New DFSA Consultation Paper released on AML, CTF and Sanctions

On 22 February 2018, the Dubai Financial Services Authority (the DFSA), which is the independent financial services regulator for the Dubai International Financial Centre (the DIFC), issued Consultation Paper No. 118 on proposed changes to the DFSA’s Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and Sanctions Regime (the Consultation Paper No. 118). The deadline for providing comments to the DFSA is 24 March 2018. This article outlines some of the key issues.

On 22 February 2018, the Dubai Financial Services Authority (the DFSA), which is the independent financial services regulator for the Dubai International Financial Centre (the DIFC), issued Consultation Paper No. 118 on proposed changes to the DFSA’s Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and Sanctions Regime (the Consultation Paper No. 118).

Consultation Paper No. 118 and its appendices can be accessed here. The deadline for providing comments to the DFSA is 24 March 2018.

Background to Consultation Paper No. 118

Consultation Paper No. 118 comes ahead of the next Mutual Evaluation report for the UAE by the Financial Action Task Force (FATF), which is now confirmed to take place in July 2019.

Established in 1989, FATF is an inter-governmental body whose objectives are to set global standards and promote effective implementation of legal and regulatory regimes for the combatting of AML, CTF and other related risks to the financial system internationally. To that effect, FATF issued its International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation (the FATF Recommendations - available here) in 1990, followed by revisions in 1996, 2001, 2003 and most recently in 2012. In total there are 40 such recommendations from preventative measures and KYC (or Know-Your-Customer) requirements, to the operation of Financial Intelligence Units (FIUs) and international cooperation through Mutual Legal Assistance (MLA) agreements between governments.

Whilst the United Arab Emirates (the UAE) is not a Member of FATF directly, it is a member of MENA-FATF, which is a “FATF Style Regional Body” (FSRB) established in 2004 and headquartered in the Kingdom of Bahrain. Whilst FATF is a standard-setting body, FSRBs (such as MENA-FATF) play a key role in identifying and addressing the AML and CTF needs of their individual members by helping to implement the FATF Recommendations. As part of the implementation process, FATF monitors (through Mutual Evaluation) the progress of its members.

The UAE, including the DIFC, was last subject to a mutual evaluation in 2007, the findings of which were published in a Mutual Evaluation Report dated 9 April 2008 (available here).

Background on AML and CTF legislation in the UAE and the DIFC

Whilst the DIFC has a separate civil and commercial legal framework, it has no jurisdiction over criminal matters. As such, the UAE’s federal AML and counter-terrorist financing CTF legal framework (as well as the UAE’s Federal Penal Code) applies directly in the DIFC, namely the:

  • UAE Federal Law No. 4 of 2002 regarding Criminalisation of Money Laundering, as amended by Federal Law No. 9 of 2014 amending certain provisions of Federal Law No. 4 of 2002 concerning the Combating of Money Laundering Crimes (UAE Federal AML Law)
  • UAE Council of Ministers' Decree No. 38 of 2014 regarding the Executive Bylaw of the Federal Law No. 4 of 2002 regarding Anti-Money Laundering and Combating Financing of Terrorism (UAE Federal AML By-laws)
  • UAE Federal Law No. 1 of 2004 on Combating Terrorism Offences, as amended by Federal Law No. 7 of 2014 on Combating Terrorism Crimes (UAE Federal CTF Law), and
  • UAE Central Bank Circular No. 24/2000 dated 14/11/2000 regarding the regulations concerning procedures for anti-money laundering, as amended by UAE Central Bank Notice 2922/2008 dated 17/06/2008 (UAECB AML Regulations). Whilst this is only relevant to banks and financial institutions regulated by the UAE Central Bank, the guidance contained therein is nonetheless useful in terms of understanding the requirements under the UAE Federal AML Law generally.

Please note that the DIFC is a geographically delineated financial free zone with its own common-law based civil and commercial legal framework, and financial services regulatory regime (separate and distinct from the rest of the UAE). However, under the laws establishing the DIFC free zone (Federal Decree No. 35 of 2014, Emirate of Dubai Law No. 9 at 2009 and UAE Cabinet Resolution No. 28 of 2007), as well as the UAE federal law that established/introduced the concept of “financial free zones” generally (Federal Law No. 8 of 2004), the DIFC and other financial free zones (such as the Abu Dhabi Global Market or “ADGM”) do not have separate jurisdiction over criminal law related matters, and all federal UAE AML/CTF laws apply in such territories. As such, the above mentioned laws and regulations (with the exception of (D) above) are equally applicable in the DIFC.

However, as the DIFC has its own financial services regulator, the Dubai Financial Services Authority (the DFSA), all DFSA regulated entities, will also need to adhere to the requirements outlined in the Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module ("DFSA AML Module") of the DFSA Rulebook. The powers given to the DFSA with regards to supervision in the DIFC over AML, CTF and Sanctions-related issues and the ability to issues rules relating to these are contained in the DIFC Regulatory Law (DIFC Law No. 1 of 2004, as amended). The DFSA AML Module outlines the DFSA’s specific requirements that are in furtherance to the federal laws and regulations outlined above.

Key Proposed Changes under Consultation Paper No. 118

In summary, the proposed changes under Consultation Paper No. 118 are as follows:

  • updating the references in the DIFC Regulatory Law to the updated UAE Federal legislation on AML and CTF (which as outlined above, was updated in 2014)
  • updating references to the Anti-Money Laundering and Suspicious Cases Unit (AMLSCU) of the UAE Central Bank - which is the UAE’s FIU - to its current name, the Financial Intelligence Department (FID)
  • removing Single Family Offices (SFOs) and dealers in high value goods (equal to or greater than USD 15,000) from the DFSA’s definition of Designated Non-Financial Business or Professions (DNFBPs)
  • adding a clear objective throughout the DIFC Regulatory Law for the DFSA to monitor and apply its AML and CTF rules to all ‘Relevant Persons’, which is proposed to include not only DFSA Authorised Firms but Registered Auditors, DNFBPs, or officers, employees or agents of such persons. This is in furtherance of FATF Recommendation 28, which states that all DNFBPs should be subject to regulatory supervision with regards to AML and CTF issues. The proposed changes would enable the DFSA to exclude a person from being a DNFBP if they are not fit and proper to perform the DNFBP function (which is now proposed to specifically address AML and CTF compliance), and
  • emphasising the need for all Relevant Persons (which would include DNFBPs) to have adequate resources and arrangements in place for complying with relevant UAE Federal AML and CTFs laws, which is again, further to FATF Recommendation 28.

Should any applications as a DNFBP be denied by the DFSA or if the DFSA decides to suspend or withdraw a DNFBPs license for reasons of, including but not limited to, a lack of AML and CTF compliance, the applicant or the DNFBP will have the right to refer the matter to the DFSA’s Financial Markets Tribunal (FMT).

In addition to the existing requirement for DNFBP’s to file an Annual AML Return (under Rule 14.5.1 of the DFSA AML Module), there is a proposal for all DNFBPs to also submit an ‘Annual Information Return’ every January 31, which would require the DNFBP to report on, amongst other things:

  • changes to MLRO
  • changes to senior management, in addition to changes to beneficial owners (the former of which is not currently covered specifically under DFSA rules), as well as
  • information relating to the business the DNFBP is engaged in and the volumes of that business.

Whilst it is proposed that there is no need for existing DNFBPs to apply for registration under the new proposed registration rules / requirements, it is proposed that existing DNFBPs would transition by self-certifying (within three months from the date when the proposed amendments take affect) certain matters to the DFSA that would essentially cover the issues addressed in the proposed amendments.

It should be noted that the DFSA issued a “Dear MLRO” letter on 18 December 2017 explaining its expectations that all DNFBPs registered with the DFSA to be in full compliance with the obligations set out in the DFSA AML Module.

Should you have any questions or concerns with regards to the proposed amendments or in relation to AML/CTF compliance in generally, please feel free to contact us.

This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.