Cabinet Decision No.

(10) of 2019
CONCERNING THE IMPLEMENTING REGULATION OF DECREE LAW NO. (20) OF 2018
ON ANTI- MONEY LAUNDERING AND COMBATING THE FINANCING OF TERRORISM AND ILLEGAL
ORGANISATIONS

The Cabinet,

- Pursuant to the perusal of the Constitution;

- Federal Law No. (1) of 1972 concerning the Competencies of Ministries and Powers of the Ministers and
its amendments;

- Federal Decretal-Law No. (20) of 2018 on Anti- Money Laundering and Combating the Financing of
Terrorism and Illegal Organisations; and

Based on the proposal of the Minister of Finance and the approval of the Cabinet,

Has issued the following:

Chapter 1
Definitions
Article (1)

In application of the provisions of the present Decision, the following terms and expressions shall have the
meanings assigned to them unless the context requires otherwise:

State: United Arab Emirates

Minister: Minister of Finance

Central Bank: Central Bank of United Arab Emirates

Governor: Governor of the Central Bank

Committee: National Committee for Anti- Money Laundering and Combating the Financing of Terrorism and
Illegal Organisations.

1
FC033074.610441 10.02.2019.mn.FAA/ts
FIU: Financial Intelligence Unit

Supervisory Authority: Federal and local authorities, which are entrusted by legislation to supervise
Financial Institutions, Designated Non-Financial Businesses and Professions and Non-Profit Organisations
or the competent authority in charge of approving the pursuit of an activity or a profession in case a
supervisory authority is not assigned by legislations.

Law Enforcement Authorities: Federal and local authorities which are entrusted under applicable legislation
to combat, search, investigate and collect evidences on the crimes including ML/FT and financing illegal
organisations crimes.

Relevant Authorities: The competent government authorities entrusted with the implementation of any
provision of the Decretal-Law in the State.

Predicate Offence: Any act constituting an felony or misdemeanour under the applicable laws of the State
whether this act is committed inside or outside the State when such act is punishable in both countries.

Money Laundering: Any of the acts mentioned in Clause (1) of Article (2) of the Decretal-Law.

Financing of Terrorism: Any of the acts mentioned in Articles (29) and (30) of Federal Law no. (7) of 2014
on combating terrorism offences.

Illegal Organisations: Organisations whose establishment is criminalised or which pursue a criminalised

activity.

Financing of Illegal Organisations: Any physical or legal action aiming at providing funding to an illegal
organisation, or any of its activities or members.

Crime: Money laundering crime and related Predicate Offences, or Financing of Terrorism or Illegal
Organisations.

Funds: Assets in whatever form, whether tangible, intangible, movable or immovable including national
currency, foreign currencies, documents or notes evidencing the ownership of those assets or associated
rights in any form including electronic or digital forms or any interests, profits or income originating or earned
from these assets.

Proceeds: Funds generated directly or indirectly from the commitment of any felony or misdemeanour
including profits, privileges, and economic interests, or any similar funds converted wholly or partly into other
funds.

2
FC033074.610441 10.02.2019.mn.FAA/ts
Means: Any means used or intended to be used for the commission of an offence or felony.

Suspicious Transactions: Transactions related to funds for which there are reasonable grounds to suspect
that they are earned from any felony or misdemeanour related to the financing of terrorism or of illegal
organisations, whether committed or attempted.

Freezing or Seizure: Temporary restriction over the moving, conversion, transfer, replacement or disposition
of funds in any form, by an order issued by a Competent Authority.

Confiscation: Permanent expropriation of private funds or proceeds or instrumentalities by an injunction

issued by a competent court.

Financial Institutions: Anyone who conducts one or several of the financial activities or operations of /or on
behalf of a Customer.

Intermediary Financial Institution: The Financial Institution that receives and sends wire transfer between
the Ordering Financial Institution and the Beneficiary Financial institution or another Intermediary Financial
Institution.

Beneficiary Financial Institution: The Financial Institution that receives a wire transfer from an Ordering
Financial Institution directly or indirectly via an Intermediary Financial Institution and makes funds available
to the beneficiary.

Financial Transactions or Activities: Any activity or transaction defined in Article (2) of the present
Decision.

Designated Nonfinancial Businesses and Professions (DNFBPs): Anyone who conducts one or several
of the commercial or professional activities defined in Article (3) of the present Decision.

Non-Profit Organisations (NPOs): Any organised group, of a continuing nature set for a temporary or
permanent time period, comprising natural or legal persons or not for profit legal arrangements which are
non-profit for the purpose of collecting, receiving or disbursing funds for charitable, religious, cultural,
educational, social, or fraternal purposes or any other types of good works.

Legal Arrangement: A relationship established by means of a contract between two or more parties which
does not result in the creation of a legal personality such as trusts or other similar arrangements.

3
FC033074.610441 10.02.2019.mn.FAA/ts
Trust : A legal relationship in which a settlor places funds under the control of a trustee for the interest of a
beneficiary or for a specified purpose. These assets constitute funds that are independent of the trustee's
own estate, and the rights to the trust assets remain in the name of the settlor or in the name of another
person on behalf of the settlor.

Settlor: A natural or legal person who transfers the control of his funds to a Trustee under a document.

Trustee: A natural or legal person who has the rights and powers conferred to him by the Settlor or the Trust,
under which he administers, uses, and acts with the funds of the Settlor in accordance with the conditions
imposed on him by either the Settlor or the Trust.

Customer: Anyone who performs or attempts to perform any of the acts defined in Articles (2) and (3) of the
present Decision with any Financial Institution or Designated Non-Financial Business or Profession.

Transaction: All disposal or use of Funds or proceeds including for example: deposit, withdrawal, conversion,
sale, purchase, lending, swap, mortgage, and donation.

Beneficial Owner: The natural person who ultimately owns or exercises effective control, directly or
indirectly, over a Customer or the natural person on whose behalf a Transaction is being conducted or, the
natural person who exercises effective ultimate control over a legal person or Legal Arrangement.

Business Relationship: Any ongoing commercial or financial relationship established between financial
institutions, designated non-financial businesses and professions, and their Customers in relation to activities
or services provided by them.

Correspondent Banking Relationship: Relationship between a correspondent financial institution and a

respondent one through a current account or any other type of account(s) or through a service related to such
an account and includes a corresponding relationship established for the purpose of securities transactions
or transfer of funds.

Intermediary Account: Corresponding account used directly by a third party to conduct a transaction on its
own behalf.

Financial Group: A group of financial institutions that consists of a holding company or of another legal
person exercising the control over the rest of the group and coordinating functions for the application of
supervision on the group, branch, and subsidiary level, in accordance with the international core principles
for financial supervision, and AML/CFT policies and procedures.

4
FC033074.610441 10.02.2019.mn.FAA/ts
Core Principles for Financial Supervision: Basel Committee on Banking Supervision (BCBS) Principles 1-
3, 5-9, 11-15, 26, and 29; International Association of Insurance Supervisors (IAIS) Principles 1, 3-11, 18, 21-
23, and 25; and International Organisation of Securities Commission (IOSCO) Principles 24, 28, 29 and 31;
and Responsibilities A, B, C and D.

Wire Transfer: Financial transaction conducted by a financial institution or through an intermediary institution
on behalf of a transferor whose funds are received by a beneficiary in another financial institution, whether or
not the transferor and the beneficiary are the same person.

Shell Bank: Bank that has no physical presence in the country in which it is incorporated and licensed, and
is unaffiliated with a regulated financial group that is subject to effective consolidated supervision.

Registrar: The entity in charge of supervising the register of commercial names for all types of establishments
registered in the State.

Customer Due Diligence (CDD): Process of identifying or verifying the information of a Customer or
Beneficial Owner, whether a natural or legal person or a legal arrangement, and the nature of its activity and
the purpose of the business relationship and the ownership structure and control over it for the purposes of
the Decretal-Law and this Decision.

Controlled Delivery: The process by which a competent authority allows the entering or transferring of illegal
or suspicious funds or crime revenues to and from the UAE for the purpose of investigating a crime or
identifying the identity of its perpetrators.

Undercover Operation: The process of search and investigation conducted by one of the judicial
impoundment officers by impersonating or playing a disguised or false role in order to obtain evidence or
information related to the Crime.

High Risk Customer: A Customer who represents a risk either in person, activity, business relationship,
nature of geographical area, such as a Customer from a high-risk country or non-resident in a country in
which he does not hold an identity card, or a costumer having a complex structure, performing complex
operations or having unclear economic objective, or who conducts cash-intensive operations, or operations
with an unknown third party, or operations without directly confronting any other high risk operations identified
by financial institutions, or designated non-financial businesses and professions, or the Supervisory Authority.

Politically Exposed Persons (PEPs): Natural persons who are or have been entrusted with prominent public
functions in the State or any other foreign country such as Heads of States or Governments, senior politicians,
senior government officials, judicial or military officials, senior executive managers of state-owned
corporations, and senior officials of political parties and persons who are, or have previously been, entrusted

5
FC033074.610441 10.02.2019.mn.FAA/ts
with the management of an international organisation or any prominent function within such an organisation;
and the definition also includes the following:

1. Direct family members (Of the PEP, who are spouses, children, spouses of children, parents).

2. Associates known to be close to the PEP, which include:

(a) Individuals having joint ownership rights in a legal person or arrangement or any other close business
relationship with the PEP.

(b) Individuals having individual ownership rights in a legal person or arrangement established in favour
of the PEP.

Decretal- Law: Federal Decretal-Law No. (20) of 2018 on Anti- Money Laundering and Combating the
Financing of Terrorism and Illegal Organisations.

Chapter 2
Financial Institutions, DNFBPs, and Non-Profit Organisations
Part 1
Financial Institutions and DNFBPs

Section 1
Article (2)
Activities and Transactions of Financial Institutions and DNFBPs

The following are considered financial activities and transactions:

1. Receiving deposits and other funds that can be paid by the public, including deposits in accordance with
Islamic Sharia

2. Providing private banking services

3. Providing credit facilities of all types

4. Providing credit facilities of all types, including credit facilities in accordance with Islamic Sharia

5. Providing cash brokerage services

6
FC033074.610441 10.02.2019.mn.FAA/ts
6. Financial transactions in securities, finance and financial leasing

7. Providing currency exchange and money transfer services

8. Issuing and managing means of payment, guarantees or obligations

9. Providing stored value services, electronic payments for retail and digital cash.

10. Providing virtual banking services

11. Trading, investing, operating or managing funds, option contracts, future contracts, exchange rate and
interest rate transactions, other derivatives or negotiable financial instruments

12. Participating in issuing securities and providing financial services related to these issues

13. Managing funds and portfolios of all kinds

14. Saving funds

15. Preparing or marketing financial activities

16. Insurance transactions, in accordance with Federal Law No. (6) of 2007 concerning the Establishment of
the Insurance Authority and the Organisation of its Operations

17. Any other activity or financial transaction determined by the Supervisory Authority

Article (3)

Anyone who is engaged in the following trade or business activities shall be considered a DNFBP:

1. Brokers and real estate agents when they conclude operations for the benefit of their Customers with
respect to the purchase and sale of real estate

2. Dealers in precious metals and precious stones in carrying out any single cash transaction or several
transactions that appear to be interrelated or equal to more than AED 55,000.

7
FC033074.610441 10.02.2019.mn.FAA/ts
3. Lawyers, notaries, and other independent legal professionals and independent accountants, when
preparing, conducting or executing financial transactions for their Customers in respect of the following
activities:

(a) Purchase and sale of real estate.

(b) Management of funds owned by the Customer.

(c) Management of bank accounts, saving accounts or securities accounts.

(d) Organising contributions for the establishment, operation or management of companies.

(e) Creating, operating or managing legal persons or Legal Arrangements.

(f) Selling and buying commercial entities.

4. Providers of corporate services and trusts upon performing or executing a transaction on the behalf of
their Customers in respect of the following activities:

(a) Acting as an agent in the creation or establishment of legal persons;

(b) Working as or equipping another person to serve as director or secretary of a company, as a partner
or in a similar position in a legal person.

(c) Providing a registered office, work address, residence, correspondence address or administrative
address of a legal person or Legal Arrangement.

(d) Performing work or equipping another person to act as a trustee for a direct Trust or to perform a
similar function in favour of another form of Legal Arrangement.

(e) Working or equipping another person to act as a nominal shareholder in favour of another person.

5. Other professions and activities which shall be determined by a decision of the Minister

Section 2
Identification and Mitigation of Risks
Article (4)

8
FC033074.610441 10.02.2019.mn.FAA/ts
1. Financial institutions and DNFBPs are required to identify, assess, and understand their crime risks in
concert with their business nature and size, and comply with the following:

(a) Considering all the relevant risk factors such as customers, countries or geographic areas; and
products, services, transactions and delivery channels, before determining the level of overall risk
and the appropriate level of mitigation to be applied.

(b) Documenting risk assessment operations, keeping them up to date on on-going bases and making
them available upon request.

2. Financial Institutions and DNFBPs shall commit to take steps to mitigate the identified risks mentioned
as per Clause (1) herein, taking into consideration the results of the National Risk Assessment, by the
following:

(a) Developing internal policies, controls and procedures that are commensurate with the nature and
size of their business and are approved by senior management, to enable them to manage the risks
that have been identified, and if necessary, to monitor the implementation of such policies, controls
and procedures and enhance them as per Article (20) of the present Decision.

(b) Applying Enhanced CDD measures to manage high risks once identified. Examples include:

(1) Obtaining more information and investigating this information such as information relating to the
Customer and Beneficial Owner identity, or information relating to the purpose of the business
relationship or reasons of the transaction.

(2) Updating the CDD information of the Customer and Beneficial Owner more systematically.

(3) Taking reasonable measures to identify the source of the funds of the Customer and Beneficial
Owner.

(4) Increasing the degree and level of ongoing business relationship monitoring and examination of
transactions in order to identify whether they appear unusual or suspicious.

(5) Obtaining the approval of senior management to commence the business relationship with the
Customer.

3. In case the requirements stipulated in Clauses (1 and 2) above are met, the Financial Institutions and
DNFBPs shall be permitted to apply simplified CDD measures to manage and limit the identified low risks,

9
FC033074.610441 10.02.2019.mn.FAA/ts
 unless there is suspicion of a committed Crime. The simplified CDD measures should be commensurate
with the low risk factors. These include the following, as examples:

(a) Verifying the identity of the Customer and Beneficial Owner after establishing the business
relationship.

(b) Updating the Customer’s data based on less frequent intervals.

(c) Reducing the rate of ongoing monitoring and transaction checks.

(d) Concluding the purpose and nature of the business relationship based on the type of transactions or
the business relationship that has been established, without the need to gather information or
performing specific procedure.

Section 3
Customer Due Diligence (CDD)
Article (5)

1. Financial Institutions and DNFBPs are required to undertake CDD measures to verify the identity of the
Customer and the Beneficial Owner before or during the establishment of the business relationship or
opening an account, or before executing a transaction for a Customer with whom there is no business
relationship. And in the cases where there is a low crime risk, it is permitted to complete verification of
Customer identity after establishment of the business relationship, under the following conditions:

(a) The verification will be conducted in a timely manner as of the commencement of business
relationship or the implementation of the transaction.

(b) The delay is necessary in order not to obstruct the natural course of business.

(c) The implementation of appropriate and effective measures to control the risks of the Crime.

2. Financial Institutions and DNFBPs are required to take measures to manage the risks in regards to the
circumstances where Customers are able to benefit from the business relationship prior to completion of
the verification process.

Article (6)

Financial Institutions and DNFBPs should, as the case may be, undertake CDD measures in the following
cases:

10
FC033074.610441 10.02.2019.mn.FAA/ts
1. Establishing the business relationship;

2. Carrying out occasional transactions in favour of a Customer for amounts equal to or exceeding AED
55,000, whether the transaction is carried out in a single transaction or in several transactions that appear
to be linked;

3. Carrying out occasional transactions in the form of Wire Transfers for amounts equal to or exceeding
AED 3,500.

4. Where there is a suspicion of the Crime.

5. Where there are doubts about the veracity or adequacy of previously obtained Customer's identification
data.

Article (7)

Financial Institutions and DNFBPs should undertake CDD measures and ongoing supervision of business
relationships, including:

1. Audit transactions that are carried out throughout the period of the business relationship, to ensure that
the transactions conducted are consistent with the information they have about Customer, their type of
activity and the risks they pose, including - where necessary - the source of funds

2. Ensure that the documents, data or information obtained under CDD Measures are up-to-date and
appropriate by reviewing the records, particularly those of high-risk customer categories

Article (8)

1. Financial Institutions and DNFBPs should identify the Customer’s identity, whether the Customer is
permanent or walk-in, and whether the Customer is a natural or legal person or legal arrangement, and
verify the Customer’s identity and the identity of the Beneficial Owner. This should be done using
documents, data or any other identification information from a reliable and independent source as follows:

(a) For Natural Persons:

The name, as in the identification card or travel document, nationality, address, place of birth, name
and address of employer, attaching a copy of the original and valid identification card or travel

11
FC033074.610441 10.02.2019.mn.FAA/ts
 document, and obtain approval from the senior management, if the Customer or the Beneficial Owner
is a PEP.

(b) For Legal Persons and Legal Arrangements:

(1) The name, Legal Form and Memorandum of Association

(2) Headquarter office address or the principal place of business; if the legal person or arrangement
is a foreigner, it must mention the name and address of its legal representative in the State and
submit the necessary documents as a proof.

(3) Articles of Association or any similar documents, approved by the relevant authority within the
State.

(4) Names of relevant persons holding senior management positions in the legal person or legal
arrangement.

2. Financial institutions and DNFBP’s are required to verify that any person purporting to act on behalf of
the Customer is so authorised, and verify the identity of that person as prescribed in Clause (1), of this
Article.

3. Financial institutions and DNFBP’s are required to understand the intended purpose and nature of the
business relationship, and obtain, when necessary, information related to this purpose.

4. Financial institutions and DNFBP’s are required to understand the nature of the Customer’s business as
well as the Customer’s ownership and control structure.

Article (9)

Financial Institutions and DNFBP’s are required to take reasonable measures to identity the Beneficial
Owners of legal persons and Legal Arrangements and verify it, by using information, data, or documents
acquired from a reliable source, by the following:

1. For Customers that are legal persons:

12
FC033074.610441 10.02.2019.mn.FAA/ts
(a) Obtaining and verifying the identity of the natural person, who by himself or jointly with another person,
has a controlling ownership interest in the legal person of 25% or more, and in case of failing or having
doubt about the information acquired, the identity shall be verified by any other means.

(b) In the event of failing to identify the natural person exercising control as per paragraph (a) of this
Clause, or the person(s) with the controlling ownership interest is not the Beneficial Owner, the identity shall
be identified for the relevant natural person(s) holding the position of senior management officer, whether
one or more persons.

2. For Customers that are Legal Arrangements:

Verifying the identity of the Settlor, the Trustee(s), or anyone holding a similar position, the identity of the
beneficiaries or class of beneficiaries, the identity of any other natural person exercising ultimate effective
control over the legal arrangement, and obtaining sufficient information regarding the Beneficial Owner to
enable the verification of his/her identity at the time of payment, or at the time he/she intends to exercise
his/her legally acquired rights.

Article (10)

Financial Institutions and DNFBPs shall be exempted from identifying and verifying the identity of any
shareholder, partner, or the Beneficial Owner, if such information is obtainable from reliable sources where
the Customer or the owner holding the controlling interest are as follow:

1. A company listed on a regulated stock exchange subject to disclosure requirements through any means
that require adequate transparency requirements for the Beneficial Owner.

2. A subsidiary whose majority shares or stocks are held by the shareholders of a holding company.

Article (11)

1. In addition to the CDD measures required for the Customer and the Beneficial Owner, Financial
Institutions shall be required to conduct CDD measures and ongoing monitoring of the beneficiary of life
insurance policies and funds generating transactions, including life insurance products relating to
investments and family Takaful insurance, as soon as the beneficiary is identified or designated as
follows:

(a) For the beneficiary identified by name, the name of the person, whether a natural person a legal
person or a legal arrangement, shall be obtained.

13
FC033074.610441 10.02.2019.mn.FAA/ts
 (b) For a beneficiary designated by characteristics or by class– such as a family relation like parent or
child, or by other means such as will or estate – it shall be required to obtain sufficient information
concerning the beneficiary to ensure that the Financial Institution will be able to establish the identity
of the beneficiary at the time of the pay-out.

2. In all cases – the Financial Institutions should verify the identity of the beneficiary at the time of the pay-
out as per the insurance policy or prior to exercising any rights related to the policy. If the Financial
Institution identifies the beneficiary of the insurance policy to be a high-risk legal person or arrangement,
then it should conduct enhanced CDD measures to identify the Beneficial Owner of that beneficiary, legal
person, or legal arrangement.

Article (12)

Financial Institutions and DNFBPs should apply CDD measures to Customers and the ongoing business
relationship on the effective date of the present Decision, within such times as deemed appropriate based on
relative importance and risk priority. It should also ensure the sufficiency of data acquired, in case CDD
measures were applied before the effective date of the present Decision.

Article (13)

1. Financial Institutions and DNFBPs shall be prohibited from establishing or maintaining a business
relationship or executing any transaction should they be unable to undertake CDD measures towards the
Customer and should consider reporting a suspicious transaction to the FIU.

2. Even if they suspect the commission of a Crime, financial institutions and DNFBPs should not apply CDD
measures if they have reasonable grounds to believe that undertaking such measures would tip-off the
Customer and they should report a Suspicious Transaction to the FIU along with the reasons having
prevented them from undertaking such measures.

Article (14)

Financial Institutions and DNFBP’s shall commit to the following:

1. Not to deal in any way with Shell Banks, whether to open bank accounts in their names, or to accept
funds or deposits from them.

2. Not to create or keep records of bank accounts using pseudonyms, fictitious names or numbered
accounts without the account holder’s name.

14
FC033074.610441 10.02.2019.mn.FAA/ts
 Section 4
Politically Exposed Persons (PEPs)
Article (15)

1. In addition to undertaking CDD measures required under Section 3, Part 1 of this Chapter, Financial
Institutions and DNFBPs shall be required to carry out the following:

First: For Foreign PEPs:

(a) Put in place suitable risk management systems to determine whether a Customer or the Beneficial
Owner is considered a PEP.

(b) Obtain senior management approval before establishing a business relationship, or continuing an
existing one, with a PEP.

(c) Take reasonable measures to establish the source of funds of Customers and Beneficial Owners
identified as PEPs.

(d) Conduct enhanced ongoing monitoring over such relationship.

Second: For Domestic PEPs and individuals previously entrusted with prominent functions at
international organisations:

a. Take sufficient measures to identify whether the Customer or the Beneficial Owner is considered
one of those persons.

b. Take the measures identified in Clauses (b), (c), and (d) under the first paragraph of this Article,
when there is a high-risk business relationship accompanying such persons.

2. Financial Institutions shall be required to take reasonable measures to determine the beneficiary or
Beneficial Owner of life insurance policies and family takaful insurance. If identified as a PEP, Financial
institutions shall inform senior management before the pay-out of those policies, or prior to the exercise
of any rights related to them, in addition to thoroughly examining the overall business relationship, and
consider reporting to the Unit a suspicious transaction report.

15
FC033074.610441 10.02.2019.mn.FAA/ts
 Section 5
Suspicious Transaction Reports (STRs)
Article (16)

Financial Institutions and DNFBPs shall put in place indicators that can be used to identify the suspicion on
the occurrence of the Crime in order to report STRs, and shall update these indicators on an ongoing basis,
as required, in accordance with the development and diversity of the methods used for committing such
crimes, whilst complying with what the Supervisory Authorities or FIU may issue instructions in this regard.

Article (17)

1. If Financial Institutions and DNFBPs have reasonable grounds to suspect that a Transaction, attempted
Transaction, or funds constitute crime proceeds in whole or in part, or are related to the Crime or intended
to be used in such activity, regardless of the amount, they shall adhere to the following without invoking
bank secrecy or professional or contractual secrecy:

(a) Directly report STRs to the FIU without any delay, via the electronic system of the FIU or by any other
means approved by the FIU

(b) Respond to all additional information requested by the FIU.

2. Lawyers, notary publics, other legal stakeholders and independent legal auditors shall be exempt from
Clause (1) of this Article, if obtaining this information regarding such Transactions relates to the
assessment of their Customers’ legal position, or defending or representing them before judiciary
authorities or in arbitration or mediation, or providing legal opinion with regards to legal proceedings,
including providing consultation concerning the initiation or avoidance of such proceedings, whether the
information was obtained before or during the legal proceedings, or after their completion, or in other
circumstances where such Customers are subject to professional secrecy.

3. Financial Institutions and DNFBPs, their board members, employees and authorised representatives
shall not be legally liable for any administrative, civil or criminal liability for reporting when reporting to the
Unit or providing information in good faith.

Article (18)

1. Financial Institutions and DNFBPs, their managers, officials or staff, shall not disclose, directly or
indirectly, to the Customer or any other person(s) that they have reported, or are intending to report a

16
FC033074.610441 10.02.2019.mn.FAA/ts
 Suspicious Transaction, nor shall they disclose the information or data contained therein, or that an
investigation is being conducted in that regard.

2. When lawyers, notaries, other independent legal professionals, and legal independent auditors attempt
to discourage their Customers from committing a violation, they shall not be considered to have made a
disclosure.

Section 6
Reliance on a Third Party
Article (19)

1. Taking into consideration the high-risk countries identified by the Committee, the Financial Institutions
and DNFBPs shall be permitted to rely on a third party to undertake the necessary CDD measures
towards Customers as per Section 3 of Part 1 of this Chapter, and each of the Financial Institution and
the DNFBP shall be responsible for the validity of these CDD measures, and shall do the following:

(a) Immediately obtain, from third parties, the necessary identification data and other necessary
information collected through the CDD measures and ensure that copies of the necessary documents
for such measures can be obtained without delay and upon request.

(b) Ensure that the third party is regulated and supervised, and adheres to the CDD measures towards
Customers and record-keeping provisions of the present Decision.

2. Financial Institutions and DNFBPs, who rely on third parties that are part of the same Financial Group,
shall ensure that:

(a) The Financial Group applies the CDD, PEP, and record-keeping requirements and implements
programs for combating the Crime in accordance with Sections 3, 4, 11 of Part 1 of this Chapter and
Article (31) of this Decision, and the Financial Group is subject to supervision in that regard.

(b) The Financial Group sufficiently mitigates any high risks linked to countries through its own policies
and controls for combating the Crime.

Section 7
Internal Supervision and Foreign Branches and Subsidiaries
Article (20)

17
FC033074.610441 10.02.2019.mn.FAA/ts
Financial Institutions and DNFBPs shall have internal policies, procedures and controls for combating the
Crime, that should be commensurate with the Crime risks, and with the nature and size of their business, and
to continuously update them, and to apply them to all its branches and subsidiaries in which it holds majority
interest, including the following:

1. CDD measures towards Customers as required in accordance with the Decretal-Law and the present
Decision, including procedures for the risk management of business relationships prior to completing the
verification process.

2. Procedures for the reporting of Suspicious Transactions.

3. Appropriate arrangements for compliance management for combating the Crime, including appointing a
compliance officer

4. Screening procedures to ensure the availability of high competence and compatibility standards when
hiring staff

5. Preparation of periodic programs and workshops in the field of combatting the Crime to build the
capabilities of compliance officers and other competent employees.

6. An independent audit function to test the effectiveness and adequacy of internal polices, controls and
procedures relating to combating the Crime.

Section 8
Compliance Officer Tasks
Article (21)

Financial Institutions and DNFBPs shall appoint a compliance officer. The compliance officer shall have the
appropriate competencies and experience and under his or her own responsibility, shall perform the following
tasks:

1. Detect Transactions relating to any Crime.

2. Review, scrutinise and study records, receive data concerning Suspicious Transactions, and take
decisions to either notify the FIU or maintain the Transaction with the reasons for maintaining while
maintaining complete confidentiality.

3. Review the internal rules and procedures relating to combating the Crime and their consistency with the
Decretal-Law and the present Decision, assess the extent to which the institution is committed to the

18
FC033074.610441 10.02.2019.mn.FAA/ts
 application of these rules and procedures, propose what is needed to update and develop these rules
and procedures, prepare and submit semi-annual reports on these points to senior management, and
send a copy of that report to the relevant Supervisory Authority enclosed with senior management
remarks and decisions.

4. Prepare, execute and document ongoing training and development programs and plans for the
institution’s employees on Money Laundering and the Financing of Terrorism and Financing of Illegal
Organisations, and the means to combat them.

5. Collaborate with the Supervisory Authority and FIU, provide them with all requested data, and allow their
authorised employees to view the necessary records and documents that will allow them to perform their
duties.

Section 9
High-Risk Countries
Article (22)

1. Financial Institutions and DNFBPs shall implement enhanced CDD measures proportionate to the risk
level that might arise from business relationships and Transactions with natural or legal persons from
high-risk countries.

2. Financial Institutions and DNFBPs shall implement the measures defined by the Committee regarding
High Risk Countries.

Section 10
Requirements relating to New Technologies
Article (23)

1. Financial institutions and DNFBPs shall identify and assess the risks of money laundering and terrorism
financing that may arise when developing new products and new professional practices, including means
of providing new services and using new or under-development techniques for both new and existing
products.

2. Financial Institutions and DNFBPs shall assess risks prior to the release of products, practices or
techniques, and take appropriate measures to manage and mitigate such risks

Section 11

19
FC033074.610441 10.02.2019.mn.FAA/ts
 Record-keeping
Article (24)

1. Financial Institutions and DNFBPs shall maintain all records, documents, data and statistics for all
financial transactions and local or international commercial and cash transactions for a period of no less
than five years from the date of completion of the transaction or termination of the business relationship
with the Customer.

2. Financial institutions and DNFBPs shall keep all records and documents obtained through CDD
measures, ongoing monitoring, account files and business correspondence, and copies of personal
identification documents, including STRs and results of any analysis performed , For a period of no less
than five years from the date of termination of the business relationship or from the closing date of the
account to Customers who maintain accounts with these institutions or after the completion of a casual
transaction or from the date of completion of the inspection by the Supervisory authorities, or from the
date of issuance of a final judgment of the competent judicial authorities, all depending on the
circumstances.

3. The records, documents and data kept shall be organised so as to permit data analysis and tracking of
financial transactions.

4. Financial Institutions and DNFBPs shall make all Customer information regarding CDD towards
Customers, ongoing monitoring and results of their analysis, records, files, documents, correspondence
and forms available immediately to the relevant authorities upon request.

Part 2
Requirements for Financial Institutions
Section 1
Correspondent Banking Relationship
Article (25)

1. Before entering into correspondent banking or any other similar relationship, financial institutions shall
take the following measures:

20
FC033074.610441 10.02.2019.mn.FAA/ts
 (a) Refrain from entering into or maintaining a correspondent banking relationship with Shell Banks or
with an institution that allows their accounts to be used by Shell Banks.

(b) Collect sufficient information about any receiving correspondent banking institution for the purpose
of identifying and achieving a full understanding of the nature of its work, and to make available,
through publicly available information, its reputation and level of control, including whether it has been
investigated.

(c) Evaluate anti-crime controls applied by the receiving institution.

(d) Obtain approval from senior management before establishing new correspondent banking
relationships.

(e) Understand the responsibilities of each institution in the field of combatting Crime.

2. With respect to intermediate payment accounts, the financial institution should be required to ensure that
the receiving institution has taken CDD measures towards Customers who have direct access to those
accounts and that it is able to provide CDD information to the relevant Customers upon request of the
correspondent institution.

Section 2
Money or Value Transfer Services
Article (26)

1. Providers of money or value transfer services shall be licensed by or registered with the competent
Supervisory Authority. The Supervisory Authority shall take the necessary measures to punish those who
provide such services without a licence or registration in accordance with their effective legislation and to
ensure compliance of licensed or registered providers with the Crime combating controls.

2. Providers of money or value transfer services shall keep an up-to-date list of their agents and make them
available to the relevant authorities within the country in which the money or value transfer services
providers and their agents operate, and shall engage their agents in combatting the Crime control
programs and monitor them for compliance with these programs.

Section 3
Wire Transfers
Article (27)

21
FC033074.610441 10.02.2019.mn.FAA/ts
1. Financial institutions shall ensure that all international wire transfers equal to or exceeding AED (3,500)
are always accompanied by the following data:

(a) The name of the originator, his or her identity number or travel document, date and place of birth,
address and account number. In the absence of an account, the transfer must include a unique
transaction reference number which allows the process to be tracked.

(b) The name of the beneficiary and his account number used to make the transfers. In the absence of
the account, the transfer must include a unique transaction reference number which allows the
process to be tracked.

2. In the event that several individual cross-border wire transfers from a single originator are bundled in a
batch file for transmission to beneficiaries, the batch file shall contain required and accurate originator
information, and full beneficiary information, that is fully traceable within the beneficiary country; and the
financial institution shall be required to include the originator’s account number or unique transaction
reference number.

3. Financial institutions shall ensure that all cross-border wire transfers less than AED 3,500 are always
accompanied by the data in Clause (1) of this Article, without the need to verify the accuracy of the data
referred to, unless there are suspicions about committing the Crime.

4. For domestic wire transfers, the ordering financial institution shall ensure that the information
accompanying the wire transfer includes originator information as indicated in Clause (1) of this Article,
unless this information can be made available to the beneficiary financial institution and relevant
authorities by other means.

5. Where the information accompanying the domestic wire transfer can be made available to the beneficiary
financial institution and relevant authorities by other means, the ordering financial institution shall be only
required to include the account number or a unique transaction reference number, provided that this
number or identifier will permit the transaction to be traced back to the originator or the beneficiary. The
ordering financial institution shall make the information available within three business days of receiving
the request either from the beneficiary financial institution or from relevant authorities.

6. Financial institutions shall not carry out wire transfers if they fail to comply with the conditions set out in
this article.

7. Ordering financial institutions shall keep all information about the originator and the beneficiary collected
in accordance with the provisions of Article (24) of this Decision.

22
FC033074.610441 10.02.2019.mn.FAA/ts
 Article (28)

1. An intermediary financial institution shall ensure that all originator and beneficiary information that
accompanies a wire transfer is retained with it for cross-border wire transfers.

2. Where technical limitations prevent the required originator or beneficiary information accompanying a
cross-border wire transfer from remaining with a related domestic wire transfer, the Intermediary Financial
Institution shall keep a record of all the information received from the ordering financial institution or
another cross-border Intermediary Financial Institution, in accordance with the provisions of Article (24)
of the present Decision.

3. Intermediary Financial Institutions shall take reasonable measures, which are consistent with straight-
through processing, to identify cross-border wire transfers that lack required originator information or
required beneficiary information and shall have risk-based policies and procedures for determining when
to execute, reject, or suspend a wire transfer; and the appropriate follow-up action.

Article (29)

1. Beneficiary Financial Institutions shall take reasonable measures, to identify cross-border wire transfers
that lack required originator information or required beneficiary information, which may include real-time
monitoring where feasible or post-event monitoring.

2. For cross-border wire transfers of AED 3,500 or more, a Beneficiary Financial Institution shall verify the
identity of the beneficiary, if the identity has not been previously verified.

3. Beneficiary Financial Institutions shall have risk-based policies and procedures determining when to
execute, reject, or suspend a wire transfer lacking required originator or required beneficiary information;
and for determining the appropriate follow-up action.

4. Beneficiary Financial Institutions shall maintain records of all required originator and required beneficiary
information collected, in accordance with the provisions of Article (24) of this Decision.

Article (30)

1. Providers of Money or Value Transfer Services shall comply with all of the relevant requirements of
Articles (27), (28), and (29) of this Decision, whether they operate directly or through their agents.

2. In the case of a provider of money or value transfer services that controls both the ordering and the
beneficiary side of a cross-border wire transfer, the provider of money or value transfer services shall:

23
FC033074.610441 10.02.2019.mn.FAA/ts
 (a) Take into account all information from both the ordering and beneficiary sides in order to determine
whether an STR is to be filed; and

(b) If it is decided to file STR regarding the Transaction, the STR shall be sent to the Financial Intelligence
Unit in the relevant country, attaching all relevant transaction information.

Section 4
Financial Group
Article (31)

Financial Groups shall implement group-wide programs with respect to combating the Crime. Such programs
shall be applicable and appropriate to all its branches and majority-owned subsidiaries. In addition to the
measures mentioned in Article (20) of this Decision, these programs should also include the following:

1. Policies and procedures for the exchange of information required for the purposes of CDD and risk
management of the Crime;

2. The provision of Customer information, accounts, and Transactions from the branches and subsidiaries
to the compliance officers at a Financial Group level, whenever necessary for the purpose of combating
the Crime.

3. Provision of adequate safeguards on the confidentiality and use of the information exchanged.

Article (32)

1. Financial Institutions should ensure that their foreign branches and majority-owned subsidiaries apply
Crime-combating measures that are consistent with the requirements of the Decretal-Law and the present
Decision when the minimum Crime-combating requirements of the other country are less strict than those
applied in the State, to the extent permitted by that other country’s laws and regulations.

2. If the other country does not permit the appropriate implementation of measures for combating the Crime
that are consistent with the requirements of the Decretal-Law and the present Decision, then Financial
Institutions shall take additional measures to manage AML/CFT risks related to their operations abroad
and reduce them appropriately, inform the supervisory authority in the State of the matter and abide by
the instructions received from it in this regard.

Part 3
Requirements of Non-Profitable Organisations

24
FC033074.610441 10.02.2019.mn.FAA/ts
 Article (33)

Non-Profit Organisations, in collaboration with the competent Supervisory Authority, shall commit to the
following:

1. Apply best practices adopted by the competent Supervisory Authority to mitigate their vulnerabilities so
that they can protect themselves from being abused for Financing of Terrorism and of Illegal
Organisations.

2. Put in place clear policies to promote transparency, integrity, and public confidence in its own
administration.

3. Conduct Transactions through official financial channels, taking into consideration the different
capabilities of financial sectors in other countries.

Chapter 3
Transparency and Beneficial Owner
Part 1
Requirements of Company Registrar and Companies
Article (34)

1. The Registrar shall provide information regarding legal persons in the State and make it available to the
public as follows:

(a) The types, different forms and basic features of legal persons

(b) The processes for the creation of those legal persons

(c) The processes for obtaining its basic information as stipulated in paragraph (b), Clause (1), of Article
(8) of this Decision

(d) The processes for obtaining information about the Beneficial Owner.

2. The Registrar shall maintain the up-to-date basic information defined in paragraph (b), Clause (1), of
Article (8) of this Decision, ensure its accuracy and make it available to the public

3. Upon registering companies, the Registrar shall obtain to receive the data of the Beneficial Owner of the
company as stipulated in Clause (Error! Reference source not found.) of Article (9) of this Decision
and make sure it remains up to date accurate, and available to the Relevant Authorities.

25
FC033074.610441 10.02.2019.mn.FAA/ts
 Article (35)

1. Companies shall be required to maintain the information set out in paragraph (b), Clause (1) of Article (8)
of this Decision and a register of all their shareholders containing the number of shares held by each
shareholder and categories of shares, if any, including the voting rights and providing this register to the
Registrar after ensuring its accuracy.

2. Companies shall maintain and make available the data mentioned in Clause (Error! Reference source
not found.) of Article (9) of this Decision to the Registrar at all times and upon request, update such data
within 15 business days upon its amendment or change and ensure to keep it up-to-date and accurate
on an ongoing basis and assist the Registrar in documenting such data if so required.

3. Companies shall have one or more natural persons residents of the State and authorised to disclose to
the Registrar all information contained in Clauses (1) and (2) of this Article

4. Any company established or registered in the State shall be prohibited from issuing share warrants to
bearer.

5. Companies that permit the issuance of nominee shares in the name of individuals or members of the
board of directors shall be required to disclose those shares and the identities of the members of the
board of directors to the Registry for the purpose of registering them.

Article (36)

The Registrar and the companies, or the administrators or liquidators or any other stakeholder involved in the
dissolution of the company, shall maintain records and all information as mentioned in Article (34) and Article
(35) for at least five years from the date in which the company is dissolved or otherwise ceased to exist.

Part 2
Requirements of Legal Arrangements
Article (37)

1. The Trustees in Legal arrangements are required to maintain information about the Beneficial Owner as
prescribed in Clause (Error! Reference source not found.) of Article (9) of this Decision.

2. The Trustees in Legal Arrangements are required to maintain basic information relating to intermediaries,
who are subject to supervision, and service providers, including consultants, investors, directors,
accountants and tax advisors.

26
FC033074.610441 10.02.2019.mn.FAA/ts
3. The information mentioned in Clauses (1) and (2) of this Article shall be maintained accurately and
updated within 15 days if it is amended or changed and legal arrangement representatives shall be
required to maintain this information for at least five years from the date of the end of their involvement
with the legal arrangement.

4. The Relevant Authorities, and in particular Law Enforcement Authorities, shall request and obtain
information held by trustees, Financial Institutions, or DNFBPs, without delay, relating to the following:

(a) The Beneficial Ownership of legal arrangements

(b) The residence of the Trustee

(c) The funds that are held or managed by the Financial Institution or DNFBP in relation to any trustees
with which they have a Business Relationship, or for which they undertake an occasional Transaction.

Part 3
Prohibition of Invocation of Banking, Professional or Contractual Secrecy
Article (38)

It is prohibited to invoke banking, professional or contractual secrecy as a pretext to prevent application of

the provisions of the Decretal-Law and this Decision in the following cases:

1. Exchange of information among Financial Institutions whenever it is related to Correspondent Banking or

Wire Transfers and the reliance on regulated third party relationships in accordance with Articles (19),
(25), and (27) to (30) of this Decision.

2. Exchange of information among Relevant Authorities at the domestic or international level in relation to
the combating of the Crime.

Part 4
Confidentiality of information
Article (39)

1. Any person who obtains information related to a suspicious transaction or any of the crimes stipulated in
the Decretal-Law shall be bound by its confidentiality and not disclosed except to the extent necessary
for its use in investigations, prosecutions or cases in violation of the provisions of the Decretal-Law and
this Decision.

27
FC033074.610441 10.02.2019.mn.FAA/ts
2. In all cases, it is not permissible to contact the Customer directly or indirectly to notify him of the actions
taken, except at the written request of the competent Supervisory Authority.

Chapter 4
Financial Intelligence Unit
Section 1
Independence of the FIU
Article (40)

1. The FIU shall be operationally independent in order to carry out its functions effectively, and the Central
Bank shall provide it with the required technical, financial and human resources.

2. The main headquarter for the FIU shall be the capital of the State and it may open branches within the
Central Bank’s branches in the Emirates of the State.

3. The FIU shall operate as national centre to receive STR’s and other information related to the Crime.

Section 2
Powers of the FIU
Article (41)

The FIU shall have the following powers:

1. Putting in place the FIU’s departments and internal regulations for approval by the Central Bank’s Board
of Directors. The internal regulations shall include procedures to ensure the competency and integrity of
its employees and the awareness of their responsibilities in dealing with confidential information.

2. Establishing a database or special register to hold any information it has available and securing this
information by establishing rules that govern information security and confidentiality, including procedures
for processing, storing, disseminating and setting procedures to ensure limited access to the FIU’s
facilities, information and technical systems and to the review or disclosure of information, except by
those authorised to do so.

3. Providing courses and programs to train and develop the employees working in it and any other authority,
be it inside or outside the State.

4. Preparing studies, research and statistics related to the Crime, and following up on any studies, research
or statistics conducted domestically or internationally in this regard.

28
FC033074.610441 10.02.2019.mn.FAA/ts
5. Preparing annual reports about its Crime-combatting activities that include specifically general analysis
of STRs and notifications received as well as activities and trends of the Crime, and preparing a brief of
this report for dissemination purposes.

Article (42)

The FIU shall be responsible for carrying out its duties with regards to STRs as follows:

1. Receiving STRs relating to the Crime from Financial Institutions and DNFBPs on the FIU’s approved
templates, then studying, analysing and storing them in its database.

2. Requesting Financial Institutions, DNFBPs, and Relevant Authorities to provide any additional
information and documents relating to the STRs and information received, and any other information that
it might deem necessary to perform its duties, including information relating to customs’ disclosures, in
the time and form specified by the FIU

3. Analysing available reports and information as follows:

(a) Operational analysis by using available and obtainable information, to identify specific targets, such
as persons, funds, or criminal networks, track activities or specific Transactions, and determine the
links between those targets, activities or transactions and potential proceeds of the Crime.

(b) Strategic analysis by using available and obtainable information, including data provided by Relevant
Authorities, to identify trends and patterns of the Crime.

4. Providing the Financial Institutions and DNFBPs with the analysis results of the information provided in
the reports received by the FIU in order to enhance the effectiveness of the measures for combating the
Crime and detecting STRs.

5. Cooperating and coordinating with the Supervisory Authorities by disseminating the outcomes of its own
analysis, specifically with respect to the quality of STRs, to ensure the compliance of Financial Institutions
and DNFBPs with the procedures for combating the Crime

6. Sending the data relating to the reports, the outcomes of its analyses and any other relevant data to Law
Enforcement Authorities, when there are sufficient grounds to suspect its connection to the Crime, to take
required actions in that regard.

29
FC033074.610441 10.02.2019.mn.FAA/ts
7. Providing to judiciary authorities and Law Enforcement Authorities information related to the Crime and
information it can obtain from foreign FIUs, spontaneously or upon request.

Article (43)

The FIU shall be responsible for carrying out its duties at the international level as follows:

1. Exchanging information with its FIU counterparts in other countries on STRs or any other information the
FIU has the power to obtain or access, whether directly or indirectly, as per the international agreements
to which the State is a party or any memorandums of understanding the FIU has entered into with FIU
counterparts to regulate its cooperation with them or on the condition of reciprocity.

2. Reporting to its FIU counterparts the outcomes of using the submitted information and analysis conducted
based on that information.

3. The information specified in Clauses (1) and (2) of this Article may not be used except for Crime-
combatting purposes and may not be disclosed to any third party without the FIU’s approval.

4. Following up on the developments relating to Money Laundering and Terrorism Financing crimes through
the relevant regional and international organisations and bodies and participating in related meetings.

5. Following up with the requirements of the Egmont Group, as well as participating and attending its
meetings as a member of the group.

Chapter 5
Supervisory Authorities
Section 1
Supervisory Authority for Financial Institutions and DNFBPs
Article (44)

The Supervisory Authorities, each in accordance with its specialisations, shall assume the functions of
supervision, monitoring and follow-up to ensure compliance with the provisions of the Decretal-Law and this
Decision and shall be specialised in the following:

30
FC033074.610441 10.02.2019.mn.FAA/ts
1. Conducting a risk assessment for any potential occurrence of the Crime in legal persons, including
Financial Institutions and DNFBPs.

2. Putting in place the Crime-Combating regulations, instructions and forms for the entities subject to their
supervision, when necessary.

3. Putting in place the required procedures and controls to assess the compliance of supervised institutions
with the provisions of the Decretal-Law and this Decision and any other legislation related to combating
the Crime in the State, as well as to request the information relating to such compliance.

4. Setting and applying the regulations, controls, standards of fit and proper to anyone who seeks to acquire,
control, participate in management or operation, whether directly or indirectly, or to be the beneficiary of
Financial Institutions and DNFBPs.

5. Conducting onsite and offsite supervision and inspections over Financial Institutions and DNFBPs.

6. Determining the frequency of supervision and inspection over Financial Institutions, Financial Groups,
and DNFBPs based on the following:

(a) National Risk Assessment

(b) Distinctive characteristics of Financial Institutions, Financial Groups and DNFBPs in terms of their
diversities, numbers and the degree of discretion provided to them under the risk-based approach.

(c) Risks of the Crime as well as internal policies, controls and procedures associated with Financial
Institutions, Financial Groups, or DNFBPs as identified by the Supervisory Authority’s assessment of
each’s risk profile.

7. Undertaking all measures to ensure full compliance of the Financial Institutions and DNFBPs in
implementing Security Council Resolutions relating to the prevention and suppression of terrorism and
Terrorism Financing, and the prevention and suppression of the proliferation of weapons of mass
destruction and its financing, and other related decisions, by conducting onsite visits and on-going
monitoring, and imposing appropriate administrative sanctions when there is a violation or shortcoming
in implementing the instructions.

8. Ensuring that the prescribed measures are adopted by the supervised institutions in accordance with the
provisions of the Decretal-Law and this Decision, and that these measures are implemented in their

31
FC033074.610441 10.02.2019.mn.FAA/ts
 foreign branches and majority-owned subsidiaries to the extent permitted by the laws of the country,
where those branches and subsidiaries exist.

9. Periodically reviewing the assessment of the Crime risk profile of a Financial Institution and Financial
Group (including the risks of non-compliance), and when there are major events or developments in the
management and operations of the Financial Institution or Group.

10. Ensuring the compliance of Financial Institutions and DNFBPs subject to their supervision in
implementing enhanced CDD measures on Customers and ongoing monitoring of the business
relationship related to High-Risk Countries.

11. Providing Financial Institutions and DNFBPs with guidelines and feedback to enhance the effectiveness
of implementation of the Crime-combatting measures.

12. Maintaining an up-to-date list of the names and data of compliance officers of the institutions under their
Supervision, and notifying the FIU thereof; and requiring those institutions to obtain their prior consent
before appointing their compliance officers.

13. Conducting programs and outreach campaigns on combating the Crime.

14. Issuing decisions of imposing administrative sanctions in accordance with the provisions of the Decretal-
Law and the present Decision, and the mechanism for submitting relevant grievance.

15. Maintaining statistics about the measures taken and sanctions imposed.

Section 2
Supervisory Authority for Non-Profit Organisations
Article (45)

The Competent Supervisory Authority for NPOs shall commit to the following:

1. Obtaining, in a timely manner, all information available with all Relevant Authorities regarding NPO
activities for the purpose of determining the size, features and types of NPOs, and identifying the threats
posed against them by terrorism organisations, and the extent to which they are exposed to the risk of
being misused for supporting Financing of Terrorism and Financing of Illegal Organisations, and then
taking all appropriate and effective measures to combat these identified risks and reviewing them on a
periodic basis to ensure their adequacy.

32
FC033074.610441 10.02.2019.mn.FAA/ts
2. Reviewing the relevance and adequacy of legislation relating to NPOs to stop their misuse for supporting
the Financing of Terrorism and of Illegal Organisations, and working to improve them when necessary.

3. Periodically reassessing NPOs by reviewing updated information on their potential vulnerabilities, which
may be exploited in support of Financing of Terrorism.

4. Promoting and conducting awareness outreach and educational programs in order to raise awareness of
NPOs and their donators on their potential vulnerabilities, which may expose them to risks of being
misused for supporting and financing of Terrorism, and measures that can be taken by NPOs to protect
themselves from such risks.

5. Supervising and monitoring NPOs using a risk-based approach to prevent their misuse in the Support
and Financing of Terrorism and ensure compliance with their requirements.

6. Cooperating, coordinating and exchanging information at the local level with Relevant Authorities that
hold relevant information on NPOs.

7. Possessing experience in the field of investigations and the ability to examine NPOs that are suspected
of being misused for supporting and financing of terrorism.

8. Fully reviewing the information relating to the administration and management of any NPO, including
financial information and information relating to its programs.

9. Establishing mechanisms to ensure the prompt exchange of information with Relevant Authorities for the
purpose of taking preventive measures or investigative action when there is suspicion or reasonable
grounds to suspect that the NPO is:

(a) A front for the raising of funds on behalf of a terrorist organisation.

(b) Being exploited as a conduit for the Financing of Terrorism or for the evasion of asset freezing
measures or any other form of terrorism support.

(c) Concealing or disguising the flow of funds intended for legitimate purposes, but redirected for the
benefit of terrorists or terrorist organisations.

10. Determining the appropriate points of contact and procedures required to respond to international
requests for information regarding NPOs suspected of Financing of Terrorism or is being exploited for
the Financing of Terrorism or other forms of terrorism support.

33
FC033074.610441 10.02.2019.mn.FAA/ts
 Chapter 6
Provisional Measures and Investigative Procedures
Section 1
Provisional Measures
Article (46)

1. The Governor, or whoever is acting in his place, shall order the Freezing of funds, which are suspected
to be linked to the Crime, with Financial Institutions licensed by the Central Bank for a period of no more
than (7) seven working days, in the case of the FIU’s requests based on its analysis of STRs and other
information received.

2. The FIU shall, in the event of taking the decision mentioned in Clause (1) of this Article, do the following:

(a) Notify the concerned Financial Institution to perform the Freezing order without prior notice to the
owner of the funds.

(b) Notify the public prosecutor, in case the Governor requests extending the Freezing order, including
the justifications of such extension.

3. The FIU, after presenting to the Governor, shall notify the concerned Financial Institution of the
cancelation of the Freezing order in case the public prosecutor refuses the extension or after expiry of
the period specified in Clause (1) of this Article without receiving a response from the public prosecutor

4. The Financial Institution, which holds the frozen funds, shall notify the owner of the frozen funds of the
Freezing order and its sources, and shall request the owner to provide the required documents that prove
the legitimacy of the source of these funds and refer these documents to the FIU to take the required
actions.

5. The Governor shall submit a proposal to the public prosecutor to cancel the extension of the Freezing
order once there are no grounds to such freeze in order for the public prosecutor to take actions as he
deems appropriate.

6. The fund freezing orders shall not be executed by Financial Institutions licensed by the Central Bank
unless they are issued by it.

Article (47)

1. The Public Prosecution and the competent court shall, as the case may be, order the identification,
tracing, and valuation of the Funds, Proceeds and Means under suspicion, or their equivalent value, or

34
FC033074.610441 10.02.2019.mn.FAA/ts
 order their Seizing or Freezing, if they were the result of or linked to the Crime, and that is without prior
notice to the owner, and shall issue a travel ban for the owner until the completion of the investigation or
trial.

2. The Public Prosecution or the competent court shall, as the case may be and when deemed necessary,
take decisions to prevent the dealing with or disposing of such Funds, Proceeds or Means, and take the
necessary measures to prevent any action intended to evade the Freezing and Seizing order issued in
that regard, without violating the rights of bona fide third parties.

3. Any interested party shall have the right to contest the public prosecution’s Freezing or Seizing decision
before the competent court of first instance, which is located within the jurisdiction of the order public, or
the competent court specialised in criminal claims.

4. The contest shall be submitted as a report to the competent court. The president of the court shall, then,
schedule a hearing session with the knowledge of the defendant, and the public prosecution shall be
required to lodge a memorandum with its opinion on the defendant’s grievance. The court then issues its
final decision within a period of no more than 14 working days as of the date of submission of the appeal.

5. The decision to dismiss the contest request is not subject to appeal; if the contest was rejected, it is not
permissible to lodge a new contest except after a duration of three months from the date of rejecting the
contest, unless a serious reason occurs before the period passes.

Article (48)

The public prosecution and the competent court shall, as the case may be, appoint whomever they deem
suitable to manage the seized and frozen Funds, Proceeds and Means or those subject to Confiscation, and
permit them to dispose or sell the Funds, Proceeds and Means in public auction, even before the issuance
of the verdict, if necessary, if they are concerned about their depreciation or devaluation over time. The
amount of the sale shall be deposited in the State’s treasury in the event of a final verdict of conviction. Such
funds shall remain within the limits of their value for any rights legitimately determined to any bona fide third
parties.

Section 2
Investigation Procedures
Article (49)

1. The public prosecution and Law Enforcement Authorities shall, when launching an investigation and
collecting evidence for a Predicate Offense, when necessary, take into consideration the extent to which
the financial aspects of the criminal activity are connected with Money Laundering, Financing of

35
FC033074.610441 10.02.2019.mn.FAA/ts
 Terrorism, or the Financing of Illegal Organisations, in order to determine the scope of the crime, identify
and track proceeds and any other funds that may be subject to confiscation and strengthen evidence of
the crime.

2. The public prosecution shall request the opinion of the FIU on the notifications received in relation to
Money Laundering, Financing of Terrorism or Financing of Illegal Organisations cases.

3. Law Enforcement Authorities shall be responsible for receiving, and following up on, the results of STR
analysis from the FIU and for gathering the related evidence.

4. The public prosecution and Law Enforcement Authorities shall promptly identify, trace and seize Funds,
Proceeds and Means that might be subject to Confiscation and linked to the Crime.

5. Law Enforcement Authorities shall obtain the information directly from Relevant Authorities, even if it is
subject to banking secrecy or professional confidentiality, as they deem fit so they can perform their duties
in detecting the Crime or its perpetrator(s) and collecting evidence about them, and the authority, who is
the recipient of the information request, shall execute the request without delay.

Chapter 7
International Cooperation
Section 1
General Provisions for International Cooperation
Article (50)

Relevant Authorities, for the purpose of implementation of International Cooperation requests on the Crime,
to conclude, negotiate and sign agreements in a timely manner with foreign counterpart authorities, in a
manner that does not contradict the legislation in force in the State

Article (51)

Relevant authorities shall give priority to all International cooperation requests related to the Crime and
implement them expeditiously through clear and secure mechanisms and channels. The confidentiality of the
information received shall be subject to the request, if required. If the confidentiality of the information cannot
be kept, then the requesting authority shall be informed of the matter.

Article (52)

Within the scope of implementing the provisions of the Decretal-Law and this Decision, an International
Cooperation request regarding the Crime shall not be rejected on the basis of any of the following:

36
FC033074.610441 10.02.2019.mn.FAA/ts
1. The crime involves financial, tax or customs matters.

2. Secrecy provisions are binding upon Financial Institutions and DNFBPs, providing that they do not violate
the applicable laws in the State, unless the relevant information was obtained under the circumstances
where professional legal privileges or professional secrecy apply.

3. The crime is political or related to a political crime.

4. The request is connected with a crime subject of an ongoing investigation or prosecution in the State,
unless the request impedes the investigation or the prosecution.

5. The act, on which the assistance is based, does not constitute a crime in the State, or the act does not
have similar attributes to a crime set out in the State, unless it involves constraining, coercive measures
or its in accordance with the applicable laws in the State.

6. The criminal act in the State is listed under a different name or description or that its structure varies from
that of the requesting country.

Section 2
Exchange of Information between Relevant Authorities and Counterparts
Article (53)

In accordance with the legislation and agreements in force in the State or on the condition of reciprocity, the
relevant authorities shall:

1. Execute requests received from any foreign entity and exchange information on the Crime at the
appropriate speed with foreign counterparts, and obtain any other requested information on its behalf,
even if such counterpart is different in nature, whether spontaneously or upon request.

2. Provide feedback to foreign counterparts on the use of the information obtained and the extent to which
it was beneficial, if requested to do so.

3. Obtain a declaration or undertaking from the foreign counterpart that international cooperation information
will only be used for the intended purpose, unless prior approval has been obtained.

4. Use international cooperation information obtained for the intended purpose, unless the foreign
counterpart grants its approval for use for another purpose.

37
FC033074.610441 10.02.2019.mn.FAA/ts
5. Refuse to provide information in the event that it is not effectively protected by the foreign counterpart
requesting international cooperation.

Article (54)

1. The Relevant Authorities commit to provide the means for international cooperation with respect to the
basic information and Beneficial Owners of companies and legal arrangements, whereby such
cooperation shall include the following:

(a) Facilitating the access of foreign competent authorities to basic information held by the registries of
companies and legal arrangements;

(b) Exchanging information on legal arrangements and the shareholders in companies;

(c) Using their powers to obtain all the information on Beneficial Owners on behalf of foreign
counterparts.

2. The Relevant Authorities shall supervise the implementation quality for the international cooperation
requests received from other countries in relation to basic company information and Beneficial Ownership
for companies and legal arrangements, as well as the requests for international cooperation relating to
determining the location of the Beneficial Owner from companies abroad.

Article (55)

In accordance with the legislation in force in the State, and the provisions of the agreements to which they
are a party, and on the condition of reciprocity, the Supervisory Authorities of the Financial Institutions shall:

1. Exchange information relating to the appropriate Crime that it maintains and which is available to it directly
or indirectly, with foreign counterparts, regardless of their nature, and consistent with the relevant
international financial control principles relevant to anti money-laundering and combating the financing of
terrorism applicable to each of them, including information on:

(a) The regulatory framework of the financial sectors and the general information related to them.

(b) Preventive financial control measures such as information related to the activities and works of
financial institutions, their real beneficiaries, their management, and information of merit and
eligibility.

38
FC033074.610441 10.02.2019.mn.FAA/ts
 (c) Internal policies of financial institutions in the field of combatting the Crime, CDD information of
Customers, and of information related to accounts and transactions.

2. Obtaining prior approval of the foreign supervisory authority, where the information is required for
transmission or use, other than for the intended purpose, and to informing it of the matter in the event of
disclosure of such information whenever it is the result of a legal obligation.

3. Requesting information on behalf of the foreign supervisory authority or facilitating its access to the same,
for the purposes of enhancing supervision on the financial group.

Article (56)

Without prejudice to the provisions of the treaties and conventions to which the State is a party and subject
to reciprocity; and without prejudice to the legislation in force in the State, Law Enforcement Authorities, in
coordination with the Relevant Authority, may:

1. Exchange information held by it, either directly or indirectly, with foreign counterparts for purposes of
investigation or collection of inferences relating to Crime, identification and tracking of proceeds and
intermediaries.

2. Use the powers conferred upon it in accordance with the legislation in force in the State to conduct
investigations and obtain information on behalf of the foreign counterpart, and coordinate the formation
of bilateral or multilateral teams to conduct joint investigations.

Section 3
International Legal Assistance
Article (57)

Upon request from another judiciary authority in another country, with whom there is a valid agreement in
place with the State, or on the basis of reciprocity concerning any acts that are punishable as per the
applicable laws in the State, the competent judiciary authority shall provide legal assistance in investigations,
trials or measures linked to the Crime and it shall order the following:

1. Locating, Freezing, Seizing or Confiscation of Funds, Proceeds or Means that have been used, or
intended for use in the Crime, or their equivalent. The death or anonymity of the suspect shall not prevent
undertaking such measures.

2. Any other measures applicable in accordance with the enforceable laws in the State, including the
provision of records maintained by Financial Institutions, DNFBPs or NPOs, the search of persons and

39
FC033074.610441 10.02.2019.mn.FAA/ts
 buildings, gathering statements from witnesses, collecting evidence, using investigative methods such
as Undercover Operations, wiretapping, communications, obtaining electronic data and information and
Controlled Delivery.

3. Extradition and repatriation of persons and things related to the Crime in accordance with the laws
applicable in the State.

Article (58)

It is permitted to recognise any judgement or judicial order that provides for the confiscation of Funds,
Proceeds or Means relating to Money Laundering, the Financing of Terrorism or the Financing of Illegal
Organisations issued by a competent court or judiciary authority in another country, with whom there is an
attested agreement in place with the State.

Article (59)

Taking into consideration the applicable laws in the State, the implementation of the judgement or judicial
order mentioned in Article (58) of the present Decision shall not contradict a judgment or order previously
issued by a court in the State, there shall not be an ongoing charge in the State regarding the same judgment
issued from the requesting country, and the request shall also include the following documents and
information:

1. An attested copy of the judgment or judicial order for Confiscation along with the law on which it is based,
and a statement of the reasons for issuing the confiscation order, if not mentioned in the judgment or the
order itself.

1. A statement establishing that the sentenced person has been duly summoned and represented, and has
been able to defend himself.

2. A document confirming that the judgement or judicial order is enforceable and not subject to appeal
through ordinary methods.

3. Description of the Funds, Proceeds and Means for Confiscation, their estimated value, their potential
location and information regarding any persons who might be holding or possessing these funds.

4. Statement of the amount to be repatriated from the funds for Confiscation.

5. Any information relating to third party rights on the Funds, Proceeds or Means.

40
FC033074.610441 10.02.2019.mn.FAA/ts
6. Statement of the procedures undertaken in the requesting country to protect bona fide third parties.

Section 4
Implementation of the Security Council Resolutions
Article (60)

Every natural or legal person shall immediately comply with the instructions issued by the Relevant Authorities
in the State concerning the implementation of the resolutions issued by UN Security Council under Chapter
VII of the Charter of the United Nations regarding the prevention and suppression of terrorism and Terrorism
Financing, and the prevention and suppression of the proliferation of Weapons of Mass Destruction and its
financing, and any other related decisions.

Chapter 8
Final Provisions
Article (61)

Any provision that contradicts or violates the provisions of the present Decision shall be considered void.

Article (62)

The present Decision shall come into force as of the date of its issuance and shall be published in the Official
Gazette.

41
FC033074.610441 10.02.2019.mn.FAA/ts