- UAE — CMA Marketing Regulation
Marketing Crypto Activities in the UAE
A practical guide to how crypto marketing is regulated under the CMA framework in the UAE — who may market regulated activity, the baseline standard for communications, investor-class restrictions, required regulatory-status wording, and where marketing must be reinforced by risk disclosures and client-facing documentation.
CMA Marketing Framework — At a Glance
⚖️
Only licensed firms may market regulated virtual asset activity in or from the UAE (excluding DIFC & ADGM)
📢
Baseline standard: all communications must be clear, fair, and not misleading — no exceptions
👥
Investor classification drives audience gating — professional-only material must never reach retail clients
⚠️
Margin and lending products carry heightened, product-specific disclosure obligations
🚫
Privacy Tokens and Algorithmic Tokens — financial promotion prohibited
🗂️
All marketing materials must be archived and retained for a minimum of six years
We help VASPs build defensible CMA-facing marketing governance: message standards, investor-class gating, regulatory-status wording, disclosure architecture, campaign sign-off controls, and archive-ready recordkeeping aligned with the rulebook.
Scope & the Baseline Marketing Standard
Who Must Comply, What Marketing Covers, and the Overarching Standard That Applies to Every Communication
CMA marketing compliance attaches to the regulated financial activity being promoted — not merely to formal advertisements in isolation. The Business Regulation Module applies to every person conducting a financial activity specified in Article 12 of the General Framework Module within or from within the State. Understanding what counts as a "marketing material" is the starting point for any compliant CMA marketing strategy.
Who Must Comply — Scope of Application
Only Licensed Firms May Market Regulated Activity
No person may carry out virtual asset activities from within or inside the UAE unless licensed by the CMA — and promotions that invite or incentivise persons to enter into agreements relating to a virtual asset or financial service are expressly treated as marketing materials under the Business Regulation Module.
Three Regulatory Sources Govern Marketing
Marketing compliance is governed through a combination of the licensing perimeter (General Framework Module), communications and marketing materials provisions (Business Regulation Module), and activity-specific disclosure requirements for higher-risk services such as margin trading and lending and borrowing.
Marketing Is Defined Broadly
The Business Regulation Module defines marketing materials to capture any invitation or incentive to enter into an agreement relating to a virtual asset or financial service — whether offered by the licensed entity itself or by another entity. This captures paid advertising, organic content, referral arrangements, and third-party promotions alike.
💡
The Baseline Standard — Clear, Fair & Not Misleading
The CMA baseline rule is straightforward but absolute. When a licensed entity provides information to any person concerning a virtual asset or financial service, it must take reasonable steps to ensure that the information is clear, fair, and not misleading. The firm must also not seek, through any communication or agreement, to exclude or restrict duties or liabilities owed under applicable law.
Mandatory Elements in Every Marketing Material
Required Element
Source
Name of authorised firm
Name of the firm providing the material, or on whose behalf it is provided
Regulatory status disclosure
Regulatory status of the licensed entity as required under Article 64 of the General Framework Module
Professional investor statement
Where directed exclusively to Professional Investors or Counterparties, a clear statement to that effect — and that no other person should act on it
🚫
📋
3 Sources
Marketing is governed across the General Framework Module, Business Regulation Module, and product-specific disclosure rules
⚖️
Baseline
Clear, fair, and not misleading — the overarching standard for every communication involving a virtual asset or financial service
🔏
3 Must-Haves
Every marketing material must include firm name, regulatory status, and professional investor labelling where applicable
🚫
No Misuse
Regulatory status must not be overstated, implied beyond its scope, or used to market outside the approved licence boundary
Investor Classification & Audience Gating
Client Classification Drives Marketing Reach — Professional-Only Materials Must Never Reach Retail Audiences
Under the Business Regulation Module, every person receiving a financial service must be classified as a Retail Client, Professional Investor, or Counterparty before services are provided — and that classification directly determines what marketing they may lawfully receive. Marketing governance must operationalise this classification into campaign distribution, landing-page controls, and distribution gating.
The Three Client Classifications & Their Marketing Implications
Classification
Marketing Rule
Status
Retail Client
May receive general marketing — but retail-targeted performance claims require fair view, source disclosure, and prominent past-performance warning
Highest Protection
Professional Investor
Professional-only materials must be clearly labelled as such and not sent or directed to retail investors; firm must take reasonable steps to enforce this separation
Gated Access
Counterparty
Same gating rules as Professional Investor — material directed exclusively to counterparties must state this clearly and must not reach retail audiences
Gated Access
⚠️
What Good CMA Marketing Governance Includes — Audience Controls
01
Segmentation by Investor Type
All client databases and campaign distribution lists must be segmented by CMA classification — Retail, Professional Investor, and Counterparty — so that each marketing piece reaches only the audience it is designed and approved for.
02
Campaign Restrictions for Professional-Only Offerings
Campaigns for products or strategies available only to Professional Investors or Counterparties must be tagged, approval-gated, and distributed through channels that restrict delivery to verified professional audiences.
03
Landing-Page and Distribution Gating
Where professional-only content is accessible digitally, gating controls — eligibility confirmation, classification verification, or access-restricted login — must prevent retail clients from accessing restricted materials.
04
Internal Controls Matching Marketing Scope to Client Eligibility
Internal sign-off controls must verify that the proposed audience for each campaign aligns with the client-type eligibility for the product or service being promoted — before any campaign is published or distributed.
Retail Performance Claims, Margin & Lending Disclosure Rules
Heightened Obligations for Performance-Based Messaging, Margin Trading Promotions, and Lending & Borrowing Marketing
The CMA rulebook is especially careful with retail-targeted materials and with marketing for products that carry elevated risk — particularly margin trading and lending and borrowing. These categories carry product-specific disclosure obligations that go materially beyond the general baseline standard and must be operationalised into every relevant campaign.
Retail-Targeted Performance Claims — What the Rulebook Requires
Where information or statements relating to past performance or future expectations based on past performance or assumptions are provided to targeted retail clients, the licensed entity must ensure they:
✔
Present a fair and balanced view of the performance information — not selective, cherry-picked, or period-skewed
✔
Clearly indicate the source of the performance information and the key facts or assumptions underlying it
✔
Include a prominent warning that past performance is not necessarily a reliable indicator of future results
✔
Not imply or suggest that projected performance will be achieved — forward-looking statements must be clearly qualified
Lending & Borrowing Marketing
Dedicated Chapter — Higher-Control Expectations
The Business Regulation Module contains a dedicated chapter for lending and borrowing, including a specific article on marketing materials and a separate risk disclosure statement requirement. From the structure of the module alone, this indicates higher-control expectations for the promotion of lending and borrowing products involving virtual assets — equivalent in principle to the detailed margin trading disclosure framework.
Margin Trading — Heightened Disclosure Requirements
For margin trading, the Business Regulation Module imposes stricter obligations. A licensed entity dealing as agent or operating an MTF must prominently and clearly display links to the risk disclosure statement regarding margin trading and leverage in:
- Website Homepage
Requirement
Prominent link to margin risk disclosure statement on the homepage — not buried in footer or terms pages
- All Marketing Materials
Requirement
Every marketing or educational material relating to margin trading must include the risk disclosure link
- Every Warning & Disclaimer
Requirement
All warnings or disclaimers presented on the website must be displayed clearly and prominently
- Retail Client Account Opening
Requirement
Separate risk disclosure statement, documented client acknowledgment, and retained record — before account opens
⚠️
Third-Party Promotions, Restrictions & Prohibited Token Categories
Cross-Promotions, Affiliate Models and Prohibitions — the CMA Rules That Most Firms Underestimate
Two areas of the CMA marketing framework are consistently underestimated by licensed firms: the obligations that attach when marketing a product or service offered by another entity, and the absolute prohibitions on marketing certain token categories. Both carry enforcement risk that is not mitigated by common structuring approaches such as affiliate arrangements or white-label models.
Third-Party & Cross-Promotion Marketing Obligations
Where a licensed entity provides marketing materials relating to a virtual asset or financial service offered by another entity, the CMA framework imposes two specific obligations:
1. Compliance Responsibility Extends to the Material
The licensed entity must ensure that the marketing material complies with applicable State law and CMA regulations — regardless of whether the material was produced by the third party or adapted from their materials. Responsibility for the marketing does not shift to the third party by virtue of the promotional relationship.
2. Ongoing Distribution Monitoring Obligation
The licensed entity must stop distributing marketing material for another entity's product or service if it becomes aware that the relevant entity has breached applicable regulatory requirements in relation to that asset or service. Passive distribution is not a safe harbour — the obligation is ongoing and requires active monitoring of the third party's regulatory standing.
💡
Applies to Introducers, Affiliates, White-Label Models, and Token Promotions. This rule is particularly important for firms that distribute third-party token promotions, operate affiliate marketing programmes, or provide white-label marketing support to unlicensed entities. The CMA compliance obligation follows the material — not the originating relationship.
What the Rulebook Clearly Restricts or Prohibits
✕
No unlicensed person may carry out regulated virtual asset activities in or from within the UAE — or market them
✕
Marketing materials must be clear, fair, and not misleading — the standard is absolute, no carve-outs
✕
Regulatory status must not be misused — no overstatement, no implied endorsement beyond licence scope
✕
Professional-only materials must not be directed to retail investors — firm bears responsibility for distribution controls
✕
Retail-targeted performance claims must be fair, sourced, and carry a prominent past-performance warning
✕
Margin marketing must be accompanied by accessible, prominent, product-specific leverage-risk disclosures
✕
Financial services related to Privacy Tokens / Privacy Devices — financial promotion prohibited
✕
Financial services related to Algorithmic Tokens — issuance or approval of financial promotion prohibited
🚫
Recordkeeping, Disclosure Architecture & Internal Governance
Marketing Cannot Be Looked at in Isolation — Disclosure, Onboarding, Recordkeeping, and Governance Must All Align
The CMA framework regulates not just outward-facing promotions but the wider client-information environment. Marketing obligations are interconnected with onboarding, disclosure architecture, suitability and appropriateness assessments, and retention obligations — all of which must align for a defensible CMA marketing governance framework.
Recordkeeping — What Must Be Retained & For How Long
The Business Regulation Module requires the licensed entity to maintain adequate records related to each activity and function it performs for at least six years, including:
Record Type
Retention
Marketing materials issued by or on behalf of the firm
6+ Years
Services and advice given to clients
6+ Years
Client agreements and amendments
6+ Years
Records evidencing compliance with incentives and disclosure rules
6+ Years
Client classification records and periodic updates
6+ Years
Margin trading acknowledgments and risk disclosure receipts
6+ Years
⚖️
Client Disclosure Matters Even Outside “Ads.” The CMA framework requires information to be delivered directly to the client, mandates client agreements containing key information before services are provided, and requires suitability or appropriateness assessments where applicable. Marketing cannot be designed or approved in isolation from onboarding and disclosure architecture.
What Good CMA Marketing Governance Looks Like
📋
Centralised Approval Workflow
- Pre-publication compliance review for every campaign
- Legal sign-off before any material is published or distributed
- Escalation procedures for novel or higher-risk content
🔏
Standardised Wording Library
- Regulatory-status disclosure wording — locked for all channels
- Past-performance warnings — standardised per asset class
- Professional investor statements — pre-approved for re-use
👥
Investor-Class Segmentation Controls
- Campaign tagging by eligible audience type
- Distribution list linking to live classification database
- Landing-page gating for professional-only content
⚠️
Product-Specific Disclosure Overlays
- Margin trading disclosure integration — homepage + campaigns
- Lending and borrowing risk statement architecture
- Token-category pre-screening before promotional approval
🗂️
Archive & Retention Controls
- Final-form archive copies of all published materials
- Distribution logs recording audience class and date
- Six-year retention minimum across all marketing records
🔗
Third-Party Promotion Governance
- Affiliate and introducer marketing compliance oversight
- Ongoing regulatory monitoring of third-party entities promoted
- Immediate distribution cessation protocols upon regulatory breach
What CRYPTOVERSE Legal Delivers
CMA Marketing Compliance Frameworks, Disclosure Architecture, and Board-Grade Marketing Governance — Built Around Your Licence
We help firms build marketing strategies that convert without stepping outside the CMA perimeter — from message standards and investor-class gating design through to margin disclosure integration, third-party promotion governance, and archive-ready recordkeeping systems aligned to the rulebook.
📐
CMA Marketing Compliance Frameworks
We design the marketing compliance framework for your CMA licence scope — defining what can be marketed, to whom, through which channels, with what disclosures, and under what internal approval process. The framework is built around the specific financial activities and licence categories you hold, not a generic template.
📢
Message & Disclosure Architecture
We build the disclosure architecture for every marketing channel — standardised regulatory-status wording, past-performance warning language, professional investor statements, and product-specific disclosure overlays for margin and lending products — in a locked, reusable wording library that travels with every campaign from draft to publication.
👥
Professional-Investor / Retail Audience Gating Design
We design the audience gating architecture — linking client classification records to campaign distribution controls, building landing-page gating for professional-only content, and designing internal sign-off controls that verify audience eligibility against product eligibility before any campaign is distributed or published.
🔎
Campaign & Landing-Page Reviews
We review proposed campaigns, landing pages, and marketing materials against the CMA rulebook — identifying compliance gaps in messaging, audience restrictions, disclosure completeness, and regulatory-status wording before publication. We also advise on remediation where existing materials require amendment to meet the CMA standard.
⚠️
Margin & Lending Disclosure Integration
We design and implement the product-specific disclosure architecture for margin trading and lending and borrowing promotions — covering homepage risk disclosure links, campaign-level disclosure integration, retail client account-opening risk statement workflows, and documented client acknowledgment records that satisfy the CMA's heightened obligations for these products.
🔗
Third-Party Promotion Governance
We design the governance framework for cross-promotions, affiliate arrangements, introducer relationships, and white-label marketing — covering compliance responsibility allocation, ongoing regulatory monitoring of promoted entities, distribution cessation protocols, and documentation controls that demonstrate active oversight of all third-party promotional activity.
🗂️
Archive & Approval Systems
We design the archive and approval system for marketing materials — covering the centralised approval workflow, pre-publication compliance review process, final-form archive procedures, distribution log design, and six-year retention architecture that demonstrates to the CMA a documented, systematic approach to marketing governance and recordkeeping.
🏛️
Board-Grade Marketing Governance Design
We build the board-level marketing governance framework — covering escalation procedures, senior management accountability for marketing compliance, conflict of interest controls in promotional relationships, and the reporting architecture that makes marketing compliance visible to board and senior management as a supervised regulatory obligation.
From Licence-Aligned Marketing Strategy Through to Campaign Review, Disclosure Architecture, and Board-Grade Governance — Complete CMA Marketing Compliance Support
- We build the marketing compliance framework around your specific licence scope — what you may promote, to whom, through which channels, and under what disclosure and approval controls
- We design the investor-class gating architecture — linking classification records to distribution controls, landing-page gating, and campaign eligibility sign-off workflows
- We integrate product-specific disclosure obligations for margin and lending products — from homepage risk links through to retail client acknowledgment records
- We design the archive, approval, and retention system — ensuring every campaign can be demonstrated to the CMA as having been produced, reviewed, distributed, and retained in compliance with the rulebook
Marketing compliance under the CMA is not a design constraint — it is a licensing obligation. A campaign that breaches the rulebook is not just a reputational risk; it is a regulatory breach on the face of your licence.
FAQs
Frequently Asked Questions — CMA Crypto Marketing Rules (UAE)
No. If the marketing relates to regulated virtual asset activity carried on in or from within the UAE (excluding DIFC & ADGM), the licensing perimeter applies directly to the marketing — not just to the underlying activity. Unlicensed carrying-on of virtual asset activity is prohibited, and promotions that invite or incentivise persons to enter into agreements relating to those activities are expressly treated as marketing materials under the Business Regulation Module. An unlicensed firm distributing such materials is in breach of the CMA framework regardless of how the promotion is structured or where the creative work is produced.
Yes — that is the baseline standard for every communication involving a virtual asset or financial service. When a licensed entity provides information to any person concerning a virtual asset or financial service, it must take reasonable steps to ensure that the information is clear, fair, and not misleading. This standard applies to all communications — not just formal advertising — and the firm must not seek through any communication to exclude or restrict duties or liabilities owed under applicable law. The standard is absolute; there is no minimum threshold, no carve-out for social media, and no exception for educational content that incidentally promotes a product or service.
Yes. Marketing directed exclusively to professional investors or counterparties must clearly state that it is directed to that class of person and that no other person should act on it. The firm must also take reasonable steps to ensure that professional-only material is not sent or directed to retail investors — and must ensure that persons using marketing material on the firm’s behalf do not do so in breach of the rulebook. The obligation is active, not passive: the firm cannot simply label a campaign as “professional only” and rely on self-selection by the audience. Distribution controls must be in place before the campaign is published.
Yes — the margin trading disclosure requirements go well beyond the general baseline standard. A licensed entity dealing as agent or operating an MTF must prominently and clearly display links to the risk disclosure statement regarding margin trading and leverage on the homepage of its website, in all marketing and educational materials, and in every warning or disclaimer presented on its website. Before opening a margin trading account for a retail client, the firm must also provide a separate risk disclosure statement, obtain a documented client acknowledgment, and retain that record. The statement must warn that the client is at risk of losing all funds, that leverage magnifies losses, that stop-loss mechanisms may fail, and that most retail clients lose money when trading on margin. These are prescribed content requirements — not guidelines.
Yes. Marketing materials issued by or on behalf of the licensed entity form part of the Business Regulation Module’s recordkeeping obligations and must be retained for at least six years. This includes all marketing and promotional materials, regardless of channel or format — digital, print, social media, email, or otherwise. A defensible CMA marketing governance framework must include a centralised archive of final-form materials, distribution logs recording the audience class and publication date, and records demonstrating which client classification each campaign was directed to. The CMA may scrutinise whether marketing aligns with licence scope, conduct standards, investor classification, and required disclosures — and the recordkeeping obligation is the evidentiary foundation for that scrutiny.
Ready to Build a CMA-Compliant Marketing Framework?
Book a CMA Marketing Strategy Call
Whether you are building a marketing governance framework from scratch, reviewing existing campaigns for CMA compliance, or designing disclosure architecture for margin or lending products — we build the framework around your licence, your audience, and your distribution model.