Anti-Money Laundering Risk Assessments – New Zealand
The Cost of Non-Compliance
The AML business risk assessment is considered to be the core pillar of an AML/CFT Programme. If the AML risk assessment is ineffective, the entire AML/CFT compliance framework is compromised.
Due to the importance of an effective risk assessment, the New Zealand High Court received submissions from Government that the starting point for operating without an adequate AML/CFT business risk assessment should result in a maximum fine of $2,000,000!
The leading New Zealand case for determining pecuniary penalties for breaches of section 58 can be found in the High Court decision: Department of Internal Affairs v Qian DuoDuo Limited [2018] NZHC 1887.
In this particular case, the Crown Prosecutor guided the Court by stating:
This particular compliance failure is fundamental: the risk assessment guides a reporting entity’s business practices. If the underlying risk assessment is incorrect, then whatever practices the assessment recommends, even if those practices are in fact carried out, are unlikely to mitigate properly the risk of harm flowing from that reporting entity’s business.
CDD is a fundamental obligation under the Act – sufficiently so, that Parliament has mandated that the maximum penalty for failing to conduct CDD as required by subpart 1 of Part 2 carries a higher maximum penalty of $2 million. However, if the reporting entity’s ability to carry out the correct level of CDD obligations hinges almost entirely on undertaking the risk assessment correctly, then failure in relation to the underlying risk assessment should be seen as being equally egregious, if not more so, than compliance failures relating to CDD. Accordingly, the Department submits that, as a practical guideline, the maximum penalty for a failure to comply with s 58 should be treated in the order of $2 million.
AML Risk Assessment – New Zealand Law
In New Zealand the obligation of conducting an AML business risk assessment arises from section 58 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act). Section 58 sets out that an AML/CFT business risk assessment must include analysis of key areas of business operations that create vulnerability to facilitating money laundering and/or terrorism financing. The key areas requiring analysis are:
The nature, size and complexity of the business
Customers (B2B and B2C)
Products and Services
Method of delivering products and services
Geographies
There are further obligations including:
The risk assessment must be in writing; and
Describe how the business will ensure the assessment remains current; and
Enable the business to determine the level of risk involved in relation to relevant obligations under the AML/CFT Act and regulations.
Subject Matter Expertise
Businesses operating without in-house expertise in the fields of AML/CFT and risk management, struggle to reach the threshold of regulatory effectiveness. It is these businesses that will gain greater benefits from utilising regulatory technology. Regulatory technology automatically performs strategic thinking by utilising algorithms.
Businesses with in-house expertise should still consider the benefits gained from regulatory technology (RegTech). RegTech significantly reduces labour intensive processes. By reducing labour intensive processes, operational costs are radically reduced. This allows business owners to invest its scarce resourcing back to core business activity.
Regulatory Effectiveness
Whatever approach a business takes, one thing is for certain: the outcome must be effective. The term ‘effective’ or ‘effectiveness’ appears 17 times in the AML/CFT Act.
In the context of an AML business risk assessment, ‘effectiveness’ must have an outcome of reasonably identifying those areas within the business that increases the risk of money laundering and terrorism financing occurring.
About AML360
AML360 has been providing New Zealand reporting entities with an online anti-money laundering business risk assessment since 2014. The risk assessment continues to be tweaked to meet recommendations of independent auditors and guidelines from AML Supervisors. This is one of the features of AML360’s business risk assessment. It is easily tweaked to ensure your business receives a level of regulatory certainty.
To complete the New Zealand AML business risk assessment, reporting entities simply select data on screen, add relevant notes, then click ‘Calculate’.
The risk report incorporates a manual to fully inform of relevant sector risks as provided by AML Supervisors, including results of the national risk assessment distributed by the NZ Financial Intelligence Unit.
When an update is required user’s login to their account and select the ‘Edit’ icon, scroll to the area of the report that requires changing and receive the updated report by clicking ‘Calculate’.
Completing an AML/CFT business risk assessment does not get any easier. Save your time and boost your AML compliance with AML360’s regulatory technology. Don’t take the risk of non-compliance.