enquiry@amlsolutions.co.nz

09 520 1144

Summary of AML/CFT Guidance Updates – June 2024

CategoriesNews

June 17, 2024

Further AML/CFT regulatory changes came into effect on 1 June 2024, impacting wider reaching aspects of compliance, including customer due diligence.

Below is a summary of the changes broadly that will affect most reporting entities, and links to the associated guidance notes. This is not an exhaustive list of the changes, so we recommend reading the regulations and associated guidance notes to fully understand the updates and how they affect your business.


Customer Due Diligence

Impacts all reporting entities

  • Effective 1 June 2024, there are additional information requirements when conducting standard customer due diligence for a company, e.g. the company’s ownership and control structure. The additional information required is to assist you to understand the company’s legal structure(s), identify its beneficial owner(s), and determine the level of risk associated with the company.
  • The definition of a beneficial owner has been clarified. This will require you to fully understand your customers so as to identify and verify the individual(s) who are the beneficial owners of your customers.
  • The AML/CFT is a risk-based regime. As such, reporting entities have the flexibility of applying a risk-based approach to verifying the individual(s) identified as the beneficial owner(s) of your customer. However, this should be based on the ML/TF risks associated with your customer, and must be based on your Risk Assessment and documented within your Compliance Programme.
  • If your customer is a company, as part of the standard customer due diligence, reporting entities are required to obtain information to establish if your customer has any nominee directors/shareholders. If so, enhanced customer due diligence then applies.
  • Reporting entities must obtain information to identify the settlor(s), protector(s), trustee(s), and beneficiary(s) of a trust, and apply reasonable steps based on a risk-based approach to verify the information, i.e through independent and/or reliable sources. For example, if the settlor is not a beneficial owner of the trust, then the verifications steps for the settlor may be significantly reduced as compared to the verification steps taken with regard to a beneficiary who has vested interest of more than 25% in the trust.
  • The New Limited Partnership Guideline requires reporting entities to obtain and verify information, e.g. full legal name and address of customers that are limited partnerships, to identify and verify the identity of the beneficial owner(s) of a limited partnership.

 

Enhanced Customer Due Diligence

Impacts all reporting entities

  • There are specific circumstances when enhanced customer due diligence must be undertaken. For example, when establishing a business relationship with a company that is utilised as a vehicle for holding personal assets, or with a company that has nominee shareholders/directors or shares in bearer form.
  • Information on source of funds and/or wealth must be obtained and verified against reliable and independent documents, such as when dealing with trusts, PEPs or higher risk customers.
  • Enhanced customer due diligence must be undertaken on existing customers when, for instance, if it has been established that the customer’s ML/TF risk has increased, or a suspicious activity is detected through transaction monitoring activities.
  • If a reporting entity is not able to conduct enhanced customer due diligence on a customer, then the business relationship must not be established. Alternatively, the existing business relationship must be terminated.

 

Ongoing CDD and Account Monitoring

Impacts all reporting entities

Reporting entities must update and verify customer information regularly. Triggers for ongoing customer due diligence can include:

  1. a change in ownership,
  2. a change of trustees,
  3. change in the nature and purpose of the business relationship; or
  4. insufficient customer due diligence information held on file.

 

New/Developing Technologies Included in Risk Assessment

Impacts all reporting entities

  • Reporting entities must consider the impact of new technologies as part of its Compliance Programme to take into account any new or developing products (including any new delivery mechanisms) used by the reporting entity prior to the implementation of any technologies within the business.
  • For instance, if new technology is being used for online identity verification such as EIV or PEP checks, then this must be included in the Risk Assessment, and the tool’s effectiveness and appropriateness must be evaluated as part of the Compliance Programme.

 

Recommended Next Steps

The regulatory changes will affect all reporting entities differently, and so it is important that you read the guidance thoroughly and review how it applies to your business.

  1. Review the links to the updates in the section below.
  2. Assess how it impacts your AML/CFT policies, procedures, and controls.
  3. Look to make the relevant updates to your documentation.
  4. Train your staff (as appropriate) in how these changes impact their roles and duties.

 

Need help in applying these changes?

AML Solutions is experienced in guiding reporting entities through legislation changes and applying them to each unique business. We’re ready to help you with:

  1. Consultation on how these changes impact your organisation
  2. Incorporating regulatory changes into your Risk Assessment and Compliance Programme
  3. Training compliance staff and Senior Leaders on their updated obligations

Get in touch with us here for your quote.

 

Get access to our on-demand AML/CFT Regulations Update video

We’ve prepared an on-demand video that discusses the most significant aspects of the latest updates, and you can get access to this for $75 +GST.

Purchase access >>

 

Links

  1. MoJ updates_AML/CFT Regulations
  2. AML-CFT Updated Guidelines related to CDD

Subscribe to AML Newsletters