Risk-based vs. rule-based approach
A risk-based decision-making approach is proactive and does not rely on a checkbox. A rule-based approach, on the other hand, is based on using a set of predefined rules to determine the best course of action. A rule-based approach is not adaptable to changing circumstances, whereas a risk-based approach is. According to FATF, a risk-based approach means that authorities and organizations should identify the anti-money laundering (AML) and combating the financing of terrorism (CFT) risks that they are exposed to, measure the level of risk, and take mitigation measures as per the accessed risk.
The UAE has acknowledged the importance of adopting a risk-based approach and has implemented several measures to ensure financial institutions and designated non-financial businesses and professions (DNFBPs) comply with AML/CFT laws. Federal Decree-Law No. 20 of 2018 is considered a “fundamental pillar” of AML laws in the UAE.
Why is there a need for a risk-based AML/CFT approach?
Every country is different, and every organization within a country works in a different way. Therefore, it is not possible to combat money laundering and terrorist financing based on preset rules. A risk-based approach is thus the solution. It is a method of decision-making that allows access and analyze potential risks that are associated with a particular course of action beforehand. The probability and severity of the risks are analyzed based on the respective organization and other circumstances. Therefore, a risk-centered approach is more suitable for AML/CFT as it takes into account the unique circumstances and potential risks associated with a specific situation.
Key elements of a risk-based AML/CFT approach in the UAE
As we have already discussed, risk-based decision-making for AML/CFT is not based on rigid, preset rules. However, there are a few elements that every organization can follow in order to identify money laundering risks. The following elements should be included in your AML/CFT approach as per applicable AML laws in the UAE: Some of the key AML legal guidance is provided under Cabinet Decision No. 10 of 2019; Federal Decree-Law No. 26 of 2021; and Cabinet Resolution No. 24 of 2022.
1) Overall risk assessment:
Following the risk-based AML/CFT approach, financial institutions should conduct a comprehensive risk assessment with respect to money laundering and terrorist financing associated with their business activities. This includes identifying customers, products, and transactions that pose the highest risks. And then implementing mitigation measures and controls as per the assessed risks.
2) Continuous AML transaction monitoring:
Financial institutions and DNFBPs should monitor customers’ transactions continuously for any suspicious activities based on the money laundering risk profile. Institutions may restrict and/or scrutinize transactions that are inconsistent with business activities or relevant risk profiles. Automation in this case is necessary, as it is not possible to monitor every transaction manually. Transaction monitoring systems must be designed to detect and alert the institution of potentially suspicious transactions on a real-time basis. The automated transaction monitoring tools will let organizations detect any suspicious activity early on. This helps to avoid any money laundering activity or financial crime.
3) Know your customer and customer due diligence:
Know your customer (KYC) and customer due diligence (CDD) are essential elements of a risk-based approach to AML/CFT. By using a risk-based approach to these processes, financial institutions, and DNFBPs can better understand their AML/CFT risks. They can then apply appropriate risk mitigation measures and allocate their resources more efficiently and effectively.
KYC refers to verifying and identifying a customer’s identity. This includes the customer’s name, address, and any other relevant information. Proper KYC procedures should be in place in every organization. CDD, which is a part of KYC, is the process of assessing the AML/CFT risks associated with a specific customer and applying the appropriate course of action to mitigate those risks. CDD enables financial institutions to access the level of risk associated with a particular customer and determine what type of KYC procedures are appropriate.
4) AML compliance officer:
In the UAE, it is compulsory to appoint an AML officer for financial institutions and DNFBPs. The duty of the AML officer is to identify threats related to money laundering and other financial crimes. Furthermore, the law mandates the AML officer to report any suspicious cases to the Financial Intelligence Unit (FIU). The officer also assists the institution regarding any AML law requirements or updates needed in the processes.
5) AML/CFT training and awareness:
One of the elements of a risk-based approach is to train your employees on the risks associated with AML and CFT. Furthermore, institutions should conduct awareness programs related to money laundering and other financial crimes. The goal is to train employees on the risks and how to mitigate them.
6) Adverse media screening:
Media screening is an important element in a risk-based AML/CFT approach in order to measure the risks associated with a customer’s character. Organizations should screen any media sources, such as negative news articles, to detect potential money laundering risks. Automating this process ultimately reduces the risk of errors. However, institutions should take care since their business may be dependent on the screening results.
In conclusion, a risk-based approach to AML and CFT is essential in today’s vibrant environment. The government of UAE recognizes a risk-based AML/CFT approach. Key elements such as overall risk assessment, continuous transaction monitoring, KYC/CDD, an AML compliance officer, AML/CFT training and awareness, and adverse media screening are crucial to mitigating money laundering and terrorist financing risks. A proactive and adaptable risk-based approach is necessary to stay ahead of the evolving financial crime landscape. This approach helps protect the integrity of the financial system.
Your trusted AML consultant, CZTA:
Creative Zone Tax Accounting (CZTA) always lets clients focus on their business rather than on complex issues, including AML/CFT. Our in-house team of AML experts will assist you in formulating a risk-based AML/CFT approach. Contact us!