[ad_1]
Will assist financial institutions to understand risks and effectively meet their statutory obligations
file photo
The Central Bank of the United Arab Emirates (CBUAE) includes banks, financial companies, exchanges and insurance companies, agents and brokers.
Effective immediately, the guidance will help financial institutions understand the risks and effectively meet their statutory AML/CFT obligations, taking into account the standards of the Financial Action Task Force (FATF).
The guidelines require LFIs to demonstrate compliance with the relevant CBUAE notifications.
The guidance discusses the use of digital identity systems by LFIs to meet their customer due diligence (CDD) obligations. It focuses on the digital ID mechanisms that LFIs should employ to continuously perform customer due diligence in relation to natural persons.
The guidance specifically discusses the identification, registration and authentication mechanisms associated with LFI’s use of the digital ID system. LFIs also need to leverage technology best practices, adequate governance, and clearly defined policies and procedures.
In addition, LFIs should conduct ongoing CDD and transaction monitoring utilizing authentication-generated data (e.g. IP addresses) to detect suspicious clients in, to, from, or from sanctioned and high-risk jurisdictions conduct and/or transactions. LFIs are permitted to rely on third party customer identification and verification on onboarding, provided:
- LFI obtains all relevant information from third parties
- Take steps to ensure that third parties will provide copies of customer documents and information for use in CDD
- Measures are taken to ensure compliance by third parties with the CDD and record keeping requirements set out in Cabinet Decision No. (10) of 2019 on the Implementation Rules for the Anti-Money Laundering Act No. (20) of 2018 to Combat the Financing of Terrorism and Illegal Organizations.
LFIs should take appropriate steps to address the inherent technical and security challenges posed by digital identity systems. Given the increasing sophistication and severity of cyber breaches, LFIs should implement and enforce necessary safeguards to reduce identification and registration risks, including cyber attacks, security breaches and the use of stolen, forged or synthetic ID details.
LFIs shall conduct an adequate assurance level and suitability assessment of the digital ID system they select. They should also implement and enforce adequate assurance protocols regarding the accuracy of digital identity systems and have direct access to assurance reviews or access to audit or assurance certification details from expert bodies.
Khaled Mohamed Balama, Governor of CBUAE, said: “The central bank is working closely with licensed financial institutions to ensure that they fully comply with and understand the guidance we issue on a regular basis. money laundering and countering terrorist financing framework and will mitigate potential risks to protect the UAE’s financial system.”
Also read:
[ad_2]
Source link