Global Anti Money Laundering Regulations: 2021 Review of New AML/CTF Laws & Regulations in the United Arab Emirates

This is the first installment in a five-part blog series featuring high-risk countries and their regulatory efforts to combat AML/CFT crime. Stay tuned to our Identity Insights blog as we will release a new part in this series each week.

Future installments will cover more details on the impact of  new AML/CTF laws, regulations, and crime trends in the EU, MENA, APAC, & LATAM  regions, specifically: 

  1. United Arab Emirates (UAE)
  2. European Union 
  3. Russian Federation
  4. Hong Kong, China
  5. Colombia

The United Arab Emirates is a global hub for international trade and is also a major travel destination for foreigners. The United Arab Emirates has a total of 22 local and 30 foreign banks which opens the door for potentially large amounts of money laundering and terrorist financing. The UAE also has the five biggest banks in the region (accounting for about 60% of the sector’s assets) according to the Corporate Financial Institute. New legislation in the UAE focuses on providing guidance that will help each bank to strengthen its AML compliance program.

AML/CTF Laws & Regulations in the United Arab Emirates

Free Trade Zones (FTZ’s) Corruption and Money Laundering in the UAE

UAE has free trade zones (FTZ’s) in a number of areas across the country; FTZ’s are located throughout Dubai, Abu Dhabi, Sharjah, Fujairah, Ajman, Ras al-Khaimah and Umm al-Quwain. Free Trade Zones are a source of economic vitality and growth for the country. FTZ’s features 100% foreign ownership and zero taxes which attracts many foreign investors. Many of the banks in FTZs lack strong aml monitoring systems which can lead to a host of issues including fines and sanctions. 

Despite the positive aspects of these zones, the openness of the country can also be seen as a double-edged sword and magnet for bad actors who engage in illicit activities/money laundering and terrorist financing.

UAE Legislation Covering Anti Money Laundering/CFT

State-adopted legislation covering anti-money laundering and counter-terrorist financing (in addition to each law’s implementation) are the following:

  • Federal Decree-Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism
  • Financing of Illegal Organisations(the “AML-CFTLaw” or “the Law”)
  • Cabinet Decision No. (10)of 2019 Concerning the Implementing Regulation of Decree-Law No. (20) of 2018 
  • On Anti-Money Laundering and Combating the Financing of Terrorism and illegal Organisations(the “AML-CFTDecision” or “the Cabinet Decision”)

The laws above define money laundering, its predicate offenses, and penalties for the crime. In order for these laws to be effectively implemented, banks and licensed financial institutions (LFIs) must implement Customer Information Programs through the use of Know Your Customer procedures when onboarding new customers or face heavy penalties and fines by the Central Bank and other supervisory agencies. 

Know Your Customer (KYC) Obligations For Banks in the UAE

Know Your Customer (KYC) laws and regulations follow some of the same basic requirements as other developed countries including customer identity verification and data privacy. 

The challenge for compliance officers and large banks in terms of meeting KYC obligations is to balance the need for fast customer onboarding while also managing a robust aml compliance program. The UAE classifies banks as licensed financial institutions (LFI’s) and provides guidance on when it is necessary to report suspicious transactions. 

Emirates NBD, one of the leading banking groups in the MENAT region, allows online submission of customer identification documents for easy onboarding and Know Your Customer (KYC) compliance. 

Acceptable documents for identity verification for individuals include:

  • Visa
  • Passport
  • Latest Emirates ID
  • FATCA self-declaration Form
  • Proof of Residential Address in UAE (Ejari, utility bill, or other bank statements from the last 3 months)

Specific KYC requirements vary depending on which sector your organization is a part of.

Contact one of IDMerit’s identity specialists to learn more about our AML solutions for banks.

Eleven Banks Fined Total of $12.5M by UAE Central Bank Due To AML/CFT Compliance Deficiencies 

Global Trade Review reports that the UAE’s central bank has fined 11 banks a combined total of US$12.5m for anti-money laundering (AML). Although the banks that were fined weren’t named, the fines arising from the financial institutions having inadequate AML and sanctions controls at the end of 2019. 

Additional fines include: 

  • Unnamed Exchange House: Dh500,000 ($136,000) for failing to achieve appropriate levels of compliance with anti-money laundering regulations
  • Bank of Baroda Fined: 6.8 million UAE dirhams on Bank of Baroda’s GCC operations in Dubai over deficiencies in AML/CFT compliance

Contact one of our identity specialists to Schedule a Demo of our anti-money laundering solutions for banks including IDMaml and learn how you can improve your KYC/EDD compliance programs.

UAE Central Bank Proposes Controls To Mitigate Legal Person Risk

The UAE Central Bank issued a report in July focusing on risks posed by legal persons and arrangements to licensed financial institutions. The report also recommended features and internal controls to mitigate these risks. Strong Know Your Customer procedures along with following these recommendations is the foundation of a strong aml compliance program. 

The new guidance recommendations build on Federal Decree-Law No. (20) of 2018 on AML/CFT and the Cabinet Decision No. (10) of 2019 and Unique Beneficial Ownership legislation. 

Before delving into the risks and mitigating controls, it is important to understand key terms associated with the above recommendations. 

The Central Bank has defined a few of these legal concepts in its report and we’ve included them below: 

Beneficial Owner: The natural person who owns or exercises effective ultimate control, directly or indirectly, over a client; or the natural person on whose behalf a transaction is being conducted; or the natural person who exercises effective ultimate control over a legal person or legal arrangement.

Legal Person: Any entities other than natural persons that can establish in their own right a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, partnerships, or associations, along with similar entities. 

Legal Arrangement: A relationship established by means of a contract between two or more parties which does not result in the creation of a legal personality. Examples include trusts or other similar arrangements. Many legal arrangements allow for ownership, control, and enjoyment of funds to be divided between at least two different persons.

ML/FT risks posed by legal persons and arrangements include: 

    • Obscuring identity/beneficial ownership
    • Obscuring source of funds or of wealth
    • Obscuring the purpose of an account or transaction   

Risk 1: Obscuring Identity/Beneficial Ownership Presents ML/TF Risk

Most importantly, “the use of legal persons and arrangements to manage funds or do business can obscure or conceal the identity of the individuals who are truly controlling, directing, or benefiting from the services the LFI offers its legal person or legal arrangement customer.” 

There are varying warning signs or organizational structures that may be abuses of legal persons and arrangements for money laundering or terrorist financing activities. 

These warning signs include:

  • Entities of different types and in different jurisdictions
  • The use of one-time ‘disposable’ entities that are abandoned after they have served their purpose
  • The use of previously inactive ‘shelf’ companies. 

Internal controls that may mitigate this risk include having a robust process including identity verification and collecting information on the Unique Beneficial Owners (UBO’s) of any businesses or organizations involved in these transactions.

Risk 2: Obscuring Source of Funds/Wealth

A second risk or red flag that may indicate money laundering or terrorist financing/bribery includes the obfuscation of the source of funds through the use of a shell company or a “front company.” Individuals may use shell companies, or legal persons, to hide the source of funds especially if they are illicit in nature. 

Examples of how illicit funding sources may be hidden or 

  • Politically Exposed Persons (PEP) receiving funds in a situation involving bribery or corruption. 
  • Connection accounts where the customer identifying information may be separated from the financial transaction itself

Internal controls to mitigate this risk are more difficult to implement as shell companies and parties to transactions may be set up in such a way that the bad actor is not able to be established. Proper risk profiling and know your business procedures will uncover any illicit financial flows. 

Risk 3: Obscuring The Purpose of An Account or Transaction   

In addition to the above risks, money launderers and terrorists use obfuscation to mask the purpose of specific accounts and transactions as they conduct illicit financial activities. Money launderers use specific staging and placement activities to obscure the purpose of their transactions or accounts. This could be through bundling which is common with cryptocurrency transactions or by completing transactions that have no obvious economic purpose. 

The United Arab Emirates is taking a hard look at innovative solutions to curb the risk of money laundering and terrorist financing through the use of fraud detection, transaction monitoring, and facial recognition systems. 

Many of the banks that lack strong aml monitoring systems or facial recognition tech will end up facing large fines.

UAE Cabinet Approves Facial Recognition Technology For Private Sector 

Biometrics and facial recognition are extremely powerful tools in the identity industry and are growing in popularity in the MENA region. 

The United Arab Emirates Cabinet recently approved the use of biometrics and facial recognition technology in hopes to ensure identity verification efficiency. In a tweet by His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai, the Ministry of the Interior will implement facial ID to reduce paperwork and streamline identity verification. 
Benefits to facial identification and biometrics include: 

  • Streamlines digital onboarding 
  • Increased security and error-reduction
  • Eliminating the need for customers to visit branch offices 

According to Gulf News, “In March 2020, Abu Dhabi police upgraded their patrol cars with live biometric facial recognition system. It is also used for border checks.” Dubai also leads the way in the adoption of AI-driven facial recognition as its citizens are able to use facial recognition to secure public transport. In November 2020, Brig Obaid Al Hathboor, Director of Transport Security Department, stated that Dubai Metro Station was ready to implement facial recognition to apprehend wanted criminals.


Future AML/CFT Trends & Solutions For Banks in the UAE

The UAE’s Ministry of Economy established an AML department to oversee the supervision and enforcement of local laws and regulations relating to AML/CFT. The UAE has implemented sweeping legislation and isn’t holding back. It is working to implement and follow the recommendations of the Financial Action Task Force. 

Judgments including that of former Chairman of an Abu Dhabi Government-owned company, as well as its Chief Executive Officer (CEO), to 15 years imprisonment are signs of a major reversal in enforcement actions. 

The judgment marks the “latest in a string of recent money laundering cases, demonstrating the strong commitments of law enforcement agencies and public prosecution authorities in the UAE to address such financial crimes,” Samir Safar-Aly of Baker McKenzie said. 

With the UAE’s new commitment to facial recognition technology and focus on enforcement of anti-money laundering laws and regulations, the trend is definitely moving towards reformative justice. 

IDMerit can help you strengthen our aml compliance program, contact one of our identity experts today.

Stay tuned to our Identity Insights blog as we will release a new installment in this series weekly.


Also, follow our LinkedIn and Facebook pages for anti-money laundering news and significant regulatory changes and how you can update your aml compliance program.


Headquartered in San Diego, California, IDMERIT provides an ecosystem of identity verification solutions designed to help its customers prevent fraud, meet regulatory compliance and deliver frictionless user experiences. The company is committed to the ongoing development and delivery of offerings that are more cost-effective and comprehensive than other solution providers. IDMERIT was funded by experts who have been sourcing data on personal and business identities across the globe for over a decade. This access to official and trusted data throughout the world has become increasingly important as companies find themselves completing transactions across borders as a standard course of business.


Tony Raval
Tony Raval

Tony Raval brings more than 15 years of leadership in data technology as the Founder and CEO of IDMERIT, headquartered in Carlsbad, California. He leads an executive team including top data tech veterans to execute on his passion of creating a global data universe generating true and trusted intelligence. IDMERIT’s competitive success has come from the company’s ability to perform cross-border transactions, for which Tony and his team have developed a meticulous process and progressive technology. The company was launched as the result of a highly effective engagement with a leading global financial institution, whereby the company was uniquely able to triangulate multiple elements to create a comprehensive, and yet, frictionless experience. Tony has provided data intelligence to companies such as Google, SalesForce, and HP as well as clients across financial, government and other sectors seeking a superior partner in compliance and mitigating risk. He holds a Master’s Degree in computer engineering and data sciences, is an active member of the Entrepreneurs Organization San Diego and dedicated mentor to new entrepreneurs in EO’s Accelerator Program, enjoys meditation and running, and he and his wife Sonal recently celebrated their three-year-old son's birthday.

Get Notified about Industry Updates