What is AML Compliance?

Anti-money laundering (AML compliance) refers to the regulations and measures designed to prevent criminals from disguising illicit funds as legitimate money. Money laundering has been identified as “an illegal process by which criminals attempt to conceal the true origin and ownership of the proceeds of criminal activities (such as drug trafficking or terrorist funding, etc.…). If successful, the money can lose its criminal identity and appear legitimate. Criminals do this by disguising the sources, changing the form, or moving the funds to a place where they are less likely to attract attention.” (Federal decree law No.7 of 2024).

The previous term usually happens within a mischievous process of hiding and layering the original -illicit- source of the money, placing them in banks, releasing invoices, and then integrating the “deceitful” money into the system through investments, the use of shell companies, and even exploiting loopholes in financial systems; criminals often do this as an attempt to disguise over the true nature and appear as “virtuous” or “legal”.

To combat this issue, the UAE government has implemented strong Anti money laundering (AML) and CFT (counter terrorism financing) frameworks in response to global standards, particularly those set by the FATF (Financial Action Task Force). Such provisions protect the UAE’s financial systems, and fight money laundering, through the applications of the mentioned laws and regulations, making sure that the funds in question -also defined as assets according to the previously mentioned law-, both tangible and intangible assets are originated from clean, legal sources.

Who must comply with AML compliance regulations?

According to the UAE Financial Intelligence Unit (FIU), FI (financial institutions) such as banks, money exchangers, insurers; DNFBPs (Designated non-financial businesses and professions), and VASPs (Virtual Assets Service Providers) must comply with AML compliance regulations.

DNFBPs can be listed as follows:

• Brokers and Real Estate Agents
• Trust & Corporate Service providers (CSPs)
• Dealers in precious metals and stones
• Lawyers, Notaries and legal professionals
• Independent accountants

The previous entities all have the responsibility of running AML checks on their customers prior to their onboarding, also known as “screening customers”, making sure that their clients don’t have any criminal history, or propose a threat of being high risk customers (such as PEPs – Politically Exposed Person, etc.), and the money they are receiving in exchange of their provided services doesn’t have any origins of illicit activities.

AML Compliance Main Requirements for DNFBPs:

• Risk based approach (RBA): Entities must be able to assess the risk level of clients and their transactions. Each entity should appoint a compliance officer and run AML checks on clients, as well as implementing an AML policy that aligns with the UAE’s mission of combatting the financing of terrorism and money laundering.
• Customer Due Diligence (CDD) and KYC (know your customer) procedures:

Clients must be verified and not just identified. A client needs to provide proof of his identity and fill in KYC forms as part of the due diligence process, in addition to providing extra documents in cases of high-risk profile suspicions, for the purpose of identifying the source of his funds.

• Suspicious Transactions/Activities Reporting (STRs/SARs) to the Financial Intelligence Unit (FIU):

Entities are to be registered with goAML portal, a portal created by the FIU to report suspicious financial transactions, compliance officers should file a report in the earliest once they detect any suspicious transaction or activity.

• Internal Policy and Training: Each DNFBP ought to have their own AML compliance policy and should provide staff training on the rules and regulations of AML.
• Records Keeping: Entities must keep records of clients for a minimum of five years.

Compliance Authorities:

• UAE’s Central Bank (CBUAE), for financial institutions.
• Ministry of Economy, for DNFBPs.
• DFSA (Dubai Financial Services Authority), and Abu Dhabi’s Global Market (ADGM), for entities licensed in either DIFC (Dubai International Financial Centre), or ADGM.
• Financial Intelligence Unit (FIU): Acts as an investigator, receives and analyses STRs/SARs from AML compliance officers through the goAML portal.

Why Implement AML Compliance?

The UAE has become an international business and financial hub for investors and business professionals from around the world, offering uncomplicated business setups choices, low tax rates, and sometimes even zero tax rates in certain freezones and under certain criteria, in addition to providing different legal jurisdictions depending on the location of the setup (mainland or freezone).

Since March 2022 -when FATF placed UAE on the grey list for poor AML compliance strategies and implementations- UAE has taken major steps to enhance enforcement and ensure compliance, in addition to government regular inspections, all of which led to its removal from the grey list in February 2024.

Currently, the previously mentioned enforcement authorities are implementing inspections and imposing viscous financial penalties in case of any breach detections or malfunctions in the application of AML compliance terms.

Non-compliance could result in:

• Substantial administrative fines: Starting from fifty thousand dirhams (AED 50,000) and reaching five million dirhams (AED 5,000,000) in severe cases of poor AML compliance application (especially for financial institutions).
• License revocation: the authorities often offer a second chance for correction, also known as a remedial plan, in case of incompliance once again, entities would undergo suspension and license revocation.
• Criminal Prosecution: this takes place in severe cases when individuals are found to be involved in money laundering activities or upon failures to submit STR/SAR reports to the Financial Intelligence Unit.

“Trust starts with Transparency”, the article’s mentioned entities must comply with AML regulations to protect the system as to make sure financial crimes are detected early and properly dealt with and secure the future of financial transactions.

How Can CorpLex Help?

DNFBPs who lack implementation of AML measures within their system are most likely exposed to huge fines upon inspection by the Ministry of Economy. To prevent substantial fines, it is essential for DNFBPs to implement proper AML/CFT measures. Such action safeguards their business interests from money launderers and ensures compliance with UAE regulations.

Furthermore, UAE banks have implemented strict procedures regarding corporate bank openings, specifically for DNFBPs. There are certain initial mandatory steps to open the account (goAML portal registration and having AML policy in place).

Thus, if you’re a new or existing DNFBP that hasn’t implemented AML applications yet, CorpLex has exactly what you need!

Scope of CorpLex AML Services:

• goAML online portal registration.
• Drafting AML/CFT policies, Controls, and Procedures Documentation Setup (companies regulated by AML laws – DNFBP companies-, must have AML/CFT policy, KYC forms, AML software tool, compliance officer etc.)
• Subscription to EOCN’s (UAE’s Executive Office for Control & Non-Proliferation) sanction-alert system.
• Preparing and implementing KYC Forms, as they are crucial in the client verification process.
• One-time AML training (offered online or in person).
• Assisting with the referral of an AML software purchase.

AML compliance regulations act as a shield of protection for businesses and their owners, as they detect in early stages, then deter financial crimes and aim at building a secured future. Through proactively managing AML risks, businesses can avoid costly fines, and legal battles.

Reach out to CorpLex, your compliance guide.

“AML done right, with CorpLex Insight”