What are reporting entities required to do?
The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 imposes a number of obligations upon reporting entities.
These obligations include:
- carrying out an assessment of the money laundering and terrorism financing risk a reporting entity may reasonably expect to face
- appointing an AML/CFT compliance officer
- the design, implementation and maintenance of a compliance programme
(AML/CFT programme) that sets out procedures, policies, and internal controls
for, among other things:
- vetting and training certain staff
- carrying out due diligence on customers (CDD) (which includes customer identification and verification)
- undertaking ongoing customer due diligence and account monitoring
- reporting suspicious transactions
- monitoring and management of AML/CFT matters in an ongoing way
- audits and reviews of the Risk Assessment and AML/CFT programme
- an annual report to the relevant AML/CFT supervisor.
Please note that reporting entities supervised by the RBNZ must continue to observe their existing obligations under other legislation. For more information see
The AML/CFT Supervisory Framework sets out the framework and shared objectives, functions, powers and guiding principles of the three AML/CFT supervisors.
Information on the Reserve Bank's approach to AML/CFT supervision is available from a speech delivered by the Reserve Bank in June 2013.
More information can be found in:
- Reserve Bank Bulletin, AML/CFT – the Reserve Bank's responsibilities and approach (PDF 63KB)
- Reserve Bank Bulletin, AML/CFT – the Reserve Bank's supervisory approach (PDF 1.3MB)
NZ Police FIU – STR reporting requirements
This information is provided on behalf of the FIU.
The New Zealand Police Financial Intelligence Unit (FIU)'s role is to receive and analyse suspicious transaction reports (STRs), and publish the National Risk Assessment and Quarterly Typology Reports. Reporting entities are required to report all suspicious matters to the FIU via its internet platform goAML. Reporting entities must register for a user name on the goAML website.
The schema for goAML is available at on the New Zealand Police website. Please note that changes to this schema will occasionally be made.
The FIU's goAML webpage contains several relevant documents – including user instructions on how to correctly submit an STR report or an additional information file, and the security features of goAML.