Case Study: Securing the First Virtual Asset Platform Operator License Under the SCA

Introduction

Our client is a virtual asset exchange (“Client”) who engaged us to assist in obtaining a virtual asset service provider (“VASP“) license from the Securities and Commodities Authority (“SCA”) of the United Arab Emirates (“UAE“). This was the first application of its kind under the SCA’s virtual asset regulatory framework, meaning there was no established precedent to follow. Our role was to strategically navigate and guide the Client through this regulatory landscape, ensuring compliance with all applicable laws while engaging directly with the regulator to clarify requirements.  

By securing the No-Objection Certificate (“NOC”) for Client and preparing the full licensing application, we helped establish a clear path for future applicants seeking an SCA virtual asset license. This case study outlines the licensing process and the steps we took to navigate it successfully. 

Why the UAE? 

The Client selected the UAE as its regulatory jurisdiction due to its progressive approach to virtual asset regulation and commitment to fostering a secure and well-regulated financial ecosystem. The SCA is a well-established, reputed and sophisticated financial regulator, offering a strong compliance framework for virtual asset businesses. By operating under the oversight of the SCA, the Client sought to ensure regulatory certainty while benefiting from the UAE’s position as a global hub for virtual asset innovation.  

Understanding the SCA Licensing Process

The SCA’s licensing process for VASPs consists of two key phases:

1. No-Objection Certificate (“NOC”) Phase – The applicant company must first obtain an initial approval from the SCA. 
2. Full Licensing Application – Once the NOC is granted, the company must submit a comprehensive licensing application, including operational policies, compliance statements, and third-party documents.  

Since this was the first application under the SCA’s framework, we engaged in ongoing discussions with the regulator at every step to ensure that all regulatory requirements were properly addressed. The following sections outline our steps to successfully guide the Client through both phases.  

Phase 1: NOC Approval

The first step in the SCA’s licensing process required applying for initial approval, allowing the Client to add virtual asset services to the activities it is permitted to undertake in the UAE. The application required detailed information about the company, its operations, and its governance structure.  

• Company Information – The SCA required details on the Client.  
• Business Activities – The application had to include a comprehensive breakdown of the virtual asset services the Client intended to offer, its target market, and the technical systems supporting these activities.  
• Attachments – Several supporting documents had to be submitted.  

Our Approach to the NOC Phase

We worked closely with the Client to ensure that all documentation met the SCA’s regulatory standards.

• Business Plan – We drafted a business plan that adhered to the SCA’s prescribed structure, ensuring that all financial and operational details were properly addressed.  

• Regulatory Declarations – We assisted in preparing the required statements and declarations by providing structured templates to the Client and ensuring that all necessary details were included.  

• KYC & Compliance Documentation – We coordinated the collection and submission of all KYC and compliance documents, ensuring they met SCA requirements.

• Regulatory Submission & Engagement – We submitted the full NOC application through the SCA’s licensing portal and maintained active communication with the regulator to provide additional clarifications.  

After the submission, the SCA takes approximately three weeks to review the NOC application. During this period, we responded to follow-up queries and clarifications in coordination with the Client, ensuring a smooth approval process. The NOC was successfully obtained, allowing the Client to proceed to the full licensing phase.  

Phase 2: Full Licensing Application 

Simultaneously with the NOC application, we began to prepare the full licensing application, which required a significantly broader set of documents. The SCA’s virtual asset framework aligns closely with its securities laws, requiring a highly structured and compliance-driven approach.  

Our Approach to the Full Licensing Application

• Regulatory Analysis & Documentation Planning

To ensure full compliance, we conducted a thorough review of the SCA’s regulations governing VASPs. We then compiled a detailed document checklist, organising all of the requirements into three main categories: policies, statements, and third-party documents.

• Development & Localisation of Policies

We ensured that all policies aligned with SCA regulations and adapted to the Client’s internal business operations. We facilitated real-time collaboration through a shared document review system, allowing the Client to provide input directly to enable live feedback and policy revision.

The key policies we prepared included:  

• Compliance Manual
• Governance Manual
• IT Governance and Cybersecurity Policy
• Anti-Money Laundering and Countering Financing of Terrorism Policy
• Risk Management Policy
• Business Continuity and Disaster Recovery Plan
• IT Security Incident Management Policy
• Anti-Bribery and Corruption Policy

• Preparation of Statements

We drafted regulatory statements that detailed the operational processes and key systems and controls of the Client, including but not limited to:  

• Software & Technical Systems
• Tax Reporting Obligations
• Security & Incident Management
• Clearing & Settlement Processes
• Insurance Arrangements

• Third-Party Engagement

We facilitated introductions with auditors, insurance providers, and other service providers to secure required documentation and meet all regulatory requirements.

• Final Application Preparation

We completed the full licensing application, integrating all regulatory, operational, and financial information from the relevant policies and statements.

Key Challenges and Insights from the Process

1. Aligning with the SCA’s Virtual Asset Framework – The SCA’s virtual asset licensing regulations are closely modelled on UAE securities laws, requiring a detailed legal and compliance assessment to ensure alignment.  
2. Regulatory Engagement in a Developing Framework – As the first applicant, we worked in close consultation with the SCA, ensuring proactive discussions on licensing expectations so that all the documentation met these expectations.  
3. Long-Term Value – The SCA took a case-by-case approach to this application, allowing us to advocate for the Client and provide input into how virtual asset applications are assessed in practice.

The SCA’s licensing framework is now open to new applicants, signalling a significant milestone in the UAE’s regulatory landscape. Since publishing its guidelines for VASPs (we have written about them in a separate piece), the SCA has continued refining its application review process, providing greater regulatory clarity for future applicants.

Conclusion

Successfully obtaining a first-of-its-kind regulatory approval requires deep regulatory expertise, structured planning, and active engagement with regulators. By securing the first NOC from SCA for a virtual asset exchange in the UAE, we have established a clear pathway for future SCA applicants and set a regulatory precedent. The Client is positioned for full licensing while ensuring ongoing compliance with UAE virtual asset regulations. With the experience of navigating the first virtual asset licensing application under the SCA, we have reinforced our leadership in securing first-time approvals for virtual asset businesses.