FREE COMPLIANCE TOOL
UAE DNFBPs AML/CFT Compliance Navigator
AML/CFT Compliance Navigator
Compliance Summary
Based on your self-assessment, here is your overall AML/CFT/CPF compliance picture across all eight core requirement areas.
Ready to close the compliance gaps?
Citadel365 helps UAE DNFBPs implement and maintain AML/CFT/CPF compliance through a suite of purpose-built tools and services, including:
- Automated sanctions, PEP and adverse media screening
- Customer due diligence and UBO workflows
- Targeted Financial Sanctions (TFS) compliance monitoring
- goAML-ready suspicious transaction reporting
- AML/CFT policy documentation and annual risk assessment support
Ready to Defeat Your AML Compliance Obstacles?
Citadel Brings Revolution with Secure Solutions to AML Compliance Problems
What is the DNFBPs AML/CFT Compliance Navigator?
Citadel365 built a free, interactive self-evaluation tool called the “UAE DNFBPs AML/CFT Compliance Navigator”, specifically for Designated Non-Financial Businesses and Professions (DNFBPs) in UAE. It helps them understand, assess and improve their compliance measures, aligning with the UAE’s AML/CFT/CPF framework.
The tool covers the eight core compliance obligations as required under the Federal Decree Law No. 10 of 2025 and Cabinet Resolution No. 134 of 2025 in ten steps. Further, the compliance navigator tool elaborates regulatory expectations, provides practical guidance, cites legal references, and allows users to rate their current compliance status and note additional observations. Moreover, the tool offers a personalised compliance summary that users can print and retain as part of their compliance documents.
Citadel365 designed this DNFBPs AML/CFT Compliance Navigator, which enables compliance officers, MLROs, senior managers, and business owners to gain an overview of their business compliance position. It requires no specialist legal knowledge to use this tool and helps entities understand where compliance controls are required.
Who Can Benefit from This Tool?
- Real estate agents and brokers
- Dealers in precious metals and stones
- Lawyers, notaries, and independent legal professionals
- Independent accountants and audit firms
- Company and trust service providers
- Commercial gaming operators
- Other businesses determined by their supervisory authority to be DNFBPs under the UAE law
Why UAE DNFBPs Must Take AML/CFT Compliance Seriously
DNFBPs in UAE are mandated under the Federal Decree Law No. 10 of 2025 to uphold the AML/CFT/CPF compliance programme to combat financial crime. Entities that fail to comply with these regulatory requirements may be exposed to financial penalties, administrative sanctions, license suspension or revocation, and, at times, criminal liability.
The UAE DNFBPs AML/CFT Compliance Navigator covers the eight legal obligations that are examined and inspected by the supervisory authorities, such as the Ministry of Economy and Tourism and the Ministry of Justice, to assess compliance.
Key Legislation Underpinning DNFBP Obligation
- Federal Decree Law No. (10) of 2025 Regarding Anti-Money Laundering, Combating the Financing of Terrorism and Proliferation Financing (the AML/CFT Law)
- Cabinet Resolution No. (134) of 2025 Concerning the Executive Regulations of Federal Decree-Law No. 10 of 2025
- Cabinet Decision No. 74 of 2020 on Targeted Financial Sanctions (remains in force for TFS procedural purposes)
- FATF 40 Recommendations
- Supervisory authority-specific guidelines issued by the Ministry of Economy and Tourism, Ministry of Justice, GCGRA, and financial free zone regulators
Step-by-Step Guide to the DNFBPs AML/CFT Compliance Navigator
The DNFBPs AML/CFT Compliance Navigator follows a ten-step process that summarises at the end. Users can move forward and backwards freely, may skip a step to complete later or revisit any completed step. The following points explain each step more clearly:
Step 1: Applicability Check
Choose the category for your business to determine whether your firm comes under UAE DNFBPs framework. If none of the provided categories applies to your business, the tool will indicate that your business is potentially outside the DNFBP scope, subject to AML/CFT obligations under other sector-specific regulations.
Step 2: Risk Assessment
Get an overview of the risk assessment requirements from the provided legal summary and practical guidance. Then mark your current compliance status as Compliant, Partially Compliant, Non-Compliant, or Not Applicable. You may add observations specific to your business.
Step 3: Customer Due Diligence (CDD)
Step 4: Compliance Officer
The next step takes you to another mandatory requirement of appointing a compliance officer for UAE DNFBPs. On this basis, you rate whether you meet this regulatory obligation. For clarity, the tool mentions the qualities, roles, and responsibilities of a compliance officer as mentioned under UAE AML laws.
Step 5: Policies, Controls and Procedures
Understand and assess your business’s compliance with policy, control, and procedure requirements. Classify your compliance status and may add notes or observations for improvements or future actions.
Step 6: Suspicious Transaction Indicators
Does your business detect red flags, typologies or key indicators that help identify suspicious activity denoting money laundering or terrorist financing? Record your observation and state how your DNFBP business meets this requirement.
Step 7: Suspicious Transaction Reporting (STR/SAR)
Your DNFBP business must check whether you report suspicious activity to the FIU through the goAML portal. The practical guidance and short brief help you analyse and rate accurately as you assess factors such as tipping-off, timeliness, and confidentiality.
Step 8: Targeted Financial Sanctions (TFS)
Rate your compliance with TFS instructions from the Executive Office for Control and Non-Proliferation (EOCN). Assess and enter your observation, ensuring you meet concerns regarding the freezing of funds or economic resources of designated persons or organisations.
Step 9: Record Keeping
Lastly, evaluate whether you comply with the requirements for retaining records, CDD documents, transaction data, and compliance files. Ensure that you keep them complete, organised, and in an accessible format. Label your examination and note down gaps.
Step 10: Compliance Summary
Once you click on the view summary tab, the tool will generate a personalised compliance summary. It shows your ratings covering all eight requirements, overall risk rating as high, medium or low. Further, you get a comprehensive view of the mentioned notes for each section. The tool provides an option to print for usage in your compliance file.
Understanding Your Compliance Summary
The DNFBPs AML/CFT Compliance Navigator generates a customised summary which reflects your business compliance ratings across the eight major requirements. It produces an overall compliance risk rating on the basis of the following logic:
| Overall Rating | Trigger Condition | What It Means |
| Compliant | All assessed areas rated compliant; zero Non-Compliant or Partial | Your entity AML/CFT/CPF programme fulfills all eight core requirements. Maintain and monitor continually. |
| Low Risk: Minor Gaps | 1 or 2 Partial ratings; zero Non-Compliant | Minor gaps exist. Create a short remediation plan that addresses partially compliant areas prior to your next supervisory inspection. |
| Medium Risk: Gaps Require Attention | 1 or 2 Non-Compliant, or 3+ Partial | Material gaps identified. Prioritise remediation. You may also appoint a compliance advisor to support gap mitigation. |
| High Risk: Significant Gaps | 3 or more Non-Compliant ratings | Major compliance failure is identified and requires immediate action. Must inform senior management and seek qualified compliance and legal advice right away. |
The compliance summary also includes your noted summary for each step, which makes it a useful document for compliance gap remediation planning. The tool also allows a print facility, which helps generate output of all steps in a formatted layout for your compliance files and for presenting during examination to the supervisory authority.
Why Use the DNFBPs AML/CFT Compliance Navigator?
The DNFBPs AML/CFT Compliance Navigator provides practical compliance value throughout the following five dimensions:
Rapid Compliance Baseline
Even if your business doesn’t have a dedicated compliance team, the navigator offers a systematic baseline assessment in less than 30 minutes. The guided tool translates complex legal requirements into a simplified form and helps entities understand their current compliance status without even the involvement of an external consultant for a health check.
Grounded in Current UAE Law
The tool is constructed based on Federal Decree Law No. 10 of 2025 (primary legislation) and Cabinet Resolution No. 134 of 2025 (implementation regulation). The tool also provides legal reference for each requirement, helping users verify the source and understand the obligation’s alignment with the broader regulatory framework. It thus ensures credibility during inspections.
Actionable Self-Assessment with Printed Output
Unlike a fixed compliance checklist, this navigator tool measures your compliance ratings and notes to provide you with a personalised summary report with a risk rating. You may download or get a printed output of the compliance self-assessment with a timestamped record. It demonstrates your business compliance position and is useful for supervisory inspections, audit trails, and internal reporting to the board or senior management.
Covers All Eight Core Obligations
The tool addresses the eight core obligations that the supervisory authorities examine. If your DNFBP business is compliant across all eight areas, it verifies as a sound AML/CFT/CPF programme, and if there are gaps, it identifies significant ones to develop a clear remediation plan.
Free, Accessible, and No Registration Required
Frequently Asked Questions About the DNFBPs Compliance Navigator
The UAE DNFBPs AML/CFT Compliance Navigator is a free self-assessment tool constructed by Citadel365. This interactive tool guides Designated Non-Financial Businesses and Professions in UAE through the eight mandatory AML/CFT/CPF compliance requirements under Federal Decree Law No. 10 of 2025 and Cabinet Resolution No. 134 of 2025. It further helps UAE DNFBPs understand legal requirements, recognise compliance gaps, and get a personalised compliance review summary for their compliance files.
Under UAE law, Article 1 of Federal Decree Law No. 10 of 2025 and Article 3 of Cabinet Resolution No. 134 of 2025, DNFBPs include dealers in precious metals and stones, real estate brokers and agents, commercial gaming operators, lawyers, notaries, other independent legal professionals, independent accountants & audit firms, company & trust service providers and any other business determined by resolution issued by the Supervisory Authority.
Federal Decree Law No. 10 of 2025 Regarding Anti-Money Laundering and Combating the Financing of Terrorism and Proliferation Financing (the primary legislation), Cabinet Resolution No. 134 of 2025 (implementing regulation), Cabinet Decision No. 74 of 2020 on TFS procedural matters (Targeted Financial Sanctions obligations), and other sector-specific guidelines issued by the relevant supervisory authorities apply to DNFBPs in UAE.
For most users, it roughly takes 10 to 20 minutes to complete these ten steps. However, the duration depends on how many details you add in the notes section. We recommend you take 15 to 20 minutes for a thorough first assessment so you can go through the practical guidance for each requirement and add meaningful notes.
No, the DNFBPs AML/CFT Compliance Navigator doesn’t save your data or share it with any third party. It runs entirely on your browser, and the details you put in, such as compliance ratings, notes, and summary, are retained only in your browser session till you close or refresh the browser. The tool provides you with a print report feature to retain your results before closing the tool.
Compliant means meeting the AML/CFT regulatory requirements completely, which includes policy design, effective controls implemented, record-keeping and ongoing monitoring. Partially Compliant means meeting some elements of the AML requirements, but gaps exist; for instance, a policy exists, but it is not reviewed or applied consistently. Whereas Non-Compliant means no requirement is met, and gaps are so significant that they may expose the entity to financial crime risks or regulatory penalties. You may mention Not Applicable to a specific requirement that does not apply to your business model.
No, the Compliance Navigator is not a substitute for a formal AML/CFT audit, an independent compliance review or qualified legal advice. It is a self-assessment tool for DNFBPs to understand their compliance requirements and identify gaps. It doesn’t guarantee the same remarks as may be concluded by the Supervisory Authority during an examination. You must use the results as a starting point for a more detailed internal review and to mitigate identified gaps.
The printed compliance summary can be part of your internal compliance documentation, and you may share it with the Supervisory Authority as proof of self-assessment. However, you must accompany this self-assessed document with supporting evidence, such as policy documents and records that exhibit compliance.
Non-Compliant demonstrates gaps which require immediate attention, especially when three or more requirements are not met, which leads to an overall rating of high risk. To fill the gap and comply with AML requirements, you should document the gap in the notes section, recognise the root cause, and develop a remediation plan. Your plan must include clear actions, control, and monitoring progress. Further, in a severe case, you may be required to inform the Compliance Officer or senior management, or you may seek external legal or compliance advice.
We recommend that UAE DNFBPs conduct a self-assessment at least once a year and after significant changes to their business model, jurisdiction, customer base, or updates to legal obligations or supervisory guidance. You may also use it before a supervisory inspection. Citadel365 periodically updates the tool to exhibit legislative changes; performing a re-assessment ensures your self-assessment remains current.
goAML is the electronic reporting platform by the Financial Intelligence Unit (FIU) in UAE, through which DNFBPs submit Suspicious Activity Reports (SARs) and Suspicious Transaction Reports (STRs). DNFBPs are subject to register on goAML and file STR/SAR reports timely. The Compliance Navigator tool helps you assess this mandatory STR/SAR submission requirement in Step 7. Partially Compliant or Non-Compliant with the reporting obligation implies a compliance gap.
Targeted Financial Sanctions (TFS) are measures intended to freeze assets and prohibit dealing with individuals and entities designated by resolutions issued by the UAE Cabinet regarding the terrorist list or by the UN Security Council under Chapter VII of the Charter of the United Nations. DNFBPs, as mandated under Federal Decree Law No. 10 of 2025 and Cabinet Decision No. 74 of 2020, are required to comply with TFS instructions as issued by the Executive Office for Control and Non-Proliferation (EOCN). DNFBPs must screen customers & counterparties against the UNSC Consolidated List and the UAE local terrorist list, and, upon a confirmed match, freeze assets without delay.
Ready to Simplify Your AML/CFT Compliance Programme?
Citadel365 offers an end-to-end AML/CFT compliance solution for DNFBPs in the UAE, from risk-based CDD workflow management to regulatory reporting and supervisory examination preparation, keeping you compliant.