On 1 April 2019, the FMA released an industry feedback report with findings that its industry was still not getting it right in basic areas. This includes developing and maintaining
a business risk assessment, along with managing adequate and effective systems for client profiling and transaction
monitoring.
So why such a fuss around a risk assessment?
All NZ AML supervisors enforce the need to carry out a business risk assessment as the first step in managing risks and
developing effective controls. The purpose of conducting a risk assessment as the first step is to ensure
vulnerabilities are correctly identified. If vulnerabilities / exposures are not identified, then the programme will in
turn share those weaknesses, leaving the business at risk of a civil or criminal breach.
A 2018 New Zealand court case placed the starting point of a civil fine for failing to undertake an adequate risk assessment as $2 Million. In that
case the Department of Internal Affairs believed there should be a $2 million fine for failure in regards to risk
assessment alone.
Businesses should take these warnings by AML Supervisors seriously.
AML360 is inviting CEOs and AML Compliance Officers to a complimentary webinar to learn how to develop and maintain a business
risk assessment, how to manage ongoing compliance and how to be AML Smart. This webinar is suitable for all Asia Pacific
jurisdictions.