Sanctions Compliance Best Practices for DNFBPs and VASPs

Targeted Financial Sanctions Compliance for DNFBPS and VASPs

The United Arab Emirates is a member nation of the United Nations, and therefore, it is required to implement the United Nations Security Council Resolutions (UNSCRs) regarding sanctions to curtail Money Laundering (ML), Financing of Terrorism (FT), and Proliferation Financing (PF) crimes. The UAE government enacted Cabinet Decision No. 74 of 2020 Concerning the UAE List of Terrorists and the Implementation of UN Security Council Decisions Relating to Preventing and Countering Financing Terrorism and Leveraging Non-Proliferation of Weapons of Mass Destruction, and the Relevant Resolutions to be implemented along with the following:

• UAE Federal Decree-Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and the Financing of Illegal Organisations
• Cabinet Decision No. 10 of 2019 On the Implementing Regulation of Federal Decree-Law No. 20/2018 on Anti-Money Laundering and Combating the Financing of Terrorism and the Financing of Illegal Organisations

Cabinet Decision No. 74 of 2020 provides for DNFBPs and VASPs operating in the UAE to implement Targeted Financial Sanctions by subscribing to the required sanctions lists issued by the UNSC containing names of individuals, groups, or entities to combat the ML/FT and PF risk effectively.

Who is the target of these measures?

These laws and regulations aim to disrupt the capital flow in the fields of terrorism, proliferation of weapons of mass destruction, human rights violations, and other threats to national or international peace and security.

Targeted Financial Sanctions mean freezing and prohibiting funds or assets against certain individuals, groups, or undertakings mentioned in the sanctioned lists that can potentially be involved in money laundering, terrorist financing, political conflicts, and nuclear proliferation. It ensures that funds, financial assets, or economic resources are not available to the sanctioned persons.

What is a sanction list?

A sanctions list is an official publication issued by the regulatory authority of any country or group of countries. The sanctions list contains names of criminals who are involved in criminal activities. These sanctions lists include sanctions issued by the following:

• The UAE
• The United Nations Security Council
• The European Union
• The H. M. Treasury of the United Kingdom
• The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury
• Any other relevant governmental, any relevant inter-governmental or similar authorities

Targeted Financial Sanctions is a measure against terrorism funding groups around the world.

DNFBPs and VASPs can identify sanctioned individuals, groups, or entities by conducting name screening across the sanctions lists, often known as sanctions screening, which is conducted during the customer onboarding process as a part of customer due diligence (CDD) compliance and on an ongoing basis.

The Role of UAE Executive Office for Control and Non-Proliferation (EOCN) in Ensuring TFS Implementation

The United Arab Emirates Executive Office for Control and Non-Proliferation (EOCN) plays a significant role in ensuring that Targeted Financial Sanctions (TFS) are properly and completely implemented in the country. The EOCN, in collaboration with the Ministry of Foreign Affairs and International Cooperation (MoFAIC) and other government agencies, ensures the application of the resolutions and requirements of the United Nations Security Council (UNSC) and other relevant international and regional organisations. Here are some of the key functions performed by EOCN:

• Issuing Guidance: The EOCN provides guidance to various financial institutions and relevant businesses regarding the execution of TFS. To further this task, it issues directions on screening individuals and entities against sanction lists and transactions with designated parties.
• Grievance Redressal: The EOCN is responsible for entertaining grievances from individuals or entities who believe that their name has been mistakenly placed on a sanction list, either by the UN or the UAE’s Local Terrorist List.
• Coordination and Supervision: EOCN coordinates with all competent stakeholders to supervise the application of targeted financial sanctions relating to the terrorist list system. It also ensures the implementation of Security Council resolutions on the prevention and suppression of terrorism, its financing, the cessation of arms proliferation and financing, and other relevant resolutions.

Mandatory Sanctions Compliance by DNFBPs and VASPs

The DNFBPs and VASPs operating in the UAE are required to

• Register: The DNFBPs and VASPs operating in the UAE must register on the EOCN website to receive automated updates on sanctions to the sanctions lists.
• Screen: The DNFBPs and VASPs must carry out screening of existing and prospective customers. Screening is the process by which DNFBPs and VASPs can either manually verify names or, through the use of software, find out whether the prospective or existing customer’s name is appearing in any of the sanctions lists.
• Apply TFS Measures:
  • Freeze: As soon as DNFBPs and VASPs find a name match, where not only the name but entire identity details, information, and profile of their existing/prospective customer match with the name contained in the Local Terrorist List or UN Consolidated List is identified, the next step is to freeze all funds or assets without delay (immediately or in any case within 24 hours) without prior notice to the designated individual, entity, or group.
  • Prohibit: The DNFBPs and VASPs must ensure that no funds or services are provided to any of the persons associated with individuals or entities to whom freezing measures are applied.
• Report: Once the funds have been frozen, this information must be reported through the goAML platform. For persons other than DNFBPs or VASPs, reporting should be made via an email to the Executive Office.

If DNFBPs or VASPs fail to abide by the sanctions discussed above, they can be subjected to severe penalties, including fines, prosecution, and license suspension.

Timing of Conducting Sanctions Screening

DNFBPs and VASPs are duty-bound to identify, evaluate, and manage the potential risks attached to those individuals or entities on international sanction lists. Sanction screening is crucial in ML/FT and PF risk management and mitigation. The primary purpose of sanction screening is to stop transactions with high-risk entities and individuals, failure of which can attract legal penalties, financial loss, and reputational damage.

Sanctions Screening or Name Screening must be conducted prior to onboarding any new customer, supplier, or business partner to identify if the name of such a person/entity appears in any of the sanctions lists.

DNFBPs and VASPs should be mindful that sanctions screening is not just a one-time exercise. The sanctions screening of customers must be carried out on an ongoing basis throughout the duration of the business relationship. In simple words, the process of name screening must be carried out before establishing a business relationship as well as during the entire customer lifecycle on a real-time basis to ensure that any updates in sanctions lists are not missed during the screening process.

TFS Survey Conducted by EOCN

EOCN conducts a periodic survey to evaluate and collect statistics to the extent of TFS compliance, including screening, freezing, and reporting by DNFBPs and VASPs. This survey collects crucial information, including how many DNFBPs and VASPs understand TFS obligations, policies, and procedures and what measures they undertake to overcome challenges faced during the implementation and compliance of these policies and procedures.

Actions to Take in Case of a Full Match

When DNFBPs and VASPs find a full match during a targeted financial sanctions (TFS) screening, they move forward towards the strict course of action, which includes:

1. Asset freezing without delay
2. Reporting to authorities within 24 hours
3. Record-keeping, which will be required by the authorities for compliance purposes.

Actions to Take in Case of a Partial Match

In case of a partial match, DNFBPs and VASPs must suspend the business relationship within 24 hours and exercise enhanced due diligence to find the integrity of the result. For this purpose, they will gather and verify additional information, escalate and investigate if required, and keep a record of all relevant information. If the partial match gets fully matched, assets will be frozen, and prohibition will be put on transactions. In case of a Partial Match, DNFBPs and VASPs are required to submit a Partial Name Match Report (PNMR) to the FIU via the goAML portal.

The Role of Name Screening Software in TFS Compliance

Name Screening Software plays an important role in TFS compliance. It helps reduce dependence on the human manual task of cross-verifying the name and profile of the customer across the sanctions lists that usually contain thousands of names.

Name screening software also mitigates against the pitfalls involved in manual name screening carried out by humans, such as false matches, missing out on identifying true matches due to differences in script names such as Cyrillic or Arabic, and inaccurate findings of screening exercises due to the element of human error.

Relying on name screening software enhances accuracy and efficiency by keeping track of customer databases to identify any possible match with names on the sanction list issued by the UN or in the UAE Local Terrorist List.

Best Practices for Sanctions Compliance

1.Defining Sanctions Compliance Policies and Procedures

Ideally, the DNFBPs and VASPs are required to have adequate and appropriate anti-money laundering (AML) compliance policies, procedures, and controls in place to ensure compliance with their regulatory obligations. These policies, procedures, and controls must provide for and define the sanctions compliance methodology adopted by the business, the screening software tool used, the manual screening method and workflow adopted, sanctions compliance record-keeping, frequency of ongoing monitoring, and so on.

2.Implementing Sanctions Screening Software

DNFBPs and VASPs are recommended to rely on sanctions screening software instead of carrying out a manual sanctions screening process to rule out the errors and pitfalls of manual sanctions screening. DNFBPs and VASPs must shortlist software available from various vendors, test out a couple of sanctions software and finalise the software that is most suitable for its use in meeting sanctions compliance requirements.

3.Freezing Funds and Putting Transactions on Hold

As a part of FFR and PNMR requirements, DNFBPs and VASPs must remain mindful of freezing funds and/or suspending business relationships with prospects or customers upon whose screening they have filed FFR and PNMR on the goAML portal. Freezing funds and putting transactions on hold will ensure that a potentially risky person does not get the opportunity to use DNFBP or VASP business as a conduit for carrying out ML/FT or PF activity.

4.Sanctions Compliance Training for Staff

DNFBPs and VASPs must ensure that their staff is adequately trained about applicable sanctions compliance requirements and are sufficiently equipped with the know-how of conducting, archiving, and taking actions such as screening, PNMR, and FFR filing pertaining to sanctions screening process in accordance with the businesses sanctions compliance and AML/CFT policies, procedures, systems, and controls.

5.FFR Submission on the goAML Portal

To ensure compliance with the TFS requirements, DNFBPs and VASPs must have a mechanism in place to submit a Funds Freeze Report (FFR) to report the freezing measure taken to prevent serving or channelling funds for a person or entity whose name and profile match with that in any of the relevant sanctions lists. The DNFBPs and VASPs must also ensure that FFR is submitted on the goAML portal without any delay.

6.PNMR Submission on the goAML Portal

DNFBPs and VASPs must have a practice in place to submit a Partial Name Match Report (PNMR) to report the partial or potential name matches on the goAML portal immediately whenever, during sanctions screening, they come across a name in the sanctions list that matches partially with that of their customer. The DNFBPs and VASPs must also ensure that PNMR is submitted on the goAML portal without any delay.

Conclusion

Sanctions Compliance is a critical but important practice for DNFBPs and VASPs. It ensures that international standards on Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) and Proliferation (CPF) are adhered to and Targeted Financial Sanctions (TFS) relating to the prevention and suppression of terrorism, terrorism financing, and proliferation financing are complied with.

Name screening software like RapidAML can help entities overcome challenges associated with sanctions screening and remain in compliance with legal obligations.