This study guide provides a comprehensive overview of the Central Bank of the United Arab Emirates (CBUAE) Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) guidelines specifically for Licensed Exchange Houses (LEHs) operating in the UAE.
It is crucial to understand that this guide is based solely on the provided sources and should not be considered a substitute for legal advice or professional guidance.
Introduction
The CBUAE plays a vital role in regulating and supervising the financial sector in the UAE. A key aspect of this role involves ensuring the integrity and stability of the financial system by combating financial crimes, including money laundering and terrorist financing. The Exchange Houses sector, due to its high volume of cash transactions and diverse customer base, is considered inherently risky and material in terms of ML/FT.
Purpose and Applicability of the Guidelines for Exchange Houses
The primary purpose of the CBUAE AML/CFT guidelines is to assist LEHs in understanding and effectively performing their statutory obligations under the UAE’s legal and regulatory framework. These guidelines apply to all LEHs licensed and supervised by the CBUAE, emphasizing risk management and compliance.
Legal Basis
The CBUAE AML/CFT guidelines are underpinned by key UAE laws and regulations, ensuring alignment with international standards like FATF Recommendations. The critical legal references include:
- Federal Decree Law No. (20) of 2018: This law provides the foundation for anti-money laundering and combating terrorist financing in the UAE.
- Cabinet Decision No. (10) of 2019: It outlines the implementing regulations of Federal Decree Law No. (20) of 2018.
- Cabinet Decision No. (74) of 2020: Focused on implementing UN Security Council resolutions on terrorism financing and proliferation financing.
- Chapter 16 of the Standards for the Regulations Regarding Licensing and Monitoring for Exchange Business (version 1.20, 2021): It provides specific compliance requirements for exchange houses.
Risks Related to the Exchange Houses Sector
Exchange houses face significant ML/FT risks due to the nature of their operations. CBUAE recognizes the following major risks:
Cash-Intensive Nature of Transactions
Handling large volumes of cash makes exchange houses vulnerable to ML/FT abuse. Criminals often use cash transactions to obscure the origin of illicit funds.
Speed and Simplicity of Transactions
The rapid processing of transactions can hinder the ability to detect suspicious activity. According to CBUAE guidelines, LEHs must deploy transaction monitoring systems that balance speed with effective compliance measures.
Worldwide Reach
Operating internationally creates challenges in monitoring cross-border transactions. LEHs must adhere to both UAE and international AML/CFT standards to mitigate risks.
Occasional Transactions and Limited Customer Knowledge
LEHs often process one-off transactions, which limits the ability to establish a comprehensive customer risk profile. Federal Decree Law No. (20) of 2018 mandates robust customer due diligence (CDD) even for occasional transactions.
Customer Due Diligence (CDD) for Occasional Transactions
Federal Decree Law No. (20) of 2018, also known as the AML-CFT Law, and the AML-CFT Decision mandate robust customer due diligence (CDD) measures for occasional transactions conducted by Licensed Exchange Houses (LEHs). These measures aim to mitigate money laundering and terrorism financing risks, even when a comprehensive customer risk profile cannot be established.
CDD Requirements for Occasional Transactions
- Thresholds for CDD:
- LEHs must perform CDD for occasional transactions exceeding AED 55,000 or equivalent in any currency, whether in a single or multiple linked transactions.
- CDD is also required for occasional wire transfers exceeding AED 3,500 or equivalent.
CDD Components for Occasional Transactions
Although creating a complete customer profile may be challenging for one-off transactions, the AML-CFT framework highlights the following essential components:
- Customer Identification/Verification: Verify the customer’s identity using reliable, independent sources.
- Sanctions Screening: Screen the customer against relevant sanctions lists.
- Transaction Understanding: Understand the purpose and nature of the occasional transaction.
- Risk Assessment: Evaluate transaction-specific risks, considering factors such as transaction value, source of funds, destination, and potential inconsistencies.
Flexibility in CDD Application
- Post-Transaction Verification:
The AML-CFT Decision allows verification to be completed after the transaction in low-risk scenarios without suspicion, provided that appropriate risk mitigation measures are implemented. Examples include:- Holding funds in suspense until verification is complete.
- Making verification a precondition for completing the transaction.
Simplified Due Diligence (SDD) for Low-Risk Occasional Transactions
- Application of SDD:
The AML-CFT framework permits Simplified Due Diligence (SDD) for low-risk customers and transactions where there is no suspicion of money laundering or terrorism financing. - SDD Measures:
- Reduced verification requirements.
- Fewer inquiries into the transaction’s purpose.
- Less frequent monitoring.
- Enhanced Vigilance:
LEHs must remain vigilant and apply Enhanced Due Diligence (EDD) whenever required, even for transactions initially classified as low risk.
Importance of a Robust Framework
- Policy and Procedure Development:
LEHs must develop comprehensive AML/CFT policies, procedures, and controls that address:- Transaction size.
- Customer type.
- Geographic location.
- Risk indicators.
- Staff Training:
Adequate training for staff on CDD requirements, particularly for occasional transactions, is crucial to ensure compliance and effective risk mitigation.
Regulation and Supervision of Exchange Houses
The CBUAE enforces stringent regulatory oversight to ensure LEHs comply with AML/CFT laws and maintain operational integrity.
Issuing Regulations and Standards
The CBUAE regularly updates its regulations and standards, such as the 2021 Standards for Licensing and Monitoring Exchange Businesses.
Conducting Examinations
The CBUAE has the authority to examine LEHs’ activities and records to ensure compliance. These examinations are aligned with Article 80 of Cabinet Decision No. (10) of 2019.
Imposing Supervisory Actions and Sanctions
CBUAE can impose financial penalties and administrative sanctions for non-compliance, following the Administrative Sanctions Regulations 2021.
Proportionality Principle
The principle ensures supervision and enforcement are commensurate with the size, nature, and complexity of the LEH’s operations.
AML/CFT Program for Licensed Exchange Houses
LEHs must implement a comprehensive AML/CFT program aligned with UAE legal requirements.
Key Components of the AML/CFT Program
Risk Assessment
LEHs must assess their exposure to ML/FT risks, including:
- Customer Risk: Based on the customer’s profile and activity.
- Products and Services Risk: Assessing the vulnerability of specific services like remittances.
- Delivery Channel Risk: Risks associated with online versus in-person transactions.
- Jurisdiction or Geographic Risk: Higher risks in jurisdictions listed by FATF as high-risk countries.
The assessment should be documented, updated annually, and submitted to senior management.
Policies and Procedures
Policies must be tailored to the LEH’s size and complexity. Article 8 of the AML-CFT Law requires policies to address:
- Detection and reporting of suspicious transactions.
- Record-keeping obligations.
- Enhanced due diligence for high-risk customers.
Governance and Compliance Officer
A full-time Compliance Officer, supported by an Alternate Compliance Officer, must oversee AML/CFT efforts. The CBUAE mandates this role to be independent of other operational responsibilities to prevent conflicts of interest.
Customer Due Diligence (CDD) and Ongoing Monitoring
CDD must align with Article 6 of Cabinet Decision No. (10) of 2019, requiring LEHs to:
- Verify customer identities using approved methods like UAE Pass.
- Perform Enhanced Due Diligence (EDD) for high-risk customers.
- Update KYC information based on a risk-based schedule.
Transaction Monitoring
LEHs must implement automated transaction monitoring systems, as outlined in CBUAE’s Transaction Monitoring Guidance for LFIs.
Sanctions Obligations and Freezing Without Delay
LEHs must comply with Targeted Financial Sanctions (TFS) under Cabinet Decision 74 of 2020. This includes freezing assets without delay and reporting to the UAE Financial Intelligence Unit (FIU).
Training
Training must cover:
- Latest AML/CFT laws.
- Typologies of financial crimes.
- Case studies from UAE and international incidents.
Refresher training must be provided annually, or more frequently if legal updates occur.
Independent Audit
LEHs must arrange regular independent audits to assess the effectiveness of their AML/CFT programs:
- Small LEHs: Audit every two or three years.
- Large LEHs: Annual audits.
Audits must be conducted by CBUAE-approved external auditors.
Record Keeping
Records must be retained for a minimum of five years under Article 24 of Cabinet Decision No. (10) of 2019.
Additional Considerations
Counterparty Risk Assessment
LEHs must assess the ML/FT risks of their counterparties, including banks and financial institutions.
Prohibition of Tipping Off
Tipping off is strictly prohibited under UAE law, with violations punishable by imprisonment and fines.
Conclusion
The CBUAE AML/CFT Guidelines for Exchange Houses are critical for safeguarding the UAE’s financial system. LEHs must ensure compliance to mitigate risks, avoid sanctions, and maintain their reputation. While this guide provides a detailed overview, consulting the full text of CBUAE regulations and UAE laws is essential for complete compliance.
