Designing a comprehensive AML Training Program

The AML regulations in UAE obligate the AML Compliance Officer to design an adequate AML training program for the entire staff, including the company’s senior management.

To ensure effective implementation of the AML/CFT framework, a strong sense of AML Compliance culture and contribution from every employee is necessary. For this, it is pertinent that the ground team, compliance team and the company’s executive members understand the AML obligations, the company’s AML policies and their roles and responsibilities towards combating financial crimes.

The AML training should cover all the topics and aspects necessary for safeguarding the company and ensuring 100% compliance with the anti-money laundering regulatory requirements. To help you design a robust AML/CFT training program, basis our understanding of the law and enriched experience, we have designed an infographic listing the critical topics to include in your AML Training.

AML UAE is one of the leading AML Consultancy firms, offering end-to-end AML support to Financial Institutions, VASPs and DNFBPs, including designing the AML/CFT policies and imparting comprehensive AML/CFT training to the Compliance Officers, their team and the senior management.

Customer Identification – A Critical Component of AML Compliance

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

What is Money Laundering?

Money Laundering is the process that hides the origin of illegally obtained money and runs it through banking or any other legit financial institution to make it appear as an income received from legitimate resources. This illicit money is then invested in funding criminal and terrorist activities.

Significance of AML compliance for businesses and financial institutions:

As per AML/CFT legislation in UAE, Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Assets Service Providers (VASPs) are required to establish a comprehensive AML/CFT compliance framework. This framework would support the entities in overcoming vulnerabilities related to money laundering, terrorism financing and proliferation financing.

What is Customer Identification?

Financial Institutions have specific procedures to identify and verify customer identities. Customer Identification is one of the basic steps that DNFBPs, and Financial Institutions and VASPs must follow to verify the identity of the prospective customers. It helps identify legitimate businesses, individuals, and institutions so that one may enter into a business relationship with them. In simple words, the customer identification program demonstrates a series of steps that establish the legitimacy of the customer’s identity.

Role of customer identification in AML compliance

Customer identification is the most crucial stage while conducting AML compliance. This is the stage where various checks are applied to verify the identity of the potential client and beneficial owner. On the basis of identification documents, a decision is made about whether to conduct business with this prospective client. After this stage, the clients are rated based on the ML/FT risk they pose to the business.

Components of the Customer Identification Program

UAE has adopted a progressive approach to AML compliance. The AML regulations and the guidelines issued by the Supervisory Authorities provide stringent customer identification procedures that DNFBPs, VASPs and Financial Institutions must follow to identify suspicious transactions. This customer identification procedure is also generally referred to as Customer Due Diligence.

Each country can determine how it implements the necessary CDD process by making a law or using other enforceable methods. It is noteworthy that the Financial Action Task Force (FATF) provided recommendations around Customer Identification Program – international guidelines to combat money laundering and terrorist financing.

Steps in Customer Identification

The CDD measures implemented involve the following steps:

Verify Customer Identity: Identifying the customer and customer identity using independent reliable data.
Identify UBOs: Determine the Ultimate Beneficial Owners, verify their identity, which provides a satisfactory answer to the DNFBPs, FIs and VASPs about true ownership. It gives a clear idea about the control exercised on the customer. Read The Complete Guide to UBO Verification.
Purpose of Business: Obtaining information about the customer’s business activities and understanding the objective of the business relationship.
Continuous monitoring: Continuous monitoring and due diligence is done on the business association and thorough examination of transactions is carried out during the business relationship.

All the processes mentioned above apply to all the customers.

As per the AML Laws, DNFBPs, VASPs and Financial Institutions should follow the above-discussed process to strengthen their AML framework. The Compliance Officer must ensure the adherence to the norms of the Customer Identification Program and keep the process in sync with the AML laws and regulations as prevalent in the UAE and the FATF Recommendations.

Technology & AML Compliance

With the help of technology and advanced AML software, organizations can create a close-knit AML framework. A good customer identification program must have written policies to follow. A clear protocol for customer identification weeds out any ambiguity and provides the regulated entities an apparent reference while implementing the customer identification policies. The policy should clearly mention the customer’s requirements while establishing the business relationship.

DNFBPs, Financial Institutions and VASPs should be aware of the process listed in the AML rules and regulations to identify unusual patterns and suspicious transactions immediately. It is important to note that continuous monitoring is required to evaluate the risk profile and update the risk assessment process to identify any money laundering instances. AML software is highly beneficial in identifying cases of identity thefts and increasing data security. It helps retain the customers’ trust and protects the institutions’ goodwill in the market.

Strict Verification System

The AML software will introduce an effective customer verification system. It helps prevent identity thefts and verifies the criminals who are trying to hide behind the legal system.

AML training will provide the employees with the correct information and inform them regarding the proper processes to be followed while identifying suspicious activities.

AML software can prevent money laundering. Employees can create risk profiles based on information from multiple sources, such as public records, including information about immigration, current criminal history, and previous legal issues. It also provides information on asset tracking, which verifies if the customers are the real owners of the property they claim to be. On-site inspections can also be conducted if there is any suspicion regarding the details and documents furnished.

An independent audit process is required to fulfill the requirements of the independent anti-money laundering regulatory bodies, which ask for a periodical audit. The CIP will ensure that the organization implements the AML guidelines correctly and adheres to the AML rules and regulations. An independent audit will keep the business on its toes, and it will diligently follow the AML rules and regulations.

UAE follows the recommendations closely by adhering to the CDD and record-keeping processes to identify suspicious accounts and transactions and report suspicious activities.

Creating an effective AML compliance program is crucial for customer identification. The policy with a strict customer identification process identifies and deals with the challenges of the money laundering process and prevents financing of criminal and terrorist activities.

AML UAE: AML Compliance Consultants

If you need help with AML compliance, you can always trust AML service providers like AML UAE. A reliable consulting firm that offers complete AML solutions – it is a one-stop destination for AML compliance dedicated to the UAE market. AML UAE team has the right exposure and the requisite skills, updated knowledge, and training to provide AML and CFT compliance. Get Documentation of AML/ CFT policies, AML training, assistance in Annual AML/ CFT Risk Assessment Report and setting up an In-house AML compliance department, AML software selection and AML/ CFT health check-ups.

FAQs

The customer identification process is the process of identifying customers through verification of their identity documents and other reliable data to assess their risk to your business.

Customer identity can be identified by checking their identity documents and seeing if their name is found in Sanction Lists or PEPs.

Customer identification and verification is a process of obtaining information from customers, verifying it, and recording it to identify each customer that your company is onboarding. You must also check if that customer appears in any Sanction Lists, Politically Exposed Persons (PEPs) lists, or government terrorist lists.

The vital elements of customer identification programs are:

Customer identification and verification
Identification of UBOs
Understanding the objective of their business
Periodic review and continuous monitoring

The customer identification process is carried out in 4 steps:

Verify Customer Identity
Identifying UBOs
Purpose of Business
Continuous monitoring

The documents for customer identification depend on whether the customer is an individual or a corporate.

For individuals:

Documents for identity verification: Passport/Emirates ID/Any other government-issued ID bearing photo

Documents for address verification: Recent Utility Bill/Municipal Tax Record/Property Purchase or Rent agreement/Insurance Policy

For corporates:

Documents for identity verification: Certificate of Incorporation/Memorandum of Association/Articles of Association/Trade License

Documents for address verification: Recent Utility Bill/Municipal Tax Record/Property Purchase or Rent agreement/Insurance Policy

Customer identification is necessary to check any potential client’s background and ensure that the client is genuine and has no criminal or illicit intentions to carry out any financial crime.

Banks can set up a comprehensive framework for customer identification consistent with the regulations set up by the Central Bank of UAE.

There can be various instances where suspicion can arise. But some compliance measures like proper training for the frontline staff, keeping up with the updates of the regulators, using robust screening and monitoring software, etc., can help identify suspicious activities and safeguard entities from financial criminals.

Add a comment

Related Blogs

08/02/2023

AML regulations for Virtual Assets Service Providers in UAE

02/02/2023

AML Transaction Monitoring: A powerful tool to detect financial crimes

13/01/2023

Use of Digital ID for Customer Due Diligence -New Guidance issued by CBUAE for LFIs

Share via :

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

Money Laundering risk associated with nominee shareholders and directors!

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

Money Laundering risk associated with nominee shareholders and directors

There is a significant Money Laundering risk involved with Nominee Shareholders and Directors as they are misused by criminals to conceal the true identity of the beneficial owners.

What is Nominee Shareholder/Director?

To conceal the identity of the true beneficial owner or the controlling interest, the entities get into an arrangement wherein a nominee shareholder or director is appointed. A nominee shareholder is a person whose name the shares are registered, however, for the benefit of some other person. At the same time, a nominee director is appointed to the entity’s board to represent somebody else’s interests. In most cases related to the nominee arrangement, the person appointed as shareholder or director is just for the namesake. At the same time, the actual beneficiary or the controlling party is different, and a contract governs the entire arrangement.

Various professional service providers, such as Trust & Company Service Providers, Lawyers and Accountants, offer formal nominee services by allowing their name to be used as nominee shareholder or director against professional fees.

Sometimes, informal nominee arrangements are used to hide the beneficial ownership through families and friends.

Why is the Nominee Shareholder/Director arrangement used?

Some of the nominee arrangements are backed by law, wherein the law mandates the presence of a legal representative in the country of operations, different from the country of the beneficial owner. However, the primary purpose of the nominee arrangement is to hide the identity of the beneficial owners by creating a false layer of ownership or management structure.

Such nominee shareholders and directors are vulnerable to being exploited by financial criminals to administer and control the entity to conduct money laundering or terrorism financing (ML/FT) activities without being disclosed as beneficial owners owning or operating the entire nominee structure.

Red flags associated with nominee shareholders and directors

When the public filings about the entity happen in the name of the registered shareholder or director, who is acting on behalf of someone else, then the actual controlling parties hide behind the veil of nominee arrangement.

The money laundering and terrorist financing potential risk indicators associated with nominee arrangement include the following:

Ultimate Beneficial Owner (UBO) declared for the entity is also listed as UBO of the other registered business entities, and UBO is a professional corporate Service provider,
The reason for the nominee arrangement is not apparent or does not make business sense,
Family members acting as nominee shareholders or directors without any business rationale,
When the actual controlling person is a Politically Exposed Person (PEP) or an individual having negative media reports,

The nominee shareholder or the director is not able to explain the entity’s business activities and corporate history,
The nominee shareholder or the director refuses to provide the necessary information and documents required for registration,
The name of the entity does not match the business activities of the entity.

Mitigating the Money Laundering risk associated with nominee shareholders and directors

To combat the money laundering and terrorism financing risks posed by the nominee arrangement, the UAE authorities have implemented various regulations mandating the nominee shareholders and directors to self-declare such nominee arrangements to promote transparency around the ownership structure.

In one of the documents issued by the Ministry of Economy, named “Nominee Shareholder/Director – formal or informal”, the Ministry requires the Company Registrars to apply enhancing controls for monitoring and regulating the nominee arrangements in the UAE to ensure transparency around beneficial ownership. The Registrar must obtain the details from the registered shareholder about their status as nominee and, if so, information about the actual controlling person operating the transactions.

The document issued by the Ministry of Economy recommends Registrar to apply the below-mentioned additional measures to mitigate the ML/FT associated with nominee arrangements:

Obtain and review the nominee agreement,
Understand the name of the nominee arrangement and the legitimacy of the purpose of the same,
Classify all the entities with nominee arrangements as “high risk” from ML/FT perceptive,
Apply Enhanced Due Diligence measures,
Ensure that all UBOs are declared, and their identity is verified.

How can AML UAE assist you?

Though the primary responsibility lies on the Registrar to apply enhanced due diligence measures on entities having nominee arraignment, it is recommended that all regulated entities – Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers apply due measures when dealing with such nominee shareholders or directors and mitigating the associated ML/FT risks.

AML UAE is one of the leading AML Compliance service providers in the UAE, offering end-to-end support to regulated organizations to manage their AML Compliance and safeguard their business. Let’s together fight the exploitation of the nominee arrangement from being used as a vehicle for conducting money laundering and terrorism financing by customizing our policies, procedures and controls.

Avail comprehensive, expert, and efficient services for
AML compliance matters

Contact our team at AML UAE.

Share via :

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

TFS Implementation Criteria: Ownership, Control, and Acting on behalf of a Designated Person

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

TFS Implementation Criteria

Targeted Financial Sanctions are restrictions imposed on Designated Persons from the financing of terrorism and proliferation perspective, mandating the business organizations not to make any funds or assets available to such Designated Persons.

Targeted Financial Sanctions Legal Framework in UAE:

Article 16(e) of Federal Decree-Law No. 20 of 2018 (as amended by Federal Decree-Law No. 26 of 2021) requires the prompt application of the directives issued by the UAE’s competent authorities for implementing the decisions of the UN Security Council under Chapter (7) of UN Convention for the Prohibition and Suppression of the Financing of Terrorism and Proliferation of Weapons of Mass Destruction, and other related directives.

UAE Cabinet Decision No. 74 of 2020 establishes the framework regarding Targeted Financial Sanctions (TFS), including the Local Terrorist List and the UN Consolidated List and the procedures to implement TFS.

Any non-compliance with the obligations of Cabinet Decision No. 74 of 2020 or failure to implement procedures to ensure compliance may result in imprisonment for a minimum period of 1 year, up to 7 years, and/or a fine ranging between AED 50,000 and AED 5,000,000. Further, the Supervisory Authorities may impose any other appropriate administrative sanctions, such as issuing a warning letter or canceling the business license for any violation or shortcoming in implementing TFS obligations.

TFS Implementation Criteria 1: Ownership or Majority Interest

While implementing TFS with respect to designated individuals and entities listed on the UAE Local Terrorist List issued by the UAE Cabinet (in line with UNSC 1373) and on the UNSC Consolidated List issued by the United Nations Security Council, it is essential to take into account the following criteria viz., ownership, control and acting on behalf of a Designated Person.

TFS must be implemented on a legal entity if a Designated Person (natural or legal) owns the entity. Suppose the designated individual or entity owns more than 50% of the proprietary rights or has a controlling interest in the entity. In that case, such an entity is considered owned by the Designated Person and is subject to a freezing mechanism.

Since the Designated Individual/Entity owns more than 51% of the non-designated Company A, the funds or other assets of Company A must be frozen immediately.

Since Entity 1 and Person 1 own 24% and 25% shares of Company A, they will not be treated as designated persons, and the freezing mechanism will not be applied to them.

If the Designated Person holds 50% or less of the proprietary rights of a non-designated entity, such an entity is not subjected to the freezing mechanism.

Any funds or other assets due to the designated person’s 31% ownership of proprietary rights in Company A must be subject to a freezing mechanism.

The reporting entities must remain vigilant on the changes in the ownership structures of non-designated entities where the designated person holds 50% or less of the proprietary rights.

TFS implementation Criteria 2: Control

Suppose the Designated Person has control over the non-designated entity despite having a minority interest in such entity. In that case, Financial Institutions (FIs), Virtual Asset Service Providers (VASPs), and Designated Non-Financial Businesses and Professions (DNFBPs) are required to apply freezing measures.

To determine whether the designated person exerts control over the non-designated entity, the following criteria need to be taken into account:

Check if the Designated Person has the right to appoint or remove a majority of the members of the legal entity’s management,
Check if the Designated Person is appointed solely as a result of the exercise of his voting rights as a majority of the members of the management body of a legal person who has held office during the present and previous financial year,
Check if the Designated Person is, alone, controlling the majority of shareholders’ or members’ voting rights in the legal person, pursuant to an agreement with other shareholders in or members of a legal person,
Check if the Designated Person has the right to exercise a dominant influence over a legal person, pursuant to an agreement entered into with that legal person or to a provision in its Memorandum or Articles of Association, where the law governing that legal person permits its being subject to such agreement or provision,
Check if the Designated Person has the power to exert the right to exercise a dominant influence referred to in point (d) without being the holder of that right,
Check if the Designated Person has the right to use all or part of the assets of that legal person, e.g., managing the business of that legal person on a unified basis while publishing consolidated accounts,
Check if the Designated Person shares jointly and severally the financial liabilities of a legal person or guarantees them,
Check if the Designated Person has a power of attorney or authorized signatory arrangement over a legal person.

In the above scenario, despite holding the minority interest in the non-designated Company A, the freezing measures must be applied without delay as the Designated Individual/Entity exerts control over Company A by holding the majority of the voting rights.

TFS implementation Criteria 3: Acting on behalf or at the Direction of the Designated Person

FIs, DNFBPs, and VASPs must apply TFS measures on individuals and entities holding power of attorney or acting as authorized signatories for designated persons.

In the above scenario, the Designated Person exerts control over Company A through a Power of Attorney issued in favor of a Non-Designated Person. Hence the funds and other assets of Company A must be frozen without any delay as it would be treated as being controlled by the Designated Person via Power of Attorney.

About AML UAE

AML UAE is an AML consulting firm assisting FIs, VASPs, and DNFBPs in complying with the AML Laws in UAE. Be it goAML registration, AML/CFT Program design and implementation, AML training, or TFS implementation, AML UAE is your one-stop solution for all your compliance worries. With AML UAE, ensure a robust TFS framework and fight the financing of terrorism and proliferation.

Avail comprehensive, expert, and efficient services
for AML compliance matters

Contact our team at AML UAE.

Share via :

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 11 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Filing of Real Estate Activity Report (REAR) on goAML under UAE AML Laws

The Ministry of Economy has introduced the REAR to curb illicit investment in the real estate sector in the UAE and track down the high-risk transactions around real estate involving money laundering. The present infographic details the scenarios when a REAR is to be filed on the goAML Portal, what all DNFBPs are obligated to file this report and the documents required to be maintained in context of REAR.

AML UAE is a consultancy firm offering complete solutions around AML implementation and compliance requirements in UAE, including designing AML Policy and Procedures documentation and assistance in regulatory reporting.

Adverse media and social media checks under AML compliance

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

Adverse media and social media checks under AML compliance

Customer Due Diligence (CDD) is the most critical element of an AML compliance framework. The purpose of conducting CDD is to collect information about customers and verify their identities and legitimacy around the proposed or executed transactions. Adverse media and social media checks can significantly assist in concluding your search for a customer’s identity and avoiding onboarding the customer involved in money laundering or any criminal activities.

Adverse media means negative news or information about customers in publicly available sources or articles. The media sources may include TV, newspapers, radio, magazines, web articles, blogs, etc. If there is any negative mention of the customer in such media sources, it is adverse media or negative news.

Social media platforms, such as LinkedIn, Facebook, Twitter, etc., contain the customer’s profile, known publicly. Also, such platforms sometimes contain references to negative news about the customer.

Though negative news screening has received very little regulatory attention, it is a critical part of CDD.

As a best practice, companies have incorporated adverse media screening and social media monitoring in their CDD processes. It helps you find your customer’s connections with or involvement in suspicious activities.

This article focuses on understanding its importance in CDD measures.

Regulations on adverse media and social media checks

The Financial Action Task Force (FATF) recommends that organizations include adverse media checks in their AML customer onboarding processes. Further, the AML regulations applicable in UAE also provide that the regulated entities look out for negative news for high-risk customers from reliable, independent sources.

Open media sources should be screened to gather the information around the following to build the customer risk profile effectively:

Business Type
Nature of business
Past criminal investigations
Regulatory penalties

Further, social media should be checked to ensure the customer information shared with the company matches the person’s social profile, such as the name the person is socially known by, the name of the employer, location, etc.

Importance of adverse media and social media screening

Building client’s risk profile

Any client can be a threat to your business or reputation. So, before forming a business relationship, you need to know them thoroughly.

Getting information about customers’ details from reliable and independent sources provides you confidence in the details furnished by the customer.

Not only during customer onboarding, but you can also keep a constant check on your customers. Frequent checks allow you to check for any change in the risks. If there is any change in data, you can update the risk profile.

Protecting oneself against reputational risks, penalties, and fines

Creating a fake profile and hiding the real identity is easier in the ever-evolving digital world. A fake identity is used to cover or carry out illegal transactions. Along with CDD measures, adverse media and social profile screening help you detect customers’ connections with criminal activities. If you turn a blind eye to this process and avoid the information known to the world, you would be exposing yourself to criminal activities, thus, resulting in the imposition of fines or penalties. Thus, you must monitor regular adverse news to avoid risks, AML penalties, and fines.

It helps you detect any suspicious transactions with your customers. It also helps you recognize any characteristics or patterns in a customer’s profile that may lead to suspicious activities in the future. So, you can remove any possible chances of attacks on your reputation due to association with money laundering activities.

Sources for negative news and social profile screening

Companies refer to many official and unofficial data sources for finding information about their clients. You can find insights on the customers from the following data sources:

Government databases
Newspaper articles
Online forums
Corporate websites
Social media feeds (LinkedIn, Facebook, Twitter, etc.)
Blogs
Legal prosecutions
Research portals and Private databases

You may not trust some of these unstructured data sources. But the onus lies on you to check the credibility and quality of information. You must confirm the information with other sources to check if it is fake, biased, or partial.

Best practices to implement negative news & social media screening

Some of the best practices to adopt to improve your process of collecting adverse media and checking the social profile of your clients are:

Keep your customer data up-to-date and complete

Ensure completeness and correctness of basic demographic information about your customers. Inaccurate and incomplete information serves no purpose while conducting an advanced search on your clients. When checking negative media mentions in a tool, companies use these primary details to match the new-found information. Thus, core customer data has to be complete and accurate to determine the relevancy of the negative news found or the customer’s social presence.

Create a sound negative news & social media screening policy

You cannot just collect their information and conduct adverse media checks when onboarding new customers. You need a well-laid-out policy and methodology for conducting these searches to ensure effectiveness and quality in less time.

You can prepare a standardized template to collect the necessary information and document the same. It must have fields like:

Customer details
Name of the individual who performed the screening
Date and time of the screening
Information found, along with source and URLs
Context of information
Conclusion
Possible actions to take.

Basis the research and conclusion, you can recommend relationship termination or filing of suspicious activity report if you suspect the customer’s involvement with money laundering or terrorism financing.

Engage in regular adverse media monitoring

Your job does not end with a one-time screening of adverse media at the time of customer onboarding. You must regularly check your customers’ social profiles and negative remarks on public sources.

There is a possibility that during onboarding, the customer was fair. But they may engage in money laundering or similar financial crimes later in their operations. So, regular adverse media or news checks on your customers are vital.

Invest in an online tool to screen negative news

In some companies, adverse media check is a manual process. But it is time-taking, tedious, and tiresome, sometimes resulting in errors or missing essential information.

Tech solutions and software are in trend that screens numerous news sources worldwide to generate more accurate results. These tools generate negative news for every category of financial crimes and provide the source details of such news.

The paramount need is for the solution to track many media and news sources and generate complete, verifiable information.

Companies have started using AI-based media monitoring solutions. The tool sifts through credible and current media and news to find any material on customers. You can set parameters for a relevant search, analyze the results, and take necessary action.

Thus, your customer onboarding process becomes faster and more trustworthy with an intelligent technology solution.

The technological tool must have the following features and functionalities:

Customized alerts
Fast research and retrieval of information
Comprehensive list of worldwide data sources
Supports multiple languages
Batch processing
Real-time updates and notifications for changes in the risk status of existing customers
Access to updated watchlists, Sanctions, and PEPs
Intelligent category tagging

How can AML UAE help you streamline your CDD process with robust negative and social media screening?

You must conduct regular negative media and social media searches to check for any possible connection of customers with financial crimes. Make it a practice before onboarding new customers, during regular monitoring, and in event-triggered exercises. It makes your customer due diligence efficient and effective.

To ensure you do not go wrong with adverse media screening and social media checks, it is best to engage an expert AML services provider – AML UAE, to set your processes right.

AML UAE is a leading provider of the following professional services related to AML:

Carry out a business risk assessment
Develop a customized AML/CFT policy
Assist in setting up an in-house AML compliance department and team
Conduct AML training for employees
Manage KYC and CDD
Support in selecting a suitable AML software
Assist in regulatory submissions
Conduct AML/CFT health checks

Contact us if you need assistance managing your KYC and due diligence processes. We verify your customer’s details, including negative news screening, and share the customer’s risk profile with you. We ensure you precisely know whom you are dealing with to reduce the threats of financial crimes. So, manage or mitigate your risks well with AML UAE’s team.

Make your Customer Due Diligence process effective
with actionable insights from AML UAE.

Reach out to our team.

Share via :

About the Author

Dipali Vora

CAMS, ACS

Dipali is an Associate member of ICSI and a Certified Anti-Money Laundering Specialist (CAMS). She has an overall experience of 8 years in the compliance domain, including Anti-Money Laundering, due diligence, secretarial audit, and managing scrutiniser functions. She currently assists clients by advising and helping them navigate through all the legal and regulatory challenges of Anti-Money Laundering Law. She helps companies to develop, implement, and maintain effective AML/CFT and sanctions programs.

Reach Out to Dipali

AML regulations for Virtual Assets Service Providers in UAE

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

AML regulations for Virtual Assets Service Providers in UAE - Crypto AML Regulations in UAE

With the growing acceptance and attractiveness of Virtual Assets and the ever-increasing prominence of blockchain technology across various sectors of life, the Virtual Assets industry is booming in leaps and bounds. The virtual assets segment is directly impacting the financial sector and the economy as a whole.

With the increased movement in Virtual Assets, the need for intermediaries is also rising who can support and facilitate these transactions. We generally call them “Virtual Assets Service Providers.”

Given the above, it is critical to understand what the terms “Virtual Assets” and “Virtual Asset Service Providers” mean.

What is Virtual Assets?

Before we go to the phrase – Virtual Asset Service Provider, it is very critical to understand what Virtual Asset (“VA”) is and what all can be classified as such. As laymen for us, Virtual Assets are cryptocurrencies. But in reality, the VA is a broad concept evolving every moment, even as we read this.

Here, we can refer to the definition of “Virtual Asset” as prescribed by FATF, which reads as under:

“ a digital representation of value that can be digitally traded or transferred and used for payment or investment purposes.”

Recently, in the Cabinet Resolution No. (111) of 2022, the phrase “Virtual Asset” has been defined as under:

A digital representation of the value that can be traded or transferred digitally, can be used for investment purposes, and does not include digital representations of paper currencies, securities or other funds.

As apparent from the definition, the critical elements of a Virtual Asset are as under:

VAs must be digital
It should have the ability to be traded digitally and transferred so
Should carry some value, as to be used for payment or investment.

It is all possible and enabled by the use of “Distributed Ledger Technologies” (DLT), which has revamped the financial services sector to a great extent.

The most common example of VA is virtual currencies such as Bitcoin, Ether, Dogecoin, and Stablecoins.

It is critical to note that VA does not include digital representations of fiat currencies, shares, securities, or any such financial asset. These are just e-money and not virtual assets. The reason is that mere digital representation of such assets does not easily imbibe a feature to trade or transfer the same digitally. For example, the fiat currency stored in a bank be easily transferred from one account to another, and ownership can be changed but cannot trade the same as such; thus, it lacks one of the fundamental characteristics of VA.

Accordingly, it is critical to understand and note that for a financial asset to qualify as VA, it should have an inherent quality of being traded and transferred digitally.

As we are discussing VA, it is to be noted that VA and the phrase “Digital Assets” (DA) are being used interchangeably by the public. It is imperative to understand that term “Virtual Asset” cannot be used in the context of every “Digital Asset,” as every DA need not be a VA, but every VA has to be necessarily a DA. Instead, DA is a broader connotation that includes the non-fungible tokens* (NFT) and VAs.

*NFTs are unique (may not be interchangeable amongst the NFT community) digital assets used as collectibles rather than as a mode of payment or investment. As such assets do not satisfy the primary feature of being used for payment/investment purposes, the same is not considered as VA, per FATF guidelines.

What is Virtual Assets Service Provider?

Having had a brief idea about virtual assets, it is pertinent to understand what Virtual Asset Service Provider (VASP) is. Here also, we would refer to the definition of VASP as provided by FATF, as under:

“a business which conducts one or more of the following activities or operations for or on behalf of another natural or legal person:

an exchange between virtual assets and fiat currencies;
exchange between one or more forms of virtual assets;
transfer of virtual assets; (transfer means to conduct a transaction on behalf of another natural or legal person that moves a virtual asset from one virtual asset address or account to another)
safekeeping and administration of virtual assets or instruments enabling control over virtual assets;
participating in and provision of financial services related to an issuer’s offer or sale of a virtual asset;

The use of the word “conducts” in the opening line of the definition indicates that for a service provider to qualify as VASP, it need not necessarily be the primary provider but also includes a person who helps in the active facilitation of services, i.e., the person who assists in carrying out of the services.

Further, the phrase “as a business” in definition clarifies its scope, which is limited to the only person who carries out the VA-related activities for or on behalf of someone else for a commercial reason. It signifies the exclusion of persons carrying out VA activities for their benefit on an irregular or infrequent basis, without any commercial sense or facilitating anyone else.

Now, we will evaluate each of these five subsections of the definition to understand what all sorts of activities related to VA would get covered here.

1. The exchange between virtual assets and fiat currencies

A person, natural or legal, carrying out an activity of converting the fiat currency into virtual assets or vice versa in the course of its business, then such a service provider would be construed as VASP.

2. The exchange between different types of virtual assets

A person carrying out an activity of exchanging one type of virtual assets for another, i.e., a person providing services of offering one form of VA against exchange or payment of a different kind of VA, then such a service provider would be a VASP.

3. Transfer of virtual assets

Here, it is vital to understand the context in which the term “transfer” has been used. As clarified by FATF, “transfer” means to conduct a transaction on behalf of another natural or legal person that moves a virtual asset from one virtual asset address or account to another.

Accordingly, any person conducting a business activity, assisting or facilitating the transfer of ownership of the VA or even transfer of own VA of a person from one wallet to another.

Let us discuss some examples and sample cases around who can be considered as VASP or how to identify VASP in the context of exchange or transfer of VAs.

It is pertinent to note that, most of the time, such exchange or transfer of VA takes place using some decentralized technology, where such VA exchange platforms have been created. Such software programs are “Decentralized or Distributed Application (DApp),” which operates on blockchain technology and facilitates digital assets and their transfer. The name suggests that such software or platforms run on a decentralized ledger. However, generally, these applications have a single authoritative party having specific controls over the software or application, which may include control over creating and launching a VA, enhancing the functionalities of the application and user interfaces, or collecting the fees. Thus, such DApp or software collects specific fees (generally in VAs) from the users for using or interacting with the DApp, which facilitates the exchange or transfer of VAs. These fees collected by applications go to the owner/developer, the application operator, or for the benefit of the community of such DApp.
Such applications or software programs cannot be construed as VASP; however, the creator or operator of such application may be construed as VASP, as they are providing services to the users or facilitating the exchange or transfer of the VA using their software or application.
Services related to Virtual Asset Escrow are used when sending/receiving or transferring the fiat currency in exchange for VAs when the custody of the funds is with the service provider.
Brokerage services, where the provider facilitates issuing VAs and trading the same on behalf of the third person.
Advanced trading and Order-book exchange services enable the parties to find each other, discover prices, access more sophisticated trading techniques (trading on margin or algorithm-based trading), and trade VA.
Note that an application merely providing a platform for the buyers and sellers to find each other without facilitating the transaction between them would not be construed as a VASP.
Virtual Asset Exchanges, which facilitates the exchange of VA for fiat currencies (cash, credit cards, wire transfers, etc.) against fees or commissions.
Service providers offering the Crypto-ATMs would be treated as VASPs as they actively facilitate the exchange of VAs and fiat currencies through the kiosks.

4. Safekeeping or administration of virtual assets or instruments enabling control over virtual assets

Generally, the term “safekeeping” and “administration” of VA can be read in the same context, wherein the service provider would have the custody of the VA or the private key unique to the VA and carry out the transactions as instructed by the owner of the VA or the smart contracts on behalf of the service recipient. Further, as an extension, the term “control” indicates that the provider of such services would have capabilities or the power to trade/transfer the VA on behalf of the recipient.

A few examples of service providers fitting into this basket of services would be the companies providing custodial wallet service as they would be holding someone else’s VA.

It is critical to note that it would not include the providers offering auxiliary services such as providing internet or data storage services or software to the VASP (who is managing or controlling the VAs of the recipient of services), rather than engaging with ultimate recipients and accessing their VA.

5. Participating in and provision of financial services related to an issuer's offer or sale of a virtual assets

This clause covers the services concerning Initial Coin Offerings (ICO), a way to raise funds for new projects from early backers. It includes a person participating in ICO or providing financial services related to ICO. It includes purchasing VAs from an issuer to resell and distribute the same, book building, ICO underwriting, etc.

UAE Blockchain strategy 2021

In 2018, UAE government came up with its blockchain strategy 2021. Given the advantages of blockchain technology, the UAE blockchain strategy aims to transform 50% of government transactions on the blockchain platform by 2021. By adopting blockchain technology, the UAE government intends to save:

AED 11 billion in transactions and documents processed routinely
398 million printed documents annually; and
77 million work hours annually.

Regulatory frameworks in UAE to govern the activities related to Virtual Assets

Given the increased popularity and use of virtual assets across the globe, the UAE government has issued various policies to promote the setting up of virtual asset companies in the UAE. The government has started issuing necessary regulations and forming regulatory authorities to regulate this market.

UAE Crypto Regulatory Authorities

Central Bank of the UAE (CBUAE) and the Securities and Commodities Authority (SCA)

UAE financial and capital markets are primarily governed by the Central Bank of the UAE (CBUAE) and the Securities and Commodities Authority (SCA).

The Dubai Multi Commodities Centre (DMCC) has opened a crypto centre, and it houses VASPs offering, issuing, listing, and trading crypto assets. It also welcomes companies developing blockchain trading platforms.

It is noteworthy that the CBUAE, in July 2021, as a part of its 2023-2026 strategy, decided that it would launch its first digital currency by 2026.

The Hon’ble Prime Minister of the UAE has recently issued Cabinet Resolution No. (111) of 2022 Concerning the Regulation of Virtual Assets and their Service Providers, effective from 13^th January 2023, to regulate the virtual asset sector by mandating the licensing of specific virtual asset activities by the Securities & Commodities Authority (SCA) of the UAE or the local licensing authorities of specific Emirates. The said cabinet resolution does not apply to virtual assets activities regulated in a Financial Free Zone.

The Dubai Financial Services Authority (DFSA)

The Dubai International Financial Centre (DIFC) based companies are regulated by DFSA.

The Financial Services Regulatory Authority (FSRA)

The Abu Dhabi Global Market (ADGM) based companies are supervised by the FSRA.

The Virtual Asset Regulatory Authority (VARA)

The VASPs operating from the Emirate of Dubai (except for the units registered in the Dubai International Financial Centre).

UAE Crypto Regulations

UAE Crypto Regulations for Onshore Companies

UAE financial and capital markets are primarily governed by the Central Bank of the UAE (CBUAE) and the Securities and Commodities Authority (SCA).

UAE Onshore Companies are governed by SCA’s Decision No. 23 of 2020 concerning Crypto Assets Activities Regulation (CAAR).

CAAR also lays down AML/CFT requirements. CAAR provisions require reporting entities to:

Set up a solid AML/CFT compliance framework
Define policies and procedures for KYC and AML monitoring
Ensure that the deposits and withdrawals are made only from and to a designated bank account of the entity, and the bank account must be maintained with an authorized financial institution. The SCA must have explicitly approved it if it’s a foreign financial institution.
Ensure that the crypto assets are traceable

Further, they are also governed by the CBUAE’s Stored Value Facilities (SVF) Regulation 14 (SVF Regulation). The CBUAE has also issued the Retail Payment Services and Card Schemes Regulation (referred to above) (the “RPSCSR”). The RPSCSR applies to those providing payment token service.

The Cabinet Resolution No. (111) of 2022, effective from 13^th January 2023, provides that the following activities related to virtual assets shall be licensed by the SCA or Local Licensing Authorities, as the case may be:

provision of Virtual Asset Platform operation and management services,
provision of exchange services between one or more forms of virtual assets,
provision of Virtual Asset transfer services,
provision of brokerage services in virtual assets trading operations,
provision of Virtual Asset custody, management, and control services, and
provision of financial services related to offering and/or selling by the issuer to the Virtual assets or participating in providing those services.

Moreover, the resolution also provides for the following for better compliance and regulation of the activities related to the virtual asset:

No provider of virtual asset services shall operate in the UAE without necessary approvals and licensing from the Securities & Commodities Authority or Local Licensing Authority,
Oversight of the above-mentioned activities by the Securities & Commodities Authority (SCA),
Before issuing the license, the SCA shall verify the applicant’s fulfilment of the capital requirements, credit guarantees, compliance management system, commitment to AML regulations, etc.
Compliance with AML regulations by the licensed providers of virtual assets services in terms of Federal Decree by Law No. (10) of 2025 and it’s executive regulations, along with FATF recommendations issued explicitly for virtual asset activities.

Compliance and Risk Management Rulebook for VASP – Emirate of Dubai (except DIFC)

On 11th March 2022, Virtual Assets Law No. 4 of 2022 on the Regulation of Virtual Assets in the Emirate of Dubai came into force. It applies to virtual asset services in Dubai, except in the DIFC.

Further, VARA has been named as the supervisory authority for the virtual asset service providers seeking to operate in Dubai, whether mainland or free zones, except DIFC.

Moreover, in line with Virtual Assets Law No. 4 of 2022, VARA recently issued a detailed VASP compliance and risk management Rulebook to be adhered to by the companies providing services related to virtual assets. The AML/CFT section of the Rulebook provides for various mandatory compliance frameworks that a VASP has to follow mandatorily. The principal AML compliance aspects covered in the Rulebook are as under:

Appointment of Money Laundering Reporting Officer (MLRO) with minimum 2 years of experience related to AML/CFT compliance,
Conducting AML Business Risk Assessment,
Designing and implementing the AML/CFT policies & procedures in line with the VARA Rulebook, AML Federal Laws and the FATF Recommendations related to the virtual assets segment,
Client Due Diligence, including screening of clients, UBOs, Virtual Asset transactions and the Virtual Asset Wallet address,
Transaction monitoring and suspicious transaction reporting to the FIU and VARA,
Compliance with FATF Travel Rule,
Maintaining of AML records for a minimum period of 8 years.

UAE Crypto Regulations for Financial Free Zone - Dubai International Financial Centre (DIFC)

The DFSA is a supervisory authority for the companies housed in DIFC. The DFSA has come out with a Consultation Paper No. 138, establishing its own regulatory framework for investment tokens. Very recently, on 8^th March 2022 the DFSA came out with Consultation Paper No. 143 for regulating crypto tokens.

UAE Crypto Regulations for Financial Free Zone - Abu Dhabi Global Market

The Financial Services Regulatory Authority (FSRA) is a supervisory authority for the companies housed in Abu Dhabi Global Market (ADGM). The FSRA came out with a regulatory framework in 2015 concerning the crypto asset businesses. Further, The Financial Services and Markets Regulations (FSMRs) 2015 regulates crypto assets in ADGM.

in 2018 FSRA came up with FSRA Rules (Crypto Asset Legislative Framework).

The rules are:

(a) Conduct of Business Rules (COBS_VER04.250618) (see appendix for detailed amendments);

(b) Market Infrastructure Rules (MIR_VER03.250618) (see appendix for detailed amendments);

(c) Glossary (GLO_VER05.250618) (see appendix for detailed amendments ).

In 2020 Financial Services and Markets (Amendment No 2) Regulations were issued.

Several guidelines have also been issued, including:

Guidance – Regulation of Virtual Asset Activities in ADGM (“Virtual Assets Guidance”)
Guidance – Regulation of Digital Security Offerings and Virtual Assets under the FSMR
Guidance – Regulation of Initial Coin/Token Offerings and Crypto Assets under the FSMR (“ICO Guidance”)

On 21^st March 2022, the ADGM issued a consultation paper No.1 of 2022 seeking proposals for enhancements to capital markets and virtual assets in ADGM.

Guiding Principles for VA Regulations by FSRA

In September 2022, FSRA issued a document laying down the guiding principles around its approach to Virtual Asset Regulation and Supervision for virtual assets companies operating or planning to set up VA units in ADGM.

These guiding principles suggest the high-level approach that FSRA would adopt to regulate the operation of the virtual asset in ADGM, focusing on maintaining the stability of the ADGM’s ecosystem, the risk associated with VA, protection of the customers using VAs and the ease of entry to new VA players in ADGM. Following are the 6 guiding principles laid down for VA regulation in ADGM:

Principle 1 – A Robust and Transparent Risk-Based Regulatory Framework

To oversee the VA activities and mitigate the inherent risk in the VA segment, the FSRA shall regulate the VA operations in ADGM. Its VA regulatory framework includes activity-specific rules and relevant guidance aimed at protecting the customers investing in VA and maintaining the financial stability and integrity of the market.

Principle 2 – High Standards for Authorisation

The authorization standards focus on admitting only such VA operators within ADGM who maintains transparency and meets the regulatory framework to prevent market abuse or any damage to ADGM’s ecosystem. For new applications for setting up a VA business unit in ADGM, FSRA shall grant an “in-principle” approval only to the applicants having the business plan and the controls matching the FSRA’s risk appetite. Final approval shall be provided only when the applicant has successfully completed the operational testing to the satisfaction of the FSRA.

Principle 3 – Preventing Money Laundering and Other Financial Crime

Owing to anonymity and easy access, FSRA mandates the application of AML/CFT regulations to the VA operators in ADGM. It includes adherence to ADGM-specific rules, Federal Laws and Cabinet Decisions on AML/CFT, FATF Guidance and Recommendations around VA. FSRA insists on transparency around the beneficial ownership and mandates the VA firms not to transact with the counterparty whose identity is unknown at any stage during the transaction

Principle 4 – Risk-Sensitive Supervision

FSRA shall follow a risk-based approach to supervise the VA segment, wherein the risk assessment shall be continuously done for the VA firms based on their size, nature and complexity. FSRA aims to ensure that the VA firms have effective controls and adequate risk management strategy, which is commensurate with the size and nature of the firm.

Principle 5 – Commitment to Enforce Regulatory Breaches

FSRA shall dedicatedly work towards addressing the ADGM business units’ non-compliance with regulatory requirements. For this, FSRA has powers to collate the information from the ADGM companies, conduct investigations, and take disciplinary actions to prevent non-compliance with ADGM rules.

Principle 6 – International Cooperation

Given the global spread of the VA operations, to mitigate the risk and support the mutual exchange of information between international regulators, the FSRA has entered into various bilateral and multilateral Memorandum of Understandings (MoUs). Further, FSRA encourages the development of international best practices for VA’s sustainable growth to be sustainable and is ready to support the principles of global organizations like IOSCO, the Basel Consultative Group and FATF.

AML/CFT regulations and obligations on VASP - AML Crypto Regulations in UAE

Given the anonymity involved and lack of central governing authority (as most of the virtual assets-related activities are being carried out through a decentralized platform), the Financial Action Task Force (FATF) recommended that VASPs should also be subject to stringent anti-money laundering and combatting of terrorist financing (‘AML/CTF’) regulations, the way traditional financial institutions are.

Accordingly, in line with FATF’s recommendations and increased activities related to virtual assets in the UAE, the government recognized the need to regulate the virtual assets segment. Here is the list of important regulations, cabinet decisions, and circulars applicable to Crypto Companies and Virtual Asset Service Providers in UAE.

Cabinet Resolution No. (111) of 2022 Concerning the Regulation of Virtual Assets and their Service Providers.
Federal Decree by Law No. (10) of 2025 Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing
Cabinet Resolution No. (134) of 2025 Concerning the Executive Regulations of Federal Decree-Law No. (10) of 2025 Concerning Combating Money Laundering, Terrorist Financing, and the Financing of the Proliferation of Weapons.
Cabinet Decision No. (74) of 2020 Regarding Terrorism Lists Regulation and Implementation of United Nations Security Council (UNSC) Resolutions on the Suppression and Combating of Terrorism, Terrorist Financing, Countering the Proliferation of Weapons of Mass Destruction and its Financing and Relevant Resolution.
VASP Compliance & Risk Management Rulebook issued by Virtual Asset Regulatory Authority of Dubai (VARA).

(a) VASP obligations under AML/CFT law

As entities being subject to AML/CFT regulations in UAE, VASP would be required to adhere to the following requirements to identify ML/FT risk and mitigate the same:

Appoint the Compliance Officer to manage the AML/CFT program in the company.
Maintenance of AML/CFT policy designed considering the applicable regulations, money laundering and terrorism financing risk the VASPs are exposed to, VA-related red-flag indicators, etc.
Conducting business risk assessment from ML/FT risk perspective (using a risk-based approach) and identify the risk the VASP is exposed to and the controls in place to mitigate it.
Customer screening, risk categorization, and performance of adequate due diligence (generally enhanced, owing to the inherent nature of the VA).
Screening of Virtual Asset transactions and the Virtual Asset wallet address.
Reporting suspicious transactions and activities to the authorities.
Imparting adequate training to the employees and senior management.
Periodic audit of the AML/CFT framework adopted for the company by an independent team.
Annual risk assessment reporting.

(b) Virtual Assets “AML/CFT” Compliance Policy

Adherence to AML/CFT regulations becomes easy once the entity has set standards and policies to be followed. Accordingly, it is of utmost importance for every VASP to develop and adopt the “Virtual Asset AML/CFT Compliance Policy.” You may refer to the VASP AML Compliance Policy template available on our website.

(c) Technology-driven KYC, Screening, and Transaction monitoring for VASPs

Since the entire VA network operates on the blockchain or similar technology, the authorities also encourage using technology or digital tools to carry out AML/CFT related compliances.

For the “Know Your Customer” (‘KYC’) process, since most of the transactions between the recipient and the VASP would be non-face-to-face, some authorities suggest deploying tools or software that requests users to upload “selfie” as well as a copy of identity document bearing photo ID. Later, this technology should be able to match and verify the user’s ” selfie ” and the photo appearing on the ID.
Further, various guidelines issued by different authorities encourage VASPs to deploy new technologies to enhance the efficiency of the customer onboarding process. It also includes functionality to screen the name of the user or customer against the international and local sanctions list in real-time, along with VA transactions and the VA wallet address.
As part of transaction monitoring, some authorities insist on implementing the “Know Your Transaction” measures, enabling the VASPs to monitor the transactions from their origin to the destination effectively. The VASPs must collect every detail relevant to the transaction, about virtual assets, parties involved, locations, etc.
Additionally, it is also recommended by the authorities to obtain the following details about VA or the customer or the transaction, mainly using the new technologies:
Beneficiary and the originator of the VA
The IP address of the customer, with an associated timestamp
Wallet addresses involved.

ML/FT typologies and red-flag indicators relating to Virtual Assets (VA)

It is critical to understand the key ML/FT typologies associated with VA and VASP, given the great chances of this sector being exploited by the money launderers and for the financing of terrorist activities.

1. ML/FT typologies related to Virtual Assets (VA)

– The repeated withdrawal from one or more bank accounts of substantial amounts in cash, as a whole or in parts and within a relatively short period, without any apparent necessity and in combination with the repeated cashless receipt of sums of money (whereby the amounts received in the case of the trader in virtual currencies originate from the sale of virtual currencies).

– The purchase of virtual currencies whereby at least two of the following characteristics are fulfilled:

the buyer offers his services through the internet through supply and demand sites;
the buyer does not ascertain the identity of the seller;
the buyer screens off his own identity;
the buyer pays in cash;
the buyer charges an unusually high exchange fee percentage;
the transaction takes place in a (public) space where there are many members of the public present, thereby reducing the security risk for the buyer;
there is no plausible legal or economic explanation for the method of exchange;
the scale of the virtual currencies purchased is not likely to concern average private use;
the buyer is not known to the tax authorities for his exchange establishment.

– The buyer or seller uses a so-called ‘mixer’ during the sale of virtual currencies.

– Use non-compliant exchanges to carry out the conversation between fiat and virtual currencies.

– Use cryptocurrency ATMs to convert the money quickly from fiat to virtual assets and vice versa.

– Multi-customer cross-wallet activity.

2. ML/FT red flag indicators for VASP

A. Red flags related to VA Transactions (Size and Frequency of the transactions):

– Manipulating VA transactions (e.g., exchange or transfer) in smaller portions to avoid the reporting requirement.

– Multiple high-value transactions carried out –

Within 24 hours or period with minimal time gaps;
Using a new or very old account not used for a long time.

– Transfer of VAs to multiple VASPs, located across different jurisdictions where

there is no interconnection between the customer’s location, or
there are no AML/CFT regulations.

– Firstly depositing VAs at an exchange and then instantly –

withdrawing the VAs without any further activity, indicating redundant transactions and incurring unnecessary costs;
transfer of one VA to another without logical commercial reason, or
immediate withdrawal of the VAs to a private wallet from an exchange.

– Accepting fraudulent or theft funds.

B. Red flags related to VA Transaction Patterns (Transactions concerning new users):

Depositing a large amount at the time of opening a new account is not consistent with the customer’s profile.
Withdrawal, in a day or two, of the large amount deposited at the time of opening a new account or trades such a large amount on the same day.
Trading the entire amount of VAs or withdrawal of the same to take off the whole funds from the platform by the new user.

C. Red flags related to Virtual Assets Transaction Patterns (Transactions concerning all users):

– Trading through multiple accounts with no reasonable explanation.

– Regular transfers in a day or a week to the same VA wallet –

by more than one person;
from the same IP address; or
involving huge sums.

– Receipt of VAs from multiple unrelated accounts in smaller portions and immediately transferring the accumulated funds to another wallet or exchanging the entire value against fiat currency.

– Exchanging the VA against the fiat currency at a loss, without any business sense.

– Exchanging vast amounts of fiat currency against VAs, or one type of VA, to other kinds of VAs, without any logical rationale.

D. Red flags related to Anonymity associated with Virtual Assets (VA):

Customers prefer VAs providing higher anonymity, even when the transaction cost is high.
Moving a VA from a transparent blockchain to a centralized exchange and immediately trading it for Anonymity Enhanced Coins.
An unregistered/unlicensed VASP operating on peer-to-peer (P2P) exchange websites, handling large amounts of VA on their customer’s behalf and levying high transaction costs.
The abnormal volume of VAs exchanged against fiat currency at exchanges, without any business rationale.
Transactions through accounts associated with VASPs, offering mixing or tumbling services.
Transactions are offering to mix and tumbling services to disguise the movement of illegal funds between known wallets and darknet marketplaces.
A transaction with an account or wallet linked with any known suspicious sources, darknet marketplaces, mixing/tumbling services, gambling sites, or illegal activities.
Using decentralized hardware or physical / paper wallets to move the VAs across the countries.
Users register their internet domain names using proxies or domain name registrars (DNS), which offer suppression of the domain names’ owners.
Users getting themselves registered through an IP address associated with a darknet or software allows communication using encrypted emails and VPNs, providing anonymity.
Transactions where unfamiliar encrypted communication means are used instead of a VASP.
Multiple wallets are being controlled from the same IP address, involving shell wallets registered in the name of various users to hide the linkages.
Using inadequately documented VAs or VAs connected with fraud.
Users transacting through VASPs have weak CDD and KYC processes.
Using VA ATMs/kiosks

Incurring higher costs;
In high-risk jurisdictions, having a criminal background, or
multiple times involving small transactions.

E. Red flags about Sender / Recipients (Irregularities observed during account creation):

– Operating multiple accounts with different names to avoid trading or withdrawal-related restrictions imposed by VASPs.

– Transactions through –

non-trusted IP addresses;
IP addresses from sanctioned jurisdictions; or
IP addresses are flagged as suspicious or “black-listed.”

– Frequent requests to open an account with the same VASP and from the same IP address.

– Corporate users have their Internet domain registrations in a different jurisdiction than their place of establishment.

F. Red flags about Sender / Recipients (Irregularities observed during CDD process):

Inadequate KYC information or a customer hesitates or refuses to share the KYC documents or information on the source of funds.
The customer shares incorrect information about the transaction, the source of funds, or the association with the counterparty.
The customer provides forged documents, fake photographs, or identification documents as part of the KYC process.

G. Red flags about Sender / Recipients (Profile):

A customer provides identification or account records shared by some other account.
Differences in the IP addresses associated with the customer’s profile and the transaction-related IP addresses.
Publicly available information about the customer’s wallet address being associated with illegal activity.
Information about customer’s criminal association.

H. Red flags about Sender / Recipients (Profile of potential money mule or scam victims):

The transferor is unaware of the VA and related blockchain technology. These people could be money mules hired by professional money launderers, or scam victims turned mules who are tricked into transferring illegal funds without knowing their origin.
Significantly aged customers, operating an account and transacting in large volumes, indicating involvement in VA money muling or a victim of elder financial exploitation.
A financially vulnerable person is assisting drug dealers in their illegal business.
Inconsistency between the VA transactions involving significant amounts and the customer’s financial profile indicates the existence of money laundering or a money mule.

I. Red flags about Sender / Recipients (Other unusual behavior):

Frequent changes in the customer’s identification information, email addresses, IP addresses, or financial information.
A customer enters a transaction with multiple VASPs using different IP addresses daily.
Text in VA message box indicating association of the transactions with criminal activity or the purchase of illegal goods.
Repeated transactions by a customer with a subset of users at considerable profit or loss, indicating potential account takeover & removal of victim balances via trade or ML scheme to disguise the funds using VASP infrastructure.

J. Red flags related to Source of Funds or Wealth:

Customers using VA wallets, IP addresses, or bank cards are known to have been associated with fraud, sanctioned addresses, ransomware schemes, darknet marketplaces, or illegal websites.
VA transactions are associated with online gambling services.
Using multiple bank cards connected with a VA wallet to withdraw the considerable value of fiat currency (crypto-to-plastic).
Purchasing VAs using funds sourced from cash deposited into credit cards.
The cycle of depositing the substantially high amount into a VA wallet using unknown sources of funds and subsequently converting the same into fiat currency indicates theft of funds.
No information or incomplete information about the origin and owners of the funds, such as the involvement of shell companies.
Placing funds into an Initial Coin Offering (ICO) without giving personal information about the investors.
Transactions using pre-paid cards and immediate withdrawal after that.
A customer sourcing funds from third-party mixing services or wallet tumblers.
The primary source of customers’ wealth is investments in VAs, fraudulent ICOs, etc

K. Red flags related to Geographical Risks:

Trading on an exchange not registered in the customer’s jurisdiction or not at all registered with any jurisdiction.
The customer prefers a VA exchange or MVTS located in high-risk countries, where there are no or weak AML/CFT regulations for VASP.
The customer is setting up a business in a jurisdiction that lacks strong AML/CFT regulations without any logical business explanation.

AML UAE at Your Service

As required by the UAE authorities and FATF, VASPs must adhere to international standards and manage their business against the ML/FT risk they are exposed to. Here, we can help you understand whether your business activity fits into the VASP activities charted out by FATF and your obligations as VASP from AML/CFT perspective. Also, we can assist you with documentation of the AML/CFT policies, conducting AML training, etc., and ensuring your AML compliance with the regulations.

FAQs On AML Regulations for Virtual Assets Service Providers

A Crypto Asset is a record within an electronic network or distribution database functioning as a medium for exchange, storage of value, unit of account, representation of ownership, economic rights, or right of access or utility of any kind, when capable of being transferred electronically from one holder to another through the operation of computer software or an algorithm governing its use.

Cryptoasset exchange is an important part of the cryptoasset ecosystem, where the exchange provides liquidity to the market participants. Unregulated Cryptoasset exchanges pose significant money laundering risks, while regulated ones can also be targeted in money laundering schemes.

The mainland companies or onshore crypto and other virtual assets companies in UAE are regulated by the Central Bank of UAE (CBUAE) and the Securities and Commodities Authority (SCA). Further, Virtual Assets Regulatory Authority (VARA), CBUAE, and SCA control Dubai-based virtual assets service providers.

The Dubai Financial Services Authority (DFSA) is a supervisory authority for companies housed in DIFC.

The Abu Dhabi Global Market (ADGM) based crypto and other virtual asset companies are supervised by the Financial Services Regulatory Authority (FSRA).

Yes, all Virtual Asset Service Providers (VASPs) have to register with the goAML portal in UAE.

Primarily, the crypto, NFT, and other virtual assets companies in UAE have to adhere to the requirements of the following anti-money laundering (AML) laws and regulations:

Following are the Anti-Money Laundering (AML) compliance requirements that Crypto Companies, NFT, and other Virtual Asset Service Providers (VASPs) in UAE have to follow:

VASPs have to register on the goAML Portal
VASPs are required to appoint the AML Compliance Officer to manage the AML/CFT program.
Virtual Asset Service Providers have to conduct Business Risk Assessment (BRA)
VASPs have to prepare their AML Policy and Procedures Manual
VASPs need to conduct KYC, Screening, Risk Assessment of customers, suppliers, and third-parties
VASPs have to conduct enhanced due diligence of customers, suppliers, and third-parties
Crypto Companies and other virtual asset service providers have to file Partial Name Match Report (PNMR) with FIU UAE
Virtual Asset Service Providers have to file Funds Freeze Report (FFR) with FIU UAE
VASPs have to file Suspicious Activities Report (SAR) with goAML UAE
VASPs have to submit Suspicious Transactions Report (STR) with UAE goAML portal
VASPs have to provide Anti-Money Laundering training to employees and senior management
VASPs have to submit High Risk Country Transaction Report (HRC)
VASPs have to submit High Risk Country Activity Report (HRCA)
VASPs have to get themselves audited for AML purposes by an independent auditor
VASPs have to submit Annual AML Risk Assessment Report
VASPs have to ensure that the entities and individuals they deal with are not engaged in proliferation financing

Our Timely and Accurate AML consulting Services

For your smooth journey towards your goals

Related Blogs

09/02/2023

Adverse media and social media checks under AML compliance

02/02/2023

AML Transaction Monitoring: A powerful tool to detect financial crimes

13/01/2023

Use of Digital ID for Customer Due Diligence -New Guidance issued by CBUAE for LFIs

Share via :

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.

Reach Out to Pathik

Filing of Partial Name Match Report (PNMR) under UAE AML Laws

The Executive Office for Control and Non-Proliferation (EOCN) requires every natural person and corporates to undertake ongoing and regular screening on the UN Consolidated List and the UAE Local Terrorist List as part of the Targeted Financial Sanctions implementation. This present infographic depicts the action to be taken by the screening entity in case a partial match is found with the sanctions, including the period allowed to take action and report the same.

AML UAE is an AML consultancy firm offering a wide range of services to ensure that regulated entities stay compliant with AML regulations in the UAE. Our services include providing the AML screening software and reporting the same on the goAML Portal.

AML Transaction Monitoring: A powerful tool to detect financial crimes

Pathik Shah

Protect your business with reliable and effective AML strategies with AML UAE.

AML Transaction Monitoring: A powerful tool to detect financial crimes

Ever received a call from your bank to confirm if you have conducted a specific high-value transaction? If yes, then that is what transaction monitoring means. They know your routine transactions. If they see one unusual transaction and different from your general banking behaviour, they make a confirmation call.

Financial criminals conduct fraudulent activities by harnessing loopholes in regulations. They create an air of legitimacy around their scheme, company, and transactions.

Transaction monitoring can help detect patterns of suspicious behaviour and financial crimes to and from customers. That is why it is a significant step in companies’ and governments’ AML and CFT programs. With transaction monitoring, you can detect crimes before their occurrence or in their early stages. Timely detection saves you from the repercussions.

This article aims to explain the concept of transaction monitoring, its significance, and the best monitoring practices.

What is AML transaction monitoring?

Transaction monitoring means regularly keeping a close watch on the transactions. It involves checking a customer’s historical transactions, customer’s profile, account details, and interactions. These checks enable the identification of possible customer risks and the prediction of their future behaviour.

You can track the transactions in real-time during their occurrence to block them and prevent fraud. Alternatively, you can check transactions to identify any set patterns after their occurrence. Conduct periodic transaction monitoring to check the customer’s behaviour in terms of irregularities or set patterns.

Thus, financial institutions, as well as DNFBPs, must conduct frequent checks of their transactions.

Significance of AML transaction monitoring

Generally, anti-money laundering regulations in countries include the practice of transaction monitoring. It is mandatory for entities to track suspicious customers, suppliers, or transactions.

Entities have started using transaction monitoring systems to detect suspicious transactions. But it also requires human intelligence and experience to separate fraudulent transactions from non-fraudulent ones.

A constant check on customers’ activities is essential to avoid financial crimes. Transaction monitoring allows entities to adopt a risk-based approach, wherein the monitoring is done based on set rules defined considering the customer’s risk profile developed and the nature of transactions executed by the customer.

Based on the risk profile, you must monitor the customers. For a high-risk client, you need to adopt an advanced level of transaction monitoring.

Nowadays, criminals have advanced ways of conducting financial crimes in the times of the online, digital world. The complexity of money laundering and terrorist financing has increased, which requires a measure that can spot right from wrong. So, transaction monitoring with the definition of a clear rule is crucial to identifying criminal activities.

Furthermore, the transaction monitoring framework gives confidence to regulators and stakeholders of the organization. It shows the seriousness of entities toward detection of financial crime. It leads to a safe business ecosystem in the country and builds trust between existing and new partners.

Steps to an effective transaction monitoring program

Transaction monitoring is a risk-based approach with the following steps:

1. Risk assessment of your business

Identifying risks your business faces from customers, products and services, and operating environment is critical for your AML compliance. For this, you must conduct a detailed analysis of the industry in which you operate.

Analysis of risk parameters will determine your business’s risk appetite. A deep understanding of the risks you take as an entity and the measures you use to cover these risks is crucial. Also, you get to know what types of customers you will be handling, types and volumes of transactions and related risks thereof.

2. Define red flags of suspicious transactions

To ensure the correct identification of suspicious transactions, you must know what it looks like. For this, you must define the red flags your employees will look for while reviewing transactions or the rules set in the transaction monitoring solution. Some of the red flags can be:

Transactions involving large amounts of money,
A sudden new transaction unusual for a customer (nowhere like any other transactions done before),
Several small transactions of the same type involving one or more accounts/persons in a short time,
Inconsistency of the transaction with the customer’s economic profile,
The transaction is directed to or from a high-risk country or a jurisdiction featured in the sanction list,
Customer’s insistence on having no face-to-face communication always.

You must feed these red flags into the transaction monitoring system to generate alerts when witnessed. The team handling this system receives an alert notification. The entity can conduct a further investigation based on the alert to classify it as suspicious.

3. Create transaction monitoring rules

You must create transaction monitoring rules based on your risk appetite and red flag indicators. The system for transaction monitoring will have to be aligned with these rules to identify suspicious transactions. The rules may be created around the following:

The maximum amount of a transaction,
Number of unusual transactions from a customer,
Number of small transactions, after which the system generates an alert,
Transaction directed to or from a high-risk jurisdiction.

The monitoring system analyses the transaction against the set rules. Based on the defined rules, the system should be able to identify the suspicious pattern or characteristic and generate a trigger or alert for the same.

You must optimize these rules periodically based on historical results. Changes in rules will make the process more accurate, resulting in fewer false positives.

4. Review the generated alerts

You must review these alerts generated for suspicious transactions. The analysts must conduct a manual evaluation to check if the pattern or behaviour is suspicious. To produce a detailed report, they must collect all relevant information for that transaction.

If you find it suspicious, prepare a report of the investigation conducted, which should be shared with the senior management for sign-off. Basis your evaluation, you may even drop the alert, but document the reason.

Best practices of a robust AML transaction monitoring program

Some of the best practices you can adopt for transaction monitoring include:

Remain up-to-date with regulations

Keep an eye on the local and national regulations for combating money laundering and other financial crimes. Compliance with them is essential. With knowledge of all rules and regulations, you can update your red flags, optimize the monitoring rules and identify suspicious transactions efficiently.

Know about your industry and products/services

You must have deep knowledge of your sector and products/services to ensure effective transaction monitoring. Awareness of industry-specific risks, customer demographics, and product/service weaknesses can help create effective monitoring rules.

Furthermore, keep updating your knowledge on these factors. The updated information helps you improvise your transaction monitoring solution and timely capture all money laundering and terrorist financing activities.

Create an exhaustive list of transaction monitoring rules

Consider all the possible red flags for your industry and product/services while creating transaction monitoring rules. These rules must encompass a range of simple and complex scenarios to detect all possible suspected transactions.

Criminals keep updating their crime techniques to take advantage of your operations, processes, products, customers, etc. Similarly, you must frequently update these rules to stay on top of your criminal typologies.

Ensuring quality of AML transaction monitoring

Entities must try to avoid making transaction monitoring an operational, time-bound task. You must consider it as an action against decreasing or eliminating financial crimes. Accordingly, entities must base the employees’ performance on the quality and efficiency of transaction evaluation, not the volume of transactions handled.

Document the AML monitoring scenarios

The transaction monitoring system generates alerts if a transaction is against any rules fed into the system. Then, the analyst evaluates it comprehensively by collecting all related and relevant information.

You must document all this information, analysis, and insights. Documentation helps develop a precise, comprehensive scenario. And documentation of all these scenarios helps create more rules and logic to better your transaction monitoring process.

Do not assume that one size fits all

Do not oversimplify the risk scenarios. Create detailed, to-the-point, granular-level characteristics to identify risky behaviours or patterns of customers or transactions. The clarity in scenarios enables better comparison with the rules to identify suspicious transactions and reduce the possibility of false positives.

Do not have too many risk scenarios

Entities create an exhaustive list of risk scenarios to capture every possible suspicious transaction. But in this process, they forget to remove duplicates and non-contextual scenarios. With such an extensive list of possible risk scenarios, employees’ workload increases, and the quality of alerts decreases. So, while creating scenarios, avoid overlap and add relevant context to each.

Use artificial intelligence in transaction monitoring

Only rules based on logic will not be sufficient for effective transaction monitoring. You must have AI-based transaction monitoring systems to generate more insights and identify red flags that human eyes can overlook. Artificial intelligence can catch any pattern or behaviour that slips through the manual monitoring rules.

AML UAE’s role in transaction monitoring for entities

Since you understand the importance of transaction monitoring in your AML efforts, make it a part of your AML compliance program. Imbibe the best transaction monitoring practices to be 100% compliant with AML regulations and safeguard your business interest against financial crimes.

AML UAE is a leading provider of AML/CFT consulting services. We help our clients develop an effective AML compliance framework for their operations. Transaction monitoring and suspicious transaction reporting are essential parts of such frameworks.

We help clients with ML/FT risk assessment, determination of red flags, and creation of transaction monitoring rules aligned with your business profile. We can also assist you with selecting effective transaction monitoring software and implementing it with our AML experts’ support.

With AML UAE, you can monitor your transactions with relevant rules, making detecting suspicious transactions easier and smoother. Your chances of true positives increase, and the investigation quality improves.

FAQs on Transaction Monitoring

When an entity identifies a suspicious transaction of financial crime, the Compliance
Officer or the MLRO (Money Laundering Reporting Officer) must file the STR to the
Financial Intelligence Unit (FIU), without any delay.

Suspicious transactions are the ones that constitute the proceeds of financial crime,
are intended to be used in financial fraud activities, or are related to the crimes of
money laundering, terrorism financing, corruption, bribery, drug trafficking, and any
other illicit activities.

In a transaction, from AML perspective, the red flags could be around the change in
the customer’s identification, doubt around the sources of funds involved, transaction
associated with high-risk countries, inconsistencies in the transactional pattern, etc.

Yes, there can be more than one AML red flag indicator in a transaction.

Transaction monitoring is essential to identify suspicious transactions, so that ML/FT
activities can be timely reported. Further, transaction monitoring is also essential to
complete the AML/CFT efforts of the entity.

KYC is related to identification of the customer and verifying the identity. While
transaction monitoring is continuously reviewing the customer’s transaction
executed in course of business relationship.

Transaction monitoring rules are the thresholds and the logic configured by the
entity in its AML program – tools and systems – aimed to analyze the transactions
and generate an alert when the activities match the risk criteria defined in these rules.

Generally, the key challenges around transaction monitoring program are data
integrity, integration of the monitoring system with business’s legacy system,
generation of large number of false positive alerts, not updating the monitoring rules
and systems periodically, etc.

Strengthen your transaction monitoring
capabilities with AML UAE’s expert
AML/CFT consulting services.

Contact AML UAE to get started.

Share via :

About the Author

Dipali Vora

CAMS, ACS

Dipali is an Associate member of ICSI and a Certified Anti-Money Laundering Specialist (CAMS). She has an overall experience of 8 years in the compliance domain, including Anti-Money Laundering, due diligence, secretarial audit, and managing scrutiniser functions. She currently assists clients by advising and helping them navigate through all the legal and regulatory challenges of Anti-Money Laundering Law. She helps companies to develop, implement, and maintain effective AML/CFT and sanctions programs.

Reach Out to Dipali

Key factors for Customer Risk Assessment under AML regulations

AML Regulations in UAE provide for adopting a Risk-Based Approach to mitigate financial crimes, which calls for performing Customer Risk Assessment. Adequate due diligence measures should be deployed considering the extent of a particular customer’s ML/FT risks to the business. Enhanced due diligence measures are to be conducted for high-risk customers, while standard due diligence measures are good enough for low-risk customers.

Thus, it is essential to categorize every customer from their ML/FT risk quotient to detect and prevent such risks effectively.

The companies need to factor in a bundle of risk parameters to create customers’ AML risk profiles, such as the geographies they are hailing from, their legal structure, customers’ behavioural traits, etc. To help you efficiently assess the ML/FT risk posed by each of your customers (as Low, Medium, High, or Unacceptable), we have designed an infographic illustrating the factors to be considered to perform Customer Risk Assessment from an AML perspective.

Further, for practical implementation of customer risk profiling methodology, here is the AML Customer Risk Assessment template.

AML UAE is committed to assisting Financial Institutions, VASPs, and DNFBPs in detecting and mitigating the money laundering/terrorism funding risks by offering end-to-end AML Consultancy services, including designing Customer Risk Profiling processes for the company and extending managed Customer Due Diligence support.

Designing a comprehensive AML Training Program

Designing a comprehensive AML Training Program

Related Posts

Pathik Shah

What is Money Laundering?

Significance of AML compliance for businesses and financial institutions:

What is Customer Identification?

Role of customer identification in AML compliance

Components of the Customer Identification Program

Steps in Customer Identification

Technology & AML Compliance

Strict Verification System

AML UAE: AML Compliance Consultants

FAQs

Pathik Shah

Money Laundering risk associated with nominee shareholders and directors

What is Nominee Shareholder/Director?

Why is the Nominee Shareholder/Director arrangement used?

Red flags associated with nominee shareholders and directors

Mitigating the Money Laundering risk associated with nominee shareholders and directors

How can AML UAE assist you?

Pathik Shah

TFS Implementation Criteria

Targeted Financial Sanctions Legal Framework in UAE:

TFS Implementation Criteria 1: Ownership or Majority Interest

TFS implementation Criteria 2: Control

TFS implementation Criteria 3: Acting on behalf or at the Direction of the Designated Person

About AML UAE

Filing of Real Estate Activity Report (REAR) on goAML under UAE AML Laws

Filing of Real Estate Activity Report (REAR) on goAML under UAE AML Laws

Related Posts

Pathik Shah

Adverse media and social media checks under AML compliance

Regulations on adverse media and social media checks

Importance of adverse media and social media screening

Building client’s risk profile

Protecting oneself against reputational risks, penalties, and fines

Sources for negative news and social profile screening

Best practices to implement negative news & social media screening

Keep your customer data up-to-date and complete

Create a sound negative news & social media screening policy

Engage in regular adverse media monitoring

Invest in an online tool to screen negative news

How can AML UAE help you streamline your CDD process with robust negative and social media screening?

Reach Out to Dipali

Pathik Shah

AML regulations for Virtual Assets Service Providers in UAE - Crypto AML Regulations in UAE

What is Virtual Assets?

What is Virtual Assets Service Provider?

1. The exchange between virtual assets and fiat currencies

2. The exchange between different types of virtual assets

3. Transfer of virtual assets

Let us discuss some examples and sample cases around who can be considered as VASP or how to identify VASP in the context of exchange or transfer of VAs.

4. Safekeeping or administration of virtual assets or instruments enabling control over virtual assets

5. Participating in and provision of financial services related to an issuer's offer or sale of a virtual assets

UAE Blockchain strategy 2021

Regulatory frameworks in UAE to govern the activities related to Virtual Assets

UAE Crypto Regulatory Authorities

Central Bank of the UAE (CBUAE) and the Securities and Commodities Authority (SCA)

The Dubai Financial Services Authority (DFSA)

The Financial Services Regulatory Authority (FSRA)

The Virtual Asset Regulatory Authority (VARA)

UAE Crypto Regulations

UAE Crypto Regulations for Onshore Companies

Compliance and Risk Management Rulebook for VASP – Emirate of Dubai (except DIFC)

UAE Crypto Regulations for Financial Free Zone - Dubai International Financial Centre (DIFC)

UAE Crypto Regulations for Financial Free Zone - Abu Dhabi Global Market

Guiding Principles for VA Regulations by FSRA

AML/CFT regulations and obligations on VASP - AML Crypto Regulations in UAE

(a) VASP obligations under AML/CFT law

(b) Virtual Assets “AML/CFT” Compliance Policy

(c) Technology-driven KYC, Screening, and Transaction monitoring for VASPs

ML/FT typologies and red-flag indicators relating to Virtual Assets (VA)

1. ML/FT typologies related to Virtual Assets (VA)

2. ML/FT red flag indicators for VASP

AML UAE at Your Service

FAQs On AML Regulations for Virtual Assets Service Providers

What is a Crypto Asset?

What is a Cryptoasset exchange?

Who regulates the crypto, NFT, and virtual assets onshore/mainland companies in UAE?