Have a question? +971 56 404 0503
Financial
AI-Driven Cybersecurity in MENA Banking: Why It’s Time to Rethink Our Defenses
By Omar Mansur, Managing Director – APAC, Codebase Technologies
In an age where digital transformation is moving faster than ever, banks around the Middle East and North Africa (MENA) are forced to confront a growing and increasingly evolving threat: cybercrime and fraud. It’s not just about an increase in the number of incidents; it’s about smarter threats. Nefarious agents are utilizing more complex methods such as leveraging artificial intelligence (AI) to outsmart traditional IT security systems, using everything from deepfake-powered scams to AI-generated phishing campaigns along with social engineering strategies.
In the UAE alone, about 21% of cybersecurity incidents in recent years targeted banks and financial institutions, second only to government entities (Lemos, 2025). With costly breaches on the rise cybersecurity has become a top board-level concern. However globally, 71% of leaders report that small organizations can no longer adequately secure themselves against the growing complexity of cyber risks (WEF, 2025). It’s a high-stakes game and I have personally seen how AI and cybersecurity has taken the spotlight in board meetings and discussion with clients from across the GCC and Levant regions.
This urgency has forced MENA banks to explore AI-driven security solutions that can match the speed and complexity of modern threats, protecting both their customers and their bottom line. The conversation is no longer “if” we need AI-driven defenses—it’s how quickly we can deploy them, and how can we optimize them to adapt to the ever-changing tactics of nefarious agents
Where We Stand
It wasn’t that long ago that Gen AI in banking was mostly used to train and create chatbots for customer support, but this is changing quickly. In the UAE, over 70% of banks have rolled out or upgraded their AI capabilities, and not just to streamline operations, but to actively combat cybercrime (PwC, 2023). Across multiple projects I have seen an overarching focus on AI being incorporated into all manner of digital solutions, particularly in the MENA region where cyber fraud has become a prevalent issue affecting credibility and customer confidence.
The push is being led by both necessity and ambition. Saudi Arabia and the GCC states are investing heavily in national digital strategies, and banks are stepping up with AI systems to detect fraud, verify identities, and stay ahead of financial crime. As many countries in the Middle East position themselves as financial and fintech hubs, ensuring security for customers and institutions is a prime concern in garnering not only customer confidence but regional credibility. That’s pushed regional cybersecurity budgets to grow by double digits, with MENA’s total spend expected to exceed $3.3 billion in 2025, driven by Gen-AI, cloud adoption, talent gaps, and evolving threats (Gartner, 2024).
A True Strategic Advantage or Just a Security Upgrade?
Artificial intelligence isn’t just helping plug holes in defenses, it’s defining the rules for how security is built into every layer of operations. Integrating AI into banking operations gives banks a real edge in regions where speed really matters. Having worked with several banks across the region, I’ve seen firsthand how traditional security models are starting to break under the weight of elaborate AI based threats.
For banks in the MENA region, where rapid digitalization coincides with heightened cyber threats, adopting AI-driven systems enhances operational resilience, reduces financial losses due to fraud, and boosts customer trust. AI not only fortifies security frameworks, it also fosters innovation, empowering banks to confidently pursue new digital business models and expansion opportunities.
AI defenses monitor account activity 24/7 and can react in seconds to anomalies, reducing the window of time attackers can exploit. AI-based user behavior analytics can spot an account takeover attempt at the moment it diverges from normal patterns and automatically disable the account, preventing fraud before it escalates. Early-adopting banks in the UAE report that AI systems have sharply reduced successful fraud incidents and enabled rapid intervention in potential cyber attacks.
AI isn’t just a nice to have security upgrade, it’s a question of survival.
How are Banks Using AI for Cyber Security
A simple example of successful AI usage in a cybersecurity context is during a next-gen digital onboarding process. With many regulators now strong encouraging or mandating digital onboarding, banks have been able to benefit from using AI-powered systems to prevent fraud before it has a chance to run rampant. Next gen AI-powered onboarding and eKYC minimizes friction for customers looking to open accounts, while providing a secure backend environment to recude the risks for attacks. Such solutions utilize a variety of AI enabled features such as next-gen biometrics, deep ID document validation, Arabic language detection, glare reduction in ID photos, all ensuring a secure authentication and verification of a new customer. An example of this application can be the digital onboarding process implemented by UAE-based Ajman Bank, which has registered a significant reduction in fraud attempts after implementing an AI-based digital onboarding system as part of its digital transformation.
Another strategy for catching instances of fraud is by using AI for anomaly detection. A machine learning model can study what “normal” looks like, in terms of user behavior, transaction patterns, system activity; and flag anything that stands out. This allows banks to see unusual patterns – e.g. a late-night login or peculiar fund transfers, which would evade static rule-based systems. Unsupervised algorithms (like isolation forests or one-class SVMs) and neural network autoencoders sift through vast streams of events to pinpoint such outliers. Such strategies, can be deployed to facilitate analysis over large numbers of accounts, which can then be flagged to a human for additional intervention and review.
This tactic can work hand in hand with automating routine security tasks with AI, making cybersecurity operations more efficient. This not only addresses the talent shortage by doing more with less, but also lowers costs associated with manual monitoring and investigation. AI-based security solutions have been shown to improve incident response times and cut costs by reducing trivial alerts and speeding up analysis. Banks in MENA benefit by reallocating human experts to higher-value activities like threat hunting and fortifying security architecture, while letting AI handle the heavy lifting of round-the-clock surveillance.
Neural networks can analyze huge volumes of transactional data, cross-referencing dozens of variables to catch fraud in ways that traditional systems simply can’t. Banks train neural networks on historical transactions to recognize subtle indicators of fraud that humans might miss. An ensemble of decision trees (random forests) or a deep neural network can analyze dozens of features (transaction size, timing, location, device, user profile) to instantly assess whether a transaction is suspicious. These models adapt as fraud tactics evolve, improving over time. Similarly, neural networks in intrusion detection systems learn to spot network traffic behaviors that resemble known cyberattacks. This leads to faster, more accurate threat detection and frees up human analysts for higher-level decision-making.
Phishing remains a prime concern for many banks as targeting customers can be a much simpler way to compromise a system than to go after the bank itself. In fact, in 2024 there was a sharp increase in phishing and social engineering attacks, with 42% of organizations reporting incidents (WEF, 2025). To mitigate such threats, many cyber security experts are turning to Natural Language Processing or NLP, which has become a dynamic way in recent years that helps banks detect malicious intent in emails, texts, and even chat messages. NLP enables AI to “read” and analyze text for signs of fraud or attack. An NLP-driven system can scan incoming emails to employees and flag phishing attempts based on language patterns and malicious links. Banks use NLP to monitor chat messages and transaction memos for red flags, like someone soliciting account details. By understanding context in language, AI adds an extra layer of defense to catch social engineering and scam attempts that purely numeric data monitoring might overlook.
By deploying these AI-powered strategies in tandem, banks can create a multi-pronged defense system, akin to a digital immune system, ready to tackle a multitude of afflictions. An anomaly detection system might catch unusual account behavior, while an NLP filter flags a related phishing email – together giving a fuller picture of an attack in progress. This intelligent automation amplifies human analysts’ effectiveness, allowing them to focus on verified threats and complex investigations rather than sifting through noise.
Looking Towards a Future of Cyber Resilience
We’re entering a new era in banking security. One where artificial intelligence and generative-AI doesn’t just assist, but actively drives how banks detect, prevent, and respond to threats. The emerging champions won’t be those with the biggest budgets, but those with the clearest strategy, and those who understand that AI is both a weapon and a shield in the modern cybersecurity landscape. One that must be deployed correctly to protect institutions and customers.
When implemented wisely, AI can dramatically boost a bank’s ability to prevent breaches, detect fraud in real time, and operate securely at scale – all essential for maintaining customer trust. At the same time, banks must remain vigilant: as attackers innovate with AI, defensive strategies must keep adapting, and governance must ensure ethical, compliant use of artificial intelligence.
So, here’s a question worth asking at the next board meeting is, are we using AI to its full potential, not just to defend our systems, but to build customer trust, support innovation, and lead the market in resilience?
Dara Campbell, Senior Executive Officer, Hashgraph Ventures Manager
Venture capital isn’t what it used to be and that’s a good thing. The old playbook of “spray and pray,” waiting a decade for liquidity, and celebrating paper mark-ups is a thing of the past. In 2026, our industry is becoming faster, leaner, more intentional, and, ironically, deeply human.
We are standing at the intersection of the two most powerful technological waves of our generation: digital assets and artificial intelligence. This is not to say that these are the trending sectors for investment, but it is rather that funding the financial and digital infrastructure will define how value moves, how intelligence is deployed, and who ultimately owns the systems we will depend on.
We need to collectively acknowledge that programmable money and machine learning will be the drivers of the next generation of wealth. We are entering into an era where AI will help allocate, transact, and streamline capital in a faster and more efficient and adaptive way.
The most agile founders we see today are building with intent, efficiency, and transparency. They are building solutions in payments, logistics, supply chains, identity, and data ownership using real time AI infrastructure with blockchain rails underneath. When these two levels come together, you unlock productivity and scale in a way the traditional systems still can’t process.
Despite all this advancement, at its core venture capital remains a people-centric business. The biggest edge is access to conviction. When you meet a founder who can articulate why they are building something, not just what they are building, that’s where the signal lies. In my experience, the best investors will be those who can recognize that clarity early, match the founder’s passion, and stay in the trenches long after the initial cheque is written.
This is where the transformation is starting to show. As we move into 2026, we are also entering a new phase of infrastructure and DeFi 2.0. The dull layers – the rails, the protocols, the identity frameworks are becoming the foundation for this shift. From AI agents paying autonomously to real-world assets being tokenized at scale, these systems will underpin the next wave of innovation.
This is where Abu Dhabi is making strides on the global venture landscape. The emirate has rapidly emerged as a serious capital hub because it understands alignment. They are not replicating an ecosystem that’s been done before and has been successful – they are building something from the ground up that works for the region, for the new era of investors who are riding the wave of innovation.
The next generation of investors will be those who can successfully practice agility within the realm of regulation and who can integrate AI without compromising on the power of human instincts. The future of venture capital isn’t about replacing humans with machines; it’s about embedding systems in place where these two elements amplify each other. It’s a delicate balance, but that’s where the outliers are built.
Dhruva, a premier tax advisory firm with deep expertise across the Middle East, India, and Asia, stated that the UAE’s latest amendments to the VAT Law and the Tax Procedures Law, issued by the Federal Tax Authority (FTA) which are effective from 1 January 2026, represent a significant shift toward a more structured, and risk-focused tax environment. These amendments are expected to reinforce responsible compliance behaviors and reduce administrative friction for UAE businesses.
Dhruva noted that one of the most practical and welcoming changes is that it eliminates the requirement for taxpayers to self-issue tax invoices for imports subject to the reverse charge mechanism, which provides a lot of ease to businesses. Post series of amendments and clarifications issued by the FTA in 2025 in relation to self-issuance of tax invoices for imports, while a general exception was granted for such requirement for import of services, the same were required in case of import of goods for record-keeping purposes. This often-added administrative complexity without impacting the actual tax liability or input tax entitlement. Under the updated rules, taxable businesses have removed the obligation entirely, and hence, businesses will only need to maintain standard supporting documentation, such as invoices, contracts, and transaction records.
However, the firm highlighted that while some administrative burdens are being eased, compliance expectations are tightening elsewhere. One of the amendments gives the FTA authority to deny input tax recovery in cases linked to tax evasion – where a taxpayer knew or, critically, should have known, that a supply or its broader supply chain was connected to tax evasion. The law clarifies that taxpayers will be deemed to have been aware if they fail to verify the validity and integrity of the supply in accordance with procedures to be issued by the FTA.
Dhruva explained that historically, the responsibility to account for VAT rested primarily with the supplier, and recipients focused mainly on validating the tax invoice and meeting standard input-tax recovery conditions. In practice, however, the FTA has often linked a recipient’s input-tax eligibility to the supplier’s discharge of output VAT, denying recovery where gaps existed. The latest amendment now formally embeds this position in law, imposing additional due-diligence obligations on the recipient.
Ujjwal Pawra, Partner at Dhruva Consultants, commented, “This is a significant change. It is a clear message that the right to input tax recovery comes with the responsibility to validate the integrity of one’s suppliers and supply chain. Businesses must now demonstrate that they exercised practical, documented, and consistent due diligence. Clean invoices alone are no longer enough; what matters is a clean process.”
While the procedures and conditions are awaited, Dhruva advised that companies reassess onboarding procedures, supplier-vetting protocols, and documentation trails to ensure they align with the FTA’s expected standards.
Another material operational change is the introduction of a defined timeframe to act on credit balances. Under the amended framework, businesses will generally have up to five years from the end of the relevant tax period to request a refund of a credit balance or use that balance to settle tax liabilities, with targeted flexibility in specified cases where credits arise late in the cycle.
Transitional relief is also available for certain older credits around the changeover, which can help businesses address legacy positions in an orderly way. Dhruva said these changes reduce the risk of credits remaining unresolved on the balance sheet, improve cash flow planning, and encourage clearer internal ownership of refund positions.
Ujjwal further added, “The UAE has introduced a more robust operating framework for credit balances and refunds in line with international best practices. The message is simple: know your credits, map the deadlines, and file claims that are clear, complete, consistent, and easy to validate.”
Dhruva advised UAE businesses to act now with a finance-led approach. This starts with building a central credit-balance register by tax type and tax period, assigning an accountable owner, and tracking action dates so credits are either utilised or claimed in time. Businesses should also treat refund submissions as audit-ready files by preparing reconciliations, supporting documents, and a concise explanation of how the credit arose and why the amount is correct before submitting, rather than rebuilding the file after queries begin. In parallel, companies should prioritise older credit positions to assess whether they fall within the transitional relief window and avoid last-minute filings.
The firm also advised businesses to monitor any binding directions issued by the FTA and align their tax positions, documentation, and system settings accordingly to minimize interpretational differences and strengthen consistency over time.
By Srijith KN, Senior Editor
Financial Integrator
StashAway’s journey began when Co-founder and CEO Michele Ferrario found himself frustrated and dissatisfied with the investment landscape marked by high fees and a lack of transparency. By age 35, his corporate career had provided him with substantial savings — yet when he approached his banks to invest in a portfolio of ETFs, he was sold expensive products that didn’t fit his needs.
This frustration inspired him to create a platform that would simplify investing while providing access to sophisticated financial products. In July 2016, he, along with the other two co-founders, came together, and by July 2017, after navigating regulatory requirements, StashAway was launched in Singapore.
“Stash,” as the word suggests—meaning to store something safely for future use—perfectly reflected what he wanted to achieve for himself. Over the past nine years, that personal need has grown into a company of more than 200 professionals, operating across five regions through a single, centralized technology platform.
Today, StashAway stands out as a pioneer in digital wealth management. The company leverages technology and deep investment expertise to offer accessible, low-cost alternatives to traditional wealth management, with a particular focus on private markets. Its approach has resonated with clients and positions the firm to benefit from regional economic growth and an increasingly digitally savvy population.
In the UAE, StashAway operates from the DIFC and has extended its presence to Malaysia, Thailand, and Hong Kong, with a chief investment officer based in Hong Kong overseeing investment strategies.
Democratizing Access to Investments
The company’s core strategy revolves around democratizing access to sophisticated investments. Private markets, which historically deliver higher returns at lower volatility, are central to this approach. By making private market products for a fraction of traditional minimums, StashAway removes the barriers that have long prevented high-net-worth individuals from participating in this fast-growing asset class. The platform also emphasizes transparency, with fees typically 50–75% lower than competitors, avoiding the hidden charges common in conventional wealth management products.
In public markets, StashAway offers an ETF-based, globally diversified portfolio called General Investing. The General Investing portfolio uses a proprietary investment strategy called ERAA (Economic Regime Asset Allocation). They have recently launched Sharia Global Portfolios, offering the same approach in a Sharia-compliant format. These Flexible Portfolios allow customers full control to create their own allocations using ETFs—either by using an existing template or building a portfolio entirely from scratch.
Capitalizing on the UAE Market
The UAE market presents a unique opportunity for StashAway. The region is home to a digitally engaged population with significant underinvested wealth. While 81% of financial wealth in the UAE is investable, nearly half remains in cash, losing value to inflation. StashAway’s platform appeals to a diverse range of clients, from seasoned executives to younger retail investors, aligning perfectly with regional growth initiatives like Dubai 2033, which targets strong GDP growth and population expansion.
A Comprehensive, Client-Focused Approach
What sets StashAway apart is its comprehensive, client-focused approach. Its offerings include globally diversified portfolios, flexible build-your-own options, Sharia-compliant solutions, thematic strategies, and access to private equity, infrastructure, and private credit for accredited investors. The platform’s investment philosophy is long-term, balancing risk and reward according to individual goals, while its high service standards ensure responsive client engagement. And thus far I have been having a frictionless digital experience and went through a quick onboarding process. Client acquisition is primarily driven online, with dedicated advisors for high-net-worth clients under StashAway Reserve. Other users can engage through the app and are supported by StashAway’s responsive client experience team through email, phone call, or WhatsApp.
Shaping the Future of Digital Investing
As the UAE continues to attract global wealth, its wealth management landscape is becoming increasingly digital, with affluent investors seeking alternative investment opportunities. In an industry often criticized for opacity and complexity, StashAway is redefining investing by making it more transparent, accessible, and tailored to the modern investor. By combining advanced technology, strategic insight, and personalized solutions, the company is not just managing wealth—it is shaping the future of digital investing in the UAE and across the region.
_________________________________________________________
The Brief:
StashAway is a digital investment platform that was launched in 2017 to empower people to build and protect wealth in the long term. Offering simple, intelligent, and cost-effective investment and cash management solutions, StashAway has led the way in transforming the way people invest and grow wealth. Today, StashAway operates in five markets, Singapore, Malaysia, Hong Kong, the UAE, and Thailand, with billions of dollars in assets under management. The company was recognised by The World Economic Forum as a Technology Pioneer in 2020 and ranked among CNBC’s World’s Top Fintech Companies in 2023, 2024, and 2025.
From Diaspora Intelligence to AI: Unilever International’s Data Revolution
BAB EL BAHR COMBINES FLAVOR AND FUN FOR THE ULTIMATE SUHOOR THIS RAMADAN
COUNTER CULTURE CAFÉ INTRODUCES LIMITLESS COFFEE OFFER
-
Tech News2 years agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR9 months agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Tech Interviews2 years agoNavigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News6 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
News10 years ago
SENDQUICK (TALARIAX) INTRODUCES SQOOPE – THE BREAKTHROUGH IN MOBILE MESSAGING
-
Tech News2 years agoBrighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
VAR1 year agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms
-
Editorial1 year agoCelebrating UAE National Day: A Legacy of Leadership and Technological Innovation