About the application form
We will send you the application form after your introductory meeting. The form is an interactive PDF that asks for:
- business details, including information on your activities, ownership and governance
- information on your anti-money laundering supervisory status and compliance, and financial crime controls
- information on any notifiable cyber security incidents or events.
Supporting information
You’ll need to submit the following with your completed application form.
RBNZ cyber capability survey
Download the survey template (XLSX, 153 KB)
While this survey references regulated entities, we use it to assess the cyber capabilities of both regulated and unregulated entities in relation to using ESAS and it must be completed as part of your application process.
See our guidance on cyber resilience (PDF, 650 KB)
Swift Customer Security Programme (CSP) annual attestation
If you’re already a member of Swift, you will be asked to submit a copy of your Swift Customer Security Programme (CSP) annual attestation, a security attestation required of all Swift users showing compliance levels with Swift controls.
Independent prudential and operational suitability report
You will need to submit a report assessing your prudential and operational suitability completed by a reputable independent audit consultancy services provider, using a template we supply.
The New Zealand Government Procurement website has a list of tier 1 audit service providers.
Consultancy service providers | procurement.govt.nz
Email us at [email protected] if you plan to use an audit service provider that is not on the tier 1 list as this must be agreed with us in advance.
We will provide you with the report template after your introductory meeting.
If you're located overseas
If your home jurisdiction is not New Zealand, talk to us about additional requirements. You will need to provide an independent legal attestation confirming your anti-money laundering supervisory status and compliance, prudential suitability, and the enforceability of ESAS rules in your home jurisdiction.
Prerequisites
If you are applying to access ESAS as a payment service provider, there are 2 prerequisites separate from your ESAS application. We will discuss these prerequisites with you at your introductory meeting (you don't need to have them in place before the meeting).
- You need a connected Business Identifier Code (BIC) with access to the Swift network used by banks and other institutions for financial messaging. This application process is through Swift.
- You must be a participant in a clearing system that settles in ESAS or be in the process of applying to become a participant. This application process is through Payments NZ.
Application processes for Swift, Payments NZ and ESAS can progress in parallel but timeframes differ and decisions are independent.
Read our guide to understanding ESAS requirements and timeframes across organisations (PDF, 114 KB)
If you are already part of the Swift network with a BIC registered in New Zealand or overseas, you can use that BIC for ESAS.
Otherwise, there are several ways you can connect to the Swift network, including direct access or via a service bureau. If you’ve had your introductory meeting with us and confirmed you need Swift network access, it’s best to contact Swift as soon as possible. Timelines, costs and infrastructure requirements may vary significantly, depending on your situation and needs.
If you are granted access to an ESAS account, you will need Swift connectivity before we can begin ESAS technical testing, which is the first stage of onboarding.
You can find more information about this in our guide to understanding ESAS requirements and timeframes across organisations.
Find out about Business Identifier Codes (BICs) | Swift website
Payments NZ participation and ESAS access are joint requirements for payment service providers. You must be a participant in Payments NZ to hold an ESAS account, and you must have an ESAS account to participate in a Payments NZ clearing system. If you are granted access to an ESAS account, your Payments NZ membership must be in place before testing can begin.
If you need to apply to Payments NZ, we suggest you contact them right away and take the following steps to coordinate the 2 application processes (Payments NZ and ESAS).
- Start the Payments NZ application process.
- Once that’s underway, apply for ESAS access. This process is likely to take less time.
- We can approve your ESAS application on the condition of Payments NZ participation.
- Once you have conditional ESAS approval, you can complete your application process with Payments NZ.
- We will confirm your ESAS membership once your Payments NZ application is approved.
- Technical testing can begin, provided you have Swift connectivity.
You can find more information in our guide to understanding ESAS requirements and timeframes across organisations.
We are happy to help coordinate these steps, including being part of discussions with you and Payments NZ.
You will be asked to submit information on your prudential and operational suitability as part of the Payments NZ application process. You can use the same independent report you submit with your ESAS application to provide this information to Payments NZ. We have worked with Payments NZ to ensure the template covers information common to both the ESAS and Payments NZ application processes, although there are also different requirements for each and you may need to provide additional information.
It’s important to note that a successful application to ESAS does not guarantee that your application to participate in Payments NZ will be approved, or vice versa. Each application process is separate.
Find out more about Payments NZ | Payments NZ website