Home   Browse contents   View updates   Search  
     Quick search
Go
   

Dubai Financial Services Authority (DFSA): Contents

Dubai Financial Services Authority (DFSA)
Laws
Rulebook Modules
Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module (AML) [VER16/07-19]
Sourcebook Modules
Consultation Papers
Policy Statements
DFSA Codes of Practice
Amendments to Legislation
Media Releases
Notices
Financial Markets Tribunal
Archive

BackText onlyPrint

You need the Flash plugin.

Download Macromedia Flash Player



  • AML 7.3 Customer Due Diligence Requirements

    • Undertaking customer due diligence

      • AML 7.3.1

        (1) In undertaking Customer Due DiligenceG required by AML Rule 7.1.1(1)(a) a Relevant PersonG must:
        (a) identify the customer and verify the customer's identity;
        (b) identify any Beneficial OwnersG of the customer and take reasonable measures to verify the identity of the Beneficial OwnersG , so that the Relevant PersonG is satisfied that it knows who the Beneficial OwnersG are;
        (c) if the customer is a legal person or legal arrangement, take reasonable measures to understand the nature of the customer's business and its ownership and control structure; and
        (d) undertake on-going due diligence of the customer business relationship under AML Rule 7.6.1.
        (2) If a person ("A") purports to act on behalf of the customer, the Relevant PersonG must, in addition to (1)(a):
        (a) verify that A is authorised to act on the customer's behalf; and
        (b) identify A and verify A's identity.
        (3) The verification under (1) and (2) must be based on reliable and independent source documents, data or information.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • AML 7.3.1 [Deleted]

      [Deleted] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Identifying and verifying the customer

      • AML 7.3.2

        (1) For the purposes of AML Rule 7.3.1(1)(a), a Relevant PersonG must identify a customer and verify the customer's identity in accordance with this Rule.
        (2) If a customer is a natural person, a Relevant PersonG must obtain and verify information about the person's:
        (a) full name (including any alias);
        (b) date of birth;
        (c) nationality;
        (d) legal domicile; and
        (e) current residential address (other than a post office box).
        (3) If a customer is a body corporate, the Relevant PersonG must obtain and verify:
        (a) the full name of the body corporate and any trading name;
        (b) the address of its registered office and, if different, its principal place of business;
        (c) the date and place of incorporation or registration;
        (d) a copy of the certificate of incorporation or registration;
        (e) the articles of association or other equivalent governing documents of the body corporate; and
        (f) the full names of its senior management.
        (4) If a customer is a foundation, the Relevant PersonG must obtain and verify:
        (a) a certified copy of the charter and by-laws of the foundation or any other documents constituting the foundation; and
        (b) documentary evidence of the appointment of the guardian or any other person who may exercise powers in respect of the foundation.
        (5) If a customer is an express trust or other similar legal arrangement, the Relevant PersonG must obtain and verify:
        (a) a certified copy of the trust deed or other documents that set out the nature, purpose and terms of the trust or arrangement; and
        (b) documentary evidence of the appointment of the trustee or any other person exercising powers under the trust or arrangement.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Identifying and verifying beneficial owners: body corporate

      • AML 7.3.3

        (1) If a customer is a body corporate, a Relevant PersonG must identify and verify the Beneficial OwnersG under AML Rule 7.3.1(1)(b) in accordance with this Rule.
        (2) The Relevant PersonG must identify:
        (a) the natural persons who ultimately have a controlling ownership interest in the body corporate, whether legal or beneficial, direct or indirect; and
        (b) if there is any doubt about whether the natural persons identified under (a) exert control through ownership interests, or if no natural person exerts control through ownership interests, the natural persons exercising control of the body corporate through other means.
        (3) A Relevant PersonG does not have to identify an ownership interest under (2)(a) if, having regard to a risk-based assessment of the customer, it is reasonably satisfied that the ownership interest is minor and in the circumstances poses no or negligible risk of money laundering.
        (4) If a Relevant PersonG has exhausted all possible means but has not been able to identify the Beneficial OwnersG under (2), and provided it has no grounds for suspecting money laundering, it must treat the senior management of the body corporate as the Beneficial OwnersG .
        (5) If (4) applies, the Relevant PersonG must keep a record in writing of all the actions it has taken to identify the Beneficial OwnersG of the body corporate.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 7.3.3 Guidance

          1. In exceptional circumstances, a Relevant PersonG may not be able to identify any natural person as the ultimate owner or controller of a body corporate. In such a case, provided it has exhausted all other means of identifying the owner or controller and it has no grounds for suspecting money laundering, it can treat each of the members of the senior management of the body corporate as the Beneficial OwnersG (see AML Rule 7.3.3(4)). However, in such a case the Relevant PersonG will need to keep records of all the actions it has taken to identify the Beneficial OwnersG (see AML Rule 7.3.3(5)).
          2. If the ownership or control arrangements of a customer are of such a nature that the Relevant PersonG is prevented from identifying the Beneficial OwnersG (for example, if Beneficial OwnersG hold bearer shares or other negotiable instruments and there is no effective system for recording the current holder of the shares or instruments), the Relevant PersonG is prohibited from establishing a business relationship with the customer under AML Rule 6.1.4.
          3. For more detailed Guidance on identifying and verifying Beneficial OwnersG , see the guidance on CDDG at the end of AML section 7.3.
          Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • AML 7.3.4

      A Relevant PersonG is not required to comply with AML Rules 7.3.1(1)(b) and (c) if the customer is either:

      (a) a body corporate that:
      (i) has its Securities listed by the DFSAG , another Financial Services RegulatorG or a Regulated ExchangeG ; and
      (ii) is subject to disclosure requirements which ensure that adequate information about its business, structure and beneficial ownership is publicly available; or
      (b) a majority-owned subsidiary of a body corporate referred to in (a).
      Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Identifying and verifying beneficial owners: foundations

      • AML 7.3.5

        (1) If a customer is a foundation, a Relevant PersonG must identify and verify the Beneficial OwnersG under AML Rule 7.3.1(1)(b) in accordance with this Rule.
        (2) The Relevant PersonG must identify the founder, guardian, contributors, qualified recipients, other persons entitled to receive any property or income from the foundation and any other natural person who exercises ultimate effective control of the foundation.
        (3) If the qualified recipients, or other persons entitled to receive property or income from a foundation, are designated by characteristics or by class, the Relevant PersonG must obtain sufficient information to satisfy itself that it will be able to establish the identity of the qualified recipient or other person before it makes any payment or transfer of property to the recipient or person.
        (4) The Relevant PersonG must verify the identity of a qualified recipient or other person referred to in (3) before it makes any payment, or transfers any property, from the foundation to that recipient or person.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Identifying and verifying beneficial owners: trusts and similar arrangements

      • AML 7.3.6

        (1) If a customer is a legal arrangement, a Relevant PersonG must identify and verify the Beneficial OwnersG under AML Rule 7.3.1(1)(b) in accordance with this Rule.
        (2) The Relevant PersonG must identify:
        (a) for a trust, the settlor, trustee, protector, enforcer, beneficiaries and any other natural person who exercises ultimate effective control over the trust; and
        (b) for other types of legal arrangements, persons in equivalent or similar positions to those persons referred to in (a).
        (3) If the beneficiaries of a trust or arrangement are designated by characteristics or by class, the Relevant PersonG must obtain sufficient information about the beneficiaries to satisfy itself that it will be able to establish the identity of a beneficiary:
        (a) before it makes a distribution to the beneficiary; or
        (b) when the beneficiary intends to exercise vested rights.
        (4) The Relevant PersonG must verify the identity of a beneficiary referred to in (3) before it makes a distribution to the beneficiary or the beneficiary exercises vested rights.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Identifying and verifying beneficiary of a life insurance policy

      • AML 7.3.7

        (1) This Rule applies if a Relevant PersonG is providing a customer with a life insurance or other similar policy.
        (2) The Relevant PersonG must, in addition to complying with AML Rule 7.3.1:
        (a) if a beneficiary is specifically named in the policy, record the name of that person; and
        (b) if the beneficiaries of the policy are designated by characteristics or by class, obtain sufficient information to satisfy itself that it will be able to establish the identity of the beneficiaries when any payment is due to be made under the policy.
        (3) The Relevant PersonG must undertake the measures referred to in (2) as soon as the beneficiary of the policy is identified or designated.
        (4) The Relevant PersonG must verify the identity of beneficiaries and any Beneficial OwnersG of a beneficiary before it makes a payout under the policy.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 7.3.7 Guidance

          An insurance policy that is similar to a life insurance policy includes life-related protection, or a pension or investment product that pays out to the policyholder or beneficiary upon a particular event occurring or upon redemption.

          Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

    • Politically Exposed Persons: other measures

      • AML 7.3.8

        (1) A Relevant PersonG must take reasonable measures to determine:
        (a) if a customer, or a Beneficial OwnerG of a customer, is a Politically Exposed PersonG (PEP); and
        (b) for a life insurance or other similar policy, if a beneficiary of the policy, or a Beneficial OwnerG of a beneficiary, is a PEPG .
        (2) If a customer, or a Beneficial OwnerG of a customer, is a PEPG , a Relevant PersonG must:
        (a) obtain the approval of senior management to commence or continue the business relationship with the customer;
        (b) take reasonable measures to establish the source of wealth and source of funds of the customer or Beneficial OwnerG ; and
        (c) increase the degree and nature of monitoring of the business relationship, to determine whether the customer's transactions or activities appear unusual or suspicious.
        (3) If a beneficiary of a life insurance or other similar policy, or a Beneficial OwnerG of a beneficiary, is a PEPG , a Relevant PersonG must:
        (a) obtain the approval of senior management to make any payout under the policy;
        (b) take reasonable measures to establish the source of wealth and source of funds of the beneficiary or Beneficial OwnerG of the beneficiary; and
        (c) increase the degree and nature of monitoring of its business relationship with the policyholder, to determine whether the customer's transactions or activities appear unusual or suspicious.
        (4) A Relevant PersonG must carry out the additional Customer Due DiligenceG referred to in (3) before it makes any payout under the policy.
        Derived from DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 7.3.8 Guidance on CDD

          1. Items (a) to (c) in AML Rule 7.3.2(2) should be obtained from a current valid passport or, where a customer does not possess a passport, an official identification document which includes a photograph. The concept of domicile generally refers to the place which a person regards as his permanent home and with which he has the closest ties or which is his place of origin.
          2. Under AML Rule 7.3.1(3), a Relevant PersonG is required to verify the identity of a person based on reliable and independent source documents, data or information. A Relevant PersonG should generally have sight of original identification documents and retain a copy of the identification document. However in complying with AML Rule 7.3.1, it may not always be possible to obtain original documents. Where identification documents cannot be obtained in original form, for example, because a Relevant PersonG has no physical contact with the customer, the Relevant PersonG should obtain a copy certified as a true copy by a person of good standing such as a registered lawyer or notary, a chartered accountant, a bank manager, a police officer, an EmployeeG of the person's embassy or consulate, or other similar person. The DFSAG considers that downloading publicly-available information from an official source (such as a regulator's or other official government website) is sufficient to satisfy the requirements of AML Rule 7.3.1. The DFSAG also considers that CDDG information and research obtained from a reputable company or information-reporting agency may also be acceptable as a reliable and independent source as would banking references and, on a risk-sensitive basis, information obtained from researching reliable and independent public information found on the internet or on commercial databases.
          3. For higher risk situations the DFSAG would expect identification information to be independently verified, using both public and non-public sources.
          Derived from RM117/2013 [VER9/07-13]
          [Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
          [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]

        • AML 7.3.8 Guidance on identification and verification of Beneficial Owners

          4. In determining whether an individual meets the definition of a Beneficial OwnerG , regard should be had to all the circumstances of the case, in particular the size of an individual's legal or beneficial ownership in a transaction. The question of what is a "minor" ownership interest for the purposes of the definition of a Beneficial OwnerG in AML Rule 7.3.3 will depend on the individual circumstances of the customer. The DFSAG considers that the question of whether an ownership interest is minor should be considered in the context of the Relevant Person'sG knowledge of the customer and the customer risk assessment and the risk of money laundering.
          5. When identifying Beneficial OwnersG , a Relevant PersonG is expected to adopt a substantive (as opposed to form over substance) approach to CDDG for legal persons. Adopting a substantive approach means focusing on the money laundering risks of the customer and the product/service and avoiding an approach which focusses purely on the legal form of an arrangement or sets fixed percentages at which Beneficial OwnersG are identified (or not). It should take all reasonable steps to establish and understand a corporate customer's legal ownership and control and to identify the Beneficial OwnerG . The DFSAG does not set explicit ownership or control thresholds in defining the Beneficial OwnerG because the DFSAG considers that the applicable threshold to adopt will ultimately depend on the risks associated with the customer, and so the DFSAG expects a Relevant PersonG to adopt the RBA and justify on reasonable grounds an approach which is proportionate to the risks identified. A Relevant PersonG should not set fixed thresholds for identifying the Beneficial OwnerG without objective and documented justification as required by AML Rule 4.1.1. An overly formal approach to defining the Beneficial OwnerG may result in a criminal "gaming" the system by always keeping his financial interest below the relevant threshold
          6. The DFSAG considers that in some circumstances no threshold should be used when identifying Beneficial OwnersG because it may be important to identify all underlying Beneficial OwnersG in order to ensure that they are not associated or connected in some way. This may be appropriate where there are a small number of investors in an account or fund, each with a significant financial holding and the customer-specific risks are higher. However, where the customer-specific risks are lower, a threshold can be appropriate. For example, for a low-risk corporate customer which, combined with a lower-risk product or service, a percentage threshold may be appropriate for identifying "control" of the legal person for the purposes of the definition of a Beneficial OwnerG .
          7. For a retail investment fund which is widely-held and where the investors invest via pension contributions, the DFSAG would not expect the manager of the fund to look through to any underlying investors where there are none with any material control or ownership levels in the fund. However, for a closely-held fund with a small number of investors, each with a large shareholding or other interest, the DFSAG would expect a Relevant PersonG to identify and verify each of the Beneficial OwnersG , depending on the risks identified as part of its risk-based assessment of the customer. For a corporate health policy with defined benefits, the DFSAG would not expect a Relevant PersonG to identify the Beneficial OwnersG .
          8. Under Federal AML legislation, if the customer is a legal person, the Relevant PersonG must identify any person who, alone or jointly with other persons, has a controlling ownership interest of 25% or more in the legal person i.e. it applies a specified threshold. This does not affect the approach that should be taken under AML Rule 7.3.1(1)(b) and AML Rule 7.3.3 for verifying the identity of Beneficial OwnersG , where no threshold is specified (see Guidance items 4 to 7 above). As a result, under the Federal AML legislation a Relevant PersonG will need to obtain information identifying natural persons who have a controlling interest of hold more than 25%. Then, in accordance with the risk-based approach in Guidance items 4 to 7, the Relevant PersonG should determine whether it is necessary also to identify other persons who may be Beneficial OwnersG , and verify their identity
          Derived from RM117/2013 [VER9/07-13]
          [Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
          [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]
          [Amended] DFSA RM258/2019 (Made 26th June 2019). [VER16/07-19]

        • AML 7.3.8 Guidance on politically exposed persons

          9. Individuals who have, or have had, a high political profile, or hold, or have held, public office, can pose a higher money laundering risk to a Relevant PersonG as their position may make them vulnerable to corruption. This risk also extends to members of their families and to known close associates. Politically Exposed PersonG ("PEP") status itself does not, of course, incriminate individuals or entities.
          10. Generally, a foreign PEPG presents a higher risk of money laundering because there is a greater risk that such person, if he was committing money laundering, would attempt to place his money offshore where the customer is less likely to be recognised as a PEPG and where it would be more difficult for law enforcement agencies in his home jurisdiction to confiscate or freeze his criminal property.
          11. Corruption-related money laundering risk increases when a Relevant PersonG deals with a PEPG . Corruption may involve serious crimes and has become the subject of increasing global concern. Corruption offences are predicate crimes under the Federal AML legislation. A Relevant PersonG should note that customer relationships with family members or close associates of PEPsG involve similar risks to those associated with PEPsG themselves.
          12. The DFSAG considers that after leaving office a PEPG may remain a higher risk for money laundering if such person continues to exert political influence or otherwise pose a risk of corruption.
          13. The fact that an individual is a PEPG does not automatically mean that the individual must be assessed to be a high risk customer. A Relevant PersonG will need to assess the particular circumstances relating to each PEPG to determine what risk category is appropriate. If the PEPG is assigned a high risk, then the Relevant PersonG will need to undertake the Enhanced Customer Due DiligenceG measures under AML Rule 7.4.1. However, even if a PEPG is not assigned a high risk, the Relevant PersonG is required as a minimum to undertake the additional customer due diligence measures specified in AML Rule 7.3.8(2) and (3) for PEPG s.
          Derived from RM117/2013 [VER9/07-13]
          [Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]
          [Amended] DFSA RM231/2018 (Made 6th June 2018) [VER15/07-18]