| 16.4.1 | The Licensed Person must appoint a Compliance Officer who must be given the specific responsibility of managing its AML/CFT compliance function;
|
| 16.4.2 | The Compliance Officer of the Licensed Person must:
| a) | be a member of Senior Management; | | b) | report directly to the Board of Directors (or to the Owner/Partners where there is no Board of Directors); | | c) | be provided with sufficient resources including time, systems, tools and support staff depending on the nature, size and complexity of its business; and | | d) | be provided with unrestricted access to all information related to products or services, business partners, correspondent agents, remittance partners, customers and transactions.
|
|
| 16.4.3 | The following are some of the major responsibilities of the Compliance Officer (not exhaustive):
| a) | Design an appropriate AML/CFT Program for the Licensed Person to remain compliant with applicable AML/CFT Laws, Regulations, Notices, the Standards and international best practice at all times; | | b) | Develop, or oversee the development of, the institution’s AML/CFT risk assessment; | | c) | Establish and maintain appropriate AML/CFT policies, procedures, processes and controls; | | d) | Ensure day-to-day compliance of the business against internal AML/CFT policies and procedures; | | e) | Act as the key contact point regarding all AML/CFT related matters/queries from the Central Bank, FIU, and any other competent authorities; | | f) | Receive suspicious transaction or activity alerts from employees and analyze them to take appropriate decisions to report all suspicious cases to the FIU; | | g) | On-going monitoring of transactions to identify high-risk, unusual and suspicious customers/transactions, and ensuring that transaction monitoring systems are appropriate and functioning as designed; | | h) | Submit Suspicious Transaction Reports (STR), Suspicious Activity Reports (SAR) or other report types without any delay to the FIU ; | | i) | Cooperate with and provide the FIU with all information it requires for fulfilling their obligations; | | j) | Develop and execute AML/CFT training programs considering all relevant risks of ML/FT and financing illicit organizations including the ways/means for addressing them; | | k) | Provide necessary reports to the Board of Directors (or to the Owner/Partners where there is no Board of Directors) on all AML/CFT issues, on a quarterly basis at a minimum; | | l) | Arrange to retain all necessary supporting documents for transactions, KYC, monitoring, Suspicious Transaction Reporting and AML training for the minimum period for record retention as per Paragraph 16.29 of this Chapter; | | m) | Conduct regular gap analysis between the Licensed Person’s existing AML/CFT Procedures and the most current Laws, Regulations, Notices and the Standards of the UAE in order to determine the extent of the Licensed Person’s level of compliance; | | n) | Propose actions required to address gaps, if any; and | | o) | Prepare Bi-Annual Compliance Reports in accordance with Paragraph 16.30 of this Chapter.
|
|
| 16.4.4 | The Compliance Officer must have the following qualifications and experience at a minimum:
| a) | If the Licensed Person is in possession of a Category A License:
| • | A minimum of three (3) years of experience in AML/CFT compliance, audit or risk management within any financial institution(s).
|
| | b) | If the Licensed Person is in possession of either a Category B or Category C License:
| • | A minimum of eight (8) years of experience in AML/CFT compliance, audit or risk management within any financial institution(s); or | | • | A minimum of five (5) years of experience in AML/CFT compliance, audit or risk management within any financial institution(s) and possess a specific certification related to AML/CFT compliance.
|
| | c) | Examples of specific certifications related to AML/CFT compliance includes ACFCS, CFE, ICA Diplomas, CAMS or any other certification associated with financial crime control or AML/CFT compliance which is acceptable to the Central Bank; and
| | d) | The Compliance Officer, in all above cases, must possess sound knowledge of all applicable AML/CFT Laws, Regulations, Notices, the Standards and other relevant international best practices.
|
|
| 16.4.5 | Employment Type and Residential Status of the Compliance Officer:
| a) | The Compliance Officer must be a full time employee of the Licensed Person; | | b) | The Compliance Officer must not engage in any part time employment or act as a consultant outside the business of the Licensed Person; | | c) | The Compliance Officer must be a resident in the UAE; and | | d) | A foreign national must be under the employment visa of the Licensed Person when employed as a Compliance Officer.
|
|
| 16.4.6 | Conflict of Interest in Multiple Roles:
|
| | The role of Compliance Officer must not be combined with any other functions of the Licensed Person and must be limited to tasks related to AML/CFT compliance.
|
| 16.4.7 | Reporting Lines and Independence:
| a) | The Compliance Officer must directly report to the Board of Directors (or to the Owner/Partners where there is no Board of Directors); and
| | b) | The Compliance Officer must have authority to act without any interference from the Manager in Charge or other employees of the Licensed Person.
|
|
| 16.4.8 | Prior Approval for Appointment:
| a) | A Letter of No Objection must be obtained for appointing a Compliance Officer by submitting the following documents to the Banking Supervision Department via email to smp@cbuae.gov.ae (with copy to info.ehs@cbuae.gov.ae and amlcft@cbuae.gov.ae):
| • | Letter from the authorized signatory of the Licensed Person seeking the Letter of No Objection from the Central Bank; and
| | • | Undertaking letter from an authorized signatory of the Licensed Person confirming the binding commitment of the Compliance Officer and the Licensed Person to comply with Paragraphs 16.4.5, 16.4.6 and 16.4.7 of this Chapter.
|
| | b) | The duly completed Authorised Person’s Appointment Form (“APA Form”, Refer to Appendix 5 for this Form) along with all other required supporting documents must be sent to smp@cbuae.gov.ae (with copy to info.ehs@cbuae.gov.ae and amlcft@cbuae.gov.ae);
| | c) | Central Bank shall conduct a fit and proper test on the proposed Compliance Officer of the Licensed Person.The Central Bank reserves the right to:
| • | interview the proposed Compliance Officer as part of the fit and proper test, if it deems it necessary; and
| | • | issue or decline the approval for the proposed Compliance Officer.
|
| | d) | In case the prior approval request is rejected by the Central Bank, the Licensed Person must propose a new Compliance Officer within the timeline provided by the Central Bank in the Letter of Rejection. If a specific timeline is not provided in the Letter of Rejection, then the Licensed Person must propose a new Compliance Officer within a period of ninety (90) calendar days from the date of Letter of Rejection; and
| | e) | Once the Compliance Officer has formally commenced employment, details of the Compliance Officer must be provided to the Banking Supervision Department and the AML/CFT Supervision Department of the Central Bank via email respectively to smp@cbuae.gov.ae (with copy to info.ehs@cbuae.gov.ae) and amlcft@cbuae.gov.ae. The notification must be made within two working days from the date the Compliance Officer commences employment.
|
|
| 16.4.9 | Resignation of the Compliance Officer and Notification to the Central Bank:
| a) | The Licensed Person must notify the Banking Supervision Department and the AML/CFT Supervision Department, within five (5) working days of the date of resignation of the Compliance Officer or the date upon which the position becomes vacant in any other manner with reasons thereof via email respectively to info.ehs@cbuae.gov.ae and amlcft@cbuae.gov.ae;
| | b) | The Licensed Person must propose a permanent replacement, within a period of ninety (90) calendar days from the date when the position of the Compliance Officer falls vacant, by submitting a request of No Objection to the Banking Supervision Department (Refer to Paragraph 16.4.8 of this Chapter for more information); and
| | c) | The Alternate Compliance Officer must be available to ensure the continuity of the AML/CFT compliance function during the period when the Compliance Officer’s position is vacant.
|
|
| 16.4.10 | Outsourcing of Compliance Function:
|
| | The Licensed Person must not outsource the role of the Compliance Officer nor the entire compliance function under any circumstances. However, the Licensed Person is permitted, under certain circumstances, to outsource some specific AML compliance tasks after obtaining the Letter of No Objection from the Banking Supervision Department. Please refer to Paragraph 9.1.2 (a) of Chapter 9.
|
| 16.4.11 | Removal of the Compliance Officer:
| a) | The Central Bank reserves the right to remove the Compliance Officer of a Licensed Person at its sole discretion; | | b) | The Licensed Person, in such cases, must comply with Paragraph 16.4.9 (b) of this Chapter; and | | c) | The Central Bank reserves the right to communicate or not to communicate reasons to the Licensed Person for its decision to remove the Compliance Officer.
|
|