Conducting Independent AML Audits in DNFBPs: A Comprehensive Handbook

Conducting Independent AML Audits in DNFBPS A Comprehensive Handbook

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Conducting Independent AML Audits in DNFBPs: A Comprehensive Handbook

In recent years, anti-money laundering (AML) regulations have become increasingly important for the non-financial sector in the United Arab Emirates. The UAE AML regulations mandate the Designated Non-Financial Businesses and Professions (DNFBPs) to design and implement a comprehensive AML/CFT framework to detect and prevent financial crime. As part of the AML/CFT program, the UAE AML regulations provide for implementing an independent AML audit function to check the quality of the AML measures adopted by these DNFBPs.

DNFBPs (such as dealers in precious metals and stones, real estate agents, lawyers, accountants/ auditors, and company service providers) are required to undertake ML/FT Enterprise-Wide Risk Assessment and establish adequate AML/CFT policies, procedures, and controls to manage these risks. This includes conducting Customer Due Diligence, compliance with the Sanctions regime, and measures to detect and report suspicious transactions on the goAML Portal. To test the adequacy and relevance of the implemented program, the DNFBPs are required to get their AML program independently audited by competent personnel.

Independent AML Audit is very different from regular auditing of books of accounts. This focuses on the DNFBP’s AML/CFT program and the controls and systems the entity has deployed to detect the red flags and manage the risks.

In this article, we will discuss the independent AML audit in DNFBPs, and the key elements necessary for ensuring the effectiveness of the AML audit.

What is the role of an Independent AML Audit?

The independent AML audit refers to a function – whether an internal department or an external third party – that audits and evaluates the quality of the organization’s AML policies, procedures, systems, and controls. This AML audit function operates independently from the routine operations of the business, including ongoing AML activities, and provides an unbiased opinion on the DNFBP’s AML efforts.

The independent AML audit function is entrusted with the responsibility of periodically reviewing the adequacy of the AML/CFT program of the company and detecting any potential gaps or weaknesses in the DNFBP’s AML measures. AML auditors are expected to thoroughly check the DNFBP’s AML/CFT policies, procedures, and controls to ensure that such framework is in line with UAE AML regulations and the overall enterprise-wide risk assessed by the company.

The independent AML audit is not just restricted to identifying the non-compliance instances or flaws in the implemented measures but also to suggesting the remedial actions necessary for improving the AML framework. The AML auditor’s recommendations may include a requirement for the implementation of additional controls, developing or enhancing the AML training programs, and adopting new technological solutions to strengthen the DNFBP’s AML capabilities.

An independent AML audit demonstrates the DNFBP’s commitment to AML compliance and safeguarding the economy from financial crimes. Periodic AML audits help the DNFBPs ensure that their AML efforts and resources are moving in the right direction. They are focused on effectively managing financial crime risks and staying AML compliant.

The independent AML audit is essential to the overall AML compliance framework for DNFBPs operating in the UAE. With an independent AML audit, the DNFBPs can enhance the business reputation, attracting customer loyalty with their efforts to prioritize AML regulatory compliance and combat financial crime. Further, the supervisory authorities also develop trust in the DNFBP’s AML/CFT measures and controls when an independent AML audit forms part of the overall AML framework.

Conducting Independent AML Audits in DNFBPS A Comprehensive Handbook

How to implement an Independent AML Audit in DNFBPs?

Implementing an independent AML audit in DNFBPs in UAE requires adequate planning, robust execution, and post-audit activities management.

AML Audit Plan

An independent AML audit starts with AML Audit Plan. This involves defining the following:

  • scope of the audit (what all AML aspects and records must be reviewed and the review period)
  • audit objectives (why is the AML audit conducted, i.e., to check the quality of the AML/CFT framework, etc.)
  • audit procedures (what auditing methods would be used – like records verification, on-site visit, positive confirmation, interviews, etc.)
  • audit resources (what resources would be deployed for conducting the AML audit, including the audit team)

The AML audit team must be adequately qualified and have appropriate skills to conduct the review and form an opinion on the status of the DNFBP’s AML compliance and the quality of the AML/CFT measures implemented. Further, the AML auditor must be aware of the latest regulatory amendments and understand the AML obligations of the particular DNFBP.

The AML audit plan must be designed considering the overall ML/FT risk exposure, size, and nature of the business. The audit plan and preparation must be aligned with the UAE AML regulations and the feedback from the supervisory authorities of the DNFBP.

Conducting Independent AML Audit

The designed AML audit plan must be diligently adopted for the effective execution of the independent AML audit.

The auditor must review the DNFBP’s documented AML/CFT policies, procedures, and controls to assess their completeness and relevance in the context of the relevant AML regulatory framework and the DNFBP’s ML/FT risk exposure. Any gaps or missing compliance aspects must be highlighted in the report.

Along with a review of the high-level AML/CFT program, the AML auditor must also verify the customer onboarding records to determine the accuracy of the Customer Due Diligence process. The transaction monitoring systems must also be examined to test the reasonableness and adequacy of the monitoring rules defined and their effectiveness in detecting unusual activities or suspicious transactions.

If the DNFBP has implemented any systems or tools for AML compliance, then the integrity and effectiveness of such systems and data security must be verified.

Wherever required, the AML audit team must interview the AML Compliance Officer and the compliance team members to understand their awareness of the internal AML/CFT program and their roles and responsibilities towards AML regulatory obligations. This shall also help the AML auditor determine the level of the entity’s AML training and whether any enhancements are required in the training program.

The team must maintain independence and be able to review and provide unbiased opinions on the company’s AML/CFT program.

Once the necessary audit procedures have been applied and the AML review is complete, the independent auditor must document its observations (identified gaps and non-compliance instances), and the corresponding recommendations in an audit report addressed to the senior management of the DNFBP.

These AML audit findings shall serve as one of the critical AML compliance measures, directing the DNFBPs to improve their AML compliance measures and effectively manage the financial crime risks

Managing the AML Audit findings (Post-Audit Activities)

Once the management receives the independent AML Auditor’s report, the senior management must immediately take necessary actions to address the AML/CFT deficiencies. The necessary team must be involved, including the AML Compliance Officer, to implement the AML auditors’ recommendations to enhance the quality and effectiveness of the DNFBP’s AML program.

In simple terms, an independent AML audit is a giant umbrella to check and test the DNFBP’s implemented AML/CFT measures, thriving to ensure its adequacy, quality, completeness, and relevance with appropriate AML audit planning and program, effectively executing the AML audit procedures and ensuring the redressal of the AML gaps as post AML audit.

Independent AML Audit

How can AML UAE assist in ensuring the quality of your AML framework with an independent AML audit?

Documenting the AML/CFT policies and procedures differs significantly from ensuring effective implementation. It is where the independent AML audit comes into the picture.

At all times, the implemented AML/CFT measures and controls must effectively identify and mitigate the money laundering and terrorism financing risks. The AML program must be aligned with relevant AML regulations and complete in all aspects, ensuring total coverage for fighting financial crimes and staying 100% compliant. Here is the role of the independent AML auditor to examine the existing measures, detect any loopholes and recommend the best practices to bridge the AML gaps.

AML UAE is a leading AML consultancy firm assisting the regulated entities in UAE, including DNFBPs, to design and implement customized AML policies and procedures to manage the ML/FT risks. With our domain experts and diverse experience, we can assist DNFBPs in auditing the AML framework and identify necessary improvement areas and regulatory violations that need immediate attention to strengthen the AML measures.

Implement robust independent AML audit to stay AML compliant and channel your AML efforts in the right direction!

Make significant progress in your fight against
financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Uncovering the ML/FT red flags associated with Virtual Assets

Uncovering the ML/FT red flags associated with Virtual Assets

Uncovering the ML/FT red flags associated with Virtual Assets

Uncovering the ML/FT red flags associated with Virtual Assets
Download Uncovering the ML/FT red flags associated with Virtual Assets

Uncovering the ML/FT red flags associated with Virtual Assets

With the increasing acceptance of virtual assets – Cryptocurrencies and Non-Fungible Tokens (NFTs), the risk of the domain being exploited by financial criminals is also rising. Understanding the typologies associated with virtual assets is crucial to mitigate the financial crime risk.

The primary characteristics of virtual assets – anonymity and quick pace to conclude the transfer of funds across the border, make them more vulnerable to money laundering and terrorism financing activities.

Let us understand the red flags or risk indicators suggesting misuse of virtual assets to disguise the criminal proceeds or funding terrorist activities.

AML UAE is one of the leading AML consultancy firms, assisting regulated entities, including Virtual Asset Service Providers (VASP), in designing and implement a robust AML/CFT framework to detect and manage the ML/FT risks. We also assist the businesses in assessing the overall business risk and imparting comprehensive AML training to the staff to mitigate the risks.

Stay aware, stay compliant!

Related Posts

Role of an AML Compliance Officer in a real estate agent or brokerage firm in UAE

Role of an AML Compliance Officer in a real estate agent or brokerage firm in UAE

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Role of an AML Compliance Officer in a real estate agent or brokerage firm in UAE

Real Estate is considered one of the typologies criminals exploit to launder illicit money. Thus, UAE AML regulations have included the real estate agents and brokers under the ambit of Designated Non-Financial Businesses and Professions (DNFBPs), required to adhere to an anti-money laundering framework, including the appointment of an AML Compliance Officer to oversee the implementation of AML measures and identify the money laundering instances.

In this article, we will explore the functions of an AML Compliance Officer in a real estate agent or brokerage firm and their significance in combating financial crime from the UAE real estate sector.

Understanding AML Compliance in the real estate sector

Certain business organizations have been entrusted with identifying, preventing, and reporting instances of money laundering and the financing of terrorism. In this context, the procedures and controls adopted by these organizations to mitigate the financial crime risks would be treated as AML Compliance.

AML compliance involves designing and implementing internal AML/CFT policies, procedures, systems, and controls to manage the money laundering risks, implementing the Customer Due Diligence process and ongoing monitoring program to identify and report suspicious transactions, training the relevant staff to create AML awareness, etc.

AML compliance for real estate agents and brokers will help ensure that the sector is not exploited or misused by criminals to place the proceeds of illegal activities. Real estate agents or brokerage firms’ efforts and commitment towards AML compliance will promote the reputation and attract responsible buyers and sellers engaging with the real estate brokerage firm.

AML non-compliance by real estate agents and brokers in UAE can result in reputational damage and hefty administrative fines.

Real estate agents and brokerage firms in UAE must understand their AML compliance obligations and appoint a competent AML Compliance Officer to stay AML compliant and safeguard businesses against financial crime.

Role of an AML Compliance Officer in a real estate agent or brokerage firm in UAE

The Role of an AML Compliance Officer to combat money laundering in the real estate sector

As one of the DNFBPs under UAE AML regulations, the real estate agents and brokers must comply with the UAE AML regulations and implement necessary measures to protect the firm from being exploited by the money launderers. To oversee the effective implementation of the AML/CFT framework across the firm, the law mandates appointing a designated person to act as an AML Compliance Officer.

The primary role of the AML Compliance Officer would include the following:

The Compliance Officer must conduct the Enterprise-Wide Risk Assessment to identify and evaluate the company’s possible ML/FT risk exposure. This risk assessment must be aligned with the management-approved risk appetite. It must consider the relevant risk factors, such as the nature of buyers and sellers the company is associated with, the geographies of its operations, the nature of properties involved, the complexity of the transactions, delivery channels used, etc.

The outcome of the EWRA or the overall business risk assessment shall help the AML Compliance Officer understand the AML/CFT measures required to safeguard the company.

The Compliance Officer (CO) must establish and implement comprehensive internal AML/CFT policies, procedures, and controls customized to its business operations and the assessed risk. The policies must consider the relevant AML regulations, including the specific guidelines, e.g., the Ministry of Economy’s supplemental guidance on AML/CFT for the real estate sector. The CO must periodically review and update the AML/CFT policies and procedures to ensure their relevance and effectiveness.

CO is also responsible for ensuring that the company follows robust Customer Due Diligence measures before establishing any business relationship with a customer (whether a buyer, seller, property developer, lessor, or lessee). This should also include designing Know Your Customer forms and implementing adequate customer risk assessment methodology to determine the risk each customer poses to the company’s real estate brokerage business.

CO should also ensure that the company has deployed necessary systems and tools to conduct timely screening of the customers, to comply with sanctions screening requirements and determine whether the customer is a Politically Exposed Person (PEP) or has any adverse media against the person, suggesting involvement in any criminal activities.

In case of customer is identified as high-risk, Compliance Officer must ensure that Enhanced Due Diligence measures are applied to manage the increased ML/FT risk, including additional checks and verification related to the customer’s identity, source of their funds and wealth, etc.

Ongoing monitoring is one of the essential aspects of overall AML compliance. The Compliance Officer must implement adequate systems and procedures to identify suspicious activities and monitor transactions and business relationships.

  The CO is, also known as a Money Laundering Reporting Officer (MLRO), responsible for accurate and timely reporting of suspicious activities and transactions with UAE’s Financial Intelligence Unit (FIU).

Apart from filing Suspicious Activity Report (SAR) and Suspicious Transaction Report (STR), the AML Compliance Officer of the real estate broker is accountable for the following additional reporting:

  1. Filing of the Real Estate Activity Report (REAR) on the goAML portal, furnishing details of the designated transactions related to the purchase/sale of Freehold real estate property,
  2. Preparing and submitting a periodic AML/CFT report to the company’s senior management, giving updates on the AML measures applied during the period, any red flags observed, any reports field with FIU, any additional requirements for AML resources, etc.,
  3. Submitting relevant information and documents to the supervisory authority when requested.

One other essential function of the Compliance Officer is to develop the AML training program for the company’s employees, including the senior management, to create awareness around the AML program and promote strong compliance culture.

Along with AML/CFT measures, the Compliance Officer must consider compliance with Targeted Financial Sanctions. This will include screening the relevant sanctions list and, if any matches are found, applying adequate TFS measures and reporting it to the Executive Officer for Control and Non-Proliferation (EOCN) by filing Confirmed Name Match Report (CNMR) or Partial Name Match Report (PNMR) on the goAML Portal.

The AML Compliance Officer is responsible for ensuring the maintenance of AML/CFT records and information in an organized manner for a minimum period of five (5) years from the end of the business relationship or transaction. However, the period threshold is six (6) years for the real estate agents and brokers operating in or from ADGM’s Financial Service Regulatory Authority (FSRA) or DIFC’s Dubai Financial Service Authority (DFSA).

Role of AML Compliance Officer in UAE Preview

Must have Skills and Qualifications for an AML Compliance Officer

To ensure the effective implementation of the entire AML compliance program in the real estate agent or brokerage firm and protect the business from being vulnerable to financial criminals, the firms must appoint a competent AML Compliance Officer having adequate seniority and independence.

The functions entrusted to an AML Compliance Officer require technical expertise, subject and business knowledge, analytical skills, and a commitment to AML compliance.

The Compliance Officer is expected to have the following skill sets:

  • Thorough knowledge and understanding of the relevant AML regulations applicable to the real estate sector,
  • An analytical skills to detect and evaluate the ML/FT red flags,
  • Communication skills to collaborate with staff, open communication with senior management and supervisory authority,
  • Attention to detail to promptly identify any unusual patterns or transactions indicating financial crime or involvement of criminal proceeds and accurately reporting the suspicious transactions to the FIU,
  • Professionalism and integrity are essential qualities for an AML Compliance Officer to ensure an unbiased approach towards AML compliance and avoid any conflict of interest between compliance and business.

Smoothening the functions of the AML Compliance Officer with adequate technology

with the help of emerging technology, the Compliance Officer can optimize the real estate broker’s compliance function to ensure timely detection of ML/FT risk indicators and stay 100% AML compliant.

AML Compliance Officer of a real estate agent or brokerage firm can implement developing tools and systems to automate the customer onboarding process, starting from buyer and seller identification, ID verification, liveness checks, real-time screening against sanctions, PEP, or adverse media, etc.

Further, artificial intelligence-based solutions can assess customer risk and monitor transactions and customer profiles. This ensures prompt alert generation for high-risk customers, unusual trends, or suspicious customer behavior.

Embracing developing technology and tools would ease the responsibilities and improve the effectiveness of the AML/CFT measures developed and maintained by the Compliance Officer in the real estate agent or brokerage firm in UAE by reducing the manual errors, and identification of potential ML/FT risks to curb the vice on a timely basis.

How can AML UAE assist the AML Compliance Officers of the UAE real estate agents and brokers to navigate the AML Compliance journey?

The role of an AML Compliance Officer in a real estate agent or brokerage firm in the UAE is critical to safeguard the real estate sector from being misused by criminals to route their dirty money.

AML UAE is a leading AML consultancy firm in the UAE. AML UAE can strengthen the efforts of the AML Compliance Officer by assisting in assessing the real estate agents and brokers’ ML/FT risk exposure and tailoring the internal AML/CFT policies, procedures, and controls to identify and report suspicious transactions.

We can also impart comprehensive AML training to the Compliance Officer and the staff, including senior management of the real estate brokers and agents, to promote collaborative attempts in the fight against financial crime. With our assistance in identifying and implementing the right AML technology and solutions, AML Compliance Officer can enhance the effectiveness of the compliance processes and efficiently identify potential ML/FT risks.

Stay AML Compliant!

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

4 Principles of LBMA’s Global Precious Metals Code 2022

4 Principles of LBMA’s Global Precious Metals Code 2022

4 Principles of LBMA’s Global Precious Metals Code 2022

4 Principles of LBMA’s Global Precious Metals Code 2022
Download 4 Principles of LBMA’s Global Precious Metals Code 2022

4 Principles of LBMA’s Global Precious Metals Code 2022

London Bullion Market Association (LBMA) has issued Global Precious Metals Code, 2022, from market participants engaged in the global Over-The-Counter (OTC) wholesale trade of precious metals. The Global Precious Metals Code captures the highest standards for business conduct expected while dealing with precious metals – Gold, Silver, Platinum, and Palladium.

The Code talks about –
– ethical practices and avoidance of conflict of interest
– effective management of the governance, compliance, and overall business risk,
– maintaining high standards while sharing information and communicating with other market participants, including ensuring the confidentiality of critical data
– code of business conduct before and during the execution of the transaction, including post-execution practices.

Here is an infographic discussing the four fundamental principles of LBMA’s Global Precious Metals Code, 2022.

AML UAE is an AML consultancy firm assisting Dealers in Precious Metals and Stones in UAE to implement a customized AML/CFT program to identify and mitigate ML/FT risks. We also assist in designing a comprehensive framework to maintain the highest professional standards and ethics while staying compliant with local and international regulatory frameworks (FATF, OECD, Responsible Gold Sourcing Code, and the LBMA’s Global Precious Metals Code, etc.).

Related Posts

AML Governance for VASPs in the UAE: Building trust and strengthening compliance

AML Governance for VASPs in the UAE Building trust and strengthening compliance

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

AML Governance for VASPs in the UAE: Building trust and strengthening compliance

Virtual assets are increasing their acceptance and significance in the financial system of the UAE. However, with this comes the increased risk of money laundering and terrorist financing, given the inherent nature of anonymity and speed of virtual asset transactions. The UAE authorities have brought the Virtual Assets Service Providers (VASPs) under the Anti-Money Laundering (AML) regulatory landscape to mitigate these financial crime risks. Here, it becomes critical for VASPs in UAE to establish an effective AML governance and oversight function to manage financial crime vulnerabilities.

Why is AML Governance important for VASP in UAE?

The VASPs expose themselves to huge ML/FT risks while onboarding customers across the world without any boundaries. Further, as all the transactions are done virtually, the risk of unidentified originators and virtual asset beneficiaries is involved, which can be exploited for laundering illegal funds or financing terrorist activities.

The authorities have established specific regulatory guidelines, mandating the VASPs to adhere to them and safeguard themselves against financial crime risks. VASPs operating in UAE must register with the relevant authorities and comply with the AML/CFT regulations. Failure to comply with these compliance obligations can result in hefty administrative fines and reputation damage.

The AML regulations in UAE require the VASPs to conduct Enterprise -Wide Risk Assessment to identify the ML/FT risks, adopt a risk-based approach to design and implement internal AML/CFT policies, procedures, and controls, and report any identified suspicion to the Financial Intelligence Unit (FIU).

To mitigate the ML/FT risks and avoid regulatory non-compliance penalties, the VASPs must establish and maintain a robust AML governance and oversight function.

AML Governance for VASPs in the UAE Building trust and strengthening compliance

How to establish a robust AML Governance Function in VASP?

As a first step to AML governance, the VASPs must understand the AML regulations and compliance obligations imposed upon the organization. With a basic understanding of AML compliance requirements, let us understand the critical component of an effective AML governance framework.

Effective AML governance framework

As a first step to AML governance, the VASPs must understand the AML regulations and compliance obligations imposed upon the organization. With a basic understanding of AML compliance requirements, let us understand the critical component of an effective AML governance framework.

Appointment of AML Compliance Officer or Money Laundering Reporting Officer

VASPs must appoint a competent person with adequate knowledge and experience in AML compliance to act as the AML Compliance Officer or the MLRO.

The compliance officer shall be responsible for overall AML/CFT program management.

Identifying the business risks

VASP must perform an Enterprise-Wide Risk Assessment (EWRA) to identify and assess the ML/FT risks that the organization faces. The risk assessment must be based on qualitative and quantitative analysis of the relevant risk factors such as customer base, geographies of operations, nature of transactions, products or services offered by VASP, etc.

As the business activities and ML/FT risk typologies keep evolving, the business risk assessment must be dynamic. VASPs must regularly assess the risk to factor in the changes in business activities, regulatory amendments, and emerging financial crime trends. The risk assessment results should be used to develop the internal AML/CFT policies, procedures, and controls to manage the identified ML/FT risks.

How to conduct AML Business Risk Assessment Priv

Developing the comprehensive AML/CFT framework

VASPs must have in place a well-defined internal AML/CFT program, including policies, procedures, systems, and controls that can adequately identify and manage the ML/FT risks of the organization’s virtual assets operations.

The AML policies and procedures must reflect the VASP’s overall risk and be practical to mitigate the risks.

Having an AML policy is not enough. The VASP must periodically review the policies and procedures to ensure their adequacy, effectiveness, and relevance in combating financial crimes. The AML/CFT framework must, at all times, be effective in addressing the identified business risks and is compliant with AML regulatory requirements.

The policy should document the VASP’s AML obligations, the controls adopted by the VASP to manage the risks, and the roles and responsibilities of the AML Compliance Officer, employees, and senior management towards the AML program.

Robust Customer Onboarding Process

Millions of transactions related to the transfer of virtual assets are conducted amongst multiple originators and beneficiaries worldwide. For an effective AML/CFT compliance framework, an effective customer onboarding process is one of the key elements.

It is pertinent for VASPs to identify these originators and beneficiaries of the transactions and verify their identity. The VASP must screen these customers to understand their connection with the Sanctions List, or Politically Exposed Person (PEP), and the presence of adverse media suggesting criminal history.

As part of the Customer Due Diligence (CDD) process, the VASP should also perform a customer risk assessment to identify the risk each customer poses to the business. Basis the outcome of the customer risk profiling, the VASP must adopt a risk-based approach and perform Enhanced Due Diligence (EDD) measures to manage the increased risk posed by high-risk customers.

CDD does not end here. The VASP must implement systems to monitor the transactions and business relationships on an ongoing and real-time basis to identify unusual or suspicious activities.

Suspicious activities identification and reporting procedures

AML framework is incomplete without adequate internal systems and procedures to identify the ML/FT risk indicators or red flags, suggesting involvement in money laundering activities, criminal proceeds, or terrorism financing. A clear mechanism must be in place to guide the employees to actions to be taken once any suspicious activities are observed and how the reporting shall be done to the AML Compliance Officer.

Further, the guidelines about external reporting to the FIU must also be well defined to ensure the timely filing of a Suspicious Activity Report (SAR) or Suspicious Transactions Report (STR) with the FIU.

Support from the senior management

No business function can be successful without the support from senior management. Similar is the case of the AML function. The senior management plays a critical role in ensuring the effectiveness of the AML governance framework by setting the right compliance tone at the top and providing strategic oversight of the implemented AML/CFT policies and procedures.

The management must establish the VASP’s ML/FT risks appetite and review and approve the VASP’s business risk assessment and the developed AML/CFT compliance program. Management should ensure that the risk assessment and AML policies, procedures, and controls are periodically reviewed and updated to manage the risks effectively.

Further, the one important role of senior management is ensuring its compliance department is well-staffed with adequate resources necessary to manage the ML/FT risks and stay AML compliant.

As part of the AML governance and oversight function, the senior management and board of directors must seek periodic reports from the AML compliance officer capturing the VASP’s ML/FT exposure, identify suspicious actions taken by the compliance officer, any AML gaps observed, etc.

Responsibilities of Senior Management around AML program under UAE AML Laws

Effective oversight function with periodic AML review and independent AML audit

To ensure the effectiveness of the AML/CFT measures adopted by the VASPs, it is important to establish an independent AML audit and also an internal periodic AML review function. The policies, procedures, systems, and controls implemented by the VASPs must be periodically reviewed to test the quality, adequacy, and effectiveness of the AML/CFT program.

A periodic AML review and interviews with the AML compliance team must be conducted to check whether the AML policies are effectively followed across the organization and to identify any gaps in policies, procedures, or implementation flaws. This periodic review shall assist the VASPs in remediating the AML non-compliance or vulnerabilities before it has a multifield impact on the operations. The internal reviews can be considered as frequent routine checks on the effectiveness of AML/CFT systems and controls, necessary to ensure that the AML measures are up-to-date and capable of identifying the financial crime risks.

Further, the VASP must appoint an independent person, having adequate AML understanding and experience to conduct the AML review. An independent AML audit shall be a more focused and unbiased review by a third party (possibly an external person) to ensure that VASP has an appropriate framework to manage the risks and stay AML compliant.

AML training program

AML governance function is incomplete without the involvement of the entire staff and their contribution towards the AML/CFT program. AML Compliance Officer of the VASP must develop a robust and comprehensive AML training program for the staff, including senior management, to ensure that all the employees of the organization understand the ML/FT risks, compliance obligations, and their roles and responsibilities towards VASP’s AML/CFT efforts.

AML training shall ensure that staff is well aware of internal AML/CFT policies and procedures and can exercise sound judgement when any suspicion is observed.

Designing a comprehensive AML Training Program

AML governance using technology and data analytics

AML governance and oversight would be challenging without deploying adequate technology and data analytics tools in this virtual asset world where everything is online. With technology, VASPs can automate the ML/FT risk assessment and deploy adequate measures to mitigate the same. With the humungous volume of virtual asset transactions, technologies like Artificial Intelligence and Machine Learning make transaction monitoring easy and real-time, generating alerts for unusual activities and reducing false positives.

Further, data analytics algorithms can be trained to identify unusual customer behaviour, detect suspicious transactions, and identify patterns that may indicate money laundering or terrorist financing.

VASPs can effectively detect and prevent money laundering and terrorist financing involving virtual assets by integrating technology and data analytics in their AML governance and oversight functions.

Collaborating with regulatory authorities and industry partners

As an element of effective AML governance, VASPs are recommended to stay connected with AML regulatory and supervisory authorities to seek guidance on various AML/CFT compliance obligations. Further, seeking the authorities’ feedback on implementing AML measures is also critical to enhance and improve the AML/CFT function.

Webinars and awareness sessions conducted by the authorities can also be helpful for VASPs to manage their ML/FT risks and detect emerging ML/FT typologies.

Collaboration with other VASPs can also help understand the industry’s best practices to identify and manage the ever-evolving ML/FT risks arising from virtual asset transfers.

Measuring the effectiveness of your AML governance and oversight function

VASPs need to review and enhance their AML governance and oversight function. This can be done using key performance indicators (KPIs) such as –

  • Periodicity of AML/CFT report furnished by AML Compliance Officer to senior management
  • Identified gaps and time and actions taken to remediate the same
  • Feedback received from the authorities
  • Number of suspicions observed
  • Quality and frequency of the AML training program
  • Finding of internal AML review and independent AML audit

Though not exhaustive, assessing certain factors can give insights into the effectiveness of the VASP’s AML governance and oversight function.

How can AML UAE assist VASPs in UAE in establishing effective AML Governance Function?

Effective AML Governance and Oversight functions are critical for VASPs to stay AML compliant and manage the financial crime risks.

A robust AML/CFT program, commitment, and support from senior management, deployment of emerging technologies, comprehensive AML training, periodic AML review, audit, etc., can enhance the quality and relevance of the VASP’s AML/CFT framework.

AML UAE is one of the leading AML firms in UAE, supporting regulated entities, including VASP, to establish and maintain a strong internal AML/CFT compliance program aligned with its overall ML/FT risks and regulatory requirements. We also help the VASPs set up solid AML governance and Oversight functions, constantly contributing towards enhancing the effectiveness of the VASP’s AML/CFT measures.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Elements of AML Compliance Officer’s Report to Senior Management under UAE AML Regulations

's Report to Senior Management under UAE AML Regulations

Elements of AML Compliance Officer's Report to Senior Management under UAE AML Regulations

's Report to Senior Management under UAE AML Regulations
Download Elements of AML Compliance Officer's Report to Senior Management under UAE AML Regulations

Elements of AML Compliance Officer's Report to Senior Management under UAE AML Regulations

Though the Senior Management of the regulated entities does not get involved in routine AML/CFT tasks but is responsible for ensuring the implementation of the AML/CFT program across the organization. In this context, to ensure that senior management is aware of the organization’s AML/CFT measures, the UAE AML regulations mandate an AML Compliance Officer of all the regulated entities – Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Assets Service Providers (VASPs) – to prepare and submit a periodic AML/CFT Compliance Officer’s report to the senior management.

The periodic AML Compliance Officer’s Report must cover a brief about the customer due diligence measures performed during the period, the number of high-risk customers onboarded, customers rejected, and any matches found with sanctions lists. Further, the Compliance Officer must also provide a statistic related to the reports field on the FIU’s goAML portal and an overview of the suspicions observed. The report must also include any AML/CFT gaps or weaknesses identified by the Compliance Officer and the action taken. The Compliance Officer must also capture any additional resources required for AML/CFT compliance.

Here is a visual note of what all elements must be covered in the AML Compliance officer’s periodic report to the organization’s senior management.

AML UAE is a leading AML Consulting firm assisting AML Compliance Officers of various regulated entities to implement an effective and robust AML/CFT program. We help design and prepare the periodic AML Reports to ensure management understands and is up-to-date on the organization’s and Compliance Officer’s AML/CFT efforts.

Related Posts

Identity Verification for Partnership Firms: Navigating the essential element of customer onboarding under UAE AML Law

Identity Verification for Partnership Firms Navigating the essential element of customer onboarding under UAE AML Law

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

Identity Verification for Partnership Firms: Navigating the essential element of customer onboarding under UAE AML Law

UAE has introduced stringent regulations to combat financial crimes such as money laundering and terrorist financing. These laws mandate that Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Asset Service Providers (VASPs) implement adequate frameworks within the organization to identify and prevent money laundering and terrorism financing instances.

Identifying the customers and verifying their identity is essential to the AML compliance program. The regulated entities must apply thorough identity verification measures when dealing with a partnership firm, not just individual customers.

In this article, we will discuss the critical elements of the identity verification process under UAE AML regulations when establishing a business relationship with a partnership firm.

Identity Verification for Partnership Firms Navigating the essential element of customer onboarding under UAE AML Law

Why are partnership firms vulnerable to financial crime?

A partnership firm is a legal structure owned and managed by individual persons. Sometimes, the legal identity of the partnership firm is exploited by criminals to conduct money laundering or terrorism financing, concealing their identity under cover of the partnership firm.

Further, setting up a partnership firm is relatively simple and quick, making it more vulnerable to financial crime risks and used as a money laundering technique to disguise the actual ownership of illegally obtained proceeds.

Given this, the UAE AML regulations mandate that when conducting a business transaction with a partnership firm, the firm’s identity, including the identity of the Ultimate Beneficial Owners (UBO) and the controlling parties, must be obtained and verified using reliable, independent documents, or sources. This measure shall help uncover the bogus firms established to execute financial crimes.

What is Customer Due Diligence under AML regulations?

Customer Due Diligence (CDD) is a process of identifying the customer or supplier or any third party with whom the business transactions are to be conducted and verifying their identity to determine the legitimacy, including assessing the ML/FT risk the customer poses to the business.

Understand the types of CDD measures to effectively mitigate the ML-FT risks 

How to ensure adequate identity verification for Partnership Firms?

When establishing a business relationship with a partnership firm, it is very pertinent to understand the firm and its true owners or controllers managing the firm’s business. It is necessary to ensure that the regulated organization is not unknowingly exploited by the partners of the firm for money laundering or other illegal activities.

To ensure adequate identity verification of a partnership firm, the following measures must be followed:

Obtain identification details, including other necessary information and documents

To begin with, the regulated entities must seek the identification details of the partnership firm. For this, it is recommended that the regulated entities get the “Know Your Customer” form filed by the firm, capturing legal name, legal structure, partners, their holding, contact details, license number, nature of the business activities, the purpose of the business relationship, etc.

Adequate documents supporting the identification details, such as a trade license or certificate of incorporation, must also be obtained. Further, documents presenting the organization structure must be obtained, which includes the Memorandum of Association and Article of Association.

Ensuring the identity documents obtained from the partnership firm are valid and up-to-date is vital.

All the information obtained about the firm shall assist in identifying and evaluating the ML/FT risks the firm poses to the business and accordingly determine the level and degree of the AML/CFT measures to be applied to manage the risk.

Know Your Customer - KYC Requirements under AML regulations in UAE

Identifying the partners and beneficial owners

Identification of a partnership firm is incomplete without identifying the actual mind behind the legal structure – the partners, UBOs, and the controlling parties. The regulated entities must seek adequate identification details about the UBOs and partners, such as full name, nationality, date and place of birth, address, identification number, etc.

Further, the necessary documents supporting the identification information must be obtained, for example, the passport, Emirates ID, Driver’s License, or any other government-issued document bearing the person’s photograph.

The regulated entities must ensure that the information obtained about partners and beneficial owners is complete and accurate. The partnership structure, as presented in the KYC form, must match the firm’s legal documents.

Identify UBOs to complete your AML Customer Due Diligence

Verify identity using documents obtained and other reliable, independent sources

Once all necessary documents and information have been collected, the next step is to verify the identity details’ authenticity and the documents’ legitimacy. For verification purposes, the regulated entities may rely on government-issued identity documents or resort to independent databases like the corporate registry or third-party paid resources to ensure that the partnership firm and its partners are legit persons to conduct business with.

The regulated entities should seek the original document for verification purposes and obtain a photocopy of such document, with a remark from the person verifying the documents as “original sighted and verified.” Suppose the firm cannot produce the original documents for verification. In that case, the regulated entity must insist on getting a certified copy of the identity document, certified as a “true copy” by a chartered accountant, bank manager, notary, police officer, etc.

The regulated entities must ensure that the identity documents are not forged or tampered with. Further, necessary steps must be taken to match the photo presented on the identification document with the person actually presenting it.

Screening the partnership firm and the partners, UBOs, and controlling parties

The regulated entities must screen the firm and its UBOs, partners, etc., to check whether any person is designated under any sanctions list, specifically under UAE Local Terrorist List or UNSC Consolidated List.

It is also essential to determine whether any of the partners of the firm or the UBOs are Politically Exposed Persons (PEPs) or close relatives of associates of PEP or any other high-risk individuals.

Further, the regulated entity must also check if there is any negative news or adverse media available against the firm or any of the partners of the firm, indicating criminal history or involvement in financial crime.

Ongoing monitoring

The regulated entities must ensure that the identification formation obtained about the partnership firm and the partners is accurate, complete, and valid at all times. For this, the entities must implement adequate ongoing monitoring measures and systems, including regular reviews of identification documents and maintaining adequate documentation related to the identity verification process and changes therein.

Record-keeping

Record-keeping is an important aspect of the identity verification process. Regulated entities must maintain accurate records of all the documents collected and the verification process, including records related to ongoing monitoring and changes in the initial information or documents. The identification verification-related records must be maintained in an organized manner and must be made available to the relevant authorities upon request.

A robust identity verification process, including identifying eth partners and UBOs, is mandatory to manage the ML/FT risks while establishing a business relationship with the partnership firm.

Record Keeping Requirement in UAE

How can technology come in handy in the identity verification process of the partnership firm?

Identity verification is essential to manage the risk and stay AML compliant. Given the legal structure of the partnership firm and the requirement to identify and verify the identity of the partners, the regulated entities are recommended to leverage the technology for efficient identity verification.

Regulated entities may use emerging technologies like Artificial Intelligence or Machine Learning to streamline the identity verification process while onboarding a partnership firm as a customer. For example, biometric verification (facial recognition) or automated identity document verification solutions can help reduce the time and resources required to carry out identity verification of the partnership firm and presents more accurate results, reducing the risk of manual errors or manipulation.

Identity verification is a crucial component of complying with AML regulations while establishing business relationships, specifically in the case of a legal person, including a partnership firm. A comprehensive identity verification process is essential to identify the ML/FT risks and determine the adequate measures to be implemented to manage the risk arising from the partnership firms onboarded as customers or suppliers.

Any gaps in customer identification may expose the business to unwanted financial crime risk and administrative fines for regulatory non-compliance.

How can AML UAE assist you in the identity verification process?

AML UAE is a leading AML consultancy service provider in UAE, assisting regulated entities in identifying business risks and tailoring the AML/CFT policies, procedures, and controls to mitigate the assessed risk effectively. It includes designing a robust customer onboarding framework, including the identity verification processes customized for partnership firms, corporate entities, individuals, trusts, etc., to assess customer risk and apply appropriate AML/CFT controls.

We also impart AML training to the Compliance Officer and the team to effectively implement the designed processes and controls and ensure that identity verification of partnership firms is adequately performed to prevent ML/FT vulnerabilities.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Restrictions on Business Relationships under UAE AML Law

Restrictions on Business Relationships under UAE AML Law

Restrictions on Business Relationships under UAE AML Law

Restrictions on Business Relationships under UAE AML Law
Download Restrictions on Business Relationships under UAE AML Law

Restrictions on Business Relationships under UAE AML Law

The AML regulations in UAE restrict Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Assets Services Providers (VASPs) from establishing a business relationship under the following situations:

  • When the person is designated person under UAE Local Terrorist List or UNSC Consolidated List or any other relevant Sanctions List
  • When the person is uncooperative and hinders the completion of the Customer Due Diligence process
  • Circumstances where the proposed customer is a legal person or legal arrangement and its Ultimate Beneficial Owners cannot be identified
  • Regulated entities are prohibited from setting up a business relationship with a shell or fictitious bank (that does not have any physical presence or employees for carrying out actual business operations)
  • No business relationship or account can be established on an anonymous basis or using numbered or pseudonyms

Onboarding customers under the abovementioned circumstances would increase money laundering/terrorism financing risk and be tantamount to non-compliance with AML regulations.

Here is an infographic you can take as a base to avoid dealing with particular customers under specified situations.

AML UAE is a leading AML consultancy in UAE, assisting UAE-based regulated entities in developing and maintaining AML/CFT framework to fight financial crime, tailormade to the business’s ML/FT risk. We also impart AML training to the client-facing team and Compliance Officer to ensure that the business does not unknowingly get into a restricted category of business relationships and expose itself to higher ML/FT vulnerabilities and non-compliance penalties.

Related Posts

Cameroon, Croatia, Vietnam put on FATF Grey List | 23rd June 2023

Cameroon, Croatia, Vietnam put on FATF Grey List | 23rd June 2023

Home Author Archives: Pathik Shah
Circular-no-08-aml-2021

Cameroon, Croatia, Vietnam put on FATF Grey List June 2023

On 23rd June 2023, the Financial Action Task Force (FATF), an international body combatting money laundering, revealed its latest update. Cameroon, Croatia, and Vietnam have been added to the list of jurisdictions under increased monitoring, known as the “grey list.”

These three nations now join the ranks of 23 others actively collaborating with the FATF to rectify strategic deficiencies within their systems. The focus of these efforts is to effectively combat money laundering, terrorist financing, and proliferation financing.

The updated list of Jurisdictions under Increased Monitoring – 23rd June 2023 – FATF Grey List – High Risk Countries

  1. Albania
  2. Barbados
  3. Burkina Faso
  4. Cameroon
  5. Cayman Islands
  6. Croatia
  7. Democratic Republic of Congo
  8. Gibraltar
  9. Haiti
  10. Jamaica
  11. Jordan
  12. Mali
  13. Mozambique
  14. Nigeria
  15. Panama
  16. Philippines
  17. Senegal
  18. South Africa
  19. South Sudan
  20. Syria
  21. Tanzania
  22. Türkiye
  23. Uganda
  24. United Arab Emirates
  25. Vietnam
  26. Yemen

Is Vietnam a grey listed country?

Yes, Vietnam is a grey listed country. The Financial Action Task Force, in its latest update on 23rd June 2023, put Vietnam into the list of jurisdictions under increased monitoring commonly referred to as FATF grey list. 

Is Cameroon a grey listed country?

Yes, Cameroon is a grey listed country. The Financial Action Task Force, in its latest update on 23rd June 2023, put Cameroon into the list of jurisdictions under increased monitoring commonly referred to as FATF grey list.

Is Croatia a grey listed country?

Yes, Croatia is a grey listed country. The Financial Action Task Force, in its latest update on 23rd June 2023, put Croatia into the list of jurisdictions under increased monitoring commonly referred to as FATF grey list.

Share via :

Share via :

AML Compliance Requirements for Law Firms in UAE

AML Compliance Requirements for Law Firms in UAE

Pathik Shah

Home Author Archives: Pathik Shah
Table of Contents

Protect your business with reliable and effective AML strategies with AML UAE.

Contact Us Now

AML Compliance Requirements for Law Firms in UAE

With the increase in financial crimes, the introduction and implementation of anti-money laundering and combating the financing of terrorism (AML/CFT) regulations is increasing. In the UAE, lawyers and independent legal firms are covered under the purview of AML regulations. As the vulnerability of the lawyers, notaries, and legal service providers to financial crime, law firms, and legal professionals have been put under AML regulatory regime to identify and prevent money laundering and terrorism financing.

This article lets us navigate AML requirements for law firms operating in or from the UAE.

AML Compliance Requirements for Law Firms in UAE

What AML regulations apply to Law Firms in the UAE?

The primary legislation governing AML compliance is the Federal Decree by Law No. (10) of 2025 Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing and its implementing guidelines under Cabinet Resolution No. (134) of 2025. The federal AML regulations identify the regulated entities and establish a comprehensive framework for such entities to be followed to identify, report, and mitigate the money laundering and terrorist financing risks.

One of the regulated entities defined under the UAE AML regulations as Designated Non-Financial Businesses and Professions (DNFBPs) include:

Lawyers, notaries, and other independent legal professionals, when preparing, conducting, or executing financial transactions in relation to the following activities on behalf of the customers:

  • Purchase and sale of real estate
  • Management of customer’s funds
  • Managing customer’s bank accounts, saving, or securities accounts
  • Organizing contributions for the establishment, operation, or management of the company
  • Creating, operating, or managing legal persons
  • Selling and buying commercial entities

For the law firms licensed in UAE, other than Abu Dhabi Global Market (ADGM) and Dubai International Financial Centre (DIFC), the Ministry of Justice is the AML supervisory authority.

With reference to the Federal AML regulations, the Ministry of Justice (MoJ) has also issued Ministerial Decision No. (533) of 2019 on Anti-Money Laundering and Combating Terrorism Financing related to Lawyers, Notaries, and Legal Independent Professionals and a detailed guide to help the law firms effectively implement the AML/CFT measures and prevent financial crimes.

Accordingly, law firms must comply with Federal AML legislation and the decision and guide issued by the Ministry of Justice.

AML Compliance Requirements

What are the AML Compliance requirements of a Law Firm in UAE?

As a regulated entity, law firms and legal professionals are responsible for identifying and reporting ML/FT-related suspicious transactions to the Financial Intelligence Unit. In this context, law firms must comply with Federal AML legislations and the decision and guide issued by the Ministry of Justice.

The following are the AML compliance obligations for a law firm in UAE:

AML compliance obligations for law firm in UAE

goAML Registration

Every law firm in UAE must be registered with the Financial Intelligence Unit’s (FIU) goAML Portal.

Simplifying UAE FIU goAML Registration A Visual Guide

Appointing an AML Compliance Officer

To ensure the effective implementation of the AML Compliance program, law firms must appoint a competent AML Compliance Officer. The appointment of the compliance officer must be approved by the supervisory authority, which is sought during the pre-registration stage of the goAML registration.

Role of AML Compliance Officer in UAE Preview

Conducting Enterprise-Wide Risk Assessment

The law firms must assess the overall money laundering and financing of terrorism (ML/FT) risk their firm is exposed to. The AML Enterprise-Wide Risk Assessment must be conducted based on the nature of the customers, associated geographies, nature of services offered, volume and complexities of the transactions, etc.

How to conduct AML Business Risk Assessment Priv

Establishing AML/CFT Policies, Procedures, and Controls

Based on the overall business risk assessment outcome, law firms and legal professionals must design and implement internal AML/CFT policies, procedures, and controls to manage ML/FT risks.

The internal AML/CFT framework must be aligned with applicable AML regulations and the nature and size of the business.

Client Due Diligence Measures

One of the key AML requirements for law firms in the UAE is to identify the customers and the beneficial owners and verify their identity.

The companies must adopt “Know Your Customer” (KYC) procedures to identify the customer, their activities, the purpose of the business relationship, etc.

The law firms must also conduct screening to determine whether any of the customers, their beneficial owners, or the senior management is mentioned on the Sanctions Lists. Screening must be conducted to identify the customer’s status as a Politically Exposed Person (PEP) or a relative or close associate of the PEP.

Adverse media checks must also be conducted to see whether the customer has been linked or alleged to any financial crime-related matters in the past.

Based on the customer identification details and screening results, law firms and legal professionals must identify each customer’s risk to the business and classify the customers as high, medium, or low based on the assessed ML/FT risks.

In cases where the customers are identified as high-risk, the law firms in UAE must seek additional information and adopt enhanced due diligence measures. The lawyers must take necessary actions to understand the customer’s source of wealth and funds and determine its legitimacy.

Ongoing Monitoring of transactions and business relationships

Law firms are required to maintain customer information up-to-date. The CDD information must be closely monitored to ensure that the legal professionals have complete and accurate data about their customers and beneficial owners and that any changes therein are promptly identified.

Further, ongoing monitoring of the transactions is also very important to identify any unusual or suspicious customer activities related to money laundering and terrorist financing. For high-risk customers, enhanced and more stringent monitoring measures must be applied.

Compliance with Targeted Financial SanctionsQ

Law firms are required to implement the Targeted Financial Sanctions (TFS) measures. Accordingly, the law firms must subscribe to the Executive Officer for Control and Non-Proliferation (EOCN) Notification System to receive regular updates about changes in the sanctions listsUnited Nations Consolidated List and the UAE Local Terrorist List.

All the customers, beneficial owners, and the customer’s senior management must be screened against these sanctions list. If any confirmed match is found, the law firms must immediately terminate the business relationship (existing customer) or reject the customer (prospect customer) and submit Fund Freeze Report (FFR) on the FIU’s goAML portal. In case of a partial name match where the law firm cannot conclude the match type, the business relationship must be suspended, and a report must immediately be filed on the goAML Portal – Partial Name Match Report (PNMR).

Identifying and reporting suspicious activities or transactions

Law firms must establish adequate procedures and controls to identify any potential ML/FT risk indicator and report suspicious activities to the FIU. The suspicions related to ML/FT must be reported to the FIU by filing the Suspicious Activity Report or Suspicious Transaction Report (STR), as the case may be.

The list of red flags and the internal procedures to be followed for reporting must be well documented as part of the AML/CFT framework.

AML Training

AML training for the staff is one of the critical compliance obligations for law firms. Regular training must be provided to the staff and senior management to create awareness about AML compliance obligations and their roles and responsibilities.

Designing a comprehensive AML Training Program

AML Governance

To ensure a robust AML Compliance culture, the senior management must support and contribute towards the law firm’s AML/CFT efforts.

The Compliance Officer must furnish a periodic AML report to the senior management, updating them on the firm’s AML measures, the requirement for any additional AML resources, any AML non-compliance identified, and the action taken by the compliance officer, along with routine AML matters. Senior management must review and provide feedback to the Compliance Officer.

The law firms must implement an  independent AML Audit function to periodically test the quality and adequacy of the AML/CFT measures to identify and mitigate the financial crime risks effectively.

Filing Real Estate Activity Report (REAR)

The lawyers and the legal professionals are required to file a Real Estate Activity Report (REAR) with the goAML portal to report the transaction pertaining to the buy/sale of Freehold Real Estate, which involves cash (equals to or exceeding AED 55,000) or virtual assets or funds converted from virtual assets.

Filing of Real Estate Activity Report (REAR) on goAML under UAE AML Law

AML Record Keeping

All AML-related records and documents, including CDD files and transactions with customers, must be maintained by law firms for at least five (5) years.

AML Record Keeping

How can AML UAE assist Law Firms in UAE to stay AML Complaint?

AML compliance is critical for law firms operating in the UAE to safeguard their practice from being exploited by financial criminals and avoid non-compliance penalties.

To understand the AML regulatory landscape and effectively meet the compliance obligations, reach out to AML experts – like AML UAE, your partner in making AML journey a smooth experience.

AML UAE is a leading AML consultancy service provider in UAE, assisting DNFBPs, including law firms, to identify overall ML/FT risks and implement best AML practices to prevent money laundering and terrorism financing crimes.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Contact Us Now

Share via :

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti