Corporate KYC Compliance Tool: Interactive Checker for Legal Persons
Know Your Business (KYB), the corporate equivalent of individual KYC, and a core expectation for UAE DNFBPs. Our Corporate KYC Compliance Tool is a free, browser-based KYB checklist that walks compliance officers through every compulsory information and document requirement for onboarding legal persons under current UAE AML/CFT regulations.
Corporate KYC Wizard
A free, step-by-step corporate KYC compliance tool for UAE DNFBPs, covering everything you need to collect when onboarding a legal person, with embedded compliance guidance on UBO identification, management verification, and entity risk rating.
Onboarding a corporate customer is one of the most demanding tasks in AML/CFT compliance. Unlike individual customers, legal persons sit behind layers of structure. Directors, shareholders, nominees, and holding companies can all obscure who ultimately owns and controls an entity. Getting the onboarding process right means working through those layers systematically, collecting the right information from the right sources, and making a defensible risk judgment at the end.
That process has a name. In regulated financial services and increasingly across UAE DNFBPs, it is called Know Your Business (KYB), the corporate equivalent of individual KYC.
Our Corporate KYC Compliance Tool is a free, browser-based interactive KYB checklist built for UAE DNFBPs. It walks compliance officers through every compulsory information and document requirement for onboarding legal persons under current UAE AML/CFT regulations, explains the compliance reasoning behind each item, and guides the entity risk rating decision where it belongs: at the summary stage, after collection is complete.
What Is the Corporate KYC Compliance Tool?
The Corporate KYC Compliance Tool is a free interactive KYB checklist designed to support UAE DNFBPs during the Customer Due Diligence process for legal person customers. It is built around Cabinet Resolution No. (134) of 2025, the MoET AML/CFT Guidelines (September 2025), the MoET CDD Implementation Guide (December 2024), and Cabinet Decision 109/2023.
What Is KYB and How Does It Differ from KYC?
KYB refers to the due diligence process applied to legal persons during onboarding. Where individual KYC focuses on verifying who a natural person is, KYB goes further: it requires verifying not only the entity's legal existence and identity but the people behind it, the directors, the authorised signatories, and ultimately the natural persons who own or control it.
In UAE AML/CFT regulation, the obligations for legal persons are set out separately from those for natural persons, primarily in Art. 9 and Art. 10 of Cabinet Resolution No. (134) of 2025. The UBO identification obligation, tracing ownership to natural persons holding 25% or more, adds a layer of analysis that has no parallel in individual KYC.
In short: KYC verifies a person. KYB verifies an entity and the natural persons who ultimately control it. The Corporate KYC Compliance Tool is a KYB tool presented within the broader KYC compliance framework.
How the Tool Works: Step-by-Step
The tool is a linear wizard with six stages: five collection steps and a final summary and risk rating stage. Progress is tracked in real time, with each stage marked complete in green as items are ticked off.
The first step collects core legal identity facts about the entity, as distinct from the documents that evidence those facts. All six fields in this step are compulsory.
Full legal name must be collected exactly as registered, including the legal form suffix. Trade names and abbreviations are not sufficient. Legal form determines the corporate governance framework, ownership verification approach, and risk classification; branches of foreign companies carry a different profile than locally incorporated entities. Registered office address and principal place of business must both be collected; a mismatch between the two is a red flag.
Name and address of legal representative in the UAE is expressly required for foreign legal persons under Art. 9(b). Business registration number and date of registration sit here as identity-level facts, not documents. The registration date helps assess operating history; newly incorporated entities with no trading history are a higher-risk indicator. Corporate Tax Registration Number is the UAE TRN issued by the Federal Tax Authority for the legal person subject to Corporate Tax. Where an entity claims exemption, documentation confirming that exemption must be collected.
The second step collects the actual documents that evidence the entity's legal existence, governance structure, and registered address, as distinct from the identity facts recorded in Step 1.
Memorandum of Association must be current; any amendments must also be collected. Articles of Association or constitutional documents must be current including all amendments. The AoA governs management structure and voting rights, both of which are directly relevant to UBO analysis. Trade licence or commercial registration must be valid at onboarding; an expired licence is not acceptable. Licensed activities must be cross-checked against the stated business purpose; inconsistencies are a red flag.
Address proof document corroborates the address declared in Step 1. The tool accepts four document types: a utility bill in the entity's name; a government-issued document showing the registered or business address; a tenancy contract or lease agreement registered with the relevant authority such as Ejari in Dubai; or a bank or account statement issued by a government-regulated financial institution. The document must be dated within the last three months.
The third step identifies and verifies the natural persons who control and act on behalf of the entity. A notice at the top of this step reminds compliance officers that every person must be individually verified: Emirates ID or passport collected and authority confirmed.
Senior management identity details covers full names, identity documents, roles, and PEP status of all directors, managing directors, and general managers. PEP status must be established through screening against recognised databases; do not rely solely on self-declaration. Any PEP finding must be flagged immediately for the risk assessment at the summary stage and will require EDD and senior management sign-off before onboarding proceeds.
Identity details of authorised signatories is a distinct step from senior management verification. The person presenting to transact may not be a director, and their identity must be verified independently, confirmed by board resolution or power of attorney. Board resolution or authority document must be signed, dated, and current, naming the authorised persons and specifically authorising engagement with the DNFBP.
The fourth step is the most analytically demanding in corporate KYB. It requires tracing the entity's full ownership chain to the ultimate natural persons who own or control it.
Ownership and control structure requires mapping not just the immediate shareholders but every layer until natural persons are reached. Complex, multi-layer, or opaque structures are a High-Risk indicator under CR 134/2025, Art. 1 and must be flagged at the summary stage.
Shareholder or partners register must be current and certified. Compare it against the MoA; any discrepancy must be investigated. UBO identity details are required for every natural person with 25% or more of ownership, voting rights, or effective control. The field now explicitly includes PEP status alongside full name, nationality, date of birth, place of birth, residential address, and identity document. PEP status must be established through database screening; a PEP finding at UBO level is a significant risk escalation requiring EDD and senior management sign-off. Nominees do not qualify as UBOs.
Nominee shareholder and director details require disclosure of any nominees and their relationship to the nominator. CR 134/2025 introduced specific definitions for nominees; where nominees exist, their status must be disclosed. Undisclosed nominee arrangements are a significant red flag and must be escalated.
Nature of the entity's business activities establishes what the entity actually does. The stated activities must be consistent with the trade licence. For example, a company licensed for trading claiming to conduct financial services is a red flag that must be investigated before onboarding proceeds.
Nature and purpose of the business relationship must be documented for all customers, not just high-risk ones. A vague or undisclosed purpose is a red flag. For real estate, document the property type, buyer or seller role, and intended use. The stated purpose must remain consistent with observed transactions throughout the relationship.
Source of funds for transactions covers how the entity will fund the specific transactions conducted with the DNFBP, not the entity's overall wealth. For significant transactions, documentary evidence such as bank statements, invoices, or sale proceeds documentation should be obtained. Implausible source of funds should inform the risk rating at the summary stage.
Collection review presents every field from all five steps with a green tick for collected items and a red cross for items outstanding. A status banner shows collected versus outstanding counts and flags any gaps that must be addressed before onboarding is finalised.
Entity risk rating is assigned here, informed by a list of common corporate high-risk indicators: a PEP among UBOs or senior management; incorporation in a FATF high-risk jurisdiction; complex, multi-layer, or nominee ownership; a newly incorporated entity with no trading history; disproportionate transaction values; cash-intensive sector operations; and adverse media findings on the entity, its directors, or its UBOs.
Selecting Standard Risk confirms that standard CDD is sufficient. Selecting High Risk opens the EDD outcome panel, listing four additional items that must be collected before onboarding proceeds: audited financial statements or annual reports; source of wealth of the entity and its UBOs; a group structure chart for complex or multi-layer ownership chains; and tax registration numbers or TINs for the entity and each UBO where they exist. Senior management sign-off is required.
Why Entity Identity and Documents Are in Separate Steps
A deliberate design decision in the Corporate KYC Compliance Tool is that entity identity information, including legal name, legal form, addresses, registration number, date of registration, and corporate tax registration number, sits in Step 1, while constitutional and registration documents sit in Step 2.
This reflects a practical and conceptual distinction: identity facts are things you establish and record. Documents are the instruments you collect to evidence or verify those facts. Mixing the two, as many generic KYC checklists do, creates confusion about what has been verified versus what has merely been declared.
Keeping identity information and supporting documents in separate steps makes the onboarding file easier to audit. An inspector reviewing the file can immediately see what the entity's identity details are in Step 1 and then trace which document evidences each fact in Step 2.
Understanding the UBO Obligation
UBO identification is the most technically demanding element of corporate KYB in the UAE. The tool reflects the full framework under Art. 10 of Cabinet Resolution No. (134) of 2025 and Cabinet Decision 109/2023 Art. 10.
Nominees do not qualify as UBOs under any circumstances. Where nominees are identified, their status must be disclosed and the nominator behind them identified and verified. The shareholder or partners register must be cross-referenced against the MoA; discrepancies must be investigated.
PEP status is now an explicit collection item for each UBO in the tool's field description. A PEP finding at UBO level carries more weight than a PEP in an operational role because it indicates political exposure at the level of ultimate beneficial ownership of the entity.
Who Is This Tool For?
Compliance Officers and MLROsat UAE DNFBPs handling corporate customer onboarding, including real estate brokers, dealers in precious metals and stones, corporate service providers, and more.
Compliance Teamsbuilding or reviewing corporate CDD procedures who need a structured, regulation-aligned reference to benchmark existing processes.
Junior Compliance Staffwho benefit from embedded compliance guidance explaining what to collect, what verification is required, and what red flags to look for.
Firms Preparing for Inspectionswho want to ensure their corporate customer files are complete, consistent, and structured in a manner that is easy for regulators to review.
Try the Corporate KYC Compliance Tool
Free, interactive, and built around current UAE AML/CFT regulations. No login required.
Open the KYB ToolFrequently Asked Questions
Related Tool
This tool and article are provided for general informational and educational purposes only and do not constitute legal, regulatory, or compliance advice. Based on Cabinet Resolution No. (134) of 2025, MoET AML/CFT Guidelines (September 2025), MoET CDD Implementation Guide (December 2024), and Cabinet Decision 109/2023. Regulations may change; always consult a qualified AML/CFT professional. AMLUAE.com accepts no liability for reliance on this tool or article.