No. The threshold is a minimum legal trigger for mandatory full AML/CFT/CPF measures, not an exemption below it. Where a transaction below AED 55,000 presents elevated ML/TF/PF risk indicators, proportionate risk-based measures must still be applied.

The DPMSR must be filed for cash transactions with individuals of AED 55,000 or more, and for all transactions with companies or entities of AED 55,000 or more (cash or wire). The obligation is not risk-dependent; where a transaction also gives rise to suspicion, both the DPMSR and the SAR/STR must be filed independently.

Cash equivalents are bearer negotiable instruments (cashier’s cheques, money orders, postal orders, treasury bills, bearer bonds, promissory notes) that can be transferred without identifying the owner. Trade-in items accepted as part payment are also treated as cash equivalents and count toward the AED 55,000 threshold.

The 2024 MoET SRA identifies bullion trading, refinery, and wholesale activities as higher-risk because of supply chain opacity, reliance on intermediaries, and non-standard payment mechanisms. The UAEFIU report additionally highlights ongoing responsible sourcing weaknesses across the sector.

The KPCS is an international certification regime requiring that rough diamond shipments be conflict-free and accompanied by a valid certificate; DPMS must verify this documentation as part of CDD and supply chain controls. Absent, forged, or unusually long-validity KPCS certificates are red flags requiring escalation.

TBML involves disguising criminal proceeds through trade transactions, using techniques such as over/under-invoicing, false documentation, and layering through intermediaries. In DPMS, gold and diamonds are particularly susceptible because minor purity or weight manipulations can justify large price deviations; repeated proforma requests, document revisions, or settlement without physical delivery are specific high-risk indicators.

CAHRA (Conflict-Affected and High-Risk Areas) refers to regions affected by conflict, weak governance, sanctions exposure, or illegal mining. PMS originating from or routed through CAHRA requires enhanced scrutiny; DPMS must compare declared origin against known production capabilities and reject shipments with incomplete, inconsistent, or unverifiable documentation.

BRAs must be updated periodically and whenever significant changes occur in business, risk, or regulatory environments. The 2025 legislative changes (Federal Decree by Law No. (10) of 2025 and Cabinet Resolution No. 134 of 2025) and the 2024 NRA and SRA findings are all qualifying trigger events; a BRA not updated to reflect these is unlikely to meet MoET’s minimum benchmark.

No fixed list is prescribed, but entities must assess the plausibility of scrap claims against the volume supplied. At minimum, collect supplier identification, a description and weight of material, and a stated source; where volumes suggest a commercial rather than personal origin, enhanced scrutiny and documented justification are required.

Yes. The guidance explicitly states that providing a registered office, work address, correspondence address, or administrative address for a legal person or legal arrangement is one of the five activities that trigger TCSP obligations under the UAE AML/CFT framework. You are required to apply minimum CDD requirements to all entities using your address, even if you have no other relationship with them.

It means identifying the natural person who ultimately owns or controls the legal structure, whether directly or through a chain of companies, trusts, or other arrangements. You cannot stop at the first company layer and record that company as the beneficial owner. You must follow the ownership chain until you reach a natural person. For complex multi-jurisdictional structures, this may require reviewing corporate registries in multiple jurisdictions, obtaining certified documentation, and using third-party intelligence tools.

An STR (Suspicious Transaction Report) is filed where a specific transaction is the basis of suspicion. A SAR (Suspicious Activity Report) is filed where the suspicion arises from activity, behaviour, or circumstances rather than a specific transaction. Both apply to TCSPs. The guidance explicitly notes that suspicion may arise from the formation, administration, or restructuring of legal persons, from customer behaviour, from inconsistencies in information, or from the absence of a clear economic rationale. None of these requires a specific transaction to have occurred.

The guidance is cautious on this point. While reliance on third-party CDD is permitted under the UAE framework in certain circumstances, the TCSP retains ultimate responsibility for the adequacy of the information obtained. Where an intermediary is used, the TCSP must ensure it can independently verify the accuracy and completeness of the information, particularly for beneficial ownership. The guidance specifically flags heavy reliance on intermediaries without direct engagement with the beneficial owner as a red flag in Case Study 7.

No. The guidance states that TCSPs must integrate NRA findings into their internal risk assessment frameworks. The Medium Risk classification is a sector-level average, not a floor for individual customer or transaction risk. The guidance explicitly expects TCSPs to apply enhanced scrutiny to nominee arrangements, cross-border structures, and complex ownership chains regardless of the sector-level NRA rating. Your internal risk appetite must reflect the actual risk of each client relationship and each service type, not a sector average.

TCSPs are strictly prohibited from disclosing to a customer or any third party that an STR or SAR has been filed, that one is intended to be filed, or that an investigation is underway. This prohibition extends to any information that could reasonably lead the customer to become aware of such reporting. Importantly, the guidance clarifies that taking steps to delay a transaction, decline a service, or request additional information for legitimate compliance purposes does not constitute tipping-off, provided these actions are conducted without revealing the existence of a report or suspicion.

The guidance requires the Business Risk Assessment to be documented, regularly updated, and aligned with national and sectoral risk findings, including the NRA and relevant Sectoral Risk Assessments. It does not specify a fixed frequency. In practice, an annual review is a prudent minimum, with earlier updates triggered by changes in the NRA, SRA, supervisory guidance, business model, client base, or emerging typologies.

Not on its own. The guidance requires TCSPs to clearly document the legal and contractual relationship between the nominee and the beneficial owner, understand the scope and limitations of the nominee’s authority, and maintain ongoing awareness of how the entity is being used. A standard form agreement may cover the contractual dimension, but it does not satisfy the ongoing monitoring, beneficial ownership verification, and governance oversight requirements. Nominee services require enhanced procedures, not just standard documentation.

The guidance is clear: where material uncertainties remain unresolved, the TCSP should decline to establish the relationship or exit an existing one, and should consider whether the circumstances warrant internal escalation or external reporting. A client’s withdrawal, unresponsiveness, or termination of the relationship following EDD requests is itself listed as a red flag indicator. Document everything. Escalate to the MLRO. If the circumstances meet the reporting threshold, file an STR or SAR with the FIU.

The MoET DNFBP Guidelines provide the general framework for all designated non-financial businesses and professions. The MoET IAA Guideline is a sector-specific supplement that adds practical detail relevant to the unique risk environment and service profile of independent accountants and auditors. Both must be read and applied together. The supplemental guidance does not replace the general guidelines; it adds to them.

IAA entities must file an STR or SAR with the FIU when they have reasonable grounds to suspect that funds, transactions, or related activities are linked to ML/TF/PF or the proceeds of crime. The threshold is reasonable suspicion, not certainty or proof. The obligation applies regardless of transaction value, and it extends to attempted activities, including situations where an IAA entity declines to establish or continue a business relationship due to compliance concerns.

Risk-driven CDD means that the intensity and depth of due diligence applied to a client are determined by the assessed risk profile of that client and the nature of the services being provided, not by transaction value thresholds alone. A low-value engagement for a client with complex offshore ownership, cross-border transactions, and links to a high-risk jurisdiction should attract more rigorous due diligence than a high-value engagement for a well-known, domestically focused corporate with transparent ownership.

Yes. IAA entities must incorporate PF risk into their Business Risk Assessment. They must refer to the EOCN Guidance on Counter-Proliferation Financing for detailed obligations, including requirements for screening against UNSCR lists, freezing obligations, and reporting in relation to designated persons or entities. The MoET IAA Guideline provides high-level guidance on CPF obligations, but the operational requirements are governed by EOCN guidelines.

IAA entities must maintain comprehensive records covering all transactions, CDD documentation, business correspondence, and outcomes of any analysis performed. Records must include documentation generated as part of the entity’s ML/TF/PF risk assessment and mitigation processes. Records must be retained for a minimum of five years from the latest of the following events: termination of the business relationship, completion of an occasional transaction, issuance of a final judgment by a competent authority, or dissolution of a legal person or arrangement.

The MoET IAA Guideline is clear that the obligation to report is triggered by reasonable suspicion, not certainty. If reasonable grounds for suspicion exist based on available information, professional judgement, and the assessment of risk indicators, the matter must be escalated internally to the Compliance Officer, assessed, and if not resolved, reported to the FIU. The Compliance Officer should document the reasoning process and the outcome, whether a report is filed or not.

Yes. Taking steps to decline a transaction, delay the provision of services, or request additional information for legitimate compliance purposes does not constitute tipping-off, provided those actions are conducted in a manner that does not reveal the existence of a report or a suspicion. The prohibition on tipping-off relates specifically to disclosing that a report has been or may be filed, or that an investigation is underway.

The MLRO or Compliance Officer must be a qualified professional with sector-specific knowledge and a sound understanding of regulatory obligations. The guidance does not prescribe a specific seniority level, but it does require senior management oversight of the AML/CFT/CPF framework and places responsibility for AML/CFT/CPF compliance on senior management. In practice, the MLRO should have sufficient seniority to escalate concerns to partners and, in larger firms, to the board, without facing commercial pressure to suppress those concerns.

The BRA must be reviewed and updated regularly. The guidance specifies that it must be updated, particularly when significant changes occur in the business, risk, or regulatory environment. In practice, this means reviewing the BRA periodically and updating it whenever there is a material change in the firm’s client base, services offered, delivery channels, geographic exposure, sanctions or proliferation financing exposure, or the broader regulatory or risk environment. Many firms adopt an annual review cycle as a governance practice, but the guidance does not prescribe a fixed minimum frequency; the trigger is material change, not the calendar.

An STR (Suspicious Transaction Report) or SAR (Suspicious Activity Report) is filed when you have reasonable grounds to suspect that a transaction involves money laundering, terrorist financing, or proliferation financing. It is suspicion-based. A REAR (Real Estate Activity Report) is filed when a transaction meets specific thresholds, namely cash payments of AED 55,000 or more or any virtual asset involvement, regardless of whether suspicion exists. Both may be required for the same transaction.

Yes. Even smaller firms and sole-proprietor brokerages must allocate responsibility for the compliance function to a competent person. In a small entity, this may be the owner or a senior person, provided the role is clearly documented, conflicts of interest are identified and managed, and the person is genuinely empowered to act on compliance concerns. External advisory support is permitted and can supplement the internal function.

Potentially, but only where you have conducted and documented a risk assessment that clearly supports a low ML/TF/PF risk conclusion. Even for low-risk clients, basic identity verification and source of funds confirmation are still required. SDD reduces the depth and intensity of verification, not the obligation to verify. Any SDD decision must be documented in the client file.

At a minimum, a standard CDD file should include: a copy of the customer’s valid government-issued photo ID; for corporate clients, incorporation documents, shareholder register, and UBO declaration; source of funds confirmation with supporting documentation; a completed sanctions and PEP screening record; a documented risk assessment for the client and transaction; and a record of any ongoing monitoring actions taken.

A client’s refusal or inability to explain the source of their funds is itself a significant red flag. You should not proceed with the transaction and should escalate to your Compliance Officer. Depending on the circumstances, an STR may need to be filed with the FIU. You must not inform the client that you are considering or have filed a report. The client’s withdrawal from the transaction following your enquiry should also be documented.

No. The REAR obligation as set out in the MoET REAB Guidance applies specifically to the purchase and sale of freehold property where cash payments of AED 55,000 or more are involved, or where virtual assets are used. Rental transactions are not currently within the REAR trigger scope, though agents and brokers must still apply appropriate CDD and STR obligations to all their activities as DNFBPs.

The obligation to report applies regardless of whether a transaction is completed, attempted, or discontinued. If you identify reasonable grounds for suspicion after completion, you are still required to file an STR or SAR with the FIU. You should document the basis for your suspicion, the timeline of your discovery, and all steps taken. Retrospective reporting does not protect a firm from regulatory scrutiny if the indicators were or should have been apparent during the transaction.