Global Site
Argentina Aruba Barbados Bolivia Brazil Canada Cayman Islands Chile Colombia Costa Rica Curacao Ecuador El Salvador Guatemala Honduras Mexico Panama Paraguay Peru Puerto Rico Saint Martin Suriname United States Uruguay Venezuela
Afghanistan Australia Cambodia China Hawaii Hong Kong India Indonesia Japan Macau Malaysia Maldives Mongolia Myanmar Nepal New Zealand Pakistan Philippines Singapore South Korea Sri Lanka Taiwan Thailand Vietnam
Albania Andorra Armenia Austria Azerbaijan Belgium Bulgaria Croatia Cyprus Czech Republic Denmark Estonia Finland France Georgia Germany Greece Hungary Ireland Italy Kazakhstan Kosovo Latvia Liechtenstein Lithuania Luxembourg Malta Moldova Netherlands Norway Poland Portugal Romania Serbia Slovakia Slovenia Spain Sweden Switzerland Tajikistan Turkey Ukraine United Kingdom Uzbekistan
Algeria Angola Bahrain Côte d’Ivoire Egypt Ghana Iraq Israel Jordan Kenya Kuwait Lebanon Liberia Mauritius Morocco Mozambique Nigeria Oman Qatar Saudi Arabia Senegal Sierra Leone South Africa Syria Tanzania Togo Tunisia Uganda United Arab Emirates Yemen
Contact Us
home News
-/media/505a1d2f447446d1837cb4c67b5ae395.ashx

ADGM DNFBP AML / TFS Onsite Assessments 2025

Common AML Areas to Be Improved 

Vinil Venugopalan
6/11/2026
-/media/505a1d2f447446d1837cb4c67b5ae395.ashx

Key Compliance Gaps Identified from ADGM RA's 2025 Onsite Assessments

The Abu Dhabi Global Market (ADGM) Registration Authority (RA) has officially published its 2025 Common Findings Report, highlighting critical Anti-Money Laundering (AML) compliance gaps across Designated Non-Financial Businesses and Professions (DNFBPs) operating in ADGM and across the UAE.

Based on 35 onsite AML/TFS assessments conducted in 2025, the RA identified three principal AML areas requiring immediate improvement.

1. Weak Risk Assessment Frameworks

Common Findings:

  • Business Risk Assessments (BRA) not regularly updated or reviewed
  • Insufficient consideration of customer risk factors, jurisdictions, and delivery channels
  • Targeted Financial Sanctions (TFS) risks embedded within broader money laundering assessments rather than assessed as a distinct component
  • Limited evidence of periodic reviews reflecting business changes or emerging financial crime risks

RA Supervisory Expectation: Firms must maintain a documented BRA, proportionate to their business scale and complexity, reviewed and updated at least annually. Trigger events for updates include:

  • New products or business practices
  • Updates to UAE NRA (including PF NRA)
  • Regulatory amendments
  • Significant business model changes
  • Awareness of new ML/TFS risks

Firms must maintain version control and document board or senior management approvals for BRA versions.

2. Inadequate Enhanced Customer Due Diligence (Enhanced CDD)

Common Findings:

  • Over-reliance on customer declarations without independent corroboration
  • Insufficient verification of sources of funds and source of wealth
  • Documentation obtained fails to demonstrate how customers accumulated wealth
  • Inconsistent senior management approval for high-risk customer onboarding

RA Supervisory Expectation: Enhanced CDD must extend beyond customer-provided information to include risk-based verification of source of wealth and funds, supported by independent or reliable evidence. Enhanced CDD requires appropriate senior management oversight with clear evidence of review and approval for higher-risk customers.

3. Governance and Oversight Shortfalls

Common Findings:

  • Annual reviews of AML/TFS frameworks treated as procedural tick-box exercises
  • Limited substantive assessment of control effectiveness in practice
  • Failure to document review outcomes or formally report to senior management
  • No structured remediation plans for identified deficiencies

RA Supervisory Expectation: Annual reviews must provide a substantive, evidence-based assessment of control effectiveness, not a purely procedural exercise. Reviews should be:

  • Clearly documented
  • Supported by appropriate testing
  • Formally reported to senior management
  • Enable effective oversight and timely remediation

What DNFBPs Must Do Now: RA's Actionable Recommendations

The RA mandates all DNFBPs to take immediate, proactive action:

  • Conduct a thorough review of the 2025 Common Findings Report
  • Perform a risk-based self-assessment within 3 months from receipt of this report
  • Document and implement a remediation plan, track progress, and ensure senior management oversight
  • Maintain and regularly update policies, procedures, and controls for ongoing compliance with applicable AML/TFS obligations

Where no remediation is required, DNFBPs may be requested to provide evidence of the self-assessment conducted.

Conclusion: Compliance Is About Execution, Not Just Policy

While most assessed firms have established necessary AML/TFS policies and procedures, the RA continues to observe gaps in practical implementation, particularly in risk assessments, enhanced due diligence, and governance arrangements.

The RA urges all DNFBPs to:

  • Review and address issues through self-assessment
  • Keep senior management informed about compliance status
  • Expect supervisory or enforcement action where material non-compliance is identified

This report serves as both a benchmark and a call to action for DNFBPs in ADGM, Abu Dhabi, Dubai, and across the UAE to strengthen their AML/TFS frameworks and ensure robust, demonstrable compliance. 

PDF document

Detailed insights available

View the full document for detailed insights and complete information.

View full document

The author is Director, GRC Advisory at Crowe UAE and can be reached at 
+971 52 373 4662 or [email protected]

Explore insights
Dawn Thomas
Dawn Thomas
Senior Partner - Governance Risk & Compliance
Ahmed Ali Bin Haider
Ahmed Ali Bin Haider
Partner - GRC Technology
Rajeev Nanda
Rajeev Nanda
Partner – Internal Audit & Governance Risk Compliance
Vinil Venugopalan
Vinil Venugopalan
Director – Governance, Risk & Compliance and Technology