TFS Self Assessment Checklist for SARs and STRs
TFS Self Assessment Checklist for SARs and STRs
The Ministry of Economy has required Financial Institutions and DNFBPs to respond to their questionnaire on completing the TFS self assessment checklist for SARs and STRs.
The TFS Self-Assessment Checklist has been designed to provide a structured and comprehensive framework for FIs/ DNFBPs to assess compliance with key TFS Transaction monitoring requirements.
This Questionnaire on Completing the TFS Self Assessment Checklist for SARs and STRs is in line with the risk-based approach and methodology that supervisory authorities in UAE have adopted for the assessment of its Financial Institutions (“FIs”) and Designated non-financial business and professions (“DNFBPs”) money laundering / terrorist financing (ML/TF) risk profile through the collection of ML/TF risk indicators measuring threats and vulnerabilities.
The Supervisory authorities in UAE have assessed the Financial Institutions (“FIs”) and Designated non-financial business and professions (“DNFBPs”) exposure to ML/TF risks on a thematic basis, focusing on key ML/TF threats and vulnerabilities derived from the risks outlined in the Financial Action Task Force’s (FATF) 40 Recommendations, the UAE’s National Risk Assessment (NRA) and Topical Risk Assessment.
The purpose of the review is to highlight the generic findings observed within selected FIs and DNFBPs and provide targeted feedback to the sector.
FIs and DNFBPs are advised to read each question in the TFS Self Assessment Checklist for SARs and STRs carefully before answering and use the text box to provide comments where the response to the question requires further elaboration.
Salient Features of this TFS Self Assessment Checklist for SARs and STRs
- FIs/ DNFBPs will be able to save and print the checklist as required for their own internal reviews and follow-ups.
- The self-assessment checklist is to be completed by the AML compliance officer/MLRO, who has the overall responsibility for establishing and maintaining the regulated entity’s AML/CFT systems and should also approve and sign off the completed checklist.
- Each question in the self-assessment checklist provides a number of response options, including ‘Yes’, ‘No’, ‘Not applicable (“N/A”)’.
- When the FIs/ DNFBPs confirm the response to be ‘Yes’ to any of the questions in the tick box, it represents compliance with the requirement. For some of the questions, further specified information should be given in the text box for a ‘Yes’ response.
- When the FIs/ DNFBPs confirm the response to be ‘No’ to any of the questions in the tick box, it represents a potential non-compliance with the requirement. If the response to a question is ‘No’, the FIs/ DNFBPs should use the text box to additionally document:
1. How do the FIs/ DNFBPs plan to remediate the potential gap identified;
2. When do the FIs/ DNFBPs plan to complete the remediation for any potential gaps identified?
- When the FIs/ DNFBPs confirm the response to be ‘N/A’ to any of the questions in the tick box, it represents the requirement does not apply to the FIs/ DNFBPs.
- Where any deficiencies in your systems and controls are identified, you should construct a remediation plan and discuss this with your supervisor.
Section 1: General Information
1. Name of the LFI/DNFBP: Enter the reporting entity name
2. Checklist Completed By: Enter the name of the MLRO/Compliance Officer
3. Checklist Completed by: Enter MLRO/Compliance Officer as the case may be
4. Date of Completion: Provide the date of completion of this TFS Self-Assessment Checklist for SARs/STRs
Section 2: TFS Reporting
1. Did you register in the EOCN Notification System?
Ans: You may say ‘Yes’ if you have subscribed to the Executive Office For Control & Non-Proliferation’s Sanction List notification system – UN page | EXECUTIVE OFFICE FOR CONTROL & NON-PROLIFERATION (uaeiec.gov.ae) and include remarks in the text box.
Also check our guide to subscribe to EOCN System
2. Did you register in the goAML system?
Ans: You may say ‘Yes’ if you are already registered with the goAML system and add your Ord ID in the text box.
Section 3: TFS Screening
1. Do you conduct screening on UAE Local Terrorist List and UN Consolidated List?
Ans: Say ‘Yes’ if you conduct screening based on the UAE Local Terrorist List and UN Consolidated Sanctions List.
2. Do you have adequate screening systems in place (whether manual or using the third-party tool) to be able to detect potential and confirmed matches to UAE Local Terrorist List and UN Consolidated List.?
Ans: Say ‘Yes’ if you have a manual or software-based screening system in place.
3. Do you check the UN website for press releases (https://www.un.org/press/en/content/press- release) daily to remain vigilant on any updates to UN Sanctions Lists?
Ans: Say ‘Yes’ if you follow the UN press releases as to UN Sanctions Lists.
4. Do you maintain the most up-to-date records of UN Consolidated List and UAE Local Terrorist List at all times in their screening systems?
Ans: Say ‘Yes’ if you keep your manual system or software updated with the latest UN Consolidated List and UAE Local Terrorist List.
5. Do you have a tactical/manual alternative process in place to add any missing names in their screening list, in case they rely on an external list provider for obtaining lists and if there is a delay in any names of recently sanctioned persons to appear in the vendor-provided lists.
Ans: Say ‘Yes’ if you are able to add missing names in the screening list manually in the screening software.
6. Do you conduct screening in the following circumstances: Upon any updates to the Local Terrorist List or UN Consolidated List. In such cases, screening must be conducted immediately and without delay to ensure compliance with implementing freezing measures without delay (within 24 hours).
Ans: Say ‘Yes’ if you perform screening immediately upon an update to UAE Local Terrorist List or UNSC Sanctioned List.
7. Do you conduct screening in the following circumstances: Prior to onboarding new customers.
Ans: Say ‘Yes’ if the screening is part of your customer onboarding process.
8. Do you conduct screening in the following circumstances: Upon KYC reviews or changes to a customer’s information.
Ans: Say ‘Yes’ if you conduct screening upon KYC reviews or changes to a customer information.
9. Do you conduct screening in the following circumstances: Before processing any transaction.
Ans: Say ‘Yes’ if you conduct screening before processing any transaction.
10. Do you conduct screening on the following: Existing customer databases. All systems containing customer data and transactions need to be mapped to the screening system to ensure full compliance.
Ans: Say ‘Yes’ if you screen existing customers and transactions, and they are mapped to the screening software.
11. Do you conduct screening on the following: Potential customers before conducting any transactions or entering a business relationship with any Person.
Ans: Say ‘Yes’ if you conduct a screening of your potential customers or others before entering into a business relationship with them.
12. Do you conduct screening on the following: Names of parties to any transactions (e.g., buyer, seller, agent, freight forwarder, etc.)
Ans: Say ‘Yes’ if you screen buyer, seller, agent, freight forwarder, and other parties related to a transaction.
13. Do you conduct screening on the following: Ultimate beneficial owners, both natural and legal.
Ans: Say ‘Yes’ if you screen UBOs.
14. Do you conduct screening on the following: Names of individuals, entities, or groups with direct or indirect relationships with designated persons.
Ans: Say ‘Yes’ if you screen individuals, entities, or groups directly or indirectly associated with sanctioned persons/entities.
15. Do you conduct screening on the following: Directors and/or agents acting on behalf of customers (including individuals with power of attorney).
Ans: Say ‘Yes’ if you screen directors and/or agents acting on behalf of customers, including those holding power of attorney to execute a transaction.
16. Do you maintain records of all screening results (negative, false positive, potential, and confirmed matches) for a period of at least five years?
Ans: Say ‘Yes’ if you maintain screening records at least for a period of 5 years.
17. Do you complete the TFS survey after each sanction alert notification received by the EOCN?
Ans: Say ‘Yes’ if you participate in the TFS Survey after each sanction alert notification received from the Executive Office For Control & Non-Proliferation.
18. Do you conduct screening on trade-based transactions that may involve dual-use goods against the UAE Control Lists?
- Items as mentioned on the EO IEC website: https://www.uaeiec.gov.ae/en-us/
- Items as per the list mentioned in Cabinet Resolution No. 50 for 2020 concerning the control list annexed to Federal Law No. 13 for 2007 relating to commodities subjected to import and export control.
Ans: Say ‘Yes’ if you deal in such items as per the above lists.
Section 4: Internal Control
1. Do you freeze or suspend, without delay (within 24 hours), all funds or other assets upon identification of confirmed or potential match and refrain from providing any services?
Ans: Say ‘Yes’ if you comply with the above requirements.
2. Do you lift freezing measures, without delay (within 24 hours), on all funds or other assets upon receiving notice of de-listing of the designated person from EO Notification System or upon receiving communication from EOCN on goAML?
Ans: Say ‘Yes’ if you comply with the above requirements.
3. Do you implement Enhanced Due-Diligence (EDD) procedures on all Financial Transactions, including trade transactions linked to High-Risk Jurisdictions?
Ans: Say ‘Yes’ if you comply with the above requirements.
4. Do you have internal procedures to ensure that customers have a valid permit when dealing in the export and import of dual-use items before processing transactions or engaging in business relations?
Ans: Say ‘Yes’ if you deal in dual-use items and comply with the requirements.
5. Do you have alert systems that include both TF and PF sanctions evasion red flags?
Ans: Say ‘Yes’ if you have an alert system for TF and PF sanction evasion red flags.
Section 5: TFS Reporting
1. Do you report any confirmed matches on UAE Local Terrorist List or UN Consolidated List by raising a Funds Freeze Report (FFR) in goAML in a timely manner?
Ans: Say ‘Yes’ if you comply with the above requirements.
2. Do you report potential matches on the Local Terrorist List or UN Consolidated List by raising a Partial Name Match Report (PNMR) in goAML in a timely manner?
Ans: Say ‘Yes’ if you comply with the above requirements.
3. Do you respond to communications (queries, requests for information, etc.) received from EOCN via the goAML message board within 48 hours of receiving the communication?
Ans: Say ‘Yes’ if you comply with the above requirements.
4. Do you conduct adequate internal training and awareness on TFS obligations and sanctions evasion typologies to relevant staff and senior management (e.g., MLROs, Front Desk Staff, Relationship Managers, Compliance Officers, etc.)?
Ans: Say ‘Yes’ if you comply with the above requirements.
5. Does your staff attend TFS training sessions held by EOCN and/or Supervisory Authorities?
Ans: Say ‘Yes’ if you comply with the above requirements.
Section 6: TF and PF Risk Assessment
1. Have you identified and assessed their TF and PF risks for customers, countries or geographic areas, products, services, transactions or delivery channels?
Ans: Say ‘Yes’ if you perform TF and PF Risk Assessment based on customers, geography, products, services, transactions, and delivery channels.
2. Do you verify the nature and extent of the Terrorism Financing and proliferation financing Risk Assesment are appropriate to the nature and size of the Reporting Entities business?
Ans: Say ‘Yes’ if your Risk Assessment commensurates with the nature and size of your business.
3. Do you provide guidance to staff on identifying suspicious activity taking into account the means of delivery, the customer risks, geographical risk and any risk derived from the change of circumstances?
Ans: Say ‘Yes’ if you comply with the above requirements.
4. Do you verify that the TF and PF RA are kept up to date?
Ans: Say ‘Yes’ if you comply with the above requirements.
AML Compliance services
AML UAE is the premium AML consulting firm in UAE. We help our customers with goAML registration, business risk assessment, AML policy documentation, AML training, AML software selection, KYC, Screening and Risk Profiling, STR filing, and more. Get in touch with us to remain compliant with UAE AML Laws and Regulations.
Our timely and accurate AML consulting services
For your smooth journey towards your goals
Our recent blogs
side bar form
Add a comment
Share via :
About the Author
Pathik Shah
FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)
Pathik is a Chartered Accountant with more than 25 years of experience in compliance management, Anti-Money Laundering, tax consultancy, risk management, accounting, system audits, IT consultancy, and digital marketing.
He has extensive knowledge of local and international Anti-Money Laundering rules and regulations. He helps companies with end-to-end AML compliance services, from understanding the AML business-specific risk to implementing the robust AML Compliance framework.