Roles for various functions based on AML/CFT guidelines

To ensure compliance with AML/CFT requirements and support the MLRO in effectively identifying, assessing, and managing risks, various departments and functions need clearly defined responsibilities. Here’s an outline of roles for Finance, Risk, Client Services, Sales, and Management departments based on AML/CFT guidelines

1. Finance Department

• Transaction Monitoring: Implement automated transaction monitoring for red flags related to terrorist financing (TF) and proliferation financing (PF) and report any anomalies directly to the Compliance Officer or MLRO.
• Sanctions Screening: Regularly screen all transactions against the UAE Local Terrorist List and UN Consolidated List, updating procedures to ensure prompt freezing of assets when needed.
• Record-Keeping and Reporting: Maintain detailed records of all financial transactions, especially high-risk ones, in line with UAE regulations, for a minimum of five years.
• Asset Freezing and Controls: Ensure immediate application of freezing directives on assets identified under Targeted Financial Sanctions (TFS) guidelines, coordinating with the MLRO for compliance reporting.

2. Risk Department

• Risk Assessment: Conduct and update institutional and customer risk assessments specific to AML/CFT risks, addressing TF and PF risks associated with geographic locations, products, services, and delivery channels.
• Enhanced Due Diligence (EDD): In collaboration with Compliance, ensure heightened due diligence for high-risk clients and transactions, particularly those linked to high-risk jurisdictions and suspicious activities.
• Reporting and Escalation: Regularly review and escalate findings from risk assessments to the MLRO, ensuring management is informed of any elevated AML/CFT risks.
• Audit and Testing: Oversee independent audits and testing to verify the effectiveness of AML/CFT controls and internal controls as required by regulatory standards.

3. Client Services Department

• Customer Due Diligence (CDD): Ensure CDD protocols are rigorously applied during onboarding and periodically updated, capturing beneficial ownership and other KYC requirements in alignment with regulatory standards.
• Sanctions and PEP Screening: Conduct mandatory screenings for new and existing clients against sanctioned lists, PEP databases, and adverse media prior to account opening and during periodic reviews.
• Training and Awareness: Train staff to recognize AML/CFT indicators and report suspicious behavior or transaction activities directly to the MLRO.
• Ongoing Monitoring: Regularly monitor client transactions, reporting any unusual patterns or deviations from expected behavior to Compliance for review.

4. Sales Department

• Onboarding and Risk Identification: Support risk assessment by flagging potentially high-risk clients during the onboarding phase, ensuring relevant documentation is provided for CDD and EDD processes.
• Training and Knowledge of AML/CFT Requirements: Ensure sales team members are trained on AML/CFT red flags, especially related to high-risk jurisdictions and business sectors.
• Escalation of Suspicious Activities: Promptly refer any suspicious client behavior or transactions that appear unusual to Compliance or the MLRO, without proceeding until cleared.

5. Management and Governance

• Policy Oversight: Senior management must ensure that AML/CFT policies, procedures, and controls are implemented effectively and comply with UAE and international AML/CFT standards.Support for the MLRO and Compliance: Provide adequate resources, support, and autonomy to the MLRO to fulfill AML/CFT obligations, including necessary personnel and technology.
• Internal Communication and Reporting: Facilitate regular communication between departments and the MLRO to ensure a cohesive approach to AML/CFT risk management.
• Governance and Accountability: Engage in governance practices, ensuring senior management and board members are informed of AML/CFT risks and policy updates, and maintain accountability for compliance within the organization.
• 6. Human Resources (HR)

• Employee Screening: Implement rigorous screening procedures for employees, particularly those in roles related to finance, client-facing functions, and compliance. Screen for adverse media, criminal history, or any association with high-risk individuals or jurisdictions.
• Ongoing Training and Awareness: Develop and deliver AML/CFT training programs, including targeted training for high-risk roles, to ensure employees understand red flags for suspicious transactions and know how to report them. Training should include knowledge of Targeted Financial Sanctions (TFS), sanctions lists, and CDD/EDD requirements.
• Confidential Reporting Channels: Establish confidential internal channels for employees to report suspicious activity without fear of reprisal, in compliance with whistleblower protections under UAE regulations.

7. Information Technology (IT)

• Transaction Monitoring Systems: Collaborate with Compliance to design, implement, and maintain robust transaction monitoring systems capable of identifying and flagging unusual transactions indicative of money laundering, terrorist financing, or proliferation financing.
• Sanctions Screening Software: Ensure effective integration of real-time sanctions screening software for customers, transactions, and payments. Software must incorporate updates from UAE Local Terrorist List and UN Consolidated List to promptly freeze assets of designated individuals.
• Data Security and Record-Keeping: Maintain secure storage and retrieval systems for all AML/CFT data, including CDD records, transaction histories, and suspicious transaction reports (STRs) for at least five years as required by UAE regulations.
• Access Control and Cybersecurity: Establish strong access control measures, allowing only authorized personnel access to sensitive AML/CFT information. Cybersecurity protocols should be in place to prevent unauthorized data breaches that may compromise compliance data.

8. Legal Department

• Policy Development and Regulatory Compliance: Draft and review AML/CFT policies in line with evolving UAE regulations and international standards, ensuring alignment with Cabinet Decision No. 74 of 2020 and other relevant legislation.
• Contractual Clauses and Third-Party Compliance: Ensure contracts with third-party vendors and partners include AML/CFT compliance clauses, mandating adherence to sanctions and AML policies as stipulated by UAE laws.
• Regulatory Liaison: Act as a liaison with regulatory bodies (e.g., CBUAE, DFSA) for legal interpretations of AML/CFT laws and ensure legal support for responses to inquiries or investigations related to suspicious activities.

9. Operations Department

• Customer Onboarding and Verification: Coordinate with Client Services to ensure CDD/EDD measures are rigorously applied during onboarding. Operations should verify beneficial ownership information, high-risk indicators, and PEP status, escalating any discrepancies to Compliance.
• Suspicious Activity Escalation: Identify operational inconsistencies or unusual patterns in account activity and immediately report these to Compliance or MLRO for further investigation.
• Record Maintenance and Documentation: Ensure thorough documentation of all client interactions, onboarding information, and transaction records to support ongoing monitoring and facilitate compliance audits.

10. Audit and Internal Controls

• Independent Testing and Audit: Conduct regular, independent audits of AML/CFT systems, controls, and processes to verify compliance effectiveness. Audit reports should provide actionable insights to senior management and MLRO to enhance risk controls.
• Compliance Review and Assessment: Regularly assess the AML/CFT program’s alignment with UAE regulatory standards, making adjustments based on findings from audits, regulatory updates, or risk assessments.

11. Senior Management Oversight

• Resource Allocation for AML/CFT: Ensure sufficient resources, including personnel, training, and technology, are allocated to AML/CFT compliance, providing necessary support to the MLRO and Compliance Officer.
• Oversight and Accountability: Senior management should actively participate in AML/CFT governance, attending regular updates and reviews on AML/CFT risk and policy compliance, and demonstrating accountability for AML/CFT obligations within the organization.
• Strategic Decision-Making Support: Factor AML/CFT compliance requirements into business strategies, especially when entering high-risk markets or launching new products that may have elevated AML/CFT risks.

For education purpose