Dubai RWA regulation full analysis: from license application to sandbox implementation, a comprehensive guide to virtual asset compliance

Important definitions in this article

The definition of RWA in the official ARVA document is: RWA - in respect of any Virtual Asset, any type or combination of:

(a) interest in any financial instrument, scheme or arrangement;

(b) physical and/or tangible asset; or

(c) intangible asset, rights or interest, other than—

i. the Virtual Asset itself; or

ii. items that exist in digital form only.

VASP - Virtual Asset Service Provider

VARA - Dubai Virtual Assets Regulatory Authority

ARVA - Asset-Referenced Virtual Assets

1. Virtual asset regulatory landscape and core institutions

1. Leading regulatory body

• Dubai Virtual Asset Regulatory Authority (VARA): Established in March 2022, it is the regulatory body responsible for overseeing Dubai's cryptocurrency laws. It will oversee the issuance, provision and disclosure of virtual assets and NFTs, and work with other federal agencies, including the UAE Central Bank, to develop ethical codes, general policies and strategic plans.
• Dubai Financial Services Authority (DFSA): is the regulator of the Dubai International Financial Centre (DIFC). The DFSA crypto token regime came into effect on November 1, 2022, providing comprehensive requirements designed to protect users and potential users of financial services related to crypto tokens.

The specific license types and business scopes involved by the two regulatory agencies are as follows:

2. Regulatory framework

VARA Framework:

• Laws and Regulations: Laws, Cabinet Resolutions, Regulations, Executive Orders and Resolutions, Federal AML/CTF Laws
• Rulebooks: Mandatory Rulebooks, VA Activities and Other Rulebooks
• Guidance: 2024 Regulatory Guidelines for Virtual Asset Marketing and Related Activities
• File: Executive Order No. 01/2022, Executive Order No. 02/2022

DFSA Framework

II. VARA Specific Regulatory Requirements

1. Pre-issuance approval by the issuer

1.1 Mandatory Licensing Requirements

ARVA issuance falls under Category 1 VA Issuance (the highest regulatory category), and the issuer must obtain a VA issuance license from VARA.

The VARA license application process can be found at: https://web3caff.com/archives/105077

1.2 Single asset approval

All VASPs licensed by VARA to issue Category 1 VAs must obtain VARA approval prior to issuing each ARVA. VARA may, at its sole discretion, impose conditions on any approval of a VASP to issue an ARVA.

1.3 Reserve Asset Requirements

Sufficient reserve assets must be held to cover the rights and value represented by ARVA;

Reserve assets must be kept by a licensed custodian and be independent of VASP’s own assets;

Reserve assets may not be re-pledged or subject to encumbrances;

Ensure that reserve assets are legally separate from its property and any other virtual asset reserve assets.

2. Information Disclosure Requirements

2.1 White Paper Disclosure

A white paper must be published to disclose relevant content before virtual assets are offered to the public.

In addition to meeting general virtual asset disclosure requirements, ARVA should also meet additional disclosure requirements. Specifically:

The general disclosure mainly includes the following parts:

• Information about the issuer
• Information about virtual assets
• Information about the rights and obligations attached to virtual assets
• Information about the underlying technology
• Information about licensed distributors
• Information about any initial offer of the virtual asset to the public

RWA additional disclosure requirements mainly include the following:

• ARVA Values, Rights and Value Preservation Policy
• Reference asset types and composition, selection criteria, variability, ownership linkage, stable anchoring, legal compliance and risks
• Existence, types and composition of reserve assets, selection criteria, variability and investment policy
• ARVA supply management, including creation and destruction, impact on reserves
• Holder redemption rights, including redemption details, rules, procedures and time limits
• Asset custody, including custodial arrangements, liquidity guarantees, etc.
• Risk management, including risk assessment, risk control measures, etc.

2.2 Continuous Disclosure Requirements

Should disclose on its website, at least monthly and in a clear, accurate and transparent manner:

• The amount and value of ARVA in public circulation;
• The value and composition of reserve assets (if applicable).

Confirm a statement confirming whether ARVA is fully backed by sufficient reserve assets at the time of disclosure.

3. Capital requirements

A VASP licensed to issue ARVA must at all times maintain paid-in capital at least equal to the higher of:

• AED 1,500,000 (equivalent to approximately CNY 2,925,000);
• 2% of the average market value of reserve assets over the past 24 months.

4. Legal requirements for transfer of ownership

Where the ARVA represents direct ownership of the RWA, the issuer must ensure that:

• The ownership is legally established, and the RWA ownership is transferred simultaneously when the token is transferred;
• Comply with legal settlement requirements for RWA transactions.

5. Redemption Mechanism Requirements

Holders must be allowed to redeem in AED or other equivalent value disclosed in the white paper;

Redemption requests are processed within a reasonable time frame and are free of charge.

6. Auditing and reporting

A VASP licensed to issue VARA shall appoint an independent third-party auditor and promptly notify VARA of the auditor’s full name and contact information upon appointment;

Senior management of a VASP that holds a license to issue ARVA shall submit to VARA a certification of the accuracy of each independent audit as soon as practicable after completion;

Independent audits of ARVA in circulation and reserve assets are conducted every 6 months.

7. Multiple rules to follow

Issuers must also comply with the requirements of the four core rulebooks:

• Company Rulebook
• Compliance and Risk Management Rulebook
• Technology and Information Rulebook
• Market Conduct Rulebook

III. DFSA Regulatory Updates

DFSA's Tokenisation Regulatory Sandbox The Dubai Financial Services Authority (DFSA) officially released the "Tokenisation Regulatory Sandbox Guidelines" on March 17, 2025. The release of this guideline marks that Dubai will incorporate RWA tokenization into the mainstream financial regulatory system, which provides a low-threshold, high-definition, full-chain compliance path for global projects.

The sandbox program participation process is divided into two stages and four core steps, as follows:

• Phase 1: Submit an Expression of Interest

Eligibility: Companies must be engaged in tokenization business (issuing/trading/holding/settling RWA, stocks, bonds, etc.), excluding cryptocurrencies and stablecoins; existing DFSA licensed institutions can expand their business.

Application materials and time: Submit your letter of intent at no charge. The application window is from March 17, 2025 to April 24, 2025 (if you are late, you will need to wait for the next round).

DFSA assessment: preliminary review of business compliance (whether it falls within the scope of DIFC license). After passing, arrange a meeting to discuss the details of the business model.

• Phase 2: ITL Tokenisation Cohort

A DFSA license is required to enter the ITL Tokenisation cohort and interested firms must apply for and complete the authorisation process to join the scheme.

ITL Pre-Application Form link: https://services.dfsa.ae/make-anenquiry/innovation-and-testing-license/

The specific flow chart is as follows:

4. Dubai Real Estate RWA Case