CBUAE AML Payments Guidance
United Arab Emirates
2022
AML/CFT
Payments
Overview
Key Obligations
- Apply a risk-based AML/CFT framework tailored to payment services
- Conduct customer due diligence (CDD) and identify beneficial ownership
- Monitor cross-border and high-risk transactions for unusual activity
- File Suspicious Transaction Reports (STRs) via goAML
- Retain payment and customer records for at least 5 years
- Appoint AML compliance officers and conduct regular training
- Implement robust screening systems for sanctions and terrorist lists
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
Transaction Monitoring
Monitor transactions in real-time and analyse past behaviour to identify suspicious activities and ensure regulatory compliance across the user journey.
MENA API Marketplace
A comprehensive API marketplace for the Middle East and North Africa, offering localized verification and compliance solutions.
AML Screening
Screen users against Politically Exposed Persons (PEP), watchlists, sanctions lists, adverse media, and more through one-time screening and advanced monitoring.
Related Regulations
FAQ
Who must comply with this guidance?
All payment service providers, including banks, fintechs, remittance firms, and card issuers regulated by CBUAE.
Does it apply to cross-border payments?
Yes. Special emphasis is placed on monitoring international transfers due to higher ML/TF risks.
Are STRs mandatory?
Yes. Suspicious activity must be reported immediately to the UAE FIU via goAML.
What are the penalties for non-compliance?
Entities face administrative fines, license suspension, or criminal liability under Federal Law No. 20 of 2018.