AML Policies
Anti-money laundering requirements for ZDFZ entities and transactions.
What is AML?
Anti-Money Laundering (AML) refers to the policies, procedures, and regulations designed to prevent the generation of income through illegal activities and the disguising of that income as legitimate funds.
ZDFZ AML Framework
ZDFZ implements a risk-based AML program aligned with FATF recommendations and international best practices. All residents and entities are subject to appropriate AML requirements based on their activities and risk profile.
Core AML Principles
Know Your Customer
Verify the identity of all customers before establishing business relationships.
Transaction Monitoring
Monitor transactions for suspicious patterns and unusual activity.
Record Keeping
Maintain accurate records of all transactions and customer information.
Suspicious Activity Reporting
Report suspicious transactions to relevant authorities.
Who Must Comply?
AML requirements apply primarily to Digital Asset Service Providers (DASPs):
Digital Asset Service Providers (DASPs)
Full AML compliance program required (Digital Assets Code, Articles 12-13).
- ✓ Custody and exchange services
- ✓ Advisory and portfolio management services
- ✓ Digital asset issuance and distribution services
All Regulated Entities
General prohibition against using the Zone for unlawful activities (Charter, Article 3).
The Zone shall not be used to engage in, facilitate, obscure or derive benefit from any activity which is unlawful, including money laundering, terrorism, corruption and fraud.
Note: Additional AML requirements for specific entity types may be prescribed by the Regulator through future Regulations and Rules.
DASP Compliance Requirements
Digital Asset Service Providers must implement these program elements (Digital Assets Code, Articles 12-13):
Risk Mitigation Procedures
- ✓ Measures to identify and assess risks related to money laundering, terrorist financing and other unlawful activities
- ✓ Regular monitoring of transactions for suspicious activity
- ✓ Written internal controls and regular audits to assess effectiveness
Compliance Officer
Each DASP shall appoint a Compliance Officer responsible for all measures adopted to comply with AML requirements, including any reporting requirements imposed by the Regulator or included in the DASP's License.
Risk Assessment
Every DASP shall develop a comprehensive Risk Assessment, including proposed mitigation measures, which shall be submitted to the Regulator with the License application.
Transaction Monitoring
Monitoring Requirements
All Regulated Entities must implement regular monitoring of transactions for suspicious activity and maintain procedures for reporting such transactions to the Regulator, as required by the Digital Assets Code (Article 12) and in alignment with FATF recommendations.
The Regulator may issue additional guidance on specific red flag indicators and monitoring procedures through future Regulations and Circulars.
Reporting Requirements
Digital Asset Transfers (Digital Assets Code, Article 14)
For Digital Asset transfers equal to or greater than $10,000 USD or equivalent:
- ✓ Originator DASPs shall obtain and maintain both Originator and Beneficiary information
- ✓ Beneficiary DASPs shall obtain and maintain both Originator and Beneficiary information upon transfer completion
- ✓ All transfer information shall be made available upon request by the Regulator
Suspicious Activity Reporting
DASPs must maintain procedures for reporting suspicious transactions to the Regulator (Digital Assets Code, Article 12). The Compliance Officer is responsible for any reporting requirements imposed by the Regulator or included in the DASP's License.
Note: Specific reporting timelines and additional requirements may be prescribed by the Regulator through future Regulations, Rules, and Circulars.
Record Retention
DASPs shall maintain all records sufficient to permit the reconstruction of any Transaction for a minimum of five (5) years following completion of the Transaction (Digital Assets Code, Article 11).
This includes Originator and Beneficiary information and transaction details for all Digital Asset transfers.
Sanctions Screening
Eligibility Requirements
Digital Residents must not be included, or related to anyone included, on any United Nations, European Union, or United States Government sanctions lists (Terms of Use). The Regulator performs due diligence to meet international standards with regard to preventing money laundering, financing for terrorism, and other crimes under applicable international law (Regulated Entity Code, Article 8).
Penalties for Non-Compliance
Consequences
- • Fines as determined by the Regulator's published Schedule
- • License suspension or revocation
- • Removal from the Free Zone
- • Criminal prosecution in serious cases
Sanctions are proportionate to the nature and seriousness of the breach, as outlined in the ZDFZ Charter and Commercial Code.