The Central Bank of the United Arab Emirates (CBUAE) has issued an updated and comprehensive set of guidelines on Anti-Money Laundering (AML), Combating the Financing of Terrorism (CFT), and Countering the Financing of Proliferation (CPF) for Licensed Financial Institutions (LFIs). This update represents a significant step in strengthening the UAE’s financial regulatory framework and ensuring that institutions are equipped to address evolving financial crime risks in a rapidly changing global environment.
The revised guidance is aligned with international best practices and reflects the UAE’s broader commitment to maintaining a transparent, secure, and resilient financial system. It also complements the country’s Federal Decree-Law No. 10 of 2025 and its implementing regulations, which form the backbone of the UAE’s AML/CFT/CPF legal framework.
Purpose and Scope of the Updated Guidance
The updated guidance is designed to support LFIs in understanding and fulfilling their obligations under UAE law. It applies to a wide range of institutions, including banks, finance companies, exchange houses, and registered hawala providers.
The primary objective is to enhance the ability of these institutions to identify, assess, monitor, and mitigate risks related to money laundering, terrorist financing, and proliferation financing. The guidance provides practical instructions, expectations, and best practices that institutions must integrate into their internal compliance frameworks.
Unlike earlier frameworks that focused primarily on compliance, the updated approach emphasises effectiveness, ensuring that institutions are not merely following procedures but actively preventing financial crime.
A Stronger Risk-Based Approach
One of the key themes of the updated guidance is the reinforcement of a risk-based approach. This means that financial institutions are required to allocate their compliance resources based on the level of risk posed by customers, products, services, and geographic exposure.
The CBUAE expects LFIs to conduct detailed risk assessments that consider multiple factors, including:
- Customer profiles and beneficial ownership structures
- Nature and complexity of transactions
- Geographic exposure to high-risk jurisdictions
- Delivery channels such as digital platforms
This approach aligns with global standards set by international bodies and reflects a shift from a uniform compliance model to a more targeted and intelligence-driven system.
Institutions must continuously update their risk assessments to reflect emerging threats, including new typologies of financial crime.
Enhanced Customer Due Diligence (CDD)
The guidance places strong emphasis on Customer Due Diligence (CDD) as a critical tool for preventing financial crime. LFIs are required to:
- Identify and verify customer identities
- Determine beneficial ownership
- Understand the purpose and nature of business relationships
- Monitor transactions on an ongoing basis
Enhanced due diligence is mandatory for high-risk customers, including politically exposed persons (PEPs) and entities linked to high-risk jurisdictions.
The updated framework also requires institutions to adopt more robust verification methods, including digital identity verification and enhanced documentation processes where necessary.
Focus on Proliferation Financing (CPF)
A key addition to the updated guidance is the increased focus on proliferation financing, which involves funding activities related to weapons of mass destruction. This reflects a broader global shift in financial crime regulation. Under the new guidance, LFIs must:
- Identify risks related to proliferation financing
- Implement controls to detect suspicious transactions linked to sanctioned entities
- Ensure compliance with international sanctions regimes
This addition establishes CPF as a distinct and critical pillar, alongside money laundering and terrorist financing.
Transaction Monitoring and Suspicious Activity Reporting
The updated guidance strengthens expectations around transaction monitoring systems. Financial institutions must implement systems capable of detecting unusual or suspicious patterns in real time or near real time. Institutions are required to:
- Monitor transactions continuously
- Identify deviations from expected customer behaviour
- Investigate suspicious activities promptly
- Report suspicious transactions through the appropriate regulatory channels
The emphasis is on proactive detection, rather than reactive reporting. This ensures that risks are identified early and mitigated effectively.
Governance, Oversight, and Accountability
The CBUAE has reinforced the importance of strong governance structures within financial institutions. Senior management and boards are expected to take direct responsibility for AML/CFT/CPF compliance. Key expectations include:
- Appointment of a qualified Money Laundering Reporting Officer (MLRO)
- Clear reporting lines and accountability frameworks
- Regular review of compliance policies and procedures
- Active involvement of senior management in risk decisions
The updated framework also stresses that accountability is both institutional and individual, meaning that compliance failures can have personal consequences for responsible officers.
Training and Awareness
To ensure effective implementation, the guidance includes best practice manuals for training and capacity building. Institutions are required to develop role-based training programmes tailored to different levels of staff. Training must cover:
- Identification of suspicious activities
- Understanding AML/CFT/CPF risks
- Regulatory obligations and reporting requirements
The aim is to create a compliance culture where employees at all levels are equipped to recognise and respond to financial crime risks.
Addressing Emerging Risks and Typologies
The updated guidance reflects a growing recognition of emerging risks in the financial sector. These include:
- Trade-Based Money Laundering (TBML)
- Risks associated with correspondent banking relationships
- Increasing use of digital platforms and virtual assets
- Complex cross-border financial structures
Financial institutions are expected to stay informed about these risks and adapt their controls accordingly. The guidance encourages the use of advanced analytics and technology to improve detection and monitoring capabilities.
Supervisory Expectations and Enforcement
The CBUAE employs a risk-based supervisory model that combines onsite inspections with ongoing offsite monitoring. Institutions are regularly assessed on their compliance effectiveness, and deficiencies can lead to:
- Enforcement actions
- Mandatory corrective measures
- Increased regulatory scrutiny
- Potential financial penalties
Supervisory authorities also track remediation efforts and ensure that institutions address identified weaknesses within specified timelines. This approach ensures continuous improvement and reinforces accountability across the financial sector.
Alignment with National and International Frameworks
The updated guidance is fully aligned with the UAE’s National AML/CFT/CPF Strategy (2024–2027), which focuses on strengthening risk understanding, enhancing supervision, and promoting technological innovation in financial crime prevention. It also reflects global standards set by international bodies such as the Financial Action Task Force (FATF). The UAE’s efforts in strengthening its AML/CFT framework have already contributed to its removal from the FATF grey list, signalling improved compliance and international confidence.
Implications for Financial Institutions
The updated guidance has significant implications for LFIs operating in the UAE. Institutions must:
- Upgrade their compliance frameworks
- Invest in technology and data analytics
- Strengthen governance and internal controls
- Enhance staff training and awareness
- Ensure continuous monitoring and reporting
Compliance is no longer a static requirement but an ongoing, dynamic process that must evolve with changing risks.
Broader Impact on the UAE Financial System
The CBUAE’s updated guidance plays a critical role in enhancing the integrity and resilience of the UAE’s financial system. By strengthening compliance standards and aligning with global best practices, the UAE aims to:
- Protect its financial system from misuse
- Enhance investor confidence
- Facilitate international cooperation
- Promote sustainable economic growth
The emphasis on effectiveness, transparency, and accountability ensures that the financial sector remains stringent and capable of addressing emerging threats.
The updated AML/CFT/CPF guidance issued by the Central Bank of the UAE represents a comprehensive and forward-looking approach to combating financial crime. By emphasising a risk-based framework, enhanced due diligence, strong governance, and proactive monitoring, the guidance sets a new benchmark for compliance in the UAE’s financial sector.
It reflects a clear shift from procedural compliance to outcome-driven effectiveness, ensuring that financial institutions are not only compliant but also capable of actively preventing illicit financial activities.
As financial crime continues to evolve, the success of this framework will depend on how effectively institutions implement these measures and adapt to new risks. With strong regulatory oversight and a commitment to international standards, the UAE is well-positioned to maintain a secure and transparent financial environment.
To navigate to the official website, click here.
