The AML/CFT measures have been intensified in the UAE since the inclusion of Designated Non-Financial Businesses and Professions (DNFBPs) in the purview of AML/CFT Compliance.
There are many regulations to be adhered to viz. Federal Decree-Law 20 of 2018 and Federal Law 26 of 2021 amending specific provisions of Federal Decree-Law 20, Cabinet Decision No. 10 of 2019, Cabinet Decision No. 58 of 2020, Cabinet Decision No. 74 of 2020 the various guidelines, circulars, and standards issued from time to time.
It is recommended to use internationally accepted best practices of AML compliance policies and processes to create an effective AML/CFT program that can reduce your business’s exposure to illicit money. These standards are also known as “Pillars of Effective AML/CFT Framework”.
We discuss herein briefly the seven Pillars of effective compliance under AML/CFT Regulations:
Let’s explore these AML pillars in more detail.
This is the first and foremost requirement that depicts the compliance culture of the organization including the roles and responsibilities of all stakeholders. The competency of the compliance department staff including their independence (no conflict of interest) must be clearly spelled out in the governance section. The board and the senior management should understand the non-conformance risk and penalties and accordingly should design a robust AML framework. They should ensure all three lines of defense are established in the organization to protect the company, regulator, and the country from any money laundering and terrorist financing risk.
AML Policy and Procedure (including risk-based approach and NRA guidelines) drafted in line with the regulatory requirements, is an important document that provides insight into the establishment’s approach to all areas of AML/CFT Compliance. The policy needs to be reviewed from time to time and based on any regulatory updates with a version control document. The procedure documents need to be developed elaborating completely the responsibility and accountability of each of the processes involved in compliance.
The core solution, Risk profiling/model, screening, and monitoring are the tools required for effectively performing the compliance function. Each of these areas must be studied and a proper system to be developed based on the size and nature of the business.
It is essential that the Compliance team and the Senior management have the information needed to assess potential compliance risks and issues relating to AML/CFT. Updating the top management and the regulator on a periodical basis on AML/CFT compliance requires various MIS Reports. The MIS reporting will ensure detection, documentation, and tracking of all financial activities. An efficient case management and reporting solution can help save time and effort as well as lead to more effective investigations.
Management should appoint auditors to review the AML/CFT framework and to submit the reports to the management and Regulator as specified in the Regulation. It is necessary to have an internal and external audit review to oversee the compliance program, identify gaps and suggest corrective actions. It is the responsibility of the compliance department to take corrective actions and submit its action plan to the Board.
This is another important Pillar in the AML/CFT framework that will create awareness and provide various updates to the staff for their effective day-to-day operations. Further, even the Board of Directors, partners, and senior management staff should be aware of the complete Regulation and therefore it is essential that a training session is planned for them as well. The compliance department staff should undergo continuous professional development to keep themselves abreast of compliance-related matters.
All KYC and other mandatory documents need to be stored for a minimum of 5 years from the date of closure of the relationship with the customer. The records must be properly stored (hard copy / soft copy) in an easily retrievable form which can be made available for audit/investigation/inquiry conducted by the auditor or Regulatory Authorities.
Failure to comply with AML obligations opens up your business to regulatory risk. Failure to comply with the mandatory requirements of the Regulations would attract a financial penalty between AED 50,000 to AED 5 million. Such penalties are not simply hypothetical, the authorities are very proactive in conducting inspections and ensuring compliance. Creating a robust AML compliance program helps reduce the risk of potential regulatory nonconformance and potential penalties.
Customers want to know that their transactions are safe with your business. Also, banks or any other financial institutions shall be comfortable transacting with you when they are assured that the business has taken adequate steps to curb money laundering / terrorist financing, which would increase the credibility of the business. If you lack a robust compliance framework, clients/banks/ financial institutions may not be comfortable transacting with your business. A comprehensive compliance program gives consumers assurance that your business is prepared to manage and mitigate money laundering threats.
An agile compliance program can make it easier to stay on top of evolving standards and incorporate new rules or regulations into existing frameworks.
If you’re looking to streamline your AML/CFT compliance framework, Emirates Chartered Accountants Group[ECAG] can help you. We can identify, customize, and integrate your systems to ensure effective AML/CFT Compliance. Do call us for any support/advisory.
Ragesh Mattummal, Partner