The adoption of Federal Decree‑Law No. 10 of 2025 on Combating Money Laundering, Terrorist Financing, and Financing of Arms Proliferation (“the Law”) marks a significant milestone for the UAE’s regulatory landscape. With the issuance of this law the UAE has demonstrated its commitment to aligning with global anti-financial crime standards, and organisations operating here must now recognise the elevated compliance expectations.

What the Law Changes

Here are some of the most notable shifts introduced by the Law:

• The Law repeals and replaces the previous framework under Federal Decree‑Law No. 20 of 2018, thereby refreshing the regulatory regime.
• The scope of offences has expanded to include, for example, financing of arms proliferation and the financing of Weaponso of Mass Destruction related activities.
• The evidentiary threshold for liability has been lowered. Under the new regime, “knowledge” may be inferred from objective/circumstantial evidence (i.e., “should have known”) rather than requiring proven subjective intent in all cases.
• Virtual asset service providers (VASPs), digital systems and encryption technologies fall explicitly within the ambit of the legislation.
• There is no longer a statutory limitation period for prosecution of ML/TF/PF offences — meaning organisations and individuals may face exposure years after the underlying conduct.
• Significant enforcement powers have been granted, including expansion of asset-freezing, increased fines (entities potentially facing up to AED 100 million in certain cases) and personal liability for senior management.

Implications for Organisations

From our vantage at WMS, several practical implications deserve immediate attention:

1. Governance & Senior-Management Oversight With the heightened liability of board members and senior executives, organisations must ensure that oversight is not merely nominal but active. Minutes, escalation logs, risk committee reports and training records will become vital evidence of effective governance.
2. Compliance Frameworks Need a Refresh Many organisations’ current AML/CTF/PF programmes were calibrated to the 2018-law standard. With the new regime’s expanded scope, these programmes must be re-assessed: beneficial-ownership disclosures, VASP controls, digital-asset risk, cross-border transaction monitoring all must be revisited.
3. Records and Retention Strategy As limitation periods no longer present a safe-harbour, risk-aware organisations should assume that older records might be revisited. Robust document-management, record-retention and audit-trail practices are now non-negotiable.
4. Emerging-Risk & Technology-Focus With digital systems, virtual assets, encryption technologies and proliferation-financing risk clearly addressed in the new law, organisations operating in fintech, trade/logistics, virtual-asset services, or dual-use goods supply chains must give special attention to how these exposures map to their business model.

What WMS Recommends You Do Now :

To best align with the new regulatory environment in the UAE, we recommend the following immediate and strategic actions:

• Conduct a gap assessment: Benchmark your current AML/CTF-PF programme against the requirements and exposures under FDL 10/2025.
• Update risk-assessment models: Ensure your enterprise-risk and AML risk frameworks reflect the new scope (e.g., proliferation financing, virtual assets, no limitation period).
• Engage your board and senior leadership: Ensure active awareness of the new regime — training, charter review, escalation protocols and reporting lines should reflect the enhanced governance expectations.
• Review third-party supply chains: Given the proliferation and virtual asset (VA) focus, suppliers, agents, fintech partners and logistics providers may now bring elevated risk.
• Prepare for enforcement readiness: Although prevention remains best practice, organisations should be ready for regulator or FIU (Financial Intelligence Unit – UAE) enquiries, freezing orders, and cross-border assistance requests. C-suite should know what to ask and how to respond.

Conclusion: The introduction of FDL 10/2025 is more than a regulatory update: it is a signal that the UAE is stepping into a new phase of financial integrity expectations. For boards, CEOs, compliance officers, external auditors and service providers, it means making sure that internal frameworks, governance mechanisms, and risk-management tools are fit for purpose in this more demanding environment.

At WMS, we view this as both a challenge and an opportunity. A challenge because the bar has been raised — but an opportunity because organisations who align early can differentiate themselves as trusted, compliant and resilient partners within the UAE’s evolving ecosystem.

We invite you to reach out to our team if you’d like to discuss how FDL 10/2025 impacts your sector, or to receive a tailored compliance-readiness review.

“In the new era, it’s no longer enough to have policies; what matters is whether leadership can show that they’re enforcing and monitoring them.”

— WMS Compliance Insights Team