goAML Registration for TCSPs in the UAE
A practical two-stage guide for goAML registration for corporate service providers, company formation firms, and nominee service providers.
If you are a Trust and Company Service Provider in the UAE, you are not just selling paperwork. You help clients create and manage corporate vehicles, and sometimes you are asked to make them look cleaner than they really are. This is exactly why regulators treat TCSPs as a DNFBP sector with heightened exposure.
goAML registration for TCSPs in the UAE is the gateway that allows your business to report to the UAE Financial Intelligence Unit using the official system. In day-to-day terms, it means your MLRO can file reports when something does not add up, rather than scrambling when a situation becomes urgent.
This guide explains the TCSP scope at a high level, but the real focus is practical. You will learn what to prepare and how to complete Stage 1 SACM pre registration and Stage 2 goAML organisation registration properly, including the common reasons applications stall and the fixes that usually resolve them.
When is a TCSP obliged to make goAML registration?
TCSPs can be used, even unknowingly, to facilitate misuse of corporate structures, including through roles such as directors, secretaries, trustees, nominee shareholders, or account signatories.
In practical terms, you are in TCSP territory when your services touch any of these:
Company formation and registration services
Provision of nominee directors or nominee shareholders
Company secretarial services and ongoing administration
Registered office or address services that enable corporate presence
Arranging signatories or operational control for company accounts
Managing changes in ownership, control, or governance documentation
This article is written to help corporate service providers across Dubai, Abu Dhabi, Sharjah, and other emirates, including mainland and commercial free zones. If you are licensed in DIFC or ADGM, your supervisory authority differs, but the UAE FIU goAML registration process remains the same.
Conduct an EWRA Tailored for TCSPs
Identify and document ML/TF risks across your trust and corporate services as required by UAE regulators.
Supervisory authority for TCSPs in UAE
Your supervisor approves your goAML registration requests. Selecting the wrong supervisor is one of the easiest ways to lose time.
A practical guide is:
Mainland and many commercial free zone TCSPs are commonly under the Ministry of Economy supervision for DNFBP onboarding routes.
DIFC firms are supervised by DFSA.
ADGM firms are supervised by FSRA.
The key point is not the label. The key point is this. You must select the supervisory body that matches your licence when you begin the registration journey.
Two-Stage goAML Registration for TCSPs
goAML onboarding is a two-stage process:
Stage 1 is SACM pre-registration, where you secure credentials and set up Google Authenticator.
Stage 2 is registration on the goAML portal, where you register the organisation and the compliance officer details.
Pre-Requisites for goAML Registration for TCSPs
Do this once and you will move faster in both stages.
A. Choose the right person to register
For goAML registration for TCSPs in the UAE, the registering person should usually be the MLRO or Compliance Officer. That is the individual who will be accountable for reporting decisions.
In TCSP firms, the risk of handing this to a general admin is not theoretical. It becomes a real governance problem later, because access and authenticator control often end up with the wrong person.
B. Prepare a single merged PDF attachment
The Ministry of Economy & Tourism’s goAML registration guide is clear that the system allows only one attachment and that the scanned documents should be merged into a single PDF, with a maximum size of 5MB.
For most TCSPs, the minimum pack includes:
Valid trade licence
Authorisation letter appointing the MLRO or Compliance Officer
Emirates ID and passport of the MLRO or Compliance Officer
The UAE FIU pre-registration guide also references the scanned PDF copy of the authorisation letter and valid Emirates ID as part of pre-registration readiness.
C. Confirm your contact details
The UAE FIU pre-registration guide expects a valid operational email and a valid operational UAE mobile number for the individual registering, because OTP and verification steps rely on them.
Step-by-Step goAML Registration Process for TCSPs
Stage 1: SACM pre-registration for TCSPs
Stage 1 is where you register in SACM, secure the secret code or secret key, and set up Google Authenticator access.
The UAE FIU pre-registration guide describes the Stage 1 flow as:
Expression of intent and email verification
Supervisory body approval or rejection
Securing the secret code using email and mobile OTP, if approved
Step 1.1: Start the SACM registration and select the correct registration type
Use the SACM registration route and complete the required fields. Select registration type as “Reporting Entity” for FIs, VASPs, and DNFBPs.
Step 1.2: Enter organisation details exactly as per your licence
The UAE FIU guide explicitly instructs that the organisation name should be keyed in as per the licence document and that the trade licence number should be used in the licence or ID number field.
For TCSPs, this matters because many firms trade under a brand name while the licence shows a different legal name. The system wants the legal name.
Step 1.3: Enter the compliance officer details with care
The UAE FIU guide lists the personal details needed, including Emirates ID, a valid email, and a valid operational UAE mobile number.
A practical TCSP tip is to use the MLRO email address, not a shared mailbox. goAML registration becomes difficult to manage when access is tied to a shared inbox.
Step 1.4: Upload the merged PDF, then submit
Upload your merged PDF. Keep it clean and readable. Most registration delays are caused by incomplete evidence packs or unreadable scans.
Step 1.5: Verify your email immediately
Email verification is part of the process itself. The FIU guide describes intent verification by clicking the link sent by email.
Do it in the same sitting. Do not leave it for later.
Step 1.6: Wait for supervisory body review
Your supervisory body approves or rejects the confirmed intent.
If rejected, fix the stated reason and resubmit. For TCSPs, the most common reasons are wrong supervisory selection, a mismatch between licence details and the form, and missing or weak authorisation evidence.
Step 1.7: Secure your secret key and set up Google Authenticator
If approved, you secure the secret key using the OTP propagated using email and mobile.
The Ministry of Economy guide confirms that once you receive the username and secret key, you must register Google Authenticator. The app generates a six-digit code required each time goAML is used, and this step is mandatory to proceed further.
It also notes that OTP is valid for 24 hours and provides a process to request a resend if it has expired.
Stage 1 success test
Stage 1 is complete when your MLRO can generate a valid Google Authenticator code and access the goAML portal entry route.
Train TCSP Staff on AML and CFT Responsibilities
Practical AML training for directors, compliance teams, and client-facing staff handling high-risk structures.
Stage 2: goAML registration for TCSPs
Stage 2 is the actual organisation registration on goAML, where you register the entity profile and the compliance officer details.
The Ministry of Economy guide describes Stage 2 as entity registration on goAML and instructs you to log in using the SACM user ID as the username and the Google Authenticator code as the password, then select “Register New Organisation”.
One needs to log in to the goAML platform using the username received from the SACM email address and the six-digit Google Authenticator passcode, which changes every 30 seconds.
Step 2.1: Log in to goAML with your Stage 1 credentials
Use:
Username from SACM
Google Authenticator six digit code as the password for the initial pop up login
If the code fails repeatedly, check the phone time setting and ensure the authenticator is set up correctly.
Step 2.2: Select “Register New Organisation”
The Ministry of Economy guide instructs you to select “Register New Organisation” after logging in.
Step 2.3: Complete the registration form fully
Incomplete or missing information may result in rejection.
For a TCSP, pay extra attention to:
Legal entity name and licence number accuracy
Entity address and contact details
Supervisory authority selection
Business activity description that reflects TCSP services in plain English
A good TCSP activity description is simple and factual, for example:
Company formation and corporate services
Corporate secretarial and registered office services
Nominee and administration support where applicable
This keeps the page sector specific without stuffing the same keywords repeatedly.
Step 2.4: Provide compliance officer details
The registering person is usually the MLRO or Compliance Officer. Ensure identity details match the documents.
Step 2.5: Upload the same merged PDF again, then submit
Keep the trade licence, MLRO or CO ID, and authorisation letter available as the same file uploaded for SACM.
Submit and record your reference number if the system provides one.
Step 2.6: Complete the goAML login setup
After the initial pop up login, you reach the goAML homepage, then click login, then type in the username and password you created at the time of registering on goAML.
This means Stage 2 is not only about registering the organisation. It also includes setting up usable access for ongoing logins.
Stage 2 success test
Stage 2 is complete when your organisation is approved, and you can log in normally and see the goAML environment ready for reporting.
Typical timeline and what delays TCSPs
| Where delays occur | What usually causes it | How to avoid it |
|---|---|---|
| Pickup | ||
| Stage 1 | Wrong supervisory body, email not verified, weak authorisation letter | Map supervisor first, verify email immediately, use a clear MLRO appointment letter |
| Stage 2 | Incomplete entity details, mismatched licence information | Copy legal name and licence number exactly, complete every required field |
TCSP specific readiness after goAML registration
goAML access is not the finish line. For TCSPs, you should set up a small operating model immediately:
A clear escalation route from front-line staff to MLRO
A UBO capture and verification approach
A control to flag changes in ownership, nominee requests, and unusual structuring instructions
A simple record-keeping approach so you can evidence decisions
TCSPs are often approached for arrangements that conceal beneficial ownership or create layers. That risk theme is reflected in TCSP guidance and typology discussions globally and locally.
FAQs for goAML registration for TCSPs in the UAE
Yes. Stage 1 is SACM pre-registration and secret key setup, then Stage 2 is organisation registration on goAML.
Use the correct supervisory authority, match the trade licence details exactly, upload a single merged PDF, and verify your email immediately.
Yes. The Ministry of Economy guide states that the authenticator generates a six digit code required each time goAML is used and that it is mandatory to proceed to Stage 2.
The UAE FIU FAQ explains that you use the SACM username and the Google Authenticator code for the pop-up login, then proceed through the goAML homepage login steps.
Simplify AML Compliance for Your TCSP
From goAML registration to ongoing AML support, we help TCSPs stay compliant, audit-ready, and regulator-confident.