AML Platform runs your whole compliance operation in one place: onboarding, screening, monitoring, cases, and goAML filings, in English and Arabic. Every STR traces back to the alert that raised it, and every XML file is checked against the UAE FIU's own schema before you submit.
Regulatory reporting
The platform ships the UAE FIU's goAML XML schema and checks every filing against it before submission, so rejections happen on your screen instead of at the FIU. There is no freeform drafting; each report is generated from its legal trigger with the evidence already attached.
<report> <report_code>STR</report_code> <submission_date>2026-07-11</submission_date> <transaction> <amount_local>96400</amount_local> </transaction> </report>
A schema-locked serializer generates the XML, and its output is re-checked against the FIU's XSD every time the platform changes.
Close a case with an STR, confirm a freeze, or log a qualifying deal, and the matching report appears in your queue with the trigger and evidence attached.
Suspicious-activity, freeze, threshold, and name-match filings all move through the same queue and the same submission steps.
Detection & risk
Six monitoring scenarios check every transaction the moment it lands, with no overnight batch to wait for. Thresholds and windows are yours to tune, and the 12-factor risk model shows its working: every score breaks down into the weights you set.
Risk scoring applies two hard overrides you can't tune away: a confirmed sanctions match or active freeze forces a high rating, and any PEP exposure floors it at medium, as Article 16 requires.
Screening & sanctions
Customers, UBOs, and counterparties are screened against live sanctions data. If the provider is unreachable, the platform refuses to pretend there were no hits. Ongoing re-screening checks your whole book against current lists, so a new designation doesn't sit waiting for your next review cycle.
If the screening provider goes down, you get an explicit error. The platform never records a silent “no hits.”
News screening runs automatically when a PEP hit is confirmed, and every article is scored against a fixed AML risk vocabulary so the relevant ones surface first.
Analysts disposition hits; the MLRO resolves them. Nobody clears their own alert, and the trail shows who did what.
Governance & evidence
When the examiner asks who decided this, when, and on what evidence, the answer is already written down, hash-chained, and impossible to quietly edit.
Every compliance-relevant action is appended to a hash-chained log, and any edit after the fact visibly breaks the chain.
Material judgements such as onboarding, EDD approvals, case closures, and exits carry the KYC, UBO, and document state exactly as it stood when the decision was made.
The approver and the senior-management acknowledger of an EDD or AML exit must be different people, and the platform enforces it rather than leaving it to a checklist.
STR data lives in a restricted schema that ordinary queries can't reach, and report notifications go only to the MLRO tier.
Language
Every screen, tutorial, and notification ships in both languages with full right-to-left layout. Arabic-speaking analysts get the same product as everyone else.
Drafted from case #C-2041 · pending MLRO review · valid against goAML schema 5.0.2
تمت صياغته من القضية C-2041 · بانتظار مراجعة مسؤول الإبلاغ · مطابق لمخطط goAML 5.0.2
Who it's for
If you file to the UAE FIU through goAML and answer to a supervisor, this was built for your desk.
Dealers in precious metals & stones
Qualifying cash deals surface a draft DPMSR straight from the transaction record, with the amount, counterparty, and screening result already in place.
Real estate brokers & developers
Reportable transactions carry their evidence with them, and buyer and UBO screening runs before the deal is on your book.
Corporate services, exchange & fintech
Roles for the whole function, from analyst to deputy MLRO to auditor, with delegation for leave cover and an audit trail the owner can see.
Questions
Yes. The platform ships the UAE FIU's published XSD (bundle V2.00, goAML schema 5.0.2) and validates generated filings against it, both in the product before you submit and in our build pipeline on every change. STR, SAR, FFR, DPMSR, REAR, name-match, and additional-information report types are supported.
Your data is UAE-resident, isolated per organization with row-level security in Postgres. STR and report data additionally sits in a restricted schema that ordinary queries can't reach, supporting your tipping-off obligations.
Every scenario is configurable: thresholds, time windows, the structuring band, the risk-model weights, and the rating boundaries. Two legal floors are deliberately not tunable: confirmed sanctions matches force a high rating, and PEP exposure floors it at medium.
Continuous re-screening checks your customer book against current lists. A match on a mandatory list (UN Consolidated or UAE Local Terrorist List) triggers an automatic freeze, opens an investigation case, and drafts the funds-freeze report for EOCN submission the same day.
No. One MLRO and one analyst is a complete setup: the pickup queue tells you what needs filing, the dashboard rail tells you what needs attention first, and bilingual in-app tutorials cover every workflow. Deputy delegation covers leave without handing over the whole function.
Screening fails closed. You get an explicit error and the action blocks; the platform will never silently record “no hits” because a provider was unreachable.
Get started
Set up your organization, tune your thresholds, and see the filing pipeline on your own data, in English or Arabic.