Following the release of a draft Bill for public consultation in September 2008, and the recent publication of Cabinet papers and a regulatory impact statement, the Anti- Money Laundering and Countering Financing of Terrorism (AML/CFT) Bill (Bill) has finally been introduced to Parliament.
To read a copy of our October 2008 bulletin on the draft Bill please click HERE.
The Bill retains much of the framework of the draft Bill although there are several areas where substantial amendments have been made. The Bill is also much more comprehensive than the draft Bill with some of the prescriptive requirements bearing similarity to the Australian regime.
Summary - What are the changes?
The most important changes to the draft Bill include:
- Reporting entities are now able to rely on the customer due diligence of 3rd parties. However, there are several requirements that must first be met by the entity.
- Reporting entities must ensure that foreign subsidiaries and branches are compliant with the New Zealand regime.
- If a customer is a trust then enhanced customer due diligence is required. The reporting entity must take all reasonable steps to identify the beneficial owner behind the trust.
- The customer due diligence requirements have changed in relation to existing customers and more detail has been included around identification requirements.
- Reporting entities are now required to prepare a 'risk assessment' before conducting customer due diligence. This is in addition to establishing an AML/ CFT compliance programme.
- AML/CFT supervisors will have the power to issue non-mandatory codes of practice.
- AML/CFT supervisors and the courts will have wider powers around the enforcement of AML/CFT compliance.
For more detail on these important changes please read on.
Third Party Reliance
One of the most important amendments to the draft Bill is the inclusion of provisions allowing reliance on third party customer due diligence. The Bill now provides scope for reporting entities to 'contract out' of certain AML/CFT obligations, as long as certain requirements are met (eg the third party must have a business relationship with the customer).
The Bill also allows a reporting entity to rely on the customer due diligence procedures of a person who is resident in a foreign country, provided that the country has sufficient AML/CFT systems and measures in place and the person is regulated or supervised for AML/CFT purposes. While this will reduce the compliance burden for many businesses, it should be noted that reporting entities will only be allowed to rely on third party customer due diligence. They will, however, still be obliged to implement their own AML/CFT programme and risk assessment in accordance with the Bill. Subject to any regulations, a reporting entity may also appoint an agent to conduct customer due diligence procedures on its behalf.
It is unclear what criteria will be used in determining whether a foreign country's AML/CFT regime is 'sufficient'. However, it seems likely that this will be specified in regulations, possibly through a schedule of 'grey list' type countries that meet Financial Action Task Force (FATF) requirements.
Finally, the Bill introduces the concept of a Designated Business Group (DBG), something that should be familiar to those reporting entities who are regulated under the Australian regime. A DBG is a group of related entities that 'shares' the AML/CFT burden. For example, one entity in the group may adopt parts of another entity's AML Programme or use another member's risk assessment. This will reduce compliance costs for those reporting entities with many subsidiaries/related businesses.
Foreign branch and subsidiary compliance
An important addition to the Bill is the requirement for reporting entities to ensure that branches and subsidiaries in foreign countries apply AML/CFT measures that are at least equivalent to those required in the Act and regulations. If the law of a foreign country does not permit the application of equivalent measures, the reporting entity must inform the AML/CFT supervisor of this fact and take 'additional measures' to effectively handle the risk of money laundering and financing of terrorism.
The Bill does not elaborate on what 'additional measures' would entail.
Customer due diligence
Customer due diligence requirements have received much greater clarification. The Bill now sets out exactly what information is required in order to properly identify a customer and provides more detail around how that information must be verified.
There have also been important changes around for which customers enhanced customer due diligence must be conducted. The Bill now specifies that enhanced customer due diligence is necessary for a customer that is:
- A trust or another vehicle for holding personal assets. (The Bill requires that the reporting entity must take all reasonable steps to identify the beneficial owner. It is unclear how this will work in relation to discretionary trusts and this may need to be looked at more closely in select committee.)
- A non-resident customer from a country that has insufficient AML/CFT measures in place.
- A company with nominee shareholders or shares in bearer form.
Enhanced customer due diligence is also required for customers who are politically exposed persons and in other situations (such as where there is/is intended to be a correspondent banking relationship).
Requirements for conducting standard customer due diligence on existing customers have also been altered to some extent. The draft Bill required standard customer due diligence for existing customers only when doubt arose as to the adequacy or veracity of previously obtained identification or verification information. Under the Bill standard customer due diligence on existing customers is now required in the following additional circumstances:
- If there has been a change in the nature or purpose of the business relationship.
- If the reporting entity suspects that a transaction the customer is involved in may involve money laundering or the financing of terrorism.
- If the reporting entity considers that, according to the level of risk involved, it has insufficient information about the customer.
AML/CFT compliance programme
The establishment of an AML/CFT compliance programme is still one of the core requirements of the Act (and possibly the most costly). The Bill prescribes the content of an AML/CFT compliance programme and requires the appointment of an AML compliance officer. One important requirement is that an AML/CFT compliance programme contain procedures for vetting and training senior managers, the AML/CFT compliance officer, and other employees with AML/CFT duties. More detail in this regard is likely to be introduced via regulations.
The Bill also now requires reporting entities to conduct a 'risk assessment' before conducting customer due diligence or establishing an AML/CFT compliance programme. A risk assessment consists of a written report assessing the risk of money laundering and financing of terrorism that the entity may reasonably expect to face in the course of its business. The Bill prescribes the form and content of the risk assessment.
Both the AML/CFT compliance programme and risk assessment are to be independently audited once every two years - or at any other time if requested by an AML/ CFT supervisor.
Codes of practice
Under the Bill AML/CFT supervisors may be directed by the responsible Minister to prepare codes of practice for relevant sectors. The purpose of a code is to provide a statement of practice that assists reporting entities to comply with their obligations under the regime. Compliance with a code of practice will not be mandatory but compliance will be a strong defence if a person is charged with an offence under the Act.
There have been several amendments in the area of enforcement. Under the Bill:
- Criminal liability can now attach to senior managers of a reporting entity that commits an offence under the Act. The definition of senior manager is broader than 'executive officer' and includes directors, positions comparable to directorship in an entity that is not a company (trustee, partner etc), and any person occupying a position within a reporting entity that allows that person to exercise influence over the management or administration of the entity (CEO, CFO etc).
- AML/CFT supervisors will have the power to issue formal warnings and accept enforceable undertakings (much like those taken by the Securities Commission now).
- The High Court may issue a 'performance injunction' requiring a person to do an act or thing where failure to do an act or thing would constitute a civil liability act.
- The High Court may also issue a 'restraining injunction' restraining a person from engaging in conduct that contravenes or would contravene the Act.
- Pecuniary penalties have changed slightly.
- AML/CFT supervisors' search and seizure powers have been limited to some extent.
The Bill was introduced to Parliament on 25 June 2009. Once it passes its first reading it will go to select committee where there will be a call for submissions. The Ministry of Justice has indicated that the Bill is to be enacted as quickly as possible and should be law by the end of 2009 or early 2010. Cabinet has recommended a two year transition period to give reporting entities enough time to put AML/CFT systems in place.
How can we help?
DLA Phillips Fox has a great deal of experience in the area of anti-money laundering and has already helped a number of clients through the implementation of the regime in Australia.
We can help you be ready for the new AML/CFT regime by advising on the implications that it will have for your business. We are also happy to work with you in preparing submissions on the Bill, and, once the Bill becomes law, advising on the preparation of your AML/CFT compliance programme.
Phillips Fox has changed its name to DLA Phillips Fox because the firm entered into an exclusive alliance with DLA Piper, one of the largest legal services organisations in the world. We will retain our offices in every major commercial centre in Australia and New Zealand, with no operational change to your relationship with the firm. DLA Phillips Fox can now take your business one step further − by connecting you to a global network of legal experience, talent and knowledge.
This publication is intended as a first point of reference and should not be relied on as a substitute for professional advice. Specialist legal advice should always be sought in relation to any particular circumstances and no liability will be accepted for any losses incurred by those relying solely on this publication.