Entire Section
AML 14 AML 14 General
AML 14.1 AML 14.1 Groups, branches and subsidiaries
AML 14.1.1 AML 14.1.1
(1) ARelevant Person which is aDIFC entity must ensure that its policies, procedures, systems and controls required by Rule 5.2.1 apply to:(a) any of its branches orSubsidiaries ; and(b) any of itsGroup entities in theDIFC .(2) Where the anti-money laundering requirements in another jurisdiction differ from those in theDIFC , theRelevant Person must require itsbranch orSubsidiary in that jurisdiction to apply the higher of the two standards, to the extent permitted by the law of that jurisdiction.(3) Where the law of another jurisdiction does not permit the implementation of policies, procedures, systems and controls that are equivalent to or higher than those that apply to theRelevant Person in theDIFC , theRelevant Person must:(a) inform theDFSA in writing; and(b) apply appropriate additional measures to manage the money laundering risks posed by the relevant branch orSubsidiary .AML 14.1.1 Guidance
A
Relevant Person which is aDIFC entity should conduct a periodic review to verify that any branch orSubsidiary operating in another jurisdiction is in compliance with the obligations imposed under these Rules.Derived from RM117/2013 [VER9/07-13]AML 14.1.2 AML 14.1.2
A
Relevant Person must:(a) communicate the policies and procedures which it establishes and maintains in accordance with these Rules to itsGroup entities, branches andSubsidiaries ; and(b) document the basis for its satisfaction that the requirement in Rule 14.1.1(2) is met.Derived from RM117/2013 [VER9/07-13]AML 14.1.2 Guidance
In relation to an
Authorised Firm , if theDFSA is not satisfied in respect of AML compliance of its branches andSubsidiaries in a particular jurisdiction, it may take action, including making it a condition on theAuthorised Firm's Licence that it must not operate a branch orSubsidiary in that jurisdiction.Derived from RM117/2013 [VER9/07-13]AML 14.2 AML 14.2 Group policies
AML 14.2.1
A
Relevant Person which is part of aGroup must ensure that it:(a) has developed and implemented policies and procedures for the sharing of information betweenGroup entities, including the sharing of information relating toCustomer Due Diligence and money laundering risks;(b) has in place adequate safeguards on the confidentiality and use of information exchanged between Group entities, including consideration of relevant data protection legislation;(c) remains aware of the money laundering risks of theGroup as a whole and of its exposure to theGroup and takes active steps to mitigate such risks;(d) contributes to aGroup -wide risk assessment to identify and assess money laundering risks for theGroup ; and(e) provides itsGroup -wide compliance, audit and AML functions with customer account and transaction information from branches and subsidiaries when necessary for AML purposes.AML 14.3 AML 14.3 Notifications
AML 14.3.1
A
Relevant Person must inform theDFSA in writing as soon as possible if, in relation to its activities carried on in or from theDIFC or in relation to any of its branches orSubsidiaries , it:(a) receives a request for information from a regulator or agency responsible for AML, counter-terrorism financing, or sanctions regarding enquiries into potential money laundering or terrorist financing or sanctions breaches;(b) becomes aware, or has reasonable grounds to believe, that a money laundering event has occurred or may have occurred in or through its business;(c) becomes aware of any money laundering or sanctions matter in relation to theRelevant Person or a member of itsGroup which could result in adverse reputational consequences to theRelevant Person ; or(d) becomes aware of a significant breach of a Rule in this module or a breach of Federal AML legislation by theRelevant Person or any of its Employees.Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]AML 14.4 AML 14.4 Record keeping
AML 14.4.1
A
Relevant Person must maintain the following records:(a) a copy of all documents and information obtained in undertaking initial and ongoingCustomer Due Diligence ;(b) records (consisting of the original documents or certified copies) in respect of the customer business relationship, including:(i) business correspondence and other information relating to a customer's account;(ii) sufficient records of transactions to enable individual transactions to be reconstructed; and(iii) internal findings and analysis relating to a transaction or any business, such as if thetransaction or business is unusual or suspicious, whether or not it results in aSuspicious Activity Report ;(c) notifications made under AML Rule 13.2.2};(d) Suspicious Activity Reports and any relevant supporting documents and information, including internal findings and analysis;(e) any relevant communications with the FIU;(f) the documents in AML Rule 14.4.2; and(g) any other matter that theRelevant Person is expressly required to record under these Rules,for at least six years from the date on which the notification or report was made, the business relationship ends or the transaction is completed, whichever occurs last.
Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
[Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
[Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]
[Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]
AML 14.4.1A
A
Relevant Person must provide to theDFSA or a law enforcement agency immediately on request a copy of a record referred to in AML Rule 14.4.1.Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]AML 14.4.2 AML 14.4.2
A Relevant Person must document, and provide to the
DFSA immediately on request, any of the following:(a) the risk assessment of its business undertaken under Rule 5.1.1;(b) how the assessment in (a) was used for the purposes of complying with Rule 6.1.1(1);(c) the risk assessment of the customer undertaken under Rule 6.1.1(1)(a); and(d) the determination made under Rule 6.1.1(1)(b).AML 14.4.2 Guidance
1. The records required to be kept under AML Rule 14.4.1 may be kept in electronic format, provided that such records are readily accessible and available to respond promptly to anyDFSA requests for information.Authorised Persons are reminded of their obligations in GEN Rule 5.3.24.2. If the date on which the business relationship with a customer has ended remains unclear, it may be taken to have ended on the date of the completion of the last transaction.3. The records maintained by aRelevant Person should be kept in such a manner that:a. theDFSA or another competent authority is able to assess the Relevant Person's compliance with legislation applicable in theDIFC ;b. any transaction which was processed by or through theRelevant Person on behalf of a customer or other third party can be reconstructed;c. any customer or third party can be identified; andd. theRelevant Person can satisfy without delay any regulatory enquiry or court order to disclose information.4. TheDFSA would ordinarily expect a Relevant Person to be able to provide a copy of a record or assessment referred to in AML Rule 14.4.1 or AML Rule 14.4.2 within 24 hours of a request by theDFSA . However, if a request is complex or if records are kept outside theDIFC as set out in AML Rule 14.4.3, theDFSA may allow further time to comply with the request.AML 14.4.3
Where the records referred to in Rule 14.4.1 are kept by the
Relevant Person outside theDIFC , aRelevant Person must:(a) take reasonable steps to ensure that the records are held in a manner consistent with these Rules;(b) ensure that the records are easily accessible to theRelevant Person ; and(c) upon request by theDFSA , ensure that the records are immediately available for inspection.AML 14.4.4
A
Relevant Person must:(a) verify if there is secrecy or data protection legislation that would restrict access without delay to the records referred to in Rule 14.4.1 by theRelevant Person , theDFSA or the law enforcement agencies of theU.A.E. ; and(b) where such legislation exists, obtain without delay certified copies of the relevant records and keep such copies in a jurisdiction which allows access by those persons in (a).Derived from RM117/2013 [VER9/07-13]AML 14.4.5 AML 14.4.5
A Relevant Person must be able to demonstrate that it has complied with the training and awareness requirements in chapter 12 through appropriate measures, including the maintenance of relevant training records.
Derived from RM117/2013 [VER9/07-13]AML 14.4.5 Guidance
1. In complying with Rule 14.4.3,Authorised Persons are reminded of their obligations in GEN Rule 5.3.24.2. TheDFSA considers that "appropriate measures" in Rule 14.4.5 may include the maintenance of a training log setting out details of:a. the dates when the training was given;b. the nature of the training; andc. the names ofEmployees who received the training.Derived from RM117/2013 [VER9/07-13]AML 14.5 AML 14.5 Annual AML Return
AML 14.5.1 AML 14.5.1
A
Relevant Person must complete the AML Return form inAFN and submit it to theDFSA by the end of September each year. The annual AML Return must cover the period from 1 August of the previous year to 31 July of the reporting year.Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM132/2014 (Made 21st August 2014). [VER10/06-14]
[Amended] DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]
[Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]AML 14.5.1 Guidance
Relevant Persons should be aware of their obligation under Cabinet Decision No. 10 of 2019 to prepare and submit semi-annual reports to their senior management, and to send a copy of those reports, with senior management remarks and decisions, to the relevant Supervisory Authority.Derived from DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
[Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
[Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]Transitional
AML 14.5.2 AML 14.5.2
A
Relevant Person must:(a) for its financial year ending in 2016, complete and submit the AML Return form under AML Rule 14.5.1 within four months of its financial year end and the return must cover that financial year; and(b) for the 2017 calendar year, complete and submit the AML Return form by the end of September 2017 and the return must cover the period from 1 August 2016 until 31 July 2017.Derived from DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]AML 14.5.2 Guidance
In respect of a financial year ending in 2016, a
Relevant Person must submit its AML Return four months after its financial year end. For the 2017 calendar year, it must report for the period 1 August 2016 to 31 July 2017. For someRelevant Persons , this may result in an overlap of periods covered by each return.Derived from DFSA RM177/2016 (Made 19th June 2016) [VER12/08-16]AML 14.6 AML 14.6 Communication with the DFSA
AML 14.6.1
A
Relevant Person must:(a) be open and cooperative in all its dealings with theDFSA ; and(b) ensure that any communication with theDFSA is conducted in the English language.Derived from RM117/2013 [VER9/07-13]AML 14.7 AML 14.7 Employee Disclosures
AML 14.7.1 AML 14.7.1
A
Relevant Person must ensure that it does not prejudice anEmployee who discloses any information regarding money laundering to theDFSA or to any other relevant body involved in the prevention of money laundering.Derived from RM117/2013 [VER9/07-13]AML 14.7.1 Guidance
The
DFSA considers that "relevant body" in Rule 14.7.1 would include the FIU or another financial intelligence unit, the police, or a Dubai or Federal ministry.Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM223/2018 (Made 18th April 2018). [VER14/07-18]
[Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]AML 14.8 AML 14.8 Decision making procedures
AML 14.8.2 AML 14.8.2
If the DFSA decides to exercise its power under Article 14(1) of Federal Law No. 20 of 2018 in relation to a person, the person may refer the matter to the FMT for review.
Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]AML 14.8.1 AML 14.8.1
The procedures in Schedule 3 to the Regulatory Law apply to a decision of the DFSA to impose an administrative penalty under Article 14(1) of Federal Law No. 20 of 2018.
Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]AML 14.8.2 Guidance
The Rules in this section apply where the DFSA makes a decision to impose an administrative penalty under Federal Law No. 20 of 2018. The administrative penalties referred to in that Article include fines, bans from working in a sector, suspension or restriction of activities and other measures. The DFSA may also impose sanctions under DIFC laws, for example, under Article 90 of the Regulatory Law, in which case, the relevant provision will specify the procedures that apply.
Derived from DFSA RMI271/2020 (Made 26th February 2020). [VER17/04-20]