- CBUAE — RPSCS Licensing Procedure
RPSCS Licensing Procedure & Required Documents
Pre-application engagement → Formal submission → Regulatory review → Initial approval → Final licence grant → Ongoing supervision, under the CBUAE Retail Payment Services and Card Schemes Regulation.
🗺️
Pre-Application Engagement
⚙️
Formal Application Submission
💰
Regulatory Review & Assessment
🔄
Conditional / Initial Approval
📋
Final Licence Grant
👥
Post-Licensing & Supervision
⚠️
Typically 3–6 months depending on complexity
01 / Who Must Apply
Who Must Apply for a CBUAE Licence?
Any firm intending to conduct Retail Payment Services or operate a Card Scheme in the UAE (outside DIFC and ADGM) must obtain a licence from the Central Bank of the UAE before commencing operations.
🚫
Regulated Activities Requiring Licence
- Payment Account Issuance
- Payment Instrument Issuance
- Merchant Acquiring
- Payment Aggregation
- Domestic Fund Transfers
- Cross-Border Transfers
- Payment Token Services
- Payment Initiation / AIS
- Card Scheme Operations
02 / The Authorisation Process
The Authorisation Process
CBUAE authorisation is prudentially driven and documentation-intensive. Engagement quality significantly affects timeline and outcome.
1
Pre-Application Engagement
Licence category confirmation, capital modelling, early governance outline, informal regulator dialogue
2
Formal Application Submission
Prescribed form, full documentation pack, capital evidence, source-of-funds file
3
Regulatory Review & Assessment
Governance, capital adequacy, AML, technology risk, safeguarding, Controller approvals
4
Conditional / Initial Approval
Subject to capital confirmation, office establishment, key hires, systems verification
5
Licence Grant
Capital paid-up, entity compliant, Controllers approved, governance & systems operational
6
Post-Licensing & Ongoing Supervision
Capital maintenance, regulatory reporting, annual renewal, inspection authority
03 / Stage 1
Pre-Application Engagement & Regulatory Alignment
Before filing, applicants should validate their approach and engage informally with the Licensing Division.
Before Filing
- Confirm correct licence category (Category I–IV)
- Validate whether Payment Token Services are involved (Category I trigger)
- Model capital thresholds (AED 10m transaction escalation test)
- Prepare early-stage business plan and governance outline
- Engage informally with the Licensing Division (recommended)
⚠️
✔
04 / Stage 2
Formal Application Submission
The Applicant Must
- Submit the prescribed CBUAE application form
- Provide the full supporting documentation pack
- Demonstrate satisfaction of initial capital requirements
- Provide source-of-funds evidence
- Respond to regulatory queries and supplemental requests
CBUAE May Require
- Additional clarifications
- Independent verification
- Meetings/interviews with key management
- Technical demonstrations (for aggregation, custody, token services)
05 / Stage 3
Regulatory Review & Prudential Assessment
CBUAE conducts a comprehensive assessment across governance, capital, AML, technology, and operational resilience.
👥
Governance & Fitness
💰
Capital Adequacy
📊
Capital Sustainability
⚖️
AML/CFT Framework
💻
Technology Risk
🔄
Operational Resilience
🛡️
Client Safeguarding
🏦
Controller Approvals
⚠️
06 / Stages 4–6
Approval, Licence Grant & Ongoing Supervision
4
Conditional / Initial Approval
Where CBUAE is satisfied
- Paid-up capital confirmation
- Office establishment
- Key hires onboarding
- Systems verification
- Policy implementation
🚫
5
Licence Grant
Licence issued once all conditions are met
- Capital fully paid-up and unencumbere
- Legal entity structure compliant
- Controllers approved
- Governance and systems operational
ℹ️
6
Post-Licensing & Ongoing Supervision
Licensing is not a one-time approval
- Capital must remain above threshold
- Aggregate capital funds maintained
- Annual renewal obligations
- Regulatory reporting begins
- CBUAE retains inspection authority
- Capital escalates if thresholds exceeded
07 / Documentation Pack
What You Must File — Documentation Pack
The RPSCS submission should be structured into the following sections. Not all annexes apply to every applicant.
🏛️
SECTION A — 12 DOCUMENTS
Corporate Structure & Governance
- Certificate of incorporation
- Memorandum & Articles of Association
- Shareholding structure chart
- UBO register
- Governance structure & board charters
- Fit & Proper documentation (Directors & SM)
- CVs, IDs, role descriptions
- Controller disclosures & close-links analysis
- Succession & wind-down plans
💰
SECTION B — 10 DOCUMENTS
Capital & Prudential Documentation
- Capital model (Category I–IV)
- Initial capital confirmation
- Source-of-funds evidence
- Capital adequacy & aggregate computation
- Liquidity runway projection
- Stress-testing analysis
- Board capital approval resolution
- Financial projections (3-year horizon)
- Group financial statements (if applicable)
⚖️
SECTION C — 13 DOCUMENTS
Risk & Compliance Framework
- Enterprise Risk Management framework
- Enterprise-wide risk assessment
- Compliance manual & monitoring programme
- AML/CFT policy & procedures
- Sanctions screening & STR procedures
- Anti-Bribery & Corruption policy
- Conflicts of interest policy
- Outsourcing framework
- Client safeguarding & marketing policy
💻
SECTION D — 8+ DOCUMENTS
Technology & Operational Controls
- System architecture diagram
- Technology risk assessment
- Information security policy
- BCDR plan
- Reconciliation procedures
- Cybersecurity documentation
- Incident response plan
- Data protection framework
⚠️
📎
SECTION E — ACTIVITY-SPECIFIC
Activity-Specific Annexes
- Merchant acquiring risk framework
- Payment aggregation settlement model
- Cross-border AML controls
- Payment Token issuance framework
- Custody segregation model
- Card Scheme rulebook (if applicable)
ℹ️
08 / Fees & Supervision
Fees, Capital & Ongoing Supervision
Applicants should expect fees at each stage. Capital must remain fully paid-up and unencumbered at all times.
📝
Application Fees
📋
Licence Issuance Fees
🔄
Annual Renewal Fees
🔍
Ongoing Supervisory Obligations
ℹ️
What We Deliver
How CRYPTOVERSE Legal Supports RPSCS Applicants
🎯
Licence Category Determination
Activity mapping & category confirmation
📊
Capital Modelling & Escalation
Threshold planning & stress testing
📝
Regulatory Business Plan
3-year forecasts & risk profile
📁
Full Documentation Pack
Sections A–E assembly & quality assurance
⚖️
AML & Prudential Frameworks
Enterprise-wide implementation
💻
AML Architecture
Architecture, BCDR & incident frameworks
🤝
Pre-Application Engagement
Regulator dialogue & positioning strategy
💬
Regulator Query Management
Clarification responses & supplementals
🔄
Post-Licence Compliance
Ongoing supervision readiness & reporting
FAQs
Frequently Asked Questions
Strongly recommended for complex models (cross-border, aggregation, token services). Informal engagement with the Licensing Division helps align expectations and reduce application friction.
No. Regulated activities may only commence after licence issuance. Operating during the application process is prohibited and may result in enforcement action.
Typically 3–6 months, depending on complexity and responsiveness. Engagement quality and documentation completeness significantly affect timeline and outcome.
No. Certain annexes are activity-specific (e.g., Payment Token Services, Card Schemes, cross-border models). We map your specific activity scope to the applicable documentation requirements.
Get Started
Navigate CBUAE Licensing With Confidence
CBUAE authorisation is prudentially driven and documentation-intensive. We prepare, sequence, and quality-assure your full submission — from pre-application engagement through to licence grant and post-licensing compliance.