Safeguarding Financial Assets: Understanding Bank Fraud Under UAE Cyber Law

Awatif Mohammad Shoqi Advocates & Legal Consultancy | View firm profile

Introduction:

With the rapid advancement of technology and the increasing digitalization of financial transactions, the threat of bank fraud has become a significant concern globally,including in the UAE. In response to this growing challenge, the UAE has implemented Federal Decree-Law No. 34/2021 Concerning the Fight Against Rumors and Cybercrime to combat cybercrimes. This law is intended to combat different types of cybercrimes, including those targeting financial institutions, by exploiting Information Technology.

Different Forms of Bank Fraud:

    • Phishing Scams: Offenders send misleading emails or messages imitating legitimate financial institutions to fake individuals into disclosing personal or financial information. Victims may unknowingly provide login credentials, enabling fraudsters to access their accounts.
    • Identity Theft: Cybercriminals steal personal information, such as social security numbers or passport details, to imitate individuals and fraudulently open bank accounts, apply for loans, or conduct unauthorized transactions.
    • Malware Attacks: Malicious software infects users’ devices to capture sensitive information, such as login credentials or banking details, without their knowledge. Malware can also manipulate online banking sessions to redirect funds or alter transaction details.
    • Unauthorized Access: Hackers exploit susceptibilities in banking systems or customers’ accounts to gain unauthorized access and transfer funds, modify account balances, or initiate fraudulent transactions.
    • Payment Card Fraud: Fraudsters use stolen or counterfeit payment card information to make unauthorized purchases or cash withdrawals, exploiting weaknesses in payment processing systems or card security measures.

Bank Frauds Under the UAE Cyber Law:

Bank fraud under UAE cyber law is comprehensively addressed through this decree, which defines cyber-attacks and hacking as deliberate actions aimed at disrupting, exposing, or leaking data from information systems, electronic networks, or electronic methods.

Hacking is further clarified as unauthorized access or breaches of licensing provisions, carrying penalties of detention or fines ranging from AED 100,000 to AED 300,000. If the hacking results in system damage or disruption, penalties may increase to a minimum of 6 months imprisonment or fines from AED 150,000 to AED 500,000. Moreover, engaging in hacking for illicit purposes may incur imprisonment for at least 1 year or fines ranging from AED 200,000 to AED 500,000.

Article 6 of the cyber law imposes penalties for unauthorized acquisition, modification, or disclosure of electronic personal or financial data, with provisional imprisonment for a minimum of 5 years and fines from AED 500,000 to AED 3,000,000. Additionally, the unauthorized obtaining of third-party symbols and codes, as stipulated in Article 9, may result in imprisonment and fines from AED 50,000 to AED 500,000.

Manipulation of information networks, fabrication of electronic accounts or websites, illegitimate interception and disclosure of information, and breaches of personal data laws entail various penalties, including detention and fines up to AED 2,000,000. Similarly, forgery of electronic documents and breaches of electronic payment methods, as outlined in Articles 10 and 15, lead to provisional imprisonment and fines ranging from AED 150,000 to AED 2,000,000.

Moreover, Article 40 defines Cyber Fraud, penalizing individuals who fraudulently obtain movable property, benefits, documents, or signatures using information technology methods, with imprisonment for a minimum of 1 year or fines from AED 250,000 to AED 1,000,000. Article 42 addresses Electronic Extortion and Threat, imposing imprisonment for up to 2 years and fines from AED 250,000 to AED 500,000 for threatening others via information networks or technology methods. Additionally, penalties increase to imprisonment for up to 10 years if the threat involves compelling specific actions or abstentions from others.

Conclusion:

the UAE’s cyber law addresses cyber-attacks and hacking seriously, prioritizing the safeguarding of personal and financial data. Both individuals and businesses must understand these laws and take proactive steps to reduce the risks from cybercriminals. By staying informed and alert, we can protect our financial assets in today’s digital world.


 

More from Awatif Mohammad Shoqi Advocates & Legal Consultancy