Have a question? +971 56 404 0503
Financial
AI-Driven Cybersecurity in MENA Banking: Why It’s Time to Rethink Our Defenses
By Omar Mansur, Managing Director – APAC, Codebase Technologies
In an age where digital transformation is moving faster than ever, banks around the Middle East and North Africa (MENA) are forced to confront a growing and increasingly evolving threat: cybercrime and fraud. It’s not just about an increase in the number of incidents; it’s about smarter threats. Nefarious agents are utilizing more complex methods such as leveraging artificial intelligence (AI) to outsmart traditional IT security systems, using everything from deepfake-powered scams to AI-generated phishing campaigns along with social engineering strategies.
In the UAE alone, about 21% of cybersecurity incidents in recent years targeted banks and financial institutions, second only to government entities (Lemos, 2025). With costly breaches on the rise cybersecurity has become a top board-level concern. However globally, 71% of leaders report that small organizations can no longer adequately secure themselves against the growing complexity of cyber risks (WEF, 2025). It’s a high-stakes game and I have personally seen how AI and cybersecurity has taken the spotlight in board meetings and discussion with clients from across the GCC and Levant regions.
This urgency has forced MENA banks to explore AI-driven security solutions that can match the speed and complexity of modern threats, protecting both their customers and their bottom line. The conversation is no longer “if” we need AI-driven defenses—it’s how quickly we can deploy them, and how can we optimize them to adapt to the ever-changing tactics of nefarious agents
Where We Stand
It wasn’t that long ago that Gen AI in banking was mostly used to train and create chatbots for customer support, but this is changing quickly. In the UAE, over 70% of banks have rolled out or upgraded their AI capabilities, and not just to streamline operations, but to actively combat cybercrime (PwC, 2023). Across multiple projects I have seen an overarching focus on AI being incorporated into all manner of digital solutions, particularly in the MENA region where cyber fraud has become a prevalent issue affecting credibility and customer confidence.
The push is being led by both necessity and ambition. Saudi Arabia and the GCC states are investing heavily in national digital strategies, and banks are stepping up with AI systems to detect fraud, verify identities, and stay ahead of financial crime. As many countries in the Middle East position themselves as financial and fintech hubs, ensuring security for customers and institutions is a prime concern in garnering not only customer confidence but regional credibility. That’s pushed regional cybersecurity budgets to grow by double digits, with MENA’s total spend expected to exceed $3.3 billion in 2025, driven by Gen-AI, cloud adoption, talent gaps, and evolving threats (Gartner, 2024).
A True Strategic Advantage or Just a Security Upgrade?
Artificial intelligence isn’t just helping plug holes in defenses, it’s defining the rules for how security is built into every layer of operations. Integrating AI into banking operations gives banks a real edge in regions where speed really matters. Having worked with several banks across the region, I’ve seen firsthand how traditional security models are starting to break under the weight of elaborate AI based threats.
For banks in the MENA region, where rapid digitalization coincides with heightened cyber threats, adopting AI-driven systems enhances operational resilience, reduces financial losses due to fraud, and boosts customer trust. AI not only fortifies security frameworks, it also fosters innovation, empowering banks to confidently pursue new digital business models and expansion opportunities.
AI defenses monitor account activity 24/7 and can react in seconds to anomalies, reducing the window of time attackers can exploit. AI-based user behavior analytics can spot an account takeover attempt at the moment it diverges from normal patterns and automatically disable the account, preventing fraud before it escalates. Early-adopting banks in the UAE report that AI systems have sharply reduced successful fraud incidents and enabled rapid intervention in potential cyber attacks.
AI isn’t just a nice to have security upgrade, it’s a question of survival.
How are Banks Using AI for Cyber Security
A simple example of successful AI usage in a cybersecurity context is during a next-gen digital onboarding process. With many regulators now strong encouraging or mandating digital onboarding, banks have been able to benefit from using AI-powered systems to prevent fraud before it has a chance to run rampant. Next gen AI-powered onboarding and eKYC minimizes friction for customers looking to open accounts, while providing a secure backend environment to recude the risks for attacks. Such solutions utilize a variety of AI enabled features such as next-gen biometrics, deep ID document validation, Arabic language detection, glare reduction in ID photos, all ensuring a secure authentication and verification of a new customer. An example of this application can be the digital onboarding process implemented by UAE-based Ajman Bank, which has registered a significant reduction in fraud attempts after implementing an AI-based digital onboarding system as part of its digital transformation.
Another strategy for catching instances of fraud is by using AI for anomaly detection. A machine learning model can study what “normal” looks like, in terms of user behavior, transaction patterns, system activity; and flag anything that stands out. This allows banks to see unusual patterns – e.g. a late-night login or peculiar fund transfers, which would evade static rule-based systems. Unsupervised algorithms (like isolation forests or one-class SVMs) and neural network autoencoders sift through vast streams of events to pinpoint such outliers. Such strategies, can be deployed to facilitate analysis over large numbers of accounts, which can then be flagged to a human for additional intervention and review.
This tactic can work hand in hand with automating routine security tasks with AI, making cybersecurity operations more efficient. This not only addresses the talent shortage by doing more with less, but also lowers costs associated with manual monitoring and investigation. AI-based security solutions have been shown to improve incident response times and cut costs by reducing trivial alerts and speeding up analysis. Banks in MENA benefit by reallocating human experts to higher-value activities like threat hunting and fortifying security architecture, while letting AI handle the heavy lifting of round-the-clock surveillance.
Neural networks can analyze huge volumes of transactional data, cross-referencing dozens of variables to catch fraud in ways that traditional systems simply can’t. Banks train neural networks on historical transactions to recognize subtle indicators of fraud that humans might miss. An ensemble of decision trees (random forests) or a deep neural network can analyze dozens of features (transaction size, timing, location, device, user profile) to instantly assess whether a transaction is suspicious. These models adapt as fraud tactics evolve, improving over time. Similarly, neural networks in intrusion detection systems learn to spot network traffic behaviors that resemble known cyberattacks. This leads to faster, more accurate threat detection and frees up human analysts for higher-level decision-making.
Phishing remains a prime concern for many banks as targeting customers can be a much simpler way to compromise a system than to go after the bank itself. In fact, in 2024 there was a sharp increase in phishing and social engineering attacks, with 42% of organizations reporting incidents (WEF, 2025). To mitigate such threats, many cyber security experts are turning to Natural Language Processing or NLP, which has become a dynamic way in recent years that helps banks detect malicious intent in emails, texts, and even chat messages. NLP enables AI to “read” and analyze text for signs of fraud or attack. An NLP-driven system can scan incoming emails to employees and flag phishing attempts based on language patterns and malicious links. Banks use NLP to monitor chat messages and transaction memos for red flags, like someone soliciting account details. By understanding context in language, AI adds an extra layer of defense to catch social engineering and scam attempts that purely numeric data monitoring might overlook.
By deploying these AI-powered strategies in tandem, banks can create a multi-pronged defense system, akin to a digital immune system, ready to tackle a multitude of afflictions. An anomaly detection system might catch unusual account behavior, while an NLP filter flags a related phishing email – together giving a fuller picture of an attack in progress. This intelligent automation amplifies human analysts’ effectiveness, allowing them to focus on verified threats and complex investigations rather than sifting through noise.
Looking Towards a Future of Cyber Resilience
We’re entering a new era in banking security. One where artificial intelligence and generative-AI doesn’t just assist, but actively drives how banks detect, prevent, and respond to threats. The emerging champions won’t be those with the biggest budgets, but those with the clearest strategy, and those who understand that AI is both a weapon and a shield in the modern cybersecurity landscape. One that must be deployed correctly to protect institutions and customers.
When implemented wisely, AI can dramatically boost a bank’s ability to prevent breaches, detect fraud in real time, and operate securely at scale – all essential for maintaining customer trust. At the same time, banks must remain vigilant: as attackers innovate with AI, defensive strategies must keep adapting, and governance must ensure ethical, compliant use of artificial intelligence.
So, here’s a question worth asking at the next board meeting is, are we using AI to its full potential, not just to defend our systems, but to build customer trust, support innovation, and lead the market in resilience?
Qashio, the UAE’s leading spend management platform, has partnered with NEXA AI Lab, the AI division of NEXA, one of MENA’s leading digital growth agencies, to help accelerate AI adoption across finance teams in the UAE through automation and AI-powered financial workflows.
As part of the partnership, Qashio and NEXA AI Lab will work together to support businesses in adopting AI tools that improve spend visibility, streamline manual processes, and make finance operations more efficient. The partnership will also include a free AI audit to help finance teams identify where AI can deliver immediate operational value and support broader adoption across the business. Both companies say the initiative is designed to move businesses from AI awareness to implementation, in line with the UAE’s national AI strategy targeting full public sector AI integration by 2031.
Amit Vyas, CEO of NEXA, comments: “AI delivers value when it is embedded directly into day-to-day workflows, rather than treated as a standalone concept. Finance is one of the clearest areas where this shift is already taking place, with businesses under increasing pressure to improve real-time decision-making. Through our partnership with Qashio, our goal is to help organisations identify where AI can be applied in practical, high-impact ways across financial operations.”
Armin Moradi, CEO of Qashio, said: “A global industry survey shows that 81% of financial institutions expect AI to be embedded in their core operations by 2030, and the UAE is one of the fastest-growing AI markets globally, setting a new baseline for competitiveness across the private sector. Our partnership with NEXA AI Lab is built to help close the gap between AI adoption plans and real execution, enabling enterprises and SMEs in the UAE to compete with the best in the world.”
Qashio has already integrated AI into its own financial workflows through features such as AI-powered receipt capture, which automatically extracts key information, including TRN, vendor names, and transaction data. The technology helps finance teams reduce manual data entry, save more than 4 hours each week, and maintain cleaner, more reliable financial records.
NEXA brings deep expertise in digital transformation and AI implementation across industries. Together, the two companies are focused on making AI accessible and measurable for businesses in the UAE. Both companies are already using tools like ConvoAI to improve access to data and provide instant support outside of working hours. Qashio is already leveraging NEXA AI Lab’s product offering. This reflects a broader shift towards always-on, AI-enabled operations.
Financial
Standard Chartered Supports Pakistan’s First Panda Bond Issuance in Chinese Interbank Market
Pakistan has successfully completed its inaugural Panda bond issuance in China’s interbank bond market, raising RMB 1.75 billion through a three-year transaction that marks the country’s first direct entry into China’s capital markets.
Standard Chartered (China) Ltd. Co acted as the only foreign bank serving as joint lead underwriter and joint book runner for the transaction, supporting Pakistan in broadening its international financing channels while strengthening financial connectivity between regional capital markets.
The issuance received strong support from multilateral development institutions, including the Asian Infrastructure Investment Bank (AIIB) and the Asian Development Bank (ADB), which together guaranteed 95 per cent of the bond’s principal and interest payments. The structure helped attract significant demand from Chinese banks, securities houses, and international financial institutions.
The transaction was reportedly more than five times oversubscribed, allowing Pakistan to price the bond at 2.50 per cent, the tightest end of the indicated pricing range.
Salman Ansari, Global Head, Capital Markets, Standard Chartered, described the issuance as a strategically important transaction that expands Pakistan’s access to global liquidity pools while demonstrating the growing relevance of regional capital markets within the international funding landscape.
The transaction also reflects the broader evolution of the Renminbi within global financial markets, as China continues expanding the role of its currency beyond trade settlement into cross-border financing and sovereign funding structures.
Jerry Zhang, Global Head of Banks & Broker Dealers and Head of Coverage, Greater China and North Asia at Standard Chartered, said the transaction highlighted the bank’s role in connecting international issuers with China’s domestic capital markets while also reflecting the continued internationalisation of the Renminbi.
The Panda bond market has increasingly attracted a wider range of sovereign, supranational, and institutional issuers in recent years as regional economies explore diversified funding channels and deeper access to Chinese liquidity pools.
By Nazneen Abbas, Founder, Ma’an
Families with wealth across borders are already used to complexity. They live with different legal systems, different inheritance regimes, and different tax realities, often all at once. That part is not new. What has changed is the speed at which the environment around those structures is moving. The geopolitical backdrop is no longer something families can treat as distant noise. It is beginning to alter the conditions in which wealth is held, transferred, and protected.
That is becoming visible in the questions families are now asking. Across the GCC, many who already have Wills, trusts, foundations, and succession structures in place are no longer asking whether they have planned. They are asking whether what they put in place still holds. The conversation is shifting away from documents and toward durability, resilience, and relevance over time.
The issue is not complexity, it is movement
Cross-border planning has always required care. What feels different now is the sense that the regulatory environment may be entering a period of faster movement. Tax agreements that were once taken as given could come under review. Reporting standards may tighten further. Frameworks in some jurisdictions may no longer offer the same level of certainty that families have relied on.
That does not automatically make an existing plan ineffective. It does mean the assumptions on which it was built may no longer be fully reliable. A structure that made sense five or seven years ago may still be valid on paper, but it may now interact differently with another jurisdiction’s rules. That difference is where risk begins to accumulate.
Many families are not dealing with poor planning. They are dealing with planning built for a slower-moving environment. A framework can be professionally drafted and entirely appropriate for its time, yet still require review because the conditions around it have changed. The gap, in many cases, is one of timing rather than quality.
Families do not experience risk as corporations do
Public discussion around geopolitical risk is usually framed in corporate language – market access, supply chains, revenue exposure. But geopolitical literacy is no longer just a corporate issue.
The same forces that alter corporate decision-making also alter the legal and tax environment in which private wealth sits. The difference is that families encounter those forces at far more personal moments. A business responds through compliance and restructuring. A family may discover, during a bereavement or a generational transition, that a structure meant to preserve stability is now sitting between conflicting legal systems or newly expanded obligations. The cost of outdated planning is rarely just technical. It is emotional, and it often surfaces when a family is least equipped to navigate it.
What a meaningful review actually covers
Families and family offices in the GCC with assets or obligations across multiple jurisdictions need to review their planning as a connected system. The question is not whether the Will is signed or the foundation properly established. It is whether those elements continue to work together under current conditions.
Do existing Wills still align with the succession laws of each jurisdiction involved? Do trust or foundation structures still operate as intended alongside local inheritance frameworks, reporting obligations, and tax treatment? The review also needs to reach instruments often created with care and then left untouched. Private Placement Life Insurance (PPLI), for example, may still be appropriate, but its treatment can vary depending on where the family is resident, where beneficiaries sit, and how international agreements evolve. Dynasty Trusts and Irrevocable Life Insurance Trusts (ILITs), especially when governed by US law, deserve renewed scrutiny where family circumstances or legal interpretation have materially changed.
This is not about alarm. It is about alignment. Cross-border structures fail less often because a single instrument is flawed, and more often because the instruments stop speaking to one another.
The plan may hold. Does it still fit?
A plan can remain legally intact and still fall behind. Families change. Children grow up. New dependents enter the picture. Businesses expand into new jurisdictions. Property is acquired in places never part of the original conversation.
If a structure no longer reflects the family’s wishes, responsibilities, or values, it is no longer doing its full job. The real test is not whether it remains untouched, but whether it continues to reflect the life it is meant to support. That matters especially in this region, where families operate across borders almost by default.
The strongest plans are not always the most elaborate. They are the ones revisited honestly and adjusted before pressure forces the issue. Families often treat estate planning as something to complete and put away, which is understandable.
Cross-border wealth planning across jurisdictions cannot remain static. It requires ongoing stewardship. Families that pause to review their structures now are doing what good planning has always required: ensuring the framework continues to reflect not just the world it operates in, but the family it is there to serve.
A Flavour-Packed International Burger Week at List Bar
THE GCC IS SHAPING DEPLOYMENT OF MOBILITY TECHNOLOGY AT SCALE
FROM FARM TO SHELF: THE CASE FOR SOURCING CLOSER TO HOME
-
News11 years ago
SENDQUICK (TALARIAX) INTRODUCES SQOOPE – THE BREAKTHROUGH IN MOBILE MESSAGING
-
Tech News2 years agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
Trending7 months agoOPPO A6 Pro 5G Review: Reliable Daily Driver
-
VAR1 year agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Tech Interviews2 years ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Automotive2 years agoAGMC Launches the RIDDARA RD6 High Performance Fully Electric 4×4 Pickup
-
Tech News10 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
VAR2 years agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms