Payment Token Services Regulation (PTSR) Introduced by the Central Bank of the UAE

11 November 2024

Glory Sony

In 2024, the Central Bank of the UAE (CBUAE) introduced the Payment Token Services Regulation (PTSR), establishing a comprehensive framework for the regulation of payment tokens, such as stablecoins, within the UAE. This regulation is part of the UAE's broader initiative to position itself as a global leader in financial innovation, while ensuring a secure and regulated environment for digital financial services.

The PTSR outlines the requirements set by the CBUAE for granting licenses or registration for the provision of Payment Token Services. These services are divided into three categories: Payment Token Issuance, Payment Token Conversion, and Payment Token Custody and Transfer. According to Article 2 of the PTSR, no entity is permitted to provide any Payment Token Service within the UAE, or directed towards persons in the UAE, unless they are licensed by the CBUAE.

Key Highlights of the PTSR

1. Definition of Payment Token

A Payment Token is defined as a “Virtual Asset that aims to maintain a stable value by referencing the value of either (a) the same Fiat Currency as the Payment Token is denominated in; or (b) another Payment Token also denominated in the same Fiat Currency.”

There are two main types of Payment Tokens:

• Dirham Payment Tokens: Tokens pegged to or denominated in the UAE Dirham.
• Foreign Payment Tokens: Tokens pegged to or denominated in foreign currencies.
1. Activities within PTSR scope

The PTSR sets out a comprehensive framework for licensing and supervising digital payment services. The key activities covered under the PTSR include the following:

• payment token issuance;
• payment token conversion; and
• payment token custody and transfer,

Together referred to in the PTSR as “Payment Token Services”.

3. Capital Requirements

To guarantee their financial stability, a Licensed Payment Token Issuer must keep a certain amount of regulatory capital on hand. This consists of

(a) a minimum of fifteen (15) million Dirhams in initial and continuing capital, and

(b) a minimum of 0.5% of the face value of their outstanding Payment Tokens in Fiat Currency in extra ongoing capital.

Additionally, regulatory capital must be maintained by a Licensed Payment Token Service Provider engaged in Payment Token Custody and Transfer or Payment Token Conversion, based on the average monthly value of Payment Token Transfers:

·        The provider must maintain at least AED3 Million in regulatory capital if the monthly average value is 10 million dirhams or more, and if the monthly average value is less than AED10 Million,

·        if the monthly average value is less than AED10 Million, the provider must hold at least 1.5 million Dirhams in regulatory capital.

4. Licensing Requirements

Entities providing Payment Token Services (such as issuance, conversion, custody, or transfer) must obtain the relevant licenses from the CBUAE.

Licensing applies to entities operating within the UAE, including its free zones, but excludes financial free zones like the DIFC and the ADGM.

Licenses may only be given to companies which are incorporated in the UAE, including free zones but excluding financial free zones (e.g. the Dubai International Financial Centre (“DIFC”) and Abu Dhabi Global Market “ADGM”)).

The CBUAE also has the authority to exempt a payment token issuer from licensing and other requirements where the required reserve of assets does not exceed 500,000 UAE dirhams and there are no more than a hundred token holders.

5. Scope of Regulation

The PTSR regulates the issuance, custody, and transfer of payment tokens, ensuring these services are performed only by licensed entities.

Certain types of Payment Tokens are exempted from the PTSR, such as:

• Payment Tokens used for reward or bonus point schemes.
• Payment Tokens that can only be used as a means of payment for non-financial goods or services provided by the issuer.
5. Excluded Activities

A number of particular activities are exempt from the Regulation.

·        Any operations that are already regulated or that call for licensing under the Retail Payment Services and Card Schemes Regulation (RPSCS) or Stored Value Facilities (SVF) regulations of the Central Bank are not included.

·        Additionally, it excludes services related to trust, privacy protection, technological infrastructure operations, and information technology security that do not immediately fall under the purview of payment token services.

·        Furthermore, services pertaining to the setup or upkeep of communication networks, distributed ledger technology, and terminals and other equipment utilized for payment token services are exempt from the regulation.

·        Transfers of payment tokens between licensed providers, central counterparties, clearing houses, central banks, and similar organizations that take place within a payment or securities settlement system are not included.

·        Finally, payment is not included.

7. Payment Token Services Financial promotions

Only licensed or registered individuals, or those designated by licensed or registered individuals, are permitted to make financial advertisements pertaining to Payment Token Services.

No one may advertise that foreign payment tokens are a legitimate way to pay for the purchase of virtual assets or virtual asset derivatives, either within the United Arab Emirates or to individuals in the country, unless the advertisement specifically mentions foreign payment tokens issued by Registered Foreign Payment Token Issuers.

It is also forbidden to advertise algorithmic stablecoins, privacy tokens, or services associated with them within the United Arab Emirates or to those residing there.

8. Prohibition on merchants in UAE from accepting virtual assets

Merchants and other businesses in the UAE are also restricted from accepting virtual assets as payment unless the asset is a Dirham Payment Token issued by a Licensed Payment Token Issuer or a Foreign Payment Token issued by a Registered Foreign Payment Token Issuer and is being used to purchase a virtual asset or its derivative.

9. Consumer Protection

The PTSR includes various provisions to ensure consumer protection. These provisions require firms to comply with Consumer Protection Regulations, including:

• Regulatory capital requirements.
• Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) obligations.
• Protection of payment and customer data.
• Risk management and control systems, along with technology risk and IT security financial promotions in relation to Payment Token Servicesmeasures.

The PTSR showcases the UAE's commitment to fostering innovation within the financial sector while ensuring a regulated, transparent, and secure environment for digital assets and payment solutions.

In conclusion

An important turning point in the region's regulation of digital financial services has been reached with the CBUAE's implementation of the Regulation impacting many facets of the virtual asset services sector.
Under the new regulation, service providers who use stablecoins—like USDT, USDC, etc.—face additional difficulties. A service provider cannot utilize these stablecoins unless the underlying issuers have received CBUAE approval, even if the service provider is registered or licensed by the CBUAE.

The Regulation improves the security, stability, and reliability of the digital payment ecosystem, but it also presents operational and compliance issues. For service providers to successfully operate in the UAE mainland, they must carefully manage these new regulatory requirements.

ALKETBI Touch

We highly advise current or soon-to-be regulated VARA firms to get advice on whether CBUAE registration and/or licensing are necessary for their operations to continue. ALKETBI team of experts will provide you with thorough guidelines to apply or register under the CBUAE. Contact us