IMPORTANT INFORMATION.pdf

Full Transcript

IMPORTANT INFORMATION

Definitions :

Money Laundering:
Money laundering is the term used to describe the process by which criminals disguise the original ownership
and control of the proceeds of criminal conduct by making such proceeds appear to have derived from a
legitimate source.

Terrorist Financing:
Terrorist financing refers to activities that provide financing or financial support to terrorists. Transactions
associated with terrorist financing tend to be in smaller amounts than is the case with money laundering. It
may involve funds raised from legitimate sources, such as personal donations, profits from businesses and
charitable organizations.

Purpose of FT:
Purpose is to finance terrorist acts, whether legal or illegal, for their terrorist activities.
suppress a population or state through violence and coercion and raise funds to finance criminal acts.
Funds are raised, placed in the economic system, and eventually hidden and finally integrated into the
financial system. This money is then used for terrorist purposes.

Sanctions:
Sanctions are political and economic decisions that are a part of diplomatic efforts by countries, multilateral or
regional organizations against states or organizations, either to protect national security interests or to protect
international law and defend against threats to international peace and security.

Politically Exposed Person (PEP) Screening:
PEP refers to Politically exposed person. Natural persons who are or have been entrusted with prominent
public function in the state or any their foreign country such as Head of the Government, Senior Politicians,
State Government officials, judicial or military officials, senior executive managers or state owned corporations,
and senior officials of political parties and person who are, or have been entrusted with the management of an
international Organization or any prominent function within such an Organization including Direct Family
members of PEP or Associates known to be close to Associates.

CDD / Customer Due Diligence:

Act of collecting & identifying information in order to verify a customer’s identity and more accurately
assess the level of criminal risk they present.
CDD is a foundation of the Know Your Customer (KYC) process, which requires companies to
understand who their customers are, their financial behaviour, and what kind of money laundering or
terrorism financing risk they present.

EDD / Enhance Due Diligence:

EDD is a higher version of the standard customer due diligence process, requiring extra checks and
verifications to establish the person’s identity or any related information.
EDD is a part of the Know Your Customer (KYC) process, adopted as part of the AML framework while
onboarding new customers/clients.
it is a regulatory requirement in case of customers classified as “high-risk,” requiring increased
scrutiny and higher verification standards.

1|Page
Some red flag indicators suggest the need for EDD measures.

Customers hailing from jurisdictions notified as “high-risk” or subject to increased monitoring (FATF
grey list countries)
The customer is a Politically Exposed Person (PEP) or associated with PEP.
A person has a criminal history or charged for any financial crimes and proceedings are underway.
The customer insists on settlement of the transaction in virtual assets.
Doubt about the appropriateness of customer’s risk classification
Customer is a non-profit organization (NPO)
Red-flag indicators of potentially unusual or suspicious activity, such as –
When intermediaries are involved in the transaction without any logical reasoning
When the customer’s legal structure is unnecessarily complex
Customer hesitant is sharing the details of the ultimate beneficial owner.

High Risk Customers:
PEPS
Dealers in precious metals & Stones (DPMS)
Real Estate Agents
Beneficial owners
Lawyers ,Accountants, Auditors with financial dealing for customers
Shell Companies/Front Companies.

STAGES OF MONEY LAUNDERING
Placement: During placement, “dirty” money derived from criminal activities is place in the financial system
whether such money arises from the purchase or sale of the precious metal or stone.

Layering: To conceal the illegal origin of the placed funds and thereby make them more useful to criminals, the
funds must be moved, dispersed, and disguised. Layering is the process of disguising the source of the funds
through layers of financial transactions.

Integration: Once the funds are layered and can no longer be traced back to their criminal origins, they are
integrated into the financial system and now appear “clean” and available for use by criminals. If layering has
been successful, integration places the laundered money back into the economy and financial system in such a
way that they appear clean and legitimate.

AML/CFT Business Risk Assessment.
The AML risk profile is determined after identifying and documenting the risks inherent to the Al Aya Gold
trading activity and its roles in the supply chain but not limited to:

Customer risk,
Geographic risk,
Channel risk,
Products risks and
Transactions risks

High Risk Geographies:

Sanctioned Countries.
Weak AML jurisdiction.
Offshore destination.
Countries known for Drug trafficking.
Countries known for terrorism.
Low ranking on Corruption Index.

2|Page
High Risk Products:

Use of Cash
Purchases from High- Risk Countries
Sales from High-Risk Countries
High Volume
Anonymous use

Targeted Financial sanction:
Where the customer is positive match to sanctions category for Proliferation of risk or Terrorism financing
under UN Security Council or UAE National list of Individual and Entities, Al Aya Gold is expected to freeze the
funds or do not honor the transaction and within 24hours of awareness of sanction
individual/entity/beneficiary. It is prohibited to make any such funds/precious without the prior consent of the
Executive Office of UAEIEC

In implementing the TFS, we must do the following:
Step-1 Subscribe:

Subscribe to the Executive Office Notification System to receive automated email notifications on any updates
to the Sanctions Lists (Local Terrorist List or UN Consolidated List)

Step-2 Screen:

Screen customers, potential customers, beneficial owners, and transactions to identify possible matches to the
Local Terrorist List or UN Consolidated List.

Screening must be undertaken in the following circumstances:

1) Upon any updates to the Local Terrorist List or UN Consolidated List. In such cases, screening must be
conducted immediately and without delay to ensure compliance with implementing freezing
measures without delay (within 24 hours).
2) Prior to onboarding new customers/business relationships
3) Upon KYC reviews or changes to a customer’s information.
4) Before processing any transaction.

Step-3 Apply Targeted Financial Sanctions:

1. Freezing of all funds: Freeze, without delay (within 24 hours) and without prior notice, all the funds:
A. Owned or controlled, wholly or jointly, directly, or indirectly, by an individual or legal entity designated
by the UAE Cabinet or pursuant to a relevant UNSC Resolution.
B. Derived or generated from funds under item (a); or
C. Individuals or legal entities acting on behalf of or at the direction of an individual or legal entity
designated by an individual or legal entity designated by the Local Terrorist or pursuant or the United
Nations consolidated list.

2. Prohibition of making funds/supply of precious Metal or stones or equivalent: No individual or legal
person in the UAE is permitted to provide services related to, whether in whole or in part, directly or
indirectly, or for the benefit of any individual or legal entity listed in the Local Terrorist List or the UN
Consolidated List pursuant to a relevant UNSC Resolution.

Step-4 Report:

Should report any freezing or suspension measures taken upon identifying confirmed or potential matches
through the GoAML platform within five (5) days from taking such measures.

3|Page
High-Risk Customers
A high-risk customer for purpose of AML, CFT & Sanction policy could be either of the following:

Is a foreign pep.
Is a restricted or sanctioned person on an official authority watch-list.
Where payment is made in form of precious metal and stones or equivalent form.
Where business relationships and transactions involve high risk jurisdiction.
resident or operates in a high-risk jurisdiction identified as having weak AML regimes.
Person/country; located in a high-risk country; or is connected to the extraction industry, for instance,
the extraction of natural resources such as gas, oil, diamonds, gold (and other precious metal), and
wildlife (e.g., ivory trading).
Has a complex ownership structure, making it difficult to identify the owners and controllers or know
where funds are coming from or going to.
a charity or ‘not-for profit’ organization–terrorists may exploit charities to move funds, provide
logistical support, encourage terrorist recruitment, or support other terrorist groups.
Any cases as recommended as High risk by the Compliance as supported by the risk assessment.

Other Rating Category:
Any other customers who are not rated as High-Risk Client should be treated as a Medium Risk or Low Risk.

TFS ADDITIONAL OBLIGATIONS
Implement the freezing cancellation decision :

Without delay, pursuant to Related UN Security Council Resolutions or decisions of the Cabinet regarding
issuance of Local Terrorist List and notify the Supervisory Authority and the Executive Office.

Immediately notify :

Notify within five business days, the relevant Supervisory Authority and the Executive Office in the following
cases and include the following information:

1. Identification of targeted funds - the actions that have been taken as per requirements of related
UNSC Resolutions or decisions of the Cabinet regarding issuance of Local Lists, including concerning
attempted transactions.
2. Detection of any match with listed individuals or legal entities - details of its data and the actions that
have been taken as per requirements of related UNSC Resolutions or decisions of the Cabinet
regarding issuance of Local Terrorist Lists, including concerning attempted transactions.
3. If it was found that one of its previous customers or any occasional customer it dealt with, is listed on
the Sanctions List or the Local Lists.
4. If there is any indication that one of its customers or former customers, or a person it has business
dealings with, is a individual listed on the UN Sanctions List or the Local List or has a direct or indirect
relationship with a Listed individual.
5. Similarity of names (notify even if no action has been taken / inability to remove such similarity
through available or accessible information).

Implement internal controls and procedures:

Set and effectively implement internal controls and procedures to ensure compliance with the obligations
arising from the Cabinet Resolution No. 74 of 2020.

4|Page
Implement policies and procedures:

Set and implement policies and procedures that prohibit staff from, directly or indirectly, informing the
customer or any third party that freezing action shall be implemented as per provisions of the Cabinet
Resolution No. 74 of 2020.

Cooperate:

Cooperate with the Supervisory Authority and the Executive Office in verifying accuracy of presented data.

Partial Name Match: A partial name match is when there is a partial match between identifiers in the
Sanctions Lists with any information in your databases, and you are unable to conclude a false positive or a
confirmed match. For this , we submit PNMR (Partial name Match Report) within 5 business days with all
documents.

Confirmed Match: A confirmed match is when an individual, entity, or group matches all of the key identifiers
published on the Sanctions Lists. For this , we submit FFR (Fund Freeze Report) within 5 business days with all
documents.

False Positive Result: A false positive is a partial name match to listed individuals, entities, or groups, either
due to the common nature of the name or due to ambiguous identifying data, which on examination proves
not to be a confirmed match.

Negative Result : A negative result is when no match is identified upon conducting screening.

Suspicious Activity Report (SAR)

piece of information that alerts law enforcement of potential money laundering or terrorist financing.

Different Types of Reporting GoAML.

STR: Suspicious Transaction Report:
If during the establishment or course of the customer relationship, or when conducting
transactions on behalf of a customer or potential customer, DNFBP entity suspects
transactions related to money laundering, fraud or terrorist financing , then the entity should
submit an STR to the FIU at the earliest.

SAR: Suspicious Activity Report :
If during the establishment or course of the customer relationship, DNFBP suspects any activity or an attempt
transaction (i.e. a non-executed transaction) that can be related to money laundering , fraud or terrorist
financing, then the entity should submit a SAR to the FIU at the earliest.

HRC: High-Risk country transaction report :
If during the establishment or course of the customer relationship, or when conducting transaction on behalf
of a customer or potential customer , DNFBP identifies transactions related to High-risk countries as defined by
the national Anti-money laundering and combating the financing of terrorism and financing of Illegal
organization Committee, then the DNFBP should submit an HRC to the FIU.

HRCA: High risk country activity report:
If during the establishment or course of the customer relationship, or when conducting an activity on behalf of
a customer or potential customer, DNFBP identifies activities related to High-risk countries as defined by the
National Anti-money laundering and combating the financing of terrorism and financing of illegal organization
committee, then the entity should submit an HRCA to the FIU.

5|Page
Suspicious Transaction Indicators:
1) Unnecessarily complex transactions or series of transactions.
2) Don’t appear to have an economic or commercial rationale for transactions.
3) Numbers, sizes, or types of transactions that appear to be inconsistent with the customer’s
expected activity.
4) Transactions that appear to be enormous in relation to a customer’s declared income or turnover.
5) Large unexplained cash amounts , especially when they are inconsistent with the nature of the
customer’s business.
6) Transactions involving high risk countries, including “own funds” transfers , wherein no clear
purpose for transaction.
7) Frequent or unexplained changes in ownership of business relationships.
8) Illogical changes in business activities especially where high-risk activities are added.
9) Situations in which CDD measures cannot be performed such as refuse to provide CDD
documentation, Provided documentation that is misleading, fraudulent or forged.

AML/CFT Suspicious Transaction Indicators
Unnecessarily complex transactions or series of transactions.
Don’t appear to have an economic or commercial rationale for transactions.
Numbers, sizes, or types of transactions that appear to be inconsistent with the customer’s
expected activity.
Transactions that appear to be exceptionally enormous in relation to a customer’s declared
income or turnover.
Large unexplained cash amounts , especially when they are inconsistent with the nature of the
customer’s business.
Transactions involving high risk countries, including “own funds” transfers , wherein no clear
purpose for transaction.
Frequent or unexplained changes in ownership of business relationships.
Illogical changes in business activities especially where high-risk activities are added.
Situations in which CDD measures cannot be performed such as refuse to provide CDD
documentation, Provided documentation that is misleading, fraudulent or forged.

Customer behavior red flags:
1. Customer avoids personal contacts or refuses to provide information , data, or necessary documents.
2. Use fake documents or an email address that can’t be verified.
3. Parties involved are from high-risk countries or from sanctioned countries.
4. No apparent commercial reason for the parties to be connected.
5. Doubt about the authenticity of connection between customer & supplier.
6. Multiple transactions between the same parties in a short time without genuine reasons.
7. Below the legal age and unusual transactions observed may also considered as red flags.

Company Behavior Red Flags:
1. Frequent changes to business name of entities registered.
2. Registration of company in a tax haven though its business relates to another jurisdiction.
3. Numerous sole proprietorship business/private limited companies set up seemingly unrelated people
(proxies) but controlled by the same group of people.
4. False addresses are used to register businesses.
5. Use of corporate structure of shell companies located across the jurisdictions.
6. A significant number of companies registered to one natural person.
7. Commercial activities are not easy to track as the companies are registered elsewhere.
8. No clarity of how the company transports the merchandise it has bought.

6|Page
Trade based (TBML) behavior Red Flags:
1. Cash payments for high value orders are indication of trade-based money laundering (TBML) activity.
2. Misclassification of weight origin and value on customs declaration form.
3. Goods shipped to or from jurisdiction designates as high risk for money laundering activities or
sensitive / non cooperative jurisdiction.
4. Goods is transhipped through one or more such high risk / sensitive jurisdiction for no apparent
economic reason.
5. Consignment size or type of commodity being shipped appears inconsistent with the scale or capacity
of the exporter or importers having regard to their regular business activities or the shipment doesn’t
make economic sense.
6. The transaction involves the use of front or shell companies.

Payment ( fund transfer ) behavior Red Flags:
1. High value/volume funds transfers (in/out) which appears to be no logical purpose and it involves
higher risk countries.
2. Small amount fund transfers to avoid triggering alerts or reporting requirements.
3. Funds transfers received without originator information, or the person on whose behalf the
transaction is conducted.
4. Transactions involving foreign currency are followed within a short period of time by funds transfers to
higher risk locations.
5. Multiple companies are used to collect and funnel funds to a small number of foreign beneficiaries,
both businesses and persons, particularly in higher-risk locations.
6. Funds are sent or received via international transfers from or higher-risk or sanctioned countries.

How to improve quality of suspicious activity :
5Ws And 1H:

Who: who is involved.
What : what is criminal activity/ what is the value of criminal activity.
Where: Where is the criminal activity.
When: When did the circumstances arise / when are the circumstances planned to happen.
Why: Why you are suspicious or have knowledge.
How: how did the circumstances arise.

Be clear & concise:

Structure your report including all relevant information.
Briefly summarize your suspicion.
Keep the content clear, concise & simple.
Avoid acronyms and jargon- they may not be understood by the recipient and are open to
misinterpretation.

FATF: The Financial Action Task Force:

Established in 1989 – Head quarter in Paris.
40 Recommendations released in 2000. These recommendations serve as the international standard
for countries to follow in creating their national legal and regulatory frameworks.
FATF has 39 member countries. Indonesia Joined recently to become 40
The primary aim is combating money laundering, terrorist financing, and other threats to the integrity
of the international financial system.

7|Page
 FATF plays a crucial role in promoting financial integrity and security at the international level by
providing a framework for countries to combat illicit financial activities and by encouraging
cooperation and coordination among nations in these efforts.

FATF Grey List as of 27th October 2023:

Barbados Burkina Faso Croatia Gibraltar Jamaica South Africa
Bulgaria Cameroon Congo Haiti Mali South Sudan
Mozambique Nigeria Philippines Senegal Uganda Tanzania
Türkiye Syria UAE Vietnam Yemen

Blacklist countries:

1- Iran
2- North Korea
3- Myanmar

Executive Office of Anti-Money Laundering and Counter Terrorism Financing: (EOCN)

Established pursuant to Cabinet resolution no. 10 of 2021, and among its tasks is to oversee the
implementation of the National AML/CFT Strategy and the National Action Plan and monitor and assess any
risks related to AML/TF, financing illegal organizations, and financing proliferation.

DNFBP: Designated Non-Financial Businesses and Professions: include.
1. Lawyers and Notaries: Legal professionals often handle financial transactions, real estate transactions,
and other activities that could be susceptible to money laundering. They are subject to AML and CTF
regulations in many jurisdictions.
2. Accountants and Auditors: Accountants and auditors may be involved in financial transactions and
record-keeping, making them potential conduits for illicit financial activities. They are often subject to
AML and CTF requirements.
3. Real Estate Agents: Real estate transactions can involve large sums of money, making real estate
agents a potential target for money laundering. Many countries impose AML regulations on this
profession.
4. Trust and Company Service Providers: These entities assist in the creation and management of trusts,
companies, and other legal entities. They can be used to hide the true ownership of assets, making
them subject to AML and CTF rules.
5. Dealers in Precious Metals and Stones: Businesses that deal in precious metals and stones are at risk
of being used for money laundering due to the intrinsic value of these commodities. They are often
subject to AML regulations.
6. High-Value Goods Dealers: Sellers of high-value items, such as art dealers and dealers in luxury goods,
can be targets for money laundering schemes.

Dual Use Goods:
Strategic goods are dual-use goods, technology and software that can be used for both civilian and military
applications, and/or contribute to the proliferation of Weapons of Mass Destruction.

Chemicals components which have dual-use applications for both civilian and military, and/or contribute to
the proliferation of Weapons of Mass Destruction as enlisted by the Organization for the Prohibition of
Chemical Weapons (OPCW).

8|Page
The Executive Office for Control and Non-Proliferation issues permits for the import/export/re-export of such
goods in certain cases that are related to national security; foreign policy; non-proliferation of nuclear
weapons, missile technology, chemical or biological weapons; regional stability or terrorism.

The main components of an effective AML/KYC program?
1. Customer Identification Program (CIP): Procedures to verify and document the identity of customers
during onboarding.
2. Customer Due Diligence (CDD): Ongoing monitoring of customer activities and risk assessment based
on their transactions, source of funds, and background.
3. Enhanced Due Diligence (EDD): Additional scrutiny and monitoring for higher-risk customers or
transactions.
4. Transaction Monitoring: Real-time monitoring of customer transactions for detecting suspicious or
unusual activities.
5. Reporting: Reporting suspicious transactions to the relevant authorities, such as the Financial
Intelligence Unit (FIU).
6. Training and Awareness: Ongoing training programs to educate employees about AML regulations
and emerging risks.

How do you verify a customer's identity during the KYC process?
1) Document Verification: Collecting and verifying official documents like passports, driver's licenses, or
national ID cards.
2) Address Verification: Confirming the customer's residential or business address through utility bills,
bank statements, or government-issued documents.
3) Biometric Verification: Using biometric data such as fingerprints or facial recognition for identity
verification.
4) Database Checks: Checking customer information against reliable databases, government registers, or
watchlists to identify potential risks or suspicious individuals.

How do you ensure compliance with AML and KYC regulations in your day-to-day activities?

1. Adhere to internal policies and procedures established by the institution.
2. Conduct thorough customer due diligence and maintain up-to-date customer records.
3. Continuously monitor customer transactions for suspicious activities.
4. Report any suspicious transactions promptly to the appropriate authorities.
5. Stay updated on regulatory changes and attend regular training sessions to enhance knowledge of
AML/KYC practices.
6. Foster a culture of compliance and ethical behavior within the organization.

Consequences of non-compliance with AML and KYC regulations?

1. Reputational damage
2. Monetary penalties
3. Legal actions
4. Loss of licenses
5. Restrictions on business operations.
6. Increased risk exposure to money laundering, terrorist financing, and other illicit activities.

9|Page
How do you ensure that your AML/KYC processes are up to date with changing regulations?
A. Review regulatory updates, guidelines, and industry best practices.
B. Participate in training programs, attend conferences or seminars, and engage in knowledge-sharing
with industry peers.
C. Establishing strong communication channels with regulatory bodies and compliance professionals
within the organization would also help in staying informed about regulatory changes.

How do you assess the risk level of a customer during the KYC process?
Evaluating factors such as :

Geographic location
Nature of business.
Source of funds
Expected transaction volume,
Past financial behavior.
This risk assessment allows financial institutions to categorize customers as low, medium, or high risk.
It helps determine the extent of due diligence required and the frequency of monitoring for each
customer.

Steps would take if suspect a customer's involvement in money laundering activities.

1) Documenting and preserving all relevant information and evidence.
2) Reporting the suspicious activity to the institution's designated AML officer or compliance
department.
3) Coordinating with the AML officer to file a suspicious activity report (SAR) with the appropriate
regulatory authority or Financial Intelligence Unit (FIU).
4) Cooperating with law enforcement or regulatory agencies during investigations, if required.

How to ensure the privacy and confidentiality of customer data while conducting AML/KYC processes?

1. Adhering to data protection laws and regulations.
2. Limiting access to customer information only to authorized personnel on a need-to-know basis.
3. Utilizing secure systems and technologies to store and transmit sensitive data.
4. Conducting regular audits to identify and address any vulnerabilities in data security.

How do you identify the beneficial owner of a company?

1. Start with the top-level shareholders: These shareholders are more likely to be beneficial owners.
2. Look for individuals who control voting rights: Even if a shareholder does not own a majority of a
company's shares, they may still be considered a beneficial owner if they control voting rights.
3. Collect company data (business name, location, type/ industry, registration number and incorporation
documents)
4. Identify all individuals with significant ownership or control positions in the company. Monitor any
subsequent changes.
5. Collect and verify data of beneficial owners (name and title, address, date of birth, social security
number, passport/ any government-issued ID or the document numbers).
6. Access the risk they pose based on the data collected and verified and make an informed decision to
establish a free, controlled or no relationship at all with the entity.

10 | P a g e
Politically Exposed Person:

Individual with a high-profile political role, or someone who has been entrusted with a prominent public
function.

Classifications of PEP

1- Foreign PEP: Individuals entrusted with prominent public functions by a foreign country like
heads of state or of government, senior politicians, senior government, judicial or military
officials, senior executives of state-owned corporations, important political party officials.
2- Domestic PEP: Individuals entrusted with prominent domestic public functions like heads of state
or of government, senior politicians, senior government, judicial or military officials, senior
executives of state-owned corporations, important political party officials’.
3- International PEP: an individual entrusted with a prominent position by an international
organization like ‘members of senior management, i.e. directors, deputy directors and members
of the board or equivalent functions.
4- Relatives and Close Associates: immediate family members or close social or professional
contacts of a government or political official, or senior executive – meaning spouses, parents,
siblings, children, and spouses’ parents and siblings.

The 3 Quadrants of Risk:

High Risk:

1- Ruling Royal Families.
2- Heads Of State and government
3- Members of government ( National & Federal level).
4- Members of Parliament ( National & Federal level).
5- Senior officials of other state agencies and bodies and high-ranking civil servants.
6- Head & senior officials of the military, judiciary, law enforcement and boards of central banks.
7- Top ranking officials of political parties.

Medium Risk:

1- Members of regional government, Parliaments , Judiciary.
2- Senior officials and functionaries of international & supernational organizations.
3- Ambassadors , consuls and high commissioners.

Low Risk:

1- Mayors & members of local, county, city & district assemblies.
2- Senior executives of local governmental bodies ( agencies , state-owned businesses.
3- Judges of local court.

What is Sanctions?

Restriction that’s imposed on a country, a specific person, a legal entity or an organization.
They’re used by governments as a non-violent foreign policy tool to fight activities such as
financial crime, human rights abuses, the sheltering of international criminals, nuclear weapons
development and terrorism.

11 | P a g e
Typical restrictions associated with sanctions include:

Prohibiting the transfer of funds to and/or from a sanction country and/or Specifically
Designated Nationals (SDN)
Freezing the assets of a government, entity, individual or resident of a sanctioned country.
Prohibiting types of activities.
Imposing travel bans.
Other financial and diplomatic restrictions.

Penalties for failing to comply with a Sanction or Embargo:

Seizure of goods, significant fines and even imprisonment
Payments may be confiscated or your funds frozen, restricting your cash flow.
Subject to increased due diligence by regulators, financial institutions and counter parties on
your future transactions and activities,
Financial institutions will refuse to handle transactions on behalf of your company.
Reputation will be significantly damaged.

The different types of sanctions:

Multilateral: adopted by more than one country against another country. They’re usually
issued by super national bodies such as the United Nations Security Council (UNSC), the
European Union or the Arab League.
Autonomous : adopted by just one country against another country. They’re usually issued
by domestic government bodies such as the USA Office of Foreign Asset and Control (OFAC),
USA Bureau of Industry and Security (BIS);or Her Majesty’s Treasury (HMT) in the UK.

The different kinds of sanctions:

1. Economic Sanctions:
Trade Embargoes: Complete or partial bans on trade with specific countries or entities. b.
Export/Import Restrictions: Limitations on the export or import of specific goods or
technologies.
Export/Import Restrictions: Limitations on the export or import of specific goods or
technologies.
Financial Restrictions: Imposing limitations on financial transactions, such as blocking access
to banking systems or restricting access to international financial markets.
Sectoral Sanctions: Targeting specific sectors of an economy, such as the energy, defense, or
technology sectors, by imposing restrictions on trade or investment.

2. Arms Embargoes: Arms embargoes involve restrictions on the export, import, or transfer of
weapons, ammunition, military equipment, or related technologies to specific countries, groups,
or individuals. They aim to prevent the proliferation of weapons and maintain regional or global
security.

3. Travel Bans and Visa Restrictions: Travel bans, and visa restrictions are measures that prevent
individuals from entering or exiting a country or restrict their ability to travel to specific
destinations. These restrictions can be imposed on individuals associated with sanctioned
countries, organizations, or activities.

12 | P a g e
 4. Diplomatic Sanctions: Diplomatic sanctions involve the reduction or suspension of diplomatic
relations with a particular country, including recalling ambassadors, closing diplomatic missions,
or refusing to recognize a government.

5. Targeted Sanctions: Targeted sanctions focus on specific individuals, entities, or groups involved
in illicit activities or human rights abuses. They may include asset freezes, travel bans, or
restrictions on financial transactions directed at those targeted individuals or entities.

6. Multilateral Sanctions: Multilateral sanctions are imposed collectively by multiple countries or
international organizations, such as the United Nations, European Union, or regional bodies. They
involve coordinated efforts to apply pressure on a particular country or entity and ensure broad
compliance.

7. Non-Financial Sanctions: Non-financial sanctions encompass a range of measures beyond
economic or trade restrictions. These can include cultural, sporting, or academic boycotts,
restrictions on technology transfers, or limitations on scientific cooperation.

Specially Designated Nationals (SDNs):

SDNs can be individuals or entities (such as financial institutions, companies, shipping
vessels, ports or airlines) and they can be located anywhere in the world.
Authorities designate SDNs for a number of reasons. They may be linked to human rights
abuses, nuclear proliferation, terrorism, narcotics trafficking, transnational criminal
organizations, or they may support sanctioned regimes.
In most cases, entities that are beneficially owned by or significantly linked to an SDN will
also be considered an SDN.

Who implements Sanctions?

1) UAE :The Central Bank of the UAE is responsible for the implementation of UN, Arab League and
other sanctions and embargoes from time to time within the Emirates.

2) European Union :The EU implements sanctions and embargoes (commonly referred to as
‘restrictive measures’ in the EU) under the Common Foreign and Security Policy (CFSP)
framework. EU sanctions and embargoes apply to all EU member states.

3) United Kingdom: Her Majesty’s Treasury (HMT) is responsible for the implementation and
administration of international financial sanctions and embargoes in the UK.

4) United Nations :The United Nations Security Council (UNSC) is responsible for implementing
United Nations sanctions and embargoes. All member countries under the Charter of the United
Nations are obliged to abide by UN sanctions.

5) United States :The United States Treasury Office of Foreign Assets Control (OFAC) is principally
responsible for administering and enforcing autonomous US sanctions and embargoes however
the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce also administer a
number of sanctions in additional to control and licensing of exports form the United States.

Sanctioned Country List:

Cuba Syria Iran North Korea Myanmar
Ukraine Venezuela Sudan Crimea

13 | P a g e
Sanctions Risk Mitigation Process:

1- GREY CATEGORY: If the individual is from Sanctioned Country, however, is not listed as a SDN /not
listed in any of Listing authority links and has been as resident in the UAE and has proof of
residency in the UAE ,we could consider conducting Business with them after conducting EDD on
them and Business activity.
2- RED CATEGORY: Regarding Red Category, we do not deal with these Entity And Individuals who
are categorized in this categories Individuals or Entity based and residing in the following
countries Cuba, Iran, North Korea, Syria, Ukraine, Venezuela, Myanmar, Sudan and Crimea.

PROOF OF RESIDENCY IS CLASSIFIED AS BELOW:

All Pages of Passport Copy (to ensure that they have not travelled to Sanctioned Country)
Valid Visa Copy (Minimum Two Years in UAE)
Emirates ID Copy.
Tenancy Contract.
Utility Bills (minimum 2 Years).

IDENTIFICATION PROCESS FOR GREY LIST:

Media Search (Adverse media Check)
KYC Check to ensure Nationality.
Name Screening on Sanction list from Respective Departments. (Already in World Check).

UN Sanction regimes with Targeted Financial Sanctions:

Somalia Iraq Congo Libya
Yemen South Sudan Mali Central African Republic

AL AYA GOLD LLC Sanction Procedure and Control

According to Article 21 of UAE Cabinet issued Resolution (74) of 2020 For the purposes of implementing the
present Decision, AL AYA GOLD LLC shall abide by the following:

1- Register on the Office’s website in order to receive notifications related to new listing, re- listing,
updating, or de-listing decisions issued by the UN Security Council, the Sanctions Committee or the
Cabinet.

2- Regularly screen their databases and transactions against names on lists issued by the UN Security
Council, the Sanctions Committee or the Local Lists, and, immediately when notified of any changes to
any of such lists, provided that such screening includes the following:
Searching their customer databases.
Search for the names of parties to any transactions.
Search for the names of potential customers.
Search for the names of beneficial owners.
Search for names of persons and organizations with which they have a direct or indirect
relationship.
Continuously search their customer database before conducting any transaction or entering into a
serious business relationship with any person, to ensure that their name is not listed on the
Sanctions List or Local Lists.

3- Implement freezing measures, without delay, and without prior notice to the Listed Person,
immediately when a match is found through the screening process referred to in paragraph (2) of this
article.

14 | P a g e
 4- Implement decisions to lift freezing measures without delay, pursuant to Relevant UNSCRs or
decisions of the Cabinet regarding the issuance of Local Lists.

5- Immediately notify the Supervisory Authority in the following cases:
Identification of funds and actions that have been taken as per requirements of Relevant UNSCRs or
decisions of the Cabinet regarding the issuance of Local Lists, including attempted transactions.
Detect any match with listed persons or entities, details of the match data and actions that have been
taken as per the requirements of Relevant UNSCRs and Local Lists, including attempted transactions.
If it was found that one of its previous customers or any occasional customer it dealt with, is listed on
the Sanctions List or Local Lists.
If it suspects that one of its current or former customers, or a person it has a business relationship
with is listed or has a direct or indirect relationship with the Listed Person.
No action has been taken due to a false positive, and the inability to dismiss such false positive
through available or accessible information.
Information relating to funds that have been unfrozen, including their status, nature, value and
measures that were taken in respect thereof, and any other information relevant to such decisions.
6- Establish and effectively implement internal controls and procedures to ensure compliance with the
obligations arising from this Decision.

7- Establish and implement policies and procedures that prohibit staff from, directly or indirectly,
informing the customer or any third party that freezing or any Other Measures shall be implemented
in accordance with the provisions of this Decision.

8- Cooperate with the Office and the Supervisory Authority in verifying the accuracy of submitted
information.

Concept of Anti-Bribery:

measures and strategies put in place to prevent and combat bribery, which involves offering, giving,
receiving, or soliciting something of value to influence the actions of an official or other person in a
position of authority. The goal is to ensure fair, transparent, and ethical practices in various sectors.

Concept of Anti-Corruption:

Anti-corruption encompasses a broader scope, addressing all forms of corrupt behavior, including
bribery, embezzlement, fraud, extortion, nepotism, and more. It aims to promote integrity,
accountability, and transparency in both public and private sectors.

Hawala system

The Hawala system is a way of conducting remittances that is based on trust and reputation rather
than formal contracts and paperwork. In this system, a person known as a hawaladar receives money
from a customer in one location and then uses a network of trusted contacts to transfer the funds to
the recipient in another location.

Screening vs. Transaction Monitoring: Screening's mission is to uncover various risks, such as:

🔹 Sanctioned individuals or entities
🔹 Politically exposed persons (PEPs)
🔹 Links to terrorist organizations
🔹 High-risk countries or jurisdictions
🔹 Known criminals
🔹 Wanted individuals

15 | P a g e
Transaction monitoring's radar is set to flag suspicious activities such as:

🔸 Large or unusual transactions
🔸 Transactions beyond a customer's typical behavior
🔸 Involvement with high-risk countries
🔸 Transactions designed to maintain anonymity

Structure of Suspicious Activity Report : ( SAR)

1- Header Information: Begin with the official header, including the reporting institution's name,
address, contact information, and the date of the report.
2- Identifying Information: Provide the complete name and any known aliases or alternative names of
the subject(s) involved in the suspicious activity.
3- Background Info: Briefly explain the relationship between the institution and the subject, including
how the institution came into contact with the subject. Describe the nature and purpose of the
account or relationship (e.g., personal savings, business checking).
4- Activity Description: Briefly explain the relationship between the institution and the subject, including
how the institution came into contact with the subject. Describe the nature and purpose of the
account or relationship (e.g., personal savings, business checking).
5- Rationale for Suspicion: Explain why the activity raises concerns and what led you to believe it may be
related to money laundering, fraud, or other illegal activities.
- Reference any internal policies, procedures, or guidelines that were violated or triggered the
suspicion.
6- Regulatory References: Cite relevant regulatory provisions, such as the Bank Secrecy Act (BSA) or Anti-
Money Laundering (AML) laws, that require the reporting of suspicious activities.
7- Impact Assessment: Describe the potential impact of the suspicious activity on the institution,
including reputational risk, financial risk, or legal consequences.
8- Supporting Docs: Attach any supporting documents, records, or evidence that substantiate the SAR.
Ensure these are labelled clearly and confidentially.
9- Review & Approval: - Indicate that the report has been reviewed and approved by appropriate
personnel within the institution. Include their names and titles.
10- Filing & Reporting: Specify the intended recipient of the SAR, such as the Financial Crimes
Enforcement Network (FinCEN) in the United States, and the method of submission (e.g.,
electronically through the BSA E-Filing System).
11- Confidentiality & Protections: Include a statement regarding the confidentiality of SARs and the legal
protections afforded to those who file them under applicable laws and regulations.
12- Contact Info: Provide contact information within the reporting institution for further inquiries or
information related to the SAR.
13- Documentation & Retention: Maintain copies of the SAR and all related documents as required by
regulatory authorities.

A shell company:
Can be used to launder money by concealing the true ownership of assets and making it difficult for authorities
to trace the origin of funds.

The process of Shell companies:

1. Incorporation: The money launderer creates a shell company in a jurisdiction with lax disclosure
requirements, or by using nominee directors and shareholders to conceal the true ownership of the company.

2. Bank Account: The shell company opens a bank account in its name, and the money launderer deposits the
proceeds of illegal activities into the account.

16 | P a g e
 3. Layering: The money launderer uses the shell company to conduct a series of financial transactions, such as
buying and selling assets, or making wire transfers, in order to create a complex trail of transactions that
makes it difficult for authorities to trace the origin of the funds. This process is often referred to as "layering."

4. Integration: The money launderer uses the shell company to integrate the proceeds of illegal activities into
the legitimate financial system by investing the funds in legitimate assets or businesses.

What is KYC:

The process of verifying and identifying customers to prevent financial crimes such as money laundering, fraud,
and terrorist financing.

The essential components of a KYC process:

Customer identification
Customer due diligence (CDD)
Risk assessment
Ongoing monitoring
Reporting of suspicious activities.

How do you verify the identity of a customer during the KYC process:

Government-issued IDs, passports, proof of address, and other supporting documents. Additionally, digital
solutions like biometric authentication and data matching against trusted sources can be used to enhance
identity verification.

What is the difference between KYC and CDD?

Feature KYC CDD
Purpose Identify and verify customer identity Assess money laundering and terrorist financing risks
Timing Onboarding Ongoing
Approach Risk-based Risk-based
Scope Basic customer information Detailed customer profile, transaction history, and risk assessment

How would you handle a request for a high-value transaction from a politically exposed person (PEP)?

Identify the Politically Exposed Person (PEP): Determine if the individual falls under the definition of a PEP,
which includes individuals who hold prominent public functions or positions in foreign or domestic countries,
such as heads of state, senior politicians, senior government officials, or senior executives of state-owned
corporations

Assess the Risk: Evaluate the level of risk associated with the PEP and the proposed high-value transaction.
Factors that may increase the risk include the country of origin, the nature of the transaction, and the source of
funds involved , Consider whether the PEP is an immediate family member or a known close associate of a PEP, as
they may also pose similar risks

Enhanced Due Diligence (EDD): Conduct EDD measures, which involve a more thorough investigation and
verification process compared to standard due diligence procedures. EDD may include additional verification of
the PEP's identity, source of wealth, and the legitimacy of the transaction. It may also involve assessing the
reputation and integrity of the PEP

Source of Funds: Scrutinize the source of funds for the high-value transaction. Ensure that the funds are
legitimate and not derived from illegal activities. Verify the origin and traceability of the funds to prevent money
laundering and illicit financial activities

17 | P a g e
Record Keeping: Maintain comprehensive records of all the information obtained during the due diligence
process. Document the steps taken, the findings, and any red flags or concerns identified. This documentation will
serve as evidence of compliance in case of regulatory inquiries

Reporting Obligations: If any suspicious activities or transactions are identified during the due diligence process,
follow the necessary reporting obligations as per the regulations. Report any suspicious transactions to the
relevant financial intelligence unit or regulatory authority

Ongoing Monitoring: Implement enhanced ongoing monitoring of the PEP's transactions and activities.
Regularly review and update the PEP's profile and risk assessment to ensure continued compliance with
regulatory requirements.

How to identify the source of funds in AML:

1. Customer Due Diligence (CDD): Perform a thorough CDD process on the customer to gather relevant
information about their identity, occupation, business activities, and expected transaction patterns.
This helps establish a baseline understanding of the customer's financial activities.

2. Document Verification: Verify the authenticity and validity of documents provided by the customer,
such as identification documents, bank statements, tax records, or business registration documents.
This helps confirm the customer's identity and provides initial evidence regarding the source of funds.

3. Risk Assessment: Conduct a risk assessment based on the customer's profile, transaction history, and
other available information. This helps identify any red flags or indicators of higher risk associated
with the customer's financial activities.

4. Transaction Monitoring: Implement a robust system for monitoring customer transactions in real-
time. Look for unusual or suspicious patterns, such as large cash deposits, frequent high-value
transactions, or inconsistent transactional behavior. Unexplained or inconsistent sources of funds can
be indicative of money laundering or other illicit activities.

5. Enhanced Due Diligence (EDD): If the risk assessment indicates a higher risk, conduct enhanced due
diligence on the customer. This may involve gathering additional information, conducting more in-
depth background checks, or seeking third-party verification of the customer's financial activities.

6. Source of Wealth (SOW) Verification: Request information about the customer's legitimate sources of
wealth, such as employment, business operations, investments, or inheritance. Verify the authenticity
of the claimed sources by reviewing supporting documents, financial statements, tax records, or legal
agreements.

7. Know Your Customer (KYC) Interviews: Engage in face-to-face or remote interviews with the customer
to gather more information about their financial activities, income sources, and reasons for specific
transactions. This can help detect inconsistencies or discrepancies in the information provided.

8. Collaboration and Information Sharing: Collaborate with other financial institutions, regulatory
bodies, and law enforcement agencies to share information and intelligence related to suspicious
activities or individuals. This can help identify connections or patterns that may uncover the true
source of funds.

9. Ongoing Monitoring: Continuously monitor customer accounts and transactions for any changes in
behavior or risk factors. Regularly update customer information and conduct periodic reviews to
ensure the source of funds remains legitimate over time.

18 | P a g e
How do you ensure compliance with AML and KYC regulations in your day-to-day activities

1) Adhere to internal policies and procedures established by the institution.
2) Conduct thorough customer due diligence and maintain up-to-date customer records.
3) Continuously monitor customer transactions for suspicious activities.
4) Report any suspicious transactions promptly to the appropriate authorities.
5) Stay updated on regulatory changes and attend regular training sessions to enhance knowledge of
AML/KYC practices.
6) Foster a culture of compliance and ethical behavior within the organization.

How do you ensure that your AML/KYC processes are up to date with changing regulations?

Review regulatory updates, guidelines, and industry best practices. Additionally, participate in training
programs, attend conferences or seminars, and engage in knowledge-sharing with industry peers.

How do you assess the risk level of a customer during the KYC process?

Evaluating factors such as their geographic location, nature of business, source of funds, expected transaction
volume, and past financial behavior. This risk assessment allows financial institutions to categorize customers
as low, medium, or high risk.

The steps you would take if you suspected a customer's involvement in money laundering activities.

Follow the institution's established protocols, which typically include:

1) Documenting and preserving all relevant information and evidence.
2) Reporting the suspicious activity to the institution's designated AML officer or compliance
department.
3) Coordinating with the AML officer to file a suspicious activity report (SAR) with the appropriate
regulatory authority or Financial Intelligence Unit (FIU).
4) Cooperating with law enforcement or regulatory agencies during investigations, if required.

How do you ensure the privacy and confidentiality of customer data while conducting AML/KYC
processes?

1) Adhering to data protection laws and regulations.
2) Limiting access to customer information only to authorized personnel on a need-to-know basis.
3) Utilizing secure systems and technologies to store and transmit sensitive data.
4) Conducting regular audits to identify and address any vulnerabilities in data security.

An example of how you have effectively identified and prevented a potential money laundering risk?

In a previous role, I encountered a customer whose transactions showed sudden, significant increases in cash
deposits. Upon further investigation and analysis of the customer's source of funds, it became apparent that
the customer's declared income did not align with the deposited amounts. Recognizing this as a potential
money laundering risk, I promptly escalated the case to the compliance department, providing all relevant
evidence and documentation. As a result, the institution initiated enhanced due diligence procedures, which
ultimately led to the identification and prevention of a money laundering scheme.

19 | P a g e
 The key differences between trust companies, holding companies, and foundation companies:

Feature Trust Company Holding Company Foundation Company
Manage and hold assets for a
Manage and hold assets for the Own and control shares in other specific charitable or philanthropic
Purpose benefit of beneficiaries companies purpose
Can be owned by individuals, Can be owned by individuals,
Ownership corporations, or other entities corporations, or other entities Cannot have shareholders
Trustees have control over the Shareholders have control over the Council or board of directors has
Control assets of the trust holding company control over the foundation
Generally considered to be pass- Can be taxed as a corporation or as a
Taxation through entities for tax purposes pass-through entity Generally exempt from income tax

Regulation Regulated by trust law Regulated by corporate law Regulated by foundation law

Here is a brief explanation of each type of entity:

1) Trust companies are financial institutions that manage and hold assets for the benefit of beneficiaries.
Trusts can be used for a variety of purposes, including estate planning, asset protection, and charitable
giving. Trust companies are regulated by trust law, which is a body of law that governs the creation,
administration, and termination of trusts.
2) Holding companies are companies that own and control shares in other companies. Holding
companies can be used for a variety of purposes, including consolidating ownership of multiple
businesses, reducing tax liabilities, and raising capital. Holding companies are regulated by corporate
law, which is a body of law that governs the formation, operation, and dissolution of corporations.
3) Foundation companies are non-profit organizations that manage and hold assets for a specific
charitable or philanthropic purpose. Foundation companies are typically funded by donations from
individuals, corporations, or other foundations. Foundation companies are regulated by foundation
law, which is a body of law that governs the creation, operation, and dissolution of foundations.

Free Zone KYC documents:

Certificate of Incorporation: proves that the company is legally registered in the free zone.

Memorandum of Association (MOA): This document outlines the company's purpose, objectives, and
powers.

Articles of Association (AOA): This document sets out the company's internal rules and regulations.

Share Certificate: This document proves the ownership of shares in the company.

Proof of Identity and Address: copies of passports, driver's licenses, utility bills, or bank statements.

Bank Reference Letter: This letter from the company's bank confirms the company's good standing
and financial stability.

Business Plan: This document outlines the company's business model, target market, and financial
projections.

Source of Funds: This document explains the origin of the company's funds.

Proof of Residency: This may include copies of residency visas, utility bills, or lease agreements.

Utility Bills: This may include copies of electricity, water, or gas bills.

Tax Registration Certificate: This document proves that the company is registered for taxes in the
free zone.

20 | P a g e
What is the meaning of Due Diligence?

Due diligence refers to the process of thorough investigation and analysis conducted before making a decision
or entering into a business arrangement. It involves gathering and evaluating relevant information to assess
potential risks, liabilities, and potential benefits. The goal of due diligence is to make informed decisions that
minimize risks and maximize opportunities.

What are the main components of an effective AML/ KYC program for DPMS?

1) Risk Assessment: Conduct a thorough risk assessment to identify and prioritize money laundering risks
associated with DPMS activities.
2) Customer Due Diligence (CDD): Implement robust CDD procedures to verify the identity and beneficial
ownership of clients.
3) Enhanced Due Diligence (EDD): Apply EDD measures for higher-risk clients or transactions.
4) Suspicious Activity Reporting (SAR): Establish clear procedures for identifying and reporting suspicious
activities to the relevant authorities.
5) Recordkeeping and Monitoring: Maintain accurate and up-to-date records of CDD and EDD
documentation.
6) Sanctions Screening: identify and block transactions involving sanctioned individuals or entities
7) Training and Awareness: ongoing training to staff on AML/KYC policies, procedures, and red flags.
8) Management Oversight: regular reviews of the program's effectiveness and ongoing risk assessments.
9) Third-Party Relationships: Conduct due diligence on third-party partners and service providers to
ensure they have adequate AML/KYC controls in place.
10) Independent Testing: independent auditors or consultants to conduct regular reviews of the AML/KYC
program's effectiveness and compliance with regulatory requirements.

21 | P a g e
Short Things About OFAC

Mission :

The Office of Foreign Assets Control (OFAC) of the US Department of the Treasury administers and
enforces economic and trade sanctions based on US foreign policy and national security goals against
targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged
in activities related to the proliferation of weapons of mass destruction, and other threats to the national
security, foreign policy or economy of the United States.

OFAC acts under Presidential national emergency powers, as well as authority granted by specific
legislation, to impose controls on transactions and freeze assets under US jurisdiction. Many of the
sanctions are based on the United Nations and other international mandates, are multilateral in scope,
and involve close cooperation with allied governments.

OFAC sanctioned countries
📍Iran
📍Syria
📍Cuba
📍N. Korea
📍Sudan

As per OFAC body, these countries are most vulnerable to money laundering & terrorist financing
activities. Thus OFAC has imposed all kind of sanctions on them. It means no other country or
entity/individuals should deal with OFAC sanctioned countries. If they deal, it will be an OFAC violations &
OFAC body will take necessary actions.

22 | P a g e
COMPLIANCE MANAGER- Al Aya Gold LLC.

Designed & implemented compliance policies & procedures.
Ensure that the company complies with all legal regulations and ethical standards.
Conducts regular assessments to determine whether policies are compliant with the law.
Coordinating and conducting internal investigations into compliance issues.
Assess and identify potential risks within the company, develop proposals for dealing with and
avoiding compliance risks.
Trains and educates staff so that they are informed of any legal changes and updates to compliance
guidelines.
Review of GO AML Reporting and SAR/ STR Reporting
Conducting Internal Audit
Liaison with the regulators on matters concerning compliance with the regulatory requirements.
Review and provide approval for onboarding customer and suppliers.
Provision of approval on review of screening for Sanction Concerns and PEP Concerns
Ensure proper Record keeping is maintained in the company for Onboarding, Due Diligence, Screening
etc.
Conduct Transaction Monitoring of customers and suppliers periodically
Review and Risk Grade customer and suppliers based on the Risk categorization based on the over all
review of the customer.
Perform Duties of MLRO
Conduct Review on responsible sourcing of precious metal for customers and abide by OECD
Guidelines.

23 | P a g e
24 | P a g e
25 | P a g e
26 | P a g e