AML Laws for TCSPs in UAE
AML Laws for TCSPs in UAE
Trust and Company Service Providers (TCSPs) play a critical role in facilitating corporate structuring, entity formation, and administrative management within the UAE. Given the nature of these services, particularly their involvement in establishing and maintaining legal entities, TCSPs are categorised as Designated Non-Financial Businesses and Professions (DNFBPs) and are therefore subject to the UAE’s Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT) regulatory framework.
Within this regulatory environment, TCSPs are required to undertake comprehensive customer identification procedures, establish and verify ultimate ownership and control, perform risk assessments, and maintain continuous monitoring of business relationships. The overarching objective is to ensure transparency in corporate structures and to prevent their misuse for illicit financial activities
Definition and Scope of TCSP Activities in the UAE
In the UAE context, a Trust and Company Service Provider (TCSP) refers to any entity engaged in services related to the establishment, administration, or management of legal persons or arrangements. These services extend beyond administrative support and directly influence the structural and operational framework of businesses.
Typical TCSP activities include:
- Formation and registration of companies
- Acting as a director, secretary, or partner on behalf of another individual
- Provision of registered office addresses or business correspondence facilities
- Arrangement of nominee shareholders or directors
- Assistance in the creation or management of trusts or similar legal arrangements
Entities performing such functions fall within the TCSP classification and are required to comply with applicable AML/CFT obligations in the UAE.
Supervisory Authority for TCSPs
The Ministry of Economy serves as the primary supervisory authority for TCSPs in the UAE. It is responsible for overseeing compliance with AML/CFT regulations and ensuring that adequate control mechanisms are implemented within TCSP operations.
Its supervisory functions include:
- Conducting inspections and compliance assessments
- Issuing regulatory guidance and updates
- Monitoring adherence to AML legislative requirements
- Initiating enforcement actions where necessary
TCSPs are expected to maintain robust compliance frameworks, implement risk-based controls, and demonstrate effective application of these measures in practice, rather than relying solely on documented policies
Federal AML, CFT and CPF Legislative Framework
TCSPs operate under a comprehensive federal legislative framework governing Anti-Money Laundering (AML), Counter-Terrorism Financing (CFT), and Counter-Proliferation Financing (CPF) obligations. This framework establishes the legal basis for risk identification, due diligence, transparency, and reporting obligations.
The principal legislative instruments include:
- Federal Decree Law No. (10) of 2025
Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing.
This constitutes the primary AML legislation in the UAE, defining obligations such as customer due diligence, suspicious transaction reporting, record retention, and internal compliance controls. - Cabinet Decision No. (134) of 2025
Regarding the Executive Regulations of Federal Decree by Law No. (10) of 2025 Regarding Anti-Money Laundering, and Combating the Financing of Terrorism and Proliferation Financing.
This decision establishes the operational framework for implementation, including the formalisation of the risk-based approach, enhanced due diligence requirements, and supervisory authority powers.
These instruments collectively define the obligations applicable to all reporting entities, including TCSPs. Requirements include adopting a risk-based approach, conducting customer due diligence, identifying and verifying beneficial ownership, maintaining records, and reporting suspicious activities.
The Executive Regulations further elaborate on implementation requirements, including expectations for enhanced due diligence, ongoing monitoring, internal governance structures, and regulatory engagement. For TCSPs, there is particular emphasis on understanding ownership structures and preventing misuse of legal entities for concealment of control or illicit activities.
AML/CFT/CPF Guidance Applicable to Reporting Entities
In addition to statutory legislation, TCSPs are required to comply with a range of federal guidance documents issued to reporting entities. These documents serve to interpret regulatory expectations, provide practical implementation direction, and address emerging financial crime risks.
Key guidance includes:
- Guidance on Targeted Financial Sanctions issued by the Executive Office for Control and Non-Proliferation (EOCN), outlining requirements for sanctions screening, asset freezing, and compliance with United Nations sanctions obligations
- Proliferation Financing Institutional Risk Assessment Guidance, supporting institutions in identifying and assessing proliferation-related risks
- Terrorist Financing and Proliferation Financing Red Flags Guidance, providing indicators of potentially suspicious behaviour
- Guidance on Counter Proliferation Financing, detailing control measures for mitigating proliferation risks
- Joint Guidance on Combating the Use of Unlicensed Virtual Asset Providers in the UAE, addressing risks associated with unregulated virtual asset activities
- Joint Guidance on Satisfactory and Unsatisfactory Practices, offering clarity on supervisory expectations through practical examples
- Financial Intelligence Unit (FIU) Strategic Analysis Reports, providing insights into typologies, trends, and emerging risks
For TCSPs, these guidance documents are particularly relevant in identifying and managing risks associated with complex structuring, nominee arrangements, and cross-border exposure.
National and Sectoral Risk Assessments and Supporting Circulars
The UAE’s National Risk Assessment (NRA) and Sectoral Risk Assessments (SRA) form a critical component of the country’s AML/CFT/CPF framework. These assessments provide a macro-level understanding of financial crime risks and inform the expectations placed on TCSPs.
Key regulatory instruments include:
- Circular No. (4) of 2025, which requires TCSPs to align their internal risk assessments with the findings of the UAE 2024 National Risk Assessment
- AML/CFT Guidelines for Designated Non-Financial Businesses and Professions – September 2025, which establish baseline compliance standards
- Circular No. (3) of 2025, reinforcing the importance of sanctions and terrorist list screening
- Circular No. (6) of 2025, focusing on the implementation of risk-based customer due diligence measures and referencing the Implementation Guides on CRA and CDD (November 2024)
- Circular No. (7) of 2025, addressing the reimposition of United Nations sanctions related to Iran
- Circular No. (8) of 2025, updating high-risk jurisdictions and requiring corresponding adjustments in due diligence practices
Supporting these requirements are:
- Implementation Guide for DNFBPs on Customer Risk Assessment (CRA) – November 2024
- Implementation Guide for DNFBPs on Customer Due Diligence (CDD) – November 2024
Collectively, these instruments ensure that TCSPs maintain dynamic, risk-responsive compliance frameworks aligned with evolving regulatory priorities and risk landscapes.
National and Sectoral Risk Assessments and Supporting Circulars
In recognition of the unique risks associated with company formation and ownership structuring, TCSPs are subject to additional sector-specific guidance.
Key instruments include:
- Supplemental Guidance for Trust and Company Service Providers – May 2019, which identifies sector-specific risk areas such as complex ownership structures, nominee arrangements, use of intermediaries, and cross-border structuring
- Circular No. (4) of 2021, reinforcing expectations related to compliance controls and due diligence practices
These guidelines require TCSPs to apply enhanced scrutiny in areas including:
- Identification and verification of Ultimate Beneficial Ownership (UBO)
- Monitoring and assessment of nominee arrangements
- Evaluation of jurisdictional and cross-border risks
- Identification of structures designed to obscure ownership or control
Compliance effectiveness in this sector is closely linked to the TCSP’s ability to understand and monitor the structures it creates and administers.
Core AML/CFT/CPF Obligations for TCSPs
Trust and Company Service Providers (TCSPs) are required to establish and maintain a comprehensive, risk-based compliance framework that promotes transparency, accountability, and effective risk management across all client relationships. These obligations are not limited to policy formulation but extend to consistent and demonstrable implementation.
- Business Risk Assessment (BRA)
Develop, document, and periodically update a risk assessment framework that evaluates exposure to money laundering, terrorism financing, and proliferation financing risks based on services, customer profiles, and geographic factors. - Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)
Identify and verify customers and Ultimate Beneficial Owners (UBOs), applying enhanced scrutiny in higher-risk scenarios, including complex ownership structures and high-risk jurisdictions. - Ongoing Monitoring
Maintain continuous oversight of business relationships to ensure that customer activity remains consistent with the established risk profile and to identify any deviations or unusual patterns. - Suspicious Transaction Reporting (STRs)
Promptly report suspicious activities through the goAML platform, including cases involving unclear ownership structures or atypical arrangements. - Targeted Financial Sanctions (TFS) Compliance
Implement robust sanctions screening processes, ensure timely asset freezing where applicable, and comply with all related reporting obligations. - Record Keeping
Maintain accurate, complete, and readily accessible records of due diligence, transactions, and regulatory reports in accordance with prescribed retention requirements. - Governance and Internal Controls
Establish a strong governance framework, including the appointment of a qualified AML Compliance Officer, implementation of internal policies and procedures, and ongoing staff training and oversight mechanisms.
Key Challenges Faced by TCSPs
The nature of TCSP services presents several distinct compliance challenges:
- Difficulty in identifying Ultimate Beneficial Ownership due to complex and multi-layered structures
- Risks associated with nominee arrangements that may obscure control
- Increased exposure to cross-border risks and differing regulatory standards
- Challenges in assessing the genuine purpose of legal structures
- Need for continuously updated and dynamic risk assessments
- Ongoing requirements for sanctions screening and monitoring of high-risk jurisdictions
- Balancing operational efficiency with depth of due diligence
- Heightened regulatory scrutiny on governance and the effectiveness of controls
These challenges highlight the importance of maintaining visibility and transparency within inherently complex environments.
Best Practices for Effective Compliance
To address regulatory expectations, TCSPs should adopt a structured and risk-based approach incorporating the following best practices:
- Ensuring accurate identification and verification of Ultimate Beneficial Owners
- Developing tailored and regularly updated risk assessments
- Applying Enhanced Due Diligence to high-risk relationships
- Maintaining continuous monitoring of ownership, control, and activity
- Implementing robust sanctions screening mechanisms
- Integrating compliance processes into operational workflows
- Maintaining comprehensive and well-documented records
- Establishing strong governance frameworks and oversight mechanisms
- Regularly updating policies to reflect regulatory and risk developments
These practices support consistent and effective risk management while ensuring alignment with regulatory expectations.
Final Remarks
AML compliance for TCSPs in the UAE is fundamentally centred on ensuring transparency within increasingly complex corporate structures. The regulatory framework is designed to preserve accountability, even as business arrangements become more sophisticated and globally interconnected.
For TCSPs, compliance extends beyond facilitating the formation of legal entities. It requires a clear and ongoing understanding of ownership, control, and the purpose of each structure. This necessitates a compliance approach that is risk-based, well-governed, and consistently implemented.
As regulatory expectations continue to evolve, TCSPs that invest in robust controls, informed risk assessments, and practical implementation of guidance will be better positioned to meet supervisory standards and contribute to the integrity of the broader financial ecosystem.
Put an AML Policy in Place That Meets UAE Standards
Custom AML policies and procedures aligned with UAE AML law and supervisory expectations for Real Estate Agent.
Independent AML Review for Real Estate Agents
Obtain an objective assessment of your AML, CFT, and CPF compliance against federal law and supervisory guidance.
Build a Risk-Based AML Program
Implement practical CDD, EDD, and monitoring systems tailored to high-value property transactions and cross-border exposure.
Yes. Real estate agents are formally classified as Designated Non-Financial Businesses and Professions (DNFBPs) under UAE federal AML legislation. This means they are legally required to comply with anti-money laundering (AML), counter-terrorist financing (CFT), and counter-proliferation financing (CPF) obligations comparable in structure to regulated financial institutions, calibrated to sector-specific risk exposure.
A business falls within scope where it conducts real estate activities on behalf of clients. This includes:
Real estate brokerage firms
Property consultants and transaction intermediaries
Leasing and rental agents
Off-plan sales representatives
Firms facilitating high-value or complex property transfers
Classification is determined by the nature of the activity performed, not merely the company title.
Real estate agents operating in mainland UAE and relevant commercial free zones are supervised by the Ministry of Economy and Tourism.
The Ministry conducts inspections, reviews reporting through goAML, issues sector-specific circulars, and applies administrative penalties where non-compliance is identified.
The principal legislation is Federal Decree Law No. 10 of 2025, which establishes enforceable AML, CFT, and CPF obligations for reporting entities, including DNFBPs.
It is supported by Cabinet Resolution No. 134 of 2025 (Executive Regulations), which operationalises compliance requirements such as:
Risk-based approach implementation
Enhanced Due Diligence (EDD) triggers
Transaction monitoring expectations
Supervisory inspection powers
Real estate agents must implement a structured compliance framework including:
A documented Business Risk Assessment (BRA) aligned with national risk findings
Customer Due Diligence (CDD) and beneficial ownership verification
Enhanced Due Diligence for higher-risk customers (e.g., PEPs, high-risk jurisdictions)
Ongoing transaction monitoring
Suspicious Transaction Reporting (STR) through goAML
Targeted Financial Sanctions (TFS) screening
Record retention mechanisms
Appointment of an empowered AML Compliance Officer
Supervisory reviews assess operational effectiveness, not just policy documentation.
Yes. Under Ministry Circular No. 05/2022, firms must submit a Real Estate Activity Report through goAML when qualifying freehold property transactions are settled in cash or virtual assets above prescribed thresholds.
The UAE’s Money Laundering and Terrorist Financing National Risk Assessment (ML/FT NRA) and Proliferation Financing National Risk Assessment (PF NRA) establish the national risk baseline.
Real estate agents must embed these findings into their Business Risk Assessment, sanctions screening controls, and escalation procedures.
Regulators evaluate whether firms demonstrate alignment with national risk exposure — particularly in areas such as:
High-value property transactions
Offshore and layered ownership structures
Foreign investor involvement
Sanctions and proliferation financing exposure
Administrative penalties are governed by Cabinet Resolution No. 71 of 2024, which applies to entities supervised by the Ministry of Economy and the Ministry of Justice.
Sanctions may include financial penalties, regulatory measures, and enhanced supervisory scrutiny depending on the severity and nature of the breach.