A comprehensive AML Guide for ADGM companies
A comprehensive AML Guide for ADGM companies
The Financial Services Regulatory Authority (FSRA) supervises Abu Dhabi Global Market (ADGM) entities.
FSRA has issued rules and guidelines for implementing AML and Sanctions by ADGM entities to mitigate financial crimes. Though the ADGM’s AML Rulebook considers the Federal AML rules, the regulated entities in ADGM must follow the Rulebook and the Federal AML Law requirements.
This article focuses on the critical AML compliance requirements of entities in ADGM.
Business Risk Assessment and AML Policies, Procedures and Controls
The FSRA-issued AML rulebook mandates the ADGM entities to assess the ML/FT risks their business is exposed to.
While conducting AML business risk assessment, the ADGM entities must identify and analyze the ML/FT risk associated with the below-mentioned risks parameters:
- Products, services, and transactions
- Geographic risk
- Distribution channels
- Other risk factors such as technology
Basis the results of the AML Business Risk Assessment, adopting the risk-based approach, the entities must establish AML controls, procedures, policies, and systems aligned with the AML regulations to help entities identify, manage, and mitigate the ML/FT risks.
To ensure the effectiveness of the ML/FT mitigation measures, it is important to review ML/FT risk factors impacting the business and update the assessment to identify any new risk scenarios and design relevant controls to manage the increased level of risks.
Customer Risk Assessment and Customer Due Diligence
The entities must assess the customers’ profile, transactions, and business relationships to identify the ML/FT risk such customers pose to the business. Considering various risk parameters, a risk rating should be assigned to the customer, and appropriate Customer Due Diligence measures should be applied before establishing a business relationship.
For performing Customer Risk Assessment, the entities must consider various factors associated with the customer, a few of them illustrated hereunder:
- Ownership, control structure, and nature of customer
- Nature of the customer’s business
- Nature and purpose of the business relationship
- Nationality and residence of the customer
- Place of incorporation of the customer who is a legal person.
Based on these factors, the risk rating is allocated to each customer – high, medium, or low. For low-risk customers, entities may conduct Simplified or Standard Due Diligence. While for customers identified as high-risk, Enhanced Due Diligence measures must be applied.
Depending on the risk profiling or risk classification of the customer, the ADGM entities must carry out Customer Due Diligence under the following circumstances:
- Before onboarding a customer or establishing a business relationship
- Before executing a transaction with an occasional customer for an amount equal to or more than US$15,000
- When the customer or transaction is suspected to be related to money laundering or financing of terrorism.
- When there is doubt about the authenticity of documents provided by the customers
As part of the Customer Due Diligence process, the ADGM entities must undertake the following:
- Identify the customers, their representatives, and beneficial owners and verify their identities,
- Screen the customer, beneficial owners, and senior managerial persons to check if any of these persons are sanctioned under the UAE local list, UNSC Consolidated List or any other relevant international sanctions list,
- Understand the nature and purpose of the business relationship,
- Have systems and controls in place to determine whether the customer, beneficial owners, or senior managerial person is a Politically Exposed Person (PEP),
- Conduct ongoing monitoring of the business relationships and transactions conducted with the customer to check their consistency with the customer’s business and risk rating
However, when a customer is assigned a high-risk rating, Enhanced Due Diligence (EDD) measures must be applied before establishing a business relationship or executing a transaction with such a customer. Here, the EDD measures would include the following:
- Get more information to identify the customer and its beneficial owners,
- Identify and verify the source of wealth and funds of the customer and its beneficial owners,
- Establishing reasonableness of the purpose of the business relationship,
- Seek senior management’s approval to start a business relationship with a high-risk customer,
- Insist on getting the first payment through the customer’s account with the bank subject to similar AML standards,
- More frequent monitoring of the customer’s profile and transactions.
Money Laundering Reporting Officer (MLRO)
Every ADGM entity must appoint an MLRO to ensure compliance with AML requirements as prescribed under the FSRA-issued AML Rulebook and the AML Federal laws. Such MLROs must be residents of the UAE.
Further, the FSRA must approve the appointment of the MLRO.
If an MLRO leaves the company immediately, a new MLRO must be appointed, or at least a Deputy MLRO must be appointed to manage the AML compliance function temporarily until the appointment of an MLRO. FSRA Rulebook allows the ADGM entities to outsource the MLRO position to a third party.
AML Training and Awareness
FSRA mandates entities to conduct regular training for its employees responsible for AML compliance. Such training and AML awareness sessions must customize be customized basis the entities’ business operations, products/services, transaction complexities, distribution channels, and customers.
ADGM entities must conduct such AML training at least once a year and keep it up-to-date. Further, it is mandatory to record details of such training programs, including their dates, duration, nature, and list of participants.
Reporting Suspicious Activities
Every ADGM entity must have procedures, controls, policies, and systems to detect suspicious activities and report them immediately to the Financial Intelligence Unit (FIU) by filing SAR/STR on the goAML portal.
Frontline employees observing the suspicion must report it to the entity’s MLRO and submit all the details about the activity, customer or transaction involving money laundering or terrorist financing activity. When the MLRO receives an internal STR/SAR from an employee, they must investigate the activity. MLRO must submit an external STR/SAR with the FIU based on the evidence collected.
ADGM entities must maintain a list of ML/FT risk indicators and keep reviewing and updating this list to identify and mitigate the risks effectively.
AML Record Keeping
ADGM entities must maintain AML-related records for a minimum period of six (6) years in electronic format. The records to be maintained include the following:
- Entities’ AML Business Risk Assessment and the AML framework implemented
- Documents and information received from customers during KYC and CDD
- Copies of business correspondence with customers, including transactional details
- Suspicious activity/transactions reports – internal and external, related investigation records, documents, etc.
- Records of communication and correspondence with the FIU
AML Annual Return
ADGM entities must fill in all the details in the AML Return Form and submit such AML Annual Return with the FSRA for the year starting from 1st January to 31st December every year. Such AML Annual Return is to be furnished with the authorities before the end of April of the following year.
The key differences between Federal AML Law and the FSRA-issued ADGM AML Rules and Guidance
(a) FSRA AML Rulebook includes the following under the definition of the “Designated Non-Financial Businesses and Professions (DNFBPs), which is not the case under Federal AML Laws:
Dealer engaged in trading of any saleable item where the transaction amount equals to or exceeds US$ 15,000 in cash through a single transaction or series of connected transactions.
(b) FSRA-regulated entities must appoint a Compliance Officer or Money Laundering Reporting Officer who is a resident of the UAE. No such specific condition around residency is mentioned in the Federal AML Law.
(c) The minimum period prescribed for maintaining the AML record is six (6) years for ADGM entities, as compared to five (5) years prescribed under the Federal AML Laws.
(d) AML Annual Return is to be filed by the ADGM entities every year for the period 1st January to 31st December by the end of April of the following year. The AML Annual Return requirement is in addition to the semi-annual report requirement mentioned under Cabinet Decision No. (10) of 2019.
Need expert assistance to comply with ADGM’s AML Rulebook?
The companies in ADGM must follow all these requirements as per the ADGM AML Rulebook. Any non-compliance with these requirements calls for heavy administrative fines. The best way to avoid these fines and penalties is to take the help of a professional AML consultant.
AML UAE is a leading AML consultant in the UAE. Our comprehensive services help you comply with the relevant AML/CFT requirements and mitigate the threats of money laundering and terrorism financing.
We understand Federal AML laws and ADGM-specific rules to help clients identify and assess their business risk and develop solid and comprehensive AML/CFT policies, procedures, and controls. We can help you set up your in-house AML compliance department and impart AML training to your team, to manage ML/FT compliance competently.
Our strength lies in our solid team of ADGM compliance specialists and experienced and knowledgeable AML professionals. So, leave your AML compliance worries to us, and focus on your core business operations.
Avail comprehensive, expert, and efficient services for AML compliance matters
Contact our team at AML UAE.
Share via :
About the Author
Associate Company Secretary
Dipali is an Associate member of ICSI and has a Bachelor’s in Commerce and a General Law degree. She has an overall experience of 7 years in the compliance domain, including Anti-Money Laundering, due diligence, secretarial audit, and managing scrutinizer functions. She currently assists clients by advising and helping them navigate through all the legal and regulatory challenges of Anti-Money Laundering Law. She helps companies to develop, implement, and maintain effective AML/CFT and sanctions programs. She knows Anti-money laundering rules and regulations prevailing in GCC countries and specializes in Enterprise-wide risk assessment, Customer Due-diligence, and Risk assessment.