Insights AML
Gold Trader UAE AML: the DPMS Programme and the AED 55K Trigger
Gold trader UAE AML programme — DPMS AED 55,000 cash threshold, DPMSR filing, MLRO appointment and goAML registration for UAE dealers in precious metals.

Key takeaways
- DPMS scope under FDL 20/2018, CD 10/2019 — gold, silver, platinum, palladium and precious stones
- AED 55,000 single or aggregated cash threshold triggers a DPMSR filing
- DPMSR is filed through goAML within fifteen business days of the transaction
- CDD required for every cash counterparty regardless of repeat-customer status
- Sanctions screening against OFAC, UN consolidated and UAE Local Terrorist lists
- Five-year retention under CD 10/2019, with the MLRO as the named filer
A UAE gold trader AML programme is one of the highest-risk corners of the DNFBP framework, and it’s not hard to see why. The business runs on cash, the commodity moves across borders easily, and a slice of the customer base would rather not be asked too many questions. On top of that, the reporting obligations are unusually specific — they fire at the AED 55,000 cash threshold and nowhere lower. Every UAE Dealer in Precious Metals and Stones (DPMS) — gold wholesaler in the Dubai Gold Souk, jewellery retailer, diamond trader in the DMCC Diamond Exchange, bullion house, precious-metals refiner — is a scoped DNFBP under Federal Decree-Law No. 20 of 2018 and Cabinet Decision No. 10 of 2019. That means a Business Risk Assessment, an appointed MLRO, goAML registration through the UAE Financial Intelligence Unit, CDD on cash counterparties, threshold reporting through DPMSR and ongoing monitoring. This guide walks through the scope, the AML programme template a UAE gold or jewellery trader needs in 2026, the AED 55,000 trigger mechanics, DPMSR drafting, STR red flags and what your external AML compliance adviser is expected to prepare behind the scenes.
Why gold keeps drawing FIU attention
The UAE precious-metals sector handles a large share of global gold flow. The DMCC coordinates the Dubai Good Delivery refinery standard and the responsible-sourcing audits. The Dubai Gold and Commodities Exchange trades futures contracts that interact with physical flows. The FATF mutual evaluation of the UAE flagged DPMS supervision as a strategic priority, and the Ministry of Economy has stepped up on-site inspections since 2022.
The DPMS scoping language captures:
- UAE gold wholesalers in the Dubai Gold Souk, Sharjah Souk and other emirate gold districts
- Jewellery retailers in malls, souks and standalone stores selling pieces containing precious metals or stones
- Diamond traders in the DMCC Diamond Exchange and other diamond markets
- Bullion dealers and houses selling investment-grade gold, silver, platinum and palladium
- Precious-metals refiners processing scrap, bar and coin
- Wholesalers supplying retail jewellery outlets across the UAE and the wider region
The trade licence category — commercial, industrial or specialist — does not change the obligation. Free zone DMCC operators face identical AML obligations to mainland Department of Economic Development licensees.
Velmont Crest is a DED-licensed accounting firm with eight-plus years of UAE practice supporting AML compliance and gold and jewellery sector accounting for DPMS operators across mainland and free zone setups.

Six things inspectors check, in this order
A defensible UAE DPMS programme has six pieces. Inspectors look for all six on a Ministry of Economy on-site visit.
Start with the Business Risk Assessment
The DPMS BRA scores firm-level exposure across five dimensions: customer risk (walk-in retail buyers, repeat wholesale buyers, business-to-business counterparties, non-resident visitors paying in cash), product risk (high-value bullion versus retail jewellery, scrap-gold buy-back), geographic risk (sourcing jurisdictions, customer origin countries, FATF high-risk markets), delivery channel risk (in-store sales versus off-counter wholesale transactions) and transaction risk (cash exposure, payment-method mix, deal-size distribution). The BRA is refreshed annually and whenever the trader enters a new product line or sourcing corridor.
The threshold monitoring procedure that actually catches things
This is the operational heart of a DPMS programme. The procedure defines:
- How cash transactions are recorded at the point of sale or wholesale counter
- How transactions are aggregated by counterparty across the calendar day and the calendar week
- The flagging rule that surfaces every counterparty reaching or exceeding the AED 55,000 cash threshold
- The daily MLRO review of flagged-transactions report
- The DPMSR drafting workflow and the fifteen-business-day filing deadline through goAML
A POS that records transactions but never aggregates by counterparty leaves the MLRO blind. A back-office reconciliation that groups by date but not by buyer ID fails for the same reason. The Ministry of Economy expects the aggregations to surface on their own — not for someone to go hunting for them after the fact.
CDD before the sale completes, not after
CDD on cash counterparties at or above the threshold collects: passport or Emirates ID copy, residential address, source of funds narrative, intended use of the gold or stones purchased, and screening clearance. For repeat buyers a file is opened on first qualifying transaction and refreshed periodically. For walk-in customers paying in cash at threshold, CDD is collected before the transaction completes — not after.
For wholesale customers and business counterparties, CDD extends to the legal entity (trade licence, MoA, registered office) and every Ultimate Beneficial Owner above the 25 percent threshold under the UBO Procedures in CD 58/2020.
Sanctions and PEP screening every time
Every CDD’d counterparty is screened against the UAE Local Terrorist List, the UN Security Council Consolidated Sanctions List, the OFAC Specially Designated Nationals list and adverse-media databases. Screening is captured in writing with source, date, reference and clearance decision. Re-screening runs whenever a list is materially updated and at periodic refresh cycles for repeat counterparties.
Appointing the MLRO and getting on goAML
The MLRO is appointed in writing before the goAML registration is submitted. The MLRO has direct authority to file DPMSRs and STRs without obtaining permission for each filing and reports straight to senior management. The trader then completes the Ministry of Economy SACM registration, the goAML enrolment and the linked EmaraTax records. See our goAML registration guide for the step-by-step portal walkthrough.
Training, records and the annual self-assessment
Counter staff, wholesale staff and management complete annual AML training documented with attendance logs. Counter-staff training specifically covers cash structuring identification, refusal of CDD documentation by a buyer, and the internal escalation route. All CDD files, DPMSRs, STR filings and MLRO assessments are retained for five years from the transaction date under CD 10/2019. The trader files an annual self-assessment report with the Ministry of Economy through SACM.
AED 55,000
Cash transaction threshold per Cabinet Decision 10 of 2019 — aggregated across linked transactions with the same counterparty, not per individual invoice

How aggregation works
The threshold mechanics matter because most DPMSR omissions trace back to misunderstanding what counts as a single transaction. The Ministry of Economy applies four operational rules:
- Single transaction. A single cash invoice at or above AED 55,000 triggers DPMSR — straightforward.
- Linked transactions within the same visit. Multiple cash invoices to the same buyer in the same visit are aggregated. AED 30,000 + AED 25,000 = one AED 55,000 transaction.
- Linked transactions within the same calendar day. Multiple cash transactions with the same buyer on the same day are aggregated even across separate visits or counters.
- Structuring suspicion. Multiple cash transactions with the same buyer across days that appear designed to stay below the threshold trigger an STR regardless of whether any individual day reaches AED 55,000.
The fifteen-business-day filing deadline runs from the date of the qualifying transaction, not from the date the MLRO completes the assessment. A DPMSR filed on day sixteen is a late filing — an inspection finding even where the substantive content is correct.
When a sale should stop and the MLRO should hear about it
Beyond the threshold mechanics, certain customer behaviours trigger an STR regardless of value.
The buyer who insists on cash, broken into pieces
- Customer offers to pay in cash for a transaction below the AED 55,000 threshold but breaks the payment into multiple instalments designed to stay below it
- Customer arrives with cash bundled in unusual denominations or sealed wrappers consistent with bulk transport
- Customer requests an invoice value that does not match the cash tendered
- Payment instructions involve a third party not previously disclosed
- Wholesale customer requests cash payment for product invoiced electronically
The customer who can’t explain why they’re here
- Customer refuses to provide identification at or above the threshold and asks to walk away from the transaction
- Customer cannot articulate the source of cash or provides inconsistent stories
- Repeat customer pattern of just-below-threshold purchases over compressed periods
- Customer is uninterested in the product specification, design or quality and focuses entirely on weight or bullion content
- Customer requests delivery to an address materially distant from the place of purchase without explanation
The wholesale request that doesn’t fit a retail story
- Wholesale request for high volumes of a single bullion specification without retail destination
- Buyback request for newly purchased product within a short period at the same outlet
- Customer offers to sell scrap gold of inconsistent origin without documentation
- Request to melt down identifiable jewellery for bullion without provenance evidence
The name that doesn’t pass screening
- Beneficial owner or named counterparty appears on a sanctions list — OFAC, UN, UK HMT, UAE Local Terrorist List
- Adverse media linking the buyer to investigations or proceedings
- Counterparty is a Politically Exposed Person not previously disclosed
- Counterparty is registered in a FATF high-risk jurisdiction without commercial rationale
When any of these triggers appear, the staff member escalates to the MLRO without tipping off the customer. Tipping off is a criminal offence under Article 25 of FDL 20/2018.
The single change that prevents most DPMSR omissions is configuring the POS or back-office system to flag any counterparty reaching seventy percent of the threshold during a calendar day. That gives the MLRO time to confirm CDD is complete and to authorise the transaction before it exceeds AED 55,000 — instead of discovering the breach the next morning when the daily report runs.

Where we see programmes slip
Per-invoice thinking is the one that catches most firms. Treat each invoice in isolation and you miss the aggregation rule for same-counterparty same-day transactions, and that single misreading is behind more late or missed DPMSRs than anything else on this list.
The next slip is timing on CDD. When the sale is allowed to complete and the passport gets asked for at handover, the transaction has already gone through and can no longer be evaluated. The procedure wants CDD collected before completion at the threshold, not after.
Walk-in repeat customers without a file are a quieter problem. A buyer who keeps coming back for cash purchases at AED 30,000 to 50,000 is a structuring red flag even where no single visit reaches the threshold, and the MLRO needs a file showing the pattern was actually looked at.
Then there is the counter itself. An assistant who doesn’t recognise a structuring pattern or doesn’t know the escalation route disables the whole programme at the exact moment it’s supposed to work.
Sanctions screening pegged to transaction size is another one. Exposure doesn’t scale with deal value. A AED 10,000 cash sale to a sanctioned individual is still a sanctions violation, so screening has to run for every CDD’d counterparty, not just the big ones.
And late filings. The fifteen-business-day clock runs from the transaction date, not from the date the MLRO finishes the assessment, so the internal workflow needs to leave the MLRO at least ten working days to assess and submit.
Where this leaves your gold trading desk
If your UAE gold or jewellery trading firm has not completed a Business Risk Assessment, configured a threshold-aggregation routine or registered an MLRO on goAML, you are outside the federal AML/CFT framework. The fine for non-registration alone starts at AED 50,000. The per-violation bands for missing DPMSRs, missing CDD files and undocumented MLRO assessments under Cabinet Decision 16 of 2021 climb fast from there.
If you have a manual but it has not been refreshed against current Ministry of Economy expectations, the gap is usually in three places: the threshold-aggregation procedure is per-invoice rather than per-counterparty, counter-staff training has not been refreshed in twelve months, and sanctions re-screening is not running on repeat customers.
Velmont Crest’s UAE compliance team provides advisory support across the DPMS programme lifecycle — from Business Risk Assessment through MLRO appointment support, goAML registration assistance, policy drafting, threshold-monitoring methodology and inspection-readiness reviews. We pair this with bookkeeping and audit assistance work so the AML evidence trail aligns with the underlying financial records. We are a DED-licensed UAE accounting firm and authorised channel partner with Meydan Free Zone and RAKEZ.
For a clean review of where your gold trader AML programme stands today, book a free consultation.
Disclaimer: Velmont Crest is a DED-licensed accounting firm. We provide advisory, preparation and compliance support services. We are not a licensed MLRO of record, regulated DPMS counterparty or FTA tax agent. AML/CFT rules and DPMS obligations change frequently — verify all requirements with the UAE Financial Intelligence Unit, the Ministry of Economy and your sector regulator, and engage a licensed legal or AML professional for advice specific to your circumstances.
References
- UAE Financial Intelligence Unit — goAML portal
- Federal Decree-Law No. 20 of 2018 on AML/CFT
- Cabinet Decision No. 10 of 2019 — Implementing Regulations
- Cabinet Decision No. 58 of 2020 — Beneficial Owner Procedures
- Cabinet Decision No. 16 of 2021 — AML Administrative Penalties
- UAE Ministry of Economy — AML/CFT guidance for DNFBPs
Frequently asked questions
- Which UAE businesses count as DPMS?
- Pretty much anyone trading in precious metals, precious stones, or jewellery made from them, once a transaction hits the cash threshold. Cabinet Decision 10 of 2019 puts it in those terms, and in practice it sweeps up a wide net: gold wholesalers in the Dubai Gold Souk, jewellery retailers in malls and souks, diamond traders in the DMCC Diamond Exchange, bullion dealers, refiners, and the wholesalers feeding retail outlets. Your trade licence category doesn't matter here. Commercial, industrial, specialist — same obligations either way. Free zone or mainland, also identical.
- What is the AED 55,000 threshold, and how does aggregation work?
- It's the cash figure that turns an ordinary sale into a reportable one. Under Cabinet Decision 10 of 2019 it applies to a single cash transaction, or a run of linked cash transactions with the same customer, once the total reaches AED 55,000. And the Ministry of Economy reads 'linked' broadly — invoices to the same buyer on the same day, or close together, get added up. So a customer who pays AED 30,000 cash for a chain and AED 25,000 cash for matching earrings in one visit has made one AED 55,000 transaction, and it needs a DPMSR. Slicing payments to stay just under? That's a red flag in its own right, and it triggers an STR.
- What's the difference between a DPMSR and an STR?
- A DPMSR is purely about the number. Any cash transaction at or above AED 55,000 gets one filed, suspicious or not. An STR is about your judgement — the MLRO files it whenever there are reasonable grounds for suspicion, at any value. One deal can need both. A AED 80,000 cash payment with a hand-wavy source-of-funds story, for instance: the threshold pulls in a DPMSR, the vagueness pulls in an STR. Same goAML portal, different templates.
- Who can be the MLRO in a small gold trading firm?
- A senior person, appointed in writing, with the authority to file through goAML without asking permission each time. In a sole-trader shop that's usually the owner himself. A family operation with a few outlets tends to give it to the senior family member or the GM, and a bigger wholesale setup running shifts will often hand it to a dedicated compliance officer. Their name, Emirates ID and contact details go on the goAML registration, so when the person changes you update the portal within days.
- What does an external AML adviser actually do for a gold trader?
- The build-out, not the filing. A specialist drafts the Business Risk Assessment, builds the threshold-monitoring procedure that aggregates daily cash per counterparty, writes the CDD procedure for cash buyers, supports the MLRO appointment and goAML registration, and trains counter staff on ID checks, structuring red flags and DPMSR drafting. Filing the DPMSRs and STRs isn't part of that. That's the appointed MLRO's job, personally, through goAML, and it can't be handed off to your adviser.
Filed under: AML compliance, DNFBP, DPMS, gold trader, MLRO, goAML
Published · Updated

