Contact Us

Do UAE Anti-Money Laundering Laws Apply to Your Business? Here’s What You Need to Know

  • Home
  • Do UAE Anti-Money Laundering Laws Apply to Your Business? Here’s What You Need to Know
UAE Anti-Money Laundering Laws

Summary

Many businesses in the UAE assume that anti-money laundering (AML) laws apply only to banks and financial institutions. This assumption is incorrect and potentially costly. The UAE has developed a comprehensive AML framework extending far beyond traditional financial services, with enforcement intensifying following the country’s removal from the Financial Action Task Force (FATF) grey list in February 2024.

Key points:

  • Federal Decree-Law No. 10 of 2025 Concerning Combating Money Laundering, the Financing of Terrorism, and the Financing of Proliferation (AML Law) came into effect on 14 October 2025
  • Three primary categories of regulated entities: financial institutions, Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Asset Service Providers (VASPs)
  • DNFBPs include real estate agents, dealers in precious metals and stones, lawyers, accountants, and commercial gaming operators
  • Administrative penalties range from AED 10,000 to AED 5 million; criminal penalties include imprisonment and fines up to AED 5,000,000 for individuals (potentially higher for aggravated offenses), or up to AED 100 million for entities.
  • Cash transaction reporting threshold: AED 55,000 for real estate and precious metals transactions
  • All reporting entities must register on the goAML platform

What is the Current AML Legal Framework?

The primary legislation governing AML in the UAE is Federal Decree-Law No. 10 of 2025 Concerning Combating Money Laundering, the Financing of Terrorism (CFT), and the Financing of Proliferation, which came into effect on 14 October 2025. This law repeals and replaces Federal Decree-Law No. 20 of 2018.

Cabinet Resolution No. 134 of 2025 provides implementing regulations and operational details, effective from 14 December 2025. This resolution replaced Cabinet Decision No. 10 of 2019 and offers guidance on compliance procedures, Customer Due Diligence (CDD) requirements, and reporting obligations.

Supporting regulations include Federal Law No. 7 of 2014 Combating Terrorism Crimes, Cabinet Decision No. 74 of 2020 on terrorism lists regulation, and Cabinet Decision No. 109 of 2023 on beneficial owner procedures.

Who Must Comply with Uae AML Laws?

The scope of UAE AML laws extends across three primary categories: financial institutions, DNFBPs, and VASPs.

Financial Institutions: This classification encompasses banks, insurance companies, money exchange houses, and entities involved in lending, money transfers, or investment management. The definition captures activities such as accepting deposits, issuing payment instruments, providing financial guarantees, underwriting life insurance, financial leasing, safekeeping and administration of cash or securities, participation in securities issuance, and currency exchange operations.

Designated Non-Financial Businesses and Professions (DNFBPs): This category includes real estate agents and brokers conducting transactions for clients, dealers in precious metals and stones, lawyers and notaries preparing or conducting financial transactions, independent accountants performing similar functions, company and trust service providers, and commercial gaming operators.

For lawyers and accountants, AML obligations are triggered when engaging in specific transactions: purchase and sale of real estate on behalf of clients, management of client funds, management of bank or securities accounts, organizing contributions for company formation or management, and creation or operation of legal persons or legal arrangements.

The December 2025 implementing regulations introduced a significant expansion by explicitly including operators of commercial games as DNFBPs. This addition brings gaming facilities and online gaming platforms under full AML supervision.

Virtual Asset Service Providers (VASPs): VASPs face comprehensive AML requirements when undertaking activities including exchange between virtual assets and traditional currencies, exchange between different types of virtual assets, transfer of virtual assets, safekeeping or administration of virtual assets, and providing financial services related to virtual asset offerings.

VASPs must implement the travel rule, requiring collection and transmission of originator and beneficiary information for all transfers. VASPs operating in Dubai fall under the supervision of the Virtual Assets Regulatory Authority. Those operating elsewhere in the UAE, excluding financial free zones, are supervised by the Capital Market Authority. The Dubai International Financial Centre (DIFC) and Abu Dhabi Global Market (ADGM) maintain their own regulatory frameworks while aligning with federal requirements.

What are the Core Compliance Obligations?

Customer Due Diligence (CDD): Regulated entities must verify customer identities using reliable documentation and identify beneficial owners (natural persons owning or controlling at least 25 percent of shares or voting rights).

Enhanced Due Diligence (EDD) applies to Politically Exposed Persons (PEPs), individuals from high-risk jurisdictions, or high-risk relationships. This requires additional documentation, understanding source of wealth, more frequent reviews, or senior management approval. Simplified due diligence may apply in low-risk scenarios with thorough documentation.

Ongoing Monitoring and Screening: Entities must maintain ongoing monitoring to detect unusual patterns and screen all customers and transactions against sanctions lists, including UAE, UN, EU, and other relevant jurisdictions. Systems must identify matches and freeze assets immediately.

Record Keeping: Records of all transactions and CDD must be maintained for at least five years from transaction completion or relationship end. Records must include all CDD documentation, transaction records, filed reports, and risk assessment documentation, readily retrievable for authorities.

Organizational Requirements: Entities must appoint a compliance officer responsible for overseeing the AML program, staff training, authority relationships, and report filing. Staff training must be regular, comprehensive, and role-specific. Annual independent audits of AML programs are mandatory for most entities.

What is a Risk Assessment?

The UAE AML framework is risk-based, requiring controls proportionate to money laundering and CFT risks.

Entities must conduct enterprise-wide risk assessments considering customer risk factors, product and service risks, delivery channels, and geographical risks. The current framework requires assessing proliferation financing risk, examining whether products, services, customers, or jurisdictions might be exploited to finance weapons of mass destruction.

Real estate transactions, particularly high-value or cash purchases, present significant money laundering risks. Real estate firms must scrutinize high-value deals, verify beneficial ownership, and report cash transactions exceeding AED 55,000. Precious metals dealers face the same threshold. Lawyers and accountants facilitating covered transactions must implement rigorous controls. Many businesses seek guidance from the best corporate Lawyers in UAE to structure compliant risk assessment frameworks and ensure their AML controls align with evolving regulatory expectations.

What are the Reporting Requirements?

Suspicious Transaction Reports (STRs): When an entity knows, suspects, or has reasonable grounds to suspect that funds are proceeds of crime or relate to money laundering or CFT, it must file an STR with the Financial Intelligence Unit (FIU) through the goAML platform, regardless of transaction amount. This includes attempted transactions.

The law prohibits tipping off; once an STR is filed or suspicion formed, the business must not inform the customer or others about the report.

Additional Reporting: Real estate firms and lawyers must report transactions where property value is settled in cash or virtual assets above AED 55,000. VASPs must report all suspicious activities involving virtual assets and implement additional monitoring for high-risk patterns. Gaming operators must report transactions exceeding AED 11,000.

What are the Penalties for Non-Compliance?

Administrative Penalties

Penalties range from AED 10,000 for minor infractions to AED 5 million per violation for serious breaches, considering deliberateness, repeat violations, and cooperation. Regulators may also suspend licenses, restrict activities, or require corrective action plans.

Criminal Liability

Individuals face imprisonment of 1 to 10 years and fines from AED 100,000 to AED 5 million (or the value of the funds, whichever is higher). For aggravated offenses, fines can reach AED 10 million. Corporate entities may face fines up to AED 100 million, with possible license suspension or dissolution. Managers and directors can be held personally liable if aware of breaches or negligent.

Reputational and Operational Impact

Enforcement actions are published, damaging reputations. Loss of correspondent banking relationships can fundamentally disrupt operations, as international banks increasingly scrutinize AML controls.

Key Takeaways

UAE AML laws extend far beyond traditional financial institutions to include real estate agents, dealers in precious metals and stones, lawyers, accountants, trust service providers, gaming operators, and VASPs. Understanding whether these laws apply to your business requires careful examination of specific activities.

Core compliance obligations include conducting CDD to verify customer identities and beneficial owners, implementing ongoing monitoring and sanctions screening, maintaining records for at least five years, appointing a compliance officer, providing regular staff training, and filing STRs promptly through the goAML platform.

Practical steps for businesses include conducting a comprehensive risk assessment to determine whether any activities trigger AML obligations, implementing appropriate controls proportionate to identified risks, registering with the goAML platform if subject to reporting requirements, appointing a qualified compliance officer with adequate authority and resources, and seeking expert guidance when needed through experienced legal advisors, compliance consultants, or technology providers.

Authors: Shantanu Mukherjee, Alan Baiju

Other Posts

Our Clients

Spektar
Engrail
UltraHuma
WSA
Kelix
Karkinos
Trampoline-1
Power
temple
Konfer-1
Xplorazzi
SBS-1

Awards & Recognitions

Add Your Heading Text Here
Add Your Heading Text Here
Add Your Heading Text Here
Add Your Heading Text Here
Add Your Heading Text Here

Testimonials

My relationship with Ronin Legal and Shantanu has advanced exponentially in a very positive direction in a very short time. The Ronin team is zealous in their partnership with us to advance the mission of our small start-up to become a world leader in neuroscience development. Ronin has taken the lead with review of our legal and technical documents and contracts. They are subject matter experts in general counsel services across our global environment. It is a pleasure to work with a team that is pragmatic and responsive in all circumstances. They are second to none.

Janet Flisak

Executive Director, Clinical Development, Engrail Therapeutics

Shantanu and the team at Ronin have been invaluable partners for our investment firm’s expansion into co-development of specialty pharmaceutical drugs. As we made the transition from more traditional VC investing to direct drug development collaborations, the team at Ronin have utilized their deep domain expertise in cross border pharma to help us set up an effective and compliant structure for our project. I would highly recommend Ronin to any organization in the life sciences space that is looking for legal partners with in depth understanding of the various nuances of this dynamic sector.

Zarvaan Merchant

Managing Director, Spektar Therapeutics

I’ve been very happy with Ronin’s ability to ramp resources up or down depending on what we require in a particular week or month. In addition, the ability to connect with multiple lawyers across jurisdictions quickly (US, UK, UAE, Singapore), help us to assess international law firms and then work with them to get the best legal advice is very appreciated.

Bhuvan Srinivasan

Chief Business Officer, Ultrahuman

Shantanu and the Ronin team have been very pragmatic and responsive business partners, working with Konfer – an agentic genAI product for confident continuous compliance to Regulations. They analysed the state of AI regulation in various countries, and reviewed the EU AI Act and other relevant AI legislation offerings of our product. The team’s ability to align complex legal information to product offerings has been invaluable to us. Ronin Legal has negotiated our business contracts for partnerships. They’re solution-oriented and cost-effective, and I would highly recommend Ronin Legal to startups and tech companies everywhere, and especially those building AI powered businesses.

Debu Chatterjee

CEO, Founder, Konfer.AI.

I have worked with the Shantanu, and his team, for a number of years during which time his insight and acumen have helped us greatly in the negotiation of a number of pharmaceutical licensing agreements and in the formation of new subsidiaries. I thoroughly recommend Ronin Legal to anyone seeking advice and guidance in pharmaceutical deal making.

Damon Smith

Chairman, Altus Group of Companies

Shantanu and team Ronin were meticulous, detailed, persevering and most importantly batting entirely for our side through our seed round fundraise and beyond. They were always approachable, available and balancing principle with pragmatism. I would highly recommend the team for any startup related legal matter.

Abhik Ghosh

Founder, 26 Décor

First of all, of behalf of SIIX Corporation, we wish to congratulate you & team on the launch of your new website!

 

We are very happy to be engaged with you & your professional team on our business venture in India and on establishing our JV initiatives. With your expertise, integrity, and commitment to providing trusted legal guidance, we truly believe to achieve our goals and successfully complete our JV partnership and, to expand our business in India with your support.

Shanmugam Gurusamy

Managing Director, SiiX India Private Limited

Ronin Legal has become an integral part of our deal process. Their solution-oriented mindset, combined with consistently high-quality work and exceptional responsiveness, makes contract negotiations smoother and more efficient. They truly understand our business needs

Dr. Madeha Khan

Working with Shantanu and Ronin Legal has been truly transformative for my startup. From our very first meeting, Shantanu stood out with his approachable manner and deep commitment to understanding my business. He consistently showed genuine interest and empathy, always providing clear, practical advice that’s perfectly tailored to our needs.

 

What truly sets Shantanu and Ronin Legal apart is their unique blend of legal expertise and a true partnership mindset. They deeply understands the challenges of building a startup, cutting through jargon to give advice that’s actually useful and helping us avoid costly mistakes without any pressure. It feels less like a traditional client relationship and more like having a dedicated co-pilot invested in our journey. They have become an invaluable ally, that we trust and depend on.

Tani Tasopoulou

Founder & CEO, OrgDesignWays Consulting

I cannot speak highly enough about the exceptional service provided by Ronin Legal. Their team made what could’ve been a complicated and stressful IP process feel smooth and manageable. From the outset, their team demonstrated a deep understanding of intellectual property law, offering not only expert legal guidance but also a strategic mindset advising on protection of our brand in various regions. They were responsive, thorough, and truly acted as partners in safeguarding our IP assets. Their attention to detail, clarity in communication, and professionalism gave us complete confidence throughout the process thus far. I wouldn’t trust anyone else with our intellectual property.

Karen Liao

The Wrong Gym

In The Media

MAPPING THE LANDSCAPE — INAUGURAL ISSUE: Private Wealth, Complex Assets & Cross-Border Matters
How the UAE Ensures Your Biometric Data is Protected: A Closer Look
What Biden's Support To TRIPS Waiver Proposal Means For The Fight Against Covid-19 Pandemic
Deep Pockets, Strong Relations: Corporate Hope for COVID Shots
Jab of Indemnity: A Lowdown on Why This Features on Pfizer, Moderna Wish List
Slouching towards oversight - artificial intelligence and the law
Fitness Wearables and the Law Part III: India
E-pharmacies and the law: an uneasy balance
America’s AI Action Plan: A Heady Cocktail of Techno-optimism, Culture Wars and Geopolitics
The Increased Need to Protect Health Data Privacy in a post- Roe World
Oracle, Cerner, and the Quest for Health Care Data
The ADGM’s New Cyber Risk Management Framework: A Closer Look
Fitness Wearables and the Law in EU
How Do We Regulate Chatbots? A Closer Look
How is Biometric Data Protected Under Indian Law?
Is Your Watch FDA Approved? Fitness Wearables and the Law
Cabinet Decision No. 35 of 2025: When Do Foreign Entities Owe UAE Tax?
The Regulation of Telemedicine: A Global Comparative Analysis
View All

Legal updates

Do UAE Anti-Money Laundering Laws Apply to Your Business? Here’s What You Need to Know
February 11, 2026

Do UAE Anti-Money Laundering Laws Apply to Your Business? Here’s What You Need to Know

The FDA’s Updated Approach to Wellness Tech: A Closer Look
February 6, 2026

The FDA’s Updated Approach to Wellness Tech: A Closer Look

UAE Health-tech Platforms: How to Ensure Ongoing Compliance
February 4, 2026

UAE Health-tech Platforms: How to Ensure Ongoing Compliance

View ALL

Stay Updated.

To subscribe to our newsletter, click on the link below

SUBSCRIBE NOW

Copyright © 2025  |  Ronin Legal   |   Website Maintained by LawStrings Management  |  Privacy Policy  |  Cookie Policy  |  Terms of Use

Leave Us A Message

Cookie Consent with Real Cookie Banner