In the UAE’s sophisticated fight against financial crime, the goAML platform serves as the central nervous system. It is not merely a reporting tool; it is the mandatory and direct line of communication between your business and the nation’s Financial Intelligence Unit (FIU). For any Designated Non-Financial Business or Profession (DNFBP), mastering this platform is not optional—it is a core compliance duty. This guide provides a practical walkthrough of the essential steps, from registration to understanding which report to file and when.
What is goAML and Why is it Mandatory?
The goAML system is an advanced software solution developed by the United Nations Office on Drugs and Crime (UNODC) and adopted by the UAE FIU to efficiently receive, analyze, and disseminate financial intelligence. Under Federal Law No. 20 of 2018 and Cabinet Decision No. 10 of 2019, registration on and use of the goAML portal is obligatory for all Financial Institutions and DNFBPs. A failure to report suspicious activity through this platform is not just a compliance breach; it is a criminal offense with severe consequences.
The Two-Stage Registration Process
Gaining access to the goAML system is a formal, two-stage process that requires careful preparation of documentation.
Stage 1: Pre-registration on SACM
The first step is to register on the UAE FIU’s Service Access Control Manager (SACM) system. This initial registration is designed to establish your identity and set up secure access credentials. During this stage, you will receive a username and a secret key to link with an authenticator app, such as Google Authenticator, for two-factor authentication.
To complete this stage, you will need to prepare the following documents :
- A valid ADGM or other relevant commercial license.
- Proof of the appointment of your Money Laundering Reporting Officer (MLRO) or Compliance Officer.
- Clear copies of the MLRO’s passport and Emirates ID (front and back).
- A unique and valid UAE mobile number and email address for receiving one-time passwords (OTPs).
Stage 2: Registration on the goAML Portal
Once your SACM pre-registration is complete and you have your secure login credentials, you can proceed to the main goAML portal to finalize your organization’s registration. After you submit your application, it will be reviewed by your designated Supervisory Body (e.g., the Ministry of Economy for most DNFBPs). Full access to the platform’s reporting features is only granted after this supervisory approval is received.
Decoding the Alphabet Soup: Key Report Types on goAML
The variety of report types on goAML reflects the regulator’s data-driven strategy to collect structured, sector-specific intelligence. Choosing the correct report type is as critical as the information you provide. Filing the wrong report can signal a misunderstanding of your obligations to the FIU, potentially triggering further scrutiny.
- STR (Suspicious Transaction Report): This is the most fundamental report. It must be filed when you have reasonable grounds to suspect that a specific transaction, whether it has been completed or was merely attempted, is related to the proceeds of a crime or the financing of terrorism.
- SAR (Suspicious Activity Report): This report is used when your suspicion relates to broader activity rather than a single transaction. Examples include a potential customer who is evasive during the onboarding process, provides questionable documents, or is the subject of credible adverse media reports linking them to criminal activity.
- TFS-Related Reports:
- CNMR (Confirmed Name Match Report): This report is filed after you have identified a confirmed match between a customer or party to a transaction and an official sanctions list (UN or UAE Local Terrorist List) and have consequently frozen their assets.
- PNMR (Partial Name Match Report): This is filed when your screening returns a partial match to a sanctions list that cannot be immediately dismissed as a false positive. Submitting a PNMR allows the FIU and EOCN to investigate the potential match further while you suspend the transaction.
- Sector-Specific Reports:
- DPMSR (Dealers in Precious Metals and Stones Report): A specialized report required for this high-risk DNFBP sector to report certain types of transactions.
- REAR (Real Estate Activity Report): A dedicated report for the real estate sector to fulfill specific reporting obligations.
Practical Steps for Filing a Web Report
For businesses that do not use automated XML uploads, filing a report through the goAML web interface is the standard method. The process generally involves these steps:
- Log In: Securely access the goAML platform using your username and authenticator code.
- Select Report Type: Navigate to the “New Reports” menu and select “Web Reports.” From the drop-down menu, choose the correct report type (e.g., STR, SAR, CNMR).
- Complete Mandatory Fields: The web form will guide you through several sections. You must provide details on the location of the incident and select the appropriate “Reason for Reporting” from a predefined list of suspicious indicators.
- Provide Subject Details: Enter all known information about the individuals or entities involved in the suspicious activity.
- Write the Narrative: This is a critical section. You must provide a clear, concise, and chronological summary of the activity and, most importantly, explain why you are suspicious. Include all relevant details that led to your conclusion.
Conclusion: Your Role in the National Security Chain
Mastering the goAML platform is a fundamental responsibility for every DNFBP in the UAE. The registration process is meticulous, and choosing the correct report type is vital for providing high-quality intelligence to the authorities. By fulfilling your reporting obligations accurately and promptly, your business moves beyond being just a regulated entity and becomes a crucial partner in protecting the UAE’s financial system and contributing to its national security.
If you are unsure about your goAML registration status or have questions about your reporting obligations, contact DPMS Global for expert guidance and hands-on support.