Annex 5. Synopsis of the Guidance
Effective from 3/8/2022| Introduction | Purpose | The purpose of the Guidance is to assist the understanding and effective performance by the United Arab Emirates Central Bank's (CBUAE) licensed financial institutions (LFIs) of their statutory obligations under the legal and regulatory framework in force in the UAE. |
| Applicability | This guidance applies to all natural and legal persons, which are licensed and/or supervised by CBUAE, in the following categories: •National banks, branches of foreign banks, exchange houses, finance companies, payment service providers, registered hawala providers and other LFIs; and •Insurance companies, agencies, and brokers. | |
| Legal Basis | The legal basis of STR reporting is based on the (i) Federal Decree-Law No. (20) of 2018 on Anti-Money Laundering (AML) and Combatting the Financing of Terrorism (CFT) and Financing Illegal Organisations and Federal Decree law No. (26) of 2021 To amend certain provisions of Federal Decree-law No. (20) of 2018, on anti-money laundering and combating the financing of terrorism and financing of illegal organisations; (ii) Cabinet Decision No. (10) of 2019 Concerning the Implementing Regulation for Decree-Law No. (20) of 2018 on AML and CFT and Financing of Illegal Organisations; and (iii) Cabinet Decision No. (74) of 2020 Regarding Terrorism Lists Regulation and Implementation of UN Security Council Resolutions on the Suppression and Combating of Terrorism, Terrorist Financing, Countering the Proliferation of Weapons of Mass Destruction and its Financing and Relevant Resolution. The legal basis addresses (i) the consequences for failure to disclose suspicious activity, (ii) protection for individuals disclosing suspicious activity, and (iii) the meaning of suspicious transactions. | |
| Identification of Suspicious Transactions | Role of the First Line of Defense | The first line of defense plays a critical role in the management of customer and third-party risk and the timely escalation of potentially suspicious activity. The first line of defense is well-placed to identify suspicious transactions and assess that information once deemed reasonable—collected through interactions with a customer—now appears suspicious. Employees within the first line of defense include relationship managers, business executives, and back-office operations functions. |
| Role of the Second Line of Defense | The second line of defense (e.g., compliance employees) provides policy, advice, guidance, assurance, oversight, and challenge to the first line of defense. While employees in Financial Crime Operations Units (possibly in the first line of defense) can investigate suspicious transactions and document the resultant investigation, the ultimate filing of the STR or SAR should be made by the Compliance Officer or the money laundering reporting officer (MLRO) (in the second line of defense). The second line of defense is charged with overseeing the investigations programme. | |
| Role of the Third Line of Defense | The third line of defense identifies gaps, deficiencies, and weaknesses in operational controls owned or overseen by an LFI’s business, operations, and compliance functions. | |
| Purpose of Transaction Monitoring | The purpose of transaction monitoring is the ongoing, retrospective monitoring of customers’ and prospective customers’ transactions or activity to identify activity anomalous from normal behavior. This may, on further investigation, generate knowledge or reasonable suspicion of financial crime and thereby require reporting to the appropriate law enforcement and/or regulatory authority as an STR, SAR, or equivalent local report in line with AML/CFT regulatory and/or UAE FIU reporting requirements. | |
| Internal Organization | An LFI’s internal organization is important to appropriately identify unusual or potentially suspicious activity. Internal organization comprises an LFI’s governance and management oversight; policies and procedures; clear lines of responsibility and reporting; and ongoing training to account for changes in the UAE’s legislative and regulatory frameworks. There are also specific considerations for institutions with foreign branches and subsidiaries. | |
| Transaction Monitoring Methods | A transaction monitoring program should take into account the AML/CFT risks of the LFI’s customers, prospective customers, counterparties, businesses, products, services, delivery channels, and geographic markets in addition to helping prioritize high-risk alerts. Monitoring systems typically include employee identification or referrals, transaction-based (manual) systems, surveillance (automated) systems, or a combination of these, including an intelligence-led transaction monitoring approach. | |
| Procedures for the Reporting of Suspicious Transactions | Importance of Filing an STR or SAR | Information generated from an STR, SAR, and other report type is important for law enforcement and the FIU to effectively identify and combat financial crime. Specifically, the quality of STRs, SARs, and other report types is imperative for increasing the FIU’s analytical function to identify vulnerabilities and threats to the UAE financial system and develop an overall understanding of money laundering and the financing of terrorism and illegal organisations risks |
| Basic Structure of an STR or SAR | Different report types can be filed in the FIU’s “goAML” portal (i.e., STR, SAR, AIF, AIFT, RFI, RFIT, HRC, HRCA). In addition, an LFI should divide a narrative into three sections (introduction, body, and conclusion). | |
| Best Practices for Drafting an STR or SAR | A narrative should identify and answer the five questions – who? what? when? where? and why? – of the suspicious activity being reported to the FIU in addition to the operation/modus operandi (or how?). The Guidance also addresses how defensive STR or SAR filings are generally discouraged. | |
| How to Submit an STR or SAR | LFIs are required to submit suspicious transaction and activity reports directly to the FIU using the “goAML” portal. There are certain mandatory fields that an LFI should populate when submitting a report in the goAML portal in addition to providing certain supplemental documents. | |
| Amendments to Submitted Reports | Once a report is submitted and accepted in the goAML system, changes cannot be applied, including amendments for missing or incorrect information. However, LFIs may file a corresponding AIF, AIFT, RFI, or RFIT. | |
| Timing of Alert Reviews and STR Filings | Alert Review, Case Investigation, and STR/SAR Decision Making and Filing | In the absence of escalation for expedited review, LFIs are expected to file an STR/SAR within a maximum of 35 business days from the date of automated alert generation. The establishment of adequate grounds of suspicion may involve the investigation procedures as per the LFIs' AML and/or Financial Crime Compliance policies and procedures. LFIs are expected to complete the required investigative procedures as expeditiously as possible. LFIs must maintain adequately detailed records of investigative procedures performed against alerts and when filing an STR/SAR, must include a summary justifying the time taken to establish grounds of suspicion. In the event of escalation for expedited review, the Compliance Officer or MLRO should file an STR or SAR to the FIU within 24 hours of the determination. All prospective STRs or SARs should be reviewed for accuracy and completeness prior to filing, in accordance with applicable procedures. |
| Monitoring and Reporting of Continuing Suspicious Activity | Upon filing an STR/SAR pertaining to an account holder, LFIs are expected to implement enhanced monitoring on such account holders. In the case of continued suspicious activity detected against said account holder, LFIs are expected to expeditiously file an STR/SAR with the FIU. | |
| Activity Requiring Immediate Attention | Situations requiring immediate attention include reportable violations that are ongoing (e.g., part of an ongoing money laundering scheme as indicated by an appropriate law enforcement authority) and transactions that the LFI suspects are related to the financing of terrorism and illegal organisations. | |
| Exceptions for Complex Investigations | If the LFI designates an investigation as “complex”, the LFI should submit an initial STR or SAR to the FIU within 15 business days of the alert generation. The initial STR/SAR should be labelled as a “Complex investigation” to the FIU. Following the initial STR or SAR filing, the LFI has an additional 30 business days to obtain all necessary information related to the complex investigation and submit a follow-up STR or SAR to the FIU. | |
| Summary of Review, Investigation, and Reporting Timelines | There are recommended timelines for the review, investigation, and reporting of suspicious activity in the absence of an escalation for expedited review. | |
| Escalation for Expedited Review | In certain cases, an alert or case may need to be dispositioned and an STR or SAR filed more rapidly than usual processes allow. In such cases, the alert will be dispositioned and the STR or SAR filed within 24 hours. | |
| Confidentiality and Prohibition against “Tipping Off” | Confidentiality and Prohibition against “Tipping Off” | When reporting suspicious activity or transactions to the FIU, LFIs are obliged to maintain confidentiality regarding both the information being reported and specific to the act of reporting itself, and to make reasonable efforts to ensure that the information and data reported are protected from access by any unauthorized person. |
| Handling of Transactions and Business Relationships after Filing STRs | Requirements for Corresponding with the FIU | If the FIU reaches out to an LFI for additional information pertaining to an STR or SAR, details should be provided in a way that is precise and outlined as per the request. LFIs should maintain clarity on the presented information and provide it in the expected format. |
| Post STR or SAR Process | Following the filing of an STR or SAR filing, LFIs are obliged to follow the instructions, if any, of the FIU in relation to both the specific transaction and to the business relationship in general. LFIs may decide to retain a customer relationship, exit the relationship, or restrict an account, among others. Any actions taken by an LFI following the filing of an STR or SAR is a decision based on the LFI’s internal policies and procedures, including its risk appetite, although LFIs should consider the risk of tipping off a customer when implementing such restrictive measures. | |
| Governance and Reporting to Senior Management | LFIs should have mechanisms to inform the Board of Directors (or a committee of the Board) and senior management on the status of its AML/CFT program, including reporting on the number and types of STRs or SARs. | |
| Record Retention | LFIs are required to retain all records and documents pertaining to STRs or SARs and the results of all analysis or investigations performed for a period of no less than five (5) years from the date of completion of the transaction or termination of the business relationship. | |
| Annexes | Annex 1: Indicative Examples of Insufficient STR or SAR Narratives | Examples of insufficient STR or SAR narratives are provided with an explanation on why these STR or SAR narratives are not sufficient and comprehensive. |
| Annex 2. Red Flag Indicators in the Context of the UAE | The FIU published typologies and indicators of suspicious activity that an LFI should consider with a view to update policies, procedures, detection scenarios, and red flag indicators for identifying potentially suspicious activity. | |
| Annex 3. Red Flag Indicators for the UAE Insurance Sector | The UAE Insurance Authority issued a list of red flag indicators that an LFI should consider with a view to update policies, procedures, detection scenarios, and red flag indicators for identifying potentially suspicious activity. | |
| Annex 4. Overarching Rules and Principles for the goAML System | The goAML XML Submission Guide provides additional detail on the rules that an LFI should consider when submitting an STR, SAR, or other report type in the goAML system. | |
| Annex 5 | Synopsis of the Guidance | |