Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation of Decree Law No. (20) of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations

Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation of Decree Law No. (20) of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations
IA-BOD-RES 10/2019 Effective from 10/2/2019
The Cabinet,
- Pursuant to the perusal of the Constitution;
- Federal Law No. (1) of 1972 concerning the Competencies of Ministries and Powers of the Ministers and its amendments;
- Federal Decretal-Law No. (20) of 2018 on Anti- Money Laundering and Combating the Financing of Terrorism and Illegal Organisations; and
Based on the proposal of the Minister of Finance and the approval of the Cabinet,
Has issued the following:

Chapter 1 Definitions

Article (1)
In application of the provisions of this Resolution, the following terms and expressions shall have the following meanings assigned to them unless the context requires otherwise:
State: United Arab Emirates
Minister: Minister of Finance
Central Bank: Central Bank of the United Arab Emirates
Governor: Governor of the Central Bank
Committee: National Committee for Combating Money Laundering and the Financing of Terrorism and Illegal Organizations
Unit: Financial Intelligence Unit.
Supervisory Authority: Federal and local authorities entrusted by legislation to supervise the Financial Institutions, the designated non-financial businesses professions, Virtual Asset Service Providers and non-profit organizations or the competent authority in charge of approving the exercise of an activity or a profession if the legislation does not specify the relevant regulatory authority
Law-enforcement Authorities: Federal and local authorities entrusted under applicable legislation to conduct combat, search, investigate and collect evidences on crimes including AML/CFT crimes and financing illegal organizations.
Competent Authorities: Concerned government authorities that are in charge of implementing any provision of the Decree Law in the State.
Predicate Offence: Any act constituting a felony or misdemeanor under the applicable legislation of the State, whether committed inside or outside the State, when such act is punishable in both countries.
Money Laundering: Any of the acts mentioned in Clause (1) of Article (2) of the Decree-Law.
Financing of Terrorism: Any of the acts mentioned in Articles nos. (29 and 30) of Federal Law no. (7) of 2014 on Combating Terrorism Offences.
Illegal Organizations: Organizations whose establishment is criminalized, or which exercise a criminalized activity.
Financing Illegal Organizations: Any physical or legal action aiming at providing funding to an illegal organization, or any of its activities or its members.
Crime: Money laundering crime and related predicate offences, or financing of terrorism or illegal organizations.
Funds: Assets, regardless of the manner in which they are earned, their type or their form, whether tangible or intangible, movable or immovable, electronic, digital or encrypted, including national and foreign currencies, legal documents and instruments of whatever form, including electronic or digital forms that prove the ownership of these assets, shares or related rights and economic resources that are assets of any kind, including natural resources. As well as bank credits, cheques, payment orders, shares, securities, bonds, bills of exchange, letters of credit, and any interest, dividends or other incomes derived or resulting from these assets, and can be used to obtain any financing or goods or services.
Virtual Assets: A digital representation of the value that can be digitally traded or transferred, and can be used for payment or investment purposes, and do not include digital representations of fiat currencies, securities, or other funds.
Proceeds: Funds generated directly or indirectly from the commitment of any felony or misdemeanor including profits, benefits, and economic interests, or any similar funds converted wholly or partly into other funds.
Means: Any means used or intended to be used to commit a felony or misdemeanor.
Suspicious Transactions: Transactions related to funds for which there are reasonable grounds to believe that they are earned from any felony or misdemeanor or related to the financing of terrorism or of illegal organizations, whether committed or attempted.
Freezing or seizure: Temporary attachment over the moving, conversion, transfer, replacement or disposition of funds in any form, by an order issued by a competent authority.
Confiscation: Permanent expropriation of private funds or proceeds or instrumentalities by a judgment issued by a competent court.
Financial Institutions: Whoever conducts one or more of the financial activities or transactions in for or on behalf of a client.
Financial Intermediary: The financial institution that receives and transfers a wire transfer between the financial institution issuing the transfer and the beneficiary financial institution or another financial intermediary.
The beneficiary financial institution: the financial institution that receives a wire transfer from the financial institution issuing the transfer directly or through an financial intermediary institution, and provides the money available to the beneficiary.
Financial activities or operations: any activity or operation or more of what is stipulated in Article no. (2) of this Resolution.
Designated Nonfinancial Businesses and Professions: Whoever conducts one or more of the commercial or professional activities defined in Article no. (3) of this Resolution.
Non-Profit Organizations: Any organized group, of a continuing nature set for a temporary or permanent period, comprising natural or juridical persons or a legal arrangement not seeking profit, that collects, receives or disburses funds for charitable, religious, cultural, educational, social, communal or any other charitable activities.
Legal Arrangement: the relationship established by means of a contract concluded between two or more parties, including but not limited to trust funds or other similar arrangements.
Trust Fund: A legal relationship whereby the trustee places funds under which the trustor places the funds under the control of the trustee for the account of a beneficiary or for particular purpose , and deemed to be Funds independent of the trustee's property. The right of the trustor’s Funds remains in the name of the trustor or in the name of another person on behalf of the trustor.
Trustor: A natural or juridical person who transfers the management of his funds to a trustee under a document.
Trustee: A natural or juridical person enjoying the rights and powers granted to it by the Trustor, under which he manages, uses and disposes of the trustor’s funds in accordance with the terms imposed on him by either of them.
Client: Any person who carries out or attempts to carry out any of the activities specified in Articles nos. (2) and (3) of this Resolution with a Financial Institutions or designated non-financial businesses and professions or Virtual Asset Service Providers
Transaction: Any disposal or use of Funds or proceeds including for example: deposits, withdrawals, transfer, sale, purchase, lending, swap, mortgage, and donation.
Real Beneficiary : The natural person who owns or exercises effective ultimate control, whether directly or indirectly, over a client or the natural person on whose behalf a transaction is being conducted or a person who exercises effective ultimate control over a juridical person or legal arrangement, whether directly or through a chain of ownership, or control or other indirect means.
Virtual Asset Service Providers: Any natural or juridical person, who conducts any activity of commercial business, conducts one or more of the activities of virtual assets for the benefit or on behalf of another natural or legal person in any of the following activities:
1- Exchange between virtual assets and fiat currencies.
2- Exchange between one or more types of virtual assets.
3- Transfer of virtual assets.
4- Saving or managing virtual assets or tools that enable control of virtual assets.
5- Providing financial services or activities related to an issuer’s offer or, selling or participating in virtual assets.
Business relationship: Any ongoing business or financial relationship arising between Financial Institutions or Designated Non-Financial Business or Professions, and their client related to the activities or services they provide thereto.
Correspondent banking relationship: relationship between a correspondent financial institution and a recipient institution through a current account, or any other type of account or any other associated service therewith, including the correspondent relationship arising for securities transactions or money transfer.
Intermediary Payment Accounts: correspondent account used directly by a third party to perform transactions for its account.
Financial Group: A group of Financial Institutions consisting of a holding company or other juridical person that exercises control over the rest of the group and coordinates the functions in order to control at the level of the group and its branches and subsidiaries, in accordance with the international basic principles of financial control and the policies and procedures for AML/CFT.
Fundamental Principles of International Financial Control: Principles of the Basel Committee for Effective Banking Supervision Nos. (1, 2, 3, 5 to 9, 11 to 15, 26 and 29), the Principles of the International Association of Insurance Supervisors (IAIS). (1, 3 to 11, 18, 21 to 23, 25), and the Principles of the International Organization of Securities Commissions (IOSCO) Nos. (24, 28, 29 and 31) and Responsibilities (A, B, C, and D).
Wire Transfer: A financial transaction carried out by a financial institution itself or through an intermediary institution, on behalf of a sender, through which funds are delivered to a beneficiary in another financial institution, whether the sender and the beneficiary are the same person or others.
Fictitious Bank: A bank registered or licensed in a state that has no physical presence therein, does not belong to a regulated and supervised financial group..
Registrar: entity in charge of supervising the register of commercial names for all types of establishments registered in the State.
Due Diligence Measures: The process of identifying or verifying the information of the Client or the real Beneficiary owner, whether a natural, juridical person or a legal arrangement, and the nature of its activity, and the purpose of the business relationship, and the ownership structure, control over it for the purpose of the Decree-Law and this Resolution.
Controlled Delivery: process by which a competent authority allows the entery or transferring of illegal or suspicious funds or crime revenues to and from the State for the purpose of investigating a crime or identifying the identity of its perpetrators.
Undercover Operation: process of search and investigation conducted by one of the judicial officer by impersonating or playing a disguised or false role in order to obtain evidence or information related to the Crime.
High Risk Client: A Client who represents a risk, either in person , or through his activity, business relationship, its nature or his geographical area, such as a Clientclient from high-risk countries, or non-resident in a country for which does not have an identity card, or of a complex structure, or who carries out complex or unclear operations with an economic or legal purpose, or carries out intensive cash transactions, operations with an unknown third party, or conduct operations without direct confrontation, or any other high-risk operations specified by Financial Institutions, Designated Non-Financial Businesses and Professions, or the Regulatory authority.
Politically exposed persons: Natural persons who are or have been entrusted with prominent functions in the State or in any other State, such as heads of State or Government, senior politicians, high-ranking government officials, judicial or military officials, senior executives of State-owned enterprises, senior officials of political parties, and persons who are or have been entrusted with the management or any other prominent function of international organizations. The definition shall include the following:
1. The immediate family members of the politically exposed person, namely spouses, children, their spouses, and parents.
2. Partners known to be close to the Politically Exposed Person, namely:
  1. Persons having joint ownership of a juridical person, or legal arrangement or any close business relationship with the politically exposed person.
  2. Persons having the exclusive ownership of a single of a juridical person or legal arrangement established for the benefit of the politically exposed person.
Decree-Law: Federal Decree-Law No. (20) of 2018 on Combating Money Laundering and the Financing of Terrorism and Illegal Organizations, and its amendments.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
In application of the provisions of the present Decision, the following terms and expressions shall have the meanings assigned to them unless the context requires otherwise:
State: United Arab Emirates
Minister: Minister of Finance
Central Bank: Central Bank of United Arab Emirates
Governor: Governor of the Central Bank
Committee: National Committee for Anti- Money Laundering and Combating the Financing of Terrorism and Illegal Organisations.
FIU: Financial Intelligence Unit
Supervisory Authority: Federal and local authorities, which are entrusted by legislation to supervise Financial Institutions, Designated Non-Financial Businesses and Professions and Non-Profit Organisations or the competent authority in charge of approving the pursuit of an activity or a profession in case a supervisory authority is not assigned by legislations.
Law Enforcement Authorities: Federal and local authorities which are entrusted under applicable legislation to combat, search, investigate and collect evidences on the crimes including ML/FT and financing illegal organisations crimes.
Competent Authorities: The competent government authorities entrusted with the implementation of any provision of the Decretal-Law in the State.
Predicate Offence: Any act constituting an felony or misdemeanour under the applicable laws of the State whether this act is committed inside or outside the State when such act is punishable in both countries.
Money Laundering: Any of the acts mentioned in Clause (1) of Article (2) of the Decretal-Law.
Financing of Terrorism: Any of the acts mentioned in Articles (29) and (30) of Federal Law no. (7) of 2014 on combating terrorism offences.
Illegal Organisations: Organisations whose establishment is criminalised or which pursue a criminalised activity.
Financing of Illegal Organisations: Any physical or legal action aiming at providing funding to an illegal organisation, or any of its activities or members.
Crime: Money laundering crime and related Predicate Offences, or Financing of Terrorism or Illegal Organisations.
Funds: Assets in whatever form, whether tangible, intangible, movable or immovable including national currency, foreign currencies, documents or notes evidencing the ownership of those assets or associated rights in any form including electronic or digital forms or any interests, profits or income originating or earned from these assets.
Proceeds: Funds generated directly or indirectly from the commitment of any felony or misdemeanour including profits, privileges, and economic interests, or any similar funds converted wholly or partly into other funds.
Means: Any means used or intended to be used for the commission of an offence or felony.
Suspicious Transactions: Transactions related to funds for which there are reasonable grounds to suspect that they are earned from any felony or misdemeanour related to the financing of terrorism or of illegal organisations, whether committed or attempted.
Freezing or Seizure: Temporary restriction over the moving, conversion, transfer, replacement or disposition of funds in any form, by an order issued by a Competent Authority.
Confiscation: Permanent expropriation of private funds or proceeds or instrumentalities by an injunction issued by a competent court.
Financial Institutions: Anyone who conducts one or several of the financial activities or operations of /or on behalf of a Customer.
Intermediary Financial Institution: The Financial Institution that receives and sends wire transfer between the Ordering Financial Institution and the Beneficiary Financial institution or another Intermediary Financial Institution.
Beneficiary Financial Institution: The Financial Institution that receives a wire transfer from an Ordering Financial Institution directly or indirectly via an Intermediary Financial Institution and makes funds available to the beneficiary.
Financial Transactions or Activities: Any activity or transaction defined in Article (2) of the present Decision.
Designated Nonfinancial Businesses and Professions (DNFBPs): Anyone who conducts one or several of the commercial or professional activities defined in Article (3) of the present Decision.
Non-Profit Organisations (NPOs): Any organised group, of a continuing nature set for a temporary or permanent time period, comprising natural or legal persons or not for profit legal arrangements for the purpose of collecting, receiving or disbursing funds for charitable, religious, cultural, educational, social, communal or any other charitable activities.
Legal Arrangement: A relationship established by means of a contract between two or more parties which does not result in the creation of a legal personality such as trusts or other similar arrangements.
Trust : A legal relationship in which a settlor places funds under the control of a trustee for the interest of a beneficiary or for a specified purpose. These assets constitute funds that are independent of the trustee's own estate, and the rights to the trust assets remain in the name of the settlor or in the name of another person on behalf of the settlor.
Settlor: A natural or legal person who transfers the control of his funds to a Trustee under a document.
Trustee: A natural or legal person who has the rights and powers conferred to him by the Settlor or the Trust, under which he administers, uses, and acts with the funds of the Settlor in accordance with the conditions imposed on him by either the Settlor or the Trust.
Customer: Anyone who performs or attempts to perform any of the acts defined in Articles (2) and (3) of the present Decision with any Financial Institution or Designated Non-Financial Business or Profession.
Transaction: All disposal or use of Funds or proceeds including for example: deposit, withdrawal, conversion, sale, purchase, lending, swap, mortgage, and donation.
Beneficial Owner: The natural person who owns or exercises effective ultimate control, directly or indirectly, over a Customer or the natural person on whose behalf a Transaction is being conducted or, the natural person who exercises effective ultimate control over a legal person or Legal Arrangement.
Business Relationship: Any ongoing commercial or financial relationship established between financial institutions, designated non-financial businesses and professions, and their Customers in relation to activities or services provided by them.
Correspondent Banking Relationship: Relationship between a correspondent financial institution and a respondent one through a current account or any other type of account(s) or through a service related to such an account and includes a corresponding relationship established for the purpose of securities transactions or transfer of funds.
Intermediary Account: Corresponding account used directly by a third party to conduct a transaction on its own behalf.
Financial Group: A group of financial institutions that consists of holding companies or other legal persons exercising the control over the rest of the group and coordinating functions for the application of supervision on the group, branch, and subsidiary level, in accordance with the international core principles for financial supervision, and AML/CFT policies and procedures.
Core Principles for Financial Supervision: Basel Committee on Banking Supervision (BCBS) Principles 1-3, 5-9, 11-15, 26, and 29; International Association of Insurance Supervisors (IAIS) Principles 1, 3-11, 18, 21-23, and 25; and International Organisation of Securities Commission (IOSCO) Principles 24, 28, 29 and 31; and Responsibilities A, B, C and D.
Wire Transfer: Financial transaction conducted by a financial institution or through an intermediary institution on behalf of a transferor whose funds are received by a beneficiary in another financial institution, whether or not the transferor and the beneficiary are the same person.
Shell Bank: Bank that has no physical presence in the country in which it is incorporated and licensed, and is unaffiliated with a regulated financial group that is subject to effective consolidated supervision.
Registrar: The entity in charge of supervising the register of commercial names for all types of establishments registered in the State.
Customer Due Diligence (CDD): Process of identifying or verifying the information of a Customer or Beneficial Owner, whether a natural or legal person or a legal arrangement, and the nature of its activity and the purpose of the business relationship and the ownership structure and control over it for the purposes of the Decretal-Law and this Decision.
Controlled Delivery: The process by which a competent authority allows the entering or transferring of illegal or suspicious funds or crime revenues to and from the UAE for the purpose of investigating a crime or identifying the identity of its perpetrators.
Undercover Operation: The process of search and investigation conducted by one of the judicial impoundment officers by impersonating or playing a disguised or false role in order to obtain evidence or information related to the Crime.
High Risk Customer: A Customer who represents a risk either in person, activity, business relationship, nature of geographical area, such as a Customer from a high-risk country or non-resident in a country in which he does not hold an identity card, or a costumer having a complex structure, performing complex operations or having unclear economic objective, or who conducts cash-intensive operations, or operations with an unknown third party, or operations without directly confronting any other high risk operations identified by financial institutions, or designated non-financial businesses and professions, or the Supervisory Authority.
Politically Exposed Persons (PEPs): Natural persons who are or have been entrusted with prominent public functions in the State or any other foreign country such as Heads of States or Governments, senior politicians, senior government officials, judicial or military officials, senior executive managers of state-owned corporations, and senior officials of political parties and persons who are, or have previously been, entrusted with the management of an international organisation or any prominent function within such an organisation; and the definition also includes the following:
1. Direct family members (Of the PEP, who are spouses, children, spouses of children, parents).
2. Associates known to be close to the PEP, which include:
  
  Individuals having joint ownership rights in a legal person or arrangement or any other close business relationship with the PEP.
  
  Individuals having individual ownership rights in a legal person or arrangement established in favour of the PEP.
Decretal- Law: Federal Decretal-Law No. (20) of 2018 on Anti- Money Laundering and Combating the Financing of Terrorism and Illegal Organisations.

Chapter 2 Financial Institutions, Designated Non-Financial Businesses and Professions, Virtual Asset Service Providers and Non-Profit Organizations
This title has been amended by Cabinet Resolution No. (24) of 2022.

Part 1 Financial Institutions and DNFBPs

Section 1

Article (2) Activities and Transactions of Financial Institutions and DNFBPs
The following shall be considered as Financial Activities and Operations:
1- Receipt of deposits and other payable funds by the public, including Shariah-compliant deposits.
2- Provision of private banking services.
3- Provision of credit facilities of all types.
4- Provision of Financing facilities of all types, including Shariah-complaint Financing facilities.
5- Provision of monetary intermediary services.
6- Financial transactions in securities, financing and financial leasing.
7- Provision of exchange and money transfer services.
8- Issuance and management of means of payment, guarantees or obligations.
9- Provision of stored values services, retail e-payments and digital cash services.
10- Provision of virtual banking services.
11- Trading in, investment, operation or management of funds, options and future financial contracts, exchange rate and interest rate operations, and other financial derivatives or negotiable instruments.
12- Participation in issuing securities and providing of financial services related to these issues
13- Management of funds and portfolios of all kinds
14- Custody of Funds
15- Preparing or marketing financial activities.
16- Direct insurance operations, reinsurance operations for the type and branches of personal insurance, and money making operations in insurance companies, insurance brokers and agents.
17- Any other financial activity or transaction specified by the Supervisory Authority.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
The following are considered financial activities and transactions:
1. Receiving deposits and other funds that can be paid by the public, including deposits in accordance with Islamic Sharia
2. Providing private banking services
3. Providing credit facilities of all types
4. Providing credit facilities of all types, including credit facilities in accordance with Islamic Sharia
5. Providing cash brokerage services
6. Financial transactions in securities, finance and financial leasing
7. Providing currency exchange and money transfer services
8. Issuing and managing means of payment, guarantees or obligations
9. Providing stored value services, electronic payments for retail and digital cash.
10. Providing virtual banking services
11. Trading, investing, operating or managing funds, option contracts, future contracts, exchange rate and interest rate transactions, other derivatives or negotiable financial instruments
12. Participating in issuing securities and providing financial services related to these issues
13. Managing funds and portfolios of all kinds
14. Saving funds
15. Preparing or marketing financial activities
16. Insurance transactions, in accordance with Federal Law No. (6) of 2007 concerning the Establishment of the Insurance Authority and the Organisation of its Operations
17. Any other activity or financial transaction determined by the Supervisory Authority

Article (3)
Anyone who is engaged in the following trade or business activities shall be considered a DNFBP:
1. Brokers and real estate agents when they conclude operations for the benefit of their Customers with respect to the purchase and sale of real estate
2. Dealers in precious metals and precious stones in carrying out any single monetary transaction or several transactions that appear to be interrelated or equal to more than AED 55,000.
3. Lawyers, notaries, and other independent legal professionals and independent accountants, when preparing, conducting or executing financial transactions for their Customers in respect of the following activities:
  1. Purchase and sale of real estate.
  2. Management of funds owned by the Customer.
  3. Management of bank accounts, saving accounts or securities accounts.
  4. Organising contributions for the establishment, operation or management of companies.
  5. Creating, operating or managing legal persons or Legal Arrangements.
  6. Selling and buying commercial entities.
4. Providers of corporate services and trusts upon performing or executing a transaction on the behalf of their Customers in respect of the following activities:
  1. Acting as an agent in the creation or establishment of legal persons;
  2. Working as or equipping another person to serve as director or secretary of a company, as a partner or in a similar position in a legal person.
  3. Providing a registered office, work address, residence, correspondence address or administrative address of a legal person or Legal Arrangement.
  4. Performing work or equipping another person to act as a trustee for a direct Trust or to perform a similar function in favour of another form of Legal Arrangement.
  5. Working or equipping another person to act as a nominal shareholder in favour of another person.
5. Other professions and activities which shall be determined by a decision of the Minister

Section 2 Identification and Mitigation of Risks

Article (4)
1. Financial Institutions and Designated Non-Financial Businesses and Professions shall identify, evaluate and understand their crime risks, in a manner commensurate with the nature and size of their business and shall abide by the following:
  1. Observing all relevant risk factors such as risks of Clients, countries or geographical areas, products, services, operations and their delivery channels before determining the overall risk level and the appropriate level of risk reduction measures to be applied Client.
  2. Documenting and continually updating risk assessments and providing them upon request.
2. Financial Institutions and Designated Non-Financial Businesses and Professions shall undertake to reduce the risks identified under Clause no 1) of this Article, taking into account the results of the national risk assessment, through the following:
  1. Developing internal policies, controls and procedures commensurate with the nature and size of its business approved by the senior management, which enable it to manage the identified risks and follow up their implementation and strengthen them if necessary, in accordance with Article no. (20) of this Resolution.
  2. Taking enhanced due diligence measures to manage high risks when identified, including the following for example:
    1. Obtaining and verifying further information as information on the identity of the Client, the beneficial owner, his/ her profession, and the amount of funds and information available through public databases and open sources.
    2. Obtaining additional information about the purpose of the business relationship or the reasons for the operations expected or actually performed.
    3. Updating Client Due Diligence (CDD) information in a more regular manner about the Client and the beneficial owner.
    4. Applying reasonable measures to determine the source of funds and wealth of the Client and the beneficial owner.
    5. Increasing the degree and level of continuous monitoring of the business relationship in order to determine whether they look unusual or suspicious, and to select patterns of operations that need further examination and review.
    6. Make the first payment through an account in the Client's name at a financial institution subject to similar due diligence standards.
    7. Obtain senior management approval to start or continue the business relationship with the Clientclient.
3. If the requirements indicated in clauses nos. (1) and (2) of this Article are met, the Financial Institutions and Designated Non-Financial Businesses and Professions may apply simplified due diligence measures to manage and reduce risks when low risks are identified, unless there is a suspicion of a crime has been committed. Simplified due diligence measures must be commensurate with low risk elements, including the following for example:
  1. Verifying the Clientclient’s identity and the real beneficiary owner after starting the business relationship.
  2. Updating Clientclients’ data at intervals.
  3. Reducing the rate of continuous monitoring rate and examination operations.
  4. Inferring the purpose and nature of the business relationship from the type of the established transactions or business relationship, without the need to collect information or undertake specific procedures.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial institutions and DNFBPs are required to identify, assess, and understand their crime risks in concert with their business nature and size, and comply with the following:
  
  Considering all the relevant risk factors such as customers, countries or geographic areas; and products, services, transactions and delivery channels, before determining the level of overall risk and the appropriate level of mitigation to be applied.
  
  Documenting risk assessment operations, keeping them up to date on on-going bases and making them available upon request.
2. Financial Institutions and DNFBPs shall commit to take steps to mitigate the identified risks mentioned as per Clause (1) herein, taking into consideration the results of the National Risk Assessment, by the following:
  
  Developing internal policies, controls and procedures that are commensurate with the nature and size of their business and are approved by senior management, to enable them to manage the risks that have been identified, and if necessary, to monitor the implementation of such policies, controls and procedures and enhance them as per Article (20) of the present Decision.
  
  Applying CDD measures to enhance high risks management once identified. Examples include:
  
  Obtaining more information and investigating this information such as information relating to the Customer and Beneficial Owner identity, or information relating to the purpose of the business relationship or reasons of the transaction.
  
  Updating the CDD information of the Customer and Beneficial Owner more systematically.
  
  Taking reasonable measures to identify the source of the funds of the Customer and Beneficial Owner.
  
  Increasing the degree and level of ongoing business relationship monitoring and examination of transactions in order to identify whether they appear unusual or suspicious.
  
  Obtaining the approval of senior management to commence the business relationship with the Customer.
3. In case the requirements stipulated in Clauses (1 and 2) above are met, the Financial Institutions and DNFBPs shall be permitted to apply simplified CDD measures to manage and limit the identified low risks, unless there is suspicion of a committed Crime. The simplified CDD measures should be commensurate with the low risk factors. These include the following, as examples:
  Verifying the identity of the Customer and Beneficial Owner after establishing the business relationship.
  
  Updating the Customer’s data based on less frequent intervals.
  
  Reducing the rate of ongoing monitoring and transaction checks.
  
  Concluding the purpose and nature of the business relationship based on the type of transactions or the business relationship that has been established, without the need to gather information or performing specific procedure.

Section 3 Customer Due Diligence (CDD)

Article (5)
1. Financial Institutions and DNFBPs are required to undertake CDD measures to verify the identity of the Customer and the Beneficial Owner before or during the establishment of the business relationship or opening an account, or before executing a transaction for a Customer with whom there is no business relationship. And in the cases where there is a low crime risk, it is permitted to complete verification of Customer identity after establishment of the business relationship, under the following conditions:
  1. The verification will be conducted in a timely manner as of the commencement of business relationship or the implementation of the transaction.
  2. The delay is necessary in order not to obstruct the natural course of business.
  3. The implementation of appropriate and effective measures to control the risks of the Crime.
2. Financial Institutions and DNFBPs are required to take measures to manage the risks in regards to the circumstances where Customers are able to benefit from the business relationship prior to completion of the verification process.

Article (6)
Financial Institutions and DNFBPs should, as the case may be, undertake CDD measures in the following cases:
1. Establishing the business relationship;
2. Carrying out occasional transactions in favour of a Customer for amounts equal to or exceeding AED 55,000, whether the transaction is carried out in a single transaction or in several transactions that appear to be linked;
3. Carrying out occasional transactions in the form of Wire Transfers for amounts equal to or exceeding AED 3,500.
4. Where there is a suspicion of the Crime.
5. Where there are doubts about the veracity or adequacy of previously obtained Customer's identification data.

Article (7)
Financial Institutions and DNFBPs should undertake CDD measures and ongoing supervision of business relationships, including:
1. Audit transactions that are carried out throughout the period of the business relationship, to ensure that the transactions conducted are consistent with the information they have about Customer, their type of activity and the risks they pose, including - where necessary - the source of funds
2. Ensure that the documents, data or information obtained under CDD Measures are up-to-date and appropriate by reviewing the records, particularly those of high-risk customer categories

Article (8)
1. Financial Institutions and Designated Non-Financial Businesses and Professions shall recognize the identity of Client the client, whether permanent or occasional, and whether he/ she is a natural or juridical person or a legal arrangement they must also verify his/ her identity, using original documents, data or information from a reliable and independent source, as follows:
  1. As for natural persons:
    
    Name as shown in the identity or travel document, the nationality, the address, the place of birth and, where applicable, the name and address of the employer, with an attached original copy of the valid identity card or travel document.
  2. As for juridical persons and legal arrangements:
    1. the Name, the legal form, and Articles of Incorporation.
    2. The address of the head office or the principal place of business, and if the person is a foreigner, the name and address of his/ her legal representative in the state, if any, shall be stated and the relevant supporting documents shall be submitted.
    3. Articles of Association or any other similar approved documents.
    4. The names of the relevant persons who hold senior management positions with the juridical person or legal arrangement.
2. Financial Institutions and Designated Non-Financial Businesses and Professions shall verify that any person who is acting on behalf of the ClientClient is authorized to do so, and shall identify such person in the manner provided for in clause no. (1) of this article.
3. Financial Institutions and Designated Non-Financial Businesses and Professions shall understand the purpose and nature of the business relationship and obtain information related to this purpose when needed.
4. Financial Institutions and Designated Non-Financial Businesses and Professions shall understand the nature of the Clientclient's business and the ownership and control structure of the Client.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial Institutions and DNFBPs should identify the Customer’s identity, whether the Customer is permanent or walk-in, and whether the Customer is a natural or legal person or legal arrangement, and verify the Customer’s identity and the identity of the Beneficial Owner. This should be done using documents, data or information from a reliable and independent source or any other source to verify the identity verification as follows:
  
  For Natural Persons:
  
  The name, as in the identification card or travel document, nationality, address, place of birth, name and address of employer, attaching a copy of the original and valid identification card or travel document, and obtain approval from the senior management, if the Customer or the Beneficial Owner is a PEP.
  
  For Legal Persons and Legal Arrangements:
  
  The name, Legal Form and Memorandum of Association
  
  Headquarter office address or the principal place of business; if the legal person or arrangement is a foreigner, it must mention the name and address of its legal representative in the State and submit the necessary documents as a proof.
  
  Articles of Association or any similar documents, attested by the competent authority within the State.
  
  Names of relevant persons holding senior management positions in the legal person or legal arrangement.
2. Financial institutions and DNFBP’s are required to verify that any person purporting to act on behalf of the Customer is so authorised, and verify the identity of that person as prescribed in Clause (1), of this Article.
3. Financial institutions and DNFBP’s are required to understand the intended purpose and nature of the business relationship, and obtain, when necessary, information related to this purpose.
4. Financial institutions and DNFBP’s are required to understand the nature of the Customer’s business as well as the Customer’s ownership and control structure.

Article (9)

Financial Institutions and Designated Non-Financial Businesses and Professions shall take reasonable measures that take the risks of crime arising from the client Client and business relationship into account, to identify and verify the beneficial owner of juridical persons and legal arrangements, using documents, data or information obtained from a reliable and independent source, as follows:

1. ClientClients from among juridical persons :

a-	Obtaining the identity of the natural person, whether he/ she works alone or with another person who has an actual controlling share or equity in the juridical person by (25%) or more.
b-	In case of doubt as to the identity of the natural person in accordance with the preceding clause, or as to whether the natural person who has a controlling share or equity is the beneficial owner, or where no natural person exercises control through the equity, the natural person who exercises actual or legal control over the juridical person or legal arrangement shall be identified through any other direct or indirect means.
c-	If no natural person is identified under paragraphs nos. (a) and (b) of this clause, the natural person in question holding the position of Senior Management Officer, whether one or more persons, shall be identified.

2. ClientClients from among Legal arrangements:

Determing the Trustor or trustee, the beneficiaries or classes of beneficiaries, and any other natural person who exercises ultimate effective control, including through a series of controls or ownership over the trust directly or indirectly, and obtain sufficient information about the real beneficial owner so that he/ she can be identified at the time of payment or when he/ she intends to exercise his / her legally acquired rights.

With respect to other legal arrangements, they shall recognize the identity of the natural persons holding equivalent or similar positions.

_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.

Version 1_{(effective from 10/02/2019 to 01/04/2022)}

Financial Institutions and DNFBP’s are required to take reasonable measures to verify the identity of the Beneficial Owners of legal persons and Legal Arrangements, by using information, data, or statistics acquired from a reliable source, by the following:

1. For Customers that are legal persons:

(a) Obtaining and verifying the identity of the natural person, who by himself or jointly with another person, has a controlling ownership interest in the legal person of 25% or more, and in case of failing or having doubt about the information acquired, the identity shall be verified by any other means.

(b) In the event of failing to verify the identity of the natural person exercising control as per paragraph (a) of this Clause, or the person(s) with the controlling ownership interest is not the Beneficial Owner, the identity shall be verified for the relevant natural person(s) holding the position of senior management officer, whether one or more persons.

2. For Customers that are Legal Arrangements:

Verifying the identity of the Settlor, the Trustee(s), or anyone holding a similar position, the identity of the beneficiaries or class of beneficiaries, the identity of any other natural person exercising ultimate effective control over the legal arrangement, and obtaining sufficient information regarding the Beneficial Owner to enable the verification of his/her identity at the time of payment, or at the time he/she intends to exercise his/her legally acquired rights.

Article (10)
Financial Institutions and Designated Non-Financial Businesses and Professions and virtual assets services providers shall be exempt from determining and verifying the identity of the shareholder or partner or the Real Beneficiary, provided that such information is obtained from reliable sources in cases where the Client or owner of the controlling interest is of any of the following:
1. A company that is listed on a regulated securities market and that is subject to disclosure requirements under any means that impose the requirements of adequate transparency for the Real Beneficiary.
2. A subsidiary company whose majority of shares or stocks are owned by a holding company.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
Financial Institutions and DNFBPs shall be exempted from identifying and verifying the identity of any shareholder, partner, or the Beneficial Owner, if such information is obtainable from reliable sources where the Customer or the owner holding the controlling interest are as follow:
1. A company listed on a regulated stock exchange subject to disclosure requirements through any means that require adequate transparency requirements for the Beneficial Owner.
2. A subsidiary whose majority shares or stocks are held by the shareholders of a holding company.

Article (11)
1. In addition to the Due Diligence measures required for the ClientClient and the beneficial owner, Financial Institutions must take Due Diligence measures and continuous supervision towards the beneficiary of personal insurance policies and money making operations, including life insurance products, family takaful insurance and other investment insurance products, as soon as the beneficiary is identified or named as follows:
  1. As for the named beneficiary, the name of the person must be obtained, whether he/she is a natural or legal person or a legal arrangement.
  2. As for the beneficiary identified by category or description such as family relationship such as spouse, children or any other means such as will or estate, sufficient information about the beneficiary must be obtained to ensure that the financial institution will be able to identify the beneficiary when disbursing compensation or benefits.
  3. Verifying the identity of the beneficiary in the two previous cases when paying compensation or dues or exercising any rights related to those documents.
2. In all cases, Financial Institutions must consider the clientClient and beneficiary of life insurance policies and family takaful insurance as risk factors when determining the applicability of enhanced due diligence procedures. Moreover, if they find that the beneficiary is a high risk legal person or arrangement, they must take enhanced due diligence measures, which must include reasonable procedures to identify and verify the beneficial owner of the policy beneficiary when paying compensation or dues or exercising any rights related to those policies.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. In addition to the CDD measures required for the Customer and the Beneficial Owner, Financial Institutions shall be required to conduct CDD measures and ongoing monitoring of the beneficiary of life insurance policies and funds generating transactions, including life insurance products relating to investments and family Takaful insurance, as soon as the beneficiary is identified or designated as follows:
  
  For the beneficiary identified by name, the name of the person, whether a natural person a legal person or a legal arrangement, shall be obtained.
  
  For a beneficiary designated by characteristics or by class– such as a family relation like parent or child, or by other means such as will or estate – it shall be required to obtain sufficient information concerning the beneficiary to ensure that the Financial Institution will be able to establish the identity of the beneficiary at the time of the pay-out.
2. In all cases – the Financial Institutions should verify the identity of the beneficiary at the time of the payout as per the insurance policy or prior to exercising any rights related to the policy. If the Financial Institution identifies the beneficiary of the insurance policy to be a high-risk legal person or arrangement, then it should conduct enhanced CDD measures to identify the Beneficial Owner of that beneficiary, legal person, or legal arrangement.

Article (12)
Financial Institutions and DNFBPs should apply CDD measures to Customers and the ongoing business relationship on the effective date of the present Decision, within such times as deemed appropriate based on relative importance and risk priority. It should also ensure the sufficiency of data acquired, in case CDD measures were applied before the effective date of the present Decision.

Article (13)
1. Financial Institutions and DNFBPs shall be prohibited from establishing or maintaining a business relationship or executing any transaction should they be unable to undertake CDD measures towards the Customer and should consider reporting a suspicious transaction to the FIU.
2. Even if they suspect the commission of a Crime, financial institutions and DNFBPs should not apply CDD measures if they have reasonable grounds to believe that undertaking such measures would tip-off the Customer and they should report a Suspicious Transaction to the FIU along with the reasons having prevented them from undertaking such measures.

Article (14)
Financial Institutions and DNFBP’s shall commit to the following:
1. Not to deal in any way with Shell Banks, whether to open bank accounts in their names, or to accept funds or deposits from them.
2. Not to create or keep records of bank accounts using pseudonyms, fictitious names or numbered accounts without the account holder’s name.

Section 4 Politically Exposed Persons (PEPs)

Article (15)
1. Financial Institutions and Designated Non-Financial Businesses and Professions must, in addition to implementing ClientClient Due Diligence (CDD) in accordance with the third part of the first section of this chapter, adopt the following:
  
  First: As for Foreign Politically exposed person (PEPs),
  1. Developing the appropriate risk management systems to determine whether the Client or the beneficial owner is a Foreign Politically exposed person.
  2. Obtaining senior management approval before establishing or continuing the business relationship for current Clients who are Foreign Politically exposed persons.
  3. Taking reasonable measures to determine the sources of funds and wealth of Clients, and the beneficial owners who have been identified as politically exposed persons.
  4. Carrying out continuous and enhanced follow-up of the business relationship.
  Second: As for local politically exposed persons and persons who have already been assigned a prominent position in an international organization:
  1. Taking sufficient measures to determine whether the Client or the beneficial owner is one of these persons.
  2. Taking the measures mentioned in paragraphs nos. (b), (c) and (d) of article “First”, when there is a high-risk business relationship with such persons.
2. Subject to clause no. (1) of this article, the Financial Institutions concerned with life and family takaful insurance policies must take reasonable measures to determine whether the beneficiary or beneficial owner is a politically exposed person before paying compensation or dues or exercising any rights related to those policies. When there are higher risks, they must inform senior management before paying compensation or dues or exercising any rights related to them, conduct a thorough examination of the overall business relationship, and consider reporting a suspicious transaction report to the Unit.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. In addition to undertaking CDD measures required under Section 3, Part 1 of this Chapter, Financial Institutions and DNFBPs shall be required to carry out the following:
  
  First: For Foreign PEPs:
  
  Put in place suitable risk management systems to determine whether a Customer or the Beneficial Owner is considered a PEP.
  
  Obtain senior management approval before establishing a business relationship, or continuing an existing one, with a PEP.
  
  Take reasonable measures to establish the source of funds of Customers and Beneficial Owners identified as PEPs.
  
  Conduct enhanced ongoing monitoring over such relationship.
  
  Second: For Domestic PEPs and individuals previously entrusted with prominent functions at international organisations:
  
  Take sufficient measures to identify whether the Customer or the Beneficial Owner is considered one of those persons.
  
  Take the measures identified in Clauses (b), (c), and (d) under the first paragraph of this Article, when there is a high-risk business relationship accompanying such persons.
2. Financial Institutions shall be required to take reasonable measures to determine the beneficiary or Beneficial Owner of life insurance policies and family takaful insurance. If identified as a PEP, Financial institutions shall inform senior management before the pay-out of those policies, or prior to the exercise of any rights related to them, in addition to thoroughly examining the overall business relationship, and consider reporting to the Unit a suspicious transaction report.

Section 5 Suspicious Transaction Reports (STRs)

Article (16)
Financial Institutions and DNFBPs shall put in place indicators that can be used to identify the suspicion on the occurrence of the Crime in order to report STRs, and shall update these indicators on an ongoing basis, as required, in accordance with the development and diversity of the methods used for committing such crimes, whilst complying with what the Supervisory Authorities or FIU may issue instructions in this regard.

Article (17)
1. In the case of suspecting, or if they have reasonable grounds to suspect, that an Operation or an attempt to carry out an Operation or that Funds representing Proceeds, in whole all or in part, are related to the Crime or that they will be used for such purpose regardless of their value, Financial Institutions and Designated Non-Financial Businesses and Professions shall comply with the following without invoking bank secrecy or professional or contractual confidentiality:
  1. Report directly Suspicious Transaction Reports (STRs) to the Unit without delay through its electronic system or any other means approved by the Unit.
  2. Respond to all additional information requested by the Unit.
2. Lawyers, notaries and other independent legal professionals and independent legal auditors shall be exempt from the provision of Clause no. (1) of this Article if obtaining information relating to such operations on their assessment of the legal status of the client, defending or representing him/ her, before the courts, arbitration or mediation proceedings, or the provision of legal opinion in a matter relating to a judicial proceeding. This includes providing advice on the commencement or avoidance of such proceedings whether the information was previously obtained, during or after the proceedings or in other circumstances in which they are subject to professional secrecy.
3. Financial Institutions, Designated Non-Financial Businesses and Professions, Virtual Asset Service Providers, members of their boards of directors, employees and legally authorized representatives shall not incur any administrative, civil or criminal responsibility resulting from the disclosure of any secret, when informing the unit or providing it with information in good faith, even if they do not know exactly what the crime is or whether it actually occurs.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
- If Financial Institutions and DNFBPs have reasonable grounds to suspect that a Transaction, attempted Transaction, or funds constitute crime proceeds in whole or in part, or are related to the Crime or intended to be used in such activity, regardless of the amount, they shall adhere to the following without invoking bank secrecy or professional or contractual secrecy:
  
  Directly report STRs to the FIU without any delay, via the electronic system of the FIU or by any other means approved by the FIU
  
  Respond to all additional information requested by the FIU.
- Lawyers, notary publics, other legal stakeholders and independent legal auditors shall be exempt from Clause (1) of this Article, if obtaining this information regarding such Transactions relates to the assessment of their Customers’ legal position, or defending or representing them before judiciary authorities or in arbitration or mediation, or providing legal opinion with regards to legal proceedings, including providing consultation concerning the initiation or avoidance of such proceedings, whether the information was obtained before or during the legal proceedings, or after their completion, or in other circumstances where such Customers are subject to professional secrecy.
- Financial Institutions and DNFBPs, their board members, employees and authorised representatives shall not be legally liable for any administrative, civil or criminal liability for reporting when reporting to the Unit or providing information in good faith.

Article (18)
1. Financial Institutions and Designated Non-Financial Businesses and Professions, their directors, officials and employees shall not disclose, directly or indirectly, to the Client or any other person, their reporting, or that they are about to report suspicious operations or information and data related to them. They shall not also disclose the existence of an investigation. This does not prevent sharing of information with branches and subsidiaries at the level of the financial group in accordance with the provisions of Article no. (31) of this decision.
2. An attempt by lawyers, notaries pubic, other independent legal professionals, or independent legal auditors to dissuade the Client from performing an act that is contrary to the law shall not be considered as disclosure.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial Institutions and DNFBPs, their managers, officials or staff, shall not disclose, directly or indirectly, to the Customer or any other person(s) that they have reported, or are intending to report a Suspicious Transaction, nor shall they disclose the information or data contained therein, or that an investigation is being conducted in that regard.
2. When lawyers, notaries, other independent legal professionals, and legal independent auditors attempt to discourage their Customers from committing a violation, they shall not be considered to have made a disclosure.

Section 6 Reliance on a Third Party

Article (19)
1. Taking into account the countries that the Committee identifies as high risk and the countries that suffer from weaknesses in AML/CFT systems, the Financial Institutions and the Designated Non-Financial Businesses and Professions may rely on a third party to carry out Client Due Diligence (CDD) in accordance with the third part of the first section of this chapter. The financial institution and the Designated Non-Financial Businesses and Professions shall be responsible for the validity of these measures, and shall do the following:
  1. Immediately obtain the identification data and necessary information collected during the Client Due Diligence (CDD) measures from the third party, and ensure that copies of the necessary documents for these measures can be obtained without delay upon request.
  2. Ensure that the third party is subject to regulation and control, and complies with the requirements of Client Due Diligence and keeps the registers provided for in this Decision.
2. The financial institution and the Designated Non-Financial Businesses and Professions that that engage a third party who is part of the same Financial Group shall ensure the following:
  1. Ensure that the Group applies the Client Due Diligence Measures towards Clients and Politically Exposed Persons, that records are kept and that anti-Crime programmes are implemented in accordance with Parts 3, 4 and 11 of Section 1 of this Chapter and Article (31) of this Decision; .
  2. Sufficiently reduce any high risks related to countries through the Group-related anti-Crime policies and controls.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Taking into consideration the high-risk countries identified by the Committee, the Financial Institutions and DNFBPs shall be permitted to rely on a third party to undertake the necessary CDD measures towards Customers as per Section 3 of Part 1 of this Chapter, and each of the Financial Institution and the DNFBP shall be responsible for the validity of these CDD measures, and shall do the following:
  
  Immediately obtain, from third parties, the necessary identification data and other necessary information collected through the CDD measures and ensure that copies of the necessary documents for such measures can be obtained without delay and upon request.
  
  Ensure that the third party is regulated and supervised, and adheres to the CDD measures towards Customers and record-keeping provisions of the present Decision.
2. Financial Institutions and DNFBPs, who rely on third parties that are part of the same Financial Group,shall ensure that:
  
  The Financial Group applies the CDD, PEP, and record-keeping requirements and implements programs for combating the Crime in accordance with Sections 3, 4, 11 of Part 1 of this Chapter and Article (31) of this Decision, and the Financial Group is subject to supervision in that regard.
  
  The Financial Group sufficiently mitigates any high risks linked to countries through its own policies and controls for combating the Crime.

Section 7 Internal Supervision and Foreign Branches and Subsidiaries

Article (20)
Financial Institutions and DNFBPs shall have internal policies, procedures and controls for combating the Crime, that should be commensurate with the Crime risks, and with the nature and size of their business, and to continuously update them, and to apply them to all its branches and subsidiaries in which it holds majority interest, including the following:
1. CDD measures towards Customers as required in accordance with the Decretal-Law and the present Decision, including procedures for the risk management of business relationships prior to completing the verification process.
2. Procedures for the reporting of Suspicious Transactions.
3. Appropriate arrangements for compliance management for combating the Crime, including appointing a compliance officer
4. Screening procedures to ensure the availability of high competence and compatibility standards when hiring staff
5. Preparation of periodic programs and workshops in the field of combatting the Crime to build the capabilities of compliance officers and other competent employees.
6. An independent audit function to test the effectiveness and adequacy of internal polices, controls and procedures relating to combating the Crime.

Section 8 Compliance Officer Tasks

Article (21)
Financial Institutions and Designated Non-Financial Businesses and Professions shall undertake to appoint a compliance officer, who shall have the appropriate competence and experience under its responsibility, to carry out the following tasks:
1. Controlling of the Crime-Related Transactions.
2. Accessing records and receiving, examining and studying data on Suspicious Transactions and taking the decision to notify the Unit or to retain such records and data while stating the reasons, under complete confidentiality.
3. Reviewing the internal systems and procedures for anti-money laundering and combating the financing of terrorism and financing of illegal organizations, and their consistency with the provisions of the decree-law and this resolution. This is in addition to assessing the extent of the institution's commitment to its application and proposing what is necessary to update and develop it, and prepare periodic reports thereon to be submitted to the senior management. This is in addition to sending a copy to the concerned regulatory authority at its request, including the observations and decisions of the senior management.
4. Developing, implementing and documenting ongoing programs and training and qualification plans for employees working for the organization on all matters related to anti-money laundering and combating the financing of terrorism and financing of illegal organizations and ways to confront them.
5. Cooperating with the Regulatory Authority and the Unit, providing them with the data they request, and enabling their assigned employees to view the records and documents necessary to exercise their competencies.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
Financial Institutions and DNFBPs shall appoint a compliance officer. The compliance officer shall have the appropriate competencies and experience and under his or her own responsibility, shall perform the following tasks:
1. Detect Transactions relating to any Crime.
2. Review, scrutinise and study records, receive data concerning Suspicious Transactions, and take decisions to either notify the FIU or maintain the Transaction with the reasons for maintaining while maintaining complete confidentiality.
3. Review the internal rules and procedures relating to combating the Crime and their consistency with the Decretal-Law and the present Decision, assess the extent to which the institution is committed to the application of these rules and procedures, propose what is needed to update and develop these rules and procedures, prepare and submit semi-annual reports on these points to senior management, and send a copy of that report to the relevant Supervisory Authority enclosed with senior management remarks and decisions.
4. Prepare, execute and document ongoing training and development programs and plans for the institution’s employees on Money Laundering and the Financing of Terrorism and Financing of Illegal Organisations, and the means to combat them.
5. Collaborate with the Supervisory Authority and FIU, provide them with all requested data, and allow their authorised employees to view the necessary records and documents that will allow them to perform their duties.

Section 9 High-Risk Countries

Article (22)
1. Financial Institutions and Designated Non-Financial Businesses and Professions shall apply enhanced due diligence measures in proportion to the degree of risk that may arise from business relationships or transactions with a natural or legal person from the countries that the Committee identifies as high risk or countries that suffer from weaknesses in AML/CFT systems.
2. Financial Institutions and Designated Non-Financial Businesses and Professions shall apply countermeasures and any other measures requested by the regulatory Authorities on their own or on the basis of what the Committee determines with regard to high-risk countries and countries that suffer from weaknesses in AML/CFT systems.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial Institutions and DNFBPs shall implement enhanced CDD measures based on the level of risk that might arise from business relationships and Transactions with natural or legal persons from high-risk countries.
2. Financial Institutions and DNFBPs shall implement CDD measures as defined by the Committee regarding High Risk Countries.

Section 10 Requirements relating to New Technologies

Article (23)
1. Financial institutions and DNFBPs shall identify and assess the risks of money laundering and terrorism financing that may arise when developing new products and new professional practices, including means of providing new services and using new or under-development techniques for both new and existing products.
2. Financial Institutions and DNFBPs shall assess risks prior to the release of products, practices or techniques, and take appropriate measures to manage and mitigate such risks

Section 11 Record-keeping

Article (24)
1. Financial Institutions and Designated Non-Financial Businesses and Professions shall keep all records, documents, papers and data, for all financial operations and local or international commercial and cash transactions, for a period of no less than (5) years from the completion date of the transaction or the end of the business relationship with the Client.
2. Financial Institutions and Designated Non-Financial Businesses and Professions must keep all records and documents obtained through Client due diligence measures, continuous supervision, accounts files, commercial correspondence, and copies of personal identity documents, including suspicious transaction reports and the results of any conducted analysis. This shall be for a period of no less than (5) years from the end date of the business relationship or from the closure date of the account for Clients who maintain accounts with these institutions. In addition, after the completion of an occasional process, from the date after the completion of the inspection by the supervisory authorities, from the completion date of the investigation, or from the date of a final judgment issued by the competent judicial authorities, all as the case may be.
3. The operations and the documents records and the kept documents shall be so organized as to be sufficient to permit the reconstitution or re-arrangement of individual operations, the analysis of data and the tracking of financial operations, in such a manner as to provide, where appropriate, evidence of claim against criminal activity.
4. Financial Institutions and Designated Non-Financial Businesses and Professions shall ensure all Client information related to Client due diligence, ongoing control and the results of their analysis, records, files, documents, correspondence and forms thereof immediately available to the concerned authorities upon their request.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial Institutions and DNFBPs shall maintain all records, documents, data and statistics for all financial transactions and local or international commercial and cash transactions for a period of no less than five years from the date of completion of the transaction or termination of the business relationship with the Customer.
2. Financial institutions and DNFBPs shall keep all records and documents obtained through CDD measures, ongoing monitoring, account files and business correspondence, and copies of personal identification documents, including STRs and results of any analysis performed , For a period of no less than five years from the date of termination of the business relationship or from the closing date of the account to Customers who maintain accounts with these institutions or after the completion of a casual transaction or from the date of completion of the inspection by the Supervisory authorities, or from the date of issuance of a final judgment of the competent judicial authorities, all depending on the circumstances.
3. The records, documents and documents kept shall be organised so as to permit data analysis and tracking of financial transactions.
4. Financial Institutions and DNFBPs shall make all Customer information regarding CDD towards Customers, ongoing monitoring and results of their analysis, records, files, documents, correspondence and forms available immediately to the competent authorities upon request.

Part 2 Requirements for Financial Institutions

Section 1 Correspondent Banking Relationship

Article (25)
1. Before entering into correspondent banking or any other similar relationship, financial institutions shall take the following measures:
  1. Refrain from entering into or maintaining a correspondent banking relationship with Shell Banks or with an institution that allows their accounts to be used by Shell Banks.
  2. Collect sufficient information about any receiving correspondent banking institution for the purpose of identifying and achieving a full understanding of the nature of its work, and to make available, through publicly available information, its reputation and level of control, including whether it has been investigated.
  3. Evaluate anti-crime controls applied by the receiving institution.
  4. Obtain approval from senior management before establishing new correspondent banking relationships.
  5. Understand the responsibilities of each institution in the field of combatting Crime.
2. With respect to intermediate payment accounts, the financial institution should be required to ensure that the receiving institution has taken CDD measures towards Customers who have direct access to those accounts and that it is able to provide CDD information to the relevant Customers upon request of the correspondent institution.

Section 2 Money or Value Transfer Services

Article (26)
1. Providers of money or value transfer services shall be licensed by or registered with the competent Supervisory Authority. The Supervisory Authority shall take the necessary measures to punish those who provide such services without a licence or registration in accordance with their effective legislation and to ensure compliance of licensed or registered providers with the Crime combating controls.
2. Providers of money or value transfer services shall keep an up-to-date list of their agents and make them available to the relevant authorities within the country in which the money or value transfer services providers and their agents operate, and shall engage their agents in combatting the Crime control programs and monitor them for compliance with these programs.

Section 3 Wire Transfers

Article (27)
1. Financial Institutions shall ensure that all international wire transfers equal to or more than (AED 3.500) are always accompanied by the following data:
  1. The full name of the sender and the beneficiary.
  2. The account number of the sender and the beneficiary, and in the absence of such account, the transfer must include a unique reference number that allows Financial Institutions to track it.
  3. The sender's address, identification number, travel document, date and place of birth, or Client identification number with the transferring financial institution, which shall refer to a record containing these data.
2. In case of several international wire transfers are collected from one being combined in a transfer file to be sent to the beneficiaries, the transfer file shall include accurate data about the sender, and full information about the beneficiaries, which can be fully tracked in the beneficiary's country. Hence, the financial institution is required to include the sender's account number, or a unique reference number for the process.
3. Financial Institutions shall ensure that all international wire transfers that are less than the amount of AED (3.500) are accompanied by the data contained in Clause no. (1) of this Article, without the need to verify the validity of the referred data, unless there are doubts about the commission of the crime.
4. Financial Institutions transferring local wire transfers shall ensure that the information attached to the wire transfers includes the same data on the transferor referred to in Clause no. (1) of this Article, unless such data is available to the beneficiary Financial Institutions and the concerned parties by other means.
5. When the data attached to the local wire transfer is available to the beneficiary Financial Institutions and the concerned authorities through other means, the transferring financial institution is required to include the account number or the unique reference number of the transaction only, provided that this number allows the tracking of transactions to the transferor or the beneficiary. Moreover, the transferring financial institution must provide such data within three (3) working days of receiving the request from the beneficiary financial institution or the concerned authorities.
6. Financial Institutions are prohibited from executing wire transfers if they do not comply with the conditions set out in this article.
7. The transferring Financial Institutions must keep all the collected information about the transferor and the beneficiary, in accordance with the provisions of Article No. (24) of this Resolution.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. Financial institutions shall ensure that all international wire transfers equal to or exceeding AED (3,500) are always accompanied by the following data:
  
  The name of the originator, his or her identity number or travel document, date and place of birth, address and account number. In the absence of an account, the transfer must include a unique transaction reference number which allows the process to be tracked.
  
  The name of the beneficiary and his account number used to make the transfers. In the absence of the account, the transfer must include a unique transaction reference number which allows the process to be tracked.
2. In the event that several individual cross-border wire transfers from a single originator are bundled in a batch file for transmission to beneficiaries, the batch file shall contain required and accurate originator information, and full beneficiary information, that is fully traceable within the beneficiary country; and the financial institution shall be required to include the originator’s account number or unique transaction reference number.
3. Financial institutions shall ensure that all cross-border wire transfers less than AED 3,500 are always accompanied by the data in Clause (1) of this Article, without the need to verify the accuracy of the data referred to, unless there are suspicions about committing the Crime.
4. For domestic wire transfers, the ordering financial institution shall ensure that the information accompanying the wire transfer includes originator information as indicated in Clause (1) of this Article, unless this information can be made available to the beneficiary financial institution and competent authorities by other means.
5. Where the information accompanying the domestic wire transfer can be made available to the beneficiary financial institution and competent authorities by other means, the ordering financial institution shall be only required to include the account number or a unique transaction reference number, provided that this number or identifier will permit the transaction to be traced back to the originator or the beneficiary. The ordering financial institution shall make the information available within three business days of receiving the request either from the beneficiary financial institution or from competent authorities.
6. Financial institutions shall not carry out wire transfers if they fail to comply with the conditions set out in this article.
7. Ordering financial institutions shall keep all information about the originator and the beneficiary collected in accordance with the provisions of Article (24) of this Decision.

Article (28)
1. An intermediary financial institution shall ensure that all originator and beneficiary information that accompanies a wire transfer is retained with it for cross-border wire transfers.
2. Where technical limitations prevent the required originator or beneficiary information accompanying a cross-border wire transfer from remaining with a related domestic wire transfer, the Intermediary Financial Institution shall keep a record of all the information received from the ordering financial institution or another cross-border Intermediary Financial Institution, in accordance with the provisions of Article (24) of the present Decision.
3. Intermediary Financial Institutions shall take reasonable measures, which are consistent with straight-through processing, to identify cross-border wire transfers that lack required originator information or required beneficiary information and shall have risk-based policies and procedures for determining when to execute, reject, or suspend a wire transfer; and the appropriate follow-up action.

Article (29)
1. Beneficiary Financial Institutions shall take reasonable measures, to identify cross-border wire transfers that lack required originator information or required beneficiary information, which may include real-time monitoring where feasible or post-event monitoring.
2. For cross-border wire transfers of AED 3,500 or more, a Beneficiary Financial Institution shall verify the identity of the beneficiary, if the identity has not been previously verified.
3. Beneficiary Financial Institutions shall have risk-based policies and procedures determining when to execute, reject, or suspend a wire transfer lacking required originator or required beneficiary information; and for determining the appropriate follow-up action.
4. Beneficiary Financial Institutions shall maintain records of all required originator and required beneficiary information collected, in accordance with the provisions of Article (24) of this Decision.

Article (30)
1. Providers of Money or Value Transfer Services shall comply with all of the relevant requirements of Articles (27), (28), and (29) of this Decision, whether they operate directly or through their agents.
2. In the case of a provider of money or value transfer services that controls both the ordering and the beneficiary side of a cross-border wire transfer, the provider of money or value transfer services shall:
  1. Take into account all information from both the ordering and beneficiary sides in order to determine whether an STR is to be filed; and
  2. If it is decided to file STR regarding the Transaction, the STR shall be sent to the Financial Intelligence Unit in the relevant country, attaching all relevant transaction information.

Section 4 Financial Group

Article (31)
The financial groups shall implement anti-crime programs at the group level, that shall be applicable to all branches and subsidiaries in which the group has a majority. In addition, these programs include the following, in addition to the measures stipulated in Article no. (20) of this Resolution:
1. Information exchange policies and procedures required for Client due diligence and crime risk management purposes.
2. Provision of information related to Clients, accounts and operations from branches and subsidiaries to the AML/CFT officials at the level of the financial group, when necessary. This shall be for the purposes of countering crime, including information on analyzing operations or activities that seem unusual or suspicious, in addition to suspicious transaction reports, their basic information, or an evidence on filing a report of a suspicious transaction. In all cases, branches and subsidiaries are provided with this information when appropriate and necessary to risk management.
3. Provision of adequate guarantees on confidentiality and use of exchanged information.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
Financial Groups shall implement group-wide programs with respect to combating the Crime. Such programs shall be applicable and appropriate to all its branches and majority-owned subsidiaries. In addition to the measures mentioned in Article (20) of this Decision, these programs should also include the following:
1. Policies and procedures for the exchange of information required for the purposes of CDD and risk management of the Crime;
2. The provision of Customer information, accounts, and Transactions from the branches and subsidiaries to the compliance officers at a Financial Group level, whenever necessary for the purpose of combating the Crime.
3. Provision of adequate safeguards on the confidentiality and use of the information exchanged.

Article (32)
1. Financial Institutions should ensure that their foreign branches and majority-owned subsidiaries apply Crime-combating measures that are consistent with the requirements of the Decretal-Law and the present Decision when the minimum Crime-combating requirements of the other country are less strict than those applied in the State, to the extent permitted by that other country’s laws and regulations.
2. If the other country does not permit the appropriate implementation of measures for combating the Crime that are consistent with the requirements of the Decretal-Law and the present Decision, then Financial Institutions shall take additional measures to manage AML/CFT risks related to their operations abroad and reduce them appropriately, inform the other country of the matter, and abide by the instructions received from the Country in this regard.

Part 3 Requirements of Non-Profitable Organisations

Article (33)
Non-Profit Organisations, in collaboration with the competent Supervisory Authority, shall commit to the following:
1. Apply best practices adopted by the competent Supervisory Authority to mitigate their vulnerabilities so that they can protect themselves from being abused for Financing of Terrorism and of Illegal Organisations.
2. Put in place clear policies to promote transparency, integrity, and public confidence in its own administration.
3. Conduct Transactions through official financial channels, taking into consideration the different capabilities of financial sectors in other countries.

Part 4 Virtual Asset Service Providers
Part 4 has been added pursuant to Cabinet Resolution No. (24) of 2022.

Article no. (33) bis (1)

This article has been added pursuant to Cabinet Resolution No. (24) of 2022.

Every natural or legal person who carries out any of the activities of Virtual Asset Service Providers, provides their products or services or carries out their operations from the state must be licensed, enrolled or registered, as the case may be, by the competent Supervisory Authority.
The Supervisory Authority on Virtual Asset Service Providers, each according to its competence, may issue the necessary decisions, circulars and procedures for the purposes of adequate organization thereof, taking into account the identified risks in a manner that achieves compliance with the provisions of the Decree-Law and this Resolution.

In all cases, the Supervisory Authority on Virtual Asset Service Providers shall, on its own or in coordination with the concerned authorities, take the necessary measures to determine who carries out any of the activities of the Virtual Asset Service Providers in violation of Clause No. (1) of this Article. It shall also apply the appropriate sanctions against them. These procedures may include the following:

a.	Reviewing public and open-source databases to identify relevant ads over the information network or potential business requests by a person who is not licensed, enrolled, nor registered.
b.	Establishing feedback channels with Concerned authorities, or communication channels to receive public comments from the public in this regard.
c.	Coordinating with the Unit to obtain information available to it such as suspicious transaction reports or the results of other information collection it carried out.
d.	Reviewing non-public information, such as information related to the denial, suspension, restriction or revocation of a license, enrollment or registration of virtual asset service provider activities, and any relevant information with law enforcement authorities.

Subject to the provisions of Chapter (7) of this Resolution, the concerned authorities may, pursuant to the legislation in force in the State and the international agreements to which the State is a party or based on the condition of reciprocity, execute international cooperation requests related to predicate offenses, money laundering crimes, financing of terrorism, or financing of Illegal Organizations related to virtual assets and Virtual Asset Service Providers as expeditiously and effectively as possible. This shall be applied regardless of the nature and difference in the names of the supervisory Authorities or the status of the Virtual Asset Service Providers in other countries.

Article no. (33) bis (2)
This article has been added pursuant to Cabinet Resolution No. (24) of 2022.
Virtual Asset Service Providers must identify, assess, manage and reduce their risks related to money laundering and terrorist financing, as stated in clauses nos. (1) and (2) of Article no. (4) of this Resolution.

Article no. (33) bis (3)
This article has been added pursuant to Cabinet Resolution No. (24) of 2022.
Virtual Asset Service Providers must comply with the provisions of Articles nos.(5-9), (12-15/1), (16, 17/1, 18/1, 19-32, 35, 38, 39), and (60) of this Resolution, and consider the following:
1. Taking Client Due Diligence (CDD) measures when conducting casual operations equal to or more than (AED 3.500).
2. Obtaining and keeping the required transfer information precisely by the Virtual asset service provider, the transfer originator.
3. This is in addition to requesting the information of the beneficiary of the transfer. It must provide such information to the virtual asset service provider, the beneficiary or the financial institution - if any, immediately and safely. It must also make it available to the competent authorities upon request.
4. Obtaining and keeping the required transferor information and the beneficiary precisely by the virtual asset service provider obtains. It must also make it available to the competent authorities upon request.
5. All requirements contained in this part of this resolution shall apply to Financial Institutions when they send or receive virtual asset transfers on behalf of the Client.

Chapter 3 Transparency and Beneficial Owner

Part 1 Requirements of Company Registrar and Companies

Article (34)
1. The Registrar shall provide information regarding legal persons in the State and make it available to the public as follows:
  1. The types, different forms and basic features of legal persons
  2. The processes for the creation of those legal persons
  3. The processes for obtaining its basic information as stipulated in paragraph (b), Clause (1), of Article (8) of this Decision
  4. The processes for obtaining information about the Beneficial Owner.
2. The Registrar shall undertake to maintain and keep the up-to-date basic information defined in paragraph (b), Clause (1), of Article (8) of this Decision, ensure its accuracy and make it available to the public
3. Upon registering companies, the Registrar shall commit to receive the data of the Beneficial Owner of the company as stipulated in Clause (Error! Reference source not found.) of Article (9) of this Decision and make sure it remains up to date accurate, and available to the Competent Authorities.

Article (35)
1. Companies shall be required to maintain the information set out in paragraph (b), Clause (1) of Article (8) of this Decision and a register of all their shareholders containing the number of shares held by each shareholder and categories of shares, if any, including the voting rights and providing this register to the Registrar after ensuring its accuracy.
2. Companies shall undertake to maintain and make available the data mentioned in Clause (Error! Reference source not found.) of Article (9) of this Decision to the Registrar at all times and upon request, update such data within 15 business days upon its amendment or change and ensure to keep this information up-to-date and accurate on an ongoing basis and assist the Registrar in documenting such information if so required.
3. Companies shall have one or more natural persons residents of the State and authorised to disclose to the Registrar all information contained in Clauses (1) and (2) of this Article
4. Any company established or registered in the State shall be prohibited from issuing share warrants to bearer.
5. Companies that permit the issuance of nominee shares in the name of individuals or members of the board of directors shall be required to disclose those shares and the identities of the members of the board of directors to the Registry for the purpose of registering them.

Article (36)
The Registrar and the companies, or the administrators or liquidators or any other stakeholder involved in the dissolution of the company, shall maintain records and all information as mentioned in Article (34) and Article (35) for at least five years from the date in which the company is dissolved or otherwise ceased to exist.

Part 2 Requirements of Legal Arrangements

Article (37)
1. Trustees in legal arrangements shall keep information about the real beneficial owner as stated in clause no. (2) of Article no. (9) of this Resolution.
2. Trustees in legal arrangements must keep basic information about supervised intermediaries and service providers, including investment advisors, managers, accountants, and tax advisors.
3. Trustees in legal arrangements must disclose their status to Financial Institutions, Designated Non-Financial Businesses and Professions, and Virtual Asset Service Providers, when they establish a business relationship or carry out an occasional transaction that exceeds the specified limit under the provisions of this resolution. They must also provide them with information related to the beneficial owner and the assets that will be kept or managed under the terms of the business relationship, if requested.
4. The information mentioned in clauses nos. (1) and (2) of this Article shall be accurately kept and updated within fifteen (15) working days upon any amendment or variation therein. The representatives of the legal arrangements shall retain such information for a period of five (5) years from the date of termination of their dealings with the legal arrangement.
5. The concerned authorities, in particular law enforcement authorities, may request and obtain without delay the information kept by trustees, Financial Institutions, Designated Non-Financial Business or Professions or virtual assets services providers related to the following:
  1. The real beneficial owner of legal arrangements.
  2. place of residence of the Trustee.
  3. The Funds held or managed by the Financial Institution or the Designated Non-Financial Business in respect of any Trustee with whom they have a Business Relationship or for whose account they perform a casual transaction.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
1. The Trustees in Legal arrangements are required to information about the Beneficial Owner as prescribed in Clause (Error! Reference source not found.) of Article (9) of this Decision.
2. The Trustees in Legal Arrangements are required to maintain basic information relating to intermediaries, who are subject to supervision, and service providers, including consultants, investors, directors, accountants and tax advisors.
3. The information mentioned in Clauses (1) and (2) of this Article shall be maintained accurately and updated within 15 days if it is amended or changed and legal arrangement representatives shall be required to maintain this information for at least five years from the date of the end of their involvement with the legal arrangement.
4. The Competent Authorities, and in particular Law Enforcement Authorities, shall request and obtain information held by trustees, Financial Institutions, or DNFBPs, without delay, relating to the following:
  
  The Beneficial Ownership of legal arrangements
  
  The residence of the Trustee
  
  The funds that are held or managed by the Financial Institution or DNFBP in relation to any trustees with which they have a Business Relationship, or for which they undertake an occasional Transaction.

Part 3 Prohibition of Invocation of Banking, Professional or Contractual Secrecy

Article (38)
It is prohibited to invoke banking, professional or contractual secrecy as a pretext to prevent application of the provisions of the Decretal-Law and this Decision in the following cases:
1. Exchange of information among Financial Institutions whenever it is related to Correspondent Banking or Wire Transfers and the reliance on regulated third party relationships in accordance with Articles (19), (25), and (27) to (30) of this Decision.
2. Exchange of information among Competent Authorities at the domestic or international level in relation to the combating of the Crime.

Part 4 Confidentiality of information

Article (39)
1. Any person who obtains information related to a suspicious transaction or any of the crimes stipulated in the Decretal-Law shall be bound by its confidentiality and not disclosed except to the extent necessary for its use in investigations, prosecutions or cases in violation of the provisions of the Decretal-Law and this Decision.
2. In all cases, it is not permissible to contact the Customer directly or indirectly to notify him of the actions taken, except at the written request of the competent Supervisory Authority.

Chapter 4 Financial Intelligence Unit

Section 1 Independence of the FIU

Article (40)
1. The FIU shall be operationally independent in order to carry out its functions effectively, and the Central Bank shall provide it with the required technical, financial and human resources.
2. The main headquarter for the FIU shall be the capital of the State and it may open branches within the Central Bank’s branches in the Emirates of the State.
3. The FIU shall operate as national centre to receive STR’s and other information related to the Crime.

Section 2 Powers of the FIU

Article (41)
The FIU shall have the following powers:
1. Putting in place the FIU’s departments and internal regulations for approval by the Central Bank’s Board of Directors. The internal regulations shall include procedures to ensure the competency and integrity of its employees and the awareness of their responsibilities in dealing with confidential information.
2. Establishing a database or special register to hold any information it has available and securing this information by establishing rules that govern information security and confidentiality, including procedures for processing, storing, disseminating and setting procedures to ensure limited access to the FIU’s facilities, information and technical systems and to the review or disclosure of information, except by those authorised to do so.
3. Providing courses and programs to train and develop the employees working in it and any other authority, be it inside or outside the State.
4. Preparing studies, research and statistics related to the Crime, and following up on any studies, research or statistics conducted domestically or internationally in this regard.
5. Preparing annual reports about its Crime-combatting activities that include specifically general analysis of STRs and notifications received as well as activities and trends of the Crime, and preparing a brief of this report for dissemination purposes.

Article (42)
In the course of performing its duties as regards suspicious transaction reports, the Unit shall have competence to carry out the following:
1. Receive, study and analyse reports from Financial Institutions, Designated Non-Financial Businesses and Virtual Asset Service Providers according to the models approved thereby, and save the same in its database.
2. Request Financial Institutions, Designated Non-Financial Businesses, Virtual Asset Service Providers and the Competent Authorities to provide it with any additional information or documents relating to the reports and information it has received and other information it deems necessary for the performance of its functions, including information on customs reforms, on the date and the form specified by the Unit.
3. Analyse reports and information available thereto as follows:
  1. Conduct an operational analysis using available information and data that can be obtained to identify specific targets such as persons, money or criminal networks, track the course of specific activities or Operations, and identify linkages between these objectives, activities or Operations and the potential Proceeds of the Crime.
  2. Conduct a strategic analysis using available information and information that can be obtained, including data provided by the Competent Authorities, to identify the trends and patterns of the Crime.
4. Providing Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers with the results of the analysis of the information provided on the reports received by the Unit, in order to enhance the effectiveness of the implementation of procedures to confront crime and detect suspicious transactions.
5. Cooperating and coordinating with the Supervisory Authorities by referring the results of the analyzes they conduct related to the quality of the received reports, in order to ensure the compliance of Financial Institutions, Designated Non-Financial Businesses and Professions, and Virtual Asset Service Providers with the procedures for confronting crime.
6. Refer the data related to the reports and the results of the analysis it conducts and other relevant information to Law Enforcement Authorities, when there are sufficient grounds to suspect their connection with the Crime, so as to take the necessary action in their respect.
7. Provide judicial and Law Enforcement Authorities with Crime-related information and other information that they can be obtain from Financial Intelligence Units in other countries automatically or upon request.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
The FIU shall be responsible for carrying out its duties with regards to STRs as follows:
1. Receiving STRs relating to the Crime from Financial Institutions and DNFBPs on the FIU’s approved templates, then studying, analysing and storing them in its database.
2. Requesting Financial Institutions, DNFBPs, and Competent Authorities to provide any additional information and documents relating to the STRs and information received, and any other information that it might deem necessary to perform its duties, including information relating to customs’ disclosures, in the time and form specified by the FIU
3. Analysing available reports and information as follows:
  
  Operational analysis by using available and obtainable information, to identify specific targets, such as persons, funds, or criminal networks, track activities or specific Transactions, and determine the links between those targets, activities or transactions and potential proceeds of the Crime.
  
  Strategic analysis by using available and obtainable information, including data provided by Competent Authorities, to identify trends and patterns of the Crime.
4. Providing the Financial Institutions and DNFBPs with the analysis results of the information provided in the reports received by the FIU in order to enhance the effectiveness of the measures for combating the Crime and detecting STRs.
5. Cooperating and coordinating with the Supervisory Authorities by disseminating the outcomes of its own analysis, specifically with respect to the quality of STRs, to ensure the compliance of Financial Institutions and DNFBPs with the procedures for combating the Crime
6. Sending the data relating to the reports, the outcomes of its analyses and any other relevant data to Law Enforcement Authorities, when there are sufficient grounds to suspect its connection to the Crime, to take required actions in that regard.
7. Providing to judiciary authorities and Law Enforcement Authorities information related to the Crime and information it can obtain from foreign FIUs, spontaneously or upon request.

Article (43)
The FIU shall be responsible for carrying out its duties at the international level as follows:
1. Exchanging information with its FIU counterparts in other countries on STRs or any other information the FIU has the power to obtain or access, whether directly or indirectly, as per the international agreements to which the State is a party or any memorandums of understanding the FIU has entered into with FIU counterparts to regulate its cooperation with them or on the condition of reciprocity.
2. Reporting to its FIU counterparts the outcomes of using the submitted information and analysis conducted based on that information.
3. The information specified in Clauses (1) and (2) of this Article may not be used except for Crime-combatting purposes and may not be disclosed to any third party without the FIU’s approval.
4. Following up on the developments relating to Money Laundering and Terrorism Financing crimes through the relevant regional and international organisations and bodies and participating in related meetings.
5. Following up with the requirements of the Egmont Group, as well as participating and attending its meetings as a member of the group.

Chapter 5 Supervisory Authorities

Section 1 The Supervisory Authority for Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers
This title has been amended by Cabinet Resolution No. (24) of 2022.

Article (44)
The Regulatory Authorities of Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers, each according to its competence, shall undertake the tasks of supervision, control and follow-up to ensure compliance with the provisions stipulated in the Decree-Law, this Resolution, the supervisory decisions and any other relevant decisions. They shall also be concerned with the following:
1. The identification, evaluation and updating of the potential risk of the crime in legal persons, including Financial Institutions, Designated Non-Financial Businesses and Professions, virtual assets activities and Virtual Asset Service Providers activities.
2. The application of a risk-based approach to ensure that the money laundering and terrorist financing prevention or mitigation measures are commensurate with the identified risks.
3. The development of instructions, systems and models to counter crime for those under its control when necessary.
4. The development of the policies, procedures and controls necessary to verify the compliance of those under its control with the provisions of the Decree-Law, this resolution and any other legislation related to confronting crime in the state, and requesting information related to the implementation of this commitment.
5. The development of merit and eligibility regulations, rules and standards and applying them to anyone who seeks to own, control, participate in the management or operation of Financial Institutions, Designated Non-Financial Business or Professions or virtual assets services providers, directly or indirectly, or who is the beneficial owner thereof.
6. Office and field supervision and inspection of Financial Institutions, Designated Non-Financial Businesses and Professions, and Virtual Asset Service Providers on the basis of a risk-based approach.
7. Determining the periodicity of the supervision and inspection of Financial Institutions, financial groups, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers based on the following:
  1. National Risk Assessment
  2. The distinctive features of Financial Institutions, financial groups, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers, in terms of their diversity, size and degree of freedom of disposal granted to them according to the risk-based approach.
  3. Crime risks and understanding them and the policies, internal controls and procedures applied by Financial Institutions, financial groups, Designated Non-Financial businesses or Professions or Virtual Asset Service Providers, as defined in the Supervisory Authority's assessment of their respective risk structure.
8. Taking all necessary measures to ensure full compliance with the Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers by implementing the Security Council resolutions relating to the prevention and suppression of terrorism and its financing and the prevention, suppression and cessation of the proliferation of weapons of mass destruction (WMD) and their financing. This is in addition to other relevant resolutions, through field visits and continuous follow-up, and imposing appropriate administrative penalties when violating or failing to apply the instructions.
9. Verifying that the establishments under its control adopt and apply the controls, procedures and measures prescribed in accordance with the provisions of the Decree-Law and this resolution, and implementing them in its foreign branches and subsidiaries in which it owns the majority share to the extent permitted by the regulations of the state in which these branches and companies are located.
10. Verify the extent to which the Financial Institutions subject to the international basic principles of financial control are subject to regulation and control in accordance with those principles. Such principles shall include the application of consolidated control at the level of the financial group for AML/CFT purposes. This is in addition to ascertain the extent to which they are subject to regulation, control or follow-up, with regard to other Financial Institutions, in accordance with the degree of ML/FT risks.
11. Reviewing the assessment of the Establishment and the financial group of the crime risk structure, including the risk of non-compliance, periodically or when there are significant developments in the management of the Establishment or the financial group and its operations.
12. Establishing adequate controls and procedures to ensure that Financial Institutions, Designated Non-Financial Businesses and Professions, and Virtual Asset Service Providers are informed of the Committee's decisions related to the following:
  1. Enhanced due diligence and countermeasures identified by the Committee.
  2. Any concerns related to weaknesses in AML/CFT systems in other countries.
  3. Any other resolutions issued by the Committee.
13. Providing those under its control with guidance and feedback to enhance the effectiveness of its implementation of anti-crime measures.
14. Maintaining an updated list of the names and data of compliance officials of the establishments under its control and informing the unit of it. In addition, it has the right to oblige those establishments to obtain its prior approval before appointing compliance officials.
15. Organizing awareness programs and campaigns on anti-crime.
16. Issuing decisions to impose administrative sanctions in accordance with the provisions of the Decree-Law, this Resolution, the supervisory decisions and any other relevant decisions and the mechanism of filing complaints against them.
17. Keeping statistics on the measures taken and the sanctions imposed.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
The Supervisory Authorities, each in accordance with its specialisations, shall assume the functions of supervision, monitoring and follow-up to ensure compliance with the provisions of the Decretal-Law and this Decision and shall be specialised in the following:
1. Conducting a risk assessment for any potential occurrence of the Crime in legal persons, including Financial Institutions and DNFBPs.
2. Putting in place the Crime-Combating regulations, instructions and forms for the entities subject to their supervision, when necessary.
3. Putting in place the required procedures and controls to assess the compliance of supervised institutions with the provisions of the Decretal-Law and this Decision and any other legislation related to combating the Crime in the State, as well as to request the information relating to such compliance.
4. Setting and applying the regulations, controls, standards of merit to anyone who seeks to acquire, control, participate in management or operation, whether directly or indirectly, or to be the beneficiary of Financial Institutions and DNFBPs.
5. Conducting onsite and offsite supervision and inspections over Financial Institutions and DNFBPs.
6. Determining the frequency of supervision and inspection over Financial Institutions, Financial Groups, and DNFBPs based on the following:
  
  National Risk Assessment
  
  Distinctive characteristics of Financial Institutions, Financial Groups and DNFBPs in terms of their diversities, numbers and the degree of discretion provided to them under the risk-based approach.
  
  Risks of the Crime as well as internal policies, controls and procedures associated with Financial Institutions, Financial Groups, or DNFBPs as identified by the Supervisory Authority’s assessment of each’s risk profile.
7. Undertaking all measures to ensure full compliance of the Financial Institutions and DNFBPs in implementing Security Council Resolutions relating to the prevention and suppression of terrorism and Terrorism Financing, and the prevention and suppression of the proliferation of weapons of mass destruction and its financing, and other related decisions, by conducting onsite visits and on-going monitoring, and imposing appropriate administrative sanctions when there is a violation or shortcoming in implementing the instructions.
8. Ensuring that the prescribed measures are adopted by the supervised institutions in accordance with the provisions of the Decretal-Law and this Decision, and that these measures are implemented in their foreign branches and majority-owned subsidiaries to the extent permitted by the laws of the country, where those branches and subsidiaries exist.
9. Periodically reviewing the assessment of the Crime risk profile of a Financial Institution and Financial Group (including the risks of non-compliance), and when there are major events or developments in the management and operations of the Financial Institution or Group.
10. Ensuring the compliance of Financial Institutions and DNFBPs subject to their supervision in implementing enhanced CDD measures on Customers and ongoing monitoring of the business relationship related to High-Risk Countries.
11. Providing Financial Institutions and DNFBPs with guidelines and feedback to enhance the effectiveness of implementation of the Crime-combatting measures.
12. Maintaining an up-to-date list of the names and data of compliance officers of the institutions under their Supervision, and notifying the FIU thereof; and requiring those institutions to obtain their prior consent before appointing their compliance officers.
13. Conducting programs and outreach campaigns on combating the Crime.
14. Issuing decisions of imposing administrative sanctions in accordance with the provisions of the Decretal-Law and the present Decision, and the mechanism for submitting relevant grievance.
15. Maintaining statistics about the measures taken and sanctions imposed.

Section 2 Supervisory Authority for Non-Profit Organisations

Article (45)
The Competent Supervisory Authority for NPOs shall commit to the following:
1. Obtaining, in a timely manner, all information available with all Competent Authorities regarding NPO activities for the purpose of determining the size, features and types of NPOs, and identifying the threats posed against them by terrorism organisations, and the extent to which they are exposed to the risk of being misused for supporting Financing of Terrorism and Financing of Illegal Organisations, and then taking all appropriate and effective measures to combat these identified risks and reviewing them on a periodic basis to ensure their adequacy.
2. Reviewing the relevance and adequacy of legislation relating to NPOs to stop their misuse for supporting the Financing of Terrorism and of Illegal Organisations, and working to improve them when necessary.
3. Periodically reassessing NPOs by reviewing updated information on their potential vulnerabilities, which may be exploited in support of Financing of Terrorism.
4. Promoting and conducting awareness outreach and educational programs in order to raise awareness of NPOs and their donators on their potential vulnerabilities, which may expose them to risks of being misused for supporting and financing of Terrorism, and measures that can be taken by NPOs to protect themselves from such risks.
5. Supervising and monitoring NPOs using a risk-based approach to prevent their misuse in the Support and Financing of Terrorism and ensure compliance with their requirements.
6. Cooperating, coordinating and exchanging information at the local level with Competent Authorities that hold relevant information on NPOs.
7. Possessing experience in the field of investigations and the ability to examine NPOs that are suspected of being misused for supporting and financing of terrorism.
8. Fully reviewing the information relating to the administration and management of any NPO, including financial information and information relating to its programs.
9. Establishing mechanisms to ensure the prompt exchange of information with Competent Authorities for the purpose of taking preventive measures or investigative action when there is suspicion or reasonable grounds to suspect that the NPO is:
  1. A front for the raising of funds on behalf of a terrorist organisation.
  2. Being exploited as a conduit for the Financing of Terrorism or for the evasion of asset freezing measures or any other form of terrorism support.
  3. Concealing or disguising the flow of funds intended for legitimate purposes, but redirected for the benefit of terrorists or terrorist organisations.
10. Determining the appropriate points of contact and procedures required to respond to international requests for information regarding NPOs suspected of Financing of Terrorism or is being exploited for the Financing of Terrorism or other forms of terrorism support.

Chapter 6 Provisional Measures and Investigative Procedures

Section 1 Provisional Measures

Article (46)
1. The Governor, or whoever is acting in his place, shall order the Freezing of funds, which are suspected to be linked to the Crime, with Financial Institutions licensed by the Central Bank for a period of no more than (7) seven working days, in the case of the FIU’s requests based on its analysis of STRs and other information received.
2. The FIU shall, in the event of taking the decision mentioned in Clause (1) of this Article, do the following:
  1. Notify the concerned Financial Institution to perform the Freezing order without prior notice to the owner of the funds.
  2. Notify the public prosecutor, in case the Governor requests extending the Freezing order, including the justifications of such extension.
3. The FIU, after presenting to the Governor, shall notify the concerned Financial Institution of the cancelation of the Freezing order in case the public prosecutor refuses the extension or after expiry of the period specified in Clause (1) of this Article without receiving a response from the public prosecutor
4. The Financial Institution, which holds the frozen funds, shall notify the owner of the frozen funds of the Freezing order and its sources, and shall request the owner to provide the required documents that prove the legitimacy of the source of these funds and refer these documents to the FIU to take the required actions.
5. The Governor shall submit a proposal to the public prosecutor to cancel the extension of the Freezing order once there are no grounds to such freeze in order for the public prosecutor to take actions as he deems appropriate.
6. The fund freezing orders shall not be executed by Financial Institutions licensed by the Central Bank unless they are issued by it.

Article (47)
1. The Public Prosecution and the competent court shall, as the case may be, order the identification, tracing, and valuation of the Funds, Proceeds and Means under suspicion, or their equivalent value, or order their Seizing or Freezing, if they were the result of or linked to the Crime, and that is without prior notice to the owner, and shall issue a travel ban for the owner until the completion of the investigation or trial.
2. The Public Prosecution or the competent court shall, as the case may be and when deemed necessary, take decisions to prevent the dealing with or disposing of such Funds, Proceeds or Means, and take the necessary measures to prevent any action intended to evade the Freezing and Seizing order issued in that regard, without violating the rights of bona fide third parties.
3. Any interested party shall have the right to contest the public prosecution’s Freezing or Seizing decision before the competent court of first instance, which is located within the jurisdiction of the order public, or the competent court specialised in criminal claims.
4. The contest shall be submitted as a report to the competent court. The president of the court shall, then, schedule a hearing session with the knowledge of the defendant, and the public prosecution shall be required to lodge a memorandum with its opinion on the defendant’s grievance. The court then issues its final decision within a period of no more than 14 working days as of the date of submission of the appeal.
5. The decision to dismiss the contest request is not subject to appeal; if the contest was rejected, it is not permissible to lodge a new contest except after a duration of three months from the date of rejecting the contest, unless a serious reason occurs before the period passes.

Article (48)
The public prosecution and the competent court shall, as the case may be, appoint whomever they deem suitable to manage the seized and frozen Funds, Proceeds and Means or those subject to Confiscation, and permit them to dispose or sell the Funds, Proceeds and Means in public auction, even before the issuance of the verdict, if necessary, if they are concerned about their depreciation or devaluation over time. The amount of the sale shall be deposited in the State’s treasury in the event of a final verdict of conviction. Such funds shall remain within the limits of their value for any rights legitimately determined to any bona fide third parties.

Section 2 Investigation Procedures

Article (49)
1. The public prosecution and Law Enforcement Authorities shall, when launching an investigation and collecting evidence for a Predicate Offense, when necessary, take into consideration the extent to which the financial aspects of the criminal activity are connected with Money Laundering, Financing of Terrorism, or the Financing of Illegal Organisations, in order to determine the scope of the crime, identify and track proceeds and any other funds that may be subject to confiscation and strengthen evidence of the crime.
2. The public prosecution shall request the opinion of the FIU on the notifications received in relation to Money Laundering, Financing of Terrorism or Financing of Illegal Organisations cases.
3. Law Enforcement Authorities shall be responsible for receiving, and following up on, the results of STR analysis from the FIU and for gathering the related evidence.
4. The public prosecution and Law Enforcement Authorities shall promptly identify, trace and seize Funds, Proceeds and Means that might be subject to Confiscation and linked to the Crime.
5. Law Enforcement Authorities shall obtain the information directly from Competent Authorities, even if it is subject to banking secrecy or professional confidentiality, as they deem fit so they can perform their duties in detecting the Crime or its perpetrator(s) and collecting evidence about them, and the authority, who is the recipient of the information request, shall execute the request without delay.

Chapter 7 International Cooperation

Section 1 General Provisions for International Cooperation

Article (50)
Competent Authorities, for the purpose of implementation of International Cooperation requests on the Crime, to conclude, negotiate and sign agreements in a timely manner with foreign counterpart authorities, in a manner that does not contradict the legislation in force in the State

Article (51)
The Competent Authorities shall give priority to all requests for international cooperation in criminal matters, particularly those related to the Crime and implement them expeditiously through clear and secure mechanisms and channels. The confidentiality of the information received, subject-matter of such request, shall be observed if so stipulated in the request. Should it be impossible to observe confidentiality, the requesting authority shall be notified thereof.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}

Competent authorities shall give priority to all International cooperation requests related to the Crime and implement them expeditiously through clear and secure mechanisms and channels. The confidentiality of the information received shall be subject to the request, if required. If the confidentiality of the information cannot be kept, then the requesting authority shall be informed of the matter.

Article (52)
Within the scope of the implementation of the provisions of the Decree-Law and this Resolution, a request for international cooperation should not be refused on the basis of any of the following:
1. The crime includes financial, tax or customs matters.
2. Binding confidentiality provisions for Financial Institutions, Designated Non-Financial Businesses and Professions and Virtual Asset Service Providers in a manner that does not violate the legislation in force in the country, unless the relevant information has been obtained in the circumstances in which legal professional privileges or professional confidentiality apply.
3. The crime is political or related thereto.
4. The request relates to a crime under inquiry or judicial investigation in the state, unless the request will hinder such inquiry or investigations.
5. The act on which the request is based does not constitute an offence in the State or has no common features to an offence provided for therein, unless it includes compulsory measures, or pursuant to the legislation in force in the State.
6. The criminal act in the State is listed under a different name or description or its elements differ in the requesting State.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
Within the scope of implementing the provisions of the Decretal-Law and this Decision, an International Cooperation request regarding the Crime shall not be rejected on the basis of any of the following:
1. The crime involves financial, tax or customs matters.
2. Secrecy provisions are binding upon Financial Institutions and DNFBPs, providing that they do not violate the applicable laws in the State, unless the relevant information was obtained under the circumstances where professional legal privileges or professional secrecy apply.
3. The crime is political or related to a political crime.
4. The request is connected with a crime subject of an ongoing investigation or prosecution in the State, unless the request impedes the investigation or the prosecution.
5. The act, on which the assistance is based, does not constitute a crime in the State, or the act does not have similar attributes to a crime set out in the State, unless it involves constraining, coercive measures or its in accordance with the applicable laws in the State.
6. The criminal act in the State is listed under a different name or description or that its structure varies from that of the requesting country.

Section 2 Exchange of Information between Competent Authorities and Counterparts

Article (53)
In accordance with the legislation and agreements in force in the State or on the condition of reciprocity, the competent authorities shall:
1. Execute requests received from any foreign entity and exchange information on the Crime at the appropriate speed with foreign counterparts, and obtain any other requested information on its behalf, even if such requests change in nature, whether spontaneously or upon request.
2. Provide feedback to foreign counterparts on the use of the information obtained and the extent to which it was beneficial, if requested to do so.
3. Obtain a declaration or undertaking from the foreign counterpart that international cooperation information will only be used for the intended purpose, unless prior approval has been obtained.
4. Use international cooperation information obtained for the intended purpose, unless the foreign counterpart grants its approval for use for another purpose.
5. Refuse to provide information in the event that it is not effectively protected by the foreign counterpart requesting international cooperation.

Article (54)
1. The Competent Authorities commit to provide the means for international cooperation with respect to the basic information and Beneficial Owners of companies and legal arrangements, whereby such cooperation shall include the following:
  1. Facilitating the access of foreign competent authorities to basic information held by the registries of companies and legal arrangements;
  2. Exchanging information on legal arrangements and the shareholders in companies;
  3. Using their powers to obtain all the information on Beneficial Owners on behalf of foreign counterparts.
2. The Competent Authorities shall supervise the implementation quality for the international cooperation requests received from other countries in relation to basic company information and Beneficial Ownership for companies and legal arrangements, as well as the requests for international cooperation relating to determining the location of the Beneficial Owner from companies abroad.

Article (55)
In accordance with the legislation in force in the State, and the provisions of the agreements to which they are a party, and on the condition of reciprocity, the Supervisory Authorities of the Financial Institutions shall:
1. Exchange information relating to the appropriate Crime that it maintains and which is available to it directly or indirectly, with foreign counterparts, regardless of their nature, and consistent with the relevant international financial control principles relevant to anti money-laundering and combating the financing of terrorism applicable to each of them, including information on:
  1. The regulatory framework of the financial sectors and the general information related to them.
  2. Preventive financial control measures such as information related to the activities and works of financial institutions, their real beneficiaries, their management, and information of merit and eligibility.
  3. Internal policies of financial institutions in the field of combatting the Crime, CDD information of Customers, and of information related to accounts and transactions.
2. Obtaining prior approval of the foreign supervisory authority, where the information is required for transmission or use, other than for the intended purpose, and to informing it of the matter in the event of disclosure of such information whenever it is the result of a legal obligation.
3. Requesting or facilitating access to information on behalf of the foreign supervisory authority, for the purposes of enhancing supervision on the financial group.

Article (56)
Without prejudice to the provisions of the treaties and conventions to which the State is a party and subject to reciprocity; and without prejudice to the legislation in force in the State, Law Enforcement Authorities, in coordination with the Competent Authority, may:
1. Exchange information held by it, either directly or indirectly, with foreign counterparts for purposes of investigation or collection of inferences relating to Crime, identification and tracking of proceeds and intermediaries.
2. Use the powers conferred upon it in accordance with the legislation in force in the State to conduct investigations and obtain information on behalf of the foreign counterpart, and coordinate the formation of bilateral or multilateral teams to conduct joint investigations.

Section 3 International Legal Assistance

Article (57)
The competent judicial authority may, at the request of a judicial authority in another State with which the State has a convention in force, or on the condition of reciprocity in acts punishable in accordance with the legislation in force in the State, provide judicial assistance in investigations, trials or procedures related to the offence. Moreover, it may order the following:
1. The identification, freezing, seizure or confiscation of funds, proceeds or means resulting from the offence used or attempted to be used in it or its equivalent. As well, if the accused is unknown, refuses his/ her criminal responsibility or in case of the expiry of the penal case, this does not prevent taking these procedures.
2. Any other measures that can be applied in accordance with the legislation in force in the country, including providing records kept by Financial Institutions, designated non-financial businesses or professions, Virtual Asset Service Providers or non-profit organizations. Such measures also include inspecting persons and buildings, collecting witness statements, obtaining evidence, and using investigation techniques such as undercover operations, interception of communications, electronic data and information collection, and controlled delivery.
3. Extradition and recovery of persons and objects related to the crime in accordance with the legislation in force in the State.
_{This article has been amended by}_{Cabinet Resolution No. (24) of 2022}_{. You are viewing the latest version. To view the previous version, click the version box below}.
Version 1_{(effective from 10/02/2019 to 01/04/2022)}
Upon request from another judiciary authority in another country, with whom there is a valid agreement in place with the State, or on the basis of reciprocity concerning any acts that are punishable as per the applicable laws in the State, the competent judiciary authority shall provide legal assistance in investigations, trials or measures linked to the Crime and it shall order the following:
1. Locating, Freezing, Seizing or Confiscation of Funds, Proceeds or Means that have been used, or intended for use in the Crime, or their equivalent. The death or anonymity of the suspect shall not prevent undertaking such measures.
2. Any other measures applicable in accordance with the enforceable laws in the State, including the provision of records maintained by Financial Institutions, DNFBPs or NPOs, the search of persons and buildings, gathering statements from witnesses, collecting evidence, using investigative methods such as Undercover Operations, wiretapping, communications, obtaining electronic data and information and Controlled Delivery.
3. Extradition and repatriation of persons and things related to the Crime in accordance with the laws applicable in the State.

Article (58)
It is permitted to recognise any judgement or judicial order that provides for the confiscation of Funds, Proceeds or Means relating to Money Laundering, the Financing of Terrorism or the Financing of Illegal Organisations issued by a competent court or judiciary authority in another country, with whom there is an attested agreement in place with the State.

Article (59)
Taking into consideration the applicable laws in the State, the implementation of the judgement or judicial order mentioned in Article (58) of the present Decision shall not contradict a judgment or order previously issued by a court in the State, there shall not be an ongoing charge in the State regarding the same judgment issued from the requesting country, and the request shall also include the following documents and information:
1. An attested copy of the judgment or judicial order for Confiscation along with the law on which it is based, and a statement of the reasons for issuing the confiscation order, if not mentioned in the judgment or the order itself.
1. A statement establishing that the sentenced person has been duly summoned and represented, and has been able to defend himself.
2. A document confirming that the judgement or judicial order is enforceable and not subject to appeal through ordinary methods.
3. Description of the Funds, Proceeds and Means for Confiscation, their estimated value, their potential location and information regarding any persons who might be holding or possessing these funds.
4. Statement of the amount to be repatriated from the funds for Confiscation.
5. Any information relating to third party rights on the Funds, Proceeds or Means.
6. Statement of the procedures undertaken in the requesting country to protect bona fide third parties.

Section 4 Implementation of the Security Council Resolutions

Article (60)
Every natural or legal person shall immediately comply with the instructions issued by the Competent Authorities in the State concerning the implementation of the resolutions issued by UN Security Council under Chapter VII of the Charter of the United Nations regarding the prevention and suppression of terrorism and Terrorism Financing, and the prevention and suppression of the proliferation of Weapons of Mass Destruction and its financing, and any other related decisions.

Chapter 8 Final Provisions

Article (61)
Any provision that contradicts or violates the provisions of the present Decision shall be considered void.

Article (62)
The present Decision shall come into force as of the date of its issuance and shall be published in the Official Gazette.