AML-CFT-Programme

Updated AML/CFT Programme Guideline

Your AML/CFT Supervisor has issued updated guidance on AML/CFT Programmes.  The guidance includes your Supervisor’s views (be it the FMA, RBNZ or DIA) on the practical implementation and interpretation of the regulations and an A-Z checklist.  You should familiarise yourselves with these and update your Programmes where necessary.  The updates include, amongst other things, reference to Proliferation Financing, Privacy Act requirements, outsourcing, greater emphasis on a risk-based approach, effectiveness of your Programme (i.e. not just technical adequacy but does it work in practice and achieve what it sets out to achieve?).  Effective 1 June 2025, you also need to ensure you are risk-rating any new customer when you conduct standard or enhanced CDD.  4S AML recommends that you have a clearly documented methodology showing how your customer risk rating is undertaken, that your monitoring is risk-based (i.e. greater resource focus on higher risk customers), that you set clear timeframes for your reviews and that you can demonstrate regular testing has been undertaken.  With regards to CDD, you will note from the guidance that “the expiry of an identity document does not in itself trigger a requirement to update a customer’s CDD information”.  However, when you review identity information and determine, on a risk-sensitive basis, that it is not necessary to update it, your decision should be documented in the customer’s CDD file.

AML-CFT-Programme-Guideline-October-2024.pdf (dia.govt.nz)

Oct 2024