The UAE VAT Law provides a 0% VAT rate for the international transport of goods under certain conditions.

However, many businesses get confused when a shipment includes a domestic leg (for example, transport from Dubai to Abu Dhabi before being exported overseas).

Under Article 33(1)(d) of Cabinet Decision No. 52 of 2017 (Executive Regulations),

“The transport of goods shall be zero-rated if it is an international transportation, including any domestic leg that is part of the international journey, provided it is supplied by the same supplier under one contract.”

In simple terms:

👉 The domestic leg (within UAE) can also be zero-rated — but only if the same supplier handles both the local and international parts of the shipment under one contract.

If there are separate suppliers or contracts, the domestic leg becomes taxable at 5%.

Your BRA is no longer a one-page self-declaration.

 It’s a structured, evidence-based document that maps how your business is exposed to Money Laundering, Terrorist Financing, and Proliferation Financing risks.

It must cover five mandatory pillars:

• Customer Risk – type of clients you serve (individuals, corporates, PEPs).
• Geographic Risk – countries of origin or fund flow.
• Product / Service Risk – nature, size, and complexity of your services.
• Delivery Channel Risk – face-to-face vs online transactions.
• Proliferation Financing Risk – clients or transactions linked to sanctioned entities.

Assign a 1–5 score for each and document your reasoning.

 Example:

“15% of clients are from FATF grey-listed jurisdictions — Geographic Risk = High (4/5).”

MoET expects you to show how every risk is mitigated — with verifiable evidence.

RiskTypical ControlsEvidence Inspectors ExpectHigh Customer RiskCompliance Officer approval + Source of Funds checksSigned approval form, bank statements, risk noteMedium Delivery Channel RiskVideo verification for remote clientsScreenshot or recorded logHigh PF RiskScreening via EOCN / UN listScreening log or vendor report

If you wrote it in your BRA, you must be able to prove it. “We monitor” doesn’t count anymore.

Your BRA must evolve as your business does.

Every 12 months, use internal data to re-evaluate:

% of clients from high-risk countries

% of PEPs or offshore entities

Total STRs filed

Transaction growth or new services

If your exposure changes, your risk scores and controls must too.

Document the update and get it signed by your Compliance Officer and Managing Partner.

Inspectors now expect you to reference the UAE National Risk Assessment (NRA 2024) and your Sectoral Risk Report directly in your BRA.

Example: “Aligned with the NRA 2024, which identifies Accounting DNFBPs as high-risk for misuse of client accounts (Section 3.4).”

Attach a one-page summary note confirming alignment — this instantly signals maturity and awareness.

• A Client Risk Assessment Form for each customer.
• Enhanced KYC for high-risk clients.
• Compliance Officer approval before onboarding.
• Ongoing monitoring and annual re-verification.

• A BRA isn’t a policy — it’s a performance dashboard for your AML framework.
• Every statement in your BRA must be backed by evidence.
• Annual updates, data references, and file linkage are now mandatory.
• Non-compliance = AED 100,000–500,000 fines, even for first-time offenders.