Money Laundering Basics
New Zealand’s AML/CFT Regime
Supervision in relation to AML/CFT
Money laundering describes the process by which criminals make money obtained from their criminal activities (“dirty”) look legitimate ("clean").
They aim to introduce their "dirty money" into the financial system without detection or arousing suspicion. Once their "dirty money" is in the financial system, it can be transferred between different bank accounts or financial products in New Zealand or abroad, or used to purchase goods and services.
The aim of money laundering is to make this "dirty money" look like it has come from a legitimate source, and therefore difficult to connect the money with its criminal past.
Terrorist Financing is the financial support of terrorists, or those who encourage, plan or engage in terrorism.
Terrorist financing may involve funds raised from legitimate sources, such as personal donations and profits from businesses and charitable organizations. It may also be drawn from criminal sources, such as the drug trade, the smuggling of weapons and other goods, fraud, kidnapping or extortion.
People who finance terrorism often use similar methods and tools to those used for money laundering. Read our Sector Risk Assessment document for more information.
The Anti-Money Laundering and Countering Financing of Terrorism Act (AML/CFT Act) was passed in 2009. The Act and regulations came fully into effect on 30 June 2013.
The AML/CFT Act sets many obligations at a relatively high level. More detail is set out in:
Regulations – these contain minimum standards, thresholds, etc. These are mandatory and must be followed.
Codes of Practice – these set out methods by which reporting entities can comply with their obligations. While not mandatory, they can provide a defence against charges of non-compliance (a “safe-harbour”), if followed correctly. A reporting entity that fully complies with the code is compliant with the relevant parts of the legislation. If a reporting entity decides to opt out of all, or part, of the code it is required to have provided written notification to its AML/CFT supervisor. This notification states that the reporting entity has opted out of compliance with all, or part, of the code and intends to satisfy its obligations by some other equally effective means.
Guidelines – these outline other non-binding guidance from supervisors.
A Code of Practice and several guidelines have been published. Read
more about Codes of Practice and Guidance
Reporting entities are required to assess the money laundering and financing of terrorism risk that they may reasonably expect to face in the course of their business.
In making this assessment, the Act requires that a reporting entity considers:
Reporting entities should consider whether any of their products involve new or developing technologies that may favour customer anonymity. The Act also specifies that reporting entities should consider particular activities, such as wire transfers and correspondent banking relationships.
Guidelines have been published to help reporting entities develop procedures on the assessment of risks associated with the countries it deals with. The Countries Assessment guideline (PDF 456KB) will help you decide when you need to undertake this assessment and how to approach the assessment.
An AML/CFT programme sets out a reporting entity’s internal policies, procedures and controls to detect money laundering and financing of terrorism and to manage and mitigate the risk of it occurring. The programme must be in writing and be based on its risk assessment.
Certain elements of a programme are specifically required by the Act, including:
Risk-based systems and controls should be based on the nature, size and complexity of a reporting entity’s business, along with any money laundering and financing of terrorism risks it may face.
Entities that are eligible may choose to form a Designated Business Group (DBG). This enables the entities to share a Risk Assessment and some, but importantly not all, aspects of their AML/CFT Programmes.
Guidelines have been published to help reporting entities to decide whether they are eligible to form a DBG. The guidance is in two parts. The Designated Business Group - scope guideline (PDF 264KB) outlines the obligations that may be shared by members of a designated business group. The Designated Business Group – formation guideline (PDF 298KB) highlights the eligibility criteria and election process when forming or joining a designated business group. It also explains the process for notifying an AML/CFT supervisor about the formation of, or change to, a designated business group and provides the forms for doing so.
Basic obligations imposed on reporting entities include -
Reporting entities have considerable flexibility, within the limits prescribed by the Act and Regulations, in how they meet their obligations.
Customer Due Diligence (CDD) involves:
a) gathering information about customer identity; and
b) verifying a customer's identity, to ensure the customer is who they say they are.
In many cases, reporting entities also need to establish the identity of the beneficial owner, meaning the person who ultimately controls the customer.
The Identity Verification Code of Practice 2011 sets out methods by which reporting entities can comply with their obligations to verify the name and date of birth of customers who have been assessed as low to medium risk. The Code is not mandatory, but provides a “safe-harbour” if followed correctly. If a reporting entity decides to opt out of this Code, it must adopt practices that are equally effective and notify its AML/CFT supervisor.
The Beneficial Ownership guideline has been published to help reporting entities develop procedures on the verification of beneficial ownership.
Ongoing Customer Due Diligence means regularly reviewing customer information and having systems to conduct account monitoring. This is required for all customers, including existing customers.
“Politically-Exposed Persons” (PEPs) are individuals who, by virtue of their position in public life, may be vulnerable to corruption. The New Zealand legislation currently limits this concept to foreign PEPs, and does not include domestic (New Zealand-based) PEPs. Reporting entities are required to give specific consideration to the risks involved with PEPs and so should:
In assessing risk, a reporting entity must have regard to section 58(2) and “the institutions it deals with”. This includes your correspondent banking relationships.
“Correspondent banking relationship” has the meaning set out in section 29(3) of the AML/CFT Act. Nostro or Vostro facilities are examples of accounts that are “used, or are proposed to be used, for payments to, or receipts from, foreign financial institutions.”
Section 29 of the Act sets out the Customer Due Diligence requirements for correspondent banking relationships a reporting entity has, or proposes to have. We recommend you obtain independent legal advice if you are unclear about the obligations as they apply to your historical or existing accounts. For example, section 29(2)f of the Act states that you must “be satisfied” with the accounts you have that are used directly by third parties to transact business on their own behalf.
Other examples of “institutions (you) deal with” include:
The Reserve Bank of New Zealand is committed to a risk-based approach in countering money laundering and terrorist financing. This means we allocate our resources and efforts to the areas where we perceive the greatest threat to our statutory objectives, in order to:
Criminals are increasingly flexible and innovative in their efforts to launder money and attempt to avoid detection. (Read our Sector Risk Assessment document for more information). It is therefore important that our anti-money laundering responses are flexible, proportionate and cost-effective. These are the main characteristics of a risk-based AML/CFT regime.
No. One of the policy drivers behind the legislation was trans-Tasman integration, but only where it is appropriate for New Zealand. The detail in the legislation and the Government’s approach differs in a number of areas, so it is imperative that reporting entities fully understand their obligations under the New Zealand regime.
The AML/CFT supervisors are focusing on whether the reporting entity has an appropriate and reasonable risk assessment, and an AML/CFT programme that reflects and controls those risks. The AML/CFT supervisors take a risk-based approach to supervision - selecting from the supervision and enforcement tools available to us. Supervision will take into account the nature of the business and the risks that each reporting entity is managing. Read our Bulletin article or our latest speech for more information on the Reserve Bank’s approach to AML/CFT supervision.
This information does not constitute legal advice. Please consult the relevant statute and regulations and seek independent advice.
 AML/CFT - Anti-Money Laundering and Countering Financing of Terrorism
The Reserve Bank’s Email Service is a free service that allows you to receive email notifications when new material is added to the website.
You can sign up to be notified when information relating to the AML section is posted up.