UAEServicesIPR & AML ComplianceAML / CFT ServicesAML training and capacity Building

IPR & AML Compliance · AML / CFT Services

AML training and capacity Building

AML Training and Capacity Building is the engagement through which PNPC turns a written AML/CFT policy into a workforce that can actually recognise red flags, run Customer Due Diligence correctly, and escalate a suspicion without tipping off the customer.

Chartered Accountants · Dubai · Since 1986

What AML training and capacity Building is

AML Training and Capacity Building is the practical, staff-facing layer of a UAE anti-money laundering and countering the financing of terrorism (AML/CFT) compliance programme, required under Federal Decree-Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and its Cabinet Decision implementing regulations, most recently consolidated under Cabinet Decision No. 10 of 2019 as amended. The law requires Designated Non-Financial Businesses and Professions (DNFBPs) — real estate brokers and developers, dealers in precious metals and stones, corporate service providers, independent legal professionals, and independent accountants and auditors carrying out specified activities — along with financial institutions and Virtual Asset Service Providers, to ensure that staff understand and can apply the entity's AML/CFT obligations. A written policy satisfies the documentation requirement; only trained staff satisfy the operating requirement, and supervisory authorities including the Ministry of Economy, the UAE Central Bank, the Dubai Financial Services Authority (DFSA) in DIFC, and the Financial Services Regulatory Authority (FSRA) in ADGM inspect both.

Training under this engagement is deliberately role-differentiated rather than a single generic session for everyone. Front-line staff who onboard customers or handle transactions need to recognise the specific red flags relevant to their function — unusual structuring to avoid a threshold, inconsistent explanations for a transaction, reluctance to provide beneficial-ownership information, or a customer profile that does not match the stated business purpose — and need a clear, rehearsed escalation path to the Compliance Officer that does not involve alerting the customer. The designated Compliance Officer or Money Laundering Reporting Officer (MLRO) needs deeper training: how to assess an escalated concern against the Suspicious Transaction Report (STR) / Suspicious Activity Report (SAR) threshold, how to file through the goAML platform operated by the UAE's Financial Intelligence Unit (FIU), and how to manage the tipping-off prohibition, which is a standalone offence under the AML/CFT Law separate from the underlying transaction. Senior management and, where applicable, the board need training focused on governance responsibility — approving the risk assessment and policy, resourcing the compliance function adequately, and understanding that ultimate accountability for the AML/CFT programme does not sit solely with whoever holds the Compliance Officer title.

Capacity building extends beyond a single training event. It includes building the internal competency to run the programme without leaning on an external adviser for every routine decision: giving onboarding staff a working checklist they can apply consistently, giving the Compliance Officer a decision framework for grading a concern as reportable or not, and giving management a dashboard or reporting rhythm that shows the programme is functioning — training completion rates, escalations raised, screening hits reviewed, and STR/SAR filings made. PNPC treats initial training, annual refresher training, and new-hire onboarding training as three distinct but connected deliverables, because a programme that only trains once, at launch, drifts out of alignment with staff turnover and regulatory updates within a year.

The practical failure mode this service addresses is not usually the absence of a training slide deck — it is training that was delivered once, years ago, to a workforce that has since largely turned over, with no attendance record, no competency check, and no link between the training content and the entity's actual current risk assessment. Ministry of Economy inspectors, and sector regulators alike, routinely ask a front-line staff member directly what they would do if a customer refused to explain the source of a large cash payment; an inconsistent or blank answer is a finding regardless of how well the policy document itself is written. PNPC builds training content, delivery, and record-keeping as one integrated deliverable specifically so that the answer a staff member gives under inspection matches the procedure the entity has on paper.

When AML Training and Capacity Building is the right engagement

Your business is a DNFBP, financial institution, or Virtual Asset Service Provider with an AML/CFT policy in place, but staff have never received documented, role-specific training on it

Your last AML/CFT training session was delivered more than twelve months ago, or before the current risk assessment and policy version were adopted

You have onboarded new staff in customer-facing, transaction-processing, or compliance roles since the last training cycle and they have had no formal AML induction

You have received a Ministry of Economy, Central Bank, DFSA, FSRA, or VARA inspection finding specifically citing inadequate or undocumented staff training

Your Compliance Officer or MLRO has never received structured training on assessing an STR/SAR threshold, filing through goAML, or managing the tipping-off prohibition

Your board or senior management has never been briefed on its AML/CFT governance responsibilities, including approving the risk assessment and resourcing the compliance function

You are preparing for a scheduled or anticipated supervisory inspection and want training records and staff competency demonstrably current before the visit

You have identified, through an internal review or a PNPC KYC/CDD engagement, that onboarding files are inconsistent across staff members — a training and competency gap rather than a policy-drafting gap

You operate across multiple branches or emirates and need a consistent training standard delivered to all customer-facing locations, not just head office

You are a group with entities in both India and the UAE and want a coordinated AML training programme that reflects each jurisdiction's specific legal framework rather than a single generic global session

When a different engagement may fit better

You do not yet have a documented AML/CFT risk assessment or policy — training staff on a programme that does not exist yet puts the sequence backwards; a KYC & CDD Advisory or AML Risk Assessment engagement should come first, with training following once the policy is finalised

You are not within any AML/CFT-regulated category under UAE law — confirm applicability through a scoping call before commissioning training that may not be a legal requirement for your business

You need the underlying AML/CFT policy or CDD procedures drafted or overhauled — that is policy design work, distinct from training delivery, though PNPC typically sequences the two together for new programmes

You need only the goAML portal registration completed with no wider training or policy work — that is a narrower registration engagement

You are seeking a one-off compliance certificate with no genuine intention of running the training content operationally — training that is not reinforced by actual staff practice does not hold up on inspection regardless of the certificate issued

You are under active investigation for a money laundering or terrorist financing offence — that requires criminal defence legal representation as the primary engagement, with training playing a secondary, later role

You want a guaranteed pass on inspection or a promise no finding will be issued — no training programme can offer that; what good training buys is staff who can demonstrate competency when tested, not immunity from scrutiny

Your requirement is purely technical — configuring a sanctions screening tool or an e-learning platform with no advisory input on content — that sits closer to a technology implementation engagement

Structure Comparison

AML training formats available for UAE DNFBPs and regulated entities

FormatBest Suited ForDepthTypical FrequencyDocumentation Produced
Initial full-programme training (all roles)New AML/CFT programme launch, or first structured training after years of no formal deliveryComprehensive — covers risk assessment context, CDD/EDD, red flags, escalation, tipping-off, goAML basicsOne-time at launchAttendance register, content pack, pre/post competency check
Front-line staff onboarding & CDD trainingCustomer-facing and transaction-processing staffApplied — red-flag recognition, escalation script, CDD/EDD checklist walkthroughAt hire, then annual refresherAttendance record, scenario-based competency test
Compliance Officer / MLRO deep-dive trainingThe designated Compliance Officer and any deputyTechnical — STR/SAR threshold assessment, goAML filing mechanics, tipping-off management, sanctions-freeze reportingAt designation, then annual refresherStructured session notes, filing-scenario walkthroughs, competency sign-off
Senior management / board governance briefingDirectors and senior management with AML/CFT oversight responsibilityGovernance-level — accountability, resourcing, risk-appetite sign-off, inspection response rolesAt appointment, then annualBoard minute or briefing record, attendance log
New-hire AML inductionAny new employee in a customer-facing, transaction, or compliance-adjacent roleFoundational — entity policy overview, role-specific obligations, escalation contactWithin a defined period of joiningInduction checklist and sign-off
Annual refresher & regulatory-update trainingAll previously trained staff, entity-wideUpdate-focused — changes in Cabinet Decisions, FATF guidance, sanctions lists, and internal procedure since last cycleAnnuallyRefresher attendance record and updated competency check
Post-finding remediation trainingStaff and functions named in a specific inspection or internal-audit findingTargeted — addresses the exact gap identified, with follow-up testingAs triggered by a findingRemediation training record tied to the specific finding for regulator response

Most PNPC clients combine several of these formats into a single annual training calendar rather than treating each as a standalone purchase — the entity-wide programme is what an inspector actually reviews, not any one session in isolation.

How it works
#Stage & What PNPC DoesWhat Generic or One-Off Training MissesTimeline
1Training Needs Assessment — reviewing the current AML/CFT risk assessment, policy, staff roles, and any prior training historyA training programme built without first reviewing the entity's actual risk assessment ends up generic — it teaches AML concepts in the abstract rather than the specific red flags and thresholds that apply to this business's customer base and transaction profile.Week 1
2Role Mapping — identifying which staff sit in front-line, Compliance Officer, and senior-management training tracksTreating every employee identically wastes the front-line team's time on goAML filing mechanics they will never perform, while under-preparing the Compliance Officer on the technical depth their role actually requires.Week 1
3Content Development — building role-specific training materials referencing the entity's actual policy, risk assessment, and typical customer/transaction scenariosOff-the-shelf generic AML slide decks reference no specifics of the business; when an inspector asks a staff member to apply the training to a real scenario, generic content leaves them unable to connect the dots.Week 1–2
4Front-Line Staff Training Delivery — red-flag recognition, CDD/EDD checklist application, and the internal escalation path with tipping-off awareness built inEscalation training that stops at 'tell the Compliance Officer' without rehearsing how to do so without alerting the customer leaves exactly the gap that produces a tipping-off breach.Week 2–3
5Compliance Officer / MLRO Deep-Dive Training — STR/SAR threshold assessment, goAML filing walkthrough, sanctions-freeze reporting, and record-keeping standardsA Compliance Officer trained only on the policy document, without a walkthrough of the actual goAML filing screens and a realistic escalation scenario, often freezes at the point of a real filing decision.Week 2–3
6Senior Management / Board Governance Briefing — accountability, resourcing expectations, and the entity's role during a supervisory inspectionBoards that approve an AML policy without understanding their own accountability under it are frequently the weakest link an inspector probes first.Week 3
7Competency Testing — scenario-based assessment confirming staff can apply the training, not just attend itAttendance alone does not demonstrate competency; an inspector's direct question to a staff member tests understanding, not sign-in sheets.Week 3–4
8Documentation & Record Assembly — attendance registers, content packs, competency results, and a training log compiled into an inspection-ready fileUndocumented training is, on inspection, functionally indistinguishable from no training at all — the record is what a supervisor actually reviews.Week 4
9New-Hire Induction Design — a standing induction module and checklist for staff joining after the initial rolloutA programme trained once at launch drifts as staff turn over; without a built-in induction step, new hires operate untrained indefinitely.Week 4
10Annual Refresher Calendar Set-Up — scheduling the next cycle and building in regulatory-update trackingA training programme with no diarised refresher date is, in practice, a one-time event masquerading as an ongoing programme.Week 4–5
11Ongoing Advisory & Update Delivery — PNPC tracks Cabinet Decision, FATF, and sanctions-list changes and delivers targeted update sessions as neededAML/CFT obligations in the UAE evolve; training content that is never refreshed against current guidance falls out of alignment within a year or two.Ongoing — PNPC on call
12Mock Inspection / Spot-Check Testing — unannounced scenario questions to a sample of trained staff to verify retained competency between formal cyclesFormal annual training with no interim check leaves gaps invisible until an actual inspector asks the same question staff were never re-tested on.Mid-cycle, on request

Realistic timeline for an initial full-programme rollout, from needs assessment to a complete, documented training file: 4–5 weeks for a single-site entity with an existing risk assessment and policy in place; longer where the underlying policy itself needs building first, or where multiple branches require coordinated delivery. Annual refresher cycles typically run over 1–2 weeks once the programme is established.

Document Checklist
Existing Programme Materials

Current AML/CFT risk assessment and policy and procedures manual

Existing CDD/EDD onboarding checklists or forms currently in use

goAML organisation and Compliance Officer registration confirmation

Any prior training materials, slide decks, or session notes previously used

Staff & Role Information

Organisation chart identifying front-line, Compliance Officer, and senior-management roles for training track mapping

List of staff by role, including recent hires who have not yet received AML induction

Details of any branches or additional business locations requiring separate or repeated delivery

Confirmation of the designated Compliance Officer / MLRO and any deputy

Prior Regulatory History

Any Ministry of Economy, Central Bank, DFSA, FSRA, or VARA inspection findings referencing training or staff competency gaps

Records of any prior STRs/SARs filed, or internal escalations raised, useful as anonymised training scenarios

Correspondence from a supervisory authority setting a remediation deadline relevant to training delivery

Delivery Logistics

Preferred training format — in-person, virtual, or a blended approach — and available scheduling windows

Existing e-learning or LMS platform details, if the entity wants training hosted or tracked through an existing system

Language requirements for training delivery across the workforce

Venue or virtual-platform access details for scheduled sessions

Record-Keeping Standards

Entity's current record-retention practice for training documentation, for alignment with AML/CFT record-keeping requirements

Format preference for attendance registers and competency-test results (physical sign-off, digital, or both)

Any group-wide or parent-company training-record templates that need to be reconciled with the UAE-specific programme

Ongoing obligations
PhaseTriggered ByPNPC GuidanceRisk If Ignored
Initial Rollout (Week 1–5)New AML/CFT programme adoption, or first structured training after a prolonged gapRole-mapped content development and delivery across front-line staff, the Compliance Officer, and senior management, with competency testing and full documentation.Untrained staff cannot demonstrate the operating substance behind a written policy, and an inspection that reaches the file-walkthrough stage will surface the gap regardless of how well the policy document itself reads.
New-Hire InductionAny new employee joining a customer-facing, transaction, or compliance-adjacent roleStanding induction module delivered within a defined period of joining, logged against the entity's training record.A workforce that trains once at launch and never inducts new joiners has a growing untrained population within a year of any hiring activity.
Live ApplicationEvery customer interaction and transactionTrained staff apply the escalation script and CDD checklist consistently; the Compliance Officer applies the STR/SAR assessment framework to any escalated concern.Inconsistent application across staff — some following training, others reverting to informal practice — is a direct signal to an inspector that training did not translate into operating discipline.
Annual RefresherAnniversary of the last training cycle, or a material regulatory updateEntity-wide refresher covering any Cabinet Decision, FATF, or internal policy changes since the last cycle, with re-testing of competency.Training that is not refreshed drifts out of alignment with current obligations, and a stale training date is a standard inspection question with an easy pass-or-fail answer.
Spot-Check / Mock TestingMid-cycle review, or ahead of an anticipated inspectionUnannounced scenario questions posed to a sample of staff to confirm retained competency between formal training cycles.A programme that is only ever tested during the formal training session itself has no evidence of retained competency in between, which is precisely when a real inspection is likely to occur.
Regulatory InspectionScheduled or unannounced supervisory visitPNPC supports document production and, where useful, coaches staff on how to present training records and respond to direct competency questions.Staff unable to answer a direct scenario question, or unable to produce an attendance record, generate a finding independent of the quality of the underlying policy.
Finding or Directive ReceivedInspection outcome citing a training or competency gapTargeted remediation training addressing the specific finding, with follow-up testing and a documented closure record for the supervisor.An unaddressed training finding typically escalates at the next inspection cycle and is treated as evidence of a pattern rather than an isolated lapse.
Staff Turnover / Role ChangeA trained employee leaves, or an untrained employee is promoted into a customer-facing or compliance roleInduction or role-specific training delivered before the new role holder begins operating unsupervised in the position.A gap between a role change and the corresponding training leaves the entity's actual practice, at that moment, unsupported by any documented competency.
Compliance Officer SuccessionThe designated Compliance Officer / MLRO changesThe incoming Compliance Officer receives the full technical deep-dive training — STR/SAR assessment, goAML mechanics, tipping-off management — before assuming the role.An entity operating with a nominal Compliance Officer who has not received the technical training cannot reliably assess or file a report when a genuine trigger arises.
Frequently asked
Is AML/CFT staff training a legal requirement in the UAE, or just good practice?

It is a requirement, not merely good practice. Federal Decree-Law No. 20 of 2018 and its Cabinet Decision implementing regulations require regulated entities — DNFBPs, financial institutions, and Virtual Asset Service Providers — to ensure staff understand and can apply the entity's AML/CFT obligations. A written policy alone does not satisfy this; supervisory authorities expect evidence that staff have actually been trained on it and can apply it in practice.

Practitioner noteWe are asked this constantly by clients who assume a signed-off policy document is the finish line. It is the starting point — the training obligation is separate and just as enforceable on inspection.
We already have an AML policy — why do we need a separate training engagement?

A policy states what should happen; training is what makes staff capable of actually doing it. Ministry of Economy and sector-regulator inspections routinely test staff directly — asking a front-line employee what they would do if a customer refused to explain a large cash payment's source. A policy document cannot answer that question for the employee in the moment; only training and rehearsed practice can.

Practitioner noteWe have seen well-written policies attached to a workforce that could not answer a single applied question during an inspection walkthrough — the document existed, but nobody had been taught to use it.
Who within our business actually needs AML/CFT training?

Any staff member who interacts with customers, processes transactions, or has visibility into the business relationships the entity forms with clients — front-line onboarding and operations staff, the designated Compliance Officer/MLRO, and senior management or the board with AML/CFT oversight responsibility. The depth and content of training differs materially by role, but the training obligation itself extends across all of them.

Practitioner noteWe map roles before designing content specifically so a receptionist is not sitting through a goAML filing walkthrough meant for the Compliance Officer, and the Compliance Officer is not limited to the same introductory session as everyone else.
How often does AML/CFT training need to be refreshed?

At minimum annually, and additionally whenever there is a material change — updated risk assessment, revised policy, new Cabinet Decision or FATF guidance, or a specific inspection finding requiring targeted remediation. New hires in relevant roles should receive induction training within a defined period of joining rather than waiting for the next scheduled annual cycle.

Practitioner noteWe diarise the annual refresher into every training engagement's close-out so it does not become the kind of 'we'll get to it' item that quietly lapses for years.
What is the difference between front-line staff training and Compliance Officer training?

Front-line training focuses on applied recognition and escalation — spotting red flags during customer interaction, applying the CDD/EDD checklist, and escalating a concern to the Compliance Officer without alerting the customer. Compliance Officer training goes deeper into technical assessment: evaluating whether an escalated concern meets the STR/SAR threshold, the mechanics of filing through the goAML platform, sanctions-freeze reporting on a list match, and managing the tipping-off prohibition at the organisational level.

Practitioner noteWe deliberately do not compress these into a single session — the Compliance Officer needs a materially deeper technical grounding than the staff who escalate to them, and conflating the two under-serves both audiences.
What is tipping off, and how does training address it?

Tipping off is directly or indirectly informing a customer or third party that a Suspicious Transaction Report has been filed, is being considered, or that an investigation is underway — a standalone offence under Federal Decree-Law No. 20 of 2018, separate from the underlying transaction. Training addresses it explicitly by giving front-line staff a rehearsed way to escalate internally — for example, a neutral reason for delaying or querying a transaction — without revealing that a report is being considered.

Practitioner noteThis is one of the most consequential mistakes a well-intentioned employee can make, often without realising the disclosure itself is a separate breach. We rehearse the actual words staff can use, not just the abstract rule.
Does training cover goAML portal mechanics, or just AML concepts generally?

For the Compliance Officer and MLRO track, yes — training includes a walkthrough of the goAML platform operated by the UAE's Financial Intelligence Unit, covering how an STR/SAR is actually filed once an internal decision to report has been made, and how a Fund Freeze / Funds Awaiting Return report is filed following a sanctions-list match. Front-line staff training focuses on recognition and escalation rather than the filing mechanics itself, since filing authority typically sits with the Compliance Officer.

Practitioner noteWe have seen Compliance Officers who understood the policy conceptually but had never actually seen the goAML filing screens — a walkthrough before a real filing is needed removes that hesitation at the moment it matters most.
How do you make training specific to our business rather than generic AML theory?

PNPC reviews the entity's current risk assessment, customer base, transaction types, and any prior inspection findings before building content, and constructs scenarios and red-flag examples that reflect what the business actually encounters — a real estate brokerage's training scenarios differ materially from a corporate service provider's or a precious-metals dealer's, even though the underlying legal framework is the same.

Practitioner noteGeneric slide decks are the fastest way to produce content nobody remembers applying — we would rather spend an extra day understanding the business than deliver a session that reads as interchangeable with any other client's.
What documentation do you produce to prove training happened?

A complete training file typically includes attendance registers naming each participant and session date, the content pack or materials used, a record of any competency test or scenario-based assessment and its results, and — for governance-level briefings — a board minute or management sign-off record. This file is assembled specifically so it can be produced in full if a supervisory authority requests it.

Practitioner noteWe index the training file the same way we index the wider AML compliance file, so if an inspector asks specifically about training, the answer is one folder away rather than reconstructed under pressure.
Can training be delivered virtually, or does it need to be in person?

Both formats are used depending on the entity's size, number of locations, and staff distribution — PNPC delivers in-person sessions, virtual sessions, or a blended approach, and can coordinate delivery across multiple branches or emirates to a consistent standard. What matters for inspection purposes is not the delivery format but that attendance, content, and competency are properly documented regardless of how the session was run.

Practitioner noteFor multi-branch clients we usually recommend a core virtual session for consistency, supplemented by a shorter in-person scenario walkthrough at each location — it balances consistency of content against the value of face-to-face practice.
How does PNPC test whether training actually worked, rather than just delivering it?

PNPC builds scenario-based competency checks into the training delivery — realistic situations staff must respond to correctly, not just attendance sign-off — and can run unannounced spot-check questions to a sample of staff between formal training cycles to confirm retained competency, which mirrors how an actual inspector is likely to test the programme.

Practitioner noteAttendance alone tells you who was in the room, not who understood what was said. We push clients toward the applied test even when it takes longer to design, because that is what actually gets tested on inspection.
What happens if a Ministry of Economy inspection finds our training was inadequate?

An inadequate-training finding typically triggers a corrective action directive with a remediation deadline. PNPC can deliver targeted remediation training addressing the specific gap identified, with follow-up competency testing and a documented closure record to present to the supervisor, structured to close the finding formally rather than leave it open into the next inspection cycle.

Practitioner noteWe treat remediation training differently from routine annual refreshers — it is scoped tightly to the exact finding, tested more rigorously, and documented with the specific goal of satisfying the supervisor who raised it.
Do sole practitioners and very small DNFBPs need the same training programme as a large firm?

The training obligation applies regardless of entity size, but the format and depth can reasonably scale — a sole practitioner or a two-person corporate service provider does not need a multi-session, multi-track programme, though the same substantive coverage (red-flag recognition, escalation, and for the principal, STR/SAR and goAML competency) still applies.

Practitioner noteWe right-size delivery to the entity rather than imposing an enterprise-scale programme on a small business — a proportionate, well-documented session for a two-person firm satisfies the obligation; an oversized programme that never gets fully absorbed does not.
Can training be combined with our KYC & CDD Advisory or AML risk assessment engagement?

Yes, and PNPC generally recommends it — training content is most effective when it is built directly from the entity's own risk assessment and policy rather than delivered as a separate, disconnected exercise. Where PNPC has built or is building the underlying programme, training is typically sequenced as the final stage of the same engagement.

Practitioner noteWe rarely deliver training in isolation from the policy work unless a client already has a solid, current policy in place — training on a policy we have not reviewed risks teaching content that does not match what the entity actually does.
How does training address our specific sector's AML risk — for example, real estate or precious metals dealing?

PNPC builds sector-relevant red-flag scenarios into the content — for real estate, unusual source-of-funds patterns and rapid resale; for precious metals and stones dealers, cash-transaction structuring near the prescribed threshold; for corporate service providers, undisclosed beneficial ownership in company formation requests. Generic AML training that does not reflect the entity's actual sector risk is less likely to be retained or correctly applied by staff.

Practitioner noteA real estate broker's front-line staff and a corporate service provider's onboarding team are watching for materially different signals — we would rather build two distinct scenario sets than force both audiences through the same generic material.
What is the connection between AML training and our goAML registration?

goAML registration establishes the reporting channel and gives the Compliance Officer filing access; training is what ensures the people around that channel — front-line staff who escalate, and the Compliance Officer who assesses and files — actually use it correctly and without delay when a genuine trigger arises. Registration without trained staff behind it is a functioning channel with nobody competent to use it under pressure.

Practitioner noteWe have taken over engagements where the goAML registration was technically complete and correct, but no one on staff had ever been walked through when or how to actually use it — training closes exactly that gap.
Does PNPC provide ongoing training support, or is this a one-time session?

Both models are available. A one-time engagement covers the initial rollout with full documentation; an ongoing retainer adds the annual refresher cycle, new-hire induction as staff turn over, targeted update sessions when Cabinet Decisions or FATF guidance change, and spot-check testing between formal cycles — which is the model PNPC generally recommends given how quickly a one-time-only programme drifts out of currency.

Practitioner noteWe are candid that a single training session, however well delivered, has a shelf life of roughly a year before staff turnover and regulatory drift start eroding its value — the retainer model is what actually keeps a programme inspection-ready on an ongoing basis.
How does PNPC price an AML training and capacity-building engagement?

PNPC agrees a fixed, written fee before work begins, scoped to the number of roles and staff to be trained, the number of locations requiring delivery, and whether the engagement is a one-time rollout or an ongoing annual retainer including refreshers and new-hire induction. Any third-party costs, such as an external e-learning platform the client chooses to use, are identified separately from PNPC's professional fees.

Practitioner noteWe do not publish a single headline price because training scope varies enormously — a five-person single-branch firm and a fifty-person multi-branch brokerage require materially different delivery effort, and a flat number would misprice one or the other.
Why PNPC Global

PNPC AML training and capacity building vs a generic one-off training session

DimensionGeneric One-Off TrainingPNPC Engagement
Content basisOff-the-shelf AML slide deck applied to any businessBuilt from the entity's actual risk assessment, policy, and customer/transaction profile
Role differentiationOne session for everyone regardless of functionDistinct tracks for front-line staff, Compliance Officer/MLRO, and senior management/board
Escalation and tipping-off trainingMentioned as a policy line itemRehearsed escalation scripts specifically designed to avoid tipping off
goAML mechanicsNot covered, or covered only in the abstractPractical filing walkthrough for the Compliance Officer track, including sanctions-freeze reporting
Competency testingAttendance sign-off onlyScenario-based assessment confirming staff can apply the training
DocumentationCertificate of attendance, if anythingFull training file — registers, content pack, competency results, board sign-off where relevant
Refresher cadenceOne-time delivery, rarely repeatedDiarised annual refresher plus new-hire induction built into the programme from day one
New-hire coverageNo standing process for staff joining after the initial sessionDefined induction module and timeline for every new relevant hire
Spot-check retention testingNone between formal sessionsUnannounced scenario questions mid-cycle to confirm retained competency
Sector relevanceGeneric red-flag examples not specific to the businessSector-specific scenarios matched to the entity's actual DNFBP category and risk profile
Inspection alignmentNo connection to what a supervisor actually testsContent and testing built around the exact questions Ministry of Economy and sector-regulator inspectors typically ask staff directly

What the PNPC package includes

  1. 01

    Training needs assessment against the entity's current AML/CFT risk assessment and policy

  2. 02

    Role mapping across front-line, Compliance Officer/MLRO, and senior management/board tracks

  3. 03

    Sector-specific, scenario-based training content built for the entity's actual business

  4. 04

    Front-line staff training on red-flag recognition, CDD/EDD checklist application, and tipping-off-safe escalation

  5. 05

    Compliance Officer/MLRO deep-dive training on STR/SAR threshold assessment, goAML filing mechanics, and sanctions-freeze reporting

  6. 06

    Senior management / board governance briefing on AML/CFT accountability and resourcing

  7. 07

    Scenario-based competency testing, not just attendance sign-off

  8. 08

    Full documented training file — attendance registers, content packs, competency results, and sign-offs

  9. 09

    Standing new-hire induction module for staff joining after the initial rollout

  10. 10

    Diarised annual refresher cycle incorporating current Cabinet Decision, FATF, and sanctions-list updates

  11. 11

    Mid-cycle spot-check / mock inspection testing to confirm retained competency

  12. 12

    Targeted remediation training tied to any specific inspection or internal-audit finding

  13. 13

    Multi-branch and multi-emirate delivery coordination to a consistent training standard

  14. 14

    Coordination with PNPC's KYC & CDD Advisory and AML Risk Assessment engagements so training content matches the live policy

  15. 15

    Cross-border coordination for groups with entities in both India and the UAE

  16. 16

    Ongoing regulatory-change monitoring reflected in refresher content

Turn your AML/CFT policy into a trained, inspection-ready workforce — talk to PNPC's Dubai compliance team before a regulator tests your staff for you.

Jurisdiction

🇦🇪
United Arab Emirates

Free zone, mainland & offshore

Ready to get started?

Tell us about your requirement — a UAE specialist responds within 24 hours.

← Back to AML / CFT Services