REGXPERIENCEADGM AML
ADGM · FSRA AML Rulebook VER11.210526 · for the MLRO

Know where you stand — before the regulator asks.

RegXperience is a recurring self-assessment for ADGM AML/TFS: measure your firm against every applicable Rulebook chapter, as often as you want, with evidence-backed scoring (verdict × maturity, per requirement, every claim cited) — then auto-draft the reports the regime actually requiresgap register and remediation plan included

Google sign-in · unlimited runs · content pinned to VER11.210526

The reporting year, told honestly

Three artifacts are mandatory. Everything else is rhythm.

Vendors love to sell “7 regulatory reports a year.” The Rulebook doesn't say that — and your credibility with the FSRA depends on knowing the difference.

JANFEBMARAPRMAYJUNJULAUGSEPTOCTNOVDECMLRO report · H2Rule 12.4.1Annual AML ReturnRule 4.6.1MLRO report · H1Rule 12.4.1Effectiveness reviewRule 4.1.1(4)TODAYMANDATORY — 2× MLRO REPORT + 1× AML RETURN + THE REVIEW THAT FEEDS THEMBOARD MI PACKS — BEST PRACTICE, NOT A RULEBOOK FILING
The honest count: ADGM mandates 3 reporting artifacts a year — not 7. The semi-annual MLRO cadence comes from FSRA/FCPU Notice No. 1 of 2020; the Return files via FSRA Connect by end-April. Quarterly board packs are governance best practice, and this product says so plainly.

What feeds what: the Rule 4.1.1(4) effectiveness review supplies item (a) of each MLRO report; the MLRO reports and the gap register supply the Annual AML Return working paper; senior management's assessment of each report is itself a record the FSRA receives (Rule 12.4.2–12.4.3).

Who this assesses

Your entity type decides which chapters apply.

Stage 1 of every assessment is scoping — the anchor generic GRC tools don't have.

Authorised Person / Recognised Body

The widest scope — Chapters 1–14, correspondent banking and travel-rule questions included when you declare the exposure.

DNFBP

Adds Chapter 15 registration; the correspondent-banking chapter falls away. Category captured per Rule 3.2.1.

Representative Office

No customers — Chapters 7–10 don't apply, giving the shortest assessment.

Non-Profit Organisation

Assessed against Chapter 16 only: control, purpose and six-year fund traceability.

What it asks

The 16-chapter Rulebook, as 67 assessable requirements.

Each question carries its rule citations, a compliant / partially / non-compliant rubric, the evidence it expects — and, where the ADGM RA published them, the peer benchmark.

  • D1Governance, responsibility & compliance culture

    Ch. 1 · 4.14 questions

  • D2Group policies & record-keeping

    § 4.3 · 4.54 questions

  • D3Annual AML Return readiness & high-risk jurisdictions

    § 4.6 · 4.93 questions

  • D4Risk-based approach

    Ch. 53 questions

  • D5Business risk assessment

    Ch. 67 questions

  • D6Customer risk assessment

    Ch. 74 questions

  • D7CDD, EDD, SDD, ongoing monitoring & PEPs

    Ch. 88 questions

  • D8Third-party reliance & outsourcing

    Ch. 93 questions

  • D9Correspondent banking, transfers & prohibited accounts

    Ch. 105 questions

  • D10Targeted financial sanctions

    Ch. 115 questions

  • D11MLRO appointment, standing & reporting

    Ch. 125 questions

  • D12AML/TFS training & awareness

    Ch. 133 questions

  • D13SAR/STR governance

    Ch. 146 questions

  • D14DNFBP registration & supervision

    Ch. 152 questions

  • D15Non-profit organisation obligations

    Ch. 162 questions

  • D16Annual effectiveness review

    Rule 4.1.1(4)3 questions

Why score maturity, not just compliance

The regime penalises inadequate controls — not just actual laundering.

Three findings from the public record shaped how this product scores.

Systems-and-controls adequacy is the test.

In the FSRA's December 2024 settlement with an ADGM firm over AML systems-and-controls failures, the investigation "did not identify any instances of actual money laundering." The failures alone were enough. So every requirement here is scored on design and operating effectiveness — a 1–5 maturity rating beside the verdict.

Prompt remediation is worth real percentage points.

The same settlement carried a 20% discount for early settlement and a further 10% for cooperation and prompt remedial action. That is why the gap register — owners, due dates, tracked closure — is a first-class surface here, not an export.

The RA already told you the questions.

The ADGM Registration Authority's 2024 DNFBP thematic review — a 40-question questionnaire across 202 firms — says firms should "utilize this review as a self-assessment tool." Its published good-practice pairs and benchmark percentages (94% documented BRA methodology, 74% annual BRA review, 95% senior-management approval…) are seeded into the rubrics you'll answer against.

Inside the workspace

Everything sign-in unlocks, in three phases.

1 · Scope & assess

  • Stage 1 scoping — entity type + exposures switch domains on/off (Rule 1.2.1)
  • Unlimited versioned assessment runs; “reassess since last run” carries answers for delta review
  • Per-requirement verdict + 1–5 maturity + rationale, every question cited

2 · Track & remediate

  • Evidence locker — sha-256 fingerprints, Rule 4.5.1 six-year retention clocks
  • Document Quality Evaluation Engine scores whether evidence satisfies its requirement
  • Conflicting self-ratings flagged for human confirmation; gap register with severity, owner, due date

3 · Report & attest

  • MLRO semi-annual report — Rule 12.4.1(a)–(f) auto-drafted from run data
  • Annual AML Return working paper + effectiveness-review working paper
  • Quarterly board MI pack · everything exports to Word with sign-off trails
The path

From sign-in to a signed-off report.

  1. 01Scope the firmRule 1.2.1

    Entity type, DNFBP category, correspondent-banking / virtual-asset exposure. Output: your applicability filter.

  2. 02Assess domain by domainCh. 4–16

    Answer each in-scope requirement: verdict, maturity, rationale. An honest N/A needs a justification a supervisor could read.

  3. 03Attach evidenceRule 4.5.1

    Upload the BRA, policies, training logs. The engine scores each document against its requirement and flags wishful ratings.

  4. 04Complete & score the run

    Weighted compliance % and maturity per domain; every adverse verdict becomes a gap with severity, owner and due date.

  5. 05Generate the reportsRules 12.4.1 · 4.6.1 · 4.1.1(4)

    MLRO report, Return working paper, effectiveness review, board pack — drafted from your data, edited by you, signed off on the record.

Start your first run

MLRO · deputy · compliance in-charge — one workspace

Boundaries & official sources

What this product deliberately does not do: no live CDD, screening or transaction monitoring; no SAR/STR filing to goAML; no direct FSRA Connect submission. RegXperience assesses and reports on your AML programme — it does not run it. And because the FSRA does not publish the Return's field-by-field form, our working paper is a reasoned Rulebook mapping, labelled as such.

ADGM AML and Sanctions Rules and Guidance, VER11.210526 — the primary text. It supersedes every summary in this product.

ADGM AML supervision hub · FSRA Connect (Return filing) · UAE FIU goAML (SAR/STR filing).

Content pinned to VER11.210526 · re-validated on each ADGM update