(AML-CFT Decision Articles 4.2(a), 4.2(b)(5), 8.1(a), 15.1(b) and 15.2, 17.3, 21.3, 25.1(d))
A cornerstone of any sound governance structure, including those related to AML/CFT compliance, is senior management involvement and accountability. The members of an FI’s senior management (together with the members of the board of directors in those organisations that have one) are ultimately responsible for the quality, strength and effectiveness of the FI’s AML/CFT framework, as well as for the robustness of its compliance culture. In this regard, an FI’s senior management should set the ML/FT risk appetite and a proper “tone at the top,” by demonstrating their commitment to ensuring an effective AML/CFT compliance programme is in place, and by clearly articulating their expectations with regard to the responsibilities and accountability of all staff members in relation to it.
Under the AML/CFT legal and regulatory framework of the UAE, the senior management of all FIs are responsible for performing certain functions related to the assessment, management and mitigation of the ML/FT risks to which their organisations are exposed. These responsibilities can be grouped broadly into categories which include:
| • | Implementation of governance, control, and operating systems. These include such elements as:
| - | Appointing a qualified compliance officer in line with the requirements of the relevant Supervisory Authority; | | - | Ensuring a robust and effective independent audit function is in place; | | - | Putting in place and monitoring the implementation of adequate management and information systems, internal controls, and policies, procedures to mitigate risks.
|
|
| • | Approval of internal policies, procedures and controls. These include such elements as the FI’s overall ML/FT risk appetite as well as the framework of AML/CFT policies, procedures and controls related to areas such as:
| - | Identification, assessment, understanding, management and mitigation of ML/FT risks; | | - | Performance, review and updating of CDD (including EDD and SDD) measures; | | - | Identification and implementation of indictors to identify suspicious transactions; | | - | Record retention and data protection; | | - | Staff screening, training and development.
|
|
| • | Oversight of the AML/CFT compliance programme. This includes such elements as:
| - | Reviewing and providing comments in relation to the compliance officer’s semi-annual reports to the relevant Supervisory Authority; | | - | Approving the establishment and continuance of High Risk Customer Business Relationships and their associated transactions, including those with PEPs; | | - | Approving the establishment and continuance of Business Relationships involving high-risk countries; | | - | Approving the establishment and continuance of relationships with correspondent institutions; | | - | Ensuring the adequate application of the appropriate components of the AML/CFT compliance programme to all branches and majority-owned subsidiaries, including those operating in foreign jurisdictions.
|
|
| • | Application of the directives of Competent Authorities. This includes such elements as:
| - | Applying the directives of Competent Authorities for implementing UN Security Council decisions under Chapter VII of the Charter of the United Nations, and other related directives, including Cabinet Decision (74) of 2020 Regarding Terrorism Lists Regulation and Implementation of UN Security Council Resolutions On the Suppression and Combating of Terrorism, Terrorists Financing & Proliferation of Weapons of Mass Destruction, and Related Resolutions; | | - | Implementing CDD measures defined by the National Committee for Combating Money Laundering and the Financing of Terrorism and Illegal Organisations, regarding High Risk Countries.
|
|