Supervisory Framework for Anti-Money Laundering and Countering Financing of Terrorism

Updated November 2019

AML / CFT Anti-money laundering and countering financing of terrorism Supervisory Framework

2 Introduction Money laundering is the method by which criminals disguise the illegal origins of their wealth and protect and enjoy their assets. Financers of terrorism use similar techniques to money launderers, to avoid detection by authorities and to protect the identity of those providing and receiving the funds. To combat money laundering/terrorism financing (ML/TF) an intergovernmental body, the Financial Action Task Force (FATF) was established. FATF has issued a set of 40 Recommendations and 11 Immediate Outcomes. The 40 Recommendations provide a comprehensive plan of action needed to fight against ML/TF, and the 11 Immediate Outcomes represent the thematic goals of an anti-money laundering/countering financing of terrorism (AML/CFT) system that is adequate and effective in protecting the integrity of the financial sector. As a member of FATF, New Zealand adheres to these Recommendations and Immediate Outcomes. The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the Act) was passed to; protect the reputation of New Zealand’s financial sector, disrupt and deter crime, and meet international standards for combating ML/TF and other related threats. The Act places obligations on New Zealand’s financial institutions, casinos, designated non-financial businesses and professions (DNFBPs), the Racing Industry Transition Agency (RITA) and high value dealers (collectively known as reporting entities) to detect and deter ML/TF. Financial institutions include (among others) banks, life insurers, non-bank deposit takers, issuers of securities, trustee companies, futures dealers, collective investment schemes, brokers, financial advisers, non-deposit taking lenders and money changers who, in their ordinary course of business, carry on one or more of the financial activities as defined in section 5 of the Act. DNFBPs include law firms, conveyancers, accounting practices, trust and company service providers, and real estate agents who, in their ordinary course of business, carry on one or more of the activities defined in section 5 of the Act. The obligations for financial institutions and casinos came into force on 30 June 2013. There was a phased implementation of DNFBPs, RITA and high value dealers from July 2018 through to August 2019. Shared Objectives The shared objectives of the three supervisors are drawn from the purposes of the Act. Below is an explanation of the actions, strategies, tools and techniques that are used by the supervisors to achieve these objectives. To detect and deter money laundering and the financing of terrorism. Supervisors provide reporting entities with guidance and education to help them detect and deter those that seek to launder money and finance terrorism through their businesses. This includes the development of codes of practice, guidelines, sector risk analysis and feedback to reporting entities. To contribute to public confidence in the financial system. Supervisors provide guidance and information to help reporting entities comply with the AML/CFT regime. This contributes to public confidence in the financial system. Supervisors publish information on the application of the framework as well as key regulatory policies and processes. Supervisors also engage with reporting entities in a

3 variety of ways to help ensure that all entities are informed of their obligations and how to comply with them. To facilitate co-operation amongst reporting entities, supervisors and various government agencies, in particular law enforcement and regulatory agencies. Supervisors actively co-operate with each other and with the New Zealand Police’s Financial Intelligence Unit (FIU). Supervisors also work with the National Co-ordination Committee (see below), other government agencies, reporting entities and industry bodies to ensure a consistent approach to the AML/CFT regime. To maintain and enhance New Zealand’s international reputation. Supervisors monitor, educate and investigate reporting entities to ensure compliance with the AML/CFT regime. Supervisors also work with the FIU to co-operate with and respond to requests from their international counterparts. This work enhances New Zealand’s international reputation particularly in terms of compliance with the FATF Recommendations as appropriate in the New Zealand context. The AML/CFT framework The Act The basic framework for the AML/CFT regime is set out in the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the Act). The Supervisors The government agencies tasked with supervision of the AML/CFT regime are: The Reserve Bank of New Zealand (RBNZ)

• for banks, life insurers, and non-bank deposit takers www.rbnz.govt.nz The Financial Markets Authority (FMA)
• for financial service providers including: issuers of securities, licensed supervisors, derivatives issuers and dealers, fund managers, brokers and custodians, financial advisers, peer-to-peer lenders, and equity crowdfunding platforms www.fma.govt.nz The Department of Internal Affairs (DIA)
• for casinos, non-deposit taking lenders, money changers, DNFBPs, high value dealers, RITA and other reporting entities not elsewhere supervised www.dia.govt.nz National Co-ordination Committee The Act also established the AML/CFT co-ordination committee more commonly known as the National Co-ordination Committee (NCC). The NCC comprises of a representative from each of: • Ministry of Justice (MoJ) • New Zealand Customs • Every AML/CFT supervisor • Police • Any other government agency employee as invited by (the chief executive of) MoJ

4 The role of the NCC is to ensure that the necessary connections between the supervisors, Police, and other agencies are made in order to ensure the consistent, effective, and efficient operation of the regime. Sector Supervisors Forum The core membership of the AML/CFT Supervisors’ Forum, more commonly known as the Sector Supervisors’ Forum (SSF), will comprise of representatives from the following parties: • RBNZ • DIA • FMA Representatives from the FIU and MoJ may attend in the capacity as an observer. Other representatives from New Zealand government agencies may attend by invitation as considered appropriate by SSF. The purpose of the SSF is to support the NCC by co-ordinating operational matters between the supervisors. The functions of the SSF include: • To facilitate consistent and co-ordinated approaches to the development and dissemination of AML/CFT guidance materials and training initiatives by supervisors and the Commissioner; • To facilitate good practice and consistent approaches to AML/CFT supervision between the supervisors and the Commissioner; • To provide a forum for sharing information on operational issues that have implications for the effectiveness or efficiency of the AML/CFT regulatory system; • To provide a forum to determine the reporting entity supervisor where a current or potential supervisory overlap exists. Regulations Regulations made under the Act prescribe additional requirements in a number of areas. Regulations will be used for dealing with obligations and risk characteristics that may change in the medium term. At the time of publication, the regulations in force were: • Anti-Money Laundering and Countering Financing of Terrorism (Cross-Border Transportation of Cash) Regulations 2010 which commenced on 16 October 2010 • Anti-Money Laundering and Countering Financing of Terrorism (Definitions) Regulations 2011 which commenced on 28 July 2011 • Anti-Money Laundering and Countering Financing of Terrorism (Ministerial Exemption Form) Regulations 2011 which commenced on 28 July 2011 • Anti-Money Laundering and Countering Financing of Terrorism (Exemptions) Regulations 2011 which commenced on 30 June 2013 • Anti-Money Laundering and Countering Financing of Terrorism (Requirements and Compliance) Regulations 2011 which commenced on 30 June 2013

5 • Anti-Money Laundering and Countering Financing of Terrorism (Prescribed Transactions Reporting) Regulations 2016 which commenced on 1 November 2017 • Anti-Money Laundering and Countering Financing of Terrorism (Class Exemptions) Notice 2018 which commenced on 30 June 2018 Exemptions There are provisions in the Act that allow reporting entities to apply for an exemption from some or all of their AML/CFT obligations. The Ministerial Exemption process is administered by MoJ. The criteria that the Minister of Justice must have regard to when making their decision is outlined under section 157 of the Act. Ministerial exemptions may be granted for a maximum five-year time period which means there will be a regular opportunity to re-evaluate their appropriateness and necessity. Regulatory exemptions exempt certain transactions and services from some or all parts of the Act. They automatically expire five years after the date on which they come into force. Codes of Practice Codes of practice are intended to provide a statement of practice to assist reporting entities to comply with certain AML/CFT obligations. They set out the suggested best practice for meeting obligations. Some codes will cover all sectors, while others will be applicable to specific sectors. Codes of practice operate as a ‘safe harbour’. The codes allow for flexibility and scope for innovation because reporting entities can opt out of a code of practice. If a reporting entity opts out of the code of practice, it must comply with the relevant statutory obligation by some other equally effective means. However, in order for this to be a defence to any act or omission by the reporting entity, the reporting entity must have provided written notification to its supervisor that it has opted out of compliance with the code and intends to satisfy its obligations by some other equally effective means. Note that currently there is one code of practice, namely the Amended Identity Verification Code of Practice 2013 (IVCoP). Part 3 of this code was further clarified in the Explanatory Note issued in December 2017. IVCoP and the Explanatory Note can be found on the supervisors’ websites. Policy criteria for developing codes of practice Below is the criteria used to develop a code of practice: • Compliance with international obligations relating to AML/CFT, unless there are very compelling reasons why particular obligations cannot be met at this time or exemptions or lower levels of compliance are warranted • A ‘best fit’ for New Zealand, justified on the basis of a cost, benefit and risk analysis that takes into account costs on government and business that are justified by: likely benefits; the level of money laundering risk in New Zealand; and the likely consequences of non-compliance with FATF recommendations • Compatibility with Australian regulatory requirements where consistent with New Zealand’s circumstances and requirements • Consistency with AML/CFT legislation in other FATF member countries in expressing AML/CFT regulatory requirements to minimise compliance costs for international investors and financial institutions, unless this is inconsistent with New Zealand’s circumstances and requirements

6 • Consistent regulation and supervision across sectors where feasible, while at the same time recognising sector differences • Transparent regulation, rules and sector guidance that are accessible and provide certainty to business and supervisors • Effective and coordinated implementation (including information sharing and mechanisms) to achieve the overall objectives of the framework • Regulation and supervision that goes no further than is necessary to achieve the stated objectives and which are implemented in ways that minimise compliance costs on industry to the extent feasible Guidelines Guidelines can be issued by the three supervisors. Guidelines assist reporting entities to determine exactly what their AML/CFT obligations are. Guidelines can either be for all reporting entities or sector specific. All guidelines can be found on the supervisors’ websites. Supervision The following are functions and powers of the three AML/CFT supervisors: Supervisor Functions The functions of an AML/CFT supervisor as outlined in the Act are to - • Monitor and assess the level of ML/TF risk across all reporting entities • Monitor reporting entities for compliance with the Act and regulations, and for this purpose to develop and implement a supervisory programme • Provide guidance to reporting entities to assist them to comply with the Act and regulations • Investigate the reporting entities it supervises and enforce compliance with the Act and regulations • Co-operate through NCC (or any other mechanism that may be appropriate) with domestic and international counterparts to ensure the consistent, effective, and efficient implementation of the Act Supervisor Powers An AML/CFT supervisor has all the power necessary to carry out its functions under the Act or regulations The supervisors may also: • Require production of, or access to, all records, documents, or information relevant to its supervision and monitoring of reporting entities for compliance with the Act • Conduct onsite inspections • Provide guidance to reporting entities by: − Providing guidelines − Preparing codes of practice − Providing feedback on reporting entities’ compliance with obligations under the Act and regulations − Undertaking any other activities necessary for assisting reporting entities to understand their obligations under the Act and regulations, including how best to achieve compliance with those obligations • Co-operate and share information in accordance with sections 46, 48, and 137- 140 of the Act • Initiate and act on requests from overseas counterparts

7 • Approve the formation of, and addition of members to, designated business groups Guiding Principles These functions and powers of the supervisors are exercised in accordance with a core set of guiding principles to help achieve consistency and integrity in our supervisory approach. In some instances, sector-specific circumstances may require sector-specific solutions or strategies to be adopted. These principles will ensure that each supervisor uses its discretion and decision-making powers in a consistent way. A principles-based approach to the supervision of reporting entities and enforcement of the Act and regulations, along with the flexibility inherent in the regime allows supervisors to be responsive to emerging technologies and changing sector environments both nationally and internationally. By adopting and effectively employing the principles-based approach, supervisors establish and maintain co-operative relationships with reporting entities. This helps achieve a consistent approach to AML/CFT regulation and encourage continuing compliance. The guiding principles allow reporting entities to easily identify and understand the common approach that will be applied by all three supervisors.

1. Risk-based approach Supervisors follow a risk-based approach to AML/CFT supervision. The risk-based approach is a fundamental part of the AML/CFT regime to ensure actions taken are targeted and informed (based on all information available to supervisors), resources are used effectively, and maximum impact is achieved. The development of the national risk assessment by the FIU and sector risk assessments by supervisors help inform the risk￾based approach. Similarly, the risk-based approach allows businesses to allocate resources to activities in a way that reflects risk and minimises compliance costs.
2. Accessible and relevant Supervisors foster compliance by assisting reporting entities to understand their obligations. Information and advice about regulations, requirements and procedures is intended to be easily understandable and consistent. Information is made available in ways that are tailored to best communicate with all types of reporting entities with aspects such as business size, culture, language, location, products and services all taken into account.
3. Proportionate and responsive Supervisors’ responses are proportionate and responsive relative to the ML/TF risk or potential impact involved.
4. Consistent and fair Supervisors endeavour to apply high standards, consistently and fairly, in similar circumstances. Where sector specific circumstances require sector specific solutions or strategies they are applied as consistently and fairly as is reasonably possible.

8 5. Transparent and accountable The appropriateness, fairness and consistency of approach taken by supervisors is facilitated by SSF and NCC. Supervisors promote accountability by publishing key regulatory policies and processes. Supervisors provide transparency in their decision making wherever possible. 6. Co-operative Supervisors co-operate with each other to achieve robust and consistent supervision of reporting entities as envisaged by the structure of the AML/CFT regime. The supervisors establish and maintain strong, co-operative relationships with reporting entities, government agencies (in particular law enforcement and regulatory agencies), as well as other organisations that assist supervisors to achieve the shared objectives. These relationships increase mutual understanding of the AML/CFT environment and promote solutions that increase the effectiveness of the system. The principle of co-operation extends internationally, and supervisors also work with the FIU to co-operate with and respond to requests from their international counterparts. Compliance: Tools and techniques The AML/CFT regime includes tools that allow supervisors to promote and enforce compliance and design supervisory strategies. The actions that supervisors take to ensure compliance with the Act and regulations are proportionate to the nature and severity of any non-compliance on a case-by-case basis. Decisions on enforcement actions are made in accordance with the guiding principles in order to best achieve the shared objectives. Regulatory Pyramid1 Ideally most compliance actions should occur at the base of the pyramid. The goal of the education, co-operation and guidance approach is the compliance of all reporting entities with the regime. Compliance is incentivised by the escalating punitive actions available to supervisors in the upper layers of the pyramid. Supervisors take decisive, proportionate actions at all levels of the regulatory pyramid to promote compliance with the regime.

1 The regulatory pyramid was first developed by John Braithwaite and Ian Ayres. See Ayers, I. and Braithwaite, J. 1992, Responsive Regulation: Transcending the Deregulation Debate, Oxford University Press, New York

9 Education, co-operation and guidance The aim is to help all reporting entities understand their AML/CFT obligations and what they need to do in order to meet them. Supervisors seek to facilitate and encourage continuous compliance with the regime. Monitoring, inspections and investigations Supervisors use various methods, such as desk-based reviews and onsite inspections, to monitor compliance with the AML/CFT obligations. A desk-based review is an assessment of the technical compliance of the risk assessment, AML/CFT programme and any other documentation relevant to the reporting entity’s AML/CFT compliance. An onsite inspection enables an AML/CFT supervisor to assess whether a reporting entity is meeting its obligations in practice. Depending on the reporting entity and its previous compliance history, onsite inspections may cover all of the AML/CFT requirements or focus more in-depth on a small number of requirements. Supervisors also analyse information contained in the annual AML/CFT reports submitted by reporting entities. Education, Guidance & Co-operation Inspections & Investigations Sanctions Civil Liabilities Criminal Prosecutions Shared objectives Guiding Principles Risk Management

10 Investigations are carried out by supervisors to identify non-compliance and collect any supporting information. Investigations inform the supervisors on the most appropriate compliance approach going forward. Enforcement Supervisors use regulatory tools that promote compliance by punishing non-compliance including formal warnings, performance injunctions, restraining injunctions and enforceable undertakings. Civil liabilities Civil liabilities relate to the failure of reporting entities to comply with any of their AML/CFT obligations including (without limitation): conducting the required customer due diligence; adequately monitoring accounts; obtaining satisfactory evidence of identity when entering or continuing a business relationship; entering or continuing a correspondent banking relationship with a shell bank; keeping the required records; establishing, implementing or maintaining an AML/CFT programme; and ensuring branches and subsidiaries comply with requirements. Supervisors can issue formal warnings and accept enforceable undertakings. They can also apply to the courts to enforce undertakings; seek interim performance or restraining injunctions; and seek pecuniary penalties against reporting entities for civil liability acts. Criminal prosecutions Criminal offences relate to suspicious activity and border cash reporting, obstructing or misleading supervisors, and failing to provide information to supervisors or police. Civil liabilities conducted knowingly or recklessly are also criminal offences. Supervisors can prosecute reporting entities for offences under the Act. Version History December 2012 Original version. November 2019 Full revised version. Changes made to reflect the expansion of the AML/CFT legislation to include new sectors, FATF recommendations and standards, and to ensure the document is up-to-date.