The Dubai Financial Services Authority (DFSA), the independent regulator of the Dubai International Financial Centre (DIFC), has warned of the increasing frequency and sophistication of cyberattacks, driven by AI and automation tools, in a new report.
In its new report, ‘Cyber and Artificial Intelligence Risk in Financial Services: Strengthening Oversight Through International Dialogue‘, the DFSA delves into the digital risk landscape and explores how emerging technologies such as AI and quantum computing, are reshaping regulatory priorities.
It details how bad actors are increasingly leveraging AI and automation tools to enhance reconnaissance
and execution capabilities, while double extortion ransomware and supply chain attacks emerging as key threats.
The DFSA says that, in the face of these threats, regulators and financial institutions must prioritise cyber resilience. It also explains that, while regulators are generally well-versed in operational risk, the concept of operational resilience, particularly in the context of systemic cyber risks, remains less developed in supervisory approaches.
Alongside the cybersecurity threat landscape, the report also explores supervisory perspectives on two other interconnected areas: quantum computing and AI emerging risks.
Herman Schueller, director, innovation and technology risk supervision, DFSA, commented: “As innovation accelerates, financial regulators globally are actively examining how best to adapt oversight practices. This report reflects the value of open, cross-border dialogue in building mutual understanding of the regulatory, technical, and operational dimensions of digital risks.”
Addressing systematic risks
The report also highlights the potential for quantum computing to render current encryption in critical communication systems obsolete, and the importance of early coordinated planning around post-quantum cryptography, the cryptographic algorithms designed to be secure against the potential threats posed by quantum computers.
The publication of the report follows the DFSA’s inaugural Cyber and AI Risk Regulatory College in May 2025, which brought together 70 senior representatives from 18 financial authorities across the Middle East, North America, Europe, Africa, and Asia. The College served as a platform for international dialogue on the increasing complexity and interconnection of cyber risks, AI adoption, and the long-term implications of quantum computing.
“Digital risks are no longer peripheral – they are fast becoming systemic,” Justin Baldacchino, managing director of supervision at the DFSA, also added. “This report reflects a growing supervisory consensus on where these risks are converging and how regulatory approaches are evolving. At the DFSA, we were proud to host our first Cyber and AI Risk Regulatory College, and we look forward to continuing meaningful dialogue with our regional and international peers in support of a secure, resilient, and trusted global financial system.”
The report comes as part of the DFSA’s wider commitment to forward-looking supervision and its role in fostering collaborative, principle-based approaches to regulating emerging technologies.
