Introduction and Applicability of the Regulations
Money laundry is a process by which the source of illegal funds is disguised to allow its unsuspicious expenditure by mitigating the risks associated with jeopardizing the source of such illicit funds. Often, terrorist and illegal organizations utilize laundered money to fund themselves and their operations. Hence, both activities are often associated with one another.
In this regard, the UAE has enacted a suite of regulations that aim to counter such illicit crimes; mainly, Federal Decree-Law No. 20 of 2018 on Anti-Money Laundering and Combatting the Financing of Terrorism as amended from time to time, Cabinet Resolution No. 10 of 2019 and various guidelines issued by the relevant authorities. These regulations apply to financial institutions alongside certain entities proving certain services referred to as Designated Non-Financial Business Providers (“DNFBP”s), and non-profit organizations. DNFBPs include real estate brokers and agents, dealers in precious metals and stones, lawyers, notary public officer, independent legal businesses, independent accountants, credit companies and funds service providers.
In light of the global rise of electronic transactions and virtual assets such as cryptocurrencies, NFTs, blockchains and ledgers, the latest addition to the regulations has included digital/electronic assets and virtual assets under the scope of deferment. Moreover, entities that transact in such virtual assets have been added under the definition of DNFBP and are required to monitor and report the transactions they undertake under the applicable regulations.
Customer Due Diligence
DNFBPs are required to identify their clients (whether natural persons or legal persons) through the use of identification documentation as applicable to each client separately. Examples of these documents include passports, proof of citizenship, utility bills, proof of employment, source of funds/wealth, company charter documents, business plans, organizational structures, ID documents of the client’s ultimate beneficiary owners and senior management and proof of address; as applicable.
Risk Assessment
The regulations enforce certain requirements of checks and due diligence requirements depending on the surrounding risks. As a result, DNFBPs need to assess the risk factors surrounding themselves and the customer to apply suitable measures. Such risk factors can be pertinent to the DNFBP itself, its field of business and/or the customers.
Risk factors include goods/services sold, geographic area, residency, maturity of the commercial relationship, net worth, organizational complexity, the validity of the provided identification documents, the identity of the owners/managers/directors and much more.
High-Risk Factors
The local regulations; alongside general worldwide practices and recommendations, identify certain factors which constitute red flags. The presence of one or more of these factors makes the transactions/customer inherently a high-risk one.
These factors are:
1. Natural persons who are or have been entrusted with prominent public functions in any country and/or persons who are, or have previously been, entrusted with the management of a renowned international organization or any prominent function within such an organization; i.e Politically Exposed Persons (“PEPs”) (including their family members and associates).
2. High-risk customers and/or transactions, such as cash-intensive transactions, entities with unnecessary complex structures, individuals without identification documents, persons with high-risk business activities and others.
3. High-risk countries that are identified as such by relevant bodies such as the National Anti-Money Laundering and Combatting Financing of Terrorism and Financing of Illegal Organizations Committee (NAMLCFTC), Financial Action Task Force (“FATF”) and the Basel AML Index.
4. Money or Value Transfer Services providers (“MVTS”), which are entities that provide financial services involving acceptance of cash, cheques, other monetary instruments and the payment of a corresponding sum in cash or other forms to a beneficiary by any means.
5. Non-profit organizations.
Simplified Due Diligence
In the absence of high-risk factors, DNFBPs are allowed to adopt more lenient due diligence measures and procurement of identification documents compared to those adopted for high-risk transactions (Enhanced Due Diligence). This includes allowing the verification the identity of the client and actual beneficiary(ies) after the business relationship has commenced rather than waiting on such verification to start, updating the customer’s data at longer intervals and/or reducing the rate of ongoing control and inspection of transactions.
Enhanced Due Diligence
If a DNFBP deems a transaction/client as one of high-risk and/or is involved in a crime, the DNFBP is required to proceed with enhanced due diligence measures to mitigate risks of money laundering and/or financing terrorism.
Such measures include increased scrutiny and higher standards of verification and documentation, more thorough inquiries to the ownership structures and authority matrices, thorough background search using manual internet searches, public or private databases, publicly-accessible or subscription information aggregation services and commercially available background investigation services, obtaining the approval of senior administration to commence a business relationship, more frequent review and updates of customer due diligence information and a detailed review of the client’s source of funds and wealth; as applicable.
Suspicious Transaction Reporting
If a DNFBP has reasonable grounds to suspect that a transaction, attempted transaction and/or funds constitute a money laundering scheme, finances terrorism/illegal organization(s) and/or constitute the proceeds of a crime, the DNFBP is required to notify the Financial Investigations Unit.
Indications of a suspicious transaction include a transaction or series of transactions that appear to be unnecessarily complex, numbers, sizes and/or types of transactions that are inconsistent with the client’s expected activity and/or previous activity and large unexplained cash amounts.
Conclusion
All financial institutions and DNFBPs operating in the UAE should take appropriate measures to enforce the regulations pertinent to anti-money laundering and combatting the financing of terrorism through the appointment of adequate personnel and adoption of sufficient policies and controls in compliance with the applicable regulations. Failure to do so would subject breaching financial institutions and/or DNFBPs to penalties such as fines, imprisonment and others.