The Dubai Financial Services Authority (DFSA) took its most aggressive action to date last year against Damas International after three shareholders improperly withdrew money from the company.
The DFSA banned Abdullah brothers - Tawhid, Tawfique, and Tamjid, who were also Damas executives - from holding director positions at companies in the Dubai International Financial Centre for between five and 10 years and fined them for a combined penalty of Dh11 million (US$2.9m). The Damas board of directors was dissolved and the auditor was dismissed.
Although the case was the only major publicly disclosed action taken following an investigation last year, it began nine separate inquiries during the year. Some of those are still ongoing and could result in actions this year, officials say.
Stephen Glynn, the director and head of enforcement at the DFSA and a former policeman in Australia, said not every investigation resulted in an action, often because of lack of evidence. But he said his team was more active now than ever.
"The number of investigations we are doing is trending upwards," he said.
The types of issues looked into have also changed. In the early days, it was "failure of systems and controls" within the DIFC. By 2008, the complaints were mainly about consumer protection issues, such as improper fees and charges being made during the economic boom.
By last year, the focus was on DIFC traders' market conduct.
A lot of sensitive information uncovered by the DFSA's enforcement team on DIFC firms is housed in its tightly controlled evidence room.
On a day-to-day basis, the supervision teams have the most interaction with companies that break DIFC rules, usually when firms drop below their capital adequacy requirements.
That does not necessarily lead to any action by the DFSA as long as the situation is disclosed and quickly rectified.
However, in some cases the enforcement team will be brought in. They have the power to collectdata on a "compulsory basis" and compel relevant staff members to provide information under oath.
The DFSA even has an "ethical hacker" who can break into the systems of companies suspected of being in breach of the laws and that are refusing to co-operate.
Mr Glynn described the DFSA as a "risk-based regulator", meaning its priority was always to investigate issues that could pose the greatest threat to the reputation and operations of the DIFC.
"If 20 people come to me with complaints about one bank providing services, then we would focus on that," he said. "If one person says a bank employee misrepresented their product, then that is a less serious problem for the DIFC as a whole."