AI for regulated industries in the UAE.
Steinn Labs builds AI products and systems for regulated industries in the UAE, including fintech, healthcare, banking, and insurance, where AI adoption is constrained by regulators like the DFSA, CBUAE, and DHA. Our work spans DIFC-regulated fintechs, healthcare AI systems, and compliance-grade product engineering across the region.
Regulated buyers need a different kind of AI partner.
Generic AI vendors optimise for speed and features. Regulated buyers need audit trails, explainability, and human oversight designed into the system, not bolted on before a review.
We work across the regulatory bodies that actually shape AI adoption in the region: the DFSA in DIFC, the ADGM-FSRA in Abu Dhabi Global Market, the Central Bank of the UAE, and the health authorities including DHA, DOH, and MOHAP. Our engineering choices, from validation layers to inference logging, come directly from what those regulators expect to see when they review a live system.
Fintech
AI systems for DIFC and ADGM-regulated fintechs. Reg 10 alignment, Autonomous Systems Officer support, model risk controls, and audit-ready inference pipelines built into the product from day one.
Healthcare
Clinical AI copilots, doctor-facing decision support, and patient-safety-grade workflows. We have shipped in production for regulated healthcare in the region and design for clinician oversight from the first line of code.
Banking
Transaction monitoring, fraud detection, and AI governance for onshore banks under CBUAE supervision. Deterministic evaluation, drift monitoring, and full inference logging for internal audit and examiners.
Insurance
Underwriting AI, claims automation, and customer-facing agents built to survive review by the Central Bank of the UAE and DFSA. Explainability, human sign-off, and compliance-grade audit trails as first-class features.
Regulatory fluency built from shipped work.
Our understanding of what regulators want to see is not theoretical. It comes from production systems live in more than one vertical, reviewed by the compliance and risk teams inside our clients before going anywhere near an examiner.
One capability, applied across regulators.
Self-hosted architecture
Systems run inside the client environment, with data residency in the UAE where the regulator or the buyer requires it.
Validation and audit trails
Every material decision is logged, versioned, and reviewable, so an internal audit or an examiner can trace exactly what the system did and why.
Human-in-the-loop by design
Sign-off points, override mechanisms, and reviewer workflows are part of the product, not an afterthought bolted on before compliance review.
DIFC incorporation
Steinn Labs is incorporated in DIFC, which gives regulated clients in the region a familiar contracting and accountability posture.
Which industries require AI governance in the UAE?+
In the UAE, AI governance is a live requirement across financial services (DFSA in DIFC, ADGM-FSRA in ADGM, and CBUAE onshore), healthcare (DHA in Dubai, DOH in Abu Dhabi, MOHAP federally), and insurance (Central Bank of the UAE). Any regulated entity deploying AI in customer-facing, risk-bearing, or clinical decisions is expected to demonstrate accountability, human oversight, and auditability of the system.
Does DFSA Regulation 10 apply to all fintechs in DIFC?+
DFSA Regulation 10 (the AI framework) applies to Authorised Firms in DIFC that build, deploy, or materially rely on AI systems in the conduct of regulated activities. Even firms in the Innovation Testing Licence pathway are expected to align to the same principles. If your fintech makes automated decisions, uses agentic systems, or offloads material judgement to a model, Reg 10 is in scope.
What AI regulations apply to healthcare providers in the UAE?+
Healthcare AI is governed by the health authority the provider is licensed under: DHA in Dubai, DOH in Abu Dhabi, or MOHAP federally. Clinical AI systems, doctor-facing copilots, and patient-triage tools must meet standards around clinician oversight, patient safety, data residency, and, for facilities handling identifiable patient data, alignment with UAE health data protection laws.
Can AI be used for regulated financial services in the UAE?+
Yes. Regulated firms in DIFC, ADGM, and onshore UAE can deploy AI for regulated activities, but the AI system itself becomes part of the compliance surface. This means documented model risk controls, human-in-the-loop checkpoints, audit trails, and, under DFSA Reg 10, an Autonomous Systems Officer accountable for the system's behaviour.
What UAE regulators oversee AI in banking and insurance?+
The Central Bank of the UAE (CBUAE) supervises AI use in onshore banking, payments, and insurance. DFSA and ADGM-FSRA cover firms in DIFC and ADGM respectively. In practice, banks and insurers face expectations around model governance, fraud and AML surveillance quality, explainability of automated decisions, and consumer protection.
Not sure which applies to you?
Send us a short note about what you are building and who regulates you. We will tell you straight whether it is something we should be working on together.
Talk to us →
