How to Write AML Procedures Manual

Introduction

An AML Procedures Manual is the backbone of an organization’s compliance framework. It documents the systems, controls, and responsibilities required to prevent money laundering and terrorist financing. In the UAE, drafting a strong AML manual is not only a regulatory requirement under Federal Decree-Law No. 20 of 2018 and Cabinet Decision No. 10 of 2019, but also a practical necessity to safeguard business reputation and banking relationships.

________________________________________

1. Understand the Regulatory Framework

Before drafting, you must align the manual with:

• UAE AML/CFT Laws (Federal Decree-Law No. 20 of 2018).

• Cabinet Decisions (e.g., No. 10 of 2019 on AML/CFT and No. 58 of 2020 on UBO).

• Sectoral Guidelines: From the UAE Central Bank, Ministry of Economy, DFSA, or FSRA (depending on your regulator).

• FATF Recommendations, ensuring compliance with global AML standards.

________________________________________

2. Define the Purpose and Scope

Start the manual with:

• Purpose: Why the AML framework exists (compliance, integrity, risk mitigation).

• Scope: Which entities, branches, and staff it covers.

• Applicability: Whether it applies to all business lines (trading, real estate, advisory, etc.).

________________________________________

3. Set Out Risk Assessment Methodology

The manual should explain how the company identifies, measures, and mitigates risks:

• Entity-Wide Risk Assessment (EWRA).

• Risk categories: customers, geographies, products/services, and delivery channels.

• Process for updating the risk assessment annually or when business changes.

________________________________________

4. Document Customer Due Diligence (CDD) Procedures

Detail the step-by-step onboarding and verification process:

• Identification and verification requirements (ID, license, UBO).

• Simplified, Standard, and Enhanced Due Diligence (when each applies).

• Ongoing due diligence: how often files are reviewed.

• EDD: Enhanced steps for PEPs, high-risk jurisdictions, and complex ownership structures.

________________________________________

5. Explain Ongoing Monitoring

Your AML manual should clarify how the business monitors customer activities:

• Transaction monitoring rules (e.g., thresholds, red flags).

• Sanctions and PEP screening frequency and tools used.

• Periodic file reviews by risk category.

________________________________________

6. Reporting Obligations

Describe the escalation and reporting workflow:

• Suspicious Transaction Reports (STRs) filing via the goAML portal.

• Timelines for internal reporting to the MLRO.

• Confidentiality requirements (tipping-off prohibition).

________________________________________

7. Roles and Responsibilities

Outline governance clearly:

• Board of Directors: ultimate responsibility for compliance.

• Senior Management: approving policies and allocating resources.

• MLRO (Money Laundering Reporting Officer): central point for AML reporting and regulator liaison.

• Deputy MLRO: backup support.

• Staff: frontline monitoring and reporting obligations.

________________________________________

8. Training and Awareness

Include provisions for:

• Annual AML training for all staff.

• Specialized training for compliance, onboarding, and high-risk functions.

• Record keeping of training sessions and attendance.

________________________________________

9. Record-Keeping Requirements

The manual should specify:

• Retention period (minimum 5 years in UAE).

• Documents stored: KYC records, STRs, transaction data, training logs.

• Secure storage: physical and digital.

________________________________________

10. Independent Audit and Review

Your manual must require periodic independent reviews of AML controls. This ensures:

• Weaknesses are identified.

• Corrective actions are documented and tracked.

• Senior management oversight is reinforced.

________________________________________

11. Appendices and Templates

Support staff with practical tools:

• KYC forms and checklists.

• STR/SAR reporting templates.

• Sample risk matrix.

• AML training calendar.

________________________________________

Best Practices

• Write the manual in clear, professional language.

• Keep it tailored to your business model (avoid copy-paste).

• Update it annually, or when laws/regulations change.

• Ensure all employees can access and are trained on the manual.

________________________________________

Conclusion

A well-drafted AML Procedures Manual is more than a regulatory requirement — it is a roadmap for compliance and governance. It empowers staff to identify risks, report suspicious activities, and protect the business from regulatory penalties and reputational harm.

________________________________________

About Sheikh Anwar Accounting & Auditing LLC

We help UAE businesses design, document, and implement effective AML frameworks. From drafting customized AML Procedures Manuals to offering outsourced MLRO services, we ensure your compliance program is robust and regulator-ready.

📍 Address: Sheikh Anwar Accounting & Auditing LLC, Office M-35, Dubai Creek Tower, Dubai, UAE

🌐 Website: www.sa-auditors.com

📧 Email: info@sa-auditors.com