Middle East Archives

In Cybersecurity, Data and Tech

Saudi Arabia: New guidelines on personal data transfer risk assessment published

March 15, 2025 by Dino Wilkinson, Marilyn Acquah, Maher Ghalloussi and Lucrezia Lorenzini 5 Mins Read

On 25 February 2025, the Saudi Data and Artificial Intelligence Authority published a new set of comprehensive guidelines aimed at ensuring the protection of personal data when transferred or disclosed to entities outside the Kingdom. These guidelines, which are intended for reference purposes and are not binding, provide a systematic approach for organizations to assess and mitigate potential risks associated with such data transfers, ensuring compliance with the Saudi Personal Data Protection Law and its Regulations.

In Antitrust / Competition

Egypt: The Egyptian Competition Authority issues its largest price fixing cartel decision and expands the scope of commercially sensitive information

March 15, 2025 by Mohamed ElFar, Mohamed El Baroudy and Hania Negm 4 Mins Read

Last week, the Egyptian Competition Authority (ECA) has initiated criminal proceedings against 162 broiler chick producers for agreeing to set the retail price of broilers chicks on a daily basis in Egypt. According to the ECA, this increased the prices of not only chicks but also consumer’s prices of chickens in Egypt.
The ECA has also issued a cartel decision relating to the advertising and publication market, by prohibiting the conduct of five advertising companies that agreed to refrain from participating in public bids. Both cases violated Article 6 of the Egyptian Competition Law No. 3 of 2005 (ECL).

In Cybersecurity, Data and Tech

United Arab Emirates: Dubai AI Seal identifying trusted AI providers

March 15, 2025 by Dino Wilkinson and Marilyn Acquah 3 Mins Read

The Dubai Centre for Artificial Intelligence has launched a new accreditation known as the Dubai AI Seal (“Seal”), which aims to provide companies with a seal of approval regarding their AI solutions. The Seal is aimed at companies licensed in the Emirate of Dubai and who provide AI-related products and services. The launch of the scheme aligns with the Dubai Universal Blueprint for Artificial Intelligence, a government policy that serves as a roadmap for the acceleration of AI adoption in the UAE.

In Antitrust / Competition

South Africa: The new subsection 45 (2A) of the Companies Act – Striking the right balance

February 28, 2025 by Lydia Shadrach-Razzino, Carine Pick and Sihle Sibanyoni 2 Mins Read

On 26 July 2024, President Cyril Ramaphosa signed into law the Companies Amendment Bill and the Companies Second Amendment Bill, introducing significant changes to the Companies Act 71 of 2008. Effective from 27 December 2024, one key change is the new subsection 45(2A), which exempts financial assistance provided by a company to its subsidiaries from the stringent requirements of section 45. This amendment aims to reduce the compliance burden and enhance business flexibility by eliminating the need for shareholder approval and the solvency and liquidity test for such financial assistance.

In Antitrust / Competition

United Arab Emirates: New merger control thresholds published

February 27, 2025 by Hani Naja, Laya Aoun-Hani, David Monnier and Bushra Begum 5 Mins Read

The United Arab Emirates (UAE) Cabinet has issued its long-anticipated Decision No. (3) of 2025 (the “Decision”), clarifying the thresholds under the new merger control regime, which are set to come into force on 1 April 2025. The UAE introduced a significant shift in its competition framework in 2023. This change was solidified with the enactment of Federal Law No. 36 of 2023 (the “Competition Law”), which came into effect on 29 December 2023.

In Product Regulation & Liability

United Arab Emirates: Enacts new pharma law to boost pharmaceutical innovation

January 24, 2025 by Hani Naja, Laya Aoun-Hani, Els Janssens and Rony Eid 5 Mins Read

On 1 October 2024, the UAE Government has issued a new Federal Decree-Law No. 38 of 2024 to regulate medical products, the pharmacy profession and pharmaceutical establishments (the “Law”).
The Law replaces Federal Law No. (8) of 2019 on Medical Products, Pharmacy Profession and Pharmaceutical Establishments including its later amendments. However, its implementing regulations remain in effect to the extent they do not contradict with the Law.

In Cybersecurity, Data and Tech

Belgium transposes the EU’s Corporate Sustainability Reporting Directive into national law

December 12, 2024 by Roel Meers, William-James Kettlewell, Pieter-Jan Denys and Emilien Lerouge 2 Mins Read

The proposed amendments to the Consumer Protection Act Regulations in South Africa aim to enhance consumer privacy by regulating direct marketing practices. Open for public comment until 15 January 2025, these changes focus on creating an opt-out registry managed by the National Consumer Commission, allowing consumers to block unsolicited electronic communications. Direct marketers will be required to register, renew annually, and cleanse their databases regularly to comply with the new rules. The amendments also introduce enforcement mechanisms for non-compliance and align with the Protection of Personal Information Act, ensuring comprehensive consumer protection against unwanted marketing.

In Cybersecurity, Data and Tech

Saudi Arabia updates Data Transfer Regulations and introduces the first set of Standard Contractual Clauses

September 17, 2024 by Zahi Y. Younes, Rosanne Brennan, Maher Ghalloussi and Marilyn Acquah 5 Mins Read

On 1 September 2024, the Saudi Data and AI Authority (SDAIA) published the Regulation on Personal Data Transfer Outside the Kingdom (“Data Transfer Regulations”), which amended the previous Transfer Regulations under the Personal Data Protection Law issued by Royal Decree No. (M/19) dated 9/2/1443 AH and amended by Royal Decree No. (M/148) dated 5/9/1444 AH (“PDPL”). SDAIA also published additional information on Standard Contractual Clauses and Binding Common Rules, two of the appropriate safeguards for transferring data outside of the Kingdom, as well as a number of PDPL-related rules and guidelines. A summary of our initial takeaways can be found below.

In AML & Financial Services Regulatory

Singapore: MAS amends the Guidelines on Licensing for Payment Service Providers

September 17, 2024 by Stephanie Magnus, Eunice Tan, Ying Yi Liew and Darren Yang 2 Mins Read

On 26 July 2024, the Monetary Authority of Singapore (MAS) updated the Guidelines on Licensing for Payment Service Providers (PS-G01), which became effective on 26 August 2024. These changes are applicable to current and future Standard Payment Institutions (SPIs) and Major Payment Institutions under the Payment Services Act (PSA).
The updates can be divided into those that relate to (i) the application process for a new MPI or SPI license or a variation of an existing license under the PSA; and (ii) those that relate to ongoing business conduct.

In AML & Financial Services Regulatory

United Arab Emirates: Shariah Standard 62 – Much ado about nothing?

September 16, 2024 by Adil Hussain and Chaya Gupta 5 Mins Read

AAOIFI released a Sukuk exposure draft in early November 2023 in response to a rapid increase in the use of Sukuk and the development of the market in the past decade. A key change in the draft standard is that it requires an actual transfer of ownership to occur under an Ijara Sukuk investment. It is unclear what the appetite will be for asset-backed Ijara Sukuk if the standards are tightened and whether, at this stage, the standard will pass.