Gold Supply Chain: Uncovering the ML/FT Red Flags

Gold Supply Chain: Uncovering the ML/FT Red Flags

Gold Supply Chain: Uncovering the ML/FT Red Flags

Download Gold Supply Chain: Uncovering the ML/FT Red Flags

Gold Supply Chain: Uncovering the ML/FT Red Flags

The gold supply chain has several stages, including extracting, transporting, handling, etc., and is highly vulnerable to financial crime risks. Some of these risks are associated with specific supply chain stages or the players involved in the gold supply chain, whereas other risks are common to all the stages of the gold supply chain.

To easily identify and facilitate the mitigation of ML/FT risks observed in the course of the gold supply chain, we have provided a substantive list of red flags and bifurcated them into various categories for better understanding:

  • Red Flags associated with Gold Mining Companies
  • Red Flags associated with Shipping
  • Red Flags associated with Gold Trading Companies
  • Red Flags associated with Transactions and Activities
  • Red Flags associated with Geography

The range of the risk indicators is very wide, covering non-compliance of the environment regulations by a mining company, while routing the gold shipment through refineries in jurisdictions that do not offer any economic advantage. Inconsistencies in the transaction value or volume or excessive dealing with unregulated markets are also ML/FT red flags that may suggest abuse of the gold supply chain.

Whenever any of these red flags are observed, immediate action and investigation are demanded. The proactive approach is necessary to ensure a secure gold supply chain and effectively mitigate ML/FT risks.

Related Posts

A Guide to Avoiding Common Mistakes in AML Compliance for VASPs

http://13.233.15.5/a-guide-on-mistakes-to-avoid-in-aml-compliance-for-vasps/

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

A Guide to Avoiding Common Mistakes in AML Compliance for VASPs

With the rise of instances of money laundering in the virtual assets ecosystem, the UAE government introduced anti-money laundering regulations to supervise and safeguard this sector. Virtual asset service providers (VASPs) operating in the UAE must know these rules. You must create a customised AML framework aligning with these rules and regulations, in sync with the nature and size of the virtual asset activities. While implementing them, be careful of the common mistakes to avoid in AML compliance for VASPs for effective results.

This blog explores these common AML compliance challenges that a VASP must avoid. By avoiding them, you are adopting an effective methodology for achieving your AML compliance obligations and protecting virtual assets from ML/FT vulnerabilities. Before covering the mistakes, we’ll understand why the money laundering threats affect VASPs’ businesses.

Stay ahead in the fight against financial crimes.

Join AML UAE’s hands to sidestep common pitfalls.

Contact Us Now

Why is the threat of money laundering looming over VASP businesses?

What is the primary factor influencing money laundering activities? Disguised or concealed identities. By hiding their identities, money launderers bring illicit money into the legal financial system and layer it with other transactions.

This is so much possible in the case of cryptocurrencies and virtual assets. The reasons being:

  • The virtual asset transactions are decentralised
  • These transactions allow anonymity or pseudo-anonymity
  • High-value and high-frequency transactions are common
  • Easy and quick transfer of virtual assets from one person to another across boundaries
  • Regulatory frameworks for VASPs and virtual assets are still evolving

All these reasons increase their vulnerability to money laundering threats. So, virtual asset service providers must stay alert to the standard red flags and ML/FT typologies. These indicators must warn you of suspicious activity, which you can investigate further and prevent financial crime. You can find these red flags in our blog: Unusual Transaction Trends for VASPs.

These red-flag indicators help you spot a suspicious customer or transaction. After spotting, you can avoid or stop them. Besides this, you must follow the AML regulations as applicable to the VASPs (such as the Compliance and Risk Management Rulebook issued by VARA or the rulebooks issued by the ADGM’s FSRA or DIFC’s DFSA, along with Federal AML regulations). Per these regulations, you can achieve AML compliance by applying the following AML measures:

Mistakes to avoid in AML compliance for VASPs

VASPs invest in these measures and implement them in their operations. But during their planning or execution, you might face challenges. The following are the common mistakes to avoid in AML compliance for VASPs:

Mistakes to avoid in AML compliance for VASPs

Inability to manage changes per AML regulatory updates

The world of virtual assets is a new and emerging business territory. People are still understanding its uses and benefits. Meanwhile, money launderers have already started using it for their illicit activities. They are leveraging the characteristics of virtual assets to launder dirty money. That is why the rules for VASPs are still evolving in the UAE to manage criminals’ new and sophisticated money laundering methods.

With such an evolutionary nature, you must keep track of regulatory changes. As and when laws change, you need to adjust your AML policies to them. If you miss these changes, your compliance will be incomplete or inaccurate, leading to penalties.

So, one key AML compliance challenge for a VASP to avoid is operating in an uncertain regulatory market. This leads to inconsistent AML practices. To cover this challenge, monitor the AML updates. As and when new rules are introduced, understand them and make relevant changes in your AML strategies. Thus, you can bring consistent and AML-compliant business practices to your virtual asset activities.

Difficulty in keeping pace with the technological innovations and developments

One common mistake to avoid in AML compliance by VASPs is not upgrading their technologies related to the compliance function.

Blockchain, cryptocurrency, and virtual asset worlds witness new technologies daily. Such technological innovations are a big challenge for VASPs.

You must up your game in the technological development space to bridge the gaps between the tools deployed by the criminals and the technologies you use for combating these crimes. Keep your systems updated and in alignment with the market requirements and the newer money laundering trends and patterns. Upgrade your system’s security and work on data protection. Investing in cybersecurity measures can reduce your vulnerability to security breaches and help mitigate ML/FT exposure.

Failure to assess risks to your business

You are a virtual asset service provider. So, you must know the potential risks to your business. If not, it is one of the severe mistakes around AML compliance. You must immediately get it done to identify and understand the risks and plan their AML control measures accordingly.

You must conduct an enterprise-wide risk assessment (EWRA) to identify the potential exposure to all aspects of your business. The risks can be from any or all of the following-

  • Customers and other parties involved
  • Products and services
  • Geographies of your business or where your customers are from
  • Delivery or distribution channels
  • Nature, size and complexity of the transactions
  • Technologies deployed

These factors might expose you to money laundering or terrorism financing risks. So, identify them, analyse their possible impact, and their level. You must be able to build your own business’s risk profile. A comparison of the risk profile with your risk appetite is the gap you want to fill with your AML efforts.

Remember to repeat this exercise regularly to stay on top of your business’s potential risks. You must update the risk assessment when business conditions and elements change.

The absence of a well-defined, customised AML framework

One of the critical aspects of AML compliance is the documented comprehensive AML framework. Without an AML framework, you do not have the policies, strategies, procedures, and controls. You must have a well-defined AML framework tailored to your business and the outcome of the ML/FT business risk assessment. These help you follow the AML compliance requirements and safeguard your virtual asset activities.

After the risk assessment, you need an AML compliance program to mitigate or manage these risks. It must have the following:

  • Relevant AML policies per your AML goals
  • Procedures for due diligence before customer onboarding and during business relationship
  • Checklist of red flags and process to spot them
  • Record-keeping and reporting systems for AML
  • Internal controls to combat these risks
  • Norms to comply with KYT and travel rule requirements
  • Procedures for ensuring effective implementation of the targeted financial sanctions

You must communicate these to all your departments and employees. Also, get approval from the senior management. Also, you must update the framework with regulatory amendments and revisions in business risks.

No focus on the customer due diligence

Customer due diligence is a critical part of any AML compliance program. Its correct and on-time performance is a vital AML compliance challenge for VASPs. However, this process is crucial for identifying suspicious customers and managing vulnerabilities.

Your CDD process must include:

Steps for CDD process
  • Knowing your customer: You must collect the identity details of your customer, along with evidence. For legal entities, collect information on beneficial ownership, nature of business, etc.
  • Knowing your transaction: You must know the originator and beneficiary of a virtual asset transaction. Collect details on wallet addresses, transaction hashes, device identifiers, and other points that help you know it better.
  • Customer screening: The pseudo-anonymity of a virtual asset transaction makes it riskier. So, you need to be extra careful with whom you are dealing. You must match your customers against lists of sanctions, PEPs, terrorists, and adverse media. If matched, make informed decisions to ensure compliance with laws and management-approved risk appetite.
  • Customer risk profiling and enhanced due diligence for high-risk customers: The above three assessments help determine whether a customer or a transaction is high, medium, or low risk. Once you know the high-risk customers, you must apply enhanced due diligence for extra care. Seek information on the source and destination of funds, check their legitimacy, and double-check beneficial owners. Do not form a business relationship or conduct the transaction if it is doubtful.

Thus, all these steps of customer due diligence ensure you are in a better AML compliance position. You know your customers and their risk profiles so that you can decide accordingly. Such risk assessment allows you to take a risk-based approach to AML compliance.

No plan in place to Know Your Counterparty VASP

A virtual asset service provider sells, holds, exchanges, converts, safe-keeps, or transfers virtual assets on behalf of other legal or natural persons. So, in such virtual assets activities, more than one VASP is involved, and thus, such counterparty VASP may also pose a certain degree of risk, influencing the transaction. So, knowing your counterparty VASP is crucial for any virtual asset service provider.

http://13.233.15.5/a-guide-on-mistakes-to-avoid-in-aml-compliance-for-vasps/

Failing to do this is a crucial mistake to avoid in AML compliance for VASPs. So, you must make it a practice to check and know your VASP before engaging in a transaction. You can check the importance of this requirement on our blog: FATF Travel Rule and Know Your Corresponding VASPs.

Like customer profiling, check your counterparty VASP’s beneficial ownership. Make it a practice to check their compliance with the AML regulations. All these details will give you a better view of how legitimate or illegitimate their business is and what sort of risk it can bring to the virtual asset transaction.

Lack of AML training for employees

You must be aware of the applicable AML regulatory landscape. Besides, everyone in your team handling customers, transactions, or any other AML compliance procedure must learn about the process, including the senior management. All this knowledge enables the adequate performance of your business responsibilities while considering the AML measures and compliance obligations.

So, you must design a comprehensive AML training program for your employees. Include theoretical and practical training to facilitate a better understanding of procedures. Provide practical examples of cases with relevant live training on CDD, transaction monitoring, and sanction screening. It makes the conceptual clarity better and more accurate.

If not internally, you can hire an external AML consultant for imparting training. Partner with someone with expertise and experience in training different industries. Missing such training is a big mistake to avoid in AML compliance for VASPs.

Inability to find the right balance between user privacy and AML compliance requirements

The design and delivery of virtual assets is such that you can ensure anonymity. However, AML compliance requires you to gather all details on your customers. So, a proper balance between the two is essential. This is a big AML compliance challenge that VASP must avoid.

Virtual asset transactions sometimes enable the concealment of true identities. Some cryptocurrencies, like privacy coins, enhance anonymity and privacy.

This is in contrast to the AML requirements that VASPs must adhere to. You must get the customers’ identity and other details to fulfil the needs of KYC and CDD under AML. So, you need to find a balance between this anonymity and AML requirements.

Insufficient and incomplete records and reports

Another mistake to avoid in AML compliance for VASPs is insufficient recording and reporting. If you don’t keep records, it would be treated as non-compliance with record-keeping requirements, and also, you won’t have evidence to prove your regulatory compliance. Also, you’ll be unable to submit reports to authorities without such records. So, pay close attention to maintaining records and submitting reports to authorities.

Maintain records of KYC, CDD, customer screening, EDD, KYT, transactions executed, etc. Also, create and save records of transaction monitoring and suspicious transactions identified. These records must be up-to-date, comprehensive, and accurate. Authorities might ask for them during audits and investigations.

Another need is to create comprehensive reports of your AML measures and submit them to the necessary authorities. One mandatory provision is submitting a report on suspicious transactions and activities. Forgetting to do so leads to non-compliance and penalties. So, comply with the reporting and recording requirements of AML compliance in UAE.

You must be aware of and avoid these common mistakes in AML compliance for VASPs. By avoiding them, you make your AML compliance practices effective.

AML UAE – your partner for professional AML consulting services

AML UAE is one of the leading providers of AML consulting services to the VASPs operating in the UAE. We help clients face AML compliance requirements with complete preparations. You can find help with:

For any help in AML compliance, you’ll have the support of AML UAE.

Lacking AML compliance strategies?

Get in touch with us for AML services.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Best Practices and Tools for ID Verification

Best Practices and Tools for ID Verification: eBook

Home Author Archives: Pathik Shah

Best Practices and Tools for ID Verification: eBook

Identity Verification is the process of confirming the prospect’s claimed identity by cross-referencing the given information with official government-issued documents such as an Emirates ID in the UAE, an Aadhaar Card in India, and similar nation-specific documents.

It is an important step of the Customer Due Diligence (CDD) Process as it ensures that the presented identity is authentic. ID Verification has become a routine requirement across various sectors. Some examples are:

Keeping the cruciality of identity verification into consideration, we created this guide that aims to cover everything you need to perform robust ID verification. By going through this guide, you’ll learn about:

  • Common methods of ID Verification
  • The Identity Verification Process
  • Necessity of ID Verification
  • Necessary Features of ID Verification Software
  • Online ID Verification Service
  • Traditional Identity Verification vs. Digital ID Verification API
  • Technology to Maximize the Effectiveness of Identity Verification
  • Choosing the Right ID Verification API
  • Red Flags Associated with Digital Identity Verification
  • Challenges and Risks Associated with Identity Verification
  • Best Practices for Identity Verification
  • ID Verification and Customer Experience
  • Future Trends in ID Verification

Overall, this guide will help you implement robust identity verification in your CDD process and make your AML/CFT compliance program more efficient. 

Download Best Practices and Tools for ID Verification: eBook

Related Infographics

Related Videos

Related Laws, Guidelines, Rules, and Regulations:

Related Articles

Related eBooks:

Related Templates:

Our timely and accurate AML consulting services

For your smooth journey towards your goals

Contact Us Now

Share via :

Share via :

A Guide to Sanction and PEP Screening in Customer Onboarding Process

A-Guide-to-Sanction-and-PEP-Screening-in-Customer-Onboarding-Process feature image

A guide to sanction and PEP screening in customer onboarding process

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now
a guide to pep image

A guide to sanction and PEP screening in customer onboarding process

Sanctions are basically the penalties imposed on institutions or organizations that fail to comply with laws and regulations. Government or global organizations usually apply a sanction decision to other individuals or states. A sanction check is taken in order to prevent transactions with persons prohibited from certain activities and transactions.

There could be various reasons behind sanctions. However, the primary reasons behind sanctions could be economic or political disputes. Economic and political conflicts between two or more countries lead to
sanctions against each other.

In this article, we will discuss the importance of sanctions and PEP screening during the customer onboarding process.

PEP and PEP Screening under UAE AML Regulations pre

What are the various types of sanctions?

There are undoubtedly many types of sanctions. The sanctions are based on different reasons. The reasons and various kinds of sanctions are significant for business enterprises.

1- Economic Sanctions

Economic sanctions are basically a foreign policy instrument between war and diplomacy. There are three main objectives of economic sanctions.
  • Undermining the target country
  • Punish the target country
  • Change the behavior of the target company.

2- Military Sanctions

Some countries do not produce their own military equipment. Hence, the most common type of military sanctions is actually the prohibition of the sale of military equipment. With the help of this advantage, stronger states warn the weak states.

3- Diplomatic Sanctions

Diplomatic sanctions are the political measures taken in order to express dissatisfaction between two or more governments. A few of the political sanctions are the cancellation of senior government visits and the withdrawal of diplomatic persons from the target country.

Compliance. Trust. Transparancy

Customized and cost-effective AML compliance services
to support your business always

Contact Us Now

Sanctions on Individuals

Sanctions on individuals are nothing but the sanctions imposed on economic persons, political leaders, or any illegal identities. Organizations sanction terrorists or governments, money launderers, drug traffickers are the people who are more likely to perform any sort of illicit activities, resulting in blockage of bank accounts.

Many local and global regulators effectively control financial institutions. The sole purpose of these sanction checks is to combat financial crimes. Regulators need these financial institutions to know their customers. Therefore, regulators regularly publish new customer guidelines.

Sanctions on Individuals image

Sanction and politically exposed person screening - PEP screening in customer onboarding process

For financial institutions (FIs), and Designated Non-Financial Businesses and Professions, the customer onboarding process is quite tedious and challenging. As per the know your customer (KYC) requirements, enterprises have to make some checks in the process of onboarding the customers.

Know Your Customer-KYC Requirements under AML regulations in UAE Min

The purpose behind PEP screening is to identify the ability of the customers to pose any threat or risks. The accuracy of the information of the customer is verified at the first stage. Once the customer identification information is confirmed, the level of risk of that particular customer is also identified.

Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) procedures enable the FIs and DNFBPS to identify the overall risk level involved.

Enhanced Due Diligence measures under UAE AML Regulations

PEP Screening Process

During the PEP Screening process, the customer is screened against the global list of PEPs. The relatives and close associates (RCA) of a PEP are also screened. If there are positive matches, EDD is performed and depending upon the risk appetite of the management; customer onboarding is performed. 

Ongoing monitoring of PEPs is one of the most crucial aspects of PEP screening. PEP screening tools support ongoing monitoring and help comply with legal obligations.

Why is the sanction check and PEP check required for business companies?

Bribery, financing of terrorists, money laundering, and corruption are financial crimes that are considered highly hazardous all over the world. The majority of these financial crimes occur because of the loopholes in the law and economic systems.

Regulators try to prevent all of these financial crimes by thoroughly regulating the companies in the financial sector. Many anti-money laundering regulations have been published to serve this purpose individually.

In order to comply with these anti-money laundering regulations, financial institutions and DNFBPs should get involved in some sort of control process. Therefore, a sanction search and PEP screening are essential processes for financial institutions and DNFBPs to ensure AML compliance. PEP and Sanctions checks help businesses take a risk-based approach and determine if they want to onboard a customer or continue with a business relationship.

AML Compliance Requirements in UAE

Sanction and PEP screening in the process of transaction screening

PEP Screening

Quite a lot of transactions take place throughout the day in your financial systems. Therefore, as per the anti-money laundering regulations, financial institutions should monitor the financial operations of their clients. If the financial transactions are not monitored, severe financial crimes like money laundering and terrorist financing come into play.

However, manually monitoring all your financial transactions can be a cumbersome and time-consuming process. Hence, you can use automated
tools to carry out sanctions and PEP screening.

Compliance. Trust. Transparancy

Customized and cost-effective AML compliance services to
support your business always

Contact Us Now

Politically exposed person screening in the process of background check

The most essential thing for companies or business enterprises is their reputation. If any business enterprise loses its reputation, it directly loses its customers or clients.

Enterprises make internal controls regularly in order to avoid all of these risks. Pre-employment background checks, employment background checks, and company background checks are taken by the companies in
order to protect the reputation of the company.

PEPs screening is performed against the politically exposed person list on the employees in order to check for the possibility of any sort of risk for the company. 

Watchlist and PEP screening helps regulated entities implement necessary controls while onboarding high-risk customers.

How do business enterprises comply with anti-money laundering regulations?

Financial institutions (FIs) and DNFBPs have to apply PEP sanctions checks on their clients in order to comply with anti-money laundering regulations.

Financial institutions need sanction screening in order to protect the reputation of the company and not to violate any sanctions-related decisions. With the ever-evolving technology, manual sanction checks and PEP screening have lost all the points and have become merely a way of wasting time.

There are pretty many sanctions listed across the world, and enterprises can practically and logically not check them all manually.

Hence, the need and importance of anti-money laundering screening software come into the picture. This type of software automates the complete compliance process of the enterprises.

In addition to that, financial institutions and DNFBPs can quickly check their clients with the help of automated compliance software. This type of PEP and Sanctions check software scans the sanction lists and instantly intimates the positive matches.

PEP Screening Software: Enhancing Due Diligence and Regulatory Compliance

To comply with the UAE AML Regulations, it’s essential that regulated entities carry out screening before onboarding a customer.

There are PEP Screening Tools available in the market which maintain a global database of politically exposed persons. The database is refreshed every hour making sure you always have access to the latest list. PEP Screening Software also supports ongoing monitoring of PEPs and Relatives and Close Associates (RCA) of PEPs. PEP Screening solutions help you meet legal obligations, and take a risk-based approach while onboarding a customer or entering into a transaction with him and record-keeping requirements.

In order to identify individuals holding prominent public positions or persons associated with individuals, the implementation of Politically Exposed Persons Screening Software is a must. PEP Screening Software helps regulated entities to identify and mitigate risks associated with PEPs.

Politically Exposed Person Screening under UAE AML Regulations

AML compliance services

For FIs and DNFBPs, it is of utmost importance to apply sanctions and PEP screening mechanisms. AML UAE, with its team of professionals, provides expert advisory services in AML compliance. Get in touch with us to simplify your anti-money laundering compliance.

FAQs - A Guide to sanction and PEPs screening

Here are a few frequently asked questions About Sanction and PEP Screening

What is a PEP check?

AML PEP check means screening individuals against an already existing register of Politically Exposed Persons (PEPs) with their names, associates, and close family members.  

The PEP screening process is a part of the AML and KYC program of entities. It is a process by which companies can conduct due diligence on any individual or company with which it is entering into a business relationship to compare with the global lists of politically exposed persons. 

PEP means Politically Exposed Person. These are some high-profile roles, such as government leaders, politicians, military or judiciary officials, etc., who can be involved in money laundering or financial fraud activities because of their high-profile positions, which create prominent influence.  

Companies must collect information on their clients, such as their business name, registration details, geographical presence, beneficial owners, etc. You can match this information with the list of Politically Exposed Persons and identify if the client is a PEP or not.  

PEPs are of three types: 

  • Domestic: A high-profile person in the national government body 
  • Foreign: A high-profile person in a foreign government body, including foreign PEPs working in the domestic country.  
  • International: A high-profile person in an international organisation 

It is critical for organisations to know about the risks from customers or suppliers. For this, you need to collect information from them and verify it against the lists of PEPs or Sanctioned individuals. If they do not feature in the list, you can have a business relationship with them; if they feature,  you are supposed to carry out Enhanced Due Diligence (Obtain information about their source of funds), and with the management’s approval you can enter into business with them. 

PEPs can be any one of the following: 

  • Heads of countries or Government 
  • Senior politicians 
  • Officials holding senior positions in the Government 
  • Military or judiciary officials 
  • Officials of key political parties 
  • Senior executives from government companies 

Companies collect data on their customers, employees, and suppliers to check their names against the list of terrorists, PEPs, or Sanctions. This screening process helps to know your customers/clients better, serving as the best tool to avoid money laundering and terrorism financing activities.  

Pep screening means verifying an individual’s presence in the list of Politically Exposed Persons (PEPs) to identify them as high-risk customers.  

Sanction checks mean checking whether an individual or a company features in a list of sanction databases of governments to prohibit the possibility of money laundering or terrorist financing. 

Sanction list screening means verifying individuals and entities against the Sanction lists of countries to check if they are prohibited from carrying out certain activities.  

Customer screening to verify the data on customers against external data sources such as PEP list, Sanction list, Watch list, or adverse media to check their risks to the company.  

Here are a few best practices that you need to follow in order to ensure the efficacy and reliability of your sanction and PEP screening.

  • Integrate with a wide range of and high quality trusted data sources
  • Follow a risk-based approach
  • Conduct ongoing monitoring in the most effective and deliberate manner
  • Relying on best technological platforms
The answer to the above question is a legitimate NO. However, these can still be high-risk because of the nature and scope of their business. For example, they could be involved with terrorist financing, drug smuggling, and any other criminal activities. Hence proper customer due diligence (CDD) on beneficial ownership is needed based on their internal and risk- based approaches.
Global Sanctions are part of foreign policy, covering financial restrictions and prohibitions imposed by a country or groups of countries to ban another country, individuals/entities from doing business with them.
Politically Exposed Persons (PEPs) are natural persons involved in any prominent public function and have power or influence over the spending of government funds.
Through sanctions screening, the entities can avoid the risk of being vulnerable in the hands of money launderers or terrorists. At the same time, PEP screening aids in determining if the person is using the bad influence of their powers to exploit government funds and commit any financial crimes. Without adequate screening, the entities would be subject to non-compliance, exposed to financial crimes, and adversely impacted their reputation.
The following positions would be construed as a PEP:
– Head of Government
– Senior Politician
– Sr. Government Official
– Judicial/Military Official
– Sr. Executive of Government Corporation
– Sr. Official of Political Party
– Management of the international organization
Any family member and close business associates of the above would also be considered as an associated PEP.

Join the Fight against Financial Crimes!

Protect your business with reliable and effective
AML strategies with AML UAE.

Contact Us Now

Share via :

Add a comment

Related Blogs

STR/SAR Filing on goAML Portal
11/01/2024

STR/SAR Filing on goAML Portal: Common lapses and best practices

12 best practices for setting up an AML compliance
28/12/2023

12 best practices for setting up an AML compliance department

21/12/2023

Top 10 mistakes to avoid while appointing an independent AML auditor

About the Author

Linkedin-in

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

Adverse Media Screening Process

adverse Media Screening Process

Adverse Media Screening Process

adverse Media Screening Process
Download Adverse Media Screening Process

Conduct Negative News Research Using Search Engines

Adverse Media Screening is an important step in the customer due diligence process. It helps to provide additional information necessary to establish the prospect’s true identity and avoid onboarding the ones who are known to be involved in money laundering and other financial crimes.

Adverse media screening is all about researching; one needs to research whether there’s any negative news involving any fraud, scam or financial crime related to the prospect or existing customer. One can use information available from reliable and independent public sources for this purpose.

Conduct Negative News Research Using Search Engines

The first way to conduct the research is through multiple search engines, such as Google and Bing.

One needs to search for the name of the prospect or customer along with the word strings that contain all the relevant words necessary to confirm the existence of the negative media. Two such strings are:

  1. launder OR fraud OR bribe OR corrupt OR arrest OR blackmail OR breach OR convict OR court case OR embezzle OR extort OR felon OR fined OR guilty
  2. illegal OR imprisonment OR jail OR kickback OR litigate OR mafia OR murder OR prosecute OR terrorism OR theft OR unlawful OR verdict OR politic OR sanctions

For instance, if you want to conduct an adverse media check for a person named Mr. A, then you’ll do the following searches on the search engine:

  1. A launder OR fraud OR bribe OR corrupt OR arrest OR blackmail OR breach OR convict OR court case OR embezzle OR extort OR felon OR fined OR guilty
  2. A illegal OR imprisonment OR jail OR kickback OR litigate OR mafia OR murder OR prosecute OR terrorism OR theft OR unlawful OR verdict OR politic OR sanctions

By conducting these searches, employees gain results having any of these trigger words associated with a person having the same name.

Using Software for Adverse Media Research

You can also use software applications for conducting adverse media screening. While using software, you only need to put the name, and it will provide you with the adverse media details related to the person and associated sources. Then, one can check these details and conclude the customer’s identity and the involvement or connection with financial crimes.

Adverse Media Search Through Social Media

Another way is to conduct research through social media websites such as LinkedIn, Facebook, and Instagram. You can search the name of the person and verify the profile details based on the key identifiers of the customer and the social profile popped up. Then, check if the person is tagged in any negative posts. You can also check adverse hashtags and pages running against them, which gives rise to the suspicion that the person has committed fraud, scam, or a financial crime.

Actions on Adverse Media Check Outcomes

If you find a match while conducting adverse media screening, you must thoroughly evaluate the details and classify the customer as “high-risk,” considering all other risk assessment parameters and applying Enhanced Due Diligence measures.

In case of no match or false match, the business can onboard the customer and establish a business relationship. This onboarding decision does not solely depend on adverse media screening but takes into account the other identification details and the transactional parameters.

Related Posts

Need help with the Adverse Media Screening Process?

Get in touch with us now!

Contact us Now!

Know about AML Compliance

Blog-1

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now
Blog-1_3

Know about AML compliance

Money Laundering is a global concern, as it weakens the economy and targets its socio-economic structure. Criminals use modern technologies and new techniques to launder money. Criminals try to launder illicit money and transfer it to legal entities.

To combat them, governments create stringent AML laws and regulations. The AML laws provide guidelines to regulated entities, which help them detect and prevent the criminal activities. The law provisions require entities to remain compliant with their AML obligations, protecting them from money laundering risks and avoiding the non-compliance regulatory implications.

What is AML Compliance?

The AML compliance is aimed at countering money laundering activities and transactions and adhering to rules and regulations framed in UAE to ensure that. The regulated entities in UAE are required to register with the goAML portal and submit various regulatory reports, including SAR, STR, PNMR, CNMR, DPMSR, REAR, RFI, RFIT, AIF, AIFT, HRC, and HARCA.

Get high-quality personalised AML consulting
services to stay AML compliant.

Share your concerns with us.

Contact Us Now

AML regulatory landscape in the UAE

The AML regulatory system

UAE has passed several AML laws that regulated entities must follow to fight money laundering activities. Different Supervisory authorities are identified to lay down the detailed guidelines for the regulated entities to effectively manage the risk of money laundering and terrorism financing and oversee the regulated entities’ compliance with these regulations and guidelines.

It is mandatory for Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs) and Virtual Asset Service Providers (VASPS) to register on the goAML Portal launched by the Financial Intelligence Unit (FIU) of the UAE. This platform facilitates cooperation between entities and authorities in the fight against such crimes, allowing regulated organizations to report suspicious transactions on this platform and work towards preventing such crimes in UAE.

AML Laws

The foundation of the UAE AML/ CFT regulations is the Federal Decree by Law No. (10) of 2025 Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing.

To effectively implement this Federal Law, the implementing regulations have been issued vide Cabinet Resolution No. (134) of 2025 Concerning the Executive Regulations of Federal Decree-Law No. (10) of 2025 Concerning Combating Money Laundering, Terrorist Financing, and the Financing of the Proliferation of Weapons.

Along with these critical regulations, the regulated organizations must follow the below-mentioned regulations and guidelines to ensure 100% compliance with AML regulatory requirements and effectively mitigate the ML/FT risks.

  • Cabinet Decision No (58) of 2020 Regulating the Beneficial Owner Procedures.
  • Cabinet Resolution No (74) of 2020 regarding the Terrorism Lists Regulation and Implementation of UN Security Council Resolutions on the Suppression and Combatting of Terrorism, Terrorist Financing, Countering the Proliferation of Weapons of Mass Destruction and its Financing, and Relevant Resolutions.
  • Compliance and Risk Management Rulebook issued by the Virtual Asset Regulatory Authority (VARA) of Dubai.
  • Many other sector-specific guidelines issued by the supervisory authorities (Central Bank of UAE, ADGM’s Financial Service Regulatory Authority, DIFC’s Dubai Financial Services Authority, Ministry of Economy, Ministry of Justice, UAE’s Securities & Commodities Authority, etc.) help the regulated entities better conduct their activities in compliance with these laws.

AML Compliance Requirements in UAE

AML Compliance Requirements

Critical AML requirements

STRs/SARs

The Federal Law stipulates that the regulated entities must develop and implement necessary controls and measures to identify and detect any suspicious transactions and report them immediately to the Financial Intelligence Unit of the UAE. FIU receives all the reports for suspicious financial activities, investigates transactions and economic activities involved in money laundering, financing of terrorism, and other criminal activities and disseminate the information to the concerned authority to take action.

1st blog

The report on suspicious activity or transaction must be reported without delay once the entity has determined that the customer’s activity is suspicious, involving money laundering or terrorism financing. The regulated entities must perform their internal investigation before reporting it to the FIU.

STR submission with UAE goAML Portal

The law requires all regulated entities to file a Suspicious Activity Report or Suspicious Transaction Report with the FIU through the goAML portal.

To identify and report suspicious transactions, the regulated entities must have the necessary AML framework – policies, procedures, and controls. The following are the key elements of an AML compliance framework:

KYC and CDD

KYC and CDD Services

KYC (Know Your Customer) and CDD (Customer Due Diligence) are integral to the AML/ CFT program. These measures alert and prevent organisations from associating with the wrong business entity suspected of being involved in money laundering or terrorism financing. These measures help you identify your customers and confirm their identities. You must screen your customers – entities or individuals – to identify if they are sanctioned or associated with terrorist activities or their status as a Politically Exposed Person (PEP) or to look for any negative news about such persons linked with financial crimes.

All financial institutions, DNFBPs and VASPs must follow the KYC and CDD process. The CDD process is a mandatory AML/ CFT element identifying suspicious financial transactions. It helps you collate complete information about the customers’ details required for the onboarding process.

The customer data includes the name, address, contact numbers, alternative contact numbers, legit email addresses, place of birth, date of birth, nationality, etc. These details are necessary for all individual customers and business entities.

Data needed for CDD includes:

  • Name and type of the business entity
  • Nature of business
  • Date and place of establishment
  • Certificate of incorporation
  • Information about the board of directors
  • Information about shareholders and UBOs
  • Annual reports
  • Location of the business
  • And many more

After collecting and verifying customer data, you must create a risk profile (as High, Medium or Low) for every customer to understand the level of risk it poses to the company’s business operations.

KYC - Know Your Customer

Ongoing Monitoring

Once the business relationship has been established, and transactions are executed with the customers, the regulated entities must regularly monitor the transactions to ensure no inconsistency between the transactional pattern or customer behaviour and the Customer Due Diligence profile. Monitoring the customer’s activities will help you promptly identify suspicious behaviour and report it to the FIU.

AML Compliance – an obligation

Money laundering crimes are rampant in the business market, so AML compliance must be a priority. It is crucial to stay up-to-date with the new rules and regulations to avoid the risk of non-compliance. Outsourcing AML compliance services are being looked at as a great option to be AML compliant.

AMLUAE is an AML services provider with a comprehensive range of services to help businesses stay AML compliant. Our AML compliance services include the following:

  • AML Business Risk Assessment
  • AML/CFT Policy, Controls, and Procedures Documentation
  • In-house compliance department set up
  • AML Training
  • AML software selection
  • AML/CFT Health Check
  • Regulatory Reporting
  • Managed KYC and CDD services
  • Annual AML/CFT Risk Assessment Report

FAQs

What Is AML compliance? 

AML compliance is the process of complying with the country’s rules, regulations, and policies specific to AML to eliminate any chances of money laundering. This includes conducting KYC, risk assessments, identifying suspicious transactions, implementing internal processes, and setting up a compliance team.  

The AML Compliance Officer of a company is responsible for achieving compliance of the company with several AML/CFT-specific regulations, laws, and rules.  

Get high-quality personalised AML consulting
services to stay AML compliant.

Share your concerns with us.

Contact Us Now

Add a comment

Related Blogs

STR/SAR Filing on goAML Portal
11/01/2024

STR/SAR Filing on goAML Portal: Common lapses and best practices

12 best practices for setting up an AML compliance
28/12/2023

12 best practices for setting up an AML compliance department

21/12/2023

Top 10 mistakes to avoid while appointing an independent AML auditor

Share via :

About the Author

Linkedin-in

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

Customer Lifecycle Management and AML Compliance in the Digital World

Customer Lifecycle Management and AML Compliance in the Digital World

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Customer Lifecycle Management and AML Compliance in the Digital World

Customer lifecycle management(CLM) has become automated, quick, and efficient in the digital world. This risk assessment environment is different from the traditional scenarios, which were characteristic of a tedious manual process working in isolation and targeting specific functions and limited to particular businesses.

Key factors for Customer Risk Assessment under AML regulations

However, regulated entities had to forego this approach and adopt an aggressive risk management approach with acceleration in the digital world and adoption of the digital KYC mechanism.  

Customer lifecycle in the digital age has witnessed a rapid transformation. As mentioned earlier, customer lifecycle processes were siloed, labour intensive, needless to say, time-consuming, and prone to errors. The focus is on digital lifecycle management, which connects disparate systems and provides a unified solution to verify customer identity efficiently. CDD – Customer Due Diligence is the primary function that needs to be performed by Financial institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Assets Service Providers (VASPs). 

Traditional approaches need to be shunned in an evolved digital marketplace 

The traditional customer verification method involved an actual visit to the branch where employees would verify the hard copies of the documents. This process is becoming redundant as mobile transactions have increased drastically. Every process is completed online such as opening bank accounts, getting a loan, creating a fixed deposit, and transferring money. The customer’s verification process has too shifted online, where branch visits are not necessarily required. In a changing business landscape and evolving customer preferences, they need instant gratification, and branch visits are becoming a thing of the past. It has been estimated that the branch visit will be drastically reduced by 36%, and there will be more than a 120% increase in mobile transactions.  

Digital KYC and CDD processes will take center stage. It is estimated that by 2022, 60% of the world economy will be digitised. Such unprecedented growth requires robust measures for customer identification and verification. New digital ID systems are being extensively used to mitigate the risks arising in the evolving digitised world. It is necessary to understand how digital ID systems work and help businesses identify any fraudulent financial activity in the garb of legitimate transactions.

Customer Lifecycle Management and AML Compliance in the Digital World

Digital ID systems have a few basic components- 

Basic components for Digital ID systems

Digital KYC information collection

The deduplication process is carried out, which is a part of identity proofing. It involves collecting attributes and the evidence for the same and features about a single unique identity. The applicants’ details, such as name, age, and gender are checked, and biometrics include fingerprints, iris scans, and facial recognition images. These, along with the government-issued IDs, are verified with the information in the database. With digital verification on the rise, the documents are stored in electronic forms in databases which can be referred to as and when required. It enables to obtain the identity evidence and verification remotely.

Validation 

This step verifies if the digital KYC evidence submitted is genuine and accurate. The evidence is validated by checking the information submitted against reliable sources and matching the information in the independent databases/ sources.  

Verification 

This step involves confirmation that the validated identity is real and the person is the same who has been identity proofed.  

Authentication 

Authentication ensures that the person seeking online/ offline account access is the same person who has been identified and verified earlier. The digital identification process is done when people need access to online activities such as accessing net banking, transferring money online via app, and seeking authorisation to complete the process. Authentication is also required when someone asks for in-person interaction to access the account or conduct other financial activity.  

The best part about digital identity verification is that banks and financial institutions do not rely solely on the authenticators/ credentials issued at the time of onboarding in such scenarios. Obviously, at the time of onboarding, after all the KYC, CDD, and EDD processes are completed, the person will possess the credentials issued to them. Still, digital verification also depends on continuous authentication. They rely on data points collected during the online session, such as the IP address, geolocation, etc.

What is CDD?

The CDD process helps reporting entities to combat money laundering and other financial frauds and prevent the financing of terrorism. The process includes collecting customer information and monitoring it throughout the business relationship.   

Know Your Customer-KYC Requirements under AML regulations in UAE Min
  • Individual Customer Information: It collects customer information and verifies that the information submitted is accurate and that no false information has been submitted. The customer’s name, address, contact details, photo, occupation, unique ID number, and tax identification number is verified.  
  • Business information: It includes the name of the business, the type, and nature of the company, ultimate beneficial owners, source of funds, etc.  
  • Risk Assessment: After the verification process is completed, the customers are categorised as low, medium, or high-risk customers. This categorisation is done after considering different factors such as the customer’s identity, location, nature of the business, and identifying PEPs and UBOs. High-risk customers require enhanced due diligence compared to the low or medium-risk profiles. The risk assessment process provides clarity on the due diligence process that needs to be followed to follow the AML compliance process correctly.  
  • Continuous Monitoring: The ongoing monitoring keeps a tab on the customers’ transaction patterns and changes in customer profiles and identifies unusual transactions.  

The CDD process becomes automated and more reliable in a digital landscape with emerging technologies such as Artificial Intelligence and Machine Learning. The introduction of biometrics has also made a massive difference in accuracy levels in identifying customers and has streamlined the process.  

AML Compliance in the Digital World

How is the customer lifecycle managed with greater efficiency with tech? 

Regulatory compliance and serving customers with excellence have kept businesses on their toes as they need to fulfill both purposes with equal efficiency. They need to follow the AML rules and regulations and meet the evolving customers’ expectations. So, they choose to rely on AML software to instantly identify suspicious activities, which provides timely notifications that alert them in case of any fraudulent/ unusual transaction. 

New and emerging technologies are being used in the customer lifecycle management landscape, often referred to as RegTech. They have been in use for a while and focus on solving only a part of the more significant compliance problem rather than serving as a complete solution that can take over the compliance issues and risk assessment scenario and reduce the false positives. However, with better technology and the emergence of advanced AML software, financial institutions have solved compliance issues and safeguarded their reputation from being maligned by unknown risks. It is vital to adopt a risk-based approach as money launderers find innovative ways to launder their illicit money.

AML Compliance Requirements in UAE

AML Compliance in the Digital world 

Digital acceleration has changed the course of AML compliance for businesses as they need to brace themselves up to fight financial fraud and provide customers with the best experiences. Digital payments have witnessed exponential growth. So there is increased pressure on the regulated entities to overhaul their client Lifecycle management process.   

Financial and other regulated entities have to mandatory follow the AML compliance requirements. They have to follow the KYC diligently- Know Your Customer, CDD- Customer Due Diligence, and the EDD- Enhanced Due Diligence collect, verify and continuously monitor customer identity, evaluate risk profile and keep themselves AML compliant. Apart from following the AML rules and regulations, financial institutions must focus on enhancing customer experience.

FATF guidelines on Digital ID

The FATF regularly provides guidelines for AML compliance. It is advisable to follow the procedures as it helps reporting entities brace themselves against challenges in a digitally enhanced landscape. Client verification remotely has become a prominent trend in the recent past, especially during pandemic times.  

  • Verify the customer’s identity  
  • Understand and verify the type and nature of the business relationship 
  • Continuous monitoring. 

Where deemed necessary, the reporting entities should perform background checks for criminal records and politically exposed persons and determine the customers’ citizenship. These verification processes depend on the risk profile of the customers or the risk posed by the business transaction.  

Digital KYC- Customer Lifecycle Management and KYC

Digital KYC is an online process that involves video-based KYC. It is a must to have an audio-video-enabled device.   

The reporting entity will remind the person of the online appointment for the KYC process. The customer must ensure that all the required documents are furnished for the KYC process. The institution will send a video link via message or email. The customer, with the help of an interactive online application, completes his Digital KYC. In this process, the application will capture the live video/photo and the documents to complete the verification process. It will ask for age, address, occupation, nature, type of business, political association, etc. That will be verified with the documents submitted for verification.   

Why is AML Training Important?  

Designing a comprehensive AML Training Program

Employees need to be acquainted with updated knowledge on the software and methods with which they can identify fraudulent transactions and prevent financial frauds such as money laundering. It is not easy to spot fraudulent transactions such as layering, and so the employees need to be provided with technology that can aid them in strict transaction monitoring.  

So, what is the solution for the increased risks in identifying the AML risks? 

Digitalization has urged financial organisation to improve their customer identification programs and sync with the evolved customer identification requirements. The digital AML process is automated at every step of the customer verification, right from the customer onboarding process, customer due diligence, risk assessment m identification of UBOs, PEPs, and Enhanced due diligence process- the entire spectrum of the customer verification process.  

When digital channels have become a passage for money laundering and financial fraud, it is better to be equipped with advanced technology—emerging technologies such as AI and ML. AML software has built-in technologies that help identify financial scams and reduce false positives. The software helps combat money laundering and empowers financial institutions and other regulated entities to improve AML detection and thwart risks in a digitally accelerated world.  

Benefits of the AML Software 

The AML software is a crucial element in the AML compliance strategy. It efficiently collects the customer information- KYC, CDD, and EDD which are the foundation of an efficient AML compliance program. The software stores the data with customer identity verification processes such as KYC- Know Your Customer, CDD- Customer Due Diligence, and EDD- Enhanced Due Diligence. It efficiently verifies the customers’ identity and makes the financial institutions and other regulated entities aware of any fraudulent identity or transaction.  

It evaluates the risk of being associated with a customer/ entity. So, the institution can follow appropriate measures while establishing a business relationship and continuously monitor the customer lifecycle. Moreover, the software scans the customers against a sanction list and identifies potential risks. Financial Institutions can extract more information about PEPs- Politically Exposed Persons and the UBOs- Ultimate Beneficial Owners and correctly evaluate the risk of establishing and maintaining customer relationships.  

AML UAE – A forerunner in helping organisations in being AML Compliant

AML UAE is a leading and highly reliable AML consultant operating in the UAE and serving thousands of businesses to keep pace with the fast-evolving digital world and improve their customer identification process. It offers an array of services, including AML software selection. For further information, feel free to contact us. 

Our Timely and Accurate AML consulting Services

For your smooth journey towards your goals

Contact Us Now

Add a comment

Related Blogs

STR/SAR Filing on goAML Portal
11/01/2024

STR/SAR Filing on goAML Portal: Common lapses and best practices

12 best practices for setting up an AML compliance
28/12/2023

12 best practices for setting up an AML compliance department

21/12/2023

Top 10 mistakes to avoid while appointing an independent AML auditor

Share via :

About the Author

Linkedin-in

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

AML compliance best practices for real estate agents in UAE

AML compliance best practices for real estate agents in UAE

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

AML compliance best practices for real estate agents in UAE

The nature of the real estate business makes it vulnerable to money laundering risks. So, UAE includes real estate agents and brokers in the list of DNFBPs that must follow AML regulations. To adhere to these laws, you must follow the AML compliance best practices for real estate professionals.

These best practices for real estate agents in UAE align business with Anti-Money Laundering and Countering Financing of Terrorism obligations. So, make them a part of your routine operations and remain compliant with the requirements of law.

Detect and deter money laundering in the real estate sector with our expert AML compliance services.

Take action now!

Contact Us Now

Red flags of money laundering for real estate entities

The aspects of the real estate business that make it vulnerable to money laundering are:

  • Rapid buying and selling of property at significantly lower or higher prices than the market rates.
  • Artificial inflation of property values via property flipping schemes. It facilitates the laundering of money through several transactions.
  • Large cash transactions with no specific reasons or obvious explanation.
  • Transactions involving foreigners or non-residents from sanctioned, high-risk, or weak AML-regime countries.
  • Concealing the property ownership using complex ownership structures or shell companies.
  • The client focuses on transaction completion instead of property characteristics like location or neighbourhood.
  • Movement of illicit money through cross-border real estate transactions.
  • A good number of transactions with a single client in a short time with no obvious purpose.
  • Client’s unusual requests before transactions
  • Client not following standard procedures to avoid data points that can call for more scrutiny.
  • Client’s refusal to submit identity documents or financial records per due diligence requirements.
  • The property buyer is in an illegal business.
  • Client engaging in repeated transactions valuing less than the threshold limit to avoid reporting and revealing the transactional details.
  • Involvement of several parties through complex financing arrangements to hide funds’ sourcing.
  • No match of the property’s location with that of the buyer or seller.
  • Disguising the source of funds using unconventional payment methods like cryptocurrencies or third-party cheques.
  • Hiding the true identity of beneficial owners through front persons acting on someone else’s behalf.
  • Client’s inconsistent financial status or history, like sudden changes in income, finances, or employment.
  • Inconsistency of client’s wealth with their financial history or source of income.
  • Hiding the property’s beneficial ownership by providing misleading information like parties involved in the transaction.
  • A transaction involving a person or entity in a foreign country of proliferation concern.

AML compliance best practices for real estate brokers

Note these warning signs for real estate businesses discussed in the previous section. Save yourself from such indicators in customers and transactions. Apply the following best practices for real estate businesses to achieve AML compliance:

Conduct Enterprise-Wide Risk Assessment (EWRA)

The real estate brokers and agents must carry out the Enterprise-Wide Risk Assessment to identify, assess, and mitigate ML, TF, and PF risks. The EWRA helps identify risk factors, their likelihood of materializing, the gross risk, controls deployed to counter ML, TF, and PF risks, and the residual risk.

If the residual risk is within the risk appetite of the real estate broker or agent, no further action is needed. If the residual risk exceeds the risk appetite, more controls must be placed to keep the risks in check.

One must be aware of the risks to the business. Be it from customers, transactions, or property locations, one must assess each risk. The risk environment in which one operates is critical to understand.

Comprehension of business risks guides you on preventive actions to apply. For example, if you find a customer suspicious, you can collect more details on their identity. In the case of a suspected transaction, you can report it to the authorities. All these actions are possible only if you understand the possible risk indicators for your real estate business.

Check out our video on Business Risk Assessment/EWRA.

Implement an AML/CFT Compliance Program

Real estate businesses must design and implement AML/CFT and PF policies and procedures to guide the employees in carrying out their day-to-day compliance work. The AML/CFT compliance program must be aligned with the EWRA to counter various risks. The top management must sign the AML compliance program, and a complete trail of updates must be maintained.

Check out the infographics.

Perform KYC and CDD checks

Knowing your customers is essential. You must know their identities specifically before onboarding. Knowing your customers during the business relationship is a best practice for real estate entities in AML checks.

You must conduct KYC before onboarding them as customers. Collect their identity details and documents and verify those. Also, collect proof of the entity’s registration, office address, and finances. Only after all these verifications must you onboard them.

Such customer investigation mustn’t stop during the business relationship. You must conduct thorough due diligence to identify every client’s risks. Beneficial ownership, source of funds, presence in other countries, and type of product/service are vital factors to collect information on. You must also screen them against sanctions, terrorist lists, watchlists, and adverse media.

All these examinations help you build a customer risk profile. You must adjust your due diligence measures based on each customer’s risk level.

Be aware of the local property market

Be it real estate companies, professionals, or agents, it is crucial to know your industry. You must know the market norms to identify the what and who of an illicit transaction or business. The normalcies of the property market help you differentiate the abnormalities. So, awareness of the property market values is an AML compliance best practice for real estate professionals.

Such knowledge helps you identify suspicious transactions. You can detect when a transaction is out of the norm or shows an unusual pattern. So, increase awareness of the local property market for easier and faster reporting.

Develop a compliance culture

As a real estate business owner, you cannot comply with AML laws alone. You need the support of your management, employees, and other stakeholders. So, the entire entity’s recognition of the significance of AML is crucial. Develop a compliance culture within the company to tackle ML/TF and PF.

Emphasise the importance of AML compliance for avoiding penalties and reputational harm. Educate them on how AML compliance creates a transparent and secure market. Train them in the fundamental processes and procedures of the AML framework. Give them all the necessary information on the following:

AML compliance best practices for real estate agents in UAE

Recognising the worth of AML compliance for your business helps build an AML culture. Employees understand that they must contribute to executing AML policies and procedures. They commit to performing their AML responsibilities to prevent money laundering activities. This is how you can create a culture of compliance in your entity. Also, the senior management must focus on AML compliance and be proactive in its efforts.

Perform transaction monitoring

An AML compliance best practice for real estate professionals is continuous transaction monitoring. You already know the warning signs of money laundering in real estate transactions. To detect them at the right time, you must scrutinise them at regular intervals. If suspicious, you can stop those transactions and report them to authorities.

For this, you can install transaction monitoring software. You can set the red flags in transactions as rules. The system will generate alerts if it identifies any of these red flags. Report any occurrence of unusual patterns or discrepancies to higher authorities. Based on the suspicions, you can investigate further and decide further action.

Create and maintain records and reports

UAE regulations require you to maintain AML documents and records for a specific period. These are essential during audits or when asked by supervisory authorities. So, maintaining proper records is an AML compliance best practice for real estate professionals.

These records serve as a guide for your future AML policies. Also, you need them as proof of your AML compliance initiatives in the entity. You will need to show them to authorities during external audits. Moreover, supervisory authorities may ask for documents as evidence against customers or transactions. So, you must be ready with proper record-keeping.

AML regulatory requirements ask you to submit reports like STR, SAR, CNMR, PNMR, HRC, and HRCA. Besides, as a real estate entity, you must also submit a Real Estate Activity Report (REAR) if you are dealing in cash or crypto.

Know your employees

Knowing your customers and transactions is critical. But you also need to know your employees, which most entities ignore. An AML compliance best practice for real estate professionals is knowing your employees. You never know; they might be dealing with criminals to launder money through your business transactions. It would be best if you prevented such interventions.

The best practice for real estate is AML checks of employees. Check their background and employment history. Investigate their family to identify any association with money launderers. Observe their behaviour to determine involvement in suspected illicit activities or illegal linkages.

Independent audit of AML efforts

You perform all these AML activities to follow UAE regulations. You create an AML framework with each process’s necessary policies and controls. So, it’s also critical to see how this AML framework functions. If it can achieve AML goals or you are still non-compliant.

For this, you must audit your AML efforts. The audit shall cover your AML/CFT program, procedures, records, controls, and various quantitative and qualitative aspects concerning the AML/CFT obligations. Appraisal of the AML framework is a best practice for real estate AML checks. Identify the weaknesses. Check what is working and what is not. Track the submissions to authorities.

Once you know the weaknesses, you can improve upon them. You can implement corrective actions to improve the effectiveness of your AML compliance. So, regular assessment of the AML framework is an AML compliance best practice for real estate professionals.

Collaborate with authorities and industry players

One best practice for real estate AML checks is collaboration with regulatory authorities. Such collaboration facilitates information sharing. You can contribute to authorities’ investigations by providing timely reports. These show your commitment to preventing money laundering in the real estate industry.

Such collaboration helps you stay up-to-date on regulatory changes and updates to laws. With regular tracking of these amendments, you can adjust your internal controls. Also, you get to know about emerging risks and industry-specific guidelines.

Interactions with other real estate entities and professionals also help you know the best practices. You can learn about the industry-specific red flags to spot and avoid. Participation in industry conferences helps you with information on AML trends. Thus, collaboration with industry players, regulatory authorities, and legal professionals is beneficial.

Implement a governance framework

Implement a governance framework and establish clear authorities and responsibilities around AML compliance. Lay down detailed guidance on who does what and the procedures to make changes to the AML/CFT program.

There are eleven AML compliance best practices for real estate businesses. You must adopt them in your business to streamline your AML compliance. These best practices for real estate in AML checks empower you to prevent financial crimes. If you need support in AML compliance, we at AMLUAE are here to make your journey smoother.

AMLUAE – your partner for professional AML consulting services

AML UAE is a well-known provider of AML compliance services to clients in different industries. We have been helping clients frame AML policies, procedures, and controls. We handhold you through the execution of these procedures. We create a culture of AML compliance in your entity to ease compliance with all regulations.

Our offerings on AML compliance for real estate professionals include the following:

  • Performing KYC and CDD
  • Monitoring transactions to detect suspicious ones
  • Imparting training to employees
  • Creating a customised AML framework
  • Executing AML policies, procedures, and controls
  • Finding the right AML software for your business
  • Business risk assessment
  • Health Check
  • Submitting STRs, SARs, and other relevant reports
  • Creating and maintaining documentation and records

Worried about money laundering threats to your
real estate business?

Adopt our AML compliance best practices for real estate professionals.

Contact Us Now

Share via :

About the Author

Linkedin-in

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

Mastering Risk-Based Approach: 7 Deficiencies to conquer

Mastering Risk-Based Approach: 7 Deficiencies to conquer

Download Top 7 Deficiencies around the adoption of a Risk-Based Approach (RBA)

The Enterprise-Wide adoption of a Risk-Based Approach is essential in countering Money Laundering (ML) and Terrorist Financing (TF) risks. The regulated entities in the UAE must adopt a Risk-Based Approach and design their AML/CFT program and controls commensurate with the risks the entity is exposed to. If the entity operates in a high-risk environment, it should have more controls to manage the overall risks and keep them within its risk appetite. Here is the article ‘Mastering Risk-Based Approach: 7 Deficiencies to Conquer’ to help you counter financial crimes effectively:

Top 7 Deficiencies around the adoption of a Risk-Based Approach (RBA)

1. Undocumented RBA methodology

The regulated entities are required to document the RBA methodology adopted by the company. Some companies fail to document or adequately describe the overall RBA methodology.

2. Lack of application of the RBA

The entities must adopt the RBA and apply it uniformly across the company. Some entities fail to adopt it and deploy controls commensurate with the nature, size, and complexity of business, client relationships, geographies, delivery channels, and products and services.

3. Undocumented Risk Appetite

Sometimes, risk appetite is not formally defined, documented, or communicated to the concerned team; hence, no uniform approach is taken to mitigate the risks.

4. Deficiencies around Enterprise-Wide Risk Assessment (EWRA)

Some entities fail to carry out the Enterprise-Wide Risk Assessment (EWRA) and identify the risks they are exposed to, the likelihood of a risk materialising, controls deployed, and the residual risks associated with the company.

5. Failure to review EWRA

The EWRA is not a static exercise. The date of the review and its timing must be recorded, and the next EWRA review date must also be documented. The EWRA must be reviewed at least every year. If there are reasons to believe that the risks associated with the company have changed, it needs to be performed even earlier. Most entities fail to realise this and do not review their gross and residual risks, and hence fail to deploy appropriate controls to mitigate such risks.

6. Deficiencies around Customer Risk Assessment (CRA)

Some entities fail to understand the importance of customer risk assessment, and they do not identify the risks associated with a customer and hence fail to apply proper risk mitigation measures.

7. Missing authorisation from the top management

Top management authorisation is necessary in high-risk situations while onboarding the client or conducting the transaction. Some of the entities fail to meet this requirement.

Related Posts

Top 5 common deficiencies around KYC and CDD measures

Top 5 common deficiencies around KYC and CDD measures

Top 5 common deficiencies around KYC and CDD measures

Top 5 common deficiencies around KYC and CDD measures
Download Top 5 common deficiencies around KYC and CDD measures

Customer Due Diligence and Know Your Customer measures are essential to counter money laundering and terrorist financing threats. The UAE AML Laws and Regulations require regulated entities, including FIs, DNFBPs, and VASPs, to take adequate measures for conducting CDD and KYC. Often, the KYC and CDD measures employed by the regulated entities fall short of the legal requirements. This infographic highlights common deficiencies around the CDD and KYC requirements.

The regulated entities must take adequate measures to comply with the requirements of the law and, more importantly, counter financial crimes by adopting adequate KYC and CDD measures.

Shortcomings around KYC and CDD measures

1. Absence of defined KYC and CDD procedures

It has been found that some of the regulated entities do not have defined procedures for carrying out Customer Due Diligence and Know Your Customer requirements. It is essential that clear roles and responsibilities and operating procedures are established to have a uniform practice around the performance of KYC and CDD measures. The entities not having formal established procedures often end up adopting unreliable measures for ID verification and customer address verification.

2. Inadequate Customer Due Diligence

Some regulated entities do not check the customer ID and sometimes do not even ensure that the photo on the ID documents is legible.

3. Inadequate EDD measures for High-Risk customers

High-risk customers must undergo Enhanced Due Diligence (EDD) requirements. At a minimum, the regulated entities are required to obtain their ID, address proof, source of funds, and source of wealth. Further, the entities must get senior management approval before onboarding such high-risk customers or entering into a transaction with them. The payment for the items sold or services provided must come from the bank account held in the High-Risk customer’s name. Some regulated entities do not ensure this and remain at risk of regulatory fines and penalties.

4. Incomplete Documentation

Some regulated entities lack in terms of collecting complete documents from the customers. Further, information as to the nature of the business, the purpose of the transaction, and monthly/yearly account activities are seldom obtained.

5. Missing Authorizations

The KYC and CDD documents must be duly verified and authorized in line with the KYC and CDD procedures adopted by the firm. For High-Risk customers, the top management approval must be obtained. Some of the regulated entities do not have proper controls in place to ensure compliance with these requirements.

The regulated entities must ensure that they remain compliant with the legal requirements and avoid taking inadequate and incomplete KYC and CDD measures. Check our eBook “A complete guide to Customer Due Diligence” to learn more about the CDD requirements and best practices around it.

Related Posts