Individual Customer Lifecycle Management

Individual Customer Lifecycle Management

Anti-money laundering (AML) measures are crucial for every designated non-financial business and professionals (DNFBPs) operating in the UAE to safeguard their businesses against money laundering, terrorist financing, and proliferation financing. These measures are implemented throughout the customer lifecycle to ensure compliance with regulatory requirements and mitigate the risks.

Let’s understand the AML measures adopted at different stages of an individual (natural person) customer lifecycle:

Customer Due Diligence

To ensure that the DNFBP onboards only genuine individuals with no intention to execute financial crime through the DNFBP’s business, the DNFBPs carry out a robust Customer Due Diligence process at the time of customer onboarding to identify the person and the associated risk. The following are the core components of an effective CDD process:

Know your customer (KYC)

A process for identifying individuals and verifying their identities using reliable sources.

Name Screening

Measures adopted to screen individuals to identify if they are sanctioned or have any connection with the sanctioned person. The screening includes checking for negative news or a person’s status as a politically exposed person (PEP).

Customer Risk Assessment

A systematic approach to developing the customer risk profile, identifying the risk each customer poses to the DNFBP’s business and classifying it as high, medium, or low.

Enhanced Due Diligence (EDD)

Additional checks and verification measures (such as understanding the customer’s source of funds or wealth) applied to individual customers identified as posing higher ML/FT/PF risk.

The DNFBPs must onboard the customer and execute the transactions only when the individual’s identity is adequately established through a comprehensive CDD process.

Ongoing Monitoring

DNFBPs must implement robust ongoing monitoring systems, which allow them to track transactions and monitor business relationships.

Ongoing Monitoring of Transactions

DNFBPs must implement robust transaction monitoring systems to detect suspicious activities. This involves analysing such transactions with unusual patterns, large or frequent transactions, and involving high-risk jurisdictions.

Ongoing review of customer profiles and overall business relationships

DNFBPs must ensure customer details are updated and valid. Further, the DNFBP must track that the customer risk profile and the transactions carried out by the customer are aligned.

In a business relationship, if any red flags are observed, the DNFBPs must evaluate the alert and determine whether it is a genuine suspicion related to ML/FT/PF or a false alert. Basis this evaluation and identification of risk indicators, the DNFBPs must take the appropriate action, such as:

  • Performing Enhanced Due Diligence (EDD)
  • Filing a Suspicious Activity Report (SAR) or Suspicious Transaction Report (STR) on the goAML portal
  • Terminating or rejecting the business relationship with an individual
  • Applying additional measures, if necessary, to manage the identified red flags.

AML records, whether related to the CDD process initially performed or ongoing monitoring, must be maintained for a minimum of five years (it is 6 years for DNFBPs registered with or operating from ADGM and DIFC).