Authorized Person and Regulated Activities subject to AML Compliance in ADGM

Authorized Person and Regulated Activities subject to AML Compliance in ADGM

Authorized Person and Regulated Activities
Download the list of Authorized Person and Regulated Activities subject to AML Compliance in ADGM

Authorized Person and Regulated Activities subject to AML Compliance in ADGM

The ADGM’s Financial Service Regulatory Authority (FSRA) mandates the Authorized Person conducting the Regulated Activities in or from the Abu Dhabi Global Market must comply with the AML regulations.

Here is an infographic discussing the Regulated Activities as defined under Financial Service Market Regulations 2015, qualifying the entity to be treated as AML-regulated entity or a “Relevant Person” as per the FSRA AML Rulebook.

Authorized Persons having Financial Service Permission to conduct regulated activities shall comply with the FSRA-issued AML Rulebook and Federal AML/CFT laws.

AML UAE, as a leading AML consultancy firm, can assist you in exploring the applicability of AML and help you implement a comprehensive AML framework compliant with ADGM’s FSRA AML regulations.

Related Posts

The Role of AML Compliance Officer Guide

The Role of AML Compliance Officer

Home Author Archives: Pathik Shah
Role-of-AML-Compliance-Officer-Guide

The Role of AML Compliance Officer

It is the primary responsibility of an AML Compliance Officer to implement a robust AML/CFT program and ensure compliance with UAE AML rules and regulations. Other than that, the AML compliance officer’s role includes noticing and reporting in an unbiased, fair, and transparent manner any suspicious activity to the FIU, UAE.

With this comprehensive guide, we covered various aspects of the role of the AML compliance officer. These aspects align with the “Cabinet Resolution No. (134) of 2025 concerning the implementing regulation of Federal Decree by Law No. (10) of 2025 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations.”

By going through this guide, you’ll learn about:

  • Rules governing the appointment of an AML compliance officer
  • Responsibilities of an AML compliance officer
  • Governance issue of small organizations and its mitigation
  • The compliance officer’s responsibilities to the government and duties to the employer
  • Importance of hiring a compliance officer for businesses
  • The role of the in-house AML compliance department and its setup

Dive into this booklet to deepen your understanding of the AML compliance officer’s pivotal roles and responsibilities in accordance with UAE law.

Download The Role of AML Compliance Officer Guide

Related Articles

Related Infographics

Related Laws, Guidelines, Rules, and Regulations:

Related Videos

Related eBooks

Related Templates:

Our timely and accurate AML consulting services

For your smooth journey towards your goals

Contact Us Now

Share via :

Share via :

Counting on Compliance: The Vital Role of Accounting in AML

Role of Accounting in AML

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Counting on Compliance: The Vital Role of Accounting in AML

With growing instances of money laundering and terrorist financing, the UAE AML laws are evolving, imposing more regulatory compliance and reporting obligations upon the regulated entities to combat these crimes. To abide by the AML compliance and reporting requirements, the regulated entities – be it a Financial Institution, Virtual Asset Service Provider (VASP), or Designated Non-Financial Business and Profession (DNFBP), the need for a transparent, accurate, and comprehensive accounting of the business activities cannot be overlooked.

In this article, we shall explore why accounting is so significant in implementing the AML program efficiently and the intersection of the accounting and AML framework.

Intersection and Significance of Accounting in the AML Program

Accurate and complete accounting is crucial to detecting and combating financial crime and staying compliant with regulatory reporting. Here are some of the critical points where the alignment of AML compliance and the accounting function must be ensured:

Business Risk Assessment

The UAE AML regulations mandate the regulated entities to periodically conduct the Enterprise-Wide Risk Assessment to identify and evaluate the financial crime risk the business is vulnerable to. For assessing the risk, the regulated must rely on the qualitative and quantitative parameters impacting their business. The “quantitative” aspect of the risk assessment reflects the entity’s historical information, such as instances where any high-risk indicators or red flags were observed. For this, the regulated entities generally refer back to their business trends for the previous years. This is not possible unless the records and details are appropriately accounted for in the company’s books of accounts.

The quality and relevance of the business risk assessment are highly dependent upon the quality and accuracy of the data used for performing the risk assessment. Thus, the primary step of assessing the ML/FT risk cannot be concluded satisfactorily if the accounting function of the entity is flawed.

How to conduct AML Business Risk Assessment Priv

Transaction Monitoring

One more obligation imposed upon the regulated entities is to develop and maintain a robust ongoing transaction monitoring program, having adequate controls in place to detect unusual patterns suggesting a connection with money laundering or terrorism financing. The essential requirement of an effective Transaction monitoring program is to have an appropriate data source covering the complete and up-to-date details about the transactions executed by various customers of the regulated entity. The data must be comprehensive regarding purchase, sale, deposit, withdrawal, payments, receipts, time, party, location, value, etc.

This need to have the correct data source on which the monitoring rules and logic shall be applied depends on the entity’s accounting functions. Only if the business’s financial transactions are correctly recorded can such transactional data be made available to the Transaction Monitoring system to analyze and identify the red flags.

Regulatory compliance and reporting requirements

Periodic AML report from the Compliance Officer to the senior management

The AML Compliance Officer of the regulated entities is required to prepare and furnish a periodic AML report to the senior management, providing an update on the entity’s compliance status. This update must include the critical business statistics around the number of transactions with high-risk customers, transactions where payment is received in cash, transactions involving high-risk jurisdictions, etc. This is possible only when the AML Compliance Officer has access to the transactional records, properly accounted for with necessary details.

's Report to Senior Management under UAE AML Regulations

AML Audit

The regulated entities in the UAE must have an independent AML Audit function in place to test the status and adequacy of the entity’s compliance with regulatory requirements. Performing an AML audit is impossible without having proper records to check on which the auditor can provide its opinion. Thus, fulfilling the AML audit requirement would be faulty in the absence of proper accounting.

Independent AML Audit

AML Surveys

The AML Supervisory Authorities in UAE often issue surveys to the regulated entities, requesting for sharing the details about the value and volumes of specified categories of transactions. It is pertinent to adhere to this survey request and furnish accurate and complete information to the authorities. Again, without having done adequate and timely accounting, retrieving the required data and ensuring its validity would always be a challenge.

AML Recording Keeping requirement

Further, the AML laws require the regulated entities to maintain the AML records for a minimum period of 5 years from the transaction’s completion date or the end of the business relationship, whichever is later. The details and information to be maintained under AML must include the transaction details capturing the nature of the transaction, date, and value of the transaction, parties involved, mode of payment, reference to connected transactions, etc. The financial records must be maintained in a way that can be promptly furnished to the authorities when requested, allowing them to review the entity’s compliance efforts and its authenticity.

This AML Documentation requirement can only be achieved when the entities appropriately account for the transactions executed both ways – inward and outward supplies, including receipts, payments, withdrawals, etc.

AML Record Keeping

Best practices for leveraging the benefits of accounting to AML compliance

The following practices shall prove to help accelerate the AML compliance program with the assistance of the accounting function:

AML training to the accountants

Accountants are well-versed in the study and analysis of financial data, enabling them to detect unusual financial transactions, gaps around the cash flows, or inconsistencies in the working capital cycle of the business.

With ready access to the financial data, they can strongly support the entity’s transaction monitoring program. The accounting team must be trained around the AML framework, internal procedures and controls, and intricacies of the ongoing monitoring rules and logic. When accountants review the transactions, they can quickly evaluate for the possibility of any anomalies and promptly notify the red flags identified. When the accounting brains back the robust monitoring program, malicious transactions can be uncovered effectively. 

Role of Accounting in AML

They can scrutinize the transactions to detect any structuring arrangement to avoid the reporting threshold or unexpected change in the customer’s transactional pattern.

Further, accountants generally understand the business’s possible risk exposure and define the required controls. When accountants understand AML requirements and the financial crime vulnerabilities, the controls proposed by the accountants would be wholesome and capable of managing the overall business risk, including the money laundering and terrorism financing risk.

Designing a comprehensive AML Training Program

Integrating the AML systems with accounting systems

A regulated entity needs to have a seamless connection between the AML systems, such as customer screening and transaction monitoring, with the accounting tools used by the business. This integration will ensure that the complete data maintained from the financial records perspective is made available to the AML systems in real-time, permitting timely review of the transactions and business relationships and curbing potential financial crime attempts.

Further, the integrated systems should handle the generation of intelligent MIS reports and business-AML analytics that serve as a base for the AML Compliance Officer to check the overall quality of the AML controls and procedures and prepare necessary reports required to be furnished to the internal reporting authorities or external AML authorities.

Collaboration between the accounting team and the AML Compliance Officer

The AML Compliance Officer must proactively communicate and collaborate with the accountants to design and develop comprehensive and integrated controls and processes for AML compliance.

Allow AML UAE to uphold the potential of your accounting function for the benefit of AML compliance

Financial accountability and transparency are of utmost significance in all aspects of business, including AML compliance. AML UAE has a team of professionals from accountancy backgrounds with vast experience in AML compliance who can assist you in combining the accounting and AML functions to optimally utilize accounting to foster AML compliance and prevention of money laundering and terrorism financing. We can help you design standard controls and risk mitigation measures, adequately meeting your compliance and accounting needs and training the team of accountants, empowering them to contribute to the entity’s AML efforts.

Let’s make the most of the accounting team in the course of AML compliance.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

What does Enhanced Due Diligence (EDD) help you with?

What does Enhanced Due Diligence (EDD) help you with

What does Enhanced Due Diligence (EDD) help you with?

What does Enhanced Due Diligence (EDD) help you with
Download Merits of Enhanced Due Diligence

What does Enhanced Due Diligence (EDD) help you with?

The UAE AML regulations mandate that the regulated entities – DNFBPs, VASPs, and Financial Institutions – assess the money laundering and terrorism financing risk each customer poses to the business and adopt a risk-based approach to mitigate the same. Here, the AML law provides for applying Enhanced Due Diligence (EDD) measures when the customer is identified as exposing high ML/FT risk.

Here is an infographic discussing the key merits that the EDD process has to offer to regulated businesses:

  1. One of the EDD measures is to make detailed inquiries about the customer’s identity. Thus, EDD helps in understanding the customer’s structure, and if the legal structure of the customer appears to be complex, EDD allows decoding whether the complexity of the structure is legitimate or deliberately created to obscure the identity of the Ultimate Beneficial Owners (UBOs).
  2. The EDD process involves identifying the customer’s source of funds and source of wealth and establishing the legitimacy of the same based on reliable sources. Here, EDD helps the entity determine whether the funds involved in the transaction and its associated wealth are legitimate or are proceeds of some criminal activities.
  3. Further inquiry around the customer’s identity and the nature of the business relationship helps the entity assess whether the customer is just carrying higher risk or is actually suspected of being involved in some money laundering or terrorism financing activities.
  4. Applying appropriate EDD measures ensures that the business does not engage with any criminal or a person charged with some financial crime (adverse media sources), safeguarding the business’s reputation.
  5. AML regulations require that the regulated entity seek senior management approval when establishing business relationships with high-risk customers. This measure will ensure that management is aware of the increased risk and make an informed decision to deal with such customers.
  6. One more measure to be applied during EDD is obtaining payment towards the transaction from the customer’s bank account, subject to similar CDD measures. This will help the regulated entities ensure that no third party exploits their business under another name.
  7. When applying EDD measures, the regulated entity must consider filing a Suspicious Activity Report (SAR) and a Suspicious Transaction Report (STR) if any red flags are detected. This will ensure that the regulated entities safeguard their business against potential threats and timely report the matter to FIU, complying with the regulatory reporting requirements.

Adopt adequate increased controls and risk mitigation measures when high-risk is encountered.

As a leading AML consultancy service provider, AML UAE can assist you in designing customized AML/CFT policies, procedures, and controls in line with the outcome of the Enterprise-Wide Risk Assessment. This will include defining the circumstances when the customer shall be classified as high-risk and what EDD measures shall be applied. Let’s come together to fight the financial crime.

Related Posts

AML Risk Assessment before launch of a new product or service

AML Risk Assessment before launch of a new product or service

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Assessing the ML/FT risk exposure before launching a new product or service

The regulated entities in the UAE are required to assess the overall exposure of the business to financial crimes. For this, the Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Asset Service Providers (VASPs) must conduct the Enterprise-Wide Risk Assessment (EWRA) considering the relevant risk factors. One critical scenario that impacts the business’s ML/FT risk is the potential of the new products or new practice areas being exploited by the criminals for laundering illicit money or financing terrorist activities.

When the regulated entities evaluate the risk associated with the new products or services, it would be possible for the entities to develop and deploy the necessary risk mitigation measures.

Through this article, let’s explore what business risk assessment is, the significance of assessing the ML/FT risk before introducing any new business practices, products, or services, and the best practices to assess this risk thoroughly.

Understanding the AML Risk Assessment

An AML Business Risk Assessment is an exercise conducted to evaluate the potential threats to the entity’s business operations, considering the overall profile in terms of customer base, business model, geographies in which the entity operates, the nature of products or services offered, the size, volume, and complexity of the transactions, the delivery channels and distribution methods used by the entity.

The EWRA includes the following sub-processes:

  • Identifying the risk factors and the relevant risk scenarios that impact the business
  • Determining the likelihood of the risk scenario materializing, its frequency, and the extent of the impact it can have on the business (this is an inherent financial crime risk the business may face)
  • Mapping the controls needed against these risk parameters (whether already in place or any additional controls or systems are required)
  • Analysing the strength and effectiveness of these controls
  • Assessing the residual risk and comparing the same against the entity’s management-approved risk appetite

The assessed risk gives insight to the regulated entity on the potential vulnerabilities and the risk mitigation measures required to overcome these risks or at least minimize the impact. This understanding helps the entity to determine the resources required and its optimal allocation based on the severity of the risks. Moreover, EWAR forms a base for the entity for designing the internal AML/CFT policies, procedures, and controls to stay safe and compliant with AML regulations.

AML Risk Assessment before launch of a new product or service

Development and launch of a new product or service bring a good business opportunity but may expose the business to newer types of financial crime risks. Thus, the regulated entities must evaluate the potential ML/FT vulnerabilities that may surface exploitation of the new products or services. With timely assessment of the associated risk, the regulated entities can proactively determine the mitigation measures required before the financial criminals misuse the newly introduced offerings.

Best practices to be followed for assessing the potential ML/FT vulnerabilities associated with new product or service

Involving AML Compliance Team in product/service design

The product or service development team must involve the AML Compliance Officer while discussing the design and development aspects. The AML Compliance Officer’s feedback can prove valuable in managing the product design in a way that reduces the risk possibilities.

The Compliance Officer’s understanding of the AML regulations would help the entity develop a product or practice that meets the compliance requirements without specifically providing options to the criminals to place the illegal funds into the economy.

Role of AML Compliance Officer in UAE Preview

Identify the risk scenarios

The regulated entity must evaluate the possible circumstances of how the criminals can exploit the new product or services for money laundering or terrorism financing. The entity may refer to ML/FT typologies associated with similar products/services. Reference should also be made to reliable data sources publishing the information and statistics about the financial crime vulnerabilities faced by peers offering the same or similar products.

Further, the regulated entity may also rely on emerging technologies like Machine learning or Big Data to study the existing data, draw patterns, and highlight the expected risks from recently established products or services.

For example, if a dealer in precious metals and stones plans to start an eCommerce portal for selling the jewellery online. Before making this portal live, the dealer must consider the ML/FT threats, such as the possibility of criminals making multiple transactions of smaller values using different IDs or fake IDs, to what extent the online portal would favour anonymity or provide an opportunity to criminals to conceal the actual beneficiaries, etc.

Assessing the nature and degree of controls required

Once the risk associated with new products and services is identified, the regulated entity must determine the risk mitigation measures required for such risks. The nature of controls and systems needed to be well documented against the identified risk parameter and how effectively these controls can tackle the risks.

Continuing the above example, if the dealer in precious metals and stones is planning to accept the payment in virtual assets, then the entity should have controls around screening the virtual assets wallets or identifying the geolocation of the party to avoid exploitation by criminals from high-risk jurisdictions.

Creating awareness and training the team

It is essential to onboard the senior management and the staff on this new products/services AML journey. The regulated entity must impart required AML training to the team around potential risk situations that may arise with these products/services, the modified systems and controls implemented, and the expected role of the employees in managing the risks.

When the systematic approach is adopted for assessing the risk arising from new products and services, mitigating this risk and its impact on the business can be managed efficiently.

Designing a comprehensive AML Training Program

Implementing additional controls of modifying the existing ones

Once the controls have been identified, the regulated entities must check whether existing controls can be used or enhanced to manage the new product/service’s risk. If not, the additional controls must be incorporated into the existing systems, making them capable of handling the newer risk scenarios.

In the current example, the dealer in precious metals and stones would be required to enhance the existing KYC forms and the Customer Due Diligence measures to cover the identification of the customer (as non-face-to-face transactions pose a different level of risk) and inquiry around the mode of payment.

Further, the jeweller might not have the systems that allow the screening of crypto wallets. Here, the existing systems must be upgraded or replaced with an advanced tool that supports the identification of red flags related to virtual assets, monitors the crypto transactions, and triggers an alert when any suspicious activities are observed.

Significance of the AML Risk Assessment before launch of a new product or service

This beforehand assessment of the financial crime risk and implementation of the necessary controls will enable the regulated entities to check the exploitation of new products or services by the financial criminals.

The proactive approach of the entity demonstrates the entity’s commitment to combat financial crimes. It instils the trust and confidence of the customers and other stakeholders in the entity’s business practices.

Further, identifying the risk before introducing new products or services is also mandated under the UAE AML regulations.

AML Risk Assessment before launch of a new product or service

Thus, with this risk assessment, the entities avoid non-compliance fines and penalties, safeguarding the business against reputational damage and unnecessary legal hassle.

When the business and compliance goals are aligned for a newly developed product or service, the future hassle or complexities associated with the products can be eliminated, bringing the desired outcome of fresh offerings.

Let AML UAE assist in identifying and managing the ML/FT risk associated with new products or services

The ML/FT risk assessment is crucial for the regulated entities before introducing or developing any new product or services to understand the new risk vulnerabilities and deploy the timely mitigation measures without allowing the launderers to exploit these new launches. In this journey, let AML UAE help you assess the risk arising from such a new product/service while you focus on business development. With a thorough understanding of the AML regulatory framework and the industry experience, we can assist you in assessing the overall business risk, implementing the required controls, and creating awareness amongst the team to stay AML compliant.

Let’s partner in your efforts to protect the economy’s integrity and security against financial criminals.

Make significant progress in your fight
against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Dealer in Precious Metals and Stones Report (DPMSR) under UAE AML Regulations

Dealer in Precious Metals and Stones Report

Dealer in Precious Metals and Stones Report (DPMSR) under UAE AML Regulations

Dealer in Precious Metals and Stones Report
Download Dealer in Precious Metals and Stones Report (DPMSR) under UAE AML Regulations

Dealer in Precious Metals and Stones Report (DPMSR) under UAE AML Regulations

Under UAE AML regulations, the Dealers in Precious Metals and Stones (DPMS) are one of the Designated Non-Financial Businesses and Professions (DNFBPs) subject to AML compliance. One of the compliance obligations imposed upon DPMS or jewellers in UAE is to report certain designated transactions on the goAML portal by filing a Dealers in Precious Metals and Stones Report (DPMSR).

The DPMSR is to be filed by the dealers in precious metals/stones when the transactions are either in cash or wire transfer. In the case of the natural person, whether resident or non-resident of UAE, the cash transactions of AED 55,000 or more would be treated as designated transactions requiring reporting on the goAML Portal. For corporate customers, transactions of value AED 55,000 or more involving cash or international wire transfers are to be reported.

DPMSR is to be filed within two (2) weeks from the event triggering the reporting, i.e., from the date of receipt or payment of funds of the specified amount in cash or wire transfer, as mentioned above.

Moreover, when filing the DPMSR on the goAML Portal, the dealers in precious metals/stones must submit the necessary identification documents of the customer. It would be a copy of a valid Emirates ID or Passport or any other government-issued ID bearing photograph for a natural person or an individual customer. The regulated entity must furnish the valid trade license copy of the corporate customer and the identity document (Emirates ID/Passport) of the authorized representative of the corporate customer.

Here is an infographic discussing the salient aspects a dealer in precious metals and stones must understand regarding one of its essential AML reporting obligations – DPMSR.

AML UAE, with its varied experience across the countries and thorough understanding of the UAE regulations, can assist you in setting up the required processes and systems to identify the transactions warranting the filing of DPMSR and implement best practices to file these reports on the goAML Portal.

Related Posts

Customer Due Diligence ebook

Customer Due Diligence ebook

Home Author Archives: Pathik Shah
Customer Due Diligence Guide

Customer Due Diligence ebook

Our comprehensive Due Diligence (CDD) Guide is your go-to resource for unleashing the power of compliance.

The guide will help you understand the complexities of Anti-Money Laundering (AML) Compliance and help you make your way through compliance challenges.

The essential compass, “A Complete Guide to Customer Due Diligence as per UAE AML Requirements,” will take your AML compliance efforts in the right direction.

The guide contains the following:

  • The Basics: Understand what’s CDD and its core principles.
  • When, Where, and Why: Discover the scenarios triggering essential CDD measures and understand their significance.
  • Different types of CDD: Simplified, Standard, Enhanced – we provide an in-depth breakdown of these crucial classifications.
  • Demystifying KYC: Grasp the vital Know Your Customer requirements. Remaining Sanction-compliant: Master sanctions screening to fortify your business.
  • Media Vigilance: Learn about adverse media screening to uphold your reputation. Confident Risk Evaluation: Streamlined customer risk assessment methods.
  • Continuous Watchfulness: Techniques to ensure your compliance efforts remain on course.
  • The Future is Automated: Delve into the different software solutions for CDD process automation.
  • Your FAQs Addressed: Clear answers to some complex questions.
Download Customer Due Diligence ebook

Our timely and accurate AML consulting services

For your smooth journey towards your goals

Contact Us Now

Share via :

Share via :

How to update the AML Policies, Procedures, and Controls in line with UAE AML Laws?

How to update the AML Policies, Procedures, and Controls in line with UAE AML Laws?

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

How to update the AML Policies, Procedures, and Controls in line with UAE AML Laws?

In the present times, where the money laundering and terrorism financing typologies are evolving every day, the relevant regulatory frameworks are also changing regularly. In UAE, there have also been regular amendments in the Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) regulations to extend the coverage of compliance to various industries and effectively protect the country’s economy against financial crime. It is pertinent for the regulated entities to maintain their AML Policies, Procedures, and Controls documentation up to date with these regulatory changes and ensure complete compliance.

The regulated entities may face severe consequences for violating the AML obligations imposed under UAE AML laws and regulations. Thus, the regulated entities in UAE must be aware of the amending regulatory landscape, including industry-specific developments, and maintain the entity’s AML program in sync with these changes.

This article discusses a regulated entity’s systematic approach to updating the AML Policies, Procedures, and Controls. This article aims to guide law firms in the UAE on effectively updating their AML frameworks to adhere to the UAE AML regulations.

AML Compliance Requirements

Circumstances warranting the regulated entities to update the AML policies and procedures

The risk factors are never constant, changing as we speak. As the financial crime risk is dynamic, so are the AML regulations designed to prevent financial crime.

Here are the two critical circumstances that require the regulated entities to review and update their currently implemented AML framework:

Changes in the entity’s ML/FT risk exposure

The entity’s business may change over time, exposing the entity to newer risks and compliance challenges. This includes changes in the nature of the customer base, the expansion of the geographies in which the entity operates, the launch of new products or services or business practices, etc. These changes bring a different nature of risk, impacting the business differently.

To handle a changed risk scenario, the regulated entity must alter its AML/CFT policies, procedures, and controls that can effectively identify and mitigate the new vulnerabilities.

Money launderers and other financial criminals are constantly coming up with new techniques to execute financial crimes. The regulations and best practices also evolve to tackle these emerging trends, requiring the AML-regulated entities to modify their AML program.

The regulated entity must implement a system to maintain the entity’s overall risk profile updated as the business progresses, considering all the relevant risk parameters. The regulated entity can only amend its AML framework to manage these risks with the business risk monitored continuously.

Amendments in UAE’s AML Laws and Regulations

The UAE government periodically conducts the National Risk Assessment (NRA), and regulatory changes are introduced based on the outcome of this NRA. Further, the relevant regulatory updates are also implemented to align with the international best practices and FATF recommendations necessary to address emerging financial crime exposures.

The regulated entities must have systems and procedures to track these regulatory changes impacting the entity’s compliance obligations. This can be achieved with the AML Compliance Officer’s active participation in the authorities’ conducted webinars, subscribing to any professional network to receive update notifications timely, and attending AML-specific industry study groups or conferences.

How to update the AML Policies, Procedures, and Controls in line with UAE AML Laws?

Systematic Approach to Update AML Policies, Procedures, and Controls

The approach followed for maintaining the AML/CFT policies, procedures, and controls is equally essential as the need to keep these documents up-to-date. A systematic approach to these AML program updates will ensure that the regulated entities move closer to adequate regulatory adherence compliance without hampering or disturbing the ongoing business and compliance activities.

Reviewing the current AML Policies, Procedures, and Controls

To begin with, the regulated entities must analyze their existing AML framework, including the documented policies, procedures, and controls. This assessment must be in line with the modified risk exposure for the business and the regulatory amendments introduced that impact the entity’s business and compliance obligations.

The gaps between the “As-Is” and “To-Be” policies must be identified. The areas where changes or enhancements are required must be clearly identified. When reviewing the existing framework to assess the gaps, it is always good for the AML Compliance Officer to involve relevant teams like the compliance team, legal team, and senior management, seeking their thoughts on identified changes.

The impact of the regulatory or risk scenario changes must be evaluated in terms of:

When the Compliance Officer is ready with the enhancements requirement in the AML policies and procedures, making these changes in the AML Program would be a quick and easy task.

Incorporating the necessary changes in AML Policies, Procedures, and Controls

Once the required changes have been identified, the AML Compliance Officer of the regulated entity must immediately proceed with the exercise of incorporating these changes in the AML framework – policies and procedures. Due consideration must be given to the procedural changes, as through these revised procedures and processes the entity will be able to comply with revised policies.

Modifying or enhancing the existing controls to align with the revised policies and procedures is pertinent. Only when the policies, procedures, and controls are in sync the regulated entity can justify compliance with the amended provisions of the UAE AML regulations.

The revised policies and procedures must be presented to the senior management for review and approval.

Further, the version history of the policies must be appropriately maintained, enabling the regulated entity to track down the AML measures followed over the period.

Training the team on the updated AML framework

Merely making changes and updating the AML policies, procedures, and controls is not enough if the team on-ground is still following the old measures and processes. Here, comes the need for the regulated entity to ensure that the team, including the senior management, is aware of the revised set of the AML framework.

The regulated entity must immediately arrange for the AML training session to educate the team about these modified AML policies, procedures, and controls, their significance, and each employee’s role in meeting the revised AML compliance expectations. In cases where the changes significantly impact the existing measures or working style, the regulated entity must organize workshops or include case studies in the training program to give a practical sense to the team on its proper implementation.

If required, periodic refresher courses or discussions with the team must be scheduled to check on the team’s understanding and implementation of the revised AML policies, procedures, and controls.

Designing a comprehensive AML Training Program

Periodic review to ensure updated AML policies are followed

Maintaining the AML policies and overall framework updated is an ongoing activity to ensure its effectiveness in mitigating the risks, adequacy, and quality in terms of compliance with the AML laws of the land.

The regulated entity may implement a periodic internal AML audit or review function, where the AML framework and its implementation are reviewed. This will enable the regulated entities to spot flaws or non-compliance, allowing the entity to take timely remediation measures.

Let AML UAE design and maintain your AML Policies, Procedures, and Controls

Adopting a proactive approach is crucial for the regulated entities to periodically review and maintain the AML program, capturing the changes parallel to the regulatory amendments and emerging risk exposure.

AML UAE is here for your assistance. With a team of AML professionals, we continuously track the evolving ML/FT typologies, changes in the UAE’s AML regulations, and the international best practices emerging worldwide that can strengthen the business’s shield against financial crimes. We can help you customize your AML framework, including maintaining your policies, procedures, and controls updated with the legislative amendments, giving you the confidence to focus on business without worrying about AML non-compliance or potential exploitation by financial criminals.

Let’s join hands to stay AML-Compliant and ML-Safe!

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Virtual Assets Regulatory Authorities in UAE

Virtual Assets Regulatory Authorities in UAE

Virtual Assets Regulatory Authorities in UAE

Virtual Assets Regulatory Authorities in UAE
Download Virtual Assets Regulatory Authorities in UAE

Virtual Assets Regulatory Authorities in UAE

With the virtual asset sector booming in the UAE, including the acceptance of digital securities and payment tokens, various authorities have been designated to oversee and supervise the licensing and operations of the Virtual Asset Service Providers (VASP). This bifurcation of the authorities for managing VASP activities is mainly based on the location of the VASP and the nature of the activities.

VASPs based in Dubai, except those operating in or from Dubai International Financial Centre (DIFC), are subject to supervision by Dubai’s Virtual Assets Regulatory Authority (VARA). For DIFC-based VASPs, the governing authority is the Dubai Financial Service Authority. Similarly, for VASPs operating from the financial free zone of the Abu Dhabi Global Market (ADGM), the concerned supervisory authority is the Financial Service Regulatory Authority (FSRA).

For other VASPs (not operating from Dubai or the DIFC/ADGM financial free zones), the governing AML supervisory authority is the UAE’s Securities and Commodities Authority (SCA).

Monitoring of the payment tokens is under the purview of the Central Bank of UAE, while digital securities and commodities are under SCA.

Here is an infographic discussing the AML Supervisory Authorities in UAE to oversee the level and nature of the AML compliance program implemented by the VASPs operating within their jurisdictions.

With AML UAE‘s years of experience and subject knowledge (on AML as well as virtual asset space), we have been assisting the VASP in UAE in assessing the financial crime risks and customizing the AML/CFT program in line with local regulations and FATF best practices recommended to protect the exploitation of the virtual assets by financial criminals.

Related Posts

Right AML Solution to foster Corporate Service Providers’ AML Function

Right AML Solution to foster Corporate Service Providers’

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Right AML Solution to foster Corporate Service Providers’ AML Function

With emerging financial crime typologies and ever-changing regulatory requirements, the regulated entities, including the Corporate Service Providers, need robust AML software to mitigate the risk and stay AML compliant.

Corporate Service Providers are vulnerable to financial crime as they offer services like the formation of legal structures or legal arrangements, providing nominee services, assistance in the administration of trusts or special asset protection vehicles, etc., which may be exploited by the money launderers or other criminals to move their illegal proceeds.

By designing and implementing a comprehensive set of AML measures, backed by deploying the right technology and tools, the Corporate Service Providers can timely identify and prevent money laundering and terrorist financing risks and ensure compliance with the UAE AML regulations.

With this article, let us explore the key points to be considered and the step-by-step approach to selecting the right AML software to enable a Corporate Services Provider (CSP) to adhere to the UAE AML regulations and avoid non-compliance consequences.

AML Compliance Software’s Capabilities to be looked for by the CSP

When searching for an AML software or system, the CSP must consider the AML compliance obligations imposed under UAE AML regulations and the capabilities of the solution to support the same:

AML compliance obligations to be looked by CSP copy

Assessing the business risk

As conducting an Enterprise-Wide Risk Assessment helps the CSP evaluate the ML/FT risks and customize the AML program, the CSPs shall look for a solution to assess the business risk. The functionality must be comprehensive, enabling risk assessment considering the relevant risk parameters such as the type and activities of the customers, the location of business operations, the nature of transactions and the services offered, etc.

Assessing risk just once is not enough; the solution should adopt a dynamic approach to risk assessment, wherein the outcome of EWRA is updated as and when the CSP’s risk factor significantly changes.

How to conduct AML Business Risk Assessment Priv

Streamlining the Customer Due Diligence Process

The CSPs in UAE are required to implement a robust Customer Due Diligence (CDD) process to identify the customers, determine their risk levels, and apply adequate mitigation measures.

Hence, the AML solution must support the CSP in navigating the CDD steps smoothly, which includes the following:

  • Capabilities for customer identification and verification of their identities, whether it is an individual or a corporate customer,
  • Screening the customers against the Sanctions Lists (specifically UAE Local Terrorist List, UNSC Consolidated List, and facility to configure other international lists relevant to the CSP’s operations),
  • Screening the customer to identify any nexus with a Politically Exposed Person (PEP) or has any adverse or negative media against the person,
  • Conducting customer risk assessment considering their identification details, the outcome of screening, etc., to determine the risk profile.
Understand the types of CDD measures to effectively mitigate the ML-FT risks 

Continuous Monitoring of Business Relationships and Transactions

The customer’s profile may change in the course of the business relationship. Thus, the solution must support the ongoing monitoring of the customer’s information, time flagging off the expiry of the identity documents, change in the customer’s PEP status or screening outcome, etc.

Further, ongoing monitoring of transactions is also very critical for CSP to track the customer’s activities and their consistency with the initially assessed risk category. With technological support, the CSPs can easily monitor large volumes of data, develop a pattern to identify suspicion or unusual activities and generate timely alerts to prevent and report such matters to FIU.

Record Keeping and Reporting Capabilities

The solution must also have robust document maintenance and reporting functionalities. The documents and data uploaded on the solution must be maintained in an organized manner and shall be readily accessible. The software must allow the CSP to generate and analyze the reports on customers, transactions, risk profiles, suspicion or red flags observed, etc.

Further, the customization capabilities must be available to configure the reporting requirements to support the CSP’s Compliance Officer in meeting the regulatory obligations.

AML Record Keeping

Integrating with the CSP’s Existing Business Solution

The potential of the AML solution can be optimally utilized when the same is integrated with the business solution that the CSP is using. The AML tool must seamlessly connect with the existing IT infrastructure for a smooth exchange of data around customers and transactions, reducing the redundant efforts or delicacy of the data, streamlining customer onboarding, and making identifying red flags easy and prompt.

User-Friendly Navigation

The AML system must be easy to interact and use, ensuring that the team can effectively utilize the functionalities without much investment in training, and a comprehensive User Manual can be enough to explore basic features. The solution’s functionalities must be logically placed, allowing users to access the required items. Further, a “Help Kit” must be available, which the users can refer to and resolve any technical or contextual aspect of using the solution.

Right approach to select the right AML Compliance Solution

Having discussed the functions and capabilities to look for in an AML solution, let us discuss the selection process. There is many software available in the market offering the same set of features. In such cases, identifying an appropriate AML software is in itself an art requiring a lot of deliberations of various factors, as once you invest in the software, you may expect to continue using it for the longer future and not spend your resources on frequently switches from one to another tool.

So, identification of the right software must be done using a systematic approach, as detailed under:

Right AML Solution to foster Corporate Service Providers’

Assessing the AML Compliance requirements and Preparing the Business Requirements Document (BRD)

The CSP must first understand the business-specific AML compliance obligations in the context of the nature of services offered, the geographies the CSP deals with, the size and complexities of the transactions, etc. This understanding must be mapped with the features required in the AML solution. This Business Requirement Document (BRD) must cover the functional and non-functional aspects of the software the CSP is expecting, including the need for configurable parameters and customization possibilities. Further, this BRD must be approved by the CSP’s senior management, bringing them onboard concerning the required features and the budget allotted.

This BRD shall serve as a base and assist the CSP in navigating the software selection process.

Identifying and shortlisting a few AML solution providers

The CSP’s Compliance Officer must look for options matching the requirements. While identifying the software vendors, the CSP must consider the following factors:

  • Functionalities available
  • Pricing of the product, including any hidden or contingent costs
  • Reputation of the software provider (looking for customer reviews, testimonials, etc.)
  • Vendor’s readiness to handhold and train the team initially
  • Vendor’s post-implementation support
  • Scalability of the solution

Considering these parameters, the CSP must shortlist 2-3 solution providers that best match the AML compliance requirements and fit within the CSP’s budget.

Arrange for the demonstration of the solution

Once the potential fits have been identified, the CSP must arrange for a demonstration of these solutions to have a look and feel of the features offered and test the capabilities. Practically accessing the software and interacting with the vendor will give an understanding of the user interface, customization possibilities, vendor’s commitment towards training and after-sale services, etc. On the basis of this understanding, the CSP must score each of the shortlisted solutions, consider the pros and cons, and finally decide which one to go ahead with.

Get it started with proper documentation

Once the right software is identified, the CSP’s Compliance Officer must involve senior management and seek their support in closing the agreement. The agreement must be worded, specifying the scope of the parties, the features support, the prices, duration, any additional charges that may be levied in the future, etc.

As the AML software is a breakthrough for implementing the AML program, the choice of software must be made wisely following the proper decision-making methodology; otherwise, it can bring you reputation loss and non-compliance penalties.

Let AML UAE assist the Corporate Service Providers strengthen their AML Function with the right AML tool!

Deploying the right software is critical for Corporate Service Providers in the UAE to ensure timely compliance with regulatory obligations, identify financial crime risks, and prevent and report the same. Let experts assist you in this process.

AML UAE is a leading AML consultancy firm, providing end-to-end AML support to the regulated entities in UAE, including Corporate Service Providers. With our understanding of the regulations, we can assist you in defining your AML compliance requirements, preparing a detailed BRD, and identifying the right fit for your compliance needs. We do not stop here; we ensure that the solution implementation is a smooth ride for you without bothering your routine business activities, but at the same time, meeting your ongoing AML compliance requirements.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti