The Reserve Bank of New Zealand for banks, life insurers, and non-bank deposit takers
The Financial Markets Authority for issuers of securities, trustee companies, futures dealers, collective investment schemes, brokers, and financial advisers
Yes, the The AML Supervisors provides guidance. The guidance includes the following matters which are more commonly accessed by AML Practitioners: AML Programme guideline, AML Risk Assessment guideline, Interpreting “ordinary course of business”, Amended Identity Verification Code of Practice, Auditing guideline, Countries Assessment Guideline, Beneficial Ownership Guideline:, User Guide: AML/CFT Report, Wire Transfers:, Territorial Scope of the AML/CFT Act 2009, and Designated Business Groups Guideline
Under the AMLCFTA, reporting entities are required to conduct on-going Customer Due Diligence (“CDD”) (or “KYC”). Reporting entities are required to have “triggers” or similar built into their AML systems, to enable on-going CDD to be carried out. Specifically, reporting entities are required to re-verify existing customers where there is both a material change in the nature or purpose of the business relationship and the reporting entity considers that it has insufficient information on that customer. For anonymous accounts, a reporting entity is required to undertake standard customer due diligence when it becomes aware of existing anonymous accounts regardless of whether a material change in the nature or purpose of the business relationship has occurred.
A FATF Mutual evaluation Report was produced in October 2009 and There was also a second Follow up Report produced in October 2013 containing a detailed description of the actions taken by New Zealand in respect of all recommendations rated partially compliant or noncompliant in the 2009 Mutual Evaluation Report
Yes. Under AMLCFTA, occasional transaction thresholds have been established. These are thresholds at which customer due diligence will need to be carried out in respect of occasional transactions
including but not limited to:
a) those over NZD9,999.99 (approx. USD6,540);
b) cash transactions in a casino that are for NZD6,000 (approx. USD3,924) or more;
c) travellers’ cheques NZD5,000 (approx. USD3,270) ;
d) money & postal orders NZD1,000 (approx. USD654);
e) wire transfers NZD1,000 (approx. USD654); and
f) foreign exchange transactions over NZD1,000 (approx. USD654).
Individuals: The person’s full name, date of birth, (if the person is not the customer, the person’s relationship to the customer) and the person’s address and any information prescribed by regulations. The
Amended Identity Verification Code of Practice 2013 requires an individual’s name and date of birth to be verified.
Legal persons: Full name, (if the person is not the customer, the person’s relationship to the customer), address, company identifier or registration number and any information prescribed by regulations.
A beneficial owner is an individual who satisfies any one element or any combination of the elements listed below: a) who owns more than 25% of the customer; b) who has effective control of the customer; and c) the person(s) on whose behalf a transaction is conducted. Beneficial ownership threshold level is set at 25% meaning that any individuals owning 25% (or more) of a customer would be subject to CDD requirements. Identifying beneficial ownership of a customer is an obligation that must be satisfied, regardless of the level of risk associated with the customer. However, when deciding what reasonable steps to take to satisfy yourself that the customer’s identity and information is correct, you may vary your approach depending on the risk assessment of the customer. The process for assessing customer risk and deciding how to identify and verify beneficial ownership should be set out in a Reporting Entity’s AML/CFT programme. Section 16 of the AMLCFTA states: A reporting entity must: a) take reasonable steps to satisfy itself that the information provided under section 15 of the AML/CFT Act is correct; b) according to the level of risk involved, take reasonable steps to verify any beneficial owner's identity so that the reporting entity is satisfied that it knows who the beneficial owner is; c) if a person is acting on behalf of the customer, according to the level of risk involved, take reasonable steps to verify the person's identity and authority to act on behalf of the customer so that the reporting entity is satisfied it knows who the person is and that the person has authority to act on behalf of the customer; and d) verify any other information prescribed by regulations.
Under AMLCFTA a reporting entity must conduct enhanced customer due diligence in accordance with sections 23 and 24 of the Act in the following circumstances: a) if the reporting entity establishes a business relationship with a customer that is: a. a trust or another vehicle for holding personal assets; b. a non-resident customer from a country that has insufficient anti-money laundering and countering financing of terrorism systems or measures in place; or c. a company with nominee shareholders or shares in bearer form; b) if a customer seeks to conduct an occasional transaction through the reporting entity and that customer is: a. a trust or another vehicle for holding personal assets; b. a non-resident customer from a country that has insufficient anti-money laundering and countering financing of terrorism systems or measures in place; or c. a company with nominee shareholders or shares in bearer form; c) if a customer seeks to conduct, through the reporting entity, a complex, unusually large transaction or unusual pattern of transactions that have no apparent or visible economic or lawful purpose; or d) when a reporting entity considers that the level of risk involved is such that enhanced due diligence should apply to a particular situation; or e) any other circumstances specified in the regulations. Wire Transfers: A reporting entity must conduct enhanced due diligence in accordance with Section 27 and 28 of the Act if it is an ordering institution, an intermediary institution, or a beneficiary institution in relation to a wire transfer. New/developing technologies: A reporting entity must conduct enhanced due diligence in accordance with Section 30 if: a) it establishes a business relationship with a customer that involved new or developing technologies, or new or developing products, that might favour anonymity; or b) a customer seeks to conduct an occasional transaction through the reporting entity that involves new or developing technologies, or new or developing products, that might favour anonymity.
AMLCFTA requires foreign Politically exposed persons to undergo enhanced due diligence in accordance with Section 26 of the act if:
a) it establishes a business relationship with a customer who it has determined is a politically exposed person; or
b) a customer who it has determined is a politically exposed person seeks to conduct an occasional transaction through the reporting entity.
Under Section 29 of AMLCFTA, the correspondent must: a) gather enough information about the respondent to understand fully the nature of the respondent’s business; b) determine from publicly available information the reputation of the respondent and whether and to what extent the respondent is supervised for AML/CFT purposes, including whether the respondent has been subject to a money laundering or financing of terrorism investigation or regulatory action; c) assess the respondent’s money laundering and countering financing of terrorism controls to ascertain that those controls are adequate and effective; d) obtain approval from its senior management before establishing a new correspondent banking relationship; e) document the respective AML/CFT responsibilities of the correspondent and the respondent; and f) be satisfied that, in respect of those of the respondent’s customers who have direct access to accounts of the correspondent, the respondent: a. has verified the identity of, and conducts ongoing monitoring in respect of, those customers; and b. is able to provide to the correspondent, on request, the documents, data, or information obtained when conducting the relevant customer due diligence and ongoing customer due diligence.
Yes, see section 39 AMLCFTA
Under AMLCFTA for non-face-to-face transactions, identity documents can be endorsed by one of a number of nominated persons (see A10).
New Zealand Police’s Financial Intelligence Unit (FIU)
No. New legislation requiring the mandatory reporting of wire transfers over NZ$1000 (approx. USD654) is expected to come into force in 2017.
Yes. It is an offence to: a) fail to report a suspicious transaction; b) provide false or misleading information; c) unlawfully disclose a STR; d) fail to keep adequate records in relation to filing of STRs; e) obstruct the investigation relating to a STR; f) disclose information in judicial proceedings; or g) structure transactions to avoid AML/CFT requirements. Penalties are: a) in the case of an individual, either or both of the following: a. a term of imprisonment of not more than two years, b. a fine of up to NZD300,000 (approx. USD196,200); and b) in the case of a body corporate, a fine of up to NZD5m (approx. USD3.2m). There are various other offences relating to non-compliance.
No, but it is encouraged. The FIU does not accept manual STR submissions. Submissions must be electronically submitted using “goAML”, the Police’s system, except in urgent circumstances
No. AML Risk Assessments and Programmes must be audited, but not necessarily by an external party. This applied to all Reporting Entities, which includes Banks. Section 59(5) of the Act outlines that a person appointed to conduct an audit must not have been involved in: a) the establishment, implementation, or maintenance of the reporting entity’s AML/CFT Programme; or b) the undertaking of the reporting entity’s risk assessment.
a Reporting entity is required to complete an annual report on the entity’s AML compliance and be submitted to the AML Supervisor (regulator). An audit must be conducted every two years, or at
the Audit report is to be submitted to the reporting entity. The Entity must provide the audit opinion at the request of the supervisor. The annual report requires the entity to report the result (issues)
not necessarily, but it could be.
The Act does not specify what the Audit (external report) should contain. The Supervisor guidance referred to above gives guidance. a) no, but testing is completed by PwC NZ in accordance with international auditing standards b) no, but testing is completed by PwC NZ in accordance with international auditing standards; and c) yes the audit is also of the reporting entity’s risk assessment.
personal data is "Personal information" under the Act and defined as information about an identifiable individual; and includes information relating to a death that is maintained by the Registrar
there is no separate definition of sensitive data. No differentiation is made between how different types of personal information are to be treated under the Act.
The Privacy Commissioner is given the power to prohibit a transfer of personal information from New Zealand to another state, territory, province or other part of a country ("State") by issuing a transfer prohibition notice ("Notice") if it is satisfied that information has been received in New Zealand from one State and will be transferred by an agency to a third State which does not provide comparable safeguards to the Act and the transfer would be likely to lead to a contravention of the basic principles of national application set out in Part Two of the OECD Guidelines and set out in schedule 5A. There are further codes (enforceable by legislation) in place that prohibit some transfer of credit reports, criminal records and medical data. They are: a) Credit Reporting Privacy Code; b) Health Information Privacy Code; and c) Justice Sector Unique Identifier Code.
No national identity card.
While the law does not exclude particular types of agreements, some agreements, like real estate transfer and wills, have additional requirements.
Yes, Section 8 provides that information will not be denied legal effect solely because it is in electronic form.
Summary of law
New Zealand's electronic signature law can be classified as permissive or minimalist. Under the law, parties to an agreement can freely agree on the type of signature to use, including simple electronic signatures. The primary requirements are that the parties agree on the forms of signature, and the electronic document remains readily accessible to the parties.
The previous regime was captured under the Financial Transactions Reporting Act 1996 (“FTRA”). Lawyers remain subject to the obligations in the FTRA.
The Department of Internal Affairs for casinos, non-deposit-taking lenders, money changers, and other reporting entities that are not covered by a) or b)
The AMLCFTA requires a risk based approach.
Individuals: Name and date of birth can be verified by using one form of photographic identification including inter alia a passport, national identity card, New Zealand Firearms Licence, New Zealand
Refugee Travel document or New Zealand Certificate of Identity. Alternatively, one form of non-photographic identification can be used in combination with a secondary or supporting form of photographic
identification or a New Zealand Driving Licence can be used in conjunction with other forms of documentation which are itemised in the Code of Practice.
Identification documents must be certified as a true copy by a trusted referee who is at least sixteen years of age and one of the following:
a) commonwealth representative (as defined in the Oaths and Declarations Act 1957);
b) member of the police;
c) justice of the peace;
d) registered medical doctor;
e) Kaumātua (Kaumātua means Māori Elder and is as verified through a reputable source);
f) registered teacher;
g) Minister of religion;
h) lawyer (as defined in the Lawyers and Conveyancers Act 2006);
i) notary public;
j) New Zealand Honorary consul;
k) Member of Parliament;
l) chartered accountant (within the meaning of section 19 of the New Zealand Institute of Chartered Accountants Act 1996); or
m) a person who has the legal authority to take statutory declarations or the equivalent in New Zealand.