Know about AML Compliance


Know about AML compliance

Money Laundering is a global concern, as it weakens the economy and targets its socio-economic structure. Criminals use modern technologies and new techniques to launder money. Criminals try to launder illicit money and transfer it to legal entities.

To combat them, governments create stringent AML laws and regulations. The AML laws provide guidelines to regulated entities, which help them detect and prevent the criminal activities. The law provisions require entities to remain compliant with their AML obligations, protecting them from money laundering risks and avoiding the non-compliance regulatory implications.

What is AML Compliance?

The AML compliance is aimed at countering money laundering activities and transactions and adhering to rules and regulations framed in UAE to ensure that. The regulated entities in UAE are required to register with the goAML portal and submit various regulatory reports, including SAR, STR, PNMR, FFR, DPMSR, REAR, RFI, RFIT, AIF, AIFT, HRC, and HARCA.

AML regulatory landscape in the UAE

The AML regulatory system

UAE has passed several AML laws that regulated entities must follow to fight money laundering activities. Different Supervisory authorities are identified to lay down the detailed guidelines for the regulated entities to effectively manage the risk of money laundering and terrorism financing and oversee the regulated entities’ compliance with these regulations and guidelines.

It is mandatory for Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs) and Virtual Asset Service Providers (VASPS) to register on the goAML Portal launched by the Financial Intelligence Unit (FIU) of the UAE. This platform facilitates cooperation between entities and authorities in the fight against such crimes, allowing regulated organizations to report suspicious transactions on this platform and work towards preventing such crimes in UAE.

AML Laws

The foundation of the UAE AML/ CFT regulations is the Federal Decree-Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism and Financing of Illegal Organisations.

To effectively implement this Federal Law, the implementing regulations have been issued vide Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation of Decree-Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations is the implementing regulation.

Along with these critical regulations, the regulated organizations must follow the below-mentioned regulations and guidelines to ensure 100% compliance with AML regulatory requirements and effectively mitigate the ML/FT risks.

  • Cabinet Decision No (58) of 2020 Regulating the Beneficial Owner Procedures.
  • Cabinet Resolution No (74) of 2020 regarding the Terrorism Lists Regulation and Implementation of UN Security Council Resolutions on the Suppression and Combatting of Terrorism, Terrorist Financing, Countering the Proliferation of Weapons of Mass Destruction and its Financing, and Relevant Resolutions.
  • Compliance and Risk Management Rulebook issued by the Virtual Asset Regulatory Authority (VARA) of Dubai.
  • Many other sector-specific guidelines issued by the supervisory authorities (Central Bank of UAE, ADGM’s Financial Service Regulatory Authority, DIFC’s Dubai Financial Services Authority, Ministry of Economy, Ministry of Justice, UAE’s Securities & Commodities Authority, etc.) help the regulated entities better conduct their activities in compliance with these laws.

AML Compliance Requirements in UAE

AML Compliance Requirements in UAE

Critical AML requirements


The Federal Law stipulates that the regulated entities must develop and implement necessary controls and measures to identify and detect any suspicious transactions and report them immediately to the Financial Intelligence Unit of the UAE. FIU receives all the reports for suspicious financial activities, investigates transactions and economic activities involved in money laundering, financing of terrorism, and other criminal activities and disseminate the information to the concerned authority to take action.

1st blog

The report on suspicious activity or transaction must be reported without delay once the entity has determined that the customer’s activity is suspicious, involving money laundering or terrorism financing. The regulated entities must perform their internal investigation before reporting it to the FIU.

STR submission with UAE goAML Portal

The law requires all regulated entities to file a Suspicious Activity Report or Suspicious Transaction Report with the FIU through the goAML portal.

To identify and report suspicious transactions, the regulated entities must have the necessary AML framework – policies, procedures, and controls. The following are the key elements of an AML compliance framework:


KYC and CDD Services

KYC (Know Your Customer) and CDD (Customer Due Diligence) are integral to the AML/ CFT program. These measures alert and prevent organisations from associating with the wrong business entity suspected of being involved in money laundering or terrorism financing. These measures help you identify your customers and confirm their identities. You must screen your customers – entities or individuals – to identify if they are sanctioned or associated with terrorist activities or their status as a Politically Exposed Person (PEP) or to look for any negative news about such persons linked with financial crimes.

All financial institutions, DNFBPs and VASPs must follow the KYC and CDD process. The CDD process is a mandatory AML/ CFT element identifying suspicious financial transactions. It helps you collate complete information about the customers’ details required for the onboarding process.

The customer data includes the name, address, contact numbers, alternative contact numbers, legit email addresses, place of birth, date of birth, nationality, etc. These details are necessary for all individual customers and business entities.

Data needed for CDD includes:

  • Name and type of the business entity
  • Nature of business
  • Date and place of establishment
  • Certificate of incorporation
  • Information about the board of directors
  • Information about shareholders and UBOs
  • Annual reports
  • Location of the business
  • And many more

After collecting and verifying customer data, you must create a risk profile (as High, Medium or Low) for every customer to understand the level of risk it poses to the company’s business operations.

KYC - Know Your Customer

Ongoing Monitoring

Once the business relationship has been established, and transactions are executed with the customers, the regulated entities must regularly monitor the transactions to ensure no inconsistency between the transactional pattern or customer behaviour and the Customer Due Diligence profile. Monitoring the customer’s activities will help you promptly identify suspicious behaviour and report it to the FIU.

AML Compliance – an obligation

Money laundering crimes are rampant in the business market, so AML compliance must be a priority. It is crucial to stay up-to-date with the new rules and regulations to avoid the risk of non-compliance. Outsourcing AML compliance services are being looked at as a great option to be AML compliant.

AMLUAE is an AML services provider with a comprehensive range of services to help businesses stay AML compliant. Our AML compliance services include the following:

  • AML Business Risk Assessment
  • AML/CFT Policy, Controls, and Procedures Documentation
  • In-house compliance department set up
  • AML Training
  • AML software selection
  • AML/CFT Health Check
  • Regulatory Reporting
  • Managed KYC and CDD services
  • Annual AML/CFT Risk Assessment Report


AML compliance is the process of complying with the country’s rules, regulations, and policies specific to AML to eliminate any chances of money laundering. This includes conducting KYC, risk assessments, identifying suspicious transactions, implementing internal processes, and setting up a compliance team.  

The AML Compliance Officer of a company is responsible for achieving compliance of the company with several AML/CFT-specific regulations, laws, and rules.  

Get high-quality personalised AML consulting services to stay AML compliant.

Share your concerns with us.

Add a comment

  • This field is for validation purposes and should be left unchanged.

Share via :

Share on facebook
Share on twitter
Share on linkedin

About the Author

Pathik Shah


Pathik is a Chartered Accountant with more than 25 years of experience in compliance management, Anti-Money Laundering, tax consultancy, risk management, accounting, system audits, IT consultancy, and digital marketing.

He has extensive knowledge of local and international Anti-Money Laundering rules and regulations. He helps companies with end-to-end AML compliance services, from understanding the AML business-specific risk to implementing the robust AML Compliance framework.