If your business is subject to UAE anti-money laundering obligations, goAML registration is not optional, it is a legal requirement. Whether you are a bank, a real estate broker, a crypto exchange, or an auditing firm, you must be registered on the Financial Intelligence Unit's reporting portal before you can file a Suspicious Transaction Report (STR) or meet your broader AML compliance obligations.
This guide walks you through everything: who must register, what documents you need, the exact steps on the portal, errors to avoid, and what happens after registration.
1. What Is goAML? UAE FIU Reporting System Explained
goAML is a software platform developed by the United Nations Office on Drugs and Crime (UNODC) and adopted by financial intelligence units around the world. In the UAE, it is operated by the Financial Intelligence Unit (FIU) – the federal authority responsible for receiving, analysing, and providing financial intelligence related to money laundering and terrorism financing.
The UAE FIU integrated goAML into its national AML/CFT framework as part of the country's broader effort to align with the Financial Action Task Force (FATF) recommendations. The platform serves as the single mandatory channel through which reporting entities submit:
Suspicious Transaction Reports (STRs)
Suspicious Activity Reports (SARs)
High-Risk Country Transaction Reports (HRCTRs) where applicable
Prior to goAML, reporting was fragmented and inconsistent. The centralised platform allows the FIU to aggregate intelligence, identify patterns across sectors, and share leads with law enforcement. For regulated businesses, registration on goAML is the first tangible step in meeting your AML/CFT obligations under Federal Decree-Law No. 20 of 2018 and its implementing Cabinet Decisions.
2. Who Must Register on goAML in the UAE? (DNFBPs, FIs, VASPs)
The obligation to register on goAML applies to all Reporting Entities as defined under UAE AML law. These fall into three broad categories:
Financial Institutions (FIs)
Licensed banks and exchange houses
Insurance companies and brokers
Investment firms and asset managers
Finance companies and payment service providers
Designated Non-Financial Businesses and Professions (DNFBPs)
Real estate agents and brokers (for property transactions above AED 55,000)
Auditors, accountants, and tax advisors
Legal professionals (lawyers and notaries) handling client funds or transactions
Dealers in precious metals and stones (transactions above AED 55,000)
Company service providers (corporate secretaries, registered agents)
Virtual Asset Service Providers (VASPs)
Cryptocurrency exchanges
Digital asset custodians
Virtual asset brokers and transfer services
All VASPs licensed by the Virtual Assets Regulatory Authority (VARA) in Dubai or the relevant authority in Abu Dhabi Global Market (ADGM) or Dubai International Financial Centre (DIFC)
If your entity falls into any of these categories and is operating in the UAE, goAML registration is mandatory, regardless of transaction volume or size. Failure to register exposes your business and its compliance officer to regulatory sanctions, fines, and potential licence suspension.
3. Documents & Information You Need Before You Start
Gathering everything upfront will save you significant time. The goAML portal will prompt you for specific details at each stage, and incomplete submissions are a leading cause of delays.
Entity-Level Information
Trade licence issued by the relevant licensing authority (DET, ADCCI, DIFC, ADGM, etc.)
Certificate of incorporation or equivalent formation document
Emirates ID or passport copies of all Ultimate Beneficial Owners (UBOs) holding 25% or more
Memorandum and Articles of Association (for companies)
Registered physical address and P.O. Box in the UAE
Licensed activity description matching AML-regulated activities
Compliance Officer / MLRO Information
Full legal name as it appears on Emirates ID or passport
Emirates ID number (for UAE residents) or passport number
Direct contact email and mobile number
Job title (must reflect AML/compliance responsibility)
Letter of appointment as Money Laundering Reporting Officer (MLRO)
Portal Access
A dedicated compliance email address
Access to the email inbox in real time during registration (for OTP codes)
4. Step 1: Creating Your goAML Account
Navigate to the UAE FIU's goAML portal. The registration process begins with creating an individual user account for the designated compliance officer.
Select "Register" on the goAML login page.
Choose "Reporting Entity" as the account type.
Enter the compliance officer's personal details: full name, nationality, date of birth, email address, and mobile number.
Create a strong password meeting the portal's complexity requirements.
Verify your email address by entering the OTP sent to the registered inbox.
Verify your mobile number via a second OTP sent by SMS.
Once both verifications are complete, your individual user account is active. You will use these credentials to log in and complete the entity registration in the next step.
5. Step 2: Entity Registration on the goAML Portal
With your user account active, the next step is linking it to your legal entity. This is where your business is formally registered as a reporting entity with the FIU.
Log in to the portal using the credentials created in Step 1.
Select "Register New Organization" from your dashboard.
Enter your entity's legal name exactly as it appears on the trade licence, including legal form (LLC, PJSC, Branch, etc.).
Select the correct sector classification from the dropdown. This determines which reporting obligations apply to your entity. Common sectors include Banks, Exchange Houses, DNFBPs – Real Estate, DNFBPs – Legal, VASPs, and so on. Choosing the wrong sector is one of the most common registration errors.
Enter your trade licence number, licensing authority, and licence expiry date.
Upload a clear, colour scan of your trade licence. Blurry or cropped images are routinely rejected.
Enter your registered address, including emirate, area, building name, floor, and P.O. Box.
Provide your entity's primary contact email and phone number.
Review all details carefully and submit for FIU review.
The FIU typically reviews entity registration submissions within 5–10 business days. You will receive an email notification confirming approval or requesting additional information. During this period, do not attempt to re-submit or create a duplicate entity record.
6. Step 3: Compliance Officer / MLRO Linking
Once your entity is approved, you must formally link the compliance officer (or MLRO) to the registered entity and assign the appropriate user role. This is what grants the MLRO the ability to submit STRs and other reports on behalf of the entity.
Log in and navigate to your approved entity record.
Select "Add User" or "Link User to Organization".
Search for the compliance officer's account by email address.
Assign the role of "Compliance Officer" or "MLRO". This role has submission rights. Other roles (such as Analyst) can prepare reports but cannot submit them.
If your entity requires a secondary or deputy MLRO, add them as an additional user at this stage with the appropriate role.
The compliance officer will receive a notification email confirming their linkage to the entity.
At this point, your entity is fully registered and your MLRO is authorised to log in and file reports. Keep a record of the FIU's confirmation email, the entity's goAML reference number, and all linked user details, you will need these for future correspondence with regulators.
7. Common goAML Registration Errors and How to Fix Them
The following errors account for the majority of registration delays and rejections. Most are straightforward to resolve once identified.
Error: "Entity name does not match records". The name entered must match the trade licence exactly, including punctuation, abbreviations, and legal form. Even "LLC" vs "L.L.C" can cause a mismatch. Solution: copy the name character-by-character from the licence document.
Error: "Licence document rejected — image quality". The portal requires a clear, full-page colour scan. Phone photos taken at an angle or in poor lighting are almost always rejected. Solution: use a flatbed scanner or a high-quality scanning app (e.g., Adobe Scan) and ensure all four corners of the licence are visible.
Error: "Submission pending — no update after 10 business days". This sometimes occurs when a supporting document is missing or inconsistent, but the portal has not issued an explicit rejection notice. Solution: contact the FIU directly via their official support email, quoting your submission reference number and entity name.
8. After Registration: STR / SAR Filing Obligations
Registration on goAML is the beginning of your compliance journey, not the end. Once registered, your entity has ongoing obligations.
Suspicious Transaction Reports (STRs)
You are legally required to file an STR within 35 days of identifying a suspicious transaction or activity, or within 24 hours if the funds are linked to terrorism financing. There is no minimum threshold, suspicion alone triggers the obligation, regardless of transaction size.
High-Risk Country Transaction Reports (HRCTRs)
Certain regulated entities must also report transactions involving counterparties in jurisdictions identified as high-risk by the FATF or by UAE Cabinet Decisions. The reporting timeframe and applicable threshold depend on your sector.
Record-Keeping
All STR filings, supporting documentation, and goAML correspondence must be retained for a minimum of five years from the date of filing.
Annual Compliance
Your goAML entity profile must be kept up to date. Changes in compliance officers, trade licence renewals, and changes to your registered address must be reflected on the portal promptly. Outdated entity records can result in regulatory findings during examinations.
9. goAML Login Troubleshooting (Locked Accounts, OTP, Browser Issues)
Account locked after failed login attempts. The portal locks accounts after a set number of consecutive failed attempts. Use the "Forgot Password" function to initiate a reset via your registered email. If the reset email does not arrive, contact FIU support, do not attempt to create a new account.
OTP not arriving on login. If you no longer have access to the mobile number or email registered at setup, you will need to contact the FIU to update your credentials. This process requires identity verification and may take several business days.
Browser compatibility issues. goAML is optimised for Google Chrome and Microsoft Edge on desktop. Safari and Firefox have known compatibility issues with file upload functions and certain dropdown menus. If the portal is behaving unexpectedly, switch to Chrome before assuming there is a system-level error.
Session timing out. The portal has a short inactivity timeout. If you are gathering documents mid-session and the page reloads, your unsaved inputs may be lost. Prepare all documents and information before beginning a session and complete each step without extended breaks.
Portal maintenance windows. The FIU performs scheduled maintenance, typically on weekends. If the portal is completely inaccessible during business hours, check the FIU's official communications or contact their helpdesk to confirm whether a maintenance window is in effect.
Get Registered in Under 5 Business Days with B-AML
goAML registration involves multiple steps, sector-specific requirements, and document standards that vary depending on your licence type and regulatory authority. Errors at any stage can delay your registration by weeks — and an unregistered entity cannot file STRs, which creates direct legal exposure.
B-AML can register your entity on goAML in under 5 business days. Our team handles the full process: document preparation, portal submission, MLRO linking, and follow-up with the FIU on your behalf. We work with financial institutions, DNFBPs, and VASPs across all UAE jurisdictions including mainland, DIFC, ADGM, and VARA-licensed entities.



