1. LFIs' Responsibilities Related to AML / Fraud Prevention

LFIs must follow their established protocols to manage AML / fraud for Open Finance transactions.

• LFIs should manage AML and fraud for Open Finance initiated transactions in the same manner as they do for other transactions

• LFIs should develop real-time fraud / AML capabilities for all transactions, if they don’t have them, including those initiated by TPPs

• There is no need to develop additional Open Finance-specific procedures

• LFIs should seek to utilize and analyze risk indicators provided by TPPs

1.1 AML / Fraud Monitoring and Prevention

Including:

• Monitoring transactions for risk indicators

• Utilizing risk indicators from TPPs

• Educating customers on fraud prevention

1.2 AML / Fraud Detection Process

Including:

• Identifying suspicious transactions

• Verifying activities, including step up authentication

• Collecting supporting documentation

1.3 AML / Fraud Response

Including:

• Conducting investigations

• Deciding on resolution option

• Reporting to authorities

2. TPPs' Responsibilities Related to AML / Fraud Prevention

TPPs must follow robust authentication processes and report risky activities to manage AML/Fraud

2.1 Customer Authentication

• Ensure robust customer authentication in compliance with Open Finance standards for services where TPP is responsible for authentication (e.g., delegated SCA)

• Prevent Fraud, via TPP App access, by making it secure and employing MFA / biometric access

2.2 Suspicious Transactions Monitoring

• Monitor transactions and identify potential Fraud risks

• Report any suspicious activities via the AML GO portal of CBUAE

2.3 Risk Indicators

• Accurately populate risk indicators defined in the Open Finance Standards to be provided to LFIs