GH GambleHub

UAE - regulatory landscape

(Section: "Markets and Jurisdictions")

1) Market picture: status quo

The UAE has historically adopted a prohibitive gambling model.

B2C casinos and online casinos for private operators are prohibited.
Online betting/poker/slots - not allowed; access to sites and applications targeting UAE residents is blocked.
Network filters and payment restrictions are actively used in the digital environment.
On the horizon of discussions is the possibility of targeted liberalization in the format of integrated resorts/tourist zones at the level of individual emirates, but the current law enforcement practice remains prohibitive.

2) Institutions and areas of responsibility

The federal level is a criminal and administrative ban on the organization and participation in gambling, as well as on their advertising and assistance.
TDRA (communication) - blocking domains, IP and applications related to gambling.
CBUAE (Central Bank) and PSP - control of payment routes; suppression of transfers in favor of illegal operators.
FIU/goAML (financial monitoring) - AML/TF, STR/SAR, control of "shadow" payments and transit schemes.
Media/advertising supervision and law enforcement - suppression of advertising and promotion, including influencer channels and gray landing pages.
Emirati level (DTCM/DET, departments of economics/tourism) - control of events, entertainment licenses, hospitality and marketing within the emirate.

3) What is allowed/forbidden

Allowed (contiguous zones):
  • Hospitality/entertainment services without a gambling component; promotional tourism and family activities; e-sports and casual games without bets/cash prizes.
  • B2B contracts in non-gaming parts of infrastructure (IT, cybersecurity, payment compliance analytics for legal industries, etc.).
Prohibited:
  • Any B2C products with signs of gambling (bet, chance, prize) - offline and online.
  • Advertising/affiliate promotion of gambling aimed at UAE residents.
  • Bypassing locks: mirrors, proxies, MSS "disguise "/payment assignments, crypto gateways for deposits/payments.

4) Locks and payments

TDRA/communication providers - block domains/applications/IP as prescribed; dynamic mirror lists are supported.
CBUAE/banks/PSP - filters transactions by MCC/patterns; prohibit routes in favor of gambling activities; increased monitoring of pseudo-merchants, e-wallet and P2P chains.
Marketplaces/stream platforms - must remove promos of illegal services and "guides" for bypasses.

5) Liability and enforcement

Administrative and/or criminal liability for organizers and accomplices; confiscation of equipment, blocking accounts/domains.
Fines and reputational risks for media/agencies and influencers promoting illegal offers.
Strengthening sanctions for repeated violations and the use of hidden schemes (CDN rotation, "drops," encryption of the purpose of payments).

6) Advertising and Communications

Prohibited creatives/leiding with gambling induction, "free" backs/bets, "guaranteed winnings."

UAE residents (including language/geo/interests) cannot be targeted with gambling materials.
It is recommended to keep a compliance log: screenshots, target settings, placements and quick stop procedures.

7) AML/KYC and consumer protection (framework level)

KYC/KYB: ban on anonymous/questionable payment channels, verification of partner beneficiaries, sanctions/PEP screening.
Transactional monitoring: identification of routes in favor of gambling activities; STR/SAR escalation to FIU on suspicion.
Data and privacy: storage of logs, access at the request of the competent authorities; high standard of data protection.

8) Liberalisation outlook (integrated resorts)

At the level of individual emirates, integrated resorts (IR) are discussed as tourist and MICE magnets.
Potential liberalization, if it occurs, will be targeted, with strict supervision, high entry barriers, complex requirements for RG/AML/IS, as well as geo- and behavioral restrictions for residents.
Before the release of official acts and procedures, B2C expansion cannot be considered; any plans to build on a conservative ban scenario.

9) What to really do business (playbook)

B2C gambling operators

💡 Entering the UAE market is not possible in the current mode. Consider other jurisdictions in the region with a permissive model.

B2B suppliers in adjacent areas

1. Focus on non-gaming: anti-fraud analytics, payment security, cyber protection, IDV/KYC technologies for legal industries.
2. Hospitality/IR chains: IT infrastructure, content/entertainment, CRM/loyalty without a gambling component.

3. Contractual framework: strict SLAs, DPIA (data risk assessment), clauses banning "gaming features."

4. Compliance: journal of creatives/partner materials; geo/language filters; readiness for audits and requests.
5. Risks: zero tolerance for "gray" marketing practices and proxy payments; training teams.

10) Technical requirements (for contractors)

Secure SDLC, version control, static/dynamic code analysis.
Logging (WORM) of key events with NTP synchronization; storage in protected segments.
Encryption at rest/in transit; RBAC/SoD; secret management.
DR/BCP: targeted RPO/RTO, regular tests; incident response plan and block activities.
Readiness for integration: secure APIs, reporting uploads, fast off-switch for marketing/features that potentially conflict with local norms.

11) Compliance checklists

Legal regime

  • Confirmed no gambling component in products/services
  • TDRA/Law Enforcement Response Procedures
  • Responsible persons for compliance/information security/marketing are appointed

Marketing & PR

  • Ban on targeting UAE residents with gambling content
  • Compliance log: creatives, target, venues, dates
  • Instant recall of risk triggers

AML/KYC

  • KYB partners, sanctions/PEP, SoF/SoW by triggers
  • Payment monitoring: "game" route block and MCC
  • STR/SAR and SLA

Information security and data

  • WORM logs, NTP synchronization, retention
  • Encryption, RBAC/SoD, secret management
  • DR/BCP tests, penetration tests/scans on schedule

12) First year KPIs

Compliance incidents: 0 violations for advertising/payments/content

Information security: MTTR incidents, closing critical vulnerabilities on time

Marketing: 100% compliance with geo/audience filters, zero triggers "gaming"

Operations: SLA ≥99% for responses to requests from authorities/partners

13) FAQ

Is it possible to launch online casinos with an offshore license, targeting tourists in the UAE?
No, it isn't. Bypassing territorial bans, mirrors and targets of residents/residents in the UAE - the basis for blocking and liability.

Is there a legitimate B2C path today?
No, it isn't. Consider only non-gaming and long-term B2B synergies in hospitality/infrastructure with no signs of gambling.

What about integrated resorts?
Potential scenarios are discussed. There is no current open model for private B2C operators; plan conservatively.

Is affiliate traffic allowed to external .com?
No, it isn't. Promotion of gambling for the UAE audience is prohibited, even if the resource is located outside the country.

Ad notata

Regulatory and enforcement practices in the UAE are evolving; before publishing official procedures and permits, proceed from a strict ban on gambling and their promotion. Any plans are only within the framework of non-gaming and with readiness for prompt compliance.

Contact

Get in Touch

Reach out with any questions or support needs.We are always ready to help!

Start Integration

Email is required. Telegram or WhatsApp — optional.

Your Name optional
Email optional
Subject optional
Message optional
Telegram optional
@
If you include Telegram — we will reply there as well, in addition to Email.
WhatsApp optional
Format: +country code and number (e.g., +380XXXXXXXXX).

By clicking this button, you agree to data processing.