Compliance Policies & Procedures

Morris Wealth Management
Dubai International Financial Centre
United Arab Emirates

Document Version: 2024.1
Effective Date: January 1, 2024
Last Updated: December 2024

1. Anti-Money Laundering (AML) Policies

1.1 Policy Statement

Morris Wealth Management is committed to maintaining the highest standards of Anti-Money Laundering (AML) compliance. We have implemented comprehensive policies and procedures to prevent our services from being used for money laundering, terrorist financing, or other illicit activities. Our AML program is designed to comply with UAE Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations, as well as international best practices.

1.2 AML Officer & Governance

A designated AML Compliance Officer oversees all AML activities and reports directly to senior management
Annual AML training is mandatory for all employees
Regular internal audits and compliance reviews are conducted
AML policies are reviewed and updated annually or as required by regulatory changes

1.3 Client Due Diligence (CDD)

Standard due diligence for all clients including identity verification and background checks
Enhanced due diligence for high-risk clients, Politically Exposed Persons (PEPs), and clients from high-risk jurisdictions
Ongoing monitoring of client relationships and transaction patterns
Regular review and update of client information

1.4 Suspicious Activity Reporting

Employees are trained to identify and report suspicious activities
Suspicious Transaction Reports (STRs) are filed with the UAE Financial Intelligence Unit (FIU) within required timeframes
Internal escalation procedures for potential suspicious activities
Confidentiality requirements and tipping-off prohibitions are strictly enforced

1.5 Record Keeping

All client identification and transaction records are maintained for a minimum of 5 years
Records are stored securely and made available to regulatory authorities upon request
Comprehensive audit trails for all transactions and compliance activities

2. Know Your Customer (KYC) Procedures

2.1 KYC Framework

Morris Wealth Management implements a comprehensive KYC framework designed to understand our clients' identity, financial situation, and investment objectives. Our KYC procedures ensure compliance with UAE regulations and international standards while enabling us to provide appropriate services and monitor ongoing relationships effectively.

2.2 Client Identification Requirements

Individual Clients:

Government-issued photo identification (passport, Emirates ID)
Proof of address (utility bill, bank statement within 3 months)
Income verification (salary certificates, bank statements)
Source of wealth documentation
Investment experience questionnaire

Corporate Clients:

Certificate of incorporation and commercial registration
Memorandum and Articles of Association
Board resolutions and authorized signatories
Beneficial ownership documentation (25% or more)
Financial statements (last 2-3 years)
Source of funds and business activity verification

2.3 Enhanced Due Diligence (EDD)

Enhanced due diligence is applied for:

Politically Exposed Persons (PEPs) and their family members
Clients from high-risk jurisdictions as identified by FATF
Complex ownership structures or unusual transaction patterns
Clients with assets exceeding USD 10 million
Non-face-to-face client relationships

2.4 Ongoing Monitoring

Annual review of all client information and documentation
Transaction monitoring for unusual patterns or activities
Regular screening against sanctions lists and PEP databases
Updated risk assessments based on client behavior and profile changes
Prompt investigation of any red flags or suspicious activities

2.5 Risk Classification

LOW RISK

• UAE nationals/residents
• Transparent income sources
• Standard investment products

MEDIUM RISK

• Non-resident clients
• Complex structures
• Higher transaction volumes

HIGH RISK

• PEPs and associates
• High-risk jurisdictions
• Cash-intensive businesses

3. Sanctions Compliance Framework

3.1 Sanctions Policy

Morris Wealth Management maintains a comprehensive sanctions compliance program to ensure adherence to all applicable international sanctions regimes. We comply with UAE Federal Law No. 20 of 2018, UN Security Council sanctions, US OFAC sanctions, EU sanctions, and UK sanctions programs. Our policy prohibits any business relationships or transactions involving sanctioned individuals, entities, or jurisdictions.

3.2 Sanctions Screening Program

Screening Scope:

All prospective and existing clients
Beneficial owners and related parties
Counterparties and business partners
Investment holdings and transactions
Wire transfer beneficiaries and originators

Screening Lists:

UAE National Anti-Terrorism Committee Lists
UN Security Council Consolidated List
US OFAC Specially Designated Nationals (SDN) List
EU Consolidated List of Sanctions
UK Consolidated List of Financial Sanctions Targets
Other relevant national and international sanctions lists

3.3 Screening Procedures

Real-time screening: All transactions are screened before execution
Daily screening: Client and counterparty databases updated against latest sanctions lists
Name matching: Advanced fuzzy logic and phonetic matching algorithms
Geographic screening: Identification of restricted jurisdictions and territories
Ongoing monitoring: Continuous surveillance of portfolio holdings and transactions

3.4 Match Investigation Process

1. Alert Generation: System generates alert for potential matches
2. Initial Review: Compliance officer reviews match within 24 hours
3. Investigation: Detailed analysis of personal information, aliases, dates of birth
4. Documentation: All decisions and rationale documented
5. Escalation: Complex cases escalated to senior management
6. Action: Blocking, rejection, or clearance based on investigation results

3.5 Prohibited Activities

Direct or indirect transactions with sanctioned persons or entities
Processing payments to/from sanctioned jurisdictions
Providing services that may facilitate sanctions evasion
Investing in securities of sanctioned entities
Accepting funds with sanctions nexus

3.6 Reporting and Record Keeping

Immediate reporting of sanctions violations to relevant authorities
Maintenance of comprehensive screening logs and investigation records
Regular reporting to senior management and board of directors
Annual sanctions compliance attestation and risk assessment

4. UAE Regulatory Compliance

4.1 Regulatory Framework

Morris Wealth Management operates under the regulatory oversight of the UAE regulatory authorities and complies with all applicable UAE federal laws and regulations governing financial services, investment management, and wealth management activities.

4.2 Key Regulatory Requirements

UAE Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism
UAE Central Bank regulations on financial services
DIFC Laws and regulations (if applicable)
Securities and Commodities Authority (SCA) regulations
UAE Data Protection Law compliance
Corporate governance and risk management requirements

4.3 Compliance Monitoring

Regular regulatory reporting and filings
Internal compliance monitoring and testing programs
External audit and regulatory examinations
Staff training on UAE regulatory requirements
Maintenance of regulatory licenses and approvals

5. Privacy & Data Protection Policies

5.1 Data Protection Commitment

Morris Wealth Management is committed to protecting the privacy and security of our clients' personal and financial information. We implement comprehensive data protection measures in compliance with UAE Data Protection Law and international best practices including GDPR principles where applicable.

5.2 Data Collection and Use

Collection limited to necessary business purposes
Clear notification of data collection practices
Explicit consent obtained for sensitive data processing
Regular review of data processing activities
Data minimization and purpose limitation principles

5.3 Data Security Measures

Technical Safeguards:

• End-to-end encryption
• Multi-factor authentication
• Regular security audits
• Secure backup systems

Organizational Measures:

• Staff training programs
• Access controls and permissions
• Incident response procedures
• Regular policy updates

5.4 Client Rights

Right to access personal data
Right to rectification and correction
Right to data portability
Right to withdraw consent
Right to file complaints with regulatory authorities

5.5 Data Retention and Disposal

Clear retention schedules based on legal and business requirements
Secure disposal of data at end of retention period
Regular review of retained data
Documentation of data disposal activities

6. Risk Management Policies

6.1 Risk Management Framework

Morris Wealth Management maintains a comprehensive risk management framework designed to identify, assess, monitor, and mitigate various risks that could impact our operations, clients, or business objectives. Our risk management approach encompasses operational, compliance, reputational, and financial risks.

6.2 Risk Governance Structure

Board of Directors: Ultimate responsibility for risk oversight and appetite setting
Risk Committee: Regular review of risk policies and significant risk exposures
Chief Risk Officer: Independent risk management function reporting to senior management
Department Heads: First line of defense for operational risk management
Compliance Function: Second line of defense for regulatory and compliance risks

6.3 Key Risk Categories

Operational Risks

• Technology and system failures
• Human error and fraud
• Business continuity disruptions
• Vendor and third-party risks

Compliance Risks

• Regulatory violations
• AML/sanctions breaches
• Data protection violations
• Fiduciary duty failures

Financial Risks

• Market and investment risks
• Credit and counterparty risks
• Liquidity risks
• Currency and interest rate risks

Reputational Risks

• Client complaints and disputes
• Media and public relations
• Regulatory enforcement actions
• Association with high-risk clients

6.4 Risk Assessment Process

Risk Identification: Systematic identification of potential risks across all business areas
Risk Assessment: Evaluation of likelihood and potential impact of identified risks
Risk Prioritization: Ranking risks based on severity and strategic importance
Risk Mitigation: Implementation of controls and mitigation strategies
Risk Monitoring: Ongoing monitoring and reporting of risk exposures
Risk Review: Regular review and update of risk assessments

6.5 Risk Monitoring and Reporting

Monthly risk reports to senior management
Quarterly risk committee meetings and board reporting
Annual comprehensive risk assessment and policy review
Real-time monitoring of key risk indicators
Incident reporting and root cause analysis

6.6 Business Continuity Planning

Comprehensive business continuity and disaster recovery plans
Regular testing of backup systems and procedures
Alternative work arrangements and remote access capabilities
Crisis communication protocols
Regular updates based on lessons learned and changing risks

Morris Wealth Management

Dubai International Financial Centre, United Arab Emirates

Email: compliance@morriswealth.ae

Phone: +971 4 XXX XXXX

This document contains confidential and proprietary information.

Document Version 2024.1 | Effective Date: January 1, 2024 | Last Updated: December 2024