Every DFSA-regulated firm is required to submit its Annual AML Return in line with AML Rule 14.5.1. The Return provides regulators with an overview of a firm’s AML framework, customer activity, and control effectiveness. Below is a concise summary of the main points from the 2025 FAQ.
Submission Requirements
- Who must file: All authorised firms, including those recently licensed or with minimal activity, must submit the Return.
- Deadline: Usually due 30 September each year, with the Return available at least two months prior.
- Responsibility: Firms must not rely on reminders; it is the MLRO’s duty to ensure timely submission.
Data & Reporting
- Reference date: Data should be reported as of 31 July of the reporting year.
- Scope: Applies to branches, subsidiaries, and stand-alone entities, regardless of jurisdiction.
- Accuracy: Responses should be concise, accurate, and aligned strictly to the questions asked.
Key Clarifications
- Firms must confirm business relationships with financial institutions and DNFBPs in the broadest sense.
- Customer reviews fall into two categories:
- Updating customer due diligence (CDD) information.
- Reviewing customer risk ratings to ensure appropriateness.
- Questions on “suspension” or “termination” of relationships adopt their plain dictionary meanings.
Risk & Compliance Considerations
- Firms must identify exposure to jurisdictions of proliferation concern, sanctions, or terrorist financing risk based on their Business AML Risk Assessment (BARA).
- Products, services, and transactions should be reported whether provided directly, advised on, or supported indirectly through customers.
- AML effectiveness reviews can be conducted internally or by external compliance/audit firms, provided they align with AML Rule 5.2.1.
Penalties & Follow-Up
- Late submissions may trigger Fixed Penalty Notices under the DFSA Regulatory Law.
- The DFSA may seek clarifications during its assurance review but does not require supporting documents to be uploaded alongside the Return.
For detailed guidance and clarifications, please refer to the attached FAQ.
This blog is for informational purposes only and does not constitute legal or regulatory advice. The information provided has been compiled from publicly available sources, and while we have made every effort to ensure its accuracy and relevance at the time of publication, we do not guarantee its completeness or applicability to specific situations. Readers are encouraged to seek independent professional advice before making any decisions based on the content herein.
