Forbes Audit and Accounting

AML Audit Services

New Zealand’s anti-money-laundering regime came into force on 30 June 2013. From this date most, financial institutions became “reporting entities”. The Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Amendment Bill was passed in August 2017 which redefined reporting entities as:

  • Financial institutions
  • Casinos
  • Lawyers and conveyancers from 1 July 2018
  • Accountants form 1 October 2018
  • Real estate agents from 1 January 2019
  • Trust and company service providers
  • High-value dealers and the New Zealand Racing Board from 1 July 2019

If you are a reporting entity, (other than a high value dealer) you must undertake an audit of your risk assessment and your AML/CFT programme:

Every two years, or

When asked by your AML/CFT supervisor

This audit can be undertaken well in advance of the two-yearly deadline.  Forbes believe there may be several benefits to doing this.

  • You gain peace of mind sooner rather than later
  • You can determine when the best time is for you considering workflows and cashflows.
  • By demonstrating to your AML/CFT supervisor you have been pro-active in meeting your commitments it is unlikely you will require vigorous supervision.

What is an AML/CFT audit?

The audit will assess whether your AML/CFT programme complies with the following obligations:

  • The programme is based on the risk assessment undertaken
  • Includes adequate and effective procedures, policies and controls for:
    • Vetting
    • Training on AML/CFT matters
    • Complying with customer due diligence (CDD) requirements
    • Reporting suspicious transactions
    • Reporting prescribed transactions
    • Record keeping
    • Involves risk management to mitigate risks of money laundering and financing terrorism
    • Prevents the use of products and transactions the might favour anonymity
    • Determining when enhanced CDD is required and when simplified CDD is permitted
    • Determining when and how third part CDD is permissible
    • Monitoring and managing compliance with, and the internal communication of and training in, those procedures, policies, and controls.
  • Whether the policies, procedures and controls are sufficient and have operated effectively throughout the period.