الهيئة العامة للرقابة المالية

FRA Chairman:

• FRA has launched a comprehensive legislative framework to deploy FinTech securely while managing digital risks.
• Despite its challenges, Artificial Intelligence serves as the first line of defense for digital security in modern markets.
• Non-banking financial institutions (NBFIs) must upgrade protection systems, conduct regular penetration testing and secure cyber liability insurance.

Dr. Islam Azzam, FRA Chairman participated in the 5^th  edition of Cyber and Information Security Exhibition and Conference (CAISEC 2026).

Eng. Raafat Hindy, Minister of Communications and Information Technology attended the event, alongside a distinguished gathering of Egyptian, Arab and African IT officials. Organized by Mercury Communications, the conference was moderated by prominent media figure and company Chairman, Osama Kamal. This year’s edition focuses heavily on safeguarding digital national security across the Arab and African regions.

FRA Chairman stated that the global escalation of cyber risks makes investing in cybersecurity a regulatory and economic necessity to ensure market stability and protect investors. He pointed out that the growing interest in Artificial Intelligence (AI) and cybersecurity reflects the scale of challenges imposed by rapid technological advancements. Furthermore, he emphasized the critical need to strike a balance between maintaining cybersecurity, keeping pace with technological innovation, and spreading scientific and technical awareness to enhance market efficiency and resilience.

Dr. Azzam highlighted international statistics indicating an unprecedented surge in cyber risks. Global losses from cybercrime skyrocketed from approximately $3 trillion in 2015 to nearly $10.5 trillion in 2025. Meanwhile, losses in the United States alone reached about $20.8 billion last year.

“These figures reflect the gravity of the challenges facing financial and regulatory institutions, underscoring the vital importance of adopting advanced regulatory frameworks for cybersecurity.”  Dr. Islam Azzam

FRA Chairman added that while AI presents a massive opportunity to drive economic growth, develop financial services and upgrade the efficiency of digital protection systems, it simultaneously introduces new challenges.

These challenges demand enhanced readiness to counter highly sophisticated cyberattacks, most notably Deepfake technologies, which have emerged as one of the most prominent, common, and financially damaging tools for fraud and security breaches.

Dr. Islam Azzam emphasized that countering these evolving risks requires the proactive integration of Artificial Intelligence into cyber defense systems. He cited international studies demonstrating AI’s superior ability to detect threats efficiently and accelerate incident response, outperforming traditional defense systems by 60%.

FRA Chairman then reviewed the Authority’s extensive efforts in supporting a secure digital transition across non-banking financial activities (NBFIs). He noted that FRA was at the forefront of establishing an integrated legislative and regulatory framework for FinTech implementation, following the enactment of Law No. 5 of 2022 concerning the regulation and development of FinTech in NBFIs.

He highlighted the completion of this regulatory infrastructure through various FRA resolutions. These regulations explicitly govern Electronic Know-Your-Customer (e-KYC) protocols, digital contract formulation, archiving, and retrieval, as well as the establishment and management of digital registers. Furthermore, these frameworks set stringent requirements for digital identity, corporate governance, risk management, data protection and information security.

Dr. Azzam stressed that these regulatory decisions have effectively built an integrated ecosystem that allows companies to deliver financial services digitally, safely, and reliably. Under these mandates, FRA obligates regulated entities to develop a robust, integrated IT infrastructure for their information systems to guarantee data protection, database integrity, and technological risk management. Additionally, the framework establishes unified systems for verification, digital identity, digital contracts, and outsourcing registries to foster consumer trust in digital financial services.

He further indicated that FRA strictly requires companies to formulate specialized information security policies and deploy cybersecurity defenses aligned with the latest international standards. Regulated entities are also mandated to conduct regular penetration testing and submit periodic reports to FRA, alongside securing cyber risk insurance policies as a prerequisite for maintaining their operational licenses.

To foster safe innovation, Dr. Islam Azzam noted that FRA Sandbox provides a secure environment to test pioneering tech solutions before their commercial market launch. To date, Sandbox approved five projects, in addition to implementing training programs designed to boost the cybersecurity and technical capabilities of professionals across various NBFI sectors.

Dr. Azzam explained that the concrete results of these efforts are clearly reflected in the rapid growth of FinTech adoption across the non-banking financial sector. By the end of 2025, the sector recorded over 345,000 digital verification (e-KYC) transactions and the issuance of approximately 190,000 digital contracts.

Additionally, Dr. Azzam highlighted that digital platforms for Real Estate Investment Funds are the latest major frontier for FinTech adoption. To secure the complex, end-to-end transactions among funds, platform management, and investors, FRA ensured that its regulatory framework strictly enforces these advanced cybersecurity protocols.

Dr. Islam Azzam concluded his address by reaffirming FRA’s commitment to strengthen cybersecurity framework across the non-banking financial sector.  He added that the Authority’s strategy focuses on three core pillars: regulation and incentivization, regulatory oversight and readiness assessment and comprehensive training and capacity building. This approach ensures the sector remains highly resilient and agile against escalating cyber threats.