CBUAE’s Guidance for LFIs on risk related to virtual assets and VASP

In line with regulatory developments around licensing of virtual assets activities, including Virtual Asset Service Providers (VASPs) in the UAE, the Central Bank of UAE (CBUAE) has recently issued a detailed AML Guidance for the Licensed Financial Institutions on risks related to virtual assets and VASPs.

The Guidance applies to all the persons licensed by the CBUAE, which includes banks, exchange houses, finance companies, payment service providers, registered hawala providers, insurance companies, and insurance agencies/brokers.

The Guidance aims to provide detailed directives to the financial institutions in UAE while dealing with VASPs, including measures to be implemented to mitigate the ML/FT risks related to the virtual assets. The CBUAE prohibits the LFIs from establishing a business relationship with a VASP who is not adequately licensed or registered with the relevant authorities within UAE, including restriction on dealing with foreign VASPs conducting virtual assets-related activities in UAE but is not licensed with UAE authorities.

Along with the Customer Due Diligence process, the LFIs are required to assess the VASP’s reputation and understand the quality of VASP’s AML/CFT controls. LFIs must obtain senior management approval to onboard any VASP customer or execute a transaction with them.

The vulnerabilities and the ML/FT red flags associated with virtual assets and the VASP are enlisted in the Guidance document.