🏛️1. UAE Insurance Regulatory Framework 2026

The UAE insurance sector underwent a significant regulatory restructuring in 2021 when the Insurance Authority (IA) was merged into the Central Bank of the UAE (CBUAE) under Federal Decree No. 25 of 2020. The CBUAE Insurance Supervision Department now serves as the primary prudential and conduct regulator for all UAE-licensed insurance companies, replacing the former IA framework with an enhanced, bank-equivalent supervisory approach.

The core legal framework for UAE insurance is established by Federal Law No. 6 of 2007 (as amended) and the extensive regulations, circulars, and resolutions issued thereunder — including the CBUAE Insurance Supervision Regulations, Board of Directors and Senior Management Requirements, Financial Regulations for Insurance Companies, and the specific IFRS 17 implementation guidance. Companies operating in the Dubai International Financial Centre (DIFC) are separately regulated by the Dubai Financial Services Authority (DFSA) under its own regulatory framework.

Understanding which regulatory authority governs your insurance company — and therefore which audit and reporting requirements apply — is the critical starting point. Mainland UAE insurance companies fall under CBUAE/ISA jurisdiction. DIFC-based insurance and reinsurance companies fall under DFSA jurisdiction. Each has distinct audit, capital, and reporting requirements.

🏢2. Who Must Be Audited — UAE Insurance Entities

📋3. Core Audit Requirements for UAE Insurance Companies

✅ Auditor Appointment Requirements

• Auditor must be licensed by the UAE Ministry of Economy (MoE audit licence) — this is the baseline requirement
• For CBUAE-regulated insurers — auditor must be registered on the CBUAE's approved insurance auditors list. This list is separate from general MoE licensing
• For DIFC-based insurers — auditor must be registered with the DFSA and on the DFSA's approved auditors list
• Auditor must have demonstrated insurance sector expertise — CBUAE expects insurance audit teams to include professionals with specific insurance accounting and actuarial awareness
• Auditor rotation requirements apply — the engagement partner must be rotated per CBUAE/IESBA rotation rules; check your engagement history
• Appointment approved by the Board of Directors and notified to CBUAE within the prescribed period

📊4. IFRS 17 — Insurance Contracts Audit

IFRS 17 Insurance Contracts (effective 1 January 2023) replaced IFRS 4 and fundamentally changed how insurance contract revenue, liabilities, and performance are reported. For UAE insurance companies, the first full-year IFRS 17 audit (for 2023 year-end) was one of the most significant audit events in UAE insurance history — and the standard continues to create complex audit issues in 2026.

🔑 The Four Measurement Models Under IFRS 17

📋 IFRS 17 Audit Focus Areas for UAE Insurers

• Grouping of insurance contracts: Auditors test whether contracts are correctly grouped into cohorts (annual groups) and portfolios — improper grouping can significantly misstate CSM and P&L
• Fulfilment cash flows: Auditors challenge discount rates used, risk adjustment methodology, and cash flow projection assumptions — these involve significant management judgement
• Contractual Service Margin (CSM): Auditors verify CSM opening balance, current period adjustments (for changes in fulfilment cash flows relating to future service), and release rate to P&L (coverage units)
• Onerous contracts: Auditors test identification of loss component — does management identify all groups of contracts where fulfilment cash flows exceed premiums? Failure to recognise losses creates material misstatement risk
• PAA eligibility: Auditors verify that contracts measured under PAA actually qualify — the shortcut test of "coverage period ≤ 12 months" or "no significant variability in fulfilment cash flows"
• Discount rates: For GMM contracts, discount rates significantly affect the insurance liability — auditors examine whether the yield curve used reflects the characteristics of the insurance liabilities and is consistent with observable market data
• Risk adjustment methodology: IFRS 17 permits various techniques (confidence interval, VaR, CoV) — auditors assess whether the chosen method is appropriate and applied consistently

⚖️5. Solvency Margin & Capital Requirements

UAE insurance companies must maintain minimum solvency margins as prescribed by CBUAE regulations — these are the core financial soundness indicators that the regulator monitors most closely. Failure to maintain required solvency margins triggers mandatory regulatory intervention.

📊 CBUAE Solvency Margin Audit — What Auditors Verify

• Admissible assets calculation — auditors verify which assets qualify for inclusion in the solvency calculation and at what value (not all IFRS assets are admissible at their full carrying value)
• Technical provisions adequacy — the solvency margin is computed net of technical provisions; overstated provisions overstate apparent solvency
• Reinsurance recoveries credit — reinsurance recoverables reduce net technical provisions but only to the extent approved; auditors verify recoverable amounts and reinsurer credit quality
• Mathematical reserves (life) — verified by the actuary but auditors consider reasonableness of actuarial report conclusions
• Investments at admissible values — regulatory admissible values often differ from IFRS fair values; auditors reconcile the two

🔢6. Technical Provisions Auditing

Technical provisions represent the most significant liability on a UAE insurer's balance sheet and the area with the greatest audit complexity and risk. They must be calculated on both an IFRS 17 basis (for financial reporting) and a regulatory basis (for solvency margin reporting) — and the two can differ significantly.

🔬7. Actuarial Valuation Requirements

📋 Auditor Interaction with Actuarial Reports

• External auditors must review the actuarial report and assess whether the methodologies, assumptions, and data quality are appropriate — auditors cannot simply accept the actuarial report without critical evaluation
• For high-complexity IBNR or life reserves, auditors should consider engaging an auditor's actuary (independent actuary working for the audit firm) to provide an independent check on management's actuarial estimates
• Auditors must verify that the data provided to the actuary is complete, consistent with accounting records, and has not been modified between actuarial submission and accounts preparation
• Where actuarial estimates fall within an acceptable range, auditors must determine whether management has selected an appropriate point within that range — management should not consistently choose the optimistic end of the range without justification

🔄8. Reinsurance Audit Requirements

Reinsurance is integral to UAE insurance company financial statements and regulatory position — and its audit presents specific complexities around counterparty credit risk, accounting for ceded business, and coordination between cedent and reinsurer financial reporting timelines.

• Reinsurance assets adequacy: Auditors test whether reinsurance recoverables are stated at the correct amounts — verifying the ceded premium amounts, estimated claims recoveries, and ensuring amounts due from reinsurers are collectable (credit quality assessment)
• Reinsurance treaties compliance: Auditors verify that the company is operating within the terms of its reinsurance treaties — excess of loss limits, proportional arrangements, premium payment deadlines, and claims notification requirements
• Reinsurance premium accounting: Ceded premiums must be recognised in the correct period and at the correct amounts per the treaty terms — timing errors are common where reinsurance accounts are settled on a lagged basis
• Reinsurance counterparty credit risk: UAE regulations require reinsurers to meet minimum credit rating requirements. Auditors verify that all reinsurers used meet CBUAE minimum rating requirements and that any credit risk on unrated or sub-investment-grade reinsurers is appropriately provided for
• CBUAE reinsurance statement: The annual CBUAE regulatory return includes a detailed reinsurance statement — auditors verify this statement is consistent with the audited financial statements and accurately reflects all reinsurance arrangements
• Fronting arrangements: Where a UAE insurer fronts for a foreign reinsurer, special audit attention is required to the legal form vs. substance of the arrangement and the completeness of disclosure

🔒9. AML/CFT Compliance for UAE Insurers

Insurance companies are designated as financial institutions under UAE AML/CFT legislation — carrying full AML obligations including customer due diligence, suspicious transaction reporting, and staff training. CBUAE requires insurers to have independent AML audits and maintain documented AML frameworks.

• Annual independent AML audit: CBUAE requires insurance companies to arrange for an independent review of their AML/CFT compliance framework annually — typically by external auditors or an independent compliance specialist
• Customer Due Diligence (CDD): Verified for all policyholders at onboarding — enhanced due diligence for high-risk customers, PEPs (Politically Exposed Persons), and high-value life policies
• Sanctions screening: All policyholders, beneficial owners, and claims payees screened against UAE sanctions lists, UN sanctions lists, and OFAC — at inception and on an ongoing basis
• Suspicious Transaction Reports (STRs): Filed with UAE Financial Intelligence Unit (FIU) via goAML portal for any suspicion of money laundering — includes unusual large cash premium payments, early policy surrenders, and third-party premium payments
• UBO identification: Ultimate Beneficial Owners of corporate policyholders must be identified and documented per UAE UBO regulations
• AML training records: Annual AML training for all staff documented — auditors review training records as part of AML compliance assessment

📅10. UAE Insurance Regulatory Filing Calendar

✅11. Insurance Audit Preparation Checklist

• Engage CBUAE-approved auditor at least 3–4 months before financial year end
• Confirm actuarial firm engagement — both for IFRS 17 support and regulatory technical provisions
• IFRS 17 financial statements prepared: Insurance Service Result (revenue, incurred claims, insurance finance income/expense), Balance Sheet with insurance liabilities properly disaggregated
• Reconciliation of IFRS 17 insurance liabilities to prior year — movement analysis by portfolio and group
• CSM roll-forward schedule prepared for all GMM contract groups — showing opening balance, experience adjustments, changes in estimates, CSM release to P&L
• Technical provisions schedules completed: UPR, OCR, IBNR, URR, LAE reserves — by class of business
• Solvency margin calculation prepared — admissible assets schedule and technical provisions net of reinsurance
• Reinsurance statement prepared — all treaties, premium amounts, claims recoveries, reinsurer ratings verified
• Actuarial report obtained — signed by Appointed Actuary; data reconciliation confirmed
• Investment portfolio valuation confirmed — fair values for investment-grade securities, property, and other assets
• AML compliance documentation assembled — CDD files, training records, STR log, sanctions screening records
• Board minutes and Audit Committee papers compiled — including any material regulatory correspondence
• Prior year audit adjustments confirmed as implemented in current year accounts
• CBUAE regulatory return Q3 figures reconciled to opening balances for annual audit

❓12. Frequently Asked Questions

🔗13. Related Resources