AML 2 Guidance
Past version: effective from 21/08/2014 - 31/01/2017
To view other versions open the versions tab on the right
1. The AML module has been designed to provide a single reference point for all persons and entities (collectively called
Relevant Persons) who are supervised by the DFSA for Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and sanctions compliance. Accordingly it applies to Authorised Firms, Authorised Market Institutions, Designated Non-Financial Businesses and Professions (DNFBP), and Registered Auditors, but to each in different degrees. The AML module takes into consideration the fact that Relevant Persons have differing AML risk profiles. A Relevant Person should familiarise itself with this module, and assess the extent to which the chapters and sections apply to it.
2. The AML module cannot be read in isolation from other relevant legislation or developments in international policy and best practice and, to the extent applicable,
Relevant Persons need to be aware of, and take into account, how these aforementioned matters may impact on the Relevant Person's day to day operations. This is particularly relevant when considering United Nations Security Council Resolutions (UNSCRs) which apply in the DIFC, and unilateral sanctions imposed by other jurisdictions which may apply to a Relevant Person depending on the Relevant Person's jurisdiction of origin, its business and/or customer base.
3. Chapter 1 of this module contains an application table which should assist a
Relevant Person to navigate through the module and to determine which chapters are applicable to it. Chapter 1 also specifies who is ultimately responsible for a Relevant Person's compliance with the AML module. The DFSA expects the senior management of a Relevant Person to establish a robust and effective AML/CTF and sanctions compliance culture for the business.
4. Chapter 2 provides an overview of the AML module and chapter 3 sets out the key definitions in the module. Note that not all definitions used in this module are capitalised.
5. Chapter 4 explains the meaning of the risk-based approach (RBA), which should be applied when complying with this module. The RBA requires a risk-based assessment of a
Relevant Person's business (in chapter 5) and its customers (in chapter 6). A risk-based assessment should be a dynamic process involving regular review, and the use of these reviews to establish the appropriate processes to match the levels of risk. No two Relevant Persons will have the same approach, and implementation of the RBA and the AML module permits a Relevant Person to design and implement systems that should be appropriate to their business and customers, with the obvious caveat being that such systems should be reasonable and proportionate in light of the AML risks. The DFSA expects the RBA to determine the breadth and depth of the CDDwhich is undertaken for a particular customer under chapter 7, though the DFSA understands that there is an inevitable overlap between the risk-based assessment of the customer in chapter 6 and CDDin chapter 7. This overlap may occur at the initial stages of client on-boarding but may also occur when undertaking on-going CDD.
6. Chapter 8 sets out when and how a
Relevant Person may rely on a third party to undertake all or some of its CDDobligations. Reliance on a third-party CDDreduces the need to duplicate CDDalready performed for a customer. Alternatively, a Relevant Person may outsource some or all of its CDDobligations to a service provider.
7. Chapter 9 sets out certain obligations in relation to correspondent banking, wire transfers and other matters which are limited to A
uthorised Persons, and, in particular, to banks.
8. Chapter 10 sets out a
Relevant Person's obligations in relation to United Nations Security Council resolutions and sanctions, and government, regulatory and international findings (in relation to AML, terrorist financing and the financing of weapons of mass destruction).
9. Chapter 11 sets out the obligation for a
Relevant Person (other than certain DNFBPs) to appoint an MLRO and the responsibilities of such a person.
10. Chapter 12 sets out the requirements for AML training and awareness. A
Relevant Person should adopt the RBA when complying with chapter 12, so as to make its training and awareness proportionate to the AML risks of the business and the employee role.
11. Chapter 13 contains the obligations applying to all
Relevant Persons concerning Suspicious Activity Reports, which are required to be made under Federal Law No. 4 of 2002.
12. Chapter 14 contains the general obligations applying to all
Relevant Persons, including Group policies, notifications, record-keeping requirements and the annual AML Return.
13. Chapter 15 sets out specific Rules applying to
DNFBPs, including the requirement to register with the DFSA, and Chapter 16 contains certain transitional Rules.
The U.A.E. criminal law
14. Under Article 70(3) of the Regulatory Law 2004 (the "Law"), the
DFSA has jurisdiction for the regulation of anti-money laundering in the DIFC. This module sets out the regulatory requirements imposed by the DFSA under Article 72 of the Law. The U.A.E. criminal law applies in the DIFC and, therefore, persons in the DIFC must be aware of their obligations in respect of the criminal law as well as these Rules. Relevant U.A.E. criminal laws include Federal Law No. 4 of 2002 regarding the Criminalisation of Money Laundering, Federal Law No. 1 of 2004 regarding Combating Terrorism Offences and the Penal Code of the United Arab Emirates. The Rules in this module should not be relied upon to interpret or determine the application of the criminal laws of the U.A.E.
15. Under Article 3 of the Federal Law No.4 of 2002, a
Relevant Person may be criminally liable for the offence of money laundering if such an activity is intentionally committed in its name or for its account. Relevant Persons are also reminded that:
a. the failure to report suspicions of money laundering;
b. "tipping off"; and
c. assisting in the commission of money laundering,
may each constitute a criminal offence that is punishable under the laws of the
Financial Action Task Force
Financial Action Task Force is an inter-governmental body whose purpose is the development and promotion of international standards to combat money laundering and terrorist financing.
DFSA has had regard to the FATF Recommendations in making these Rules. A Relevant Person may wish to refer to the FATF Recommendations and interpretive notes to assist it in complying with these Rules. However, in the event that a FATF Recommendation or interpretive note conflicts with a Rule in this module, the relevant Rule takes precedence.
Relevant Person may also wish to refer to the FATF typology reports which may assist in identifying new money laundering threats and which provide information on money laundering and terrorist financing methods. The FATF typology reports cover many pertinent topics for Relevant Persons, including corruption, new payment methods, money laundering using trusts and company service providers, and vulnerabilities of free trade zones. These typology reports can be found on the FATF website www.fatf-gafi.org.
U.A.E., as a member of the United Nations, is required to comply with sanctions issued and passed by the United Nations Security Council (UNSC). These UNSC obligations apply in the DIFC and their importance is emphasised by specific obligations contained in this module requiring Relevant Persons to establish and maintain effective systems and controls to make appropriate use of UNSC sanctions and resolutions (See chapter 10).
FATF has issued guidance on a number of specific UNSC sanctions and resolutions regarding the countering of the proliferation of weapons of mass destruction. Such guidance has been issued to assist in implementing the targeted financial sanctions and activity based financial prohibitions. This guidance can be found on the FATF website www.fatf-gafi.org.
21. In relation to unilateral sanctions imposed in specific jurisdictions such as the European Union, the U.K. (HM Treasury) and the U.S. Office of Foreign Assets Control, the
DFSA expects a Relevant Person to consider and take positive steps to ensure compliance where required or appropriate.