Back Custom print Link Text Only Rich Text Print

Entire Section

  • AML 14 AML 14 General

    • AML 14.1 AML 14.1 Groups, branches and subsidiaries

      • AML 14.1.1 AML 14.1.1

        (1) A Relevant Person which is a DIFC entity must ensure that its policies, procedures, systems and controls required by Rule 5.2.1 apply to:
        (a) any of its branches or Subsidiaries; and
        (b) any of its Group entities in the DIFC.
        (2) Where the anti-money laundering requirements in another jurisdiction differ from those in the DIFC, the Relevant Person must require its branch or Subsidiary in that jurisdiction to apply the higher of the two standards, to the extent permitted by the law of that jurisdiction.
        (3) Where the law of another jurisdiction does not permit the implementation of policies, procedures, systems and controls that are equivalent to or higher than those that apply to the Relevant Person in the DIFC, the Relevant Person must:
        (a) inform the DFSA in writing; and
        (b) apply appropriate additional measures to manage the money laundering risks posed by the relevant branch or Subsidiary.
        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 14.1.1 Guidance

          A Relevant Person which is a DIFC entity should conduct a periodic review to verify that any branch or Subsidiary operating in another jurisdiction is in compliance with the obligations imposed under these Rules.

          Derived from RM117/2013 [VER9/07-13]

      • AML 14.1.2 AML 14.1.2

        A Relevant Person must:

        (a) communicate the policies and procedures which it establishes and maintains in accordance with these Rules to its Group entities, branches and Subsidiaries; and
        (b) document the basis for its satisfaction that the requirement in Rule 14.1.1(2) is met.
        Derived from RM117/2013 [VER9/07-13]

        • AML 14.1.2 Guidance

          In relation to an Authorised Firm, if the DFSA is not satisfied in respect of AML compliance of its branches and Subsidiaries in a particular jurisdiction, it may take action, including making it a condition on the Authorised Firm's Licence that it must not operate a branch or Subsidiary in that jurisdiction.

          Derived from RM117/2013 [VER9/07-13]

    • AML 14.2 AML 14.2 Group policies

      • AML 14.2.1

        A Relevant Person which is part of a Group must ensure that it:

        (a) has developed and implemented policies and procedures for the sharing of information between Group entities, including the sharing of information relating to Customer Due Diligence and money laundering risks;
        (b) has in place adequate safeguards on the confidentiality and use of information exchanged between Group entities, including consideration of relevant data protection legislation;
        (c) remains aware of the money laundering risks of the Group as a whole and of its exposure to the Group and takes active steps to mitigate such risks;
        (d) contributes to a Group-wide risk assessment to identify and assess money laundering risks for the Group; and
        (e) provides its Group-wide compliance, audit and AML functions with customer account and transaction information from branches and subsidiaries when necessary for AML purposes.
        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • AML 14.3 AML 14.3 Notifications

      • AML 14.3.1

        A Relevant Person must inform the DFSA in writing as soon as possible if, in relation to its activities carried on in or from the DIFC or in relation to any of its branches or Subsidiaries, it:

        (a) receives a request for information from a regulator or agency responsible for AML, counter-terrorism financing, or sanctions regarding enquiries into potential money laundering or terrorist financing or sanctions breaches;
        (b) becomes aware, or has reasonable grounds to believe, that a money laundering event has occurred or may have occurred in or through its business;
        (c) becomes aware of any money laundering or sanctions matter in relation to the Relevant Person or a member of its Group which could result in adverse reputational consequences to the Relevant Person; or
        (d) becomes aware of a significant breach of a Rule in this module or a breach of Federal AML legislation by the Relevant Person or any of its Employees.
        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]

    • AML 14.4 AML 14.4 Record keeping

      • AML 14.4.1

        A Relevant Person must maintain the following records:

        (a) a copy of all documents and information obtained in undertaking initial and ongoing Customer Due Diligence;
        (b) records (consisting of the original documents or certified copies) in respect of the customer business relationship, including:
        (i) business correspondence and other information relating to a customer's account;
        (ii) sufficient records of transactions to enable individual transactions to be reconstructed; and
        (iii) internal findings and analysis relating to a transaction or any business, such as if the transaction or business is unusual or suspicious, whether or not it results in a Suspicious Activity Report;
        (c) notifications made under AML Rule 13.2.2};
        (d) Suspicious Activity Reports and any relevant supporting documents and information, including internal findings and analysis;
        (e) any relevant communications with the FIU;
        (f) the documents in AML Rule 14.4.2; and
        (g) any other matter that the Relevant Person is expressly required to record under these Rules,

        for at least six years from the date on which the notification or report was made, the business relationship ends or the transaction is completed, whichever occurs last.

        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
        [Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
        [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]
        [Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]

      • AML 14.4.1A

        A Relevant Person must provide to the DFSA or a law enforcement agency immediately on request a copy of a record referred to in AML Rule 14.4.1.

        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

      • AML 14.4.2 AML 14.4.2

        A Relevant Person must document, and provide to the DFSA immediately on request, any of the following:

        (a) the risk assessment of its business undertaken under Rule 5.1.1;
        (b) how the assessment in (a) was used for the purposes of complying with Rule 6.1.1(1);
        (c) the risk assessment of the customer undertaken under Rule 6.1.1(1)(a); and
        (d) the determination made under Rule 6.1.1(1)(b).
        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 14.4.2 Guidance

          1. The records required to be kept under AML Rule 14.4.1 may be kept in electronic format, provided that such records are readily accessible and available to respond promptly to any DFSA requests for information. Authorised Persons are reminded of their obligations in GEN Rule 5.3.24.
          2. If the date on which the business relationship with a customer has ended remains unclear, it may be taken to have ended on the date of the completion of the last transaction.
          3. The records maintained by a Relevant Person should be kept in such a manner that:
          a. the DFSA or another competent authority is able to assess the Relevant Person's compliance with legislation applicable in the DIFC;
          b. any transaction which was processed by or through the Relevant Person on behalf of a customer or other third party can be reconstructed;
          c. any customer or third party can be identified; and
          d. the Relevant Person can satisfy without delay any regulatory enquiry or court order to disclose information.
          4. The DFSA would ordinarily expect a Relevant Person to be able to provide a copy of a record or assessment referred to in AML Rule 14.4.1 or AML Rule 14.4.2 within 24 hours of a request by the DFSA. However, if a request is complex or if records are kept outside the DIFC as set out in AML Rule 14.4.3, the DFSA may allow further time to comply with the request.
          Derived from RM117/2013 [VER9/07-13]
          [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

      • AML 14.4.3

        Where the records referred to in Rule 14.4.1 are kept by the Relevant Person outside the DIFC, a Relevant Person must:

        (a) take reasonable steps to ensure that the records are held in a manner consistent with these Rules;
        (b) ensure that the records are easily accessible to the Relevant Person; and
        (c) upon request by the DFSA, ensure that the records are immediately available for inspection.
        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

      • AML 14.4.4

        A Relevant Person must:

        (a) verify if there is secrecy or data protection legislation that would restrict access without delay to the records referred to in Rule 14.4.1 by the Relevant Person, the DFSA or the law enforcement agencies of the U.A.E.; and
        (b) where such legislation exists, obtain without delay certified copies of the relevant records and keep such copies in a jurisdiction which allows access by those persons in (a).
        Derived from RM117/2013 [VER9/07-13]

      • AML 14.4.5 AML 14.4.5

        A Relevant Person must be able to demonstrate that it has complied with the training and awareness requirements in chapter 12 through appropriate measures, including the maintenance of relevant training records.

        Derived from RM117/2013 [VER9/07-13]

        • AML 14.4.5 Guidance

          1. In complying with Rule 14.4.3, Authorised Persons are reminded of their obligations in GEN Rule 5.3.24.
          2. The DFSA considers that "appropriate measures" in Rule 14.4.5 may include the maintenance of a training log setting out details of:
          a. the dates when the training was given;
          b. the nature of the training; and
          c. the names of Employees who received the training.
          Derived from RM117/2013 [VER9/07-13]

    • AML 14.5 AML 14.5 Annual AML Return

      • AML 14.5.1 AML 14.5.1

        A Relevant Person must complete the AML Return form in AFN and submit it to the DFSA by the end of September each year. The annual AML Return must cover the period from 1 August of the previous year to 31 July of the reporting year.

        Derived from RM117/2013 [VER9/07-13]
        [Amended] DFSA RM132/2014 (Made 21st August 2014). [VER10/06-14]
        [Amended] DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]
        [Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]

        • AML 14.5.1 Guidance

          Relevant Persons should be aware of their obligation under Cabinet Decision No. 10 of 2019 to prepare and submit semi-annual reports to their senior management, and to send a copy of those reports, with senior management remarks and decisions, to the relevant Supervisory Authority.

          Derived from DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
          [Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
          [Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]

      • Transitional

        • AML 14.5.2 AML 14.5.2

          A Relevant Person must:

          (a) for its financial year ending in 2016, complete and submit the AML Return form under AML Rule 14.5.1 within four months of its financial year end and the return must cover that financial year; and
          (b) for the 2017 calendar year, complete and submit the AML Return form by the end of September 2017 and the return must cover the period from 1 August 2016 until 31 July 2017.
          Derived from DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]

          • AML 14.5.2 Guidance

            In respect of a financial year ending in 2016, a Relevant Person must submit its AML Return four months after its financial year end. For the 2017 calendar year, it must report for the period 1 August 2016 to 31 July 2017. For some Relevant Persons, this may result in an overlap of periods covered by each return.

            Derived from DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]

    • AML 14.6 AML 14.6 Communication with the DFSA

      • AML 14.6.1

        A Relevant Person must:

        (a) be open and cooperative in all its dealings with the DFSA; and
        (b) ensure that any communication with the DFSA is conducted in the English language.
        Derived from RM117/2013 [VER9/07-13]

    • AML 14.7 AML 14.7 Employee Disclosures

      • AML 14.7.1 AML 14.7.1

        A Relevant Person must ensure that it does not prejudice an Employee who discloses any information regarding money laundering to the DFSA or to any other relevant body involved in the prevention of money laundering.

        Derived from RM117/2013 [VER9/07-13]

        • AML 14.7.1 Guidance

          The DFSA considers that "relevant body" in Rule 14.7.1 would include the FIU or another financial intelligence unit, the police, or a Dubai or Federal ministry.

          Derived from RM117/2013 [VER9/07-13]
          [Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
          [Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]

    • AML 14.8 AML 14.8 Decision making procedures

      • AML 14.8.2 AML 14.8.2

        If the DFSA decides to exercise its power under Article 14(1) of Federal Law No. 20 of 2018 in relation to a person, the person may refer the matter to the FMT for review.

        Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]

        • AML 14.8.1 AML 14.8.1

          The procedures in Schedule 3 to the Regulatory Law apply to a decision of the DFSA to impose an administrative penalty under Article 14(1) of Federal Law No. 20 of 2018.

          Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]

          • AML 14.8.2 Guidance

            The Rules in this section apply where the DFSA makes a decision to impose an administrative penalty under Federal Law No. 20 of 2018. The administrative penalties referred to in that Article include fines, bans from working in a sector, suspension or restriction of activities and other measures. The DFSA may also impose sanctions under DIFC laws, for example, under Article 90 of the Regulatory Law, in which case, the relevant provision will specify the procedures that apply.

            Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]