Egypt

Egypt's Card Tokenization Paving the Way for a Transformative 2025

Ali El Hawary
Partner, Head of Banking & Finance - Egypt

Nour Gheith
Associate

As Egypt continues to develop its digital payment ecosystem, the stage has been set for further progress in 2025. Through the Central Bank of Egypt (“CBE”) Regulations on Payment Cards Tokenization on Electronic Devices Applications (the “Regulations”), Egypt has been able to launch the tokenization of payment cards on mobile applications. Apple Pay has now been successfully introduced, further progressing the National Payment Council's Strategy to create a cashless society in Egypt. This lays the groundwork for significant further advancements expected in 2025.

What is Card Tokenization?

Card tokenization is a security measure that replaces sensitive card information, such as the card number, expiration date, and CVV, with a unique token. This token is used for online and mobile payments, eliminating the need to share actual card details. This significantly reduces the risk of fraud and data breaches and provides much-needed protection for sensitive information.

Scope of Application

The Regulations establish a robust framework for ensuring the security, interoperability, and efficiency of tokenized payment systems in Egypt. They apply broadly to all stakeholders in the payment ecosystem, including banks operating in Egypt, encoding service providers, payment network participants, point-of-sale device operators, and other relevant entities. Their primary aim is to address key risks, set licensing requirements and provide a foundation for infrastructure security.

The Regulations outline specific provisions that address critical aspects of tokenization, ensuring comprehensive guidance for stakeholders in implementing and managing these services:

A solid foundation is being created for a more secure, efficient, and inclusive financial ecosystem that strengthens investor confidence, draws additional investments, and contributes to the diversification and growth of Egypt's financial sector.

Licensing and Approvals Banks and payment service providers seeking to implement tokenization services must secure prior approval from the CBE. Applicants are required to demonstrate full compliance with the CBE’s established standards. Enhanced Security Measures The framework prioritizes data security by mandating the replacement of sensitive cardholder information with unique digital tokens. This approach minimizes the risk of fraud, data breaches, and unauthorized access during transactions. Operational Standards Comprehensive guidelines detail the processes for generating, managing, and processing payment tokens across the entire transaction lifecycle. The framework ensures that these tokens function seamlessly across various devices and platforms to maintain interoperability. Compliance and Reporting Obligations Banks and other stakeholders are required to conduct regular audits and submit detailed reports to the CBE. These reports must cover tokenization activities, security practices, and any incidents that may impact the integrity of the system.

Complexities Under the Regulations The Regulations introduced a range of complexities for stakeholders in the digital payment ecosystem:

The Egyptian Banks Company (“EBC”), affiliated with the CBE, is the sole provider of the Unified Issuer Tokenization Service Provider Interface, connecting issuer banks with payment acceptance networks.

Payment service providers (PSPs) and electronic manufacturers like Apple Pay, Google Pay, and Samsung Pay can offer tokenization applications (e.g., mobile wallets) under CBE approval, obtained through partnering issuer banks. PSPs must also establish contracts with all participating networks and issuer banks.

Each issuer bank must secure separate CBE licenses for every tokenization-enabled application, whether for their online banking apps or third-party wallets. Token Requestors must also partner with “Meeza” to issue auxiliary tokens for international cards.

All participants, including banks and TSPs, must comply with strict security standards, employing robust encryption technologies and limiting data storage on devices to ensure confidentiality.

Conclusion The Regulations have opened the market to digital payment service providers and created new opportunities for investors and fintech companies to enhance the variety and efficiency of Egyptian payment solutions. This aligns with the Egyptian government's ongoing initiatives to promote financial inclusion. A solid foundation is being created for a more secure, efficient, and inclusive financial ecosystem that strengthens investor confidence, draws additional investments, and contributes to the diversification and growth of Egypt's financial sector.

Al Tamimi & Company is well-positioned to assist clients in navigating the complexities of these Regulations. Our team of experts can provide comprehensive legal and regulatory guidance, ensuring compliance with the CBE's standards and helping clients leverage the opportunities presented by these transformative changes in Egypt's digital payment landscape.

Egypt’s New Unified Insurance Law

Yasmeen Qotbi
Senior Associate

The new Unified Insurance Law (the “New Law”) No. 155 of 2024 was officially enacted on 11 July 2024 following an extended period of deliberations and discussions. This landmark legislation seeks to modernize and streamline insurance practices by consolidating the regulatory framework for various insurance practices in Egypt. By unifying previously fragment regulations the New Law enhances legal clarity, rationalizes the regulatory environment and establishes a more efficient framework for all stakeholders in the insurance industry.

Redesign of the System

The New Law repeals, and consolidates multiple existing legislations, including:

The Private Insurance Funds Law No.54 of 1975.
The Insurance Control and Oversight Law No. 10 of 1981.
The Compulsory Insurance Law for Civil Liability arising from Rapid Transit Vehicle Accidents No.72 of 2007.
Articles 747-771 of the Civil Code No.131 of 1948.

Additionally, it incorporates Takaful insurance and reinsurance regulations, previously regulated by the Financial Regulatory Authority (“FRA”) Board of Directors Decision No. 23 of 2019. This unification simplifies the regulatory framework and provides a comprehensive system for all insurance operations in Egypt.

Regulatory Oversight The New Law centralizes regulatory authority under the FRA granting it exclusive jurisdiction over all insurance and reinsurance activities, related professions and services. The FRA is tasked with ensuring sector compliance and overseeing licensing, operational standards and digital transformation efforts. Furthermore, the FRA will regulate the participation in credit reporting systems.

The New Law is anticipated to bring significant improvements to Egypt’s insurance sector by streamlining regulations, introducing digital transformation, and expanding insurance coverage.

New Insurance Types and Branches The New Law broadens the scope of the insurance sector by introducing new types of insurance coverage, including:

Third Party Administrators (“TPAs”).¹

Short and Long - Term Specialized Medical Insurance (“HMOs”).²

Micro-Insurance.

Insurance against Default.

Retirement Annuities.

Agricultural Insurance.

Energy Insurance.

Short – Term Medical Treatment Insurance.

Cyber Risk Insurance.

The FRA retains the discretion to introduce new types of insurance coverage as it deems necessary, ensuring adaptability to the evolving market needs.

Dispute Resolution The New Law designates the Egyptian Economic Courts (“ECC”) as the primary jurisdiction for settling insurance-related disputes, with specific exceptions where jurisdiction is given to the State Council. To enhance transparency, Appeals Committees (“Committee”) have been established to address challenges against administrative decisions made by the FRA. These Committees must issue rulings within 30 days of receiving complete documentation. An appeal fee of EGP 20,000 is required, refundable if the appeal is successful. Violations and Penalties The New Law outlines violations such as unauthorized insurance activities, non-compliance with FRA standards, misrepresentation, violating pricing regulations and delays in submitting financial statements. Penalties range from fines of EGP 1,000 to EGP 20,000,000, with higher penalties imposed if financial gains from violations exceed these amounts. In severe cases, violators may face imprisonment or restrictions on participating in insurance activities for up to three years. Company managers may also be held accountable for knowingly overlooking violations, with companies jointly liable for employee misconduct. Reconciliation PeriodEntities impacted by the New Law have until July 11, 2025, to align with its provisions, with the FRA authorized to grant extensions of up to three years. Impact of the New Law on the Insurance Sector The New Law is expected to positively impact Egypt’s insurance sector, fostering a stable regulatory environment that attracts investment and promotes competition. By introducing innovative products and aligning with international best practices, the law enhances market efficiency and public trust. Policyholders benefit from expanded coverage options and stronger legal protections, while businesses gain access to a streamlined regulatory framework.

Overall, the Unified Insurance Law marks a transformative step in modernizing Egypt’s insurance industry, supporting economic growth, and positioning the country as a regional hub for insurance and reinsurance