Your business risk is the risk that your products and services may be identified as being used to facilitate money laundering and terrorist financing resulting in potential financial and reputation damage.

The Anti-Money Laundering and Countering Financing of Terrorism (AML / CFT) Act 2009 is designed to assist in combating money laundering and financing of terrorism and places certain obligations and requirements on New Zealand reporting entities to comply.  The AML / CFT Act (the Act) came into force on 30 June 2013. The Act is supported by regulations, a code of practice and guidelines as issued by the AML / CFT Supervisors from time to time.  

The purpose of the Act is to:

  • Detect and deter money laundering and the financing of terrorism
  • Contribute to public confidence in New Zealand’s financial system.

The Act requires reporting entities to adopt a risk based approach for assessing and monitoring money laundering and financing of terrorism risks relevant to the size, nature and complexity of their business. They are expected to make decisions on how to manage and mitigate the identified risks taking into account the sector risk assessments provided by the AML / CFT Supervisors and the National Risk Assessment produced by the New Zealand Police Financial Intelligence Unit.

Reporting entities have a range of responsibilities under the Act including:

  • Undertaking and maintaining an assessment of their organisation’s money laundering and financing of terrorism risks to determine their risk profile
  • Developing and maintaining a programme to manage and mitigate the risks identified. The programme is to be supported with adequate and effective policies, procedures and controls
  • Undertaking customer identification and identity verification - know your customer (KYC)
  • Undertaking ongoing customer due diligence - know your customers’ business
  • Undertaking account monitoring and reporting of suspicious transactions to the authorities
  • Having effective record keeping practices which ensures customer identification information and transaction records are retained for the required period
  • Vetting and training of relevant staff
  • Reporting annually to the Supervisor
  • Completing an independent audit of the programme every two years.

Starfish Consulting Services

While Starfish does not perform independent audits, we have developed a range of ongoing cost effective specialist consulting services and are well positioned to support and assist the AML / CFT Compliance Officer and reporting entities to continue to monitor and maintain their risk assessment and AML / CFT programme. Starfish currently provides AML / CFT consulting services to financial institutions across New Zealand including foreign exchange and money remittance firms, finance companies and Banks.

  • AML / CFT 'Health Check' - this 'health check' is designed to identify and address any material findings or issues at the AML / CFT Compliance Officer level prior to formal Supervisor inspection or undertaking an independent audit. Supervisor and audit formal report findings are normally escalated to your Risk Committee or the Board. Alternatively, Starfish can assist you to address any material findings or issues raised by the Supervisor or audit in their formal reports
  • Internal Review Checklist - this comprehensive internal review checklist has been developed and designed for the AML / CFT Compliance Officer to regularly check and monitor compliance with the AML / CFT programme, policies, procedures and controls across all business lines, including any authorised third parties. The review checklist will also assist in identifying any deficiencies or non-compliance under the AML / CFT programme and will help position you for when independent audits are undertaken
  • AML / CFT training - this training is designed to support and supplement internal staff training and can be adapted to meet your specific needs. External training has shown to have the added benefit of complementing internal training while providing a wider scope based on our experience across the New Zealand financial sector
  • Second Risk Assessment - for most firms, the first risk assessment undertaken was also an entry point into understanding the new and amended AML / CFT obligations and requirements. Business responses were best endeavours at the time based on the information available. With the development and implementation of your AML / CFT programme, new and amended policies, procedures and controls have been put in place. During 2014 / 2015, it was recommended that a second risk assessment be undertaken to assess the movement in your initial risk profile and to identify any new risks. This would also ensure that your risk assessment remains current as per section 59 (1) of the Act
  • Annual Report - the Act requires all reporting entities to prepare an annual report on their risk assessment and AML / CFT programme. Starfish can assist you with completing this comprehensive report
  • Specialist Support - as firms continue to embed their AML / CFT programme, procedures and controls across the business, various scenarios, problems and questions arise including developing of new products and what your competitors may be doing. Starfish can provide ongoing support to AML / CFT Compliance Officers with specific issues or concerns.