AML/CFT

Page last updated: 30 March 2021

The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act) and its regulations place obligations on New Zealand’s financial institutions to detect and deter money laundering and terrorism financing.

It facilitates co-operation amongst reporting entities, supervisors, and other government agencies, in particular, law enforcement and regulatory agencies.

Who supervises AML/CFT

The FMA supervises designated business groups (DBGs) and reporting entities listed in Section 130 of the AML/CFT Act.

The Reserve Bank supervises banks, life insurers, and non-bank deposit takers.

The Department of Internal Affairs covers casinos, non-deposit-taking lenders, money changers and reporting entities not covered by the other supervisors.

The three AML/CFT supervisors actively co-operate with each other and with the New Zealand Police’s Financial Intelligence Unit (FIU). FIU also publish guidance information for reporting entities on their obligations to report suspicious activities and prescribed transactions, and how to meet those obligations. To submit a suspicious activity report or a prescribed transaction report please refer to - goAML.

Who needs to comply

The reporting entities supervised by the FMA are listed in Section 130 of the AML/CFT Act. They include:

issuers of securities
licensed supervisors
derivatives issuers and dealers
DIMS providers
fund managers
client money or property service providers
financial advice providers
equity crowdfunding platforms
peer-to-peer lenders.

The Minister of Justice may grant a range of exemptions to all or any of the AML/CFT Act’s requirements.

Your obligations

The AML/CFT Act imposes several obligations as below:

+ Expand all - Collapse all

Complete a written risk assessment

Section 58 of the AML/CFT Act requires each reporting entity to assess the risk it may reasonably expect to face of money laundering and financing of terrorism in the course of its business. The AML/CFT Act calls this a risk assessment.

A risk assessment is the first step a business must take before developing an AML/CFT compliance programme. The supervisors have issued a guideline on how to complete a risk assessment.

Put in place a compliance programme

The AML/CFT Act takes a risk-based approach to compliance. Reporting entities (within the limits set by the AML/CFT Act and regulations) have some flexibility to determine the way in which they meet their obligations based on their risk assessment. Once a risk assessment is completed, a business can then put in place an AML/CFT programme that minimises or mitigates these risks. See the AML/CFT programme guideline.

The AML/CFT programme will set out your procedures, policies and controls for detecting, managing and mitigating the risk of money laundering, and the financing of terrorism your business may reasonably expect to face. The programme must be in writing and based on your risk assessment.

Annual Reports obligation

All reporting entities are required to prepare an annual report on their risk assessment and AML/CFT programme. Information from these reports will provide us with important information on the people and organisations we supervise, and help us:

understand the risk of money laundering and financing of terrorism activities in each reporting entity
ensure that information we have on our reporting entities is accurate and up-to-date
determine the best use of our AML/CFT resources.

Independent audit obligation

Each reporting entity must ensure its risk assessment and AML/CFT programme are audited every 2 years or at any other time at the request of the FMA. We may also request a copy of any audit report. You do not need to submit your audit report to us unless we request to see it.

How to get started

Engage an independent and qualified auditor early – this is to ensure one is available to assist you.
Review and address issues in your risk assessment, AML/CFT compliance programme and supporting policies and procedures internally before the independent audit.
Refer to the guidelines and reports and our FAQs that detail specific information on what is necessary to complete your AML/CFT audit.
It will take time for your auditor to review your risk assessment, compliance programme, test supporting evidence and prepare an audit report. You should also allow sufficient time (sometimes up to several weeks) to review the audit findings, and agree with the final report.

Prescribed Transactions Reporting (PTR) obligation

From 1 November 2017 reporting entities must submit PTR to the Financial Intelligence Unit (FIU) at the NZ Police.

The Anti-Money Laundering and Countering Financing of Terrorism (Prescribed Transactions Reporting) Regulations 2016 specify the following threshold values for the two types of prescribed transaction:

NZ $1,000 or more for an international wire transfer; and
NZ$10,000 or more for a domestic physical cash transaction.

Please refer to the FIU website for more information. If you have any further questions please email us at aml@fma.govt.nz.

Exemptions

The AML/CFT Act provides for 2 types of exemptions:

regulatory exemptions
ministerial exemptions

The Ministry of Justice (MoJ) may grant a ministerial exemption from any or all provisions of the AML/CFT Act. Exemptions may be granted for businesses, transactions, products, services or customers and may be subject to conditions. The Anti-Money Laundering and Countering Financing of Terrorism (Ministerial Exemption Form) Regulations 2011 prescribe the form in which the Minister must make ministerial exemptions.