Question 1

What is AML and why is it important in the UAE?

Accepted Answer

AML refers to laws preventing criminals from legitimizing illicit funds. It's essential in the UAE to protect financial systems and comply with global standards.

Question 2

Who must comply with AML laws in the UAE?

Accepted Answer

All financial institutions and DNFBPs, including real estate brokers, auditors, and dealers in precious metals.

Question 3

What are the key UAE AML regulations I should be aware of?

Accepted Answer

Federal Decree-Law No. (20) of 2018 and Cabinet Decision No. (10) of 2019 are the main AML laws.

Question 4

What is the role of the Financial Intelligence Unit (FIU)?

Accepted Answer

The FIU analyzes suspicious activity reports (SARs) and forwards critical cases to relevant authorities.

Question 5

What is goAML and how does it work?

Accepted Answer

goAML is the UAE’s FIU reporting platform used to submit suspicious transaction reports (STRs).

Question 6

Why are real estate companies required to comply with AML?

Accepted Answer

They are considered DNFBPs due to high exposure to money laundering through property transactions.

Question 7

How do I register my company with goAML?

Accepted Answer

Register via the SACM portal and complete goAML setup with business documents.

Question 8

What documents are needed for goAML registration?

Accepted Answer

Trade license, Emirates ID, passport copy, authorization letter, and valid email.

Question 9

What are the consequences of non-compliance?

Accepted Answer

Penalties from AED 50,000 to AED 1,000,000 depending on the violation.

Question 10

How often should we update our AML policy?

Accepted Answer

Review your AML policy annually or when regulations/business processes change.

Question 11

What is Customer Due Diligence (CDD)?

Accepted Answer

CDD means verifying a client’s identity and assessing their risk profile.

Question 12

When is Enhanced Due Diligence (EDD) required?

Accepted Answer

For high-risk clients like PEPs or those from high-risk countries.

Question 13

What documents are required for verifying clients?

Accepted Answer

ID, proof of address, trade license, and ownership info for entities.

Question 14

How do we identify Ultimate Beneficial Owners (UBOs)?

Accepted Answer

By analyzing the ownership structure and requesting UBO declarations.

Question 15

What is risk-based customer categorization?

Accepted Answer

Assigning risk levels (low/medium/high) based on client activity and profile.

Question 16

What qualifies as a Suspicious Transaction?

Accepted Answer

Transactions inconsistent with a customer’s known profile or with no clear purpose.

Question 17

What is a Suspicious Activity Report (SAR)?

Accepted Answer

A SAR reports suspicious behavior or transactions to the UAE FIU.

Question 18

How do I file a SAR via goAML?

Accepted Answer

Log in to goAML, complete the SAR form, and submit it securely.

Question 19

What is the deadline for submitting a report?

Accepted Answer

Submit SARs promptly upon identification of suspicious activity.

Question 20

What happens after a SAR is submitted?

Accepted Answer

The FIU reviews it and may take further investigative or legal action.

Question 21

What must an AML policy include?

Accepted Answer

Risk assessment, CDD, transaction monitoring, reporting, training, and audit processes.

Question 22

Who should be designated as the Compliance Officer?

Accepted Answer

A senior employee with authority and AML knowledge to oversee implementation.

Question 23

How often should we conduct AML training?

Accepted Answer

At least once a year and when there are regulatory or process changes.

Question 24

What is an internal AML audit?

Accepted Answer

A structured review to check AML policy effectiveness and compliance gaps.

Question 25

How do I create an AML risk assessment?

Accepted Answer

Identify, assess, and mitigate AML risks across clients, transactions, and processes.

Question 26

What are sanctions lists and how do I screen against them?

Accepted Answer

They include names of restricted persons/entities. Screen clients against updated lists.

Question 27

What is a Politically Exposed Person (PEP)?

Accepted Answer

Someone in a prominent public role, posing higher AML risk.

Question 28

Do I have to report all PEP matches?

Accepted Answer

Not all, but apply EDD. Report if behavior appears suspicious.

Question 29

How often should I update my screening database?

Accepted Answer

At least monthly or whenever there are updates to official sanctions/PEP lists.

Question 30

Can screening be automated?

Accepted Answer

Yes. AML systems can automate name matching, reducing manual effort and false positives.

Area	Item	Evidence	Status
Policies	AML/CFT policy approved & signed	Policy file	Completed
CDD	All client files screened for PEPs	Screening logs	Missing
Reporting	STR/SAR proofs saved	goAML receipts	Pending Review
Training	Staff trained in last 12 months	Certificates	Completed
...	...	...	...

Follow us

Building an Internal AML Audit Checklist for Your Sector

Introduction

Why a Sector-Specific AML Checklist Matters

Core AML Audit Checklist Items (For All Sectors)

1. Policies & Procedures

2. Customer Due Diligence (CDD)

3. goAML Reporting

4. Ultimate Beneficial Ownership (UBO)

5. Training Records

6. Transaction Monitoring

7. Internal Review Logs

Sector-Specific Audit Points

Real Estate Brokers

Real Estate Developers

Gold & Precious Metals Dealers

Corporate Service Providers

How to Use the Checklist Effectively

Sample Internal AML Audit Checklist

How InfoAML Helps

Conclusion

Share this post

Our blogs

Follow Us