top of page
Search

DNFBP AML/CFT Enforcement in the UAE

Updated: 5 days ago

What Jewellery Businesses Should Learn



If you run a jewellery, gold, or precious stones business in the UAE, AML/CFT compliance is not a “bank-only” issue anymore. In the last several years, UAE authorities have actively inspected DNFBPs (Designated Non-Financial Businesses and Professions) and issued meaningful administrative penalties, including cases that specifically involve gold and gemstones businesses.




What the enforcement record is clearly telling the market


A) Jewellery-related DNFBPs are directly in scope

The Ministry of Economy has publicly confirmed enforcement actions involving companies operating in the gold and gemstones sector, including AED 2.25 million in administrative sanctions on three companies (two in gold & gemstones).


B) Penalties can be large, even for “controls” failures

A widely reported case: an unnamed Dubai gold trader was fined AED 1.35 million for multiple AML/CFT breaches (reported May 23, 2021).


C) Enforcement is systematic, not occasional

The Ministry has also announced multi-company inspection outcomes such as AED 3.2 million in fines imposed on DNFBP firms for various AML/CFT failures (reported December 21, 2022).


D) “DNFBP penalties” are not theoretical

Official communications have stated that DNFBP penalties can escalate significantly and may include severe outcomes (including business restrictions), depending on the breach type and severity.


The typical failure patterns regulators are penalising


Official enforcement summaries repeatedly point to control and behaviour failures that are very relevant to jewellery operations—especially high-value, cash-linked, cross-border, and dealer-to-dealer trades. Examples of cited failure categories include:


1) Weak or missing internal AML controls

  • Policies and controls not matching the actual business model, volumes, and risk profile

  • “Paper policies” not implemented in day-to-day operations (staff don’t follow them, no evidence trail)


2) Risk assessment not done properly (or not used)

  • No documented risk assessment (or outdated)

  • No clear logic for: customer risk, product risk, country risk, delivery channel risk

  • No “why” behind decisions (especially for high-risk customers)


3) Gaps around suspicious activity detection and reporting

  • Weak monitoring triggers (no red-flag framework)

  • Poor internal escalation process (staff don’t know when/how to raise concerns)

  • Incomplete record of investigations and outcomes (no defensible audit trail)


4) Failure to treat higher-risk customers properly

Authorities have referenced issues around dealing with higher-risk relationships, including politically exposed persons (PEPs) and other enhanced due diligence scenarios in DNFBP enforcement contexts. (Ministry of Education)


The DNFBP obligations that matter most for jewellery businesses


While the exact implementation varies by your business model (retail-only vs wholesale; local vs export; cash vs bank transfer), UAE DNFBP expectations consistently come back to these essentials:


A) Know your customer (CDD) that matches jewellery realities

  • Customer identification + verification (and beneficial owner where applicable)

  • Purpose and intended nature of the relationship

  • Source of funds / source of wealth checks when risk requires it

  • Refresh cycles (when to update documents and checks)


B) Risk-based controls (not a one-size-fits-all checklist)

  • A workable risk matrix that staff can apply in 2–3 minutes

  • Clear decision rules for: EDD, approvals, escalation, refusal


C) Sanctions / watchlist screening

  • At onboarding and ongoing where relevant

  • Evidence of screening (logs, screenshots, reports, timestamps)


D) Record keeping that stands up to scrutiny

  • “If you can’t evidence it, it didn’t happen” is how inspections feel in practice

  • Structured files: CDD pack, risk rating, screening outputs, approvals, invoices, communications, escalation notes


E) Transaction reporting thresholds & suspicious reporting discipline

The UAE FIU has published DNFBP/DPMS-focused material highlighting expectations around suspicious transaction reporting and reporting of certain high-value transactions (e.g., threshold references appear in DPMS guidance material).



A practical “inspection-ready” AML setup for jewellers


Here’s the simplest way to build something that works operationally and evidences well:


Step 1 — Define your jewellery risk model (fast, defensible)

Create a short matrix that rates:

  • Customer type (walk-in retail vs dealer vs corporate)

  • Geography (local vs cross-border)

  • Payment type (cash, transfer, crypto exposure, third-party payments)

  • Value/volume (single high-ticket vs repeated pattern)

  • Product risk (high liquidity items, resalable items)


Step 2 — Standardise the CDD pack by scenario

  • Retail walk-in (low/medium risk)

  • High-value retail / repeated purchases

  • Corporate buyer / dealer-to-dealer

  • Export / cross-border transactionsEach scenario must have: required documents, required checks, who approves, and what gets filed.


Step 3 — Implement “red flag triggers” staff actually use

Examples (non-exhaustive):

  • Third-party payer or mismatched payer vs customer

  • Unusual urgency or refusal to provide basic information

  • Repeat transactions just below internal thresholds

  • High-risk jurisdictions or unusual trade routes

  • Requests for complex settlement patterns


Step 4 — Build your evidence trail

  • Screening logs

  • Risk scoring snapshots

  • Approval notes for EDD decisions

  • Escalation register + outcomes

  • Training records + attendance

  • QA checks (monthly sample review)


Where Marensa Advisory fits: Jewellery Guard (DNFBP AML/CFT)


Marensa Advisory’s jewellery compliance support is built for one outcome: controls that stand up to scrutiny, without slowing down sales.


What we typically deliver (fast and evidence-led)

  • DNFBP AML/CFT policy suite tailored to jewellery workflows

  • Business risk assessment + customer risk model

  • CDD/EDD procedures with annexed templates and checklists

  • Sanctions/screening workflow + evidence standards

  • Suspicious activity framework (red flags + internal escalation + reporting readiness)

  • Staff training pack + onboarding script for front-line teams

  • “Inspection-ready” file structure and registers (so your evidence is clean)


The difference (in plain terms)


  • Not generic templates

  • Not compliance theatre

  • A working system your staff can follow, and your reviewers can validate



Book a free scoping call (confidential): We review your current DNFBP AML controls, identify the inspection risks, and give you a practical remediation plan.


WhatsApp: +971 58 594 3306


Comments

bottom of page