AML 2 AML 2 Overview and Purpose of the Module
AML 2 Guidance1. In this module, for simplicity, a reference to "money laundering" also includes terrorist financing and the financing of illegal organisations (see AML Rule 3.1.1).
Overview of the DIFC's AML regime2. The
DIFCis governed by two separate and complementary regimes in relation to AML regulation, both administered by the DFSA:a. The Federal regime: Under Article 3 of Federal Law No. 8 of 2004, the provisions of Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations and Federal Law No. 7 of 2014 on Combating Terrorism Offences and the implementing regulations under those laws apply in the DIFC. The DFSA, as the DIFC's supervisory authority for Relevant Persons for the purposes of those laws, is obliged to supervise and monitor Relevant Persons for compliance with provisions of the Federal laws and regulations. The DFSA may also impose administrative penalties for breaches of those laws and the implementing regulations. See Article 14 of Federal Law No. 20 of 2018, Article 44 of Cabinet Decision No. 10 of 2019, and Article 20 of Cabinet Decision No. 20 of 2019; andb. The DIFCregime: Under Article 70(3) of the DIFC Regulatory Law 2004 (the "Regulatory Law"), the DFSA has jurisdiction for the regulation of anti-money laundering in the DIFCrelating to Relevant Persons(see para 4 below) and their officers, employees and agents. The DIFCspecific regime is contained in Chapter 2 of Part 4 of the Regulatory Law and any DFSA Rules made in connection with anti-money laundering measures, policies and procedures.3. Note that under Article 71(1) of the Regulatory Law, the DIFCregime requires compliance with the Federal regime. It follows that a failure to comply with a provision of Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations or Federal Law No. 7 of 2014 on Combating Terrorism Offences or the implementing regulations under those laws may also provide evidence of failure to comply with Article 71(1), which may then be addressed under the disciplinary and remedial provisions of the Regulatory Law and DFSA Rules.
Purpose of the AML module4. The AML module has been designed to provide a single reference point for all persons and entities (collectively called
Relevant Persons) referred to in AML Rule 1.1.2 who are supervised by the DFSAfor Anti-Money Laundering(AML), Counter-Terrorist Financing(CTF) and sanctions compliance. Accordingly it applies to Authorised Firms(other than Credit Rating Agencies), Authorised Market Institutions, Designated Non-Financial Businesses and Professions(DNFBPs), and Registered Auditors. The AML module takes into consideration the fact that Relevant Personshave differing AML risk profiles. A Relevant Personshould familiarise itself with this module, and assess the extent to which the chapters and sections apply to it.5. The AML module cannot be read in isolation from other relevant U.A.E. legislation or developments in international policy and best practice and, to the extent applicable, Relevant Personsneed to be aware of, and take into account, how these aforementioned matters may impact on the Relevant Person'sday to day operations. This is particularly relevant when considering the list of persons and terrorist organisations issued under Cabinet Decision No. 20 of 2019 and the United Nations Security Council Resolutions (UNSCRs) which apply in the DIFC, and unilateral sanctions imposed by other jurisdictions which may apply to a Relevant Persondepending on the Relevant Person'sjurisdiction of origin, its business and/or customer base.
Structure of the AML module6. Chapter 1 of this module contains an application table which should assist a
Relevant Personto navigate through the module and to determine which chapters are applicable to it. Chapter 1 also specifies who is ultimately responsible for a Relevant Person'scompliance with the AML module. The DFSAexpects the senior management of a Relevant Personto establish a robust and effective AML/CTF and sanctions compliance culture for the business.7. Chapter 2 provides an overview of the AML module and chapter 3 sets out the key definitions in the module. Note that not all definitions used in this module are capitalised.8. Chapter 4 explains the meaning of the risk-based approach (RBA), which should be applied when complying with this module. The RBA requires a risk-based assessment of a Relevant Person'sbusiness (in chapter 5) and its customers (in chapter 6). A risk-based assessment should be a dynamic process involving regular review, and the use of these reviews to establish the appropriate processes to match the levels of risk. No two Relevant Personswill have the same approach, and implementation of the RBA and the AML module permits a Relevant Personto design and implement systems that should be appropriate to their business and customers, with the obvious caveat being that such systems should be reasonable and proportionate in light of the AML risks. The DFSAexpects the RBA to determine the breadth and depth of the Customer Due Diligence ( CDD) which is undertaken for a particular customer under chapter 7, though the DFSAunderstands that there is an inevitable overlap between the risk-based assessment of the customer in chapter 6 and CDDin chapter 7. This overlap may occur at the initial stages of customer on-boarding but may also occur when undertaking on-going CDD.9. Chapter 8 sets out when and how a Relevant Personmay rely on a third party to undertake all or some of its CDDobligations. Reliance on a third-party CDDreduces the need to duplicate CDDal performed for a customer. Alternatively, a Relevant Personmay outsource some or all of its CDDobligations to a service provider.10. Chapter 9 sets out certain obligations in relation to correspondent banking, wire transfers and other matters which apply to A uthorised Persons, and, in particular, to banks.11. Chapter 10 sets out a Relevant Person'sobligations in relation to United Nations Security Council resolutions and sanctions, and government, regulatory and international findings (in relation to AML, terrorist financing and the financing of weapons of mass destruction).12. Chapter 11 sets out the obligation for a Relevant Personto appoint a Money Laundering Reporting Officer ( MLRO) and the responsibilities of such a person.13. Chapter 12 sets out the requirements for AML training and awareness. A Relevant Personshould adopt the RBA when complying with chapter 12, so as to make its training and awareness proportionate to the AML risks of the business and the employee role.14. Chapter 13 contains the obligations applying to all Relevant Personsconcerning Suspicious Activity Reports, which are required to be made under Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations.15. Chapter 14 contains the general obligations applying to all Relevant Persons, including Grouppolicies, notifications, record-keeping requirements and the annual AML Return.16. Chapter 15 sets out specific Rules applying to DNFBPs, including the requirement to register with the DFSA, and Chapter 16 contains certain transitional Rules.
The U.A.E. criminal law17. The
U.A.E.criminal law applies in the DIFCand, therefore, persons in the DIFCmust be aware of their obligations in respect of the criminal law as well as these Rules. Relevant U.A.E.criminal laws include Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations, Federal Law No. 7 of 2014 on Combating Terrorism Offences and the Penal Code of the U.A.E.18. Under Federal AML legislation a Person may be criminally liable for certain conduct, such as:
a. money laundering;b. financing terrorism;c. financing illegal organisations;d. 'tipping off';e. violation of sanctions;f. failure to declare currency or precious metals brought into or taken out of the U.A.E.19. The U.A.E Central Bank has the power under Federal AML legislation to freeze funds or other assets suspected of relating to money laundering, terrorist financing or the financing of illegal organisations. Other Federal authorities also have powers to apply for the freezing or confiscation of funds or other assets that have been used for such purposes.20. In a number of places in this module, Guidance cross-refers to specific requirements in Federal AML legislation. Rules or Guidance in this module should not be relied upon to interpret or determine the application of the Federal AML legislation.
Relevant Personsshould refer to the guidelines issued under the Federal AML legislation to understand their obligations under that legislation..
Financial Action Task Force21. The
Financial Action Task Force( FATF) is an inter-governmental body whose purpose is the development and promotion of international standards to combat money laundering and terrorist financing.22. The DFSAhas had regard to the FATFRecommendations in making these Rules. A Relevant Personmay wish to refer to the FATFRecommendations and interpretive notes to assist it in complying with these Rules. However, in the event that a FATFRecommendation or interpretive note conflicts with a Rule in this module, the relevant Rule takes precedence.23. A Relevant Personmay also wish to refer to the FATFtypology reports which may assist in identifying new money laundering threats and which provide information on money laundering and terrorist financing methods. The FATFtypology reports cover many pertinent topics for Relevant Persons, including corruption, new payment methods, money laundering using trusts and company service providers, and vulnerabilities of free trade zones. These typology reports can be found on the FATFwebsite www.fatf-gafi.org.24. The U.A.E., as a member of the United Nations, is required to comply with sanctions issued and passed by the United Nations Security Council (UNSC). These UNSC obligations apply in the DIFCand their importance is emphasised by specific obligations contained in this module requiring Relevant Personsto establish and maintain effective systems and controls to comply with UNSC sanctions and resolutions (See chapter 10).25. The FATFhas issued guidance on a number of specific UNSC sanctions and resolutions regarding the countering of the proliferation of weapons of mass destruction. Such guidance has been issued to assist in implementing the targeted financial sanctions and activity based financial prohibitions. This guidance can be found on the FATFwebsite www.fatf-gafi.org.26. In relation to unilateral sanctions imposed in specific jurisdictions such as the European Union, the U.K. (HM Treasury) and the U.S. (Office of Foreign Assets Control), the DFSAexpects a Relevant Personto consider and take positive steps to ensure compliance where required or appropriate.
Tax Issues and Exchange of Information for Tax purposes27. The
DIFCbenefits from an international customer base with a growing number of customers who may be investing with financial institutions outside their country of residence. These factors create a risk of the services of Relevant Personsbeing used to hide assets which are subject to taxation, or to launder the unlawful proceeds of tax crimes.28. The DFSA is committed to protecting the DIFCfrom being used to facilitate tax crimes and believes that strong AML policies, procedures, systems and controls, including robust customer due diligence requirements, are needed to mitigate the risk of tax crimes.29. Such measures will also ensure that a Relevant Personis able to comply with other international obligations such as the OECD Automatic Exchange of Information for Tax Purposes Programme and FATF Recommendations, which were updated in 2012 to expand the scope of money laundering predicate offences to include tax crimes (related to direct and indirect taxes).30. A Relevant Personshould therefore establish and maintain appropriate policies, procedures, systems and controls to enable it to detect and deter the laundering of proceeds of tax crimes. For example, as part of its risk-based approach under chapter 4, it should consider its tax risk exposure as a result of the nature of its business, customers, products, services and other relevant factors. It should also conduct appropriate customer due diligence to identify customers who may be subject to tax crime risk (see also the Guidance after AML Rule 6.1.4).