The relationship between the lawyers and compliance team who draft the rules and the tech companies that develop the tools to comply with them is becoming increasingly collaborative. Given the evolving laws and regulatory landscape, this initiative was necessary to drive a meaningful change.
For years, the formula was simple. A fintech or crypto firm would hire a legal consultant to draft a comprehensive compliance manual. The firm would appoint a Compliance Officer, file the manual with the regulator, and consider the job done.
That world is gone.
According to legal professionals, that approach no longer cuts it. Regulators globally, and particularly in the UAE, have shifted their focus from documented policies to operational compliance.
A good example of this shift is the recent tie-up between Finjuris, a legal advisory firm guiding the future of digital finance, virtual asset regulation, global compliance frameworks, and strategic licensing, and Sumsub, a major player in identity verification and compliance tech. On the surface, it’s just another press release about a partnership. But it actually tells a lot about where the whole fintech and crypto regulatory scene is headed, not just globally, but right here in the UAE.
The Regulator Doesn’t Want Your Manual
The core problem is that modern financial crime is dynamic, while a policy document is not.
“Regulated entities today need more than policies on paper. They need practical, auditable compliance solutions that meet supervisory expectations,” explained Adv. P.M. Mishra, International Lawyer & Legal Consultant at Finjuris, when the partnership was announced.
Regulators are no longer satisfied with simply reading about a company’s anti-money laundering (AML) commitments. They want to see the systems in action. Who flagged the last transaction from a high-risk jurisdiction? What software verified the customer’s identity? Can the firm prove that every sanctions alert was reviewed by a human? These are the operational questions driving the new regulatory agenda.
The partnership recognizes that a legal advisor alone cannot build a robust compliance system, and a technology provider alone cannot interpret the complexities of new regulations.
This scrutiny arrives as the compliance landscape grows more complex. In January 2026, the Dubai Financial Services Authority (DFSA) removed its official list of “Recognised Crypto Tokens,” shifting the onus onto firms within the DIFC to conduct their own rigorous assessments. Concurrently, Dubai’s Virtual Assets Regulatory Authority (VARA) has mandated Enhanced Due Diligence (EDD) for all customers and transactions linked to jurisdictions flagged by the FATF.
Bridging the Advisory-Tech Gap
The partnership is structured to offer businesses a two-pronged approach that was previously difficult to source from a single entity.
On one side, Finjuris builds the legal architecture—designing and implementing compliance frameworks that are not only rigorous but specifically tailored to the exacting requirements of the regulator and as per the client’s operational model.
On the other hand, Sumsub powers the operational engine: the identity verification (KYC) systems that vet customers in real time, the transaction-monitoring tools that scan for suspicious activity across thousands of data points, and the sanctions-screening protocols that flag high-risk entities before a relationship begins.
Together, they ensure that the legal framework is not just a document on a shelf, but a living, breathing system embedded into the daily workflow of the business—giving regulators the proof they demand and giving the company the protection it needs.
Compliance as a Competitive Edge
“In the modern financial landscape, compliance is no longer a burdensome cost center; it is a strategic asset for sustainable growth. As Ilya Brovin, Chief Growth Officer at Sumsub, recently noted, financial institutions are at an inflection point where smarter compliance infrastructure is essential to navigate rising regulatory strain.
Recent industry data highlights the scale of the challenge. According to Sumsub’s 2025 Crypto Industry Report, fraud across the crypto sector increased by 48% last year, with document forgery emerging as one of the most common attack vectors. At the same time, market activity continues to grow rapidly. Platform traffic rose by roughly 20% during major market events, creating both significant opportunities and new vulnerabilities.
Companies that responded by strengthening their compliance frameworks have already seen measurable benefits. Trust is the ultimate currency in digital finance, and compliance is its foundation.
Companies need systems that work in practice, and that’s exactly what Finjuris and Sumsub deliver together. With years of experience guiding virtual asset businesses, Finjuris provides regulatory strategy, AML/CFT frameworks, licensing guidance, and hands-on advisory to ensure policies are not just written, but fully implemented. Sumsub brings the technology to make those policies operational.
The combination of Finjuris’ legal guidance and Sumsub’s technology makes compliance a valuable, operational asset rather than just a paperwork exercise.
The Rise of the AI Agent
For companies operating in the UAE’s ambitious digital finance hubs, the message is becoming clear. As regulators refine their frameworks and introduce new laws—such as the recent Federal Decree-Law No. 6 of 2025,compliance can no longer live solely in a document.
The future, as partnerships like Finjuris and Sumsub, lies in embedding the law into the code.
Frequently Asked Questions (FAQ)
What exactly is the partnership between Finjuris and Sumsub?
It’s a strategic collaboration designed to offer businesses a combined service. Finjuris provides the legal and regulatory advisory—helping firms structure their compliance frameworks and prepare for licensing. Sumsub provides the technology—the identity verification, transaction monitoring, and AML tools needed to implement those frameworks in daily operations . The goal is to bridge the gap between policy and practice.
Why is this type of partnership becoming more common?
Because regulators no longer accept compliance on paper alone. They want to see “operational compliance”—how systems actually work, who reviews alerts, and how data is managed. A legal advisor alone can’t build the software, and a tech vendor alone can’t interpret the regulations. The market is demanding integrated solutions.
How does this apply to the UAE market specifically?
The UAE has a complex, multi-layered regulatory environment with authorities like VARA, the DFSA, and the new Central Bank law, all setting high standards . Regulators here expect firms to have both strong governance and robust technological systems. A partnership like this helps companies navigate the specific requirements of the DIFC, ADGM, or mainland more efficiently.
What is “operational compliance”?
It’s the shift from having a written policy to being able to demonstrate that the policy is working. It means having an audit trail showing that every customer was verified according to procedure, every transaction was monitored, and every risk alert was reviewed and acted upon. It’s compliance as a living system, not a static document.
What kind of technology does Sumsub provide?
Sumsub provides a verification platform that includes identity verification (KYC), business verification (KYB), transaction monitoring, sanctions screening, and fraud prevention tools. They are also developing advanced products like AI Agent Verification to handle emerging risks .
How does this help with getting a license?
When applying for a license with a regulator like VARA or the DFSA, you need to prove your entire compliance program is effective. With this partnership, a firm can have Finjuris help structure the application and design the policies, while using Sumsub’s technology to demonstrate that the operational controls are already in place and tested. It presents a much stronger case to the regulator.
Is this only for big corporations, or can startups benefit too?
Startups are a primary beneficiary. Young fintech and digital asset firms often don’t have the in-house expertise to build a compliance program from scratch. This type of integrated solution gives them access to top-tier legal advice and enterprise-grade technology without having to build it themselves.
What is AI Agent Verification, and why does it matter?
It’s a new tool that links automated actions performed by an AI agent back to a verified human user . As AI agents become more common in finance, regulators and companies need to know who is accountable for the agent’s actions. This technology ensures that a human is always responsible, preventing anonymous automation and fraud.
How have UAE regulations recently changed to impact compliance?
Significant changes include the DFSA removing its pre-approved crypto token list (placing the onus on firms to vet tokens) and VARA mandating Enhanced Due Diligence for high-risk jurisdictions. The new Central Bank Law also expands oversight to tech providers and introduces massive fines for non-compliance. This raises the bar for everyone.
Can strong compliance really be a competitive advantage?
Absolutely. In the digital asset space, trust is a currency. Firms that can demonstrate a mature, effective compliance program find it easier to secure banking partners, attract institutional investors, and build customer confidence. It transforms compliance from a cost center into a business enabler
