Anti Money Laundering Policy & Procedures

Glossary Terms and Acronyms
In this document the following terms and acronyms are referred to:

Term/Acronym	Meaning
Anti-Money Laundering (“AML”)	Refers to a framework in which, money laundering is managed through adequate policies, processes, practices, procedures and plans to discharge statutory duties, regulatory obligations and agreed standards.
Associated Party	Refers to individuals/entities linked to the customer as follows: the beneficial owner(s) of the serviced entity; the controller(s) of the serviced entity; person(s) on whom power of attorney has been vested to; bank account signatory(ies); persons on whose instructions we must or are authorised to act; persons who can make a request to trustees, for e.g, beneficiaries; providers of initial and ongoing wealth or funds into the serviced entity where different from the settlor.
Beneficial Owner / Ultimate Beneficial Owners (“BO”)	The natural person who owns or exercises effective ultimate control, directly or indirectly, over a customer or the natural person on whose behalf a Transaction is being conducted or, the natural person who exercises effective ultimate control over a legal person or legal arrangement.
Business Relationship	Any ongoing commercial or financial relationship established between financial institutions, designated non-financial businesses and professions, and their Customers in relation to activities or services provided by them.
Client/Customer	A Client/Customer means a natural person or a legal person or a legal arrangement for whom a transaction or account is arranged, opened or undertaken and includes – an applicant for business; a signatory to a transaction or account any person to whom an account or rights or obligations under a transaction have been assigned or transferred; any person who is authorised to conduct a transaction or control an account;
Combatting the financing of terrorist and related activities (“CFT”)	Refers to a framework in which, the combatting of the financing of terrorist and related activities is managed through adequate policies, processes, practices, procedures and plans to discharge statutory duties, regulatory obligations and agreed standards.
Company	Century Financial Consultancy LLC
CFT	Combatting of the financing of terrorist and related activities
Customer Due Diligence (CDD):	Process of identifying or verifying the information of a Customer or Beneficial Owner, whether a natural or legal person or a legal arrangement, and the nature of its activity and the purpose of the business relationship and the ownership structure and control over it for the purposes of the Decree Law and this Implementing Decision.
Decree Law/ Federal Law No 20 of 2018	Means U.A.E. Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations
Designated Nonfinancial Businesses and Professions (DNFBPs)	Anyone who is engaged in the following trade or business activities shall be considered a DNFBP: Brokers and real estate agents when they conclude operations for the benefit of their Customers with respect to the purchase and sale of real estate Dealers in precious metals and precious stones in carrying out any single monetary transaction or several transactions that appear to be interrelated or equal to more than AED 55,000. Lawyers, notaries, and other independent legal professionals and independent accountants, when preparing, conducting or executing financial transactions for their Customers in respect of the following: Purchase and sale of real estate Management of funds owned by the Customer Management of bank accounts, saving accounts or securities accounts Organising contributions for the establishment, operation or management of companies Creating, operating or managing legal persons or Legal Arrangements. Selling and buying commercial entities. Providers of corporate services and trusts upon performing or executing a transaction on the behalf of their Customers in respect of the following activities: Acting as an agent in the creation or establishment of legal persons; Working as or equipping another person to serve as director or secretary of a company, as a partner or in a similar position in a legal person. Providing a registered office, work address, residence, correspondence address or administrative address of a legal person or Legal Arrangement Performing work or equipping another person to act as a trustee for a direct Trust or to perform a similar function in favour of another form of Legal Arrangement. Working or equipping another person to act as a nominal shareholder in favour of another person. Other professions and activities which shall be determined by a decision of the Minister of Finance of UAE.
Employee	Means an individual: (a) who is employed or appointed by a person in connection with that person's business, whether under a contract of service or for services or (b) whose services, under an arrangement between that person and a third party, are placed at the disposal and under the control of that person
Enhanced Due Diligence (“EDD”)	Additional examination and cautionary measures aimed at identifying customers and confirming that their activities and funds are legitimate e.g. document and verify sources of wealth and funds.
Equivalent Jurisdictions	Jurisdictions having implemented CDD measures as recommended by the FATF.
Executive Office	The Executive Office of the Committee for Goods & Material Subjected to Import & Export Control
Financial Action Task Force (“FATF”)	Financial Action Task Force is an inter-governmental body whose purpose is the development and promotion of policies, both at national and international levels, to combat money laundering, terrorist financing and the financing of the proliferation of weapons of mass destruction.
Financial Activities	Financial Activity will have the same meaning as provided under Article (2) of the Implementing Regulation: “The following are considered financial activities and transactions:" Receiving deposits and other funds that can be paid by the public, including deposits in accordance with Islamic Sharia Providing private banking services Providing credit facilities of all types Providing credit facilities of all types, including credit facilities in accordance with Islamic Sharia Providing cash brokerage service Financial transactions in securities, finance and financial leasing Providing currency exchange and money transfer services Issuing and managing means of payment, guarantees or obligations Providing stored value services, electronic payments for retail and digital cash. Providing virtual banking services Trading, investing, operating or managing funds, option contracts, future contracts, exchange rate and interest rate transactions, other derivatives or negotiable financial instruments Participating in issuing securities and providing financial services related to these issues Managing funds and portfolios of all kinds Saving funds Preparing or marketing financial activities 16. Insurance transactions, in accordance with Federal Law No. (6) of 2007 concerning the Establishment of the Insurance Authority and the Organisation of its Operations Any other activity or financial transaction determined by the Supervisory Authority
Financial Institutions	Anyone who conducts one or several of the Financial Activities or operations of /or on behalf of a Customer
Financial Intelligence Unit (“FIU”)	Financial Intelligence Unit established under the Central Bank of UAE
Freezing Orders or Seizure	Temporary restriction over the moving, conversion, transfer, replacement or disposition of funds in any form, by an order issued by a competent government authority in the State entrusted with the implementation of any provision of the Decree Law and its Implementing Regulations.
Funds	Refers to a framework in which, money laundering is managed through adequate policies, processes, practices, procedures and plans to discharge statutory duties, regulatory obligations and agreed standards.
Governing Body	Means the board of directors, partners, committee of management or other governing body of: (a) a Body Corporate or Partnership; or (b) an unincorporated association carrying on a trade or business, with or without a view to profit.
Group	Means a Group of entities which includes an entity (the ‘first entity’) and: (a) any parent of the first entity; and (b) any subsidiaries (direct or indirect) of the parent or parents in (a) or the first entity; or (c) for a Legal Person which is not a body corporate, refers to that person and any other associated Legal Persons who are in an equivalent relationship to that in (a) and (b).
Illegal Organisation	Organisations whose establishment is criminalized, or which pursue a criminalized activity.
IMF	The International Monetary Fund.
Immediate owner	An “immediate owner” is the natural person, legal person or trust that holds a direct interest in the Customer.
Implementing Regulation or Cabinet Decision No 10	Federal Cabinet Decision No. 10 of 2019 on the Implementing Regulations of Federal Law No. 20 of 2018.
Intermediate owner	An “intermediate owner” is the legal person that holds an indirect interest in the customer.
International Organization	Means an organisation established by formal political agreement between member countries, where the agreement has the status of an international treaty, and the organisation is recognised in the law of countries which are members.
Law Enforcement Agency	Federal and local authorities which are entrusted under applicable legislation to combat, search, investigate and collect evidences on the crimes including Money Laundering and terrorist financing and financing illegal organisations crimes.
Legal Arrangement	A relationship established by means of a contract between two or more parties which does not result in the creation of a legal personality such as trust or other similar arrangements
Local Terrorist List	National terrorist list issued by the UAE Cabinet
MENAFATF	The Middle East and North Africa Financial Action Task Force
MLRO	Means the Money Laundering Reporting Officer
Money Laundering or Money Laundering activity (“ML”)	Money Laundering shall have the same meaning as provided under Article 2 of the Decree Law means: Any person, having the knowledge that the Funds are the proceeds of a felony or a misdemeanour, and who wilfully commits any of the following acts, shall be considered a perpetrator of the crime of Money Laundering: Transferring or moving Proceeds or conducting any transaction with the aim of concealing or disguising their illegal source. Concealing or disguising the true nature, source or location of the Proceeds as well as the method involving their disposition, movement, ownership of or rights with respect to said Proceeds. Acquiring, possessing or using Proceeds upon receipt. Assisting the perpetrator of the Predicate Offence to escape punishment.
OECD	The Organisation for Economic Co-operation and Development
Politically Exposed Person (PEP)	PEP shall have the same meaning as provided under Implementing Regulation the a “PEP” means: Natural persons who are or have been entrusted with prominent public functions in the State or any other foreign country such as Heads of States or Governments, senior politicians, senior government officials, judicial or military officials, senior executive managers of state owned corporations, and senior officials of political parties and persons who are, or have previously been, entrusted with the management of an international organisation or any prominent function within such an organisation; and the definition also includes the following: Direct family members (Of the PEP, who are spouses, children, spouses of children, parents). Associates known to be close to the PEP, which include: Individuals having joint ownership rights in a legal person or arrangement or any other close business relationship with the PEP. Individuals having individual ownership rights in a legal person or arrangement established in favour of the PEP.
Predicate Offense	Any act constituting a felony or misdemeanour under the applicable laws of the State whether this act is committed inside or outside the State when such act is punishable in both countries.
Sanctions	Sanctions are restrictive measures imposed on individuals or entities in an effort to curtail their activities and to exert pressure and influence on them. These restrictive measures include, but are not limited to, financial sanctions, trade sanctions, restrictions on travel or civil aviation restrictions
SCA	Securities and Commodities Authority of UAE
Shell Bank	A bank that has no physical presence in the country in which it is incorporated or licensed and which is not affiliated with a regulated financial group that is subject to effective consolidated supervision.
Shell Entity	An entity that: has no physical presence in the country in which it is incorporated; or does not conduct business at a fixed address in a jurisdiction in which the shell entity is incorporated; or does not employ one or more natural persons on a full time business address (the existence simply of a local agent or low level staff does not constitute physical presence); or does not maintain operating records at this address.
Source of Funds	The origin of funds expected to be used in a business relationship or a single transaction with the Company. It includes both the activity, which generates the funds for a relationship e.g. a customer’s occupation or business activities as well as the means through which the customer’s funds were transferred to the Company. In determining the source of funds, the following factors should be taken into consideration: the source of daily/ monthly income/ revenue; the customer’s various revenue streams; the business activities undertaken to give rise to the general income.
Source of Wealth	Means how the global wealth or net worth of a customer or Beneficial Owner is or was acquired or accumulated
State	Means the U.A.E.
Supervisory Authority	Federal and local authorities, which are entrusted by legislation to supervise Financial Institutions, Designated Non-Financial Businesses and Professions and Non-Profit Organisations or the competent authority in charge of approving the pursuit of an activity or a profession in case a supervisory authority is not assigned by legislations
SAR	Suspicious Activity Report
Suspicious Transactions	Transactions related to funds for which there are reasonable grounds to suspect that they are earned from any felony or misdemeanour, related to the financing of terrorism or of illegal organisations, whether committed or attempted
Suspicious Transactions Report (STR)	Means a report regarding suspicious activity/transaction made to the FIU under Federal Law No. 20 of 2018 and Cabinet Decision No. 10 of 2019.
Transaction	All disposal or use of Funds or proceeds including for example: deposits, withdrawals, conversion or transfer, sales, purchases, lending, swap, mortgage, and donation.

Anti-Money Laundering and Combatting the Financing of Terrorism and Illegal Organisations

Introduction
1. Century Financial Consultancy LLC (the “Company”) is a limited liability company incorporated under the laws of Dubai, United Arab Emirates.
  The Company holds a professional license from the Dubai Economy Department of the Government of Dubai and a financial services license from SCA under Category 1 and Category 5 wherein it has been authorised to carry out the activities of Dealing in Securities and Advice & Arrangement. The Company is based in Dubai, United Arab Emirates with its registered office being located at 6th floor, Emaar Square, Downtown, Dubai where records of the flow of customer’s funds in and out of an investment, customer statements and customers’ identification and verification data and or other related documents are maintained.
2. Money Laundering is the process by which criminals attempt to hide or disguise the true origin and ownership of the proceeds of their criminal activities, thereby avoiding prosecution, conviction and confiscation of criminal funds. If carried out successfully, money laundering enables criminals to escape prosecution, maintain control over the proceeds of crime and continue their criminal activities. Money laundering also includes terrorist financing and financing of illegal organisations.
3. In view of combatting Money Laundering and terrorist financing, the Company must comply with the legislative requirements under the Decree Federal law No. (20) of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations, Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation of Decree Law no. (20) of 2018 and any other rules, regulations and circulars issued by the Ministry of Finance (UAE) and the Central Bank of UAE thereof.
4. Involvement in money laundering, whether knowingly or unknowingly, may result in criminal liability and severe reputational damage to the Company and its Employees.
5. The Company, therefore, places the utmost importance on complying with all applicable laws and regulations for the prevention of Money Laundering and will use the policies and procedures set out in this Manual to prevent its business from being used for criminal activities.
6. The Board of the Company is required to adopt internal AML/CFT policies and establish internal procedures; allocate responsibilities to ensure that AML/CFT policies and procedures that meet AML/CFT legal obligations are introduced and maintained.
Manual purpose
1. The Anti-Money Laundering Manual (the “Manual”) sets out guidelines that the Company and those connected with its business must do or not do to comply with the laws and regulations for the prevention of money laundering and terrorism financing in Dubai, United Arab Emirates and how to recognize and report such activity that may be taking place.
2. The policies and procedures in this Manual are supplemented by and must be read together with the Customer Verification Procedures. The Customer Verification Procedures are incorporated by reference in this Manual.

Manual Application

The Manual applies to all individuals:
- who are employed, seconded, or appointed by the Company in connection with its business such as directors, partners and consultants;
- whose services, under an arrangement between the Company and a third party, are placed under the control or are at the disposal of the Company such as outsourced service providers; collectively referred to as (“Employees”).

Employees should consult with the Compliance Officer (“CO”) or the Money Laundering Reporting Officer (“MLRO”) of the of the Company in any case of doubt. Their details are as follows:

Role	Name	Email	Contact
Compliance Officer /MLRO	Toby Mathew	tmathew@century.ae	04-3562725

This Manual is for internal use only and may not be distributed outside the Company without the prior written approval of the Compliance Officer.

Objectives and scope
The objectives of this Manual are to:
- establish a framework, within which AML, CFT and Sanctions are managed through adequate procedures, principles, processes, systems and training to discharge statutory duties and regulatory obligations;
  This manual applies to the Company and outlines its responsibility for:
  - CDD;
  - Preventing and detecting Money Laundering and Terrorist Financing ;
  - Screening of potential and existing customers for adverse media and sanctions
  - Business and Customer Risk Assessment
  - Transaction Monitoring
  - Suspicious Transaction Reporting;
  - Record-keeping;
  - Training;
  In order for the Company’s Board to discharge its AML, CFT and Sanctions risk management obligations, this document serves as part of the Company’s risk management framework and it is supplemented with relevant processes which may be amended from time to time.
Manual understanding
1. Employees are required to read and understand the Manual
2. Employees are required to confirm their understanding of and compliance with the Manual by completing the Declaration of Manual Understanding (refer to Appendix A) and returning it to the CO within 1 month of joining the Company.
Manual review
1. The Company reviews the effectiveness of its anti-money laundering policies, procedures, systems and controls from time to time through its periodic Compliance Monitoring Programme. This review is undertaken either:
  - internally, by the Company’s internal audit or compliance function; or
  - externally, by a competent Company of independent auditors or compliance professionals
2. When the Manual is changed to reflect changes in regulatory requirements or in the Company’s business, Employees shall be notified of these changes. A Register of Amendments is included at the front of this Manual to record the changes that have been made.
Manual owner
1. The Compliance Officer will ensure that the Manual remains up to date.
Applicable Laws & Regulations
The main laws and regulations concerning AML and CFT, applicable to the Company and its Employees in UAE are:
- Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations (the Decree-Law) (as amended by Federal Decree No. 26 of 2021)
- Article 3 of Federal Law No. 8 of 2004
- UAE Federal Law No. 7 of 2014 (“Combating Terrorism Offences”)
- Cabinet Decision No. 10 of 2019 Concerning the Implementing Regulation of Federal Law No. 20 of 2018 (the Implementing Regulation).
- The SCA Board Chairman’s Decision No. (21/Chairman) of 2019 procedures of Anti-money Laundering and Combating the Financing of Terrorism and illegal Organizations.
- Various Circulars and Guideline issued by SCA on AML, CFT and Sanctions.
- UAE Penal Code
- Resolutions and sanctions issued by the UN Security Council and other bodies
- Cabinet Decision No. 20 of 2019 regarding Terrorism Lists Regulation and Implementation of UN Security Council Resolutions on the Suppression and Combating of Terrorism, Terrorist Financing and Proliferation of Weapons of Mass Destruction, and Related Resolutions
- Cabinet Decision. 74 of 2020 concerning the UAE List of Terrorists and the Implementation of UN Security Council Decisions Relating to Preventing and Countering Financing Terrorism and Leveraging Non-Proliferation of Weapons of Mass Destruction, and the Relevant Resolutions.
- Cabinet Decision No. 16/2021 regarding the unified list of violations and administrative fines for the said violations of measures to combat money laundering and terrorism financing that are subject to the supervision of the Ministry of Justice and the Ministry of Economy.
- Guidelines for Financial Institutions on anti-money laundering and combating the financing of terrorism and illegal organisations issued by the UAE Central Bank on 23/6/2019.

Offence and Penalties

The primary money laundering offence is contained in Article 2 of the Decree-Law: Any person, having the knowledge that the funds are the proceeds of a felony or a misdemeanour, and who wilfully commits any of the following acts, shall be considered a perpetrator of the crime of Money Laundering:
- Transferring or moving proceeds or conducting any transaction with the aim of concealing or disguising their Illegal source.
- Concealing or disguising the true nature, source or location of the proceeds as well as the method involving their disposition, movement, ownership of or rights with respect to said proceeds.
- Acquiring, possessing or using proceeds upon receipt.
- Assisting the perpetrator of the predicate offense to escape punishment.
Any person who intentionally commits any of the following is guilty of the crime of financing terrorism:
- Any of the acts specified above in Article (2) of the Decree-Law, if he is aware that the proceeds are wholly or partly owned by a terrorist organisation or terrorist person or intended to finance a terrorist organisation, a terrorist person or a terrorism crime, even if it without the intention to conceal or disguise their illicit origin.
- Providing, collecting, preparing or obtaining Proceeds or facilitating their obtainment by others with intent to use them, or while knowing that such proceeds will be used in whole or in part for the commitment of a terrorist offense, or if he has committed such acts on behalf of a terrorist organisation or a terrorist person while aware of their true background or purpose.
Any person is guilty of financing illegal organisations if they intentionally commit any of the following:
- Any of the acts specified above in Article (2) of the Decree-Law, if he is aware that the proceeds are wholly or partly owned by an illegal organisation or by any person belonging to an illegal organisation or intended to finance such illegal organisation or any person belonging to it, even if without the intention to conceal or disguise their illicit origin.
- Providing, collecting, preparing, obtaining proceeds or facilitating their obtainment by others with intent to use such proceeds, or while knowing that such proceeds will be used in whole or in part for the benefit of an Illegal organization or of any of its members, with knowledge of its true identity or purpose.
Failing to report: Under Article 15 of the Decree Law, the chairman, directors, managers and Employees of the Financial Institutions or other financial, commercial and economic establishments who are aware of any offence, occurring within their establishments relating to money laundering, terrorism and terrorist financing, yet refrain from notifying the Financial Information Unit, shall be punished.
Tipping off: Under Article 25 of the Decree Law, Employees are specifically advised that they may face criminal penalties if they fail to report suspicions of money laundering or if they “tip off” a person by disclosing, directly or indirectly, to the Customer or to any other person that they have reported, or are intending to report, a suspicious transaction. They also must not disclose information contained in an SAR or the fact that a suspicious transaction is being investigated.
Thus, the Company or any of its Employees may be criminally liable for the offence of money laundering if such an activity is committed in its name or for its account and they may also face administrative fines and enforcement action in case of a breach of any of the provisions of the Decree Law or the Implementing Regulation thereof.

The potential penalties for individuals who are convicted of any of the money laundering offences mentioned above comprise fines and or imprisonment as follows under the Decree Law (as amended by the Federal Decree No. 26 of 2021):

Offence	Imprisonment	Fines
Money laundering	Up to 10 years	From AED 100,000 to 5,000,000
Failure to report	Not specified	From AED 100,000 to 1,000,000
Tipping off	Up to 6months	From AED 100,000 to 500,000
Terrorist financing	Life imprisonment or up to 10 years	From 300,000 to 10,000,000
Financing of illegal organisation	Temporary imprisonment	From 300,000
Any legal person whose representatives commits any crime in the Decree Law	Not specified	From 500,000 to 50,000,000
Breaching instructions issued by a competent authority for the implementation of a UN directive.	Not specified	From 50,000 to 5,000,000
Violates any other provision of the Decree Law	Not specified	From 10,000 to 100,000
A temporary imprisonment and a fine of no less than AED 300,000 (three hundred thousand dirham) and no more than AED 10,000,000 (ten million dirham) shall be applied if the perpetrator of a money laundering crime commits any of the following acts: he abuses his influence, or the power granted to him by his profession or professional activities the crime committed through a non-profit organisation. the crime is committed through an organized crime group. In case of Recidivism

The Supervisory Authorities are empowered under the Decree Law to impose the following administrative penalties on the Financial Institutions in case they violate the present Decree Law and its Implementing Regulation:
- Warning
- Administrative fines of no less than AED 50,000 (fifty thousand dirham) and no more than AED 5,000,000 (five million dirham) for each violation.
- Banning the violator from working in the sector related to the violation for the period determined by the supervisory authority.
- Restricting the powers of the Board members, supervisory or executive management members, managers or owners who are proven to be responsible of the violation including the appointment of temporary inspector.
- Suspending managers, board members and supervisory and executive management members who are proven to be responsible of the violation for a period to be determined by the Supervisory Authority or request their removal.
- Suspending or restricting the practice of the activity or the profession for a period to be determined by the supervisory authority
- Cancelling the license.
The Company and its Employees may also be subject to additional fines mentioned under the Cabinet Decision No. (16) of 2021 Regarding the Unified List of the Violations and Administrative Fines for the said violations of measures to combat Money Laundering and terrorism financing that are Subject to the Supervision of the Ministry of Justice and the Ministry of Economy.
Violating UAE Cabinet Resolution 74 of 2020 can expose the Company to administrative penalties and criminal prosecutions including:
imprisonment of no less than one year and no more than seven years and/or a fine of no less than AED 50,000 (fifty thousand dirham) and no more than AED 5,000,000 (five million dirham). Increased scrutiny of future actions from the UAE Government

Summary Obligations
1. Employees are required by their terms of employment to comply with the matters set out in this Manual including, in particular, their personal obligations to participate in AML awareness training.
2. In particular, Employees must:
  - remain vigilant at all times to the possibility that the Company may be used to launder money;
  - report to the Compliance Officer without delay if they know, suspect or have reasonable grounds for knowing or suspecting that a Person may be engaged in money laundering; and
  - not alert that person to their suspicion or the fact that they have made a report.
  Failure to do so may lead to the Company taking disciplinary action, up to and including summary dismissal, against the Employees concerned
3. Fraud
  Many of the circumstances outlined in this Manual may also indicate that a person is engaged in fraud. Suspicions of fraud must immediately be reported to the Compliance Officer who will ensure the matter is properly investigated, and, if necessary, reported to the criminal authorities.
KEY ELEMENTS OF THE COMPANY’s AML PROGRAMME
The key elements of the Company’s policies, procedures, systems and controls for the prevention of money laundering include the following:
1. Risk-based approach:
  1. Identifying the money laundering risks facing the Company and those presented by each Customer and taking a considered, risk-based, approach to eliminating or managing them.
  2. Undertaking the appropriate amount of Customer Due Diligence on its Customers having regard to the risks that have been identified in each case rather than by taking a routine, tick-the-box approach.
2. Staff awareness and training
  1. Ensuring staff are aware of the money laundering risks facing the Company, their obligations and liabilities under applicable laws and regulations, the Company’s procedures for undertaking Customer Due Diligence and how to recognise and report suspicious activity.
3. Customer Due Diligence
  1. Not only verifying the identity of the Company’s Customers (and their Beneficial Owners) but also understanding their Source of Wealth and funds.
  2. Taking account of government, regulatory and international findings concerning blacklisted countries and persons and checking that the Company’s Customers are not subject to them.
4. Prohibited business
  1. Not carrying on business with persons whose ultimate Beneficial Owners cannot be identified or with nominees acting on behalf of persons whose identity has not been disclosed to the Company.
  2. Not allowing a business relationship to commence unless the Customer Due Diligence has been completed.
  3. Not establishing or maintaining a business relationship with a Shell Bank or Shell Company or enter into a correspondent banking relationship with a Shell Bank or Shell Company and take appropriate measures to ensure that the Company does not enter into, or continue a corresponding banking relationship with, a bank which is known to permit its accounts to be used by Shell Companies.
  4. Not establish or maintain an anonymous account, an account in a fictitious name or a nominee account which is held in the name of one person but which is controlled by or held for the benefit of another person whose identity has not been disclosed to the Company.
5. Reliance on others
  1. Relying on other persons to conduct Customer Due Diligence on the Company’s behalf only if the Company is satisfied that they are properly regulated and will undertake the work to the same standard as would the Company if the Company were undertaking the due diligence itself.
6. On-going due diligence and Customer activity monitoring
  1. Keeping the Company’s information about its Customers up to date and verifying any significant changes.
  2. Monitoring the Customer’s activities and Transactions throughout the life of the relationship for signs of suspicious behaviour that may require closer scrutiny. This is one of the reasons identifying Source of Funds and source of wealth is important.
7. Reporting of knowledge or suspicion of money laundering
  1. Internally, by the Employees to the Compliance Officer/MLRO.
  2. Externally, by the Compliance Officer/MLRO to the Financial Intelligence Unit of the Central Bank of UAE.
BOARD OF DIRECTORS ARRANGEMENTS & RESPONSIBILITIES
1. Board of Directors
  1. Responsibility for the Company’s compliance with the policies, procedures, systems and controls set out in this Manual rests with each and every member of its board of directors (the “Board”).
  2. Specifically, the Board and senior management are responsible for:
    - establishing and maintaining effective policies, procedures, systems and controls to prevent opportunities for money laundering in relation to the Company and its activities;
    - ensuring that the Company’s AML systems and controls:
      - include the provision to the Board of regular management information on the operation and effectiveness of its AML systems and controls necessary to identify, measure, manage and control the Company’s money laundering risks;
      - enable it to determine whether a Customer or a Beneficial Owner is a Politically Exposed Person (refer to section 7.6); and
      - enable the Company to comply with all applicable laws and regulations; and
    - ensuring that regular risk assessments are carried out on the adequacy of the Company’s AML systems and controls to ensure that they continue to enable it to identify, assess, monitor and manage money laundering risk adequately, and are comprehensive and proportionate to the nature, scale and complexity of its activities, and on when any material changes are made to its business.
2. Compliance Officer/MLRO
  1. The Company has appointed a Compliance Officer to be responsible for the implementation and oversight of the Company’s compliance with the applicable laws and regulations, who is suitable to perform the role and has an appropriate level of seniority and independence to act in the role.
  2. The Compliance Officer is required to deal with the Supervisory Authorities and the FIU in an open and cooperative manner and must disclose appropriately any information of which the appropriate regulatory authorities would reasonably expect to be notified.
  3. The Compliance Officer must have direct access to the Board and timely and unrestricted access to all information necessary to enable them to carry out their duties.
  4. The Compliance Officer must have sufficient seniority and independence within the Company to act on their own authority and to perform their duties in an effective, objective and independent manner, and must be fully authorised by the Board to do so.
  5. All Employees are required to cooperate fully with the Compliance Officer in the performance of their duties.
3. Responsibilities of the Compliance Officer
  1. Compliance Officer responsibilities in day to day operation of the Company are:
    - Reviewing the day-to-day operations for compliance by the Company with its AML policies, procedures, systems and controls.
    - Detecting Transactions relating to any financial crime
    - Acting as the point of contact to receive internal SARs/STRs from Employees
    - following receipt of a STR/SAR from an Employee, taking appropriate action to:
      - inquire and document the circumstances in which such report was made;
      - determine and document whether in accordance with UAE Federal AML legislation a STR must be made to the FIU;
    - if required, making, in accordance with Decree Law, a STR to the FIU as soon as practicable and notifying the concerned Supervisory Authority immediately following its submission to the FIU that such report has been made;
    - acting as the point of contact within the Company for competent UAE authorities regarding money laundering issues;
  2. Regularly review the internal rules and procedures relating to AML/CFT and their consistency with the Decree Law and the Implementing Regulation and any amendments thereof, assess the extent to which the institution is committed to the application of these rules and procedures, propose what is needed to update and develop these rules and procedures.
  3. Prepare and submit semi-annual reports on these points to senior management and the Board and send a copy of that report to the relevant Supervisory Authority enclosed with senior management remarks and decisions (if required to do so by such Supervisory Authority).
  4. Prepare, execute and document ongoing training and development programs and plans for the institution’s employees on Money Laundering and the Financing of Terrorism and Financing of Illegal Organizations, and the means to combat them.
  5. Collaborate with the Supervisory Authority and FIU, provide them with all requested data, and allow their authorised employees to view the necessary records and documents that will allow them to perform their duties.
4. Audit
  The Company will commission regular reviews and assessments of the effectiveness of its money laundering policies, procedures, systems and controls, and its compliance with them, and will specifically cover the following:
  - sample testing of compliance with the Company’s Customer Due Diligence arrangements;
  - an analysis of all notifications made to the Compliance Officer to highlight any area where procedures or training may need to be enhanced; and
  - a review of the nature and frequency of the dialogue between the senior management and the Compliance Officer as well as between the Board and the Compliance Officer.
  - Such reviews will be carried out by the internal audit function at least annually.

RISK BASED APPROACH

Overview
1. The Company adopts an AML approach that is proportionate to the risks it is exposed to as a result of reviewing the nature of its business, Customers, products, services and any other matters which are relevant in the context of money laundering and ensures such risk-based assessments are:
  - objective and proportionate to the risks;
  - based on reasonable grounds;
  - properly documented; and
2. The Company’s “risk-based approach”, involves:
  - business risk assessments: periodic assessments of the Company’s business which enable the senior management and the Board to understand the money laundering risks facing the Company, assess the Company’s vulnerabilities to those risks and take all reasonable steps to eliminate or manage them. The Company s must also assess and mitigate money laundering risks relating to a new product, business practice or technology before their launch or use.
  - Customer risk assessments: assessments of the money laundering risks presented by each Customer of the Company; and
  - risk mitigation by means of Customer Due Diligence and on-going monitoring that is proportionate to the risks that have been assessed.
  - the Company will not conduct business with a client or business partner who is identified by reference to findings, recommendations, resolutions, sanctions etc. of, inter alia, the UN, any UAE enforcement agency, HMT or OFAC as a proscribed person.
  - the Company will not conduct business where the client’s ownership structure or control arrangements prevent it from identifying any significant beneficial owner.
Business risk assessment
1. The Company will, at least annually, identify and assess any money laundering risks to which its business is exposed, taking into consideration the nature, size and complexity of its activities and when any material changes are made to its business, and to the extent relevant, any vulnerabilities relating to:
  - its type of Customers and their activities;
  - the countries or geographic areas in which it does business;
  - its products, services and activity profiles;
  - its distribution channels and business partners;
  - the complexity and volume of its Transactions;
  - the development of new products business practices and technologies, including new delivery mechanisms, channels and partners; and
  - the use of new or developing technologies for both new and pre-existing products
2. The Company will ensure that any risk identified in the business risk assessment is taken into account in its day-to-day operations, including in relation to:
  - the development of new products and new business practices including new delivery mechanisms and the use of new or developing technologies for both new and existing product. The Company will take reasonable steps to ensure that it has assessed the above risks before it launches or uses the new product, practice or technology.
  - the taking on of new Customers; and changes to its business profile
3. The Company will use the information obtained in its periodic business risk assessments to develop and maintain its AML policies, procedures, systems and controls, ensure that they adequately mitigate the risks that have been identified, assess their effectiveness, and assist in the allocation and prioritisation of AML resources and in carrying out its Customer risk assessments.
4. When carrying out the business risk assessment the Company will assess its vulnerabilities to money laundering, the results of this assessment will also feed into the assessment of customers, however this does not mean that the Company will treat all customers under one business line as posing the same level of risk. All customers will be assessed on a case-by-case basis.
5. The Company will take into consideration the results of the National Risk Assessment prepared by the National Anti-Money Laundering and Combating Financing of Terrorism Committee (NAMLCFTC) in assessing its money laundering risks and taking steps to mitigate those risks.

Customer risk assessment

Before undertaking Customer Due Diligence on a new Customer, the Company will undertake a Customer risk assessment and assign the Customer
Before undertaking Customer Due Diligence on a new Customer, the Company will undertake a Customer risk assessment and assign the Customer a risk rating proportionate to the Customer’s Money Laundering risks.
When undertaking a Customer risk assessment, the Company will:
- identify the Customer and any Beneficial Owner;
- obtain information on the purpose and intended nature of the business relationship;
- obtain information on, and take into consideration, the nature of the customer’s business;
- take into consideration:
- take into consideration the outcomes of the business risk assessment.

The Company will assign the Customer a risk rating of “high”, “medium” or “low”. This risk rating determines the level of customer due diligence required as well as the length of time between client file reviews as follows:

Risk Rating	CDD Level	CDD File Review
Low	Simplified CDD	Every 3 years
Medium	Normal CDD	Every 2 years
High	Enhanced CDD	Every 1 years

Note that Customers having similar characteristics may be assigned different risk ratings having regard to the product concerned and any other relevant factors relevant to the Customer risk assessment.

The Customer risk assessment will be fully documented, reviewed and approved by the Compliance Officer and filed in the customer file. All “high” risk business relationships and any business relationship involving a Politically Exposed Person (refer to section 7.6) must be approved by the senior management
The Company will periodically review each Customer’s risk rating to ensure that it remains up to date in light of current AML risks.

Factors that may indicate lower money laundering risk
1. When assessing if there is a low risk of money laundering in a particular situation, the Company will take into account, among other things:
  - Customer risk factors, including whether the customer is:
    - a public body or a publicly owned enterprise;
    - resident, established or registered in a geographical area of lower risk (as set out in paragraph (b);
    - a regulated Financial Institution that is subject to regulation and supervision, including AML regulation and supervision, in a jurisdiction with AML regulations that are equivalent to the standards set out in the FATF Recommendations;
    - a subsidiary of a regulated Financial Institution referred to in (iii), if the law that applies to the parent ensures that the subsidiary also observes the same AML standards as its parent;
    - a company whose securities are listed by the competent authorities in UAE, another Financial services regulator or a regulated exchange and which is subject to disclosure obligations;
    - a law company, notary company or other legal business that carries on its business in or from a regulated jurisdiction within the UAE;
  - Cgeographical risk factors, including whether:
    - aa country has been identified by credible sources as having effective systems to counter money laundering;
    - aa country is identified by credible sources as having a low level of corruption or other criminal activity, such as terrorism, money laundering, or the production and supply of illicit drugs; and
    - aon the basis of reports by credible sources, such as mutual evaluations, detailed assessment reports or follow-up reports, a country:
      - has requirements to counter money laundering that are consistent with the FATF Recommendations; and
      - effectively implements those Recommendations.
2. For the purposes of paragraph (b) above, a credible source includes, but is not limited to, FATF, the IMF, the World Bank, the OECD and other International Organisations.
3. When assessing the risk factors referred to in (7.4.1), the presence of one or more risk factors may not always indicate a low risk of money laundering in a particular situation.
Factors that may indicate higher money laundering risk
1. When assessing if there is a high risk of money laundering in a particular situation, the Company will take into account, among other things:
  - customer risk factors, including whether:
    - the business relationship is conducted in unusual circumstances;
    - the customer is resident, established or registered in a geographical area of high risk (as set out in paragraph (c) below);
    - the customer is a legal person or Legal Arrangement that is a vehicle for holding personal assets;
    - the customer is a company that has nominee shareholders or shares in bearer form;
    - the customer is a business that is cash intensive, such as a business that receives a majority of its revenue in cash; and
    - the corporate structure of the customer is unusual or excessively complex given the nature of the business.
  - product, service, transaction or delivery channel risk factors, including whether:
    - the service involves private banking;
    - the product, service or transaction is one that might favor anonymity;
    - the situation involves non-face-to-face business relationships or transactions, without certain safeguards, such as electronic signatures;
    - payments will be received from unknown or unassociated third parties;
    - new products and new business practices are involved, including new delivery mechanisms or the use of new or developing technologies for both new and pre-existing products; and
    - the service involves the provision of nominee directors, nominee shareholders or shadow directors, or the formation of companies in another country; and
  - geographical risk factors, including:
    - countries identified in reports by credible sources, such as mutual evaluations, detailed assessment reports or follow-up reports, as:
      - not having effective systems to counter money laundering; or
      - not implementing requirements to counter money laundering that are consistent with FATF Recommendations;
    - countries identified by credible sources as having significant levels of corruption or other criminal activity, such as terrorism, money laundering or the production and supply of illicit drugs;
    - countries subject to sanctions, embargos or similar measures issued by, for example, the United Nations or the State;
    - countries providing funding or support for terrorism; and
    - countries that have organisations operating within their territory that have been designated by the State, other countries or International Organisations as terrorist organisations.
2. For the purposes of paragraph (c) above, a credible source includes, but is not limited to, FATF, the IMF, the World Bank, the OECD and other International Organisations.
3. When assessing the risk factors referred to 7.5.1 above, the presence of one or more risk factors may not always indicate a high risk of money laundering in a particular situation.
Politically exposed persons
1. Politically exposed persons (“PEPs”), members of their immediate families and close associates and others having a high-profile or position of influence can pose a higher money laundering risk as their position (whether current or former) may make them vulnerable to corruption.
2. The Company will take reasonable measures to determine:
  - if a customer, or a Beneficial Owner of a customer, is a PEP; and
  - if the beneficiary of a life insurance or other similar policy, or a Beneficial Owner of a beneficiary of a life insurance or other similar policy, is a PEP.
3. The fact that an individual is identified as a PEP does not automatically mean that the Customer must be high risk. The Company will assess the particular circumstances relating to each PEP, however even if a PEP is not assigned a high risk, the Company will at minimum, undertake the CDD measures stipulated in 7.6.4 below.
4. If a customer, or a Beneficial Owner of a customer, is a PEP, the Company will:
  - obtain the approval of senior management to commence or continue the business relationship with the customer;
  - take reasonable measures to establish the Source of Wealth and Source of Funds of the customer or Beneficial Owner; and
  - increase the degree and nature of monitoring of the business relationship, to determine whether the customer’s transactions or activities appear unusual or suspicious.
Prohibited business
1. The Company will not establish a business relationship with a Customer that is a legal person or Legal Arrangement if the ownership or control arrangements of the Customer prevent the Company from identifying one or more of the Customer’s Beneficial Owners, as may be the case where the ownership structure involves bearer shares or other negotiable instruments in which ownership is determined by possession.
2. The Company will not establish or maintain anonymous or fictitious accounts or accounts for unknown persons, the creation or keeping of records of bank accounts using pseudonyms, fictitious names or numbered accounts, without the account holder’s name. The Company will also not establish or maintain a nominee account, which is held in the name of one person, but which is controlled by or held for the benefit of another person whose identity has not been disclosed to the Company.
3. The Company will not establish or maintain a business relationship with a Shell Bank or enter into a correspondent banking relationship with a Shell Bank and take appropriate measures to ensure that the Company does not enter into, or continue a corresponding banking relationship with, a bank which is known to permit its accounts to be used by Shell Banks.
4. Employees of the Company are referred to the Customer Verification Procedures for the detailed requirements in relation to Customer Due Diligence

CUSTOMER DUE DILIGENCE
The below is provided as guidance. Each client will be reviewed under the risk-based approach and appropriate CDD will be obtained given the risk classification and the type of client that is being onboarded.

Customer Due Diligence
1. Customer Due Diligence (“CDD”) is the process of:
  - identifying the Customer and verifying the Customer’s identity;
  - identifying any Beneficial Owners of the Customer and taking reasonable measures to verify the identity of the Beneficial Owners, so that the Company satisfies itself that it knows who the Beneficial Owners are;
  - taking reasonable measures to understand the nature of the customer’s business and its ownership and control structure, where the customer is a legal person or Legal Arrangement; and
  - undertaking on-going due diligence of the Customer business relationship periodically and at other appropriate times when a material change or event occurs in relation to the Customer.
2. Where a person purports to act on behalf of the Customer, the Company must:
  - identify and verify the Customer’s identity;
  - verify the authority of the person to act on behalf of the Customer; and
  - identify and verify the identity of the person acting on behalf of the Customer.
3. The verification under (1) and (2) above must be based on reliable and independent source documents, data or information. Generally, the Company should have sight of original identification documents and retain a copy of the document, however it may not always be possible to obtain original documents, for example because the Company has no physical contact with the Customer, the Company will obtain a copy certified as a true copy by a person of good standing such as a registered lawyer of notary, a chartered accountant a bank manager, a police officer, an Employee of the person’s embassy or consulate, or other similar person. The CDD information and research obtained from a reputable company or information-reporting agency may also be acceptable as a reliable and independent source as would banking references and, on a risk-sensitive basis, information obtained from researching reliable and independent public information found on the internet or on commercial databases. For higher risk situations it is however, expected that the identification information to be independently verified, using both public and non-public sources.
4. The level of CDD to be undertaken, (both initially and for the duration of the business relationship) must be determined by reference to the Customer’s risk rating assigned under the Customer risk assessment.
5. If the Customer risk assessment indicates that normal CDD will not be sufficient in relation to the higher money laundering risk perceived to be associated with the business relationship in question, the Company should obtain and verify additional information about the customer, its beneficial owners and the purpose of the transaction. The additional measures are referred to as Enhanced CDD.
6. The Company’s due diligence procedures for establishing and verifying the identity of the Customer and Beneficial Owner are set out in the Customer Verification Procedures.
Timing of CDD
1. The Company will ensure that appropriate CDD is, or has been, undertaken when:
  - it proposes to establish a business relationship with a new Customer;
  - it doubts the veracity or adequacy of CDD documents, data or information it has obtained, e.g., where there is a material change in the way the account is operate/d which is not consistent with the Customer’s business profile or where it appears that the Customer is not the real Customer;
  - it suspects money laundering; or
  - there is a change in the risk rating of the Customer, or it is otherwise warranted by a change in the Customer’s circumstances.
2. Generally, the CDD must be completed by or prior to the time at which any business relationship is formalised, e.g. by the signing of a client agreement or the acceptance of terms of business.
3. Exceptionally, however, subject to the Compliance Officer and senior management’s approval, some business relationships may be established with a Customer before completing verification and the CDD may be completed after that time if:
  - deferral of the verification of the Customer or Beneficial Owner is necessary in order not to interrupt the normal conduct of a business relationship for the purpose of executing a time-critical Transaction, which if not executed immediately, would or may cause a Customer to incur a financial loss due to price movement or loss of opportunity;
  - there is little risk of money laundering occurring and any such risks identified can be effectively managed by the Company; and
  - the verification is completed as soon as reasonably practicable and, depending on the nature of the Customer relationship, ideally within 30 days.
4. Where the Company is not reasonably able to comply with the 30-day rule, above, it must, prior to the end of the 30-day period, document the reason for its non-compliance, complete the verification as soon as possible and record the non-compliance event in its Annual AML Return. Note that the Competent Authority/Supervisory Authority may specify a period within which the verification must be completed, failing which the Authority may direct the Company to cease any business relationship with the Customer.
5. The Company’s policy is not to establish a business relationship with any Customer until CDD has been completed.
Customer Verification:
1. Further to 7.1(1), the Company will identify a Customer and verify the Customer’s identity in the manner stated below:
  - If a Customer is a natural person, the Company must obtain and verify information about the persons:
    - full name (including any alias);
    - date of birth;
    - nationality;
    - legal domicile; and
    - current residential address (other than a post office box).
    Items (i) to (iii) in must be obtained from a current valid passport or, where a Customer does not possess a passport, an official identification document with a photograph.
  - If a Customer is a body corporate, the Company must obtain and verify:
    - the full name of the body corporate and any trading name;
    - the address of its registered office and, if different, its principal place of business;
    - the date and place of incorporation or registration;
    - a copy of the certificate of incorporation or registration;
    - the articles of association or other equivalent governing documents of the body corporate; and
    - the full names of its senior management.
  - If a customer is a foundation, the Company must obtain and verify:
    - a certified copy of the charter and by-laws of the Foundation or any other documents constituting the Foundation; and
    - documentary evidence of the appointment of the guardian or any other person who may exercise powers in respect of the Foundation.
  - If a customer is an express trust or other similar legal arrangement, the Company must obtain and verify:
    - a certified copy of the trust deed or other documents that set out the nature, purpose and terms of the trust or arrangement; and
    - documentary evidence of the appointment of the trustee or any other person exercising powers under the trust or arrangement.
Identification and Verification of Beneficial Owners – Body Corporates
1. If a customer is a body corporate, the Company will identify and verify Beneficial Owners.
2. The Company will identify:
  - the natural persons who ultimately have a controlling ownership interest in the Body Corporate, whether legal or beneficial, direct or indirect; or
  - if there is any doubt about whether the natural persons identified under (a) exert control through ownership interests, or if no natural person exerts control through ownership interests, then the Company will identify the natural persons exercising control of the body corporate through other means.
3. In determining whether an individual meets the definition of a Beneficial Owner, the Company will consider all the circumstances of the case, in particular the size of an individual’s legal or beneficial ownership in a transaction. The question of what a “minor” ownership interest for the purposes of the definition of a Beneficial Owner of a Body Corporate will depend on the individual circumstances of the Customer. The question of whether an ownership interest is minor will be considered in the context of the Company’s knowledge of the Customer and the Customer risk assessment and the risk of money laundering.
4. The Company may not proceed to identify a natural person under (a) above, if having regard to the risk-based assessment of the Customer, the Company is reasonably satisfied that the person’s interest is minor and, in the circumstances, poses no or negligible risk of money laundering.
5. In exceptional circumstances, it may not be possible to identify any natural person as the ultimate owner or controller of a body corporate. In such case, where the Company is unable to identify natural person as the Beneficial Owners, having exhausted all possible means, and there are no grounds for suspecting money laundering, the Company may treat each of the members of the senior management of the body corporate as the Beneficial Owners. Under these circumstances, the Company must:
  - keep a record in writing of all the actions it has taken to identify the Beneficial Owners of the body corporate;
  - carry out Enhanced Due Diligence on the Customer;
  - obtain senior management approval before commencing the business relationship with the Customer; and
  - ensure enhanced on-going monitoring of the Customer relationship.
6. If the ownership or control arrangements of a Customer are of such a nature that the Company is prevented from identifying the Beneficial Owners (for example, if Beneficial Owners hold bearer shares or other negotiable instruments and there is no effective system for recording the current holder of the shares or instruments), the Company is prohibited from establishing a business relationship with the Customer.
7. The Company is not required to identify and verify Beneficial Owners, or understand the nature of the Customer’s business, ownership and control structure where the Customer is a body corporate that:
  - has its securities listed on any regulated stock exchange, another Financial Services Regulator or a regulated exchange; and is subject to disclosure requirements which ensure that adequate information about its business, structure and beneficial ownership is publicly available; or
  - is a majority-owned subsidiary of a body corporate referred to in (8.3.7(a)).
8. Under UAE Federal AML Legislations, the Company should obtain information identifying any person who, alone or jointly with other persons, has a controlling interest of more than 25%.
Identification and Verification of Beneficial Owners – Foundations
1. If a customer is a Foundation, the Company will identify the Beneficial Owners and take reasonable measures to verify the identity of the Beneficial Owners in the following manner:
2. The Company will identify the founder, guardian, contributors, qualified recipients, and persons entitled to receive any property or income from the Foundation and any other natural person who exercises ultimate effective control of the Foundation.
3. If the qualified recipients, or other persons entitled to receive property or income from a Foundation, are designated by characteristics or by class, the Company will identity and verify the identity of the qualified recipient or other person before it makes any payment or transfer of property to the recipient or person.
4. Under UAE federal AML legislations, the Company should obtain information identifying any person who, alone or jointly with other persons, who have a controlling interest of more than 25%.
Identification and Verification of Beneficial Owners – Trusts and similar legal arrangements
1. If a customer is a Legal Arrangement, the Company will identify the Beneficial Owners and take reasonable measures to verify the identity of the Beneficial Owners in the following manner:
  - A trust – the Company must identify the settlor, trustee, protector, enforcer, beneficiaries and any other natural person who exercises ultimate effective control over the trust; and
  - Other types of Legal Arrangements – the Company must identify persons in equivalent or similar positions to those persons referred to in (a).
2. If the beneficiaries of a trust or arrangement are designated by characteristics or by class, the Company will identity and verify the identity of the beneficiary:
  - before it makes a distribution to the beneficiary; or
  - when the beneficiary intends to exercise vested rights.
3. Under UAE federal AML legislations, the Company should obtain information identifying any person who, alone or jointly with other persons, have a controlling interest of more than 25%.
Simplified CDD
1. If the Customer has been assigned a “low” risk rating following the Customer risk assessment the Company may undertake Simplified CDD.
2. The Simplified CDD must be proportionate to the money laundering risks identified and may include any of the following:
  - verifying the identity of the Customer and any the Beneficial Owner after the establishment of the business relationship;
  - reducing the frequency of, or as appropriate, not undertaking Customer identification updates;
  - deciding not to verify an identification document other than by requesting a copy;
  - reducing the degree of on-going monitoring of Transactions, based on a reasonable monetary threshold or on the nature of the Transaction; or
  - not collecting specific information or carrying out specific measures to understand the purpose and intended nature of the business relationship but inferring such purpose and nature from the type of Transactions or business relationship established.
3. Notwithstanding that the risks may be low for all such Customers the Company will not adopt a one-size fits all approach for all its low-risk Customers and will undertake CDD that is proportionate to the risks identified on a case by case basis.
4. The Company is always not required to 'identify’ or “verify” beneficial owners for retail investment funds which are widely held and investment funds where the investor invests via pension contributions.
5. The Company might reasonably reduce the frequency of or eliminate Customer identification updates where the money laundering risks are low, and the service provided does not offer a realistic opportunity for money laundering.
6. For the avoidance of doubt, the Company should not conduct Simplified CDD where there is any suspicion of money laundering.
Enhanced CDD
1. If the Customer has been assigned a “high” risk rating following the Customer risk assessment, the Company must in addition to undertaking standard CDD, undertake Enhanced CDD.
2. Enhanced CDD involves, to the extent necessary as determined on a case-by-case basis:
  - obtaining and verifying additional:
    - identification information on the Customer and any Beneficial Owner;
    - information on the intended nature of the business relationship; and
    - information on the reasons for a Transaction;
  - updating more regularly the CDD the Company holds on the Customer and any Beneficial Owners in accordance with the schedule set out in section 8.10.3;
  - taking reasonable measures to establish the Source of Funds and Source of Wealth of the Customer or, if applicable, of the Beneficial Owner;
  - increasing the degree and nature of monitoring of the business relationship, in order to determine whether the Customer’s Transactions or activities appear unusual or suspicious;
  - obtaining a member of the Board of Director’s approval to commence a business relationship with the Customer; and
  - where applicable, and if the Company is not satisfied with the results of the due diligence overall, requiring that any first payment made by a Customer in order to open an account must be made through a bank account in the Customer’s name with:
    - a Bank
    - a regulated Financial Institution whose entire operations are subject to regulation and supervision, including AML regulation and supervision, in a jurisdiction with AML regulations which are equivalent to the standards set out in the FATF recommendations; or
    - a subsidiary of a regulated Financial Institution referred to above, if the law that applies to the parent ensures that the subsidiary also observes the same AML standards as its parent.
3. Where appropriate, the Enhanced CDD measures may include:
  - obtaining documentary evidence as to the source or circumstances that gave rise to the customer or Beneficial Owner’s funds and wealth;
  - ogetting a better understanding of the Customer’s business and business structures, the Customer’s use of the Company’s products and services and the nature and level of business to be expected from the Customer;
  - otaking steps to be satisfied that a Customer’s use of complex legal structures and/or the use of trust and private investment vehicles, has a genuine and legitimate purpose and to properly understand the chain of title, authority or control leading to the ultimate Beneficial Owner, settler and beneficiaries, if relevant.
  - oto the extent that the assets belong to the Beneficial Owner and not the Customer, enquiring into the Beneficial Owner’s Source of Funds and Source of Wealth.
  - otaking reasonable measures to establish the Source of Funds that is, where the funds for a particular service or transaction will come from, for example, a specific bank account held with a specific financial institution, and whether that funding is consistent with the source of wealth of the customer or, if applicable, of the Beneficial Owner. This also includes by obtaining independent corroborating evidence such as, for example, proof of dividend payments connected to a shareholding, bank statements, salary/bonus certificates, loan documentation and proof of a Transaction which gave rise to the payment into the account. A Customer should be able to demonstrate and document how the relevant funds are connected to a particular event, which gave rise to the payment into the account, or to the source of the funds for a Transaction.
  - otaking reasonable measures to establish the Source of Wealth by obtaining independent corroborating evidence such as, for example, share certificates, publicly available registers of ownership, bank or brokerage account statements, probate documents, audited accounts and financial statements, news items from a reputable source and other similar evidence. For example, for a legal person, this might be achieved by obtaining its financial or annual reports published on its website or news articles and press releases that reflect its financial situation or the profitability of its business. For an individual, this might include information corroborating answers given to source of wealth enquiries, or bank of salary statements covering a number of years to draw up a picture of source of wealth.
  - ocommissioning a third-party vendor report to obtain further information on a Customer or Transaction or to investigate a Customer or Beneficial Owner in very high-risk cases. Such reports may be particularly useful where there is little or no publicly available information on the person concerned.
Failure to complete CDD
1. If the Company is unable to conduct or complete the CDD, it will apply one or more of the following measures as may be appropriate in the circumstances:
  - not carry out a transaction with or for the Customer through a bank account or in cash;
  - not open an account or provide a service;
  - not otherwise establish a business relationship or carry out a Transaction;
  - subject to section 8.9.2, terminate or suspend any existing business relationship with the Customer;
  - subject to section 8.9.2, return any monies or assets received from the Customer; and
  - consider whether the circumstances necessitate the making of a STR to the FIU.
2. Where CDD cannot be completed, it may be appropriate not to carry out a Transaction pending completion of the CDD. Where CDD, or a material part of it, such as identifying and verifying a Beneficial Owner cannot be conducted, the business relationship with the Customer should not be established.
3. In the case of a new Customer, it may be appropriate to terminate the business relationship before a product or service is provided. In the case of an existing Customer, however, while termination of the business relationship should not be ruled out, suspension may be more appropriate depending on the circumstances. In either case the Company must be careful not to tip off the Customer.
4. The Company is not obliged to terminate or suspend any existing business relationship with the Customer, or return any monies or assets received from the Customer, if:
  - to do so would amount to “tipping off” the Customer; or
  - the FIU directs the Company to act otherwise.
5. Note the failure to comply with a directive of the FIU would constitute a significant violation of the federal AML legislations which may lead to any legal enforcement actions.

Monitoring the Customer relationship

When undertaking on-going CDD the Company must, using the risk-based approach:
- monitor Transactions to ensure they are consistent with the Company’s knowledge of the Customer, his business and risk rating;
- pay particular attention to any complex or unusually large Transactions or unusual patterns of Transactions that have no apparent or visible economic or legitimate purpose;
- enquire into the background and purpose of the Transactions;
- periodically review the adequacy of the CDD information it holds on Customers and Beneficial Owners to ensure that the information is kept up to date, particularly for Customers with a higher risk rating; and
- periodically review each Customer’s risk assessment to ensure that its risk rating remains appropriate in light of current money laundering risks.
- The Company must carry out a review under (d) and (e) periodically and at other appropriate times when a material change or event occurs relating to a Customer or the Company, such as when:
  - the Company changes its CDD documentation requirements;
  - an unusual Transaction with the Customer is expected to take place;
  - there is a material change in the business relationship with the Customer; or
  - there is a material change in the nature or ownership of the Customer.
In monitoring the Customer relationship, the Company will undertake a periodic review to ensure that Customer identity documentation, such as passport number and address and, for a Legal Person, its share register or list of partners, etc., is accurate and up-to-date.

The degree of on-going CDD to be undertaken will depend on the Customer risk assessment.

Customer Type	Frequency (in years)
Low Risk	3
Medium Risk	2
High risk	1

The Company will use Policy or automated systems, or a combination thereof, depending on, amongst other things, the size and nature of the Firm’s business and Customer base, and the complexity and volume of Transactions. (Guidance 4)
The Company will also review its Customers, their business against UN Security Council sanctions lists and against any other sanctions list, such as UAE list, EU, U.K. HM Treasury, U.S. OFAC, etc., that may be relevant using World Check.

Reliance on a third party to undertake CDD on the Firm’s behalf
1. 8.11.1 Subject to certain conditions, the Company may rely on the CDD obtained by a third party if it has reasonable grounds for believing that the third party will undertake the CDD in a manner that is consistent with UAE AML Legislations and that there are no bank secrecy or data protection laws that would prevent the Company from having access to any relevant information upon request without delay. In all such cases, however, the Board and the senior management acknowledges that the Company remains responsible for compliance with, and liable for any failure to meet, the relevant CDD requirements. Accordingly, all such arrangements must be referred to the Compliance Officer for pre-approval.
2. The Company may rely on any third party listed below to conduct one or more elements of CDD on its behalf or rely on information previously obtained by them:
  - a law firm, notary, or other independent legal business, accounting firm, audit firm or insolvency firm, or an equivalent person in another jurisdiction; and
  - a Financial Institution;
3. However, the Company will rely on that person only if and to the extent that the third party:
  - immediately provides the Company with:
    - all relevant CDD information; and
    - written confirmation that, if they are required, certified copies of the CDD documents will be provided to the Company upon request, without delay;
  - if located in another country, is:
    - subject to requirements in relation to Customer due diligence and record keeping which meet the standards set out in the FATF Recommendations; and
    - supervised for compliance with those requirements in a manner that meets the FATF standards on regulation and supervision.
  - has not relied on any exception from the requirement to conduct any relevant elements of CDD which the Company seeks to rely on; and
  - ensures that any information previously obtained remains up to date.
4. If the Company is not reasonably satisfied that a Customer or Beneficial Owner has been identified and verified by the third party in a manner that is consistent with SCA Rules, it will immediately perform the CDD itself with respect to any deficiencies identified.
5. Before appointing an outsourced service provider to undertake CDD, the Company will follow its in-house outsourcing procedures and in particular will undertake appropriate due diligence to assure itself of the service provider’s suitability and ensure that the service provider’s obligations are clearly documented in a binding agreement.
6. When assessing if the requirements, supervision or regulation in another jurisdiction meet FATF standards under (8.11.3 (b) )and (8.11.4) above, the Company will take into account factors including, among other things:
  - mutual evaluations, assessment reports or follow-up reports published by FATF, the IMF, the World Bank, the OECD or other International Organisations;
  - membership of FATF or other international or regional groups such as the MENAFATF or the Gulf Co-operation Council;
  - contextual factors such as political stability or the level of corruption in the jurisdiction;
  - evidence of recent criticism of the jurisdiction, including in:
    - FATF advisory notices;
    - public assessments of the jurisdiction’s AML regime by organisations referred to in (a); or
    - reports by other relevant non-government organisations or specialist commercial organisations; and
  - whether adequate arrangements exist for co-operation between the AML regulator in that jurisdiction and the UAE.
7. In making the assessment, the Company must rely only on sources of information that are reliable and up-to-date keep adequate records of how it made its assessment, including the sources and materials considered.
Outsourcing
1. The Company acknowledges that when outsourcing one or more elements of its CDD to a service provider, it remains responsible for compliance with and liable for any failure to meet, its CDD obligations.
2. Before appointing an outsourced service provider to undertake CDD, the Company will follow its in-house outsourcing procedures and in particular will undertake appropriate due diligence to assure itself of the service provider’s suitability and ensure that the service provider’s obligations are clearly documented in a binding agreement.

SANCTIONS AND OTHER FINDINGS
1. Targeted Financial Sanctions (Rule 10.2 and Cabinet Resolution 74 of 2020)
  1. The Company must exercise due care to ensure that it does not provide services to, or otherwise conduct business with, any person engaged in money laundering, terrorist financing or the financing of weapons of mass destruction.
  2. Targeted Financial Sanctions are imposed to deny certain individuals, groups, organisations, and entities the means to support terrorism and terrorism financing, finance the proliferation of weapons of mass destruction and other sanctions regimes imposed by the UN and the UAE, and to ensure no funds, financial assets or economic resources of any kind are provided or financial or other services are rendered as long as they remain subject to sanction measures.
  3. UN Sanction regimes include comprehensive economic and trade sanctions, as well as more targeted measures, such as travel bans, sectoral sanctions or embargoes, to give effect to UN Security Council resolutions. UN website https://press.un.org/en/content/security-council/press-release contains details for each regime.
  4. FATF Recommendations focus on implementation of financial sanctions, such as asset freezes.
  5. Under UAE Cabinet Resolution 74 of 2020, the UAE designates sanctions and requires financial institutions and DNFBPs to freeze funds of individuals and entities named on the Sanctions List and Local Lists.
  6. In accordance with the laws of the UAE, the UAE Government also applies Targeted Financial Sanctions by publishing a Local Terrorist List in accordance with UNSCR 1373 (2001).
2. The Executive Office
  1. The Executive Office (IEC) is the authority appointed to coordinate the implementation of all Targeted Financial Sanctions to combat terrorism and terrorist financing, proliferation financing and other sanctions regimes imposed by the UN or the UAE, and in accordance with FATF standards. It is also responsible for import-export control of dual-use goods.
  2. The Executive Office acts as a focal point between all the supervisory authorities in the UAE and other relevant authorities to implement Targeted Financial Sanctions. Its role is to increase awareness with regards to Targeted Financial Sanctions (www.uaeiec.gov.ae).
  3. The Executive Office will circulate the names of entities and individuals designated by the UN sanctions and UAE Terrorist list and will ensure implementation and compliance by all supervisory authorities to the UN sanctions and UAE Terrorist lists, in coordination with the Supreme Council of National Security. It also analyses private sector TFS reports and provide feedback in coordination with FIU and Supervisory Authorities.
  4. The Company is required to subscribe to the Executive Office’s mailing list to receive automated updates of names of designated individuals or entities that are added, deleted or amended, on the UN or Local Lists from time to time (https://www.uaeiec.gov.ae/en-us/un-page).
  5. The Company will ensure it takes appropriate measures to comply with relevant resolutions or sanctions issued by the United Nations Security Council and the UAE (i.e. Targeted Financial Sanctions).
  6. In addition to taking action as set out in 10.4 below the Company will immediately notify the Supervisory Authority upon becoming aware that it is:
    - carrying on or about to carry on an activity;
    - holding or about to hold money or other assets; or
    - undertaking or about to undertake any other business whether or not arising from or in connection with (a) or (b);
      for or on behalf of a person in contravention of a relevant sanction or resolution issued by the United Nations Security Council.
  7. The Company must immediately notify the Competent Authority in writing if it becomes aware of non-compliance by a person with a finding and provide the Competent Authority with sufficient details of the person concerned and the nature of the non-compliance.
3. Government, regulatory and international findings
  1. Governments in many countries have enacted legislation to make money laundering and terrorist financing criminal offences and have legal and regulatory processes in place to enable those engaged in these activities to be identified and prosecuted. Internationally, the FATF has done much to encourage governments to adopt minimum standards including, in particular, making their national regulators require financial services Company s in their jurisdictions to follow specific due diligence procedures in relation to customers.
  2. Generally, the member countries of the FATF are regarded as having arrangements for the prevention of money laundering that are at least equal to those in the UAE.
  3. The Company will obtain and take appropriate measures to comply with (including by undertaking further due diligence on, or by not carrying out a Transaction for or on behalf of, any person who is the subject of) any findings, recommendations, guidance, directives, resolutions, sanctions, notices or other conclusions issued by:
    - the government of the UAE or any government departments in the UAE;
    - the Central Bank of the UAE or the FIU;
    - FATF;
    - UAE enforcement agencies; and
    - Any other Supervisory Authority
    concerning:
    - arrangements for preventing money laundering, terrorist financing or the financing of weapons of mass destruction in a particular country or jurisdiction, including any assessment of material deficiency against relevant countries in adopting international standards; and
    - the names of persons, groups, organisations or entities or any other body where suspicion of money laundering or terrorist financing or the financing of weapons of mass destruction exists.
  4. Government, regulatory and international findings that the Company must comply with include, but are not limited to, measures:
    - requiring specific elements of enhanced due diligence;
    - requiring enhanced reporting mechanisms or systematic reporting of financial transactions;
    - limiting business relationships or financial transactions with specified persons or persons in a specified jurisdiction;
    - prohibiting Relevant Persons from relying on third parties located in a specified jurisdiction to conduct customer due diligence;
    - requiring correspondent relationships with banks in a specified jurisdiction to be reviewed, amended or, if necessary, terminated;
    - prohibiting the execution of specified electronic fund transfers; or
    - requiring increased external audit requirements for financial groups with respect to branches and subsidiaries located in a specified jurisdiction.
  5. Note, however, for the avoidance of doubt, that the CO/MLRO is not obliged to report Transactions from these countries or jurisdictions to the FIU if they do not qualify as suspicious pursuant to UAE AML legislations.
4. Complying with Targeted Financial Sanctions
  1. The Company must screen its customers, potential customers, beneficial owners, authorised persons and parties to any transactions to identify any possible matches with designated individuals or entities on the UN or Local Lists (UAE List) on a regular and ongoing basis:
    - Prior to onboarding new customers
    - Upon CDD reviews or changes to a customer’s information
    - Before processing any Transaction.
  2. Furthermore, the Company must screen its customer database without delay when the UN or Local Lists are updated.
  3. The Executive Office has provided clear instructions for Company s in respect of managing confirmed potential or false positive matches against its potential customers or existing customer database. When screening:
    - A Confirmed Match is when an individual, group, or entity matches most or all of the identifiers published on the Sanctions Lists
    - A Potential Match is when there is any match between data in the Sanctions Lists with any information in the Company’s database
    - A False Positive is a potential match to listed individuals, groups, or entities either due to the common nature of the name or due to ambiguous identifying data, which on examination proves not to be a confirmed or potential match.
  4. The Company is required, in respect of any confirmed match with a designated person listed in the UAE Terrorist List or by the UN Security Council, to:
    - Freeze, without delay1(within 24 hrs) and without prior notice, all funds or other assets (including funds or assets derived or generated therefrom) owned or controlled, wholly or jointly, directly, or indirectly, by the designated person (or any individual or entity acting on behalf of or at the direction of any designated person) ;
    - Prohibit any access, transfer, conversion, movement, disposition, alteration, use or dealing with funds or economic resources in a way which results in changing in their volume, amount, location, ownership, possession, nature or destination or that would in any way enable the use of such funds or economic resources for any purpose (e.g. by sale or mortgage);
    - Report via the GoAML platform within five business days of the implementation of freezing measures by selecting and submitting all necessary information and documents on the Fund Freeze Report (FFR). The report will be received by the Competent Authority and the Executive Office.
  5. When a Potential Match with a designated person listed in the UAE Terrorist List or by the UN Security Council is identified, the Company must take the following necessary action:
    - Suspend without delay any transaction and refrain from offering any funds or services;
    - Report the Potential Match via GoAML platform by selecting and submitting all necessary information and documents on the Partial Name Match Report (PNMR);
    - Uphold suspension measures related to the Potential Match until further instructions are received from Executive Office or the FIU.
  6. The above applies to any assets including but not limited to funds (cash) and financial assets, economic resources (including oil and other natural resources), property of any kind tangible or intangible, moveable or immovable and legal documents or instruments in any form, for example, real estate, securities, local and foreign currency, bank credits, deposits, postal drafts, bank drafts, letters of credit, jewellery and gold, raw materials, etc.
  7. The obligations to freeze without delay shall not prevent additions to frozen accounts of:
    - interest, profits, or other earnings due on the account; or
    - of payments due under contracts, agreements or obligations agreed upon prior to the date on which the account has become subject to freezing, provided such additions are immediately frozen.
  8. Freezing and suspension measures must be taken immediately without delay and do not need any preapproval from the government authorities upon identifying any confirmed or potential match.
  9. A person (natural or legal) who, in good faith, freezes funds, or refuses to provide services or reports information in relation to designated individuals, groups or entities in the UAE Terrorist List or UN consolidated list, shall be exempt from any damages or claims, resulting from such actions.
  10. The Company must remain cognizant of its obligations to submit an SAR/STR. Any suspicious transactions or activities that do not include confirmed or potential matches to the UAE Local Terrorist List or UN List should be reported to the FIU by raising an SAR/STR through the goAML platform.
  11. The Company’s governing body is obliged to cooperate with the Executive Office in verifying the accuracy of any information submitted.
  12. An individual, entity, or group designated in the Local Terrorist List, or his/her legal representative, and any stakeholder may request access to all or part of the frozen funds or other assets for any of certain purposes; or for cancellation of freezing and any other measures. The request must be sent via the Executive Office to the Ministry of Justice for consideration in coordination with the Supreme Council.
5. Majority ownership, control and acting on behalf of at the direction of Designated person
  1. The Company must apply freezing measures on entities which are majority owned by designated individuals or entities. Majority ownership means possession of more than 50% of the proprietary rights of the legal entity or having a controlling interest in it.
  2. A designated person holding 50% or less of the proprietary rights of a legal entity is holding a minority interest in the legal entity. In that case, the legal entity is not subject to freezing measures.
    However, the Company must remain attentive to any changes in the ownership structure of the legal entity whereby the designated person’s stake increases to greater than 50% or if they obtain a controlling interest. The Company must also ensure that funds or other assets (e.g., profits, proceeds from sale of assets, etc.) due to the designated person are subject to freezing measures and are not made available under any circumstances.
  3. The Company should apply freezing measures in cases in which a designated person holds a minority interest, if there is evidence that the designated person exerts control over the legal entity (despite owning a minority interest). The criteria to be taken into account when assessing whether a legal entity is mainly controlled by another person or entity, alone or pursuant to an agreement with another shareholder or other third party, could be any of the following:
    - having the right to appoint or remove a majority of the members of the administrative or management body of such legal person, entity, group or arrangement;
    - having appointed solely as a result of the exercise of one's voting rights a majority of the members of the administrative or management body of a legal person, entity, group or arrangement who have held office during the present and previous financial year;
    - controlling alone, pursuant to an agreement with other shareholders in or members of a legal person, group or entity, a majority of shareholders' or members' voting rights in that legal person, entity, group or arrangement;
    - having the right to exercise a dominant influence over a legal person, group or entity, pursuant to an agreement entered into with that legal person, entity, group or arrangement, or to a provision in its Memorandum or Articles of Association, where the law governing that legal person, entity, group or arrangement permits its being subject to such agreement or provision
    - having the power to exert the right to exercise a dominant influence referred to in point (d), without being the holder of that right;
    - having the right to use all or part of the assets of that legal person, entity, group or arrangement
    - managing the business of that legal person, entity, group or arrangement on a unified basis, while publishing consolidated accounts
    - sharing jointly and severally the financial liabilities of legal person, entity, group, or arrangement, or guaranteeing them or
    - Having a power of attorney or authorized signatory arrangement over a legal person, entity, or group
  4. The Company is required to implement targeted financial sanctions on individuals or entities acting on behalf or at the direction of designated persons. The relationship to act on behalf or at the direction of designated persons must be evidenced by legal documentation, such as a power of attorney or authorised signatory.
6. Complying with other findings
  1. The Company will obtain and take appropriate measures to comply with sanctions and other national and international obligations. This includes undertaking further due diligence on, or by not carrying out a Transaction for or on behalf of, any person who is the subject of any sanctions and whose details are available on a national and international list, including suspect lists such as those provided by the UAE List, EU Office, HM Treasury (United Kingdom), and the Office of Foreign Assets Control (OFAC) of the US Department of Treasury, and information obtained from World-Check and other credible sources, to perform initial and on-going checks on its Customers and their Transactions.
MONITORING AND REPORTING OF SUSPICIOUS ACTIVITY
1. Overview
  1. The Company maintains:
    - policies, procedures, systems and controls with which to monitor and detect suspicious activity or Transactions in relation to potential money laundering or terrorist financing; and
    - an AML training and awareness program that enables Employees to recognise when they have reasonable grounds to suspect that money laundering or terrorist financing is taking place and the means by which suspicions must be reported.
2. Examples of suspicious activity
  1. Money laundering and terrorist financing operations may take many forms: there is no unique set of circumstances or pattern of behaviour by which they can be recognised. The key to recognising suspicious activity is knowing enough about the Customer and the Customer’s normal expected activities to recognise when their activity is abnormal.
  2. Circumstances that might give rise to reasonable grounds for suspicion at the Customer take-on stage might be where the Customer:
    - refuses without reasonable explanation to provide information requested; and/or
    - makes extensive use of offshore accounts, companies or structures in circumstances where its economic needs do not support such arrangements.
  3. Subsequently, during the course of a business relationship with a Customer, circumstances that might give rise to reasonable grounds for suspicion might be:
    - transactions which have no apparent purpose, which make no obvious economic sense, or which are designed or structured to avoid detection;
    - transactions requested by a person without reasonable explanation, which are out of the ordinary range of services normally requested or are outside the Company’s experience in relation to that particular Customer;
    - transactions of a size or pattern that, without reasonable explanation, are out of line with previous experience or are deliberately structured to avoid detection;
    - the Customer uses the relationship for a single Transaction or for only a very short period of time;
    - unnecessary routing of funds through third party accounts; or
    - unusual Transactions without an apparently profitable motive.
3. These examples are by no means exhaustive. Employees must use their reasonable judgement in determining whether other circumstances or transactions should also be regarded as suspicious. Obligation to make further enquiries
  1. A Transaction that appears unusual is not necessarily suspicious. Even Customers with a stable and predictable Transaction profile may have periodic Transactions that are unusual for them. Customers may, for perfectly good reasons, have an erratic pattern of Transactions or account activity. So the unusual is, in the first instance, only a basis for further inquiry, which may in turn require judgement as to whether it is suspicious. A Transaction or activity may not be suspicious at the time, but if suspicions are raised later, an obligation to report then arises.
  2. If you have reasonable grounds to suspect, you must not ignore a possibly valid suspicion by wilful blindness, negligence (i.e. wilfully and recklessly fail to make adequate enquiries) or by failing to assess adequately the facts and information that are either presented or available
4. Obligation to report
  1. Any Employees who knows or suspects or who has reasonable grounds for knowing or suspecting that a person is engaged in money laundering has a personal obligation to make an internal SAR/STR in the format provided under Appendix B to the CO/ MLRO. This obligation applies even in situations when no business relationship was developed if the circumstances were suspicious.
  2. Knowledge means actual knowledge such as that gained from a person’s admission that he is involved in a particular criminal activity, for example, tax evasion. Suspicion, on the other hand, is a personal and subjective assessment that falls short of belief but which must be more than mere speculation and which should be based upon some foundation that money laundering has occurred or is about to occur.
  3. Note, however, that Employees who consider a Transaction to be suspicious would not be expected to know the exact nature of the criminal offence or that the particular funds were definitely those arising from money laundering or terrorist financing.
  4. The requirements mentioned above do not preclude Employees from consulting with his line manager or other Employees in deciding whether or not the circumstances merit the sending of an internal SAR/STR to the CO/MLRO. However, notwithstanding such consultation, the Employees must decide for himself whether the CO/ MLRO should be notified and the Employees should not be prevented or dissuaded from doing so if he knows, suspects or has reasonable grounds for knowing or suspecting that a person may be involved in money laundering.
  5. Employees should be aware that UAE Federal AML legislation specifically provides that a person who makes a SAR/STR shall be immune from any liability, including breach of client confidentiality, unless such reporting is proved to have been in bad faith. (Article 20, Federal Law No. 4).
  6. Employees are also reminded that failure to make an internal SAR may result in disciplinary action by the Company against the Employees and may also constitute a criminal offence punishable under the laws of the UAE.
  7. Notwithstanding that all external STRs/SARs should be made only by the Compliance Officer or a MLRO (if appointed to do so), the Company’s policy is that it will not prejudice Employees who discloses any information regarding money laundering to any other Competent Authority or to any other relevant body involved in the prevention of money laundering including, the FIU or another financial intelligence unit, the police, or a Dubai or Federal ministry.
5. Reporting procedures
  1. Any knowledge, suspicion or reasonable grounds for knowing or suspecting that a person is attempting money laundering or terrorist financing must be reported to the Compliance Officer. This should cover not only suspicious transactions undertaken but also attempted suspicious transactions and suspicious activity or behaviour of any kind, including the actions of customers or potential customers.
  2. In the first instance, the Employees may report informally, by telephone or in person but, subsequently, he must submit an Internal SAR, which he must also date and sign.
  3. The internal SAR/STR provides documentary evidence that the Employees has fulfilled his personal obligation to report suspicious circumstances and creates a permanent record of what those circumstances were.
  4. The template for the Internal SAR/STR form is shown at Appendix B
6. Inquiry by the Compliance Officer
  1. On receipt of an internal SAR/STR, the CO/MLRO will promptly:
    - inquire into and document the circumstances in relation to which the report was made;
    - determine whether in accordance with UAE Federal AML legislation a corresponding External SAR/STR must be made to the FIU and document such determination;
    - if required, make an external SAR/STR to the FIU as soon as practicable; and
    - notify the Company’s licensing/governing body immediately that such report has been made.
  2. If no external SAR/STR is made the CO/ MLRO must record his reasons for not doing so.
  3. Note that the decision whether to make an external SAR/STR is of the CO/MLRO’s alone and is not subject to the consent or approval of any other person.
  4. If the Company knows or assumes that the funds which form the subject of the report do not belong to a Customer but to a third party, the CO/MLRO must include this fact, and the details of the Company’s proposed course of further action in relation to the case, in the report
7. Reporting to the FIU
  1. The FIU is a unit within the Central Bank of the UAE that acts as the national reception point for all external SARs/STRs. The primary role of the FIU is to make the External SARs/STRs available to the law enforcement agencies to facilitate their investigations.
  2. The external SAR/STR will be completed by the CO/MLRO and sent to the FIU using the FIU’s electronic system (GoAML) or by any other means approved by the FIU. Immediately following its submission, the CO/MLRO will notify SCA that such report has been made. The CO/MLRO must provide the FIU with any additional information it requests.
  3. The external SAR/STR should be accompanied by any supporting information, and any additional information which would help the FIU to further its investigations or which could link the SAR/STR to other SARs/STRS and other investigations if possible.
  4. The CO/MLRO must request and be sure to obtain a formal acknowledgment from the FIU that the external SAR/STR has been received.
  5. Following submission of an external SAR/STR the FIU may establish on-going dialogue with the CO/ MLRO as the investigation continues and more information may be requested. The FIU will provide the CO/MLRO with a final outcome when a conclusion is reached.
8. Clearance of Transactions by the FIU
  1. Assisting in the commission of money laundering may constitute a criminal offence punishable under the laws of the UAE. Accordingly, the Company must not carry out any Transaction which it knows or suspects or has reasonable grounds for knowing or suspecting to be related to money laundering until it has:
    - submitted an external SAR/STR to the FIU; and
    - received instructions from the FIU on how to continue its business relationship, including effecting any Transaction with a person.
    If the Customer in question expresses his wish to move the funds before the Company receives instruction from the FIU on how to proceed, the CO/MLRO should immediately contact the FIU for further instructions
9. Freezing orders, seizure orders and other actions
  1. The UAE Central Bank has the power under UAE Federal AML legislation to freeze funds or other assets suspected of relating to money laundering, terrorist financing or the financing of illegal organisations. Other Federal authorities also have powers to apply for the freezing or confiscation of funds or other assets that have been used for such purposes.
  2. The Public prosecution may, of their own accord or at the request of the law enforcement authorities, where there is sufficient evidence of the occurrence of the crime, request direct access to accounts, records and documents held by third parties and request access to the stored data, to identify track and seize funds, control the accounts, and may issue travel bans and other procedures to resolve the crime, perpetrators without prejudice to the legislation applicable to the UAE.
  3. The Law Enforcement Authorities may conduct undercover operations and adopt other investigative methods and initiate the controlled delivery operation aimed at detecting the crime or its evidence or identifying the source and destination of the funds, proceeds or instrumentalities or arresting the perpetrators without prejudice to the legislations applicable in the UAE
  4. The competent judicial authority shall upon request of a judicial authority of another country bound by an enforceable agreement with the UAE provide judicial assistance to identify, freeze or confiscate funds, extradite, handover and hand back persons and items relevant to the crime and exchange relevant information.
10. Tipping off
  1. Employees are reminded that disclosing, directly or indirectly, to the contact or to any other person that a suspicious transaction has been or will be reported, or disclosing information contained in a SAR/STR or the fact that a suspicious transaction is being investigated is a criminal offence under UAE Federal AML legislation.
  2. Employees must therefore be sensitive to these issues when considering CDD measures and take all reasonable care to avoid “tipping off”.
  3. Accordingly, if the Company reasonably believes that performing CDD measures will tip-off a Customer or potential Customer, it may choose not to pursue that process and should file an external SAR/STR instead.
AML TRAINING AND AWARENESS
1. Introduction
  1. The Company’s policy is to provide AML training to all relevant Employees as soon as reasonably practicable after joining the Company and not less than annually thereafter. Relevant employees include the Senior Management, operational staff, any employee with Customer contact or who handles Customer assets and any other employee who might otherwise encounter money laundering in the business.
  2. The form, content and objectives of the AML training programme will be overseen by the CO/MLRO and will specifically address the core topics and objectives below.
2. Core topics and objectives
  1. The CO/ MLRO will ensure that the Company’s AML training:
    - is appropriately tailored to the Company’s activities, including its products, services, Customers, distribution channels, business partners and level and complexity of Transactions;
    - indicates the different levels of money laundering risk and vulnerabilities associated with its business; and
    - enables the Company’s Employees to be able to:
      - understand the relevant legislation relating to money laundering;
      - understand the Company’s AML policies, procedures, systems and controls;
      - understand the types of activity that may constitute suspicious activity in the context of the business in which an Employees is engaged and that may warrant the making of an Internal SAR/STR to the CO/ MLRO;
      - recognise and deal with Transactions and activities, including how to seek and assess the information that is required for them to judge whether a person is involved in suspicious activity which may be related to money laundering or terrorist financing;
      - understand the Company’s arrangements for making an internal SAR/STR to the COMLRO; be aware of the prevailing techniques, methods and trends in money laundering relevant to the Company’s business.
      - understand the roles and responsibilities of Employees in combating money laundering, such as the identity and responsibility of the CO/MLRO; and
      - understand the relevant findings, recommendations, guidance, directives, resolutions, sanctions, notices or other conclusions issued by government, regulatory and international agencies.
  2. In furtherance of this objective, a copy of this Manual is distributed to all relevant Employees.
  3. Training programmes may be provided in coordination with the FIU.

RECORD KEEPING

Objectives
1. The Company’s record keeping objectives are to ensure that:
  - the Competent Authority is able to assess the Company’s compliance with the UAE criminal law, government, regulatory or international findings and any other legislation applicable in the UAE;
  - any Transaction which was processed by or through the Company on behalf of a Customer or other third party can be reconstructed;
  - any Customer or third party can be identified; and
  - the Company can satisfy, within an appropriate time, any regulatory enquiry or court order to disclose information.

Records to be maintained

The Company will maintain the following records:

CDD	a) a copy of, all documents and information obtained in undertaking initial and on-going CDD; and (b) records (i.e. original documents and/or certified copies) in respect of a business relationship, including: (i) business correspondence and other information relating to a customer’s account; (ii) sufficient records of transactions to enable individual transactions to be reconstructed; and (iii) internal findings and analysis relating to a transaction or any business, such as if the transaction or business is unusual or suspicious, whether or not it results in a Suspicious Activity Report/Suspicious Transaction Report; (c) any other matter that the Company is expressly required to record under the Rules.
Suspicious activity/transaction reports	Internal SARs/STRs and all relevant details; External SARs/STRs and any relevant supporting documents and findings, including internal findings and analysis; and any relevant communications with the FIU.
Risk assessments	any business risk assessment and how it was used to assist the carrying out of any Customer risk assessment; and any Customer risk assessment and any risk rating assigned.
Staff awareness and training	the dates when the training was given; the nature of the training; and the names of Employees who received it.

All such records will be retained for at least ten years from the date on which the notification or report was made, the business relationship ends, or the Transaction is completed, whichever occurs last. If the date on which the business relationship with a Customer has ended remains unclear, it will be taken to have ended on the date of the completion of the last Transaction.
Where such records are kept in electronic format, the Company will ensure that they are readily accessible and available to respond promptly to any Competent Authoriy’s requests for information. Further, such records will be maintained in the English language or accompanied by a salient translation, where necessary.

Anti Money Laundering Policy & Procedures

Regulated by SCA

Reach us: