In a long-awaited move, the Central Bank of the UAE (CBUAE) has released a set of comprehensive guidelines aimed at combating money laundering and terrorist financing (AML/CFT) within the realm of virtual assets.
With the involvement of the central bank, these guidelines have the potential to reshape the scene, providing Licensed Financial Institutions (LFIs) with much-needed clarity and a roadmap for effectively navigating the risks associated with virtual assets while ensuring compliance with AML/CFT regulations.
In light of the Financial Action Task Force (FATF) standards, the active involvement of the CBUAE in issuing these comprehensive guidelines becomes even more crucial.
By striking a balance between meeting the requirements set within the UAE’s regulatory framework and aligning with the expectations outlined by FATF, the CBUAE aims to ensure robust AML/CFT measures within the realm of virtual assets. In fact, this delicate balance reflects the commitment of the CBUAE to foster a secure and compliant financial ecosystem while staying attuned to international standards and best practices.
Main Key Points
Customer due diligence: Virtual assets businesses must conduct customer due diligence on all new customers. This includes collecting information on the customer’s identity, source of funds, and intended use of the virtual assets services.
Suspicious activity reporting: Virtual assets businesses must report suspicious activity to the CBUAE. This includes any transactions that appear to be linked to money laundering or terrorist financing.
Record-keeping: Virtual assets businesses must keep records of all AML/CFT-related transactions. This includes records of customer due diligence, suspicious activity reports, and other AML/CFT-related information.
The CBUAE has stated that it will take enforcement actions against financial institutions that fail to comply with the guidance. It will work with financial institutions to provide them with the support they need to comply with the guidelines.
In addition to the guidance, the CBUAE has also taken a number of other steps to strengthen its AML/CFT regime, including:
Establishing a Financial Intelligence Unit (FIU) to receive and analyze suspicious activity reports.
Issuing regulations requiring financial institutions to implement AML/CFT controls.
Conducting AML/CFT inspections of financial institutions.
On this note, the CBUAE’s efforts to strengthen its AML/CFT regime are a positive development, as they will help to protect the UAE’s financial system from being used for money laundering and terrorist financing. Nevertheless, the issuance of the UAE AML/CFT guidelines means that virtual assets businesses in the UAE will need to take steps to comply with the guidance.
The guidelines also mean that virtual assets businesses in the UAE will need to be more vigilant in identifying and reporting suspicious activity. This is because the guidance specifically mentions virtual assets businesses as being at risk of being used for money laundering and terrorist financing.
Gilson Da Costa, CEO at VAF Compliance, commented on the matter, “It was a proactive move to safeguard financial integrity. The UAE central bank issued guidelines addressing the risks tied to virtual assets and their service providers, allowing licensed financial institutions to enhance due diligence practices and effectively combat money laundering and terrorist financing by incorporating FATF standards. The UAE is expected to exit the FATF gray list at the next evaluation. This development is another step demonstrating their commitment to working closely with FATF.”
Christopher Flinos, CEO and Co-Founder of HAYVN, said, “HAYVN has always implemented best practice from our global regulatory footprint when it comes to AML and Compliance. We have implemented the world’s toughest AML requirements to ensure our platform remains a safe haven for institutional cryptocurrency. We welcome the UAE Central Bank’s latest guidance as it not only demonstrates the UAE’s commitment to actively addressing the observations made by FATF but also ensuring that as a jurisdiction, the UAE retains its position as a leader for the incorporation of robustly regulated virtual Asset firms.”
In addition to addressing these concerns, the Central Bank has introduced unexpected guidelines.
Requirements for CBUAE’s Non-Objection for Opening New Accounts for VASPs
The requirements are divided into two categories:
LFIs may establish operational accounts for Virtual Asset Service Providers (VASPs) (for example staff and administrative expense accounts and accounts for revenue from services rendered) without submitting a request for non-objection to the CBUAE.
LFIs may establish transactional accounts for VASPs, i.e., accounts to be opened to hold client funds, on condition that any such account is a suitably protected escrow account that satisfies the following conditions:
a. Clients should deposit funds directly into the escrow account;
b. The LFI may allow either individual accounts (i.e., one per client) or a pooled account for deposits by all clients of the VASP;
c. Funds in the escrow account should be ring-fenced against withdrawals for any purpose other than payment as requested explicitly and exclusively by the VASP client;
d. Escrow accounts should be reconciled by the VASP on a daily basis, and the VASP should maintain
the records for individual balances;
e. The LFI maintaining the escrow account should only be authorized to move funds for purposes of
settlement, refund, etc.; and
f. The external auditor of a VASP should be required to review the escrow account on a monthly basis (based on an ‘Agreed Upon Procedure’) and report the deviations to its senior management for appropriate corrective action.
Kokila Alagh, Founder at Karm Legal Consultants, explained, “For VAPS operating in the UAE, opening of bank accounts has been a challenge. The CBUAE’s guidance provides much-required clarity regarding this aspect. The Central Bank has clarified that its LFIs, which includes banks, finance companies, exchange houses, and payment service providers, may open (a) operational accounts (i.e., bank accounts for VASPs to receive revenues from services rendered) as well as (b) client accounts (i.e. bank accounts where client funds are held) for VASPs.”
She added, “LFIs should obtain a NOC from the CBUAE to open client accounts for each VASP on a case-by-case basis. The client account must meet certain specified conditions, for instance the account must only operate as an escrow account. On the other hand, NOC is not required for opening of operational accounts.
Overall, we can now expect the bank account opening process for VASPs to be more streamlined, which further improves the existing ecosystem for VASPs, as they would now be able to access services from a variety of financial institutions to support their operations.”
“It is absolutely a privilege as a VASP to be licensed in a jurisdiction where the authorities support and assist its financial institutions in understanding risks and effectively implementing and maintaining a high AML/CFT framework. Most jurisdictions worldwide struggle to understand and effectively regulate the sector of virtual assets and VASPs – which creates risks across the industry due to a lack of oversight from authorities.
Mehtap Onder, Managing Director at GC Exchange, also noted, “The UAE has managed to be at the forefront of bringing VA and VASP within the scope of UAE AML/CFT laws, while taking Financial Action Task Force standards into account to ensure it’s becoming a leading country in to fight against financial crime. FATF has recently upgraded its rating for UAE – with this upgrade, the UAE is compliant with 39 out of 40 recommendations reflecting the high-level political commitment by the UAE, to ensure compliance with international standards. As a licensed VASP in the UAE, we are committed to complying with these standards.”
Some additional points to keep in mind for virtual assets businesses in the UAE are:
Virtual assets businesses should be aware of the risks associated with money laundering and terrorist financing.
Virtual assets businesses should implement appropriate AML/CFT controls to mitigate these risks.
Virtual assets businesses should report suspicious activity to the CBUAE.
Virtual assets businesses should cooperate with CBUAE investigations.
With this in mind, Talal Tabaa, CEO at CoinMENA, commented on the guidelines, “With the new comprehensive regulations encompassing licensed financial institutions and virtual asset service providers (VASPs), the UAE is signaling to the market its recognition of VASPs as an increasingly integral part of the financial system. These recently implemented rules successfully strike a balance between consumer protection and robust AML/CFT risk management, all while fostering an environment that encourages innovation. It is truly a privilege to live and work in the UAE, a business-friendly environment that is propelling the nation towards global leadership in the virtual asset sector.”
The UAE has managed to be at the forefront of bringing VA and VASP within the scope of UAE AML/CFT laws, while taking Financial Action Task Force standards into account to ensure it’s becoming a leading country in to fight against financial crime. FATF has recently upgraded its rating for UAE – with this upgrade, the UAE is compliant with 39 out of 40 recommendations reflecting the high-level political commitment by the UAE, to ensure compliance with international standards. As a licensed VASP in the UAE, we are committed to complying with these standards.”
Furthermore, Saqr Ereiqat , Co-Founder and Managing Director at Crypto Oasis, quoted, “Cryptocurrencies and other Virtual Assets have established a multi trillion dollar economy, guidance similar to the one recently issued by the CBUAE ensure consumer confidence and enable wide scale adoption.”
To sum up, the issuance of the guidance is a significant step by the CBUAE in its efforts to combat money laundering and terrorist financing. The guidance provides financial institutions with clear guidance on their AML/CFT obligations. It also sends a strong message to the international community that the UAE is committed to combating money laundering and terrorist financing.
“Regulation in the UAE regarding Virtual Asset Service Providers is aligned with international standards, and it’s impressive to see the authorities’ clear delineation of responsibilities, which helps external observers like me grasp the regulatory landscape,” said Maha Al-Saadi, Director of Compliance and Regulatory Affairs at Bankhaus Scheich Wertpapierspezialist AG.