For applying the provisions hereof, the following terms and expressions shall have the meanings ascribed thereto respectively, unless the context indicates otherwise:
The State: United Arab Emirates (UAE)
The Minister: Minister of Finance
The Central Bank: Central Bank of the United Arab Emirates
Governor: Governor of the Central Bank.
The Committee: The National Committee on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations.
FIU: The Financial Information Unit 
Regulatory Body: Federal and local authorities tasked by the applicable Statutes to assume control over financial institutions, designated non-financial businesses and professions (DNFBPs), Virtual Asset Service Providers (VASPs), and non-profit organizations (NPOs), or the authority competent to approve the practice of the activity or the profession if the statutes do not designate the regulatory body.
Law Enforcement Bodies: Federal and local authorities assigned by the applicable Statutes to combat, search, investigate and collect evidence on crimes, including money laundering, financing of terrorism and illegal organizations crimes.
Bodies Concerned: Government bodies in charge of enforcing any provision of the Decree-Law in the State.
Predicate Offence: Each act that constitutes a felony or a misdemeanor under the Statutes applicable in the State, whether committed inside or outside the State, whenever the same is punishable in both countries.
Money Laundering: Any of the actions specified in clause (1) of Article (2) of the Decree-Law.
Terrorism Financing: Any of the actions specified in Articles (29) and (30) of Federal Law No. (7) of 2014 on Combating Terrorism Offences.
Illegal Organizations: Organizations whose establishment or any of their activities is criminalized.
Financing Illegal Organizations: Each physical act or legal attitude intended to provide funds for an illegal organization, or for any of the activities or members thereof.
The Crime: Money laundering crime and the predicate crimes relating thereto, or the financing of terrorism or illegal organizations.
Funds: Assets, whatever the method of their acquisition, their type and form, whether tangible or intangible; movable or immovable; electronic, digital or crypto; including the national currency, foreign currencies, legal instruments or deeds of whatever form, including electronic or digital documents, which prove ownership of such assets and relevant rights; economic resources that are assets of any kind, including natural resources, as well as bank credits, checks, payment orders, shares, securities, bonds, bills of exchange and letters of credit as well as any interests, profits or any other income generated from or arising out of such assets which can be used to obtain any funding, commodity or services.
Virtual Assets: A digital representation of value that can be digitally traded or transferred, and that can be used for payment or investment purposes, and that does not include digital representation of fiat currencies, securities, or other funds.
Proceeds: Funds directly or indirectly generated from committing any felony or misdemeanour, including the profits, privileges, economic benefits and any similar funds, whether transferred fully or partially into other funds.
Instrumentalities: Anything used or intended to be used for committing a felony or misdemeanour.
Suspicious Transactions: Transactions relating to funds in respect of which there are reasonable reasons to suspect that they are generated from committing any felony or misdemeanour, or are related to financing the terrorism or illegal organizations, whether such transactions had been completed or attempted.
Freezing or Seizure: Temporary prevention of the remittance, transfer, movement, exchange or otherwise disposal of money in any manner by virtue of an order issued by a competent authority.
Confiscation: Permanent expropriation of private funds, proceeds or instrumentalities by virtue of a judgment rendered by a competent court.
Financial Institutions: Each business entity that carries on one or more of the financial activities or transactions for the benefit or on behalf of a customer.
Intermediary Financial Institution: A financial institution receiving and delivering wire transfers from the remitting financial institution to the beneficiary financial institution or to any other intermediary financial institution.
Beneficiary Financial Institution: A financial institution that receives the wire transfer from the remitting financial institution directly or through an intermediary financial institution, and then makes the funds available to the beneficiary.
Financial Activities or Transactions: Any one or more activities or transactions provided for in Article (2) hereof.
Designated Non-Financial Businesses and Professions (DNFBPs): Anyone who carries on one or more of the commercial or professional businesses provided for in Article (3) hereof.
Non-Profit Organizations: Each structured non-profit group continuing for a specified or an indefinite period of time and comprises natural or legal persons, or non- profit legal arrangement which receive or spend funds for charitable, religious, cultural, educational, social, solidarity or other philanthropic purposes. 
The Legal Arrangement: The relationship established between two or more parties by virtue of a contract including without limitation trust funds and other similar arrangements.
Trust Fund: A legal relationship whereby a Trustor confers upon the Trustee control over the Trustor's assets for the benefit of the beneficiary or for a certain purpose. Said assets are independent from the Trustor's own property. Title to the trustee's assets shall remain in the name of the Trustor or any other person acting on behalf of the Trustor.
Trustor: A natural or legal person who confers upon the trustee the right to manage the Trustor's assets in accordance with a Trust Agreement. 
Trustee: A natural or legal person exercising the rights and powers granted thereto and vested therein by the Trustor or by the Trust Fund, whereby the trustee manages, uses, and disposes of the Trustor's assets in accordance with the terms and conditions set forth by the Trustor and/ or the Trust Fund.
Customer: Anyone who performs or commences to perform any of the actions defined in Articles (2) and (3) hereof in cooperation with any financial institution or DNFBPs or Virtual Asset Service Providers (VASPs),
Transaction: Each disposal or use of funds or proceeds including, for example, deposit, withdrawal, transfer, sale, purchase, lending, exchange, mortgaging and gift.
Beneficial Owner: The natural person who owns or exercises ultimate actual control over the customer, or the natural person on whose behalf the transactions are made, or the person who exercises ultimate actual control over a legal person or a legal arrangement, whether directly or through a chain of ownership or control, or other indirect means
Virtual Asset Service Providers (VASPs): Any natural or legal person practicing, as a business, one or more activities or transactions related thereto for the benefit of another natural or legal person or on behalf thereof any of the following activities:
1. Exchange between virtual assets and fiat currencies
2. Exchange between one or more forms of virtual assets
3. Transfer of virtual assets
4. Safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets.
5. Providing and participating in financial services or activities related to an issuer's offer or sale of virtual assets
Business Relationship: Any continuing commercial or financial relationship between financial institutions or DNFBPs on one side and the customer on the other side, pertaining to the activities or services provided thereby to the customer.
Correspondent Banking Relationship: A relationship between a correspondent financial institution and a beneficiary institution through a current account, any other kind of accounts, or any other related service. This includes correspondent relationship established for financial securities transactions or money transfer.
Intermediary Accounts Payable: Correspondent account used directly by a Third Party to perform transactions for his own interest.
Financial Group: A group of financial institutions composed of a holding company or any other legal person exercising control over the remaining group members and coordinating jobs to provide oversight and control over the group, its branches and subsidiaries, in accordance with the Core Principles for Effective Banking Supervision as well as the policies and arrangements of combating money-laundering and terrorism financing.
Core Principles for Effective Banking Supervision: Basel Committee on Banking Supervision's Principles Nos. (1), (2), (3), (5 through 9), (11 through 15), (26) and (29), IAIS Principles Nos. (1), (3 through 11), (18), (21 through 23), and (25), and IOSCO Principles Nos. (24), (28), (29), and (31) and the responsibilities Nos. (a), (b), (c), and (d).
Wire Transfer: A financial transaction made by the financial institution either itself or through an intermediary institution on behalf of the transferor, to deliver an amount of money to the beneficiary in another financial institution, whether the transferor and the beneficiary are the same person or not.
Shell Bank: A bank registered or licensed in a country where it has no physical presence therein and is not affiliated to any financial group that is subject to regulation and control.
Registrar: The competent body supervising the register of trade names of different businesses registered in the State.
Due Diligence Measures: The process whereby the customer’s or the beneficial owner's information, nature of business, purpose of business relationship, structure of ownership and control are identified, whether said customer or beneficial owner is a natural or a legal person or a legal arrangement, for the purposes of this Decree-Law and this Resolution.
Controlled Delivery: A method whereby the competent authority allows illegal or suspicious funds or crime proceeds to enter into, pass through or across or leave the State’s territory, in order to investigate a crime and to identify the perpetrators thereof.
Undercover Operation: An investigative technique whereby a judicial officer disguises his own identity, uses an assumed identity, or performs a covert or false role to obtain evidence or information pertaining to the crime.
High-risk Customer: The customer who constitutes a risk whether due to his own personality, activity, business relationship, business nature, or the geographical territory, including for example customers from high-risk countries, non-residents who do not have an identification card from the state, personalities with complex structures or who perform complex operations or operations lacking obvious economic or legal objectives, persons who perform intense cash transactions, enter into transactions with anonymous third-persons, or carry out non face-to-face transactions or any other high-risk transactions defined by financial institutions, DNFBPs, or the regulatory bodies.
Politically Exposed Persons (PEPs): An individual entrusted, either currently or formerly, with a prominent public office in the State or in any other State, including presidents of state and government, senior politicians, high-profile government officials, judicial or military officials, senior CEOs of state-owned companies, top ranking officials of political parties, and persons to whom the management of international organizations or any prominent jobs therein are or were entrusted. The following are defined as PEPs:
1. An immediate family member of such PEP; i.e., spouses, children, sons' spouses, and parents.
2. Any individual publicly known to be a close associates of the PEP including:
    a. Persons having joint usufruct in a legal personality or legal arrangement or having any close business relationship with the PEP; and
    b. Persons having sole usufruct in a legal personality or legal arrangement created for the interest of the PEP
Decree-Law: Decree-Law No. (20) Of 2018 On Anti-Money Laundering, Combating the Financing of Terrorism and Illegal Organizations
 

The following transactions and activities are deemed financial:
1. Receiving deposits and other billable assets from the public, including Sharia-compliant deposits.
2. Providing special banking services.
3. Providing all kinds of credit facilities.
4. Providing all kinds of financing facilities including Sharia-complaint facility finances.
5. Providing monetary brokerage services.
6. Financial transactions involving securities, finance, and finance lease.
7. Providing money exchange and transfer services.
8. Issuing and managing payment instruments, guarantees, or liabilities.
9. Providing stored value, electronic retail payment, and digital cash services.
10. Providing virtual banking transactions services.
11. Trading or investment in, operating, or managing assets, option contracts, and future financial contracts, exchange and interest rates transactions, and other financial derivatives or negotiable financial instruments.
12. Participating in the issuance of securities and provision of financial services pertaining to said issuance.
13. Management of various kinds of funds and portfolios.
14. Custody of funds.
15. Preparation or marketing arrangements for financial activities.
16. Direct insurance operations, reinsurance operations for the type and branches of insurance of persons, and capital formation operations in insurance companies, insurance brokers and agents.
17. Any other financial activity or transaction specified by the regulatory body.
 

Everyone who performs any one or more of the following businesses or professions shall be deemed a DNFBP:
1. Real estate brokers and agents in case they conclude transactions pertaining to the sale and purchase of real estate property for the interest of their clients.
2. Dealers in precious metals and stones whenever they conduct a single cash transaction or seemingly related multiple cash transactions with a value equivalent to or higher than AED 55,000.
3. Lawyers, notaries public, other independent legal businesses, and independent accountants whenever they prepare, perform, or carry out financial transactions for the interest of their clients in connection with the following activities:
    a. Sale and purchase of real estates.
    b. Management of client's assets.
    c. Management of bank accounts, saving accounts, or securities accounts.
    d. Arranging for holding stakes in relation to the incorporation, operation or management of companies.
    e. The incorporation, operation or management of legal persons or legal arrangements; and
    f. Sale and purchase of commercial bodies.
4. Credit companies and funds service providers whenever they conduct or carry out transactions for the interest or on behalf of their clients involving the following activities:
    a. Acting as an agent for establishing or incorporating legal persons.
    b. Acting as, or arranging for another person to act as, a director or secretary of a company, a partner of a partnership, or holding similar position in a legal persons.
    c. Providing a registered office, business, residence, correspondence, or administrative addresses for a legal person or arrangement.
    d. Acting as, or arranging for another person to act as, a direct trustee of trust fund, or performing a similar job for the interest of any other form of legal arrangements; and
    e. Acting as, or arranging for another person to act as, a nominee shareholder for the interest of another person.
5. Other business and professions defined by virtue of a resolution by the Minister.
 

1. Financial Institutions and DNFBPs shall identify, assess and understand their crime risks in line with the nature and volume of their businesses, and they shall:
    a. take into consideration all risk-factors pertaining to customers' risks, States or geographical regions, products, services, operations and their implementation channels before identifying the total risk level and the adequate risk reduction measures to be adopted; and
    b. document and regularly update risk assessment operations and make them available upon demand;
2. Financial Institutions and DNFBPs shall take appropriate actions to minimize the risks identified in accordance with Clause (1) of this Article, while taking the national risk assessment (NRA) results into consideration as follows:
    a. formulate, develop and follow-up on the implementation of policies, regulations and internal measures approved by the senior administration and commensurate with nature and volume of businesses which enables them to manage risks which have been identified, and enhance the same if necessary, in accordance with Article (20) hereof;
    b. perform Enhanced Due Diligence for managing high-risks whenever identified, for example:
        1. Obtaining and verifying more information, including information about the customer and beneficial owner's identity, occupation, funds size and information available through the public databases and open sources;
        2. Obtaining additional information about the purpose of the work relationship or the reasons for the expected transactions or those which have already been carried out.
        3. Updating customer's due diligence information more regularly concerning the customer and the actual beneficiary;
        4. Adopting reasonable measures to identify the funds and wealth resources of the client and the beneficial owner;
        5. Upscaling the degree and level of on-going control of the business relationship, to identify whether it seems unusual or suspicious and selecting the types of transactions requiring further examination and review;
        6. Carrying out the first payment process through an account in the name of the customer at a financial institution applying similar due diligence measures;
        7. Obtaining the approval of senior administration to commence a business relationship with the customer;
3. In case the requirements of Clauses (1) and (2) of this Article are satisfied, Financial Institutions and DNFBPs ay adopt Simplified Due diligence measures for risk management and reduction whenever low-risks are identified, unless a crime is suspected. Simplified Due diligence measures shall be commensurate with low-risk elements including the following for example:
    a. Verifying the identity of customer and actual beneficiary after the business relationship is commenced;
    b. Updating the customer's data at long intervals;
    c. Reducing the rate of on-going control and inspection of transactions; and
    d. Infer the nature and purpose of business relationship based on the kind of transactions or the business relationship established, with no need to collect data or adopt certain measures.
 

1. Financial Institutions and DNFBPs shall verify the identities of the customer and actual beneficiary prior to or during the creation of a business relationship or opening an account, or prior to conducting a transaction for a customer with whom no business relationship exists. In cases of low crime risks, verifying the customer's identity may be completed after the business relationship is created subject to the following requirements:
    a. The identity shall be verified as soon as possible as of the time of commencement of business relationship or the transaction involved;
    b. Verification postponement must be necessary in order not to impede ordinary workflow; and
    c. Appropriate effective measures shall be adopted to control crime risks; and
2. Financial Institutions and DNFBPs shall adopt risk management measures in connection with circumstances under which the customer is able to benefit from the business relationship prior to the verification process.

Financial Institutions and DNFBPs, as the case may be, shall adopt customers due diligence measures in the following cases:
1. Commencement of business relationships;
2. Performing incidental transactions for a customer whenever such transactions are equivalent to or exceeding AED 55,000, whether it is a single transaction or seemingly-related multiple transactions;
3. Performing incidental transactions in the form of wire transfers equivalent to or exceeding AED 3,500;
4. If a crime is suspected; and
5. If there are doubts about the validity or adequacy of customer identification data obtained previously.

Financial Institutions and DNFBPs shall adopt Customer Due Diligence (CDD) measures and on-going control of the business relationship, including the following:
1. Auditing transactions performed throughout the period during which there is a business relationship, in order to ensure consistency of transactions performed with the information available about customer's data, pattern of activity, and risks represented thereby including, if necessary, information about the source of funds; and
2. Ensuring that the documents, data and information obtained and collected in the course of customer due diligence process are updated and adequate through auditing the records, including in particular records of high-risk customers.

1. Financial Institutions and DNFBPs shall determine the identity of customers, whether permanent or incidental, verify whether the same is natural person, legal person, or legal arrangement, and they shall also verify the identity of the customer and the beneficial owner using the documents or data obtained from reliable independent sources or as follows:
    a. For natural persons:
The official Name as per the ID document or passport, nationality, address, place of birth, and, where necessary, name and address of the employer, true copy of a valid ID Card or Passport. beneficial owner.
    b. For legal persons and legal arrangements:
        1. Name, legal form and Memorandum of Association;
        2. Address of the headquarters or principal business premises, and if the person is foreigner, name and address of its legal representative in the State, if any, and a proof of the same shall be submitted;
        3. Articles of Association or any similar approved documents; and
        4. Names of related persons holding positions in the senior administration of the legal person or legal arrangement;
2. Financial Institutions and DNFBPs shall verify that any person acting on behalf of the customer is authorized to do so, and the identity of such person shall be ascertained in the manner set forth in Clause (1) of this Article;
3. The Financial Institutions and DNFBPs shall understand the purpose and nature of the business relationship and obtain information pertaining to this purpose as required; and
4. Financial Institutions and DNFBPs shall understand the customer's business nature, ownership structure, and control over the customer.
 

Financial Institutions, and DNFBPs shall adopt reasonable measures that take into account the risks of the crime arising from the client and the business relationship to identify and verify the identity of the beneficial owner with respect to legal persons and legal arrangements using the information, data or documents obtained from a reliable and independent source as follows:
1. For customers with legal personality:
    a. Obtaining ID Card of the natural person who works solely or jointly with any other person who holds an actual controlling stake in the legal person of (25%) or more; and
    b. In case of failure to ascertain the identity of a natural person in accordance with the foregoing clause, or that there is doubt that the natural person who owns a stake or controlling stake is the beneficial owner or in case there is no national person who owns a controlling stake, it shall be required to identify the natural person who practices the actual or legal control of the legal person or the legal arrangement through any direct or indirect means.
    c. In the case of failure to identify any natural person in accordance with Para (a and b) of this Clause the identity of the concerned natural person that holds the position of high-profile government officials whether being a person or more.
2. For customers with legal arrangements:
Identifying the Trustor, trustee, the beneficiaries or kinds of beneficiaries and every natural person exercising actual ultimate control through, inter alia, a chain of control or ownership over the credit fund, directly or indirectly, and obtaining adequate information about the beneficial owner in a manner that enables his identity to be recognized upon payment or when he/she intends to exercise his/her legally acquired rights.
Further, as regards the other legal arrangements the financial institutions shall identify the natural persons holding equal or similar positions.
 

Financial Institutions, DNFBPs and VASPs shall be exempted from identifying and verifying the identity of the shareholder, partner or beneficial owner, provided that such information is obtained from reliable sources in cases where the customer or owner of the controlling interest is any of the following:
1. A company listed on a stock exchange that is officially regulated and governed by the disclosure requirements pursuant to any instrument imposing sufficient transparency requirements concerning beneficial owner; and
2. A subsidiary the majority of stocks or shares of which are owned by a holding company.
 

1. In addition to due diligence measures required for the customer and the beneficial owner, financial institutions shall adopt due diligence measures and on-going control over the beneficiary of personal insurance policies and funds formation transactions, including investment-linked life insurance products and Family Takaful Insurance, once the beneficiary is identified or named as follows:
    a. For nominated beneficiaries, the person's name whether it is a natural or legal person or legal arrangement, shall be obtained; and
    b. For beneficiaries specified based on class or description, such as familial relationship, i.e., spouse or children, or based on any other instrument, such as a will or legacy, sufficient information about the beneficiary shall be obtained to ensure that the financial institution is capable of identifying the beneficiary upon payment of the compensation.
    c. The identity of the beneficiary shall be verified in both of the above cases upon the disbursement of compensations or dues or exercising of any rights related to the instruments.
2. In all cases, financial institutions shall consider the customer and beneficiary of the life insurance and Family Takaful Insurance policies among the risk factors when identifying the applicability of enhanced due diligence measures, taking into account that in the case of finding that the beneficial owner is a legal person or a legal arrangement representing high-risk, the financial institutions shall take the enhanced due diligence measures including reasonable measures for identifying the beneficial owner of the insurance policy and verify same upon the disbursement of compensations or exercising any rights pertaining to those policies.
 

Financial Institutions and DNFBPs shall adopt due diligence measures for customers and business relationships existing aat the time of entry of this Resolution into force. Same shall be performed at the times deemed appropriate based on the relative importance and risks. They shall ensure sufficiency of data obtained in case of adoption of due diligence measures before entry of this Resolution into force.

1. Financial Institutions and DNFBPs may not create or continue in a business relationship nor carry out a transaction in case of failure to adopt customer due diligence measures. They shall consider reporting any suspicious transaction to the Unit.
2. In case a transaction is suspected, Financial Institutions and DNFBPs may refrain from applying customer due diligence measures if they have reasonable justifications that applying said measures would alarm the customer. They shall submit a suspicious transaction report to the Unit accompanied by the reasons requiring non-application of due diligence measures.

Financial Institutions and DNFBPs shall not:
1. Make any transactions with shell banks in any way whether through opening bank accounts, or accepting funds or deposits therefrom; and
2. Open or maintain bank accounts using nicknames, pseudonym, or fake names or using numbers without providing the names of their owners.

1. In addition to customer due diligence measures under Section Three of Part One of this Chapter, Financial Institutions, Businesses and DNFBPs shall apply the following:
First: Foreign politically exposed persons:
    a. Develop appropriate risk management systems if the customer or the beneficial owner is considered a PEP;
    b. Senior administration's approval shall be obtained prior to creating or maintaining a business relationship for current PEPs customers;
    c. Adopting reasonable procedures to determine financial resources of customers and actual beneficiaries who are identified as PEPs; and
    d. Conducting enhanced follow-up on business relationship.
Second: Local PEPs and persons who had occupied a prominent position in an international organization:
        a. Adequate measures shall be taken to identify whether the customer or actual beneficiary is deemed a PEP.
        b. In case a high-risk business relationship is already in place with such persons, the measures set forth in Clauses (b), (c), and (d) of Para (i) of this Article shall be adopted.
2. Without prejudice to Clause (1) of this article, financial institutions concerned with life insurance and Family Takaful Insurance policies shall adopt reasonable measures to identify whether the beneficiary or beneficial owner of life insurance and Family Takaful Insurance policies is a PEP prior to the payment of claims or entitlements or exercising any rights pertaining to such policies. Upon the presence of higher risks, financial institutions shall notify the senior management before paying any compensations or entitlements or exercising any rights pertaining thereto, in addition to scrutinizing the entire business relationship and considering notifying the FIU the presence of a suspicious transaction.
 

In compliance with the instructions of regulatory bodies or of the Unit, Financial institutions and DNFBPs shall develop indicators whereby they can identify the suspicion of crime commission so as to report the same by way of STR. Said indicators shall be updated on an going basis as required by the development and diversity of crime commission techniques.

1. In case Financial Institutions and DNFBPs have strong suspicions or reasonable causes to suspect that a particular transaction or an attempt to carry out a transaction or funds represent crime proceeds in whole or in part, or are suspected to be related to or will be used in a crime, notwithstanding the value thereof, Financial Institutions, and DNFBPs shall abide by the following measures without using banking, professional or contractual confidentiality as a pretext:
    a. Directly notify the FIU of the suspicious transactions without delay through the FIU's electronic systems or any other means approved by the FIU; and
    b. Respond to all requirements of the FIU concerning any additional information.
2. Lawyers, notaries, other independent legal professionals, and independent legal auditors shall be excluded from the requirements of Clause (1) of this Article if the information pertaining to these transactions is obtained on account of their assessment of the customer's legal position, or for defending or representing the customer before Courts, arbitration or mediation, or for expressing legal opinion on a certain issue pertaining to judicial proceedings, including the provision of consultations on the commencement or avoidance of such proceedings, whether said information is obtained before or during such judicial proceedings or, after ending the same, or obtained under other circumstances where they are subject to professional confidentiality.
3. Upon notifying or providing information the FIU in good faith, Financial Institutions DNFBPs, VASPs and their board members, employees, and legally authorized representatives shall not bear any administrative, civil, or criminal responsibilities resulting from whistleblowing when they notify the FIU or provide it with any information in good faith even if they do not know precisely the nature of the crime or that it actually took place    .
 

1. Financial Institutions and DNFBPs, their directors, officers, and staff may neither disclose, directly or indirectly to the customer or any other person, that they have reported or are about to report the suspicious transactions to the FIU, nor disclose any information or data pertaining thereto or any investigations thereon. This does not preclude sharing information with branches and subsidiaries at the level of the financial group in accordance with the provisions of Article (31) of this resolution.
2. Lawyers', notaries', other independent legal professionals' or independent legal auditors' attempts to prevent their customers from committing an act involving violation of the law shall not be deemed an act of disclosure.
 

1. Taking into considerations the states defined by the Committee as high-risk states and the states that suffer weaknesses in their Anti-Money Laundering and Terrorist Financing Combating Systems, Financial Institutions and DNFBPs may use third parties to perform due diligence measures concerning customers in accordance with Section Three, Part One of this Chapter. The Financial Institutions and DNFBPs shall be responsible for the validity of said measures, and they shall:
    a. Promptly obtain the third parties' identification data and necessary information gathered during the performance of customer due diligence measures, and ensure obtaining copies of documents necessary for such measures promptly upon request; and
    b. Ensure that the third-party is subjected to regulation and supervision, abides by the requirements of customer due diligence measures and maintenance of records provided for under this Resolution.
2. Financial Institutions, Businesses and DNFBPs who seek assistance of a third-party which is a member of the financial group shall ensure that:
    a. The group adheres to the requirements of due diligence measures concerning PEPs, maintains the records, and implements crime combating programs pursuant to Sections Three, Four, and Eleven of Part One of this Chapter, and Article (31) hereof, and that the group is subject to supervision and control in this respect; and
    b. Adequately minimize any high risks related to countries through the group's crime combating policies and regulations.
 

Financial Institutions and DNFBPs shall develop and continually update internal policies, procedures and controls to combat crimes, all of which shall be commensurate with crime-risks, and nature and size of their businesses. Same shall be applied to all branches and subsidiaries in which they hold a majority interest. Said policies, procedures and controls shall include the following:
1. Customer due diligence measures in the manner required pursuant to the Decree-Law and this Resolution, including business relationships risk management procedures prior to completion of the verification process;
2. Suspicious transactions reporting procedures;
3. Appropriate compliance management measures for crime combating including compliance officers appointment;
4. Inspection procedures to ensure presence of high efficiency and efficacy criteria for employment;
5. Prepare regular programs and workshops in all crime combating fields in order to build capacities and qualify compliance employees and other concerned employees; and
6. An independent auditing function to test the efficiency and adequacy of internal controls and regulations concerning crime combating.

Financial Institutions and DNFBPs shall appoint a compliance officer having the appropriate efficiency and vast experience and under their responsibility, and shall perform the following responsibilities:
1. Detect transactions pertaining to crimes;
2. Review the records, receive, inspect, and examine data about suspicious transactions, and make the decision either to report the same to the FIU or to discontinue investigation and provide reasons therefor. Same shall be made under strict confidentiality;
3. Review internal systems and procedures adopted to confront money-laundering and to combat terrorism and illegal organizations financing, ensure compliance of the same with the provisions of the Decree-Law and this Resolution, assess the institution's adherence to implementation of said systems and procedures, propose necessary updates and improvement thereof, prepare and submit to the senior administration biannual reports thereon, and submit a copy of these reports to the Regulatory Body concerned accompanied by the senior administration's notes and decisions;
4. Develop, implement, and document on-going institution employees' training and qualification programs and plans concerning all issues pertaining to money-laundry, terrorism financing, illegal organizations financing, and methods of combating the same; and
5. Cooperate with the Regulatory Body and the FIU, provide them with required data, enable their assigned employees to have access to records and documents necessary for performance of their duties.

1. Financial Institutions and DNFBPs shall adopt enhanced due diligence measures that are proportionate to the risk level which may arise out of business relationships or transactions with a natural or legal person from the states determined by the Committee as high-risk states or the states that suffer weaknesses in their Anti-Money Laundering and Financing of Terrorism Combating Systems.
2. Financial Institutions and DNFBPs shall adopt the countermeasures and any other measures required by the supervisory bodies proprio motu or as determined by the Committee in respect of the high-risk states and the states that suffer weaknesses in their Anti-Money Laundering and Financing of Terrorism Combating Systems.

1. Financial Institutions and DNFBPs shall identify and assess risks of money laundering and terrorism financing, which may arise out of the development of new products or new professional practices including new means of rendering services or use of new or under development technologies for every new or existing product; and
2. Financial Institutions and DNFBPs shall assess risks prior to launching or using products, practices, or technologies, and shall take appropriate actions for the management and reduction of risks.

1. Financial Institutions and DNFBPs shall maintain all records, exhibits, documents and data pertaining to all financial, commercial and monetary local or international operations and transactions for no less than five years as of the date of completion of a transaction or termination of the business relationship with the customer;
2. Financial Institutions and DNFBPs shall maintain all records and documents obtained during the performance of customer due diligence and on-going control as well as all accounting files, commercial correspondence, copies of personal IDs documents including suspicious transactions reports and results of any analysis performed. Same shall be maintained for no less than five years as of the date of termination of business relationship, as of the date on which accounts of customers who have accounts with said institutions are closed, or the date of completion of an incidental transaction, or the date of completing the inspection conducted by the supervisory bodies, or the date of completing the investigation, or the date on which a conclusive judgement is rendered by the competent judicial authorities, as the case may be;
3. The records, exhibits and documents maintained shall be organized in a manner allowing for re-structuring or re-arranging individual transactions, data analyses and tracking the financial transactions in such a manner as to provide, when necessary, evidence for prosecuting a criminal activity.
4. Financial Institutions and DNFBPs shall make all customers' information pertaining to customer due diligence, on-going control and their analysis results, and related records, files, documents, correspondence and forms related thereto promptly available to the bodies concerned upon their request.

1. Before entering into a correspondent banking relationship or any similar relationship, financial institutions shall abide by the following measures:
    a. Refrain from entering into or keeping a correspondent banking relationship with any shell bank or any other institution which allows the use of their accounts by a shell bank;
    b. Gather sufficient information about any recipient correspondent institution for the purpose of identifying its identity and full understanding of the nature of its business. Through publicly available information, financial institutions shall collect information about the reputation of said institutions, level of control applied thereto, and whether it has been subjected to any investigations pertaining to a crime or to a regulatory action;
    c. Assess crime combating procedures adopted by the recipient institution; 
    d. Obtain the senior management's approval prior to making new correspondent banking relationships; and
    e. Understand responsibilities of each institution in terms of crime combating.
2. With respect to intermediary accounts payable, the financial institution shall be committed to ensure that the recipient institution has adopted customer due diligence measures towards customers who have direct access to these accounts, and that it can make relevant customer due diligence information available upon request of the correspondent institution.

1. Provider of money or value transfer services (MVTS) shall be licensed by or registered with the regulatory body concerned. The latter shall take necessary actions to punish unlicensed or unregistered service providers in accordance with the applicable legislation, and shall ensure compliance by licensed and registered service providers with the crime combating regulations.
2. MVT service providers shall maintain an updated list of their agents and make said list available to the Bodies Concerned inside the State wherein the MVT services providers or their agents operate, shall engage said agents in crime combating programs, and shall monitor said agents' compliance with such programs.

1. Financial institutions shall ensure that all international wire transfers amounting to or exceeding AED 3,500 are always accompanied by:
    a. Full name of the transferor and beneficiary;
    b. Account number of both the transferor and beneficiary, and in case that there is no account, the transfer shall include a unique reference number enabling the institution to track the transfer.
    c. Transferor's address, ID number, passport number, date and place of birth, customer identification number with the transferring financial institutions, which shall refer to a record that includes such information.
2. In case of gathering several international wire transfers made by one transferor in one file to be transferred to beneficiaries, said file shall include accurate data about the transferor and full information about the beneficiaries thus enabling tracking of all of them in the beneficiary's country. The financial institution is required to include the transferor's account number, or a unique transaction reference number.
3. Financial institutions shall ensure that all international wire transfers of less than AED 3500 are accompanied by the data contained in Clause (1) of this Article without need to verify the validity of said data, unless there are doubts about committing a crime.
4. Financial institutions remitting local wire transfers shall ensure that the wire transfers data include data about the transferor aforementioned in Clause (1) of this Article, unless said data is available to beneficiary financial institutions and entities concerned by other means.
5. When the data accompanying the local wire transfer is available to beneficiary financial institutions and entities concerned by other means, the transferring financial institution is required to include only the account number or the unique transaction reference number, provided that said number allows for tracking transactions of the transferor or beneficiary. The transferring financial institution is required to make this data available within three business days as of the date or receipt of the beneficiary financial institution's or the competent body's request.
6. Financial institutions may not perform wire transfers if the requirements provided for in this Article are not satisfied.
7. The transferring financial institutions shall maintain all information gathered about the transferor and the beneficiary pursuant to provisions of Article (24) hereof.

1. Intermediary financial institutions shall ensure that all information about the transferor and the beneficiary is attached to international wire transfers.
2. In case there are technological restrictions preventing maintenance of transferor's and beneficiary's data in case of receipt of an international wire transfer along with local wire transfer data if such international wire transfer is made internally, in this case, the intermediary financial institutions receiving the international transfer shall maintain a record containing all information obtained from the transferring financial institution or from an intermediary institution outside the State in accordance with provisions of Article (24) hereof.
3. Intermediary financial institutions shall adopt reasonable and direct measures to identify international wire transfers lacking required information about the transferor or the beneficiary, and it shall formulate and develop risk-based policies and procedures to determine cases of making, rejecting, or suspending such transfers as well as appropriate follow-up thereon.

1. Beneficiary financial institutions shall take reasonable actions to identify international wire transfers lacking required information about the transferor or the beneficiary such as following-up thereon at the time of making these transfers whenever possible, or after implementation thereof.
2. Beneficiary financial institutions shall verify the identity of beneficiary from international wire transfers amounting to or exceeding AED 3500 if it hasn't been verified before.
3. Beneficiary financial institutions shall formulate and develop risk-based policies and procedures to determine whenever of transfers lacking information about the transferor or beneficiary are made, rejected, or suspended and specify appropriate follow-up procedures.
4. Beneficiary financial institutions shall maintain all information gathered about the transferor and beneficiary in accordance with provisions of Article (24) hereof.

1. MVT service providers shall satisfy the relevant requirements provided for in Articles (27), (28) and (29) hereof whether they perform their works directly or through agents.
2. If the MVT service provider is the same transferor from the State and the recipient in another State, the same shall:
    a. Gather all information about the transferor and the beneficiary to consider whether or not to submit a report on suspicious transaction.
    b. If it is decided that a report be submitted on a suspicious transaction concerning the transaction, the report shall be submitted to the FIU in the State concerned accompanied by all relevant information.

Financial groups shall implement group-wide programs concerning crime combating, provided that said programs be applicable to all branches and subsidiaries wherein the group owns the majority. In addition to the measures provided for in Article (20) hereof, said programs shall include:
1. Policies and procedures on the exchange of the information required for the purposes of customer due diligence and crime-risks management;
2. Information pertaining to customers, accounts and transactions shall be made available by the branches and subsidiaries to the compliance, audit, anti-money laundering and terrorist financing combating officers at the financial group level whenever necessary for the purposes of crime combating. Such information shall include analysis information of the transactions or activities which appear unusual or suspicious and the reported suspicious transactions reports and their basic information or whatever proves the reporting of a suspicious translation. In all cases, such information shall be made available to the branches and subsidiaries when necessary and whenever is convenient and suitable to the Risk Department; and 
3. Adequate guarantees concerning confidentiality and use of exchanged information shall be provided.
 

1. Financial institutions shall ensure that their branches outside the State and subsidiaries wherein it holds the majority are adopting crime combating measures that are consistent with the requirements of the Decree-Law and this Resolution in case that crime combating measures adopted in said country are less strict than those adopted in the State. Same shall be made within the limits permitted by the laws and regulations of the other country.
2. If the other country does not allow appropriate implementation of crime combating measures consistently with the requirements of the Decree-Law and this Resolution, financial institutions shall adopt additional measures for appropriate management and limitation of money laundering and terrorism financing risks related to their transactions abroad. The regulatory body in that country shall be notified of the same, and the instructions received therefrom in this respect shall be adhered to.

In coordination with the regulatory body concerned, NPOs shall:
1. Implement the best practices approved by the Regulatory Body concerned to remedy weaknesses in a manner enabling them to protect themselves against misuse thereof through terrorism and illegal organizations financing;
2. Formulate obvious policies enhancing transparency, integrity, and public trust in its management; and
3. Make their transactions through official financial channels, while taking into consideration the various capacities of financial sectors in different countries.

1. Each natural or legal person that practices any VASPs activities or provides their products or services or carries out their transactions from within the state shall be licensed, recorded or registered as the case may be with the competent Regulatory Body.
2. The Regulatory Body of VASPs, each within its respective competence, shall issue the resolutions, circulars and procedures required for the purpose of sufficient regulation thereof while observing the risks that have already been determined, in such a manner as to comply with the provisions of the decree-law and this resolution.
3. In all cases the Regulatory Body of VASPs shall, of their own volition or in coordination with the competent authorities, take the measures required to identify any person practicing any VASPs activities in violation of the provision of Clause (1) of this Article and apply thereto the appropriate penalties. Such measures may include:
    a. Reviewing the general databases and the open sources to identify the relevant announcements through the internet or through the potential purchase orders of businesses submitted by a non-licensed, non-listed or non-registered person.
    b. Establishing feedback channels with the relevant bodies or communication channels to receive the general comments from the public in this regard.
    c. Coordinating with the FIU to obtain the information has available thereto such as suspicious transaction reports or the results of the other information collection processes carried out by it.
    d. Reviewing the information not available to the public, such as the information concerning the refusal, suspension, restriction or cancellation of a license, entry or registration of the activities of VASPs and any relevant information with the law enforcement bodies concerned.
4. Subject to the provisions of Chapter (7) of this Resolution, the bodies concerned may, in accordance with statutes in force in the State and the international conventions to which the state is a party or on the condition of reciprocity, respond to the requests of international cooperation related to the predicate crimes or to money laundering, financing of terrorism or financing of illegal organizations crimes related to Virtual Assets and VASPs as soon as possible and as much as possible regardless of the nature and the different names of the regulatory bodies or the status of VASPs in the other states.
 

VASPs shall identify, assess, manage and reduce the risks related to anti-money laundry and financing of terrorism in accordance with the provisions of Clauses (1) and (2) of Article (4) of this Resolution.

VASPs shall comply with the provisions of Articles (5-9), (12-15.1), (16, 17.1, 18.1, 19-32, 35, 38, 39) and (60) of this Resolution while observing the following:
1. Performing the due diligence towards the customers when carrying out incidental transactions equal to or exceeding (AED 3,500);
2. The VASP (originator) shall obtain and retain the data of the transferor accurately, request the data of the beneficiary and submit such information to the beneficiary VASP or the financial institution, if any, immediately and securely and shall make same available to the competent authorities.
3. The VASP (beneficiary) shall obtain and retain the information of the transferor and beneficiary of the required transfer transaction accurately and make it available to the competent authorities.
4. All the requirements contained in this Section of the Resolution shall be satisfied by the financial institutions while carrying out a transaction involving sending or receiving transfer of virtual assets on behalf of the customer.
 

1. The Registrar shall provide the information about legal persons in the State and make said information available to the public as follows:
    a. Description of their various kinds, and forms and main policies;
    b. Procedures of formation thereof;
    c. Procedures of obtaining the basic information in the manner provided for in Para. (b) of Clause (1) of Article (8) hereof; and
d.    Procedures of obtaining information pertaining to the actual beneficiary.
2. The Registrar shall maintain basic updated information included in Para. (b) of Clause (1) of Article (8) hereof, and shall ensure accuracy and availability thereof to the public.
3. Upon registration of companies, the registrar shall obtain, update and make available to the entities concerned the company's actual beneficiary's data in the manner provided for in Clause (1) of Article (9) hereof.

1. Companies shall maintain the information required under Para. (b) of Clause (1) of Article (8) hereof, together with partners or shareholders register, number of stocks or shares held by each of them, classes of shares, if any, and nature of relevant voting rights, and shall make such information available to the registrar after verifying their accuracy.
2. Companies shall maintain information required under Clause (1) of Article (9) hereof and make such information available to the registrar in all cases and upon request. Same shall be updated every fifteen business days in case of making any amendments or changes thereto. Companies shall always ensure accuracy of said information and shall provide assistance in documentation of the same if necessary.
3. Companies shall have one or more natural persons residing in the State and is authorized to disclose all information required under Clauses (1) and (2) of this Article to the registrar.
4. Any company incorporated and registered in the State may not issue stock warranties for holder thereof.
5. Companies issuing shares in the names of persons or of board members shall disclose information about said shares and identities of said persons or board members to the registrar for registration of the same.

The Registrar, companies, their managers, liquidators, or persons concerned with dissolution of thereof shall maintain all the records and information aforementioned in Articles (34) and (35) for no less than five years as of the date of dissolution or demise of the company.

1. Legal arrangements' trustees shall maintain information about the actual beneficiary in the manner provided for under Clause (2) of Article (9) hereof.
2. Legal arrangements' trustees shall maintain the basic information about mediators, who are subject to control, and service providers, including investment consultants, directors, accountants, and tax consultants. 
3. The trustees in the legal arrangements shall disclose their status to the Financial Institutions, DNFBPs and VASPs when establishing a business relationship or implementing an incidental transaction exceeding the limit specified under this resolution and provide them with the information related to the beneficial owner and the assets that shall be kept or managed under the conditions of the business relationship once they request the same.
4. The Information required under Clauses (1) and (2) of this Article shall be maintained in an accurate form and shall be updated within fifteen business days in case of making any amendments or changes thereto. Representatives of legal arrangements shall maintain said information for five years as of the date of termination of their relationship with the legal arrangement.
5. The bodies concerned, and law enforcement authorities in particular, may request and promptly receive information maintained by trustees, financial institutions or DNFBPs and VASPs pertaining to:
    a. Legal arrangement's actual beneficiary;
    b. Trustee's place of residence; and
    c. The funds retained or managed by the financial institution or DNFBPs and VASPs pertaining to any trustee with whom they have a business relationship, or for whose account they make any incidental transaction.

Banking confidentiality, professional or contractual confidentiality may not be relied upon as a pretext to prevent implementation of the provisions of the Decree-Law and hereof in the following cases:
1. Information exchange among financial institutions whenever the same is pertaining to correspondent banking relationships (CBR), wire transfers, or employment of organized third parties under provisions of Articles (19), (25), (27) through (30) hereof.
2. Exchange of information relevant to combating crime among entities concerned at the local and international levels.

1. Everyone who obtains information relating to suspicious transaction or any of the crimes provided for in the Decree-Law shall maintain its confidentiality and shall not disclose the same to Third Parties, except to the extent necessary for purposes of investigations, lawsuits, or proceedings pertaining to violation of the provisions of the Decree-Law and this Resolution.
2. In all cases, any procedures brought against the customer may not be communicated thereto whether directly or indirectly unless under written request of the regulatory body concerned.

1. The FIU enjoys operational autonomy in performance of its tasks effectively. The Central Bank shall provide the FIU with necessary human, financial and technical resources.
2. The FIU headquarters shall be in the Capital of the State. The FIU may open branches thereof inside the Central Bank Branches in the Emirates of the State.
3. The FIU operates as a national center for receiving suspicious transactions reports and other information relevant to crime.

The FIU shall:
1. Set up the structure of its departments, develop its bylaws, and obtain approval of the Central Bank to the same, provided that the bylaws include procedures ensuring employees' efficacy, integrity, and awareness of responsibilities pertaining to dealing with confidential information;
2. Create a database or special register including the information available thereto, and shall protect the same through setting information security and confidentiality control rules including information processing, storing, and referencing procedures, as well as procedures of limited access to, inaccessibility non-disclosure of the FIU's institutions, information and technological systems except by the authorized persons;
3. Provide training and qualification courses and programs for its employees or employees of any other body inside or outside the State;
4. Conduct studies, researches, and statistics relevant to crime, and follow-up on any studies, researches, and statistics prepared locally or internationally in this respect; and
5. Prepare annual reports on its activities in the field of crime combating. Said reports shall include, in particular, a general analysis of the notices and reports received thereby on suspicious transactions, crime activities and trends, and shall prepare a summary of said report for publication.

In the course of performing its tasks relevant to suspicious transactions reports, the FIU shall:
1. Receive, consider, analyze, and store in its database the reports submitted thereto by Financial Institutions, DNFBPs and VASPs using the forms prepared by the FIU;
2. Request that Financial Institutions DNFBPs, VASPs, and entities concerned to provide and submit any additional information or documents pertaining to the reports and information received thereby as well as any other information deemed necessary for the FIU to perform its tasks including information about customs disclosures. Same shall be submitted at the times and in the forms defined by the FIU;
3. Analyze information and reports available thereto as follows:
    a. Perform operational analysis using the information available or possible to be obtained in order to identify the identity of certain targets such as persons, funds, or crime networks, track certain activities or transactions, and find links between said targets, activities or transactions on one side and potential proceeds of the crime on the other side; 
    b. Perform strategic analysis using the information available or possible to be obtained including data submitted by the entities concerned in order to identify crime trends and patterns;
4. Supply Financial Institutions, DNFBPs and VASPs with the results of analysis of information submitted about the reports received by the FIU in order to enhance the efficient implementation of procedures of crime combating and detection of suspicious transactions;
5. Cooperate and coordinate with regulatory bodies by way of referring results of analyses conducted thereby with respect to quality of received reports to ensure compliance of Financial Institutions, DNFBPs and VASPs with crime combating procedures;
6. Refer the data pertaining to reports, analyses reports and other relevant information to law enforcement bodies for necessary action whenever there are sufficient reasons to suspect their relation to the crime; and
7. Provide the judicial bodies and law enforcement bodies with crime-related information and the information possible to be obtained from FIUs in other countries whether automatically or upon request.
 

In the course of performing its task at the international level, the FIU shall:
1. Exchange information with counterpart FIUs in other countries concerning suspicious transactions reports or any other information the FIU is entitled to obtain or has direct or indirect access thereto subject to the international conventions to which the State is a party, or any Understanding concluded between the FIU and counterpart FIUs to organize coordination therewith or on condition of reciprocity;
2. Notify counterpart FIUs of the results of use of information submitted and analyses conducted based thereupon;
3. Not use the information contained in Clauses (1) and (2) of this Article unless for the purposes of crime combating, and may not disclose the same to any third-parties without approval of the FIU;
4. Follow-up on the updates concerning the crimes of money laundering and terrorism financing through regional and international organizations concerned, and participate in relevant meetings; and
5. Follow-up on the Egmont Group's requirement, attend and participate in its meetings in its capacity as a member of the Group.

Financial Institutions, DNFBPs and VASPs of Financial Institutions, DNFBPs and VASP, each within its competences, shall provide supervision, control, and follow-up to ensure compliance with the provisions provided for under the Decree-Law and this Resolution, and other supervisory decisions and shall:
1. Identify potential crime-risks in legal persons and assess and upgrade same provided that this includes Financial Institutions, DNFBPs and the activities of Virtual Assets and VASPs;
2. Develop a risk-based approach to guarantee that the measures to prevent or mitigate money-laundering and the financing of terrorism are commensurate with the specific risks;
3. Develop directions, systems, and forms concerning crime combating by bodies governed by its regulations when necessary;
4. Formulate necessary policies, procedures and controls to verify that those controlled thereby comply with the Provisions of the Decree-Law, this Resolutions, and any other legislation relevant to crime combating in the State, and request information pertaining to fulfillment of this obligation;
5. Develop and set competence and capability systems, rules and criteria and apply the same to anyone who desires to own, control, or participate directly or indirectly in the management or operation of Financial Institutions, DNFBPs or VASPs, or to their beneficial owner;
6. Perform office and field supervision and inspections of Financial Institutions, DNFBPs and VASPs based on a risk-based approach; 
7. Define the periodicity of supervision and inspections of Financial Institutions, Financial Groups, DNFBPs and VASPs based on the following:
    a. National risk-assessment;
    b. Features of Financial Institutions, Financial Groups, DNFBPs and VASPs in terms of their diversity, numbers, and degree of freedom of disposal granted thereto according to the risk-based approach (RBA); and
    c. Crime-risks and understanding of same, internal policies and controls, and procedures applied by the financial institutions, financial groups, DNFBPs or VASPs in accordance with the Regulatory Body's assessment of the risk-structure of each;
8. Adopt all measures which would ensure full compliance by Financial Institutions, DNFBPs and VASPs with implementation of Security Council Resolutions pertaining to Prevention and Suppression of Terrorism and financing thereof, prevention and suppression of proliferation of weapons of mass destruction and financing the same, as well as other relevant resolutions. Same shall be made through field visits, on-going follow-up, and imposition of appropriate administrative punishments in case of committing violations or failure to apply the instructions;
9. Verify that controlled institutions adopt and apply the controls, procedures and measures provided for under the provisions of the Decree-Law and this Resolution, and adopts the same in their foreign branches and subsidiaries wherein they hold the majority interest and to the extent permitted by laws of the countries wherein such branches and companies are located;
10. Ensure to what extent the financial institutions subject to the international basic principles of financial control comply with the regulation and control consistently with such principles and including the application of aggregated control at the level of the financial group for the purpose of anti-money laundering, combating the financing of terrorism and ensure, as regards the other financial institutions, to what extent they are subject to regulation and control or follow up consistently with the degree of risk of the money laundering or the financing of terrorism;
11. Review the financial institution's and group's crime-risks structure including non-compliance risks. Same shall be made regularly or whenever there are significant developments in the financial institution's and group's management or transactions;
12. Establish adequate controls and procedures to ensure that the Financial Institutions, DNFBPs and VASPs are informed of, and apply, the Committee's decisions related to:
    a. The measures of enhanced due diligence and the countermeasures determined by the Committee;
    b. Any fears related to the weaknesses in the anti- Money Laundering and Terrorist Financing Combating Systems in the other states;
    c. Any other decisions issued by the Committee.
13. Provide those who are subject to their control with instructions and feedback to enhance efficiency of implementation of crime combating measures;
14. Retain and inform the FIU of an updated list of controlled institutions compliance officers' names and data, and may obligate institutions to obtain the FIU's approval prior to appointment of compliance officers in said institutions;
15. Develop and organize programs and campaigns to raise awareness of crime combating;
16. Issue decisions whereby administrative punishments are imposed pursuant to the provisions of the Decree-Law, this Resolutions, regulatory resolutions and any other relevant resolutions and the mechanism of filing grievances against said decisions; and
17. Maintain statistics about adopted measures and imposed punishments.
 

Regulatory Body concerned with NPOs shall:
1. Obtain the information available with all entities concerned on NPOs' activities in a timely manner in order to identify their size, characteristics, kinds, threats posed by terrorism organizations against NPOs, potential risk exposure, and abuse thereof in supporting and financing terrorism and illegal organizations, and adopt and regularly review appropriate effective measures to confront the identified risks to ensure their efficacy;
2. Review the appropriateness and adequacy of legislation pertaining to NPOs in order to prevent abuse thereof in supporting and financing terrorism and illegal organizations, and work on improving said legislation when necessary;
3. Regularly assess NPOs through reviewing updated information on NPOs' potential weaknesses which would make them exploitable in supporting and financing terrorism and illegal organizations;
4. Encourage and implement education and awareness raising programs in order to raise NPOs' and donors' awareness of their potential weaknesses which would expose them to the risks of abuse in supporting and financing terrorism, and of the measures to be adopted by NPOs to protect themselves against such risks;
5. Supervise and monitor NPOs using risk-based measures to prevent abuse thereof in supporting and financing terrorism, and to ensure fulfillment of their obligations;
6. Cooperate, coordinate, and exchange information with local entities concerned maintaining information relevant to NPOs;
7. Have the expertise in the field of detections and the capacity to inspect NPOs suspected to be used in supporting and financing terrorism;
8. Have full access to the information pertaining to the administration of any NPO including financial information and information about their programs;
9. Establish the mechanisms ensuring immediate exchange of information with entities concerned with the aim to take preventive actions or investigations procedures in case of suspicion or presence of reasonable reasons to suspect that the NPO is:
    a. An interface for fundraising for a terrorism organization;
    b. Used as a channel to finance terrorism, evade freezing of moneys, or in any other form of terrorism support; or
    c. Hiding or concealing tracking of moneys allocated for legitimate purposes which are directed for use by terrorist or for terrorism support; and
10. Identify appropriate points of contact and necessary actions in response to international request to obtain information about NPOs suspected or is being used to finance or support terrorism.

1. Either the Governor or the officer Acting on his behalf may order the freezing of funds of financial institutions licensed by the Central Bank for no more than (7) seven business days in case of suspecting its relation to a crime upon the FIU's request based on its analyses of suspicious transactions reports and on other information obtained thereby;
2. In case the decision aforementioned in Clause (1) of this Article is made, the FIU shall:
    a. Notify the financial institution concerned to implement the freezing decision without prior notice to the owner of said funds; and
    b. Notify the Attorney General if the Governor requests extension of the freezing, provided that such notice be accompanied by relevant reasons for required extension;
3. After presentation to the Governor, the FIU shall notify the financial institution concerned of revocation of the freezing in case that the Attorney General refuses to extend the same or upon expiry of the period aforementioned in Clause (1) of this Article without receiving a reply from the Attorney General;
4. Financial institution wherein funds are frozen shall notify owners of the funds frozen by virtue of a freezing order and the body issuing the order, and shall request the owner to provide it with necessary documents to prove legitimacy of the resource of its funds, and shall refer said documents to the FIU for necessary action;
5. The Governor shall submit a proposal to the Attorney General proposing revocation of freezing extension in case of demise of the reasons thereof to take actions deemed appropriate; and
6. Decisions to freeze funds with financial institutions licensed by the Central Bank may be implemented only by the Central Bank.

1. The Attorney General and the competent court, as the case may be, may order specification, tracking, or assessment of suspected funds, proceeds, or instrumentalities or a value equivalent thereto, or may order seizure or freezing thereof the same is generated form or related to the crime without prior notice to the owner of the same, and may order travel-prevention until the end of investigations or of trial;
2. The Attorney General and the competent court, when necessary, may take decisions preventing transactions or disposal of said funds, proceeds, or instrumentalities, and may take necessary actions to prevent any kind of disposal aiming to evade freezing orders or seizure orders issued in connection therewith without prejudice to bona fide third parties.;
3. Any stakeholder may file a grievance against the public prosecution order of freezing or seizure with the competent court of first instance having jurisdiction over the public prosecuting making said decision or the court competent to consider the criminal case;
4. The grievance shall by submitted by way of report to the competent court, the chief justice of said court shall schedule a hearing the grievant shall be notified thereof to consider the grievance, and the public prosecution shall submit a memorandum of opinion thereon. The court shall decide on the grievance within no more than (14) fourteen business days as of the date of submission thereof; and
5. The decision concerning the grievance shall be irrevocable, that is, if the grievance is rejected, new grievance may not be submitted unless after passage of three months as of the date of rejecting the first grievance, unless otherwise a serious reason emerges before passage of this period.

The Attorney General and the competent court, as the case may be, may appoint anyone deemed appropriate to manage the seized, froze, or confiscated funds, proceeds, or instrumentalities, and may permit disposal or sale of the same by public auction even before rendering a judgment in connection therewith out of fear of their damage or devaluation thereof by time. Proceeds of sale shall be transferred to the State treasury in case of rendering a final judgment of conviction. These funds shall remain carrying the legitimate rights of bona fide third-parties thereto within the limits of its value.

1. Upon commencing investigations and collecting evidence on the primary offence when necessary, the public prosecution and the law enforcement bodies shall take into consideration the extent to which financial aspects of the criminal action is linked to the crimes of money laundry, financing terrorism, or financing illegal organizations, in order to define the scope of the crime, track proceeds and any other funds subject to confiscation, and enhance evidence establishing the crime.
2. The public prosecution may seek the opinion of the FIU on the notices submitted thereto on money laundry, terrorism financing and illegal organizations financing.
3. Law enforcement bodies shall receive and follow-up on the results of suspicious transactions reports analyses from the FIU and shall collect all relevant evidence.
4. The public prosecution and the law enforcement bodies shall quickly define, track and confiscate funds, proceeds and instrumentalities subject to confiscation and relevant to the crime.
5. Law enforcement bodies may directly receive from the entities concerned the information deemed necessary for performance of their tasks in terms of detecting the crime or its perpetrator, and collecting relevant evidence even if said information is subject to banking or professional confidentiality. The body requested to provide information shall promptly execute the request.

In the course of execution of the international cooperation request concerning the crime, the entities concerned may conclude, negotiate and execute agreements in a timely manner with counterpart foreign authorities provided that said agreements may not contradict the Statutes applicable in the State.

Entities concerned shall give priority to and promptly execute all international cooperation requests in criminal matters, particularly those pertaining to crime through apparent and secure mechanisms and channels. Confidentiality of received information subject of the request shall be adhered to, if required, and in case of inability to maintain confidentiality, the requesting body shall be notified of the same.

In implementation of the provisions of this the Decree-Law and this Resolution, international cooperation request may not be denied on any of the following grounds:
1. The crime involves financial, tax, or customs issues;
2. Confidentiality provisions that are binding on Financial Institutions, DNFBPs, VASPs without violation of the statutes in force in the State unless relevant information is obtained under circumstances where legal professional privileges or professional confidentiality are applicable;
3. The crime is political or related to political matters;
4. The request is relevant to a crime under detection or judicial investigations in progress in the State, unless the request would hinder such detections or investigations;
5. The act whereupon the request is based does not constitute a crime in the State or does not have common characteristics of a crime provided for therein, unless the request contains coercive compulsory measures or is in accordance with the Statutes applicable in the State; and
6. The criminal act in the State is listed under a different title or description, or its elements are different in the requesting country.
 

Pursuant to applicable legislation and agreements in the State or on condition of reciprocity; the entities concerned may:
1. Execute the requests received from any foreign body and exchange crime-related information with counterpart foreign bodies at an appropriate speed, and may obtain any other required information, either automatically or upon request, on behalf of said bodies even if they are of a different nature;
2. Provide feedback to foreign bodies upon their request on the use of information received and the extent of utilization thereof;
3. Obtain an acknowledgement or undertaking from the counterpart foreign body that the international cooperation information shall be used only for the purposes for which it is requested, unless said body obtains a prior consent therefrom;
4. Use the international cooperation information received only for the purposes for which it is requested unless the foreign body provides its approval to be used for other purposes; and
5. Refuse the supply of information in case of inability of the foreign body requesting the international cooperation to protect said information effectively.

1. Entities concerned shall provide assistance the international cooperation concerning basic information of companies, legal arrangements, and actual beneficiaries provided said cooperation shall include the following:
    a. Facilitate access by foreign competent authorities to the basic information available in the companies' and legal arrangements' records;
    b. Exchange information about legal arrangements and companies' shareholders; and
    c. Use their powers to obtain actual beneficiary's information on behalf of the counterpart foreign bodies .
2. Entities concerned shall provide supervision over implementation of international cooperation operations received from other countries in connection with request to obtain basic information about companies, legal arrangements, and actual beneficiaries therefrom, and international cooperation requests concerning locating the places where actual beneficiary from the company is present outside the State.

In accordance with the statutes in force in the State and the provisions of conventions whereto it is a party and on condition of reciprocity, financial institutions regulatory bodies may:
1. Exchange the information retained thereby or available thereto, either directly or indirectly, about the crime with counterpart foreign bodies regardless of the nature of said information and in accordance with the applicable Core Principles for Effective Banking Supervision related to anti-money laundering and combating financing of terrorism, including the information pertaining to:
    a. Organizational framework of financial sectors and general information related thereto;
    b. Preventive financial supervision measures including information relevant to financial institutions actions and businesses, the actual beneficiary therefrom, and management thereof, and competence and capability information; and
    c. Financial institutions internal policies on combating crime, customers due diligence information, and forms of information pertaining to accounts and transactions.
2. Obtain the prior consent of the foreign regulatory body required to provide information to refer and use such information for purposes other than those for which it is requested, and shall notify said foreign bodies in case of disclosure of this information whenever said disclosure is required by legal obligation; and
3. Request or facilitate receipt of information on behalf of the foreign regulatory body for the purpose of enhancing control of the financial group.

Without prejudice to the provisions of treaties and conventions to which the State is a party and on the condition of reciprocity, law enforcement bodies, in coordination with the bodies concerned, may:
1. Exchange the information in their possession or which is available thereto, either directly or indirectly, with counterpart foreign for the purposes of detections and collection of crime-related evidence and to identify and track proceeds and instrumentalities; and 
2. Use the powers vested therein pursuant to statutes in force in the State to make investigations, receive information on behalf of the counterpart foreign body, and coordinate to from dual or multiparty teamwork to perform joint investigations.

At the request of a judicial authority in a foreign country which is a party to a convention concluded with the State, or on condition of reciprocity in connection with acts punishable pursuant to the Statutes applicable in the State, the competent judicial authority may provide judicial assistance in crime-related investigations, trials or procedures, and may order as follows:
1. Designate, freeze, seize or confiscate the funds, proceeds or other instrumentalities or equivalents which are generated from the crime wherein the same is used or attempted to be used, taking into account that anonymity or the exclusion of the criminal responsibility of the accused or the abatement of the criminal proceedings shall not prevent taking these actions;
2. Adopt any other procedures that can be applied subject to the statutes in force in the State including submission of the records kept by Financial Institutions, DNFBPs, VASPs or NPOs; search persons and buildings; take witness statements; collect evidence; and use investigation techniques such as undercover operations, communications interception, electronic data and information collection and controlled delivery; and
3. Deliver and receive crime-related persons and objects in accordance with statutes in force in the State.
 

Any court judgment or order on the confiscation of funds, proceeds, or instrumentalities pertaining to crimes of money laundering, financing of terrorism or financing of illegal organizations, which is rendered by any court or competent judicial authority in a country with which the State has entered a ratified convention, may be recognized.

In consideration of the legislation in force in the State, the enforcement of the court judgment or order aforementioned in Article (85) herein may not contradict any court judgment or order rendered previously in the State, and there may be no current lawsuit involving the same subject matter of the lawsuit in connection with which a ruling is rendered in the requesting country. The request shall include the following documents and information:
1. A certified copy of the ruling or order of confiscation, the law on which the ruling or order is grounded, and the reasons for confiscation if not included in the order or the ruling itself;
2. A proof indicating that a Notice to Appear in Court was served upon the convict, and that the latter was duly represented and enabled to defend itself;
3. A document proving that the court order or judgment is enforceable and unchallengeable by ordinary methods;
4. Description and estimation of the value of funds, proceeds, and instrumentalities desired to be confiscated, the place where it may be present, and the information about any person who may retain or possess them;
5. Statement of the amount desired to be recovered from among the funds required to be confiscated;
6. Any information pertaining to others' rights to said funds, proceeds and instrumentalities; and
7. A description of the actions taken by the requesting country to protect bona fide third parties.

Every natural or legal person shall immediately comply with the instructions made by the authority concerned in the State concerning the implementation of United Nations Security Council Resolutions (UNSCR) under Chapter 7 of the United Nations Charter for prevention and suppression of terrorism and the financing of terrorism, and to prevent proliferation and financing of mass destruction weapons and other relevant resolutions.

Every provision that conflicts with or inconsistent with the provisions hereof shall be repealed.

This Resolution shall enter into force as of the date of its issuance and shall be published in the Official Gazette.