UAE banks banned from seeking documents via WhatsApp: What it means for customers
A new directive by the Central Bank of UAE will change the way banks and other financial institutes communicate and collect information from their customers. In a notice dated April 17, 2026, the Central Bank instructed all financial institutes to stop using Whatsapp Messenger and other instant messaging platforms to deliver services and collect information. Many have been relying on Whatsapp and other instant messaging services for convenience and ease of exchange.
Here is everything you need to know about the new directive:
Stay up to date with the latest news. Follow KT on WhatsApp Channels.
What has the Central Bank banned?
Financial institutions are prohibited from using instant messaging apps, like Whatsapp Messenger and similar platforms, for any banking or financial service. This includes
Requesting or sharing customer data
Initiating or confirming transactions
Sending authentication details such as passwords or one-time passwords, and
Exchanging documents containing personal or financial information.
Which institutions are impacted by this regulation?
All financial institutions licensed by the Central Bank of the UAE are impacted by this directive. This includes all
International and national banks
Finance companies
Exchange houses
Payment service providers
Insurance companies and brokers
Any other entities operating under the Central Bank's regulatory framework
Why has the Central Bank issued this ban?
The regulator identified that messaging applications were increasingly being used as service channels, raising multiple risks. These include fraud, impersonation, account takeovers and social engineering attacks. There are also concerns over confidentiality and the potential for unauthorised disclosure or storage of sensitive customer data
The Central Bank has also flagged risks related to data residency, noting that customer information transmitted via messaging platforms could be processed or stored outside the UAE. This violates regulations that require all consumer and transaction data to remain within the country.
What must these financial institutes do now?
The institutions have been instructed to:
Stop launching any new services using messaging apps
Identify and shut down existing use cases
Shift customers to approved, controlled channels such as mobile banking apps, online platforms, call centres or branches
Strengthen internal controls, including staff training and monitoring to prevent further use of messaging systems
Does this affect existing WhatsApp services that some banks and other financial institutes offered?
Yes. The Central Bank has instructed institutions to identify and shut down existing use cases immediately. Any institute that previously offered account checks, transaction alerts or customer support via WhatsApp must now discontinue those services and migrate customers to approved platforms.
What channels can customers still use?
Customers can continue using
Mobile banking apps,
Online banking platforms
Call centres
Physical bank branches
These are considered approved, controlled channels that meet the Central Bank's security and data residency requirements.
By when should the institutes comply?
All the notified institutions must confirm compliance and outline corrective measures taken by April 30, 2026. The Central Bank has warned that non-compliance can lead to supervisory action or financial sanctions.
What is the key takeaway for customers?
Customers should no longer expect or accept any banking service, including transaction requests, document sharing or authentication codes, via WhatsApp or any instant messaging platform. All banking communications should now take place through official banking apps, websites, call centres or branches.
