structured process. Remember:

• Engage with expert consultants to help you define your financial service activity clearly and select the right company license type.
• Prepare a strong regulatory business plan and ensure that you have the supporting documentation at the ready.
• Ensure your management and owners meet the DFSA “fit & proper” requirements.
• Put robust governance, compliance, and AML/CTF frameworks in place for your company.
• Ensure to select the right consultants that will assist with your company with ongoing compliance and regulatory reporting to operate smoothly.

If you need expert guidance on setting up in the DIFC, contact Creation Business Consultants on [email protected] today. Our team will guide you through every step, from planning to DFSA authorization, so you can get your financial services business up and running.