New Zealand’s anti-money-laundering regime came into force on 30 June 2013. From this date most, financial institutions became “reporting entities”. The Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Amendment Bill was passed in August 2017 which redefined reporting entities as:
- Financial institutions
- Casinos
- Lawyers and conveyancers from 1 July 2018
- Accountants form 1 October 2018
- Real estate agents from 1 January 2019
- Trust and company service providers
- High-value dealers and the New Zealand Racing Board from 1 July 2019
If you are a reporting entity, (other than a high value dealer) you must undertake an audit of your risk assessment and your AML/CFT programme:
Every two years, or
When asked by your AML/CFT supervisor
This audit can be undertaken well in advance of the two-yearly deadline. Forbes believe there may be several benefits to doing this.
- You gain peace of mind sooner rather than later
- You can determine when the best time is for you considering workflows and cashflows.
- By demonstrating to your AML/CFT supervisor you have been pro-active in meeting your commitments it is unlikely you will require vigorous supervision.
What is an AML/CFT audit?
The audit will assess whether your AML/CFT programme complies with the following obligations:
- The programme is based on the risk assessment undertaken
- Includes adequate and effective procedures, policies and controls for:
- Vetting
- Training on AML/CFT matters
- Complying with customer due diligence (CDD) requirements
- Reporting suspicious transactions
- Reporting prescribed transactions
- Record keeping
- Involves risk management to mitigate risks of money laundering and financing terrorism
- Prevents the use of products and transactions the might favour anonymity
- Determining when enhanced CDD is required and when simplified CDD is permitted
- Determining when and how third part CDD is permissible
- Monitoring and managing compliance with, and the internal communication of and training in, those procedures, policies, and controls.
- Whether the policies, procedures and controls are sufficient and have operated effectively throughout the period.