9 guides covering DIFC Regulation 10, PDPL, CBUAE model risk guidance, and the UAE AI Act — updated as rules change.
Covers the full regulatory stack — DIFC Regulation 10, PDPL, CBUAE model risk guidance, UAE AI Act, and the September 2026 deadline — in a single definitive reference.
What model risk management means for AI systems in a regulated UAE context — covering CBUAE requirements, validation frameworks, drift detection, bias testing, and board reporting.
The most operationally specific AI rule in the UAE — in force since January 2026. What it mandates, who it applies to, and what documentation you must produce.
What the February 2026 CBUAE guidance requires, what is and is not legally binding, and the practical steps before September 2026.
The first national risk-tiered AI framework. Four risk tiers, mandatory self-assessment, and AED 10M penalties for non-compliance.
Purpose limitation, data residency, consent requirements, and the January 2027 deadline — explained for AI system owners.
The foundation of AI governance — what to include in each record, how to assign risk tiers, and what an examiner looks for.
Required under DIFC Regulation 10 before any High or Medium risk model goes live — a complete walkthrough with an example.
Hash chaining, object lock, RFC 3161 timestamps — and why “we have logs” is not the same as “we have an audit trail.”
The CBUAE's three-tier oversight model, how to configure review triggers, and how to document oversight for DFSA examination.
What explainability means in a regulatory context, what a compliant decline explanation looks like, and how LLM-as-judge evaluates explanation quality.