The ongoing conflict in the Middle East is having profound human and economic consequences across the region and globally. For asset managers operating in or connected to the region, the situation raises several immediate operational, regulatory and financial considerations.

AIMA recently convened its UAE Managers Group to discuss emerging challenges and share perspectives on how firms can address the risks associated with the evolving environment.  It was highlighted that the situation remains very fluid, and firms are closely monitoring guidance from relevant authorities.

Regulatory engagement

Regulators in the UAE are reacting to developments and their potential implications for financial markets and firms’ operations.  With many members and alternative asset managers based in the Dubai International Financial Centre (DIFC) and the Abu Dhabi Global Market (ADGM), AIMA has been in close contact with the Dubai Financial Services Authority (DFSA) and the ADGM’s Financial Services Regulatory Authority (FSRA) to ensure member firms are kept abreast of ongoing regulatory developments.

Following the creation of the DIFC in 2004 the centre now hosts more than 290 banks, 102 hedge funds, 500 wealth management firms and 1,289 family-related entities (as of Dec. 2025).  While the ADGM is home to more than 160 asset and fund managers overseeing 220 funds.

The DFSA has reminded firms of the importance of maintaining effective business continuity arrangements.  Firms are expected to invoke their Business Continuity Plans (BCPs) where material operational disruptions occur and to operate under those plans only for the period necessary to restore normal operations. Where a BCP is activated, firms should notify the DFSA promptly and inform other relevant authorities where appropriate.  AIMA’s understanding is that many firms have invoked either fully or partially their BCPs.

Firms are also expected to provide updates to the DFSA on staff working arrangements, including any material changes such as remote working, temporary relocation, evacuation, or staff operating from other jurisdictions.¹ Currently, firms are taking a variety of different approaches with some shutting their offices while others are offering employees the opportunity to return to the office in line with UAE federal guidance.

The ADGM’s FSRA expects firms to notify it of any material developments that impact their operations, financial position, systems and controls, client servicing capabilities or ability to meet regulatory obligations and any contingency measures being put in place. The latter would include activation of any business continuity measures, remote working arrangements (both within and outside the UAE), or any other significant operational changes.

Supervisory engagement and regulatory processes are expected to continue largely as normal, with any adjustments communicated by regulators where necessary.

Relevant resources:

• DFSA Dear SEO Letter (11 March 2026)
• FSRA Dear SEO letter (02 March 2026)
• DFSA Dear SEO Letter (01 March 2026)

Tax and employment considerations

Where firms relocate personnel or shift business activities across jurisdictions, there may be important tax and employment implications for both individuals and entities.

Individual tax liabilities may arise depending on residence status and the activities performed in a given jurisdiction. Residence is often determined by the number of days spent in a jurisdiction during a tax year, though other factors — such as accommodation availability — may also be relevant. Even where an individual is temporarily present, income tax, withholding tax, or social security obligations may arise once certain thresholds are met.

For firms, relocating employees or conducting activities from a jurisdiction where the business does not ordinarily operate may create a taxable presence or “permanent establishment.” This could affect corporate tax obligations or transfer pricing arrangements. Similar considerations may arise if fund-related activities are performed from new jurisdictions.

Firms should therefore carefully assess the tax implications of staff relocation or temporary working arrangements.

Operational and financial resilience

Regulators are emphasising the need for firms to maintain robust operational resilience frameworks during periods of heightened geopolitical risk.

Firms should review and, where necessary, strengthen their contingency arrangements, including those relating to critical third-party providers and cross-border operations. Governance and escalation procedures should remain effective, with senior management receiving timely information on emerging risks.

Asset managers should also remain vigilant to elevated liquidity, credit, market, operational risks, and maintain open communication with regulators regarding any disruptions or material issues that could affect their ability to service clients or meet regulatory obligations.

IT and cyber security

Recent incidents highlight the importance of strengthening technology resilience and cyber preparedness.

Amazon Web Services (AWS) reported that drone strikes hit three of its facilities in the UAE and Bahrain on 1 March, causing outages and physical damage. The company advised customers to back up data and consider migrating workloads while services were restored.

Cloud infrastructure and commercial technology platforms are increasingly viewed as potential “dual-use” targets, particularly where they support government or defence-related activities.  Firms should therefore consider measures such as diversifying cloud providers, maintaining secure backups of critical data, and testing contingency plans for infrastructure disruptions.

Cyber risk may also be elevated. The UK’s National Cyber Security Centre has warned of a heightened risk of cyber threats for organisations with operations in the Middle East, while US authorities have issued advisories encouraging US companies to harden systems against potential cyber activity linked to the conflict.

Asset managers should ensure their cybersecurity programmes are robust and regularly tested.

Relevant AIMA resources:

• AIMA Guide to Sound Practices for Cyber Security
• AIMA Guide to Sound Practices for Business Continuity Management

AIMA will continue to work closely with regulators across the region and will provide further updates as more information becomes available.​​​ AIMA will also be hosting another UAE Managers Group call on 25 March.

Please contact Tom Kehoe ([email protected]) or James Delaney ([email protected]) if you would like to join.