Introduction

In recent years, the UAE has taken substantial steps to fight financial crime, specifically by advancing policies on anti-money laundering ("AML") and combating the financing of terrorism ("CFT"). These efforts began to yield tangible results when, in February 2024, the UAE was removed from the Financial Action Task Force's (the "FATF") 'Grey List' of countries (being those considered to have strategic deficiencies in their AML and CFT frameworks). This was followed by the European Parliament approving the EU Commission's decision to remove the UAE from its own list of high-risk countries with strategically deficient AML and CFT frameworks on 9 July 2025.  With the FATF's next round of mutual evaluations underway, the UAE will be looking to further demonstrate the resilience and integrity of its financial systems ahead of its scheduled evaluation in June 2026.

This article provides an update on the recent steps taken by the UAE to combat financial crime:

  • The DFSA published its 2025-2026 Business Plan which includes key measures to target financial crime, such as carrying out targeted financial crime risk assessments, and its 2024 Annual Report highlights key regulatory developments and the supervisory activity of the DFSA undertaken throughout the year;
  • The FSRA published its 2025-2026 Business Plan which focused on tech-driven financial crime detection;
  • The SCA issued a new decision mandating that SPV applicants demonstrate AML/CFT, anti-bribery, and risk management policies and be responsible for ensuring compliance with UAE AML/CFT controls;
  • The UAE Cabinet endorsed the 2024–2027 National Strategy for AML/CFT with its principal aim to ensure the UAE’s resilience against emerging risks by building a risk-based, effective, and sustainable national AML and CFT framework; and
  •  Regulators have demonstrated increasing proactiveness in financial crime enforcement.

 

Recent Developments and Future Plans

DFSA 2025-2026 Business Plan

In February 2025, the Dubai International Financial Centre's (the "DIFC") financial regulator, the Dubai Financial Services Authority (the "DFSA"), published its 2025-2026 Business Plan.

This strategic roadmap underscores the DFSA’s continued engagement with key international bodies, including the FATF, as well as other standard-setting bodies such as the Basel Committee on Banking Supervision, the International Association of Insurance Supervisors and the International Organisation of Securities Commissions,  in its commitment to improving its compliance with global best practices.1

As part of its "risk-based supervision" model for regulated entities (including banks, insurance, wealth management and fintech firms), the DFSA will enhance its Financial Crime Prevention programme by carrying out targeted financial crime risk assessments, which focus on the inspection of financial institutions and firms offering digital assets.2 The latter is particularly important given the unique financial crime risks arising from the rapid adoption of digital tools (including artificial intelligence ("AI")) and the emergence of crypto tokens.3

The DFSA has made its stance clear: there is zero tolerance for money laundering, terrorism financing, breaches of sanctions, misappropriation of client assets, misleading disclosures, and market abuse. Serious violations will attract substantial penalties to reinforce deterrence and improve market confidence.4

 

DFSA Annual Report 2024

In May 2025, the DFSA released its 2024 Annual Report (the "Report") highlighting key regulatory developments and the supervisory activity of the DFSA undertaken throughout the year. A central theme of the Report is the DFSA’s continued focus on combating financial crime.

The Financial Crime Risk team continued to lead the DFSA’s AML initiatives in 2024, actively supporting the UAE’s national AML/CFT initiatives. Notably, the DFSA conducted thematic reviews on two critical areas:

  • compliance with targeted financial sanctions in the insurance sector; and
  • the role of money laundering reporting officers and their compliance with professional development requirements.

In addition, the DFSA investigated a broad range of cases involving suspected misconduct, including deficiencies in AML systems.5 As a result of these investigations, the DFSA took enforcement actions against five firms and three individuals, resulting in fines totaling USD 2.5 million.

As part of its consumer protection strategy, the DFSA issued 30 consumer scam alerts to inform the public and the DIFC financial community of potentially harmful activities. These alerts play a vital role in safeguarding investors and maintaining confidence in the financial system. The scams identified included Ponzi schemes, advance fee scams, cloning scams, and scams in which the identities of the DFSA, the DIFC, and firms within the DIFC – or their employees – were stolen or misused.

By the end of 2024, the DFSA had signed 117 bilateral Memoranda of Understanding ("MoUs") (including in September 2024 with the Hong Kong Monetary Authority), five multilateral MoUs, and eight innovation agreements, facilitating international regulatory cooperation and collaboration.

 

ADGM FSRA 2025-2026 Business Plan

In anticipation of the UAE's FATF mutual evaluation in June 2026, the Abu Dhabi Global Market's (the "ADGM") financial regulator, the Financial Services Regulatory Authority (the "FSRA"), has also prepared a business plan covering 2025-2026. The business plan sets out its commitment to robust, future-proof and internationally aligned financial crime risk management. It explains its plan to leverage technologies (including through the development of AI and other automation tools, such as AI agents) to facilitate the detection and investigation of crimes, and penalty enforcement.

The regulator's Enforcement Department will focus on a number of areas including: (a) investigations into high risk areas, including in relation to AML and CFT failures, sanctions breaches, unauthorised regulated activities and client asset mismanagement (closely aligned with the DFSA business plan); and (b) the use of digital forensics, data analytics and open-source intelligence to enhance the conduct of investigations and the detection of potential misconduct.

 

Securities and Commodities Authority

The UAE Securities and Commodities Authority (the "SCA") was established to supervise and monitor financial markets in the UAE (outside of the financial free zones). As a protective measure against the use of special purpose vehicles ("SPVs"), the SCA passed Decision No. (25/Chairman) of 2024 Concerning the Regulation of a Special Purpose Vehicle (the "SPV Decision") which regulates the establishment and conduct of business of SPVs and related matters. In particular, when seeking to obtain approval for the incorporation of an SPV, the applicant is required to provide evidence of governance policies relating to anti-bribery and corruption, risk management and combating money laundering, terrorist financing and financing of illegal organisations.6 The SPV Decision also specifically requires SPV managers to ensure that the SPV is compliant with AML and CFT controls and procedures in the UAE.7

 

National Strategy

In September 2024, the UAE Cabinet endorsed the National Strategy for Anti-Money Laundering, Countering the Financing of Terrorism, and Proliferation Financing for 2024-2027 (the "National Strategy"), which will be overseen by the General Secretariat of the National Committee. Its principal aim is to ensure the UAE’s resilience against emerging risks by building a risk-based, effective, and sustainable national AML and CFT framework.

The National Strategy acknowledges the rise of new risks (including those associated with virtual assets). It outlines 11 strategic goals, each underpinned by specific legislative actions and regulatory reforms, such as: (a) strengthening both national and international cooperation to facilitate better information exchange between regulatory bodies; (b) establishing robust supervision of AML and CFT measures within the private sector; and (c) enhancing the detection, investigation, and disruption of financial crimes.

The National Strategy highlights the importance of maximising both human and technological resources, advancing data collection and analytical capabilities to support investigations and asset recovery efforts, and maintaining a current and effective legal and regulatory environment. It also emphasises the importance of addressing risks stemming from virtual assets and the evolving landscape of cybercrime.

 

Financial Crime Enforcement by Regulators

There has been an increase in investigations and enforcement by regulators against entities which exhibit deficiencies in their AML and CFT policies.

In the DIFC, the DFSA fined a former banker just under USD 1 million in August 2024 for: (a) knowingly providing misleading information and withholding information to circumvent his former employer's AML systems and controls; (b) sending a forged deceptive email to a client; and (c) providing false, misleading or deceptive information to the DFSA during an interview. In January 2024, the DFSA issued a provisional fine of USD 25,000 on a trading and investment business operating in the DIFC for failure to report certain suspicious transactions in violation of DFSA rules. Separately, the FSRA imposed a substantial fine on an ADGM entity for AML systems and controls failures notwithstanding that no money laundering occurred.

Similarly, and at a federal level, the Central Bank of the UAE (the "CBUAE") issued a fine of AED 1.2 million (USD 326,708) against an unnamed insurer following an investigation which identified shortcomings in the insurer's AML and CFT policies and procedures. More recently, on 12 May 2025, the CBUAE imposed administrative and financial sanctions on five insurance brokers operating in the UAE for failure to comply with their own AML and CFT frameworks. In June 2025, fines totalling AED 12.3 million (~USD 3.35 million) were imposed on six exchange houses for breaching anti-money laundering regulations.

 

Conclusion

Following its removal from the FATF Grey List, the UAE continues to make significant strides to protect its economy against financial crime. These efforts reflect a multi-pronged approach that includes:

  • forward-looking strategic planning, evidenced by the publication of the DFSA business plan, the FSRA business plan, and the National Strategy;
  • new legislation; and
  • stricter enforcement measures by financial regulators, reinforcing accountability and deterrence.

Collectively, these initiatives position the UAE favourably ahead of its upcoming FATF mutual evaluation scheduled for June 2026.

 

  1. DFSA Business Plan, p 45

  2. DFSA Business Plan, p 45

  3. DFSA Business Plan, p 40-41

  4. DFSA Business Plan, p 34

  5. DFSA Annual Report, pp 59-61

  6. SPV Decision, Article 5(4)

  7. SPV Decision, Article 7(1)(9)

Key contacts

Stuart Paterson photo

Stuart Paterson

Managing Partner, Middle East Offices, Dubai and Middle East

Janine Mallis photo

Janine Mallis

Of Counsel, Dubai and Middle East

Stuart Paterson Janine Mallis Tania Forichon