Cash Deposits: Key Overview
- Cash deposit obligations differ meaningfully across entity types: FIs face a CDD trigger at AED 55,000, DPMS dealers share the same cash threshold, and VASPs have a lower trigger of AED 3,500 per Cabinet Resolution No. 134 of 2025.
- All three entity types share the same STR filing obligation: file via goAML immediately upon forming reasonable grounds for suspicion, with no minimum monetary threshold.
- Structuring detection across accounts and time periods, rather than at the individual transaction level only, is a sound monitoring approach that supports the ongoing monitoring and suspicion indicator obligations in the 2025 framework.
- Senior Management-approved internal policies and a Compliance Officer at management level are required for all regulated entities under Cabinet Resolution No. 134 of 2025.
- Failure to file an STR where grounds exist carries criminal liability of imprisonment plus a fine of AED 100,000 to AED 1,000,000 under Federal Decree Law No. 10 of 2025.
Cash deposits are the mechanism through which criminal proceeds physically enter the UAE’s regulated financial system. Whether your entity is a financial institution, a DNFBP, or a VASP, your obligations to detect, monitor, and report suspicious cash deposit activity are set out in Federal Decree Law No. 10 of 2025 and Cabinet Resolution No. 134 of 2025, and they differ in important ways across entity types.
Why Cash Deposits are a Priority Risk Across All Regulated Entities
Article 19 requires all regulated entities to identify and manage money laundering risks and apply CDD measures calibrated to those risks.
The UAE 2024 National Risk Assessment identified cash as a high-risk instrument for money laundering, and supervisory authorities have signalled that cash transaction monitoring is a priority area in current inspection cycles across all regulated sectors.
What Financial Institutions Are Required to Do
CDD Trigger for Cash Transactions
Ongoing Monitoring
Cabinet Resolution No. 134 of 2025, Article 8, requires FIs to conduct ongoing monitoring of all business relationships, with particular attention to transactions that are inconsistent with what the entity knows about the customer’s business, risk profile, and source of funds. A customer whose declared income or business activity does not support the cash deposit volumes observed is precisely the kind of inconsistency this obligation is designed to surface.
FIs receive cash through multiple channels simultaneously: branch tellers, ATMs, and cash deposit machines. Integrating data across all deposit channels into a coherent customer-level view is a sound approach to meeting the ongoing monitoring obligation in Article 8. Entities that review each channel in isolation risk missing patterns that are only visible at the whole-customer level.
Monitoring for Structuring
Structuring, which is the deliberate breaking of large cash sums into smaller deposits to avoid reporting thresholds, is a criminal offence when carried out with the intent to evade reporting obligations. Cabinet Resolution No. 134 of 2025, Article 17, requires all FIs to establish and update indicators of suspicious activity. A monitoring approach calibrated to detect patterns across multiple accounts, branches, and time periods, rather than at the level of individual transactions only, is more likely to surface structuring behaviour and is consistent with the purpose of the Article 17 obligation.
What DNFBPs Are Required to Do
Sector Triggers and Applicability
Cabinet Resolution No. 134 of 2025, Article 3, defines the six DNFBP categories and their specific triggering conditions. Not all DNFBP sectors face the same cash deposit exposure. DPMS and real estate agents carry the most direct cash-related risk, but all DNFBP sectors with cash transaction activity are subject to the full preventive measures framework.
Dealers in Precious Metals and Precious Stones
Cabinet Resolution No. 134 of 2025, Article 3(3), specifies that DNFBP obligations are triggered when a DPMS dealer engages in a single or linked cash transaction of AED 55,000 or more. Cash placement risk in DPMS is particularly significant because of the physical-to-asset conversion opportunity: criminals cash purchases high-value portable items, and deposit risk re-emerges when those items are sold, and the proceeds enter the banking system. DPMS businesses can also serve as commingling vehicles where illicit cash is mixed with legitimate trading revenue before deposit.
When the CDD trigger is reached, the dealer is required under Cabinet Resolution No. 134 of 2025, Articles 9 and 10, to apply customer identification and beneficial owner verification. Where reasonable grounds for suspicion arise, the STR obligation under Federal Decree Law No. 10 of 2025, Article 18, applies independently of whether the AED 55,000 threshold was met.
Real Estate Agents and Brokers
Cabinet Resolution No. 134 of 2025, Article 3(2), requires real estate agents and brokers to apply CDD when concluding transactions or settlements on the purchase or sale of real estate. There is no monetary threshold for this trigger: it applies to all qualifying transactions. Where cash is involved in a transaction, and the source of funds cannot be satisfactorily explained, and where reasonable grounds for suspicion arise, the agent is required to file an STR via goAML under Federal Decree Law No. 10 of 2025, Article 18.
Lawyers, Accountants, and TCSPs
Cabinet Resolution No. 134 of 2025, Article 3(4), covers lawyers, notaries, independent legal professionals, and independent accountants when they prepare or execute financial transactions on behalf of customers in specified categories, including managing customer funds and accounts, and organising contributions for company formation. Where these professionals handle cash on behalf of clients, they carry the same STR filing obligations as other regulated entities under Federal Decree Law No. 10 of 2025, Article 18, subject to the professional secrecy exception in that article.
Cabinet Resolution No. 134 of 2025, Article 3(5), triggers TCSP obligations when carrying out incorporation services, acting as a director or registered office, or acting as a trustee. Where cash is involved in any of these activities, the monitoring and reporting obligations apply.
Strengthen AML Controls for Cash Deposits
Learn how to identify suspicious cash deposit activity, detect structuring patterns, and reduce exposure to money laundering risks.
What VASPs Are Required to Do
The Cash-to-Crypto Risk
VASPs face a specific cash deposit risk that arises not from physical cash entering the VASP directly, but from customers whose fiat funds originated in cash deposits at traditional financial institutions. The cash-to-crypto typology involves depositing physical cash, converting it to virtual assets, and then using the virtual asset layer to obscure the trail before converting back to fiat currency. Assessing whether a customer’s upstream fiat transaction profile suggests cash as the source of funds is consistent with the risk management obligations, requiring entities to identify, manage, and update money laundering risks relevant to their business under Federal Decree Law No. 10 of 2025, Article 19.
CDD Trigger for VASPs
Cabinet Resolution No. 134 of 2025, Article 7(3), sets the CDD trigger for VASPs at AED 3,500 for single or linked occasional transactions. This is significantly lower than the AED 55,000 threshold applicable to FIs for cash transactions, reflecting the elevated risk profile of virtual asset activity. When the trigger is reached, the VASP is required to apply the full CDD requirements under Cabinet Resolution No. 134 of 2025, Articles 9 and 10. Where a customer’s transaction profile gives rise to reasonable grounds for suspicion under Federal Decree Law No. 10 of 2025, Article 18, the STR filing obligation applies.
Red Flags Across All Three Entity Types
The indicators below are well-recognised patterns associated with cash deposit typologies. They are not legal obligations in themselves but are consistent with the requirement to establish and update suspicion indicators under Cabinet Resolution No. 134 of 2025, Article 17. Their presence, individually or in combination, may give rise to reasonable grounds for suspicion under Federal Decree Law No. 10 of 2025, Article 18.
| # | Category | Red Flag Indicator | Most Relevant Sector |
|---|---|---|---|
| 1 | Customer profile | Declared income or business activity inconsistent with the volume and frequency of cash deposits observed | FIs, DNFBPs |
| 2 | Customer behaviour | Unwilling or unable to explain the source of cash during a CDD review | All |
| 3 | Transaction pattern | Deposits consistently structured just below the applicable reporting threshold | FIs, DNFBPs |
| 4 | Transaction pattern | Cash deposited and transferred out within 24 to 48 hours in closely corresponding amounts | FIs |
| 5 | Third-party deposits | Unrelated individuals deposit cash into the same account without a documented commercial relationship | FIs, TCSPs |
| 6 | Business account | Cash deposit volume disproportionate to declared sector, size, and verified commercial activity | FIs, DNFBPs |
| 7 | VASP-specific | Fiat deposits followed by immediate conversion to virtual assets with no apparent commercial purpose | VASPs |
| 8 | Geography | ATM deposits made at locations geographically inconsistent with the customer’s declared address | FIs |
| 9 | DPMS-specific | Large cash purchases of precious metals or stones with no credible source of funds explanation | DPMS |
Build Smarter AML Controls for Cash Transactions
See how enhanced monitoring and risk-based controls help financial institutions manage cash deposit compliance more effectively.
Controls That Apply Across All Regulated Entities
Senior Management-Approved Internal Policies
Cabinet Resolution No. 134 of 2025, Article 21, requires all regulated entities to establish internal AML/CFT policies, controls, and procedures that are approved by Senior Management, designed to manage and mitigate identified risks, and reviewed and updated continuously. For entities handling cash, policies should specifically address cash transaction monitoring. A generic policy that addresses typologies only in broad terms may not fully reflect the entity’s specific risk profile.
Compliance Officer
Cabinet Resolution No. 134 of 2025, Article 22, requires all regulated entities to appoint a Compliance Officer at the management level. The Compliance Officer is responsible for monitoring transactions, reviewing STR data, and ensuring the entity’s AML controls are functioning. Good practice is for the Compliance Officer to have sufficient resources to review cash deposit monitoring outputs in a timely manner, particularly in entities where cash volume is significant.
Record Retention
Cabinet Resolution No. 134 of 2025, Article 25, requires all records related to cash transactions, CDD conducted in connection with those transactions, and any STRs filed to be retained for a minimum of five years from the transaction date or the end of the business relationship. Records must allow full reconstruction of the transaction and must be immediately available to competent authorities on request.
Penalty Reference
| # | Obligation | Penalty for Failure | Legal Source |
|---|---|---|---|
| 1 | Failure to file an STR where grounds exist | Imprisonment plus AED 100,000 to AED 1,000,000 |
FDL 10/2025, Art. 28 |
| 2 | Tipping off the subject of an STR | Imprisonment plus fine of at least AED 50,000 |
FDL 10/2025, Art. 29 |
| 3 | Customer due diligence failure | Administrative fine and possible licence action |
FDL 10/2025, Art. 17
CR 71/2024 |
| 4 | Record-keeping failure | Administrative fine |
FDL 10/2025, Art. 17
CR 71/2024 |
| 5 | Administrative sanctions (general range) | Warning; fine AED 10,000 to AED 5,000,000 per violation; up to revocation |
FDL 10/2025, Art. 17 |
How ZFC UAE Can Help
Frequently Asked Questions About Cash Deposits
Our DPMS business mostly handles non-cash transactions. Do we still need to consider cash deposit risk?
Yes. Cabinet Resolution No. 134 of 2025, Article 3(3), triggers DNFBP obligations whenever a cash transaction of AED 55,000 or more is involved, regardless of the overall business mix. Beyond the threshold trigger, it is also sound practice to consider whether customers may be using non-cash purchases to convert previously deposited cash, which is a layering-stage risk that may sit within the ongoing monitoring obligation in Article 8.
As a VASP, we do not accept physical cash. Is cash deposit risk still relevant to us?
Yes. The cash-to-crypto typology means criminal cash deposited at a financial institution can be used to fund virtual asset purchases at the VASP level. Federal Decree Law No. 10 of 2025, Article 19, requires all entities to identify and manage the money laundering risks relevant to their business. Where a customer’s fiat transaction profile suggests cash as the upstream source of funds, that is a risk factor worth assessing. If reasonable grounds for suspicion arise under Article 18, the STR obligation applies.
At what point does a structuring pattern become grounds for an STR?
There is no fixed formula. The assessment is whether the overall pattern, taken with everything the entity knows about the customer, gives rise to reasonable grounds for suspicion under Federal Decree Law No. 10 of 2025, Article 18. A consistent pattern of deposits below the AED 55,000 threshold across multiple transactions, with no satisfactory explanation available, is the kind of picture that calls for STR consideration.
Can we wait for the customer to explain the deposits before filing?
Seeking an explanation may be appropriate as part of the CDD process before suspicion has formed. Once reasonable grounds for suspicion exist, however, the obligation under Cabinet Resolution No. 134 of 2025, Article 18, is to file immediately. The filing obligation cannot be deferred while awaiting a customer response. Separately, informing a customer about an STR that has already been filed would be a tipping-off offence under Federal Decree Law No. 10 of 2025, Article 29.
Reduce False Positives in Cash Deposit Reviews
Learn how compliance teams balance legitimate cash activity with suspicious transaction detection using smarter AML workflows.
Hetal Kundalia
Hetal Kundalia brings deep expertise in anti-money laundering compliance, with a focused understanding of the UAE’s regulatory environment. She has worked across sectors, including financial institutions, DNFBPs, VASPs, and emerging fintechs. She has supported them in designing AML frameworks that are not just compliant on paper but operationally sound under review.
She holds the ICA / MOET certification in AML/CFT for DNFBPs and applies that training to real-world compliance delivery. Her work reflects the regulatory priorities of the FIU, DIFC, VARA, MoET, MoJ, and Central Bank, while aligning with FATF recommendations and UAE AML laws.
Hetal leads advisory across all our core services from enterprise-wide risk assessments and control design to CDD strategy, transaction monitoring, governance structuring, and remediation support. She works directly with MLROs and compliance teams to identify gaps, strengthen documentation, and prepare programs for regulatory scrutiny. Her work reflects a simple principle: doing the work in a way that stands up, holds together, and makes sense.
Expert Strategies, Industry Trends & Real Results
