The United Arab Emirates (UAE) is a global business hub, and one of the most important economies in the Middle East and the world. While the UAE attracts investment from around the world, its wealth also makes it a target for criminals seeking to exploit its financial system. In 2022, the Financial Action Task Force (FATF) placed the UAE on its list of Jurisdictions under Increased Monitoring, also known as the FATF grey list, as a result of deficiencies in its anti-money laundering (AML) and counter-financing of terrorism (CFT) controls, including international sanctions violations. Following the listing, the UAE government committed to meeting the requirements of its FATF’s action plan by improving its AML/CFT framework, and clamping down on organisations that fail to meet their compliance obligations.
That increased level of regulatory scrutiny means that firms operating in the UAE must understand the country’s AML/CFT environment, how to deal with risks, and how to adjust their internal procedures to achieve compliance.
The UAE’s AML Regulator: The Central Bank of the UAE
The Central Bank of the UAE (CBUAE) is the country’s primary financial regulator and provides AML/CFT supervision through its specialised Anti-Money Laundering and Combatting the Financing of Terrorism Supervision Department (AMLD). Established in 2020, AMLD took over AML/CFT responsibilities from the CBUAE’s Banking Supervision Department, and now acts “as the interface between the the CBUAE and domestic stakeholders”, focusing on regulatory compliance, and working with law enforcement authorities and the UAE’s Financial Intelligence Unit (FIU). The AMLD has three stated objectives:
- Examine licensed financial institutions (LFIs) operating in the UAE
- Ensure compliance with the UAE’s AML/CFT regulatory and legal framework
- Identify AML/CFT threats and emerging risks, and weaknesses in the UAE’s financial system
In support of those objectives, the AMLD coordinates with both the CBUAE’s Banking Supervision Department and the Enforcement Division to carry out investigations of potential regulatory violations, and to impose penalties on firms found to be in violation. It also works with the UAE cabinet to develop AML/CFT legislation, issues periodic compliance guidance to firms operating within the UAE, and works with international counterparts in the global fight against financial crime.
FATF action plan: Following the UAE’s addition to the FATF grey list, the AMLD also plays a significant part in addressing the country’s FATF action plan, working with the country’s National Anti-Money Laundering and Combatting Financing of Terrorism Committee (NAMLCFTC) towards its removal from the list.
UAE AML Regulations
The UAE’s main articles of AML/CFT legislation are:
- Federal Decree-Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism and Financing of Illegal Organisations
- Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation of Decree Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations
Known as the AML/CFT Law and the AML/CFT Decision respectively, the articles collectively require firms in the UAE to develop and implement a risk-based AML/CFT programme, including know your customer (KYC) checks, risk screening solutions, reporting and record-keeping processes, and suitable compliance governance. The requirements include the appointment of an AML Compliance Officer responsible for overseeing their firm’s compliance solution.
Recent AML initiatives: The UAE government has made explicit political commitments to addressing the FATF’s UAE action plan in order to facilitate its removal from the grey list, and has been able to demonstrate recent progress. At an FATF Plenary in February 2023, the FATF stated that the UAE had made “significant progress” in strengthening its AML/CFT regime and urged the UAE government to maintain focus on “demonstrating a sustained increase in effective investigations and prosecutions of different types of money laundering cases”.
To that end, in January 2023, the CBUAE released new guidance on the use of digital identification systems in AML/CFT compliance solutions. The guidance suggests that firms should integrate digital tools for customer onboarding and for verification, and use digital data to help identify suspicious activity such as transactions that involve high risk jurisdictions.
UAE AML Regulations: How to Comply
Following FATF guidance, the UAE requires firms to implement a risk-based AML/CFT solution, which means they must perform risk assessments in order to identify the level of risk that individual customers present, and then deploy proportionate compliance measures. With that in mind, UAE compliance solutions should include:
- Customer identification: Firms must establish and verify the identity of their customers by conducting suitable customer due diligence (CDD), collecting enough information to perform an effective AML/CFT risk assessment. Similarly, firms should establish ultimate beneficial ownership (UBO) of customer-entities in order to prevent the use of shell companies and corporate structures to conceal customer identities.
- Enhanced due diligence: Where customers are identified as presenting a high AML risk, firms should perform enhanced due diligence (EDD), applying a greater level of scrutiny which might include collecting copies of official documents, or even a third party audit.
- Transaction screening: Firms must screen customer transactions for AML risk on an ongoing basis, including screening for transactions with high risk counterparties or with high risk jurisdictions.
- Sanctions and watchlists: Firms in the UAE face a higher level of sanctions risk, so must implement an effective sanctions screening solution to identify designated customers on international sanctions lists. Firms should similarly seek to identify politically exposed persons (PEPs) by screening against PEP lists.
Adverse Media Screening in the UAE
Adverse media often reveals customers’ true AML risk before that information is confirmed by official sources. Given the level of ambient risk in the UAE, firms should implement an adverse media screening solution capable of searching domestic and global news sources, and covering not just news outlets, but websites, blogs, forums, and social media platforms.
Effective adverse media searches involve the collection and analysis of vast amounts of data. For firms in the UAE, adverse media solutions should integrate multi-language search functionality in order to capture stories in a range of languages and scripts, including Arabic, and account for regional variations in spelling or the use of nicknames or aliases. Adverse media solutions should also minimise false positive alerts in order to address potential threats as quickly and efficiently as possible.
Next Generation Screening for UAE AML Compliance
The UAE is modernising its AML/CFT regulatory framework, with a focus on introducing digital identification and verification, and expanding firms’ capabilities to detect financial crime. To keep pace with the country’s changing regulatory requirements, firms must develop and integrate suitable technology solutions and, in particular, ensure that they have effective AML screening software.
Ripjar’s Labyrinth Screening platform gives you the power to meet AML compliance challenges in evolving regulatory environments like the UAE. Built with next-generation machine learning technology, Labyrinth is capable of multi-language searches that take in thousands of adverse media sources, international sanctions lists and watchlists, and that deliver actionable AML data in seconds. Searching thousands of data sources in real time, Labyrinth Screening is designed to extract the most relevant, up-to-date information in order to build detailed customer risk profiles that help you make confident compliance decisions and react to emerging threats immediately.