The New UAE AML/CFT Law – Federal Decree Law No. 10 of 2025 Explained
Last Updated: 12/03/2025
Protect your business with reliable and effective AML strategies with AML UAE.
Key Highlights of Core Changes in the New AML/CFT Law 10 of 2025
- The New UAE AML/CFT Law, i.e. Federal Decree Law No. 10 of 2025, replaces the old AML Law of 2018, introducing stronger enforcement powers, higher penalties, and new criminal categories, such as Proliferation Financing. It came into force on 14 October 2025.
- Executive Regulations: Cabinet Resolution No. 134 of 2025 (in force from 14 December 2025)
- Virtual Assets & VASPs are now directly regulated, with strict licensing and reporting, with added checks on cryptographic technologies.
- Beneficial Ownership, STR filing, sanctions compliance, and risk assessments face significantly higher scrutiny, backed by extended FIU freezing powers.
- Businesses must upgrade systems, governance, and internal controls immediately to avoid fines up to AED 100 million and potential dissolution.
The New UAE AML/CFT Law: Federal Decree Law No. 10 of 2025 Explained
The UAE’s financial regulatory landscape has entered a new era. The Federal Decree Law No. 10 of 2025, effective from October 14, 2025, marks the most significant overhaul of the country’s Anti-Money Laundering (AML) and Combating Financing of Terrorism (CFT) framework. This new legislation repeals and replaces Federal Law No. 20 of 2018, arriving almost a year after amendments were made through Federal Decree-Law No. 7 of 2024.
The 2025 law doesn’t merely update the 2018 law; it transforms how businesses must operate across the Emirates. While the New AML Law is now in force, the existing Executive Regulations, Resolutions, and Circulars remain applicable until updated Regulations, Resolutions, and Circulars are issued. Accordingly, Cabinet Resolution No. 10 of 2019 will be repealed by Cabinet Resolution No. (134) of 2025 Concerning the Executive Regulations of Federal Decree-Law No. (10) of 2025 Concerning Combating Money Laundering, Terrorist Financing, and the Financing of the Proliferation of Weapons with effect from 14th December 2025.
This means businesses must apply current rules while preparing systems and governance to meet the requirements of the new framework.
What is Federal Decree Law No. 10 of 2025?
In a decisive move to strengthen its position as a trusted global financial hub, the UAE has introduced Federal Decree Law No. 10 of 2025 Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing. The law goes far beyond cosmetic updates.
It introduces new criminal offences, expanding enforcement powers, and imposing penalties that can reach AED 100 million for corporate violations. From the introduction of Proliferation Financing as a distinct crime to explicit regulation of Virtual Assets (VAs) and cryptocurrency transactions, the 2025 law addresses emerging threats in an increasingly digital and interconnected world.
Any business entity handling customer transactions or providing designated services must now meet far more rigorous regulatory obligations. For businesses operating across the Emirates, understanding these changes is essential for maintaining compliance and operational continuity.
This article provides a comprehensive analysis of the Federal Decree Law No. 10 of 2025 Regarding Anti-Money Laundering and Combating the Financing of Terrorism and Proliferation Financing. It shares insights into key changes, examines implications for different stakeholder groups, outlines practical compliance steps, identifies implementation challenges, and offers best practices for navigating this new regulatory environment. For further reading, check a guide to Anti-Money Laundering Laws in the UAE.
Unsure where to start with the new AML/CFT law?
Partner with us to quickly realign your policies and procedures with the new law.
Who are the Stakeholders Under the New UAE AML/CFT Law 2025?
The Federal Decree By Law No. 10 of 2025 casts a wide net across the UAE’s business landscape. It provides a clear overview of all stakeholder groups covered under the 2025 Law.
Understanding whether an entity falls under these regulations is crucial for compliance. The law applies to:
- Financial Institutions (FIs)
- Designated Non-Financial Businesses and Professions (DNFBPs)
- Virtual Asset Service Providers (VASPs)
- Non-Profit Organisations (NPOs)
Each category carries specific obligations and faces substantial penalties for non-compliance.
Too busy running the business to decode AML/CFT reforms?
Let AML UAE handle the technical details while you focus on clients and growth.
Key changes introduced by Federal Decree Law 10 of 2025
The Federal Decree By Law No. 10 of 2025 introduces substantial reforms across multiple dimensions of AML/CFT/CPF enforcement. While some provisions build upon the earlier Federal Decree Law No. 20 of 2018 framework, others represent entirely new territory for UAE businesses.
The following key changes, comprising Proliferation Financing, Direct Regulation of Virtual Assets, Increased Penalties, Extended Freezing Powers, Stricter Beneficial Ownership Requirements, Two-Tier Supervisory Framework, and No Statute of Limitations, constitute the most significant shifts that stakeholders must understand and address
Proliferation Financing
The most notable addition to the 2025 law is the introduction of ‘Proliferation Financing’ as a distinct criminal offence. This category did not exist in the 2018 legislation and reflects growing international concerns about weapons of mass destruction.
What It Means: This provision criminalises providing funds for weapons of mass destruction, including nuclear, biological, chemical, or radiological weapons.
Penalties: Temporary imprisonment and fines ranging from AED 1 million to AED 10 million, or twice the value of Criminal Property, whichever is greater.
Impact on Business: Businesses involved in international trade, technology transfers, or dual-use goods (civil and military use goods) require enhanced AML/CFT controls to ensure compliance with proliferation financing restrictions.
Direct Regulation of Virtual Assets
Cryptocurrency and digital assets, which were not addressed under the 2018 law, now receive comprehensive and explicit treatment throughout the 2025 legislation. This change addresses the rapid growth of the crypto economy in the UAE.
What Changed:
- Virtual Asset Service Providers (VASPs) are now defined as Regulated Entities
- VASPs are explicitly subject to Suspicious Transaction Reporting (STR) requirements
- Penalties apply to the use of technologies, accounts, or virtual assets that obscure the Source of Funds or the identity of the Beneficial Owner.
- Virtual assets that enable total anonymity or obstruct tracing are expressly restricted.
Penalties: Promoting or dealing in totally anonymous virtual assets carries a minimum 3 months imprisonment and a fine not less than AED 50,000 , or either of these two penalties.
Impact on Business: Crypto exchanges, blockchain service providers, and any allied businesses accepting cryptocurrency payments must now implement the same rigorous AML/CFT compliance as imposed on other Regulated Entities
Increased Penalties
While the 2018 law imposed significant penalties, the 2025 version raises the stakes, particularly for corporate entities. The potential financial exposure for violations has multiplied several times over.
What Changed:
- Money Laundering (Individuals):
- 2018 Law: Up to 10 years imprisonment + fines up to AED 5 million
- 2025 Law: 1-10 years imprisonment + fines up to AED 5 million OR value of Criminal Property (whichever is greater)
- Money Laundering with Aggravated Circumstances:
Money Laundering committed under Aggravating circumstances includes: exploiting position authority, committing through NPOs or organised crime groups, certain serious predicate offences, or recidivism.
2025 Law: Temporary imprisonment + fines AED 1-10 million OR twice the criminal property value (whichever is greater)
- Legal Entities:
- 2018 Law: Fines AED 500,000 to AED 50 million
- 2025 Law: Fines AED 5 million to AED 100 million OR Criminal Property value (whichever is greater)
Impact on Business: A single violation can now cost companies up to AED 100 million, representing a doubling of maximum penalties and creating substantially higher financial risk exposure.
Extended Freezing Powers
Enforcement authorities have gained considerably more time and flexibility to freeze suspicious funds and suspend transactions. These expanded powers enable faster action against potential Money Laundering activities while investigations proceed.
What Changed:
- Transaction Suspension: The Financial Intelligence Unit (FIU) can suspend suspicious transactions for up to 10 working days without court approval.
- Fund Freezing: The FIU can freeze funds for up to 30 days (increased from 7 days under the 2018 law), with extension provisions available through the Attorney General.
- Enhanced Authority: Public Prosecution can directly access accounts, computer systems, and communications without prior notice to account holders.
Impact on Business: Businesses face potential 30-day account freezes that could disrupt operations, affect cash flow, and prevent payment of suppliers or employees during investigation periods.
Stricter Beneficial Ownership Requirements
Under the 2025 law, greater emphasis is placed on establishing Beneficial Ownership across corporate and legal arrangements.
What Changed:
- More detailed and specific definitions of Beneficial Ownership
- Enhanced obligations requirements for legal arrangements and trusts
- Specific obligations imposed on nominee directors and shareholders
Penalties: Providing false Beneficial Ownership information now carries imprisonment plus fines starting at AED 20,000.
Impact on Business: Businesses must maintain Beneficial Ownership records, verify ownership chains at multiple levels, and update information regularly as structures change. This may involve additional documentation during customer onboarding to ensure transparency.
Disclosure Requirements for Cash, Precious Metals/Stones, Negotiable Instruments
The Federal Decree Law No. 10 of 2025 introduces cash, precious metals/stones, and negotiable instruments disclosure requirements for individuals entering or departing from the UAE in accordance with the disclosure system issued by the Federal Authority for Identity, Citizenship, Customs, and Port Security in coordination with the Central Bank.
Impact on Business: Businesses must ensure that adequate disclosure is made when their staff carry cash, precious metals/stones, and negotiable instruments while entering or departing from the UAE. The AML/CFT policy and procedures must be amended to reflect this mandatory requirement as the UAE Customs Declaration Form.
Two-Tier Supervisory Framework
The 2025 law restructures how Anti-Money Laundering efforts are coordinated and supervised at the national level. The creation of the following dual oversight bodies reflects a more sophisticated approach to governance and enforcement.
- Supreme Committee: It provides high-level strategy and supervision, affiliated with the Presidential Court, and is responsible for monitoring the National Strategy
- National Committee: It handles operational coordination and implementation, chaired by the Central Bank Governor.
Impact on Business: More frequent inspections, higher regulatory expectations, dual reporting lines to both strategic and operational oversight bodies, and increased administrative penalty exposure.
Strengthened International Cooperation
The 2025 law enhances cross-border information sharing and mutual legal assistance, introducing streamlined mechanisms that improve coordination with foreign authorities and reduce barriers to international investigations.
Key Changes:
- Automatic information exchange with counterpart authorities in other jurisdictions
- Priority handling requirements for international cooperation requests simplified mutual legal assistance procedures
- Foreign confiscation orders are executable without separate national investigations
- Tax matters no longer constitute grounds for refusing cooperation requests
Impact on Business: Transactions face greater scrutiny from multiple jurisdictions simultaneously. Moreover, information held by UAE entities can be shared more easily with foreign authorities, and cross-border operations require an understanding of multiple jurisdictions’ AML requirements.
No Statute of Limitations (Continued from 2018)
While not a new provision, the continuation of unlimited prosecution timeframes remains one of the most significant features of UAE’s AML framework. The 2025 law adds Proliferation Financing to the list of crimes with no statute of limitations, whereas the 2018 law only covered Money Laundering and Terrorism Financing.
What It Means: Criminal proceedings for Money Laundering, Terrorism Financing, and Proliferation Financing can be initiated at any time, regardless of how many years have passed since the offence occurred.
Impact on Business: Past violations can be prosecuted indefinitely, creating permanent legal risk. Businesses must maintain compliance records for extended periods, as past transactions remain subject to investigation and prosecution decades later.
Make the New UAE AML 2025 Law Your Competitive Advantage.
Strengthen Your compliance journey with AML UAE by Your side.
Comparative Chart of Changes in Federal Decree Law No. (10) of 2025
To put these developments and key changes into perspective, the following table highlights how core provisions have evolved from Federal Decree Law No. (20) of 2018 to Federal Decree Law No. (10) of 2025. Many of these refinements aim to streamline compliance obligations and enhance alignment with international standards. This comparison helps identify areas where institutions may need to recalibrate their internal processes.
Feature | 2018 Law (Federal Decree Law No. 20 of 2018) | 2025 Law (Federal Decree Law No. 10 of 2025) | Analysis |
Primary Scope | Focuses on ML, TF, and Financing of Illegal Organisations. | Focuses on ML, TF, and Proliferation Financing (PF). | The 2025 Law introduces PF as a distinct crime and removes the specific term “Financing of Illegal Organisations” (which was present in the 2018 Law). |
Definitions and Coverage | Includes definitions for ML, TF and Illegal Organisations. | Introduces detailed definitions for Proliferation, Weapons of Mass Destruction (WMD), and Virtual Assets, alongside expanded definitions for ML/TF. | The 2025 Law incorporates modern financial crime concerns, explicitly covering PF and transactions involving Virtual Assets. |
Treatment of Virtual Assets | No reference to Virtual Assets (VA) or Service Providers. | Explicitly addresses VA, including their use in ML & TF. It also defines and regulates Virtual Asset Service Providers (VASPs). | It modernises the AML scope to include digital currencies and crypto-related activities. |
Financial Intelligence Unit (FIU) | The FIU is established within the Central Bank of the UAE (CBUAE), chaired by the Governor. | It retains CBUAE structure but affirms FIU’s independence. Now, the FIU is established as an independent unit within the Central Bank (CBUAE). | It emphasises institutional autonomy and operational independence of the FIU. |
National Coordination Framework | It established the National Committee, chaired by the CBUAE Governor. | It introduces a two-tier structure: a Supreme Committee for the Supervision of the National Strategy for AML, CFT, PF (affiliated with the Presidential Court) and a National Committee, chaired by the Governor | The 2025 Law creates a two-tiered oversight structure, placing strategic supervision under the Supreme Committee while maintaining the National Committee for policy implementation. |
FIU Freezing Authority | The Governor or their delegate may freeze suspicious funds up to 7 working days, renewable by the Public Prosecutor. | The FIU Chief may suspend transactions up to 10 days or freeze funds for 30 days. | It extends FIU’s power and timeframe, allowing faster, independent intervention. |
Money Laundering Penalties (Individuals) | Imprisonment not exceeding 10 years and a fine of AED 100,000 to AED 5,000,000, or either penalty; Aggravated penalty (temporary imprisonment and fine of AED 300,000 to AED 10,000,000) for specific circumstances. | Imprisonment for a term of not less than 1 year and not exceeding 10 years, together with a fine of AED 100,000 to AED 5,000,000, or equivalent Criminal Property value. Aggravated penalty (temporary imprisonment and fine of AED 1,000,000 to AED 10,000,000). | The 2025 Law clarifies the minimum imprisonment term (not less than 1 year) and increases the minimum fine for aggravated offences (from AED 300,000 to AED 1,000,000). |
Penalties for Legal Persons | Liquidate and close the office, and a fine of AED 500k –50 M. | Fine AED 5M –100M or equivalent Criminal property value. | The maximum fine for a Legal Person conviction is doubled (from AED 50 million to AED 100 million) in the 2025 Law, and the minimum fine is significantly increased (from AED 500,000 to AED 5,000,000), reinforcing corporate liability. |
Legal Person Conviction for CFT/PF | If convicted of terrorism financing, the Court shall order liquidation and closure of the office premises. | If convicted of Financing of Terrorism or Proliferation Financing, the Court shall order dissolution and closure. | The mandatory dissolution and closure provision now includes PF Convictions. |
Professional Secrecy Exemption | Exemption for lawyers, notaries, other legal professionals, and independent legal auditors who obtained information subject to professional confidentiality. | Exemption maintained for lawyers, notaries, other legal professionals, or independent legal auditors if information was obtained under circumstances subjecting them to professional secrecy. maintained with an identical scope. | This core exemption remains largely consistent in both laws, protecting legal professional privilege. |
Repeal Status | Repealed by Decree-Law No. 10 of 2025. | Repeals the 2018 Decree-Law. | The 2025 Law is the currently effective legal framework, along with existing resolutions, notifications, and circulars to the extent they aren’t repealed. |
Step-by-Step Guide for the Regulated Entities to Comply with the New UAE AML Law 2025
The following step-by-step guide outlines each compliance step required under the New AML Law 2025.
This section provides a clear overview of the entire process—from Securing Licensing, Conducting Risk Assessments, Establishing Internal Policies, Implementing CDD, Ensuring Beneficial Owner Transparency, Applying TFS Forthwith, Reporting Suspicious Transactions, Avoiding Tipping-Off, Meeting VASP-Specific Obligations, and Keeping Records.
Together, these steps highlight the essential actions businesses must take to meet the law’s requirements, strengthen internal controls, and ensure full alignment with regulatory expectations.
Secure Required Licensing/Registration
Before engaging in any Financial Activities, DNFBP, or VASP activities, the natural or legal person must obtain a license, registration, or enrolment from the Competent Authority or the relevant Supervisory Authority.
Violation of this specific licensing requirement carries a potential penalty of imprisonment and a fine of not less than AED 200,000 and not exceeding AED 10,000,000, or either penalty.
Conduct and Maintain Risk Assessment
The next step for the Regulated Entities is to identify, understand, manage, assess, document, and continuously update the risks of financial crimes such as Money Laundering, Financing of Terrorism, and Proliferation Financing, within their business scope. This assessment is grounded in a risk-based approach, and multiple risk dimensions are considered.
- Assessing how the new risks (Virtual Assets, Proliferation Financing) can affect specific products, services, and customer base.
- Allocating more resources to scrutinise high-risk areas (e.g., Politically Exposed Persons, Clients from High-Risk Countries, Complex Crypto Transactions).
Moreover, the Risk Assessment study and related information are retained and provided to the Supervisory Authority upon request.
Establish Robust Internal Policies and Controls
The following step for Regulated Entities is to establish internal AML/CFT policies, controls, and procedures that are approved by Senior Management. These controls enable Regulated Entities to manage and mitigate identified risks.
- These Policies are applied to all branches and subsidiary companies in which the REs own a majority share.
- These Policies and Procedures are continuously reviewed and updated.
Implement Customer Due Diligence (CDD) and Monitoring
The next step is implementing CDD measures and continuous monitoring procedures for clients. The scope for these measures is determined based on the multiple ML/TF/PF risk dimensions and the outcomes of the National Risk Assessment (NRA). The CDD process usually consists of,
- Identifying and verifying the information of the Customer and the Beneficial Owner in a legal person (the natural person exercising ultimate effective control over a corporate person).
- Identifying the nature of the Customer’s business and the purpose of the business relationship.
- Ensuring not to open or maintain accounts, or conduct transactions, under anonymous, fictitious, alias, or numbered names, or provide services to such accounts.
Ensure Beneficial Owner Transparency
While onboarding corporate clients, the identification of the Ultimate Beneficial Owner ensures transparency and accountability.
- Intentionally providing false or misleading information concerning the Beneficial Owner is subject to criminal punishment (imprisonment and a fine of not less than AED 20,000, or either penalty).
Apply Targeted Financial Sanctions (TFS) Forthwith
For Regulated Entities, applying the instructions issued by the Executive Office or any other Competent Authorities concerning Targeted Financial Sanctions is another essential component of an efficient AML/CFT Compliance Program. This includes,
- Freezing of funds and prohibition of making them available for designated persons/organisations.
- Filling relevant reports such as Confirmed Name Match Report (CNMR) and Partial Name Match Report (PNMR), as the case may be.
Violation of these instructions is a serious offence, punishable by imprisonment and a fine of not less than AED 20,000, or either penalty.
Report Suspicious Transactions
In case there is a red flag in the transaction pattern or Regulated Entities have reasonable grounds to suspect that the Transaction or Funds are related to the criminal offences of Money Laundering, Financing of Terrorism, and Proliferation Financing, then taking appropriate steps is required. This includes,
- Notifying the Financial Intelligence Unit (FIU) without delay and directly.
- Providing a detailed Suspicious Transaction Report (STR) or Suspicious Activity Report (SAR) containing all available data and information via the electronic system or other approved means.
It must be noted that confidentiality provisions cannot be invoked to withhold information requested by the Unit. (Note: This obligation does not apply to legal professionals or independent legal auditors if the information was obtained under professional secrecy).
Avoid "Tipping Off"
After taking the necessary steps required by FIU to file STR or SAR, ensuring the crucial information is not tipped off to the client in question is imperative for Regulated Entities.
Any person who notifies, warns, or discloses information related to Suspicious Transactions under review or investigation (in contravention of confidentiality rules) is subject to punishment with imprisonment and a hefty fine of not less than AED 50,000, or either penalty.
Comply with VASP-Specific Regulations
If the stakeholder is a VASP (defined as a person conducting one or more Virtual Asset activities specified in the Executive Regulations for commercial purposes), then complying with VASP-Specific Regulations (VARA) is required. This includes,
- Obtaining the required license/registration.
- Refraining from dealing in, promoting, or offering for sale Virtual Assets characterised by total anonymity or that prevent or obstruct the ability of the Competent Authorities to trace the Transaction or its parties.
Violation of this rule is punishable by imprisonment for a period of not less than three (3) months and a fine of not less than AED 50,000, or either penalty.
Record Keeping
Retaining all records, documents, and data relating to domestic and international transactions, AML/CFT compliance program and measures for the prescribed time is mandatory for Regulated Entities as per the UAE’s AML/CFT Law.
This also ensures their immediate availability to Competent Authorities upon request during regulatory inspections or audits.
Challenges Faced by the Regulated Entities in complying with the legal obligations
While the 2025 law establishes clear compliance requirements, translating these obligations into operational reality presents significant challenges.
This section highlights the most significant hurdles businesses are likely to face under the strengthened AML framework, including Technology Limitations, Cost Burden, Knowledge & Skill Divide, Complex Ownership Structures, Operational Disruption & Impact on Customers. Further, the Cabinet Resolution No. 134 of 2025 will take effect from December 14, 2025, and regulated entities will have to ensure that they follow the regulations. Read our Guide to New Cabinet Resolution No. 134 of 2025 on AML Law No. 10 of 2025.
Technology Limitations
Many businesses rely on legacy systems that cannot support virtual asset monitoring, Screening against local and global watchlists, or real-time sanctions updates. Integrating blockchain analytics, tracking cryptocurrency transactions, and identifying complex ownership structures often requires significant technical upgrades.
Cost Burden
Implementing an enhanced AML framework, including technology, training, governance, and dedicated compliance roles, creates substantial financial strain, particularly for smaller DNFBPs and emerging VASPs.
Knowledge & Skill Divide
Many employees lack understanding of new requirements, particularly regarding virtual assets and Proliferation Financing. This increases the risk of misidentifying red flags or applying due diligence inconsistently.
Complex Ownership Structures
Identifying true Beneficial Owners in complex corporate structures with multiple layers, offshore entities, and nominee arrangements remains extremely difficult. Clients often cannot provide complete ownership information, and cross-border chains require verification in multiple jurisdictions, which can further delay onboarding and monitoring.
Operational Disruption & Impact on Customers
Enhanced CDD, STR reporting, and Sanctions Screening can slow onboarding, increase documentation demands, and create friction for legitimate customers. Businesses must balance regulatory expectations with customer experience.
Don’t Let Trials Obstruct Your Compliance Pathway
Tackle the Toughest Hurdles Along with AML UAE
Best Practices for the Stakeholders to Ensure New UAE AML Law 2025 Compliance
While challenges are common, solutions exist. Businesses that approach AML compliance strategically distinguish themselves as market leaders from those merely avoiding penalties.
This section outlines the essential best practices for building an effective AML compliance under the 2025 framework. These include adopting a Risk-Based Approach, investing in Quality Technology Adoption, building a Strong Compliance Culture, Maintaining Documentation, and Leveraging Expertise.
Adopt Risk-Based Approach
Regulated Entities must allocate compliance resources based on actual risk levels. This includes conducting ML/FT risk assessment in line with NRA and SRA, supervisory guidance, global best practices, and categorising customers into risk tiers (low, medium, high) and applying appropriate due diligence levels, documenting Risk Assessment methodology and reviewing ratings regularly.
Invest in Quality Technology
Regulated Entities must deploy robust AML technology capable of real-time transaction monitoring, automated sanctions screening, blockchain analytics, and scalable case-management systems that integrate smoothly with existing infrastructure.
Build a Strong Compliance Culture
Regulated Entities must foster a culture where compliance is everyone’s responsibility. This requires visible senior management support, regular staff training & internal audits, clear accountability, open communication, and protected whistleblowing mechanisms to encourage internal reporting.
Maintain Documentation
Regulated Entities must maintain detailed records of all compliance decisions, due diligence, risk assessments, onboarding outcomes, suspicious transaction analyses, training sessions, and audits. Employing standardised templates and securing digital storage helps ensure consistency and accessibility.
Leverage Expertise
Regulated Entities must strengthen their AML frameworks by engaging specialised consultants, legal advisors, and technology experts for compliance program design, gap analysis, independent audits, system optimisation, and staff training development.
Reign Over Regulatory Changes
The New UAE AML/CFT Law of 2025, Federal Decree by Law No. 10 of 2025, significantly strengthens the national compliance framework, introducing new offences, virtual asset regulations, and higher penalties, amongst other things. For businesses, strong AML compliance is essential to protect their reputation and adhere to global best practices.
The message is clear: the cost of compliance is always lower than the cost of violation.
How AML UAE can support your transition to the NEW AML/CFT Law 10 of 2025
AML UAE can help you transition from the old Federal Decree Law No. 20 of 2018 to the new law.
- We start by assessing the gaps in your existing AML/CFT framework.
- We help you customise your AML/CFT policy and procedures to align them with the Federal Decree Law No. 10 of 2025 and the Cabinet Resolution No. 134 of 2025.
- We provide customised AML training for your staff.
- We help you select the right AML Software to automate your business processes.
- We periodically perform health checks to ensure that you remain compliant at all times.
Frequently Asked Questions (FAQs)
What happens to violations committed under the Old Law of 2018?
Violations under the previous AML framework remain prosecutable because the UAE imposes no statute of limitations on ML offences, even after the introduction of the New UAE AML law of 2025.
How often should AML Risk Assessments be updated under the 2025 law?
Risk assessments must be continuously monitored and regularly updated.
What if a business cannot identify the Beneficial Owner?
The business relationship cannot proceed without identifying Beneficial Ownership.
Can businesses in the UAE accept cryptocurrency payments?
Yes, but only if they comply with AML/CFT requirements, conduct robust KYC procedures, and ensure traceability of all virtual asset transactions.
Are businesses protected from liability when filing Suspicious Transaction Reports (STRs)?
Businesses enjoy legal immunity for STRs filed in good faith; liability only applies when reporting is made maliciously or with wrongful intent.
Is staff training mandatory?
While not explicitly criminalised under the New Law of 2025, failure to train staff could constitute a violation of internal policy obligations.
Can foreign nationals be deported for violations of the New UAE Law of 2025?
Yes. Foreign nationals convicted under AML offences may face deportation in addition to other penalties under the 2025 law.
Compliance Doesn’t Wait - Neither Should You.
Adopt Our Tailored Solutions to Efficiently Navigate New UAE Law 2025
Share via :
About the Author
Pathik Shah
FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)
Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.
Reach Out to Pathik