21 Analytics logo
Request a Demo
Law No. (4) of 2022 Tackled: Dubai Travel Rule FAQs Answered
Back Button Icon
Back

Law No. (4) of 2022 Tackled: Dubai Travel Rule FAQs Answered

03 Jul, 2024

According to Law No. (4) of 2022 Regulating Virtual Assets in the Emirate of Dubai, Dubai’s Virtual Assets Regulatory Authority (VARA) has the authority to regulate VASPs within Dubai. Below, we discuss the most common questions about Dubai’s Travel Rule with the relevant sources.   

What Is VARA’s Interpretation of the Travel Rule? 

According to the VARA’s interpretation of the Travel Rule, VASPs in Dubai must obtain and maintain the necessary originator and beneficiary *information before initiating any virtual asset transfer in the following scenarios:

  • Individual transactions equal to or exceeding AED 3500.

  • Group transactions equal to or exceeding AED 3500.

Additionally, VASPs must obtain and hold the *required information before allowing customers to access received virtual assets equivalent to or exceeding AED 3500. 

Before transacting with a counterparty VASP, risk-based due diligence must be conducted regardless of the jurisdiction. This due diligence does not need to be repeated for every subsequent transaction with the counterparty unless a risk is suspected. VASPs must adhere to the FATF Interpretive Note to Recommendation 15 when implementing compliance policies related to the Travel Rule and AML/CFT policies.

*The required information includes: 

  • The originator’s name, account number or virtual asset wallet address, and residential or business address. 

  • The beneficiary’s name, account number, or virtual asset wallet address are required.

VARA’s Compliance and Risk Management Rulebook, Part III, Section G. FATF Travel Rule

What Falls under VARA’s Scope? 

According to Law No. (4) of 2022 Regulating Virtual Assets in the Emirate of Dubai, VARA is responsible for regulating, supervising, and managing virtual asset services. All virtual asset services provided within the Emirate—excluding the Dubai International Financial Centre but including developing and free zones—fall under VARA’s jurisdiction.

Law No. (4) of 2022  Regulating Virtual Assets in the Emirate of Dubai, Articles 3 & 6

What Falls Under VARA's Authority?

Examples of VARA’s authority include, but are not limited to: 

  • Define all virtual asset activities, businesses, practices, services, and products prohibited in Dubai.

  • Develop regulations and general policies for the regulation of virtual assets.

  • Regulate, supervise, and oversee the issuance, offering, and relevant disclosure processes of virtual assets and virtual tokens. 

  • Regulate and issue Permits to, VASPs following the requirements, procedures, and rules adopted by it; and oversee and supervise them to ensure their compliance with the provisions of Law No (4) of 2022, the resolutions issued in pursuance hereof, and other Legislation in force in the Emirate

  • Classify and define the activities mentioned below and establish the regulations and rules required to govern them.

  • Extend this list to include any activity, business, practice, or service related to virtual assets.

Law No. (4) of 2022  Regulating Virtual Assets in the Emirate of Dubai, Article 6

The following activities require permits to operate in the Emirate and are subject to VARA’s supervision:

  • Provision of Virtual Asset Platform operation and management services.

  • Provision of services for the exchange between Virtual Assets and national or foreign currencies.

  • Provision of services for the exchange between one or more forms of Virtual Assets.

  • Provision of Virtual Asset transfer services.

  • Provision of Virtual Asset safekeeping, management, or control services.

  • Provision of services related to Virtual Asset Wallets.

  • Provision of services related to offering, and trading in, Virtual Tokens.

  • According to Chapter 3, Article 15, no person can conduct these activities in Dubai without a valid permit. Additionally, the crypto business must be based in Dubai and approved by an Emirati commercial licensing authority to perform these activities. No activities can commence before meeting the appropriate licensing and approval criteria.

*The Activity is defined as “any activities that require a Permit from VARA and are subject to its oversight,” as stated in Article (16) of this Law.

VARA Does Not Cover the Following

VARA’s jurisdiction is limited to the Emirate of Dubai; it does not extend to the rest of the UAE or the Dubai International Financial Centre.

Law No. (4) of 2022  Regulating Virtual Assets in the Emirate of Dubai, Articles 

What Are VARA’s Objectives? 

VARA has 5 objectives: 

  1. Promote Dubai as the central hub for regional and international virtual assets and related services, enhancing the digital economy to position the Emirate as a global competitor.

  2. Encourage innovation and empower investors in this sector by increasing awareness and education.

  3. Attract investments and companies to establish their operations in the Emirate.

  4. Foster a shared commitment to create effective, specialised legislation for investor protection and to combat illegal practices in collaboration with relevant organisations.

  5. Provide the necessary laws, guidelines, and standards to regulate, monitor, and control virtual asset platforms, VASPs, and all other aspects of virtual assets.

Law No. (4) of 2022  Regulating Virtual Assets in the Emirate of Dubai, Article 5 

What Is VARA’s Stance on Anti-money Laundering and Combating the Financing of Terrorism

VASPs should prevent using virtual assets in illicit activities, such as terrorism financing and sanctions non-compliance. 

Key steps include appointing a Money Laundering Reporting Officer (MLRO) who is responsible for ensuring compliance with all AML/CFT laws and regulatory requirements related to VASP activities. The MLRO’s duties include assessing risks outlined in the Compliance and Risk Management Rulebook and ensuring that VASP staff are trained on compliance and AML/CFT laws.

Furthermore, VASPs must establish and implement appropriate AML/CFT controls, which involve using analytics and other suitable tools to screen transactions. VASPs must also enforce policies that align with existing recommendations, such as:

Lastly, VASPs must maintain records per Federal AML/CFT laws, ensuring that all records are kept for at least 8 years.

VARA’s Compliance and Risk Management Rulebook, Part I, Section F. Books and Records

Client Due Diligence

VASPs are required to conduct client due diligence (also known as customer due diligence) in the following situations:

  • When establishing a business relationship for all services related to virtual asset activities.

  • For all transactions equal to or greater than AED 3500, or in the case of multiple transactions equaling AED 3500.

  • When suspicious activity is suspected or the validity of previously obtained information is in doubt.

  • For all transactions conducted for high-risk clients.

  • All suspicious transactions must be reported to the UAE FIU and VARA.

As part of the client due diligence (CDD) process, VASPs must verify the identification of individuals and entities using reliable documents from an independent source. These documents include: 

For individuals: 

  • full name as shown on an identification card or a travel document [along with a copy of the original and valid identification card or travel document];

  • nationality;

  • address;

  • place of birth;

  • name and address of employer; and

  • if the client is a Politically Exposed Person, approval from the MLRO and a member of the Senior Management is required prior to establishing a business relationship with such client.

For entities: 

  • full name of the Entity;

  • type of Entity;

  • constitutional documents [e.g. memorandum of association and articles of association] attested by competent authorities within the UAE;

  • principle place of business;

  •  names of individuals holding Senior Management positions in the Entity; and

  • if the UBO is a Politically Exposed Person, approval from the MLRO and a member of the Senior Management is required prior to establishing a business relationship with such client.

If a VASP cannot conduct appropriate CDD on a client, it is not permitted to establish and maintain a business relationship with the client nor execute transactions on behalf of the client. 

VARA’s Compliance and Risk Management Rulebook, Part III, Section E. Client Due Diligence

VARA aims to establish a level playing field for financial institutions and VASPs across the Emirate, positioning itself as a global hub for crypto investors, businesses, and related fintechs.

Do you have a question that wasn’t addressed in the article? Let us know.

Download the Dubai Travel Rule Overview

Download Now

Written by:
21Author (3)
21 Analytics
The Content Team

LinkedIn

Copy
Link Icon
Back Button Icon
Back
Copy
Link Icon

Related Posts

DubaiVirtualAssets blog
23/02/2023

What Is Dubai’s Virtual Assets Regulatory Authority (VARA)?

Read More
blog-VARAsComplianceandRiskManagementRulebook
17/03/2023

VARA’s Compliance and Risk Management Rulebook

Read More
blog VARAsComplianceCompanyRulebook
05/04/2023

VARA’s Company Rulebook

Read More
21 Analytics offers Software Solutions for Virtual Asset Service Providers.
Privacy Policy      Press
Poststrasse 22, Zug, Switzerland     |     info@21analytics.ch
Cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
Accept