Consultation Paper No. 120 follows Consultation Paper No. 118 and is the second phase of proposed changes to the AML framework ahead of the next Mutual Evaluation (ME) report for the UAE by the Financial Action Task Force (FATF) which will take place in the second half of 2019. This article is the continuation of a previous article on Consultation Paper No. 118 (available here).
The aim of these proposed changes is to ensure that the DFSA’s AML regime is compliant with the 2012 FATF Recommendations. Following the DFSA’s initial review of the AML regime in light of the 2012 Recommendations, a new regime covering both Financial Institutions and Designated non-Financial Businesses and Professions (DNFBP) came into effect in July 2013. A further review by the DFSA of the AML regime against the 2012 Recommendations and the UAE Federal AML Legislation (UAE Federal Law No. 4 of 2002 regarding the Criminalisation of Money Laundering, as amended by Federal Law No. 9 of 2014) took place in late 2015 and resulted in changes to enhance certain areas in the DFSA’s AML Module which came into effect in February 2017.
In preparation for the next UAE FATF ME confirmed to take place in the second half of 2019, the DFSA has undertaken a further review of its AML regime to assess whether it meets the 2012 FATF Recommendations. The DFSA consulted in March 2018 in Consultation Paper No. 118 on required changes it identified relating to the DFSA’s AML remit in the DIFC and the DFSA’s regulation and supervision of DNFBPs (please refer to our previous article on Consultation Paper No. 118 - available here). Further required changes to enhance certain areas of the DFSA’s AML regime to ensure compliance with the 2012 FATF Recommendations are set out in Consultation Paper No. 120.
Specific issues to note in Consultation Paper No. 120
Consultation Paper No. 120 outlines three specific issues that should be noted and taken into consideration to understand the rationale behind some of the proposed changes to the Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module (AML) of the DFSA Rulebook. These specific issues are explained below:
The requirement in the 2012 FATF Recommendations to embed elements in primary legislation
There are four elements in the 2012 FATF Recommendations required to be embedded in primary legislation: (a) the overarching concept of Customer Due Diligence (CDD); (b) Record Keeping; (c) the obligation to file Suspicious Transaction Reports (STRs); and (d) tipping off provisions.
The requirements to conduct CDD and retain records are set out in the DFSA’s Regulatory Law 2004 and the obligation to provide STRs and the prohibition against tipping-off are set out in the UAE’s Federal AML Legislation.
The proposed changes in respect of CDD and Record Keeping are addressed below.
The problem with the DFSA Guidance’s indicative nature
Pursuant to Schedule 1 to the Regulatory Law 2004, the DFSA’s Guidance is indicative and not binding. Therefore, it cannot be presented to FATF assessors as part of the evaluation. This is problematic in some situations where the 2012 FATF Recommendations have been referred to within DFSA Guidance and the assessors would be obliged to conclude that the standard is not met. This has resulted in a reassessment by the DFSA of what material should be in the Guidance.
Compliance with Recommendation methodology
The UAE, including the DIFC (the latter of which has its own separate civil and commercial legal and financial services regulatory frameworks), will be evaluated against the most recent FATF Recommendation methodology, which is reviewed and updated on an ongoing basis by the FATF in light of market developments and emerging risks. Therefore, it is important that the DFSA keeps track of updates and accordingly, further enhancements to the AML Module may be required to ensure compliance.
Key proposed changes under Consultation Paper No. 120
In summary, the proposed amendments to the DFSA’s AML Module under Consultation Paper No. 120 are as follows (it should be noted that the following list constitutes a summary only of proposed changes and is therefore not all-inclusive):
- Regarding the requirement to conduct CDD, deleting Guidance Note 15 which provides details of the conditions for the use of numbered accounts or accounts with abbreviated names in relation to the prohibition from keeping anonymous accounts or accounts in obviously fictitious names addressed in AML Rule 6.1.4.
- Setting out the conditions outlined in Guidance Note 15 in new AML Rule 6.1.7 (as well as adding a requirement for persons who have responsibility for identifying and/or monitoring transactions for suspicious activities, to have full information about such account holders).
- Amending AML Rule 7.3.1(2) to introduce the requirement in FATF Recommendation 10.4 for financial institutions to verify that any person purporting to act on behalf of the customer is authorised to do so, and to identify and verify the identity of that person.
- Clarifying the approach to identification of ultimate beneficial owners to fully comply with FATF Recommendation 10.5, by amending AML Rule 7.3.1, and introducing new AML Rules 7.3.3 to 7.3.6, in order to clarify the obligations relating to identifying and verifying a beneficial owner. This includes outlining the steps taken to identify the ultimate beneficial owner(s) of a legal person, such as a body corporate, or foundation, and legal arrangements, such as a trust or similar legal arrangement.
- Amending the existing DFSA rules regarding specific CDD measures for legal persons and legal arrangements, and for beneficiaries of life insurance policies, in light of the above.
- Adding to AML Rule 7.2.2(4) a general requirement for DFSA "Relevant Persons" to put in place specific risk management procedures, relating to the conditions under which a customer may utilise a business relationship prior to verification, to be made in-line with FATF Recommendation 10.15.
- In relation to ongoing CDD, adding a new AML Rule 7.6.1(2) to specify that the reviews by a DFSA "Relevant Person" of the pre-existing customer base required under AML Rules 7.6.1 (d) and (e) must be carried out "periodically" and at other "appropriate times" in order to reflect the requirement set-out in FATF Recommendation 10.16.
- Making minor changes to the current risk-based approach in light of FATF Recommendation 10.18, such as removing AML Rule 7.5.1(1)(c) and Guidance Note 3 to AML Rule 7.5, which permits simplified CDD to include “deciding not to verify an identified beneficial owner”.
- Removing the requirement in AML Rules 7.3.1(b) and (c) for a DFSA "Relevant Person" to understand a customer’s Source of wealth (SoW) and Source of funds (SoF) when carrying out CDD.
Amending AML Rule 14.4.1 to include a requirement for DFSA "Relevant Persons" to maintain all necessary information on records of transactions and including examples of what types of records are expected to be retained under this requirement to be more in line with FATF Recommendation 11.
Adding a new AML Rule 5.1.3 to explain what is expected of DFSA "Relevant Persons" when developing new products, practices and technologies in order to fully address the requirement set down in FATF Recommendation 15.
- amending AML Rule 9.3 to update and enhance the approach to electronic fund transfers and ensure compliance with FATF Recommendation 16, the objective of which is to prevent terrorists and other criminals from having unfettered access to wire transfers for moving their funds, and for detecting such misuse when it occurs, and
- including new headings to clarify the requirements applying to the different institutions facilitating or participating in wire transfers.
Reliance on third parties
Deleting Guidance Note 6 to AML Rule 8.1.1 and including in a new AML 8.1.2 the list of factors a DFSA "Relevant Person" may consider when assessing if AML regulations in another jurisdictions are equivalent to FATF standards (see FATF Recommendation 17).
Internal controls and foreign branches and subsidiaries
- amending AML Rules 14.1.1(2) and (3), and aligning them with FATF Recommendation 18.3, to require DFSA "Relevant Persons" to ensure that their foreign branches and majority-owned subsidiaries apply AML/CTF measures consistent with the requirements in the DIFC, where the minimum AML/CTF requirements of the host country are less strict than those of the home country, and
- imending AML Rule 14.2.1(a) to include a positive obligation for policies, controls and procedures for sharing information in the group.
Higher risk countries
Amending AML Rules and Guidance Notes in-line with FATF Recommendation 19, relating to the enhanced CDD measures that financial institutions should apply to business relationships and transactions from "higher risk" countries.
Transparency and beneficial ownership of legal arrangements
Amending Rule 5.9.1 of the Conduct of Business Module (“COB”) of the DFSA Rulebook, to set down the requirement that Trust Service Providers must hold sufficient information about service providers and agents engaged on behalf of the trust, as referenced in FATF Recommendation 25.1(b).
Should you have any questions or concerns with regards to the proposed amendments or in relation to AML/CTF compliance in general, please contact us.
This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.