- The Riffle
- Posts
- FSRA’s Thematic Review on AML/CFT for Virtual Asset Service Providers (VASPs)
FSRA’s Thematic Review on AML/CFT for Virtual Asset Service Providers (VASPs)
Strengthening Compliance in a Growing Sector
The Riffle
The Financial Services Regulatory Authority (FSRA) of the Abu Dhabi Global Market (ADGM) has released a detailed Thematic Review focused on the Anti-Money Laundering (AML), Counter Financing of Terrorism (CFT), and Targeted Financial Sanctions (TFS) frameworks of licensed Virtual Asset Service Providers (VASPs).
The review highlights a widening gap between firms’ understanding of their regulatory duties and the real-world execution of compliance controls — a reminder that written policies are not enough without robust, consistent application.
Why the Review Matters
As ADGM continues to position itself as a trusted global hub for digital assets, the FSRA’s review reflects its proactive approach to maintaining market integrity.
Virtual asset activities bring unique risks due to:
Rapid innovation and evolving technologies,
Cross-border transaction complexities, and
Potential misuse by illicit actors.
The FSRA’s goal is clear — ensure that licensed VASPs operate with risk-sensitive, well-documented frameworks that can stand up to scrutiny.

Key Findings at a Glance
The review identified several recurring weaknesses across the sector:
Inconsistent Customer Due Diligence (CDD): Many firms lacked depth in verifying source of funds and source of wealth, and enhanced due diligence was often incomplete.
Weak Transaction Monitoring: Systems were too simplistic and failed to capture virtual asset-specific risks.
Poor Travel Rule Implementation: Firms struggled to meet information-sharing requirements for cross-border transfers.
Deficient Risk Frameworks: Business and customer risk assessments were generic, limiting effectiveness.
Lack of Independent Assurance: Internal audits or control testing were insufficient.
Inadequate Counterparty Due Diligence: Many firms did not assess the AML/CFT standards of partner VASPs.
Generic Training: Programs were often not tailored to staff roles or actual exposure levels.
FSRA’s Regulatory Expectations
The FSRA has set clear expectations for improvement, including:
Robust CDD & EDD: Verification of source of wealth and funds must be independent and well-documented.
Enhanced Monitoring: Incorporate both behavioral and blockchain-based scenarios calibrated to virtual asset typologies.
Travel Rule Compliance: Apply to all qualifying transfers without thresholds, and manage non-compliant counterparties effectively.
Counterparty Risk Management: Conduct thorough due diligence on all virtual asset partners.
Role-Specific Training: Regular, risk-based training with effectiveness testing.
Key Takeaways
The review reinforces a simple but vital message — awareness without execution is not compliance.
VASPs operating within ADGM must translate their policies into tangible, effective systems supported by leadership, documented evidence, and continuous oversight.
By raising the bar for AML/CFT practices, ADGM strengthens its reputation as a credible, transparent, and globally aligned jurisdiction for virtual asset activity.
Read the full briefing document presented by 10 Leaves here -
|