Designated Non-finance Businesses and Professions (DNFBPs) are required to comply with the UAE’s Anti-Money Laundering and Combating the Financing of Terrorism (AML-CFT) laws. Non-compliance can lead to penalties from the Ministry of Economy (MoE), which conducts inspections to ensure AML-CFT compliance. To avoid penalties, DNFBPs must prepare for these inspections with a rigorous approach. In this blog, we will provide a checklist of best practices for DNFBPs to prepare for AML-CFT inspections in the UAE.

Company Details: DNFBPs must provide the inspection team with their company details, including the company name as per the trade license, DNFBP category, licensing authority, license number, issue date, address, inspection date, registrar representative names & title, entity representative names & title, and a description of the establishment’s ownership structure up to the ultimate beneficial owner.

Internal Risk Assessment: DNFBPs must conduct an internal risk assessment to understand their money laundering risks. The documented risk assessment must consider categories such as country risk, customer risk, products, services, and transactions risk, delivery channels risk, and the results of the UAE’s National Risk Assessment. AML advisers in Dubai can assist in this process.

Policies and Procedures: DNFBPs must prepare a documented set of AML/CFT Policies and Procedures, approved by the management, and ensure that the documented risk assessment is included in the AML/CFT Policies and Procedures.

Governance: DNFBPs must demonstrate overall responsibility and awareness of AML/CFT matters within the entity. The senior management must be involved in approving AML/CFT Policies, aware of AML/CFT Laws pertaining to DNFBPs, and receive or review AML/CFT periodic reports.

Compliance Officer: DNFBPs must appoint an independent compliance officer with access to all the company’s records, including financials. The compliance officer’s name, CV, and Job Description must be stated, along with the name of the authority to whom the compliance officer reports.

Customer Due Diligence and Onboarding: DNFBPs must have a ‘Know Your Customer’ (KYC) form covering the Source of Funds/Wealth, UBO information, and PEP declaration. KYC forms must be obtained from applicable customers and held for record purposes, and adequate due diligence (CDD/EDD) must be performed in accordance with customer risk scoring.

Cash Transactions: DNFBPs must implement specific controls and procedures for cash transactions and perform ongoing monitoring of transactions. They must provide satisfactory evidence to show the source of funds and mention the percentage of cash transactions from their total transactions.

Suspicious Transactions Monitoring: DNFBPs must register with the goAML platform and submit Suspicious Transaction Reports (STR) via the platform. They must have a documented list of red flag indicators for suspicious transactions and submit DPMSR reports for transactions over AED 55,000 in case of DPMS entities and REAR reports for transactions over AED 55,000 in case of Real Estate entities. They must also keep all records, documents, materials, and data of all local or international financial, commercial, and cash transactions for at least five years.

Training and Awareness: DNFBPs must provide AML training to all staff and document an annual AML training plan.

Targeted Financial Sanctions: DNFBPs must ensure that none of their customers are on the sanctions list.

In conclusion, DNFBPs must follow a rigorous approach to ensure AML-CFT compliance and avoid penalties during inspections by the MoE. The best practices checklist outlined above can help DNFBPs prepare for any kind of inspection.