Reserve Bank of New Zealand Feedback Statement on Updates to BS5 Anti-Money Laundering Guidelines

June 2016 Feedback Statement: Proposed updates to BS5 “Guidelines on Anti-Money Laundering and Countering Financing of Terrorism” 1 Consultation 1 On 7 August 2015 we sent all registered banks a proposed new version of the Banking Supervision Handbook document “Guidelines on Anti-Money Laundering and Countering Financing of Terrorism” (BS5). 2 In a covering email, we explained that the version of BS5 that is currently live on the Reserve Bank’s website was last updated in 2009 and pre-dates the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act). The document also specifically refers to now outdated versions of a number of important reference documents. 3 Accordingly, the proposed new version of BS5 added references to the AML/CFT Act, and updated references to other relevant documents. It also included new text to clarify how the use of our guideline-making power in section 78 of the Reserve Bank of New Zealand Act 1989 (the Act) falls under the overarching purposes for which the Reserve Bank exercises its powers under Part 5 of the Act (registration and supervision of banks). 4 Although the text of the proposed new BS5 was significantly changed, the substance of the guidelines has not. BS5 will continue to do nothing more than provide guidance on requirements and expectations that are either imposed on banks by other means, or are desirable from the perspective of prudent banking practices. The changes are minor and technical and therefore only required consultation with the affected parties. The minor and technical nature of the revisions also means that the Reserve Bank is exempted from having to produce a Regulatory Impact Statement.1 5 We raised the issue of BS5 with industry in the context of our Regulatory Stocktake. We noted in the July 2015 Stocktake consultation document2 (see paragraphs 247 and 1 http://www.treasury.govt.nz/regulation/regulatoryproposal/ria/handbook/04.htm 2 http://www.rbnz.govt.nz/-/media/ReserveBank/Files/regulation-and-supervision/banks/consultation-document￾regulatory-stocktake.pdf?la=en Ref #6375848

2 248) that we would like to go ahead and make the necessary updates to BS5 in the near future. 6 The attached appendix sets out the proposed new version of BS5 that we consulted on, with further changes in the light of the comments we have received shown tracked. The just superseded version is available here. 7 We asked banks to provide any comments on the proposed changes to BS5 by 4 September 2015 and in particular to let us know if they disagreed with our assessment that the changes would have a negligible impact on the requirements that banks must satisfy. 2 Feedback 8 We received three responses in total, two from registered banks, and one from an industry body. This section summarises the responses we received and confirms our policy decisions in light of the consultation. 9 The three submitters all supported the new BS5 continuing to include guidelines issued under section 78(3) of the Act, and agreed that the guidelines should include paragraphs 3(1) and 3(2) of the proposed new BS5. These paragraphs concern the Reserve Bank’s expectation that banks meet their obligations under the AML/CFT Act. 10 We further note that one submitter agreed that the proposed changes to BS5 would likely have negligible impact on their current AML/CFT obligations. We also took the small number of submissions to the consultation as evidence that this was a widely held sentiment. 11 However, all three of the submitters felt that paragraphs 3(3) to 3(6) placed unwarranted or redundant requirements upon banks. Specifically, they felt these paragraphs would oblige banks to have regard to: • guidance issued by the Basel Committee on Banking Supervision (BCBS) (paragraphs 3(3) and 3(4)); and • current guidelines from the New Zealand Police Financial Intelligence Unit (FIU) as well as non-binding technical information related to reporting entities’ FIU-related reporting obligations (paragraphs 3(5) and 3(6)). 12 On the BCBS guidance, submitters noted that New Zealand is not a BCBS member, and the Reserve Bank’s usual approach is to adopt those parts of BCBS standards and guidance that what we think are suitable for New Zealand, rather than to translate them wholesale into New Zealand. They argued that compliance with our comprehensive AML/CFT regime should be sufficient, and if there are parts of the BCBS guidance that are not reflected in NZ guidelines but that we think should be, then we should implement them here. One submitter noted that they believed that the Reserve Bank has issued guidance on most of the matters covered by BCBS’ AML/CFT guidance in Ref #6375848

3 guidelines issued under section 132(2)(c)(i) of the AML/CFT Act. This submitter further noted that an obligation on reporting entities in the proposed new BS5 to have regard to BCBS’ AML/CFT guidance would be particularly problematic, as BS5 clarifies the basis on which a recommendation of cancellation of registration in accordance with s77(2)(f) (or a direction in accordance with s113(1)(e)) of the Act can be made. Accordingly, the submitter submitted that guidelines in the proposed new BS5 should be limited to compliance with the AML/CFT Act, rather than include expectations of adherence to external sources such as BCBS’ AML/CFT guidance. 13 In regards to the FIU guidelines and non-binding technical information, two submitters noted that it is unnecessary for us to require banks to have regard to FIU guidelines, as there is already a statutory obligation for them to do so under the AML/CFT Act 2009. • Section 58(2)(g) of the AML/CFT Act requires a reporting entity to have regard to “any applicable guidance material produced by AML/CFT supervisors or the Commissioner [of the Police] relating to risk assessments” when undertaking an AML/CFT risk assessment. • Under section 142(b) of the AML/CFT Act one of the functions of the Commissioner is to issue FIU guidance material, such as the National Risk Assessment and Quarterly Typology reports. • There is an obligation under section 59(1)(a) of the AML/CFT Act on a reporting entity to consider any changes to, or new FIU guidance issued by the Commissioner. 14 Two submitters requested that paragraphs 3(3) to 3(6) be removed, while the third suggested replacing them with a much shorter reference to both sets of external material that is clearly marked as guidance, rather than being formally issued as guidelines under s78(3):they have offered the following drafting – “When a registered bank is creating, revising or refreshing its policies, systems and procedures to detect and deter money laundering and the financing of terrorism, the Reserve Bank recommends that the bank takes guidance from the following external sources: a) The Basel Committee on the Banking Supervision guidance on risk related to money laundering and the financing of terrorism; b) The New Zealand Police Financial Intelligence Unit guidance and non-binding technical information.” 15 On a separate issue, one submitter suggested that when the Act is next amended consideration be given to directly inserting the reference to AML/CFT matters, currently found in the Reserve Bank of New Zealand (Registration and Supervision of Banks) Regulations 2008 (“the Regulations”), into section 78(1) of the Act. Section 78(1) contains the list of matters the Reserve Bank considers in determining whether an entity is carrying out business in a prudent manner. The Regulations could be revoked Ref #6375848

4 at the same time. The submitter noted that this would be similar to what was previously done in relation to outsourcing (see s78(1)(fb) of the Act) and would make this aspect of the legislation more accessible. 3 Our responses BCBS guidance 16 The Reserve Bank accepts that paragraphs 3(3) to 3(6) should not remain in their current form. Instead the paragraphs have been modified and clearly marked as guidance. 17 The 2009 version of BS5 contains an expectation that each bank be familiar with the standards and mechanisms outlined in all current papers the BCBS has issued in relation to anti-money laundering and countering the financing of terrorism. However, this was not in the separate section in BS5 headed “New Zealand guidelines”, and was also qualified by the phrase “taking into account pending legislative developments”, acknowledging the AML/CFT Act that was in train at the time. 18 The Reserve Bank accepts that in the proposed new BS5 as consulted on, the obligation for entities to have regard to BCBS guidance could be viewed as having been given more formal status, and agrees with submitters that it should not be expressed as an obligation. Although the Reserve Bank can make guidelines based on external sources it may not always be best practice to do so. In this case, it appears more appropriate that the Reserve Bank rely on New Zealand guidance for AML/CFT, especially now that New Zealand has its own comprehensive AML/CFT regime. If elements of the BCBS guidance are identified as not present in New Zealand guidance and the Reserve Bank believes they would be appropriate for New Zealand, the Reserve Bank can issue new guidance of its own or update existing guidance. FIU guidelines and non-binding technical information 19 In regards to the references to FIU guidelines and other non-binding technical information, an expectation that banks have regards to FIU guidance already existed in BS5. However, in light of the legislative changes referred to by the submitters, the Reserve Bank is now also of the view that paragraphs 3(5) and 3(6) should also be replaced with text that recommends that banks take FIU guidelines and other non￾binding technical information into account. 20 We agree with the submitters that a requirement in BS5 for banks to take account of FIU guidelines would be redundant because of existing statutory obligations. We also believe that an expectation that banks have regard to non-binding technical information produced by the FIU is also unnecessary. Ref #6375848

5 (1) When a registered bank is creating, revising or refreshing its policies, systems and procedures to detect and deter money laundering and the financing of terrorism, the Reserve Bank recommends that the bank has regard to: (a) guidance from the Basel Committee on Banking Supervision on risk related to money laundering and the financing of terrorism; and (b) guidelines and other non-binding technical information from the New Zealand Police Financial Intelligence Unit. 4 Conclusions 21 In light of the submission feedback the Reserve Bank is modifying the update to BS5. Paragraphs 3(3) to 3(6) will be deleted and replaced with: 22 The revised update to BS5 will be placed on the Reserve Bank website at the time this feedback statement is made public. Attached to the end of this document is a copy of the revised update to BS5 with tracked changes to show the modifications to the original proposed update. The changes in guidelines will take immediate effect, but we do not believe that this will have any material effect on the determination of whether banks are carrying on business in a prudent manner, in terms of section 78(1) and the supplementary regulation on AML/CFT. 23 The Reserve Bank may consider amending its guidelines on the AML/CFT Act in the future if gaps in its guidelines are identified and voluntary compliance with BCBS guidance, and/or FIU guidelines and non-binding technical information is deemed to be an inadequate alternative. 24 In regards to amending the Act so section 78(1) directly contains the AML/CFT matter currently outlined in a regulation, the Reserve Bank agrees this may make the legislation more accessible. Therefore, such an amendment will be considered next time the opportunity to do so arises. 25 The Reserve Bank would also like to note, as previously mentioned in the Regulatory Stocktake, that when the Banking Supervision Handbook is restructured in the future BS5 may be replaced with an AML/CFT guidance document, which would be located in the AML/CFT section of the Reserve Bank website. However, this relocation would not change the status of any of the material currently contained in BS5, and other sections of the Banking Supervision Handbook would likely be modified so they cross refer to any replacement of BS5. Ref #6375848

1 Guidelines on Anti-Money Laundering and Countering Financing of Terrorism Prudential Supervision Department Document BS5 Issued: draft 2015 BS5 June 2016

2

1. Introduction (1) This document sets out guidelines issued under section 78(3) of the Reserve Bank of New Zealand Act 1989 (“the Reserve Bank Act”) for the purpose of interpreting the phrase “the policies, systems, and procedures, or proposed policies, systems, and procedures, to detect and deter money laundering and the financing of terrorism” in regulation 3(2) of the Reserve Bank of New Zealand (Registration and Supervision of Banks) Regulations 2008 (“the Regulations”). (2) Under section 1A and section 68 of the Reserve Bank Act, the Reserve Bank of New Zealand (“the Reserve Bank”) is responsible for promoting the maintenance of a sound and efficient financial system. To achieve these purposes the Reserve Bank registers and supervises banks. Applicants for registration are assessed for the ability to carry on business in a prudent manner and registered banks are supervised to ensure they are carrying on business in a prudent manner. (3) The Reserve Bank considers that to achieve its statutory purposes it must ensure that registered banks have the necessary and effective procedures to deter and detect money laundering and that adherence to the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (“the AML/CFT Act”) is an important aspect to the carrying on of business in a prudent manner by a registered bank.
2. Background (1) Section 78 of the Reserve Bank Act prescribes the matters the Reserve Bank can consider in relation to a bank’s ability to carry on business in a prudent manner. Sections 78(1)(c) to (g) list the matters to which the Reserve Bank must confine its consideration in: (a) having regard, under section 73(2)(c) of the Reserve Bank Act, to the ability of an applicant for registration as a registered bank to carry on its business in a prudent manner; or (b) determining under section 77(2)(f) or section 113(1)(e) of the Reserve Bank Act that a registered bank has not carried on its business in a prudent manner. (2) Section 78(1)(g) provides for other matters to be prescribed in regulation. Matters in relation to anti-money laundering and countering financing of terrorism are prescribed in the Regulations, which came into effect on 30 October 2008. (3) The Regulations set out additional matters that the Reserve Bank may consider, under section 78(1) of the Reserve Bank Act, in determining whether a registered bank has carried on its business in a prudent manner or an applicant for bank registration will be able to carry on its proposed business in a prudent manner. The additional matters are “the policies, systems, and procedures, or proposed policies, systems and procedures, to detect and deter money laundering and the financing of terrorism”. (4) Section 78(3) of the Reserve Bank Act permits the Governor of the Reserve Bank to issue guidelines for the purpose of interpreting any of the matters referred to in sections 78(1)(c) to (g). (5) Section 3 of this document sets out guidelines for the purposes of interpreting the phrase “the policies, systems, and procedures, or proposed policies, systems, and procedures, to detect and deter money laundering and the financing of terrorism”. These guidelines apply to all registered banks in New Zealand. BS5 June 2016

3 (6) Section 4 of this document refers banks to external material that may be useful for informing their anti-money laundering and countering financing of terrorism policies. 3. Guidelines (1) Registered banks in New Zealand are “reporting entities” under the the AML/CFT Act. As such they are obligated to comply with the AML/CFT Act and related regulations. The Reserve Bank is AML/CFT supervisor of registered banks for the purposes of the AML/CFT Act. The Reserve Bank expects that: (a) each registered bank will at all times post-registration have policies, systems and procedures to detect and deter money laundering and the financing of terrorism; (b) those policies, systems and procedures will comply with the AML/CFT Act and related regulations, including (without limitation) satisfying: (i) the minimum requirements for AML/CFT programmes contained in section 57 of the AML/CFT Act; (ii) the requirements to undertake a risk assessment pursuant to section 58 of the AML/CFT Act; and (iii) the requirements to review and audit the risk assessment and AML/CFT programme pursuant to section 59 of the AML/CFT Act; (c) each registered bank will implement those policies, systems and procedures in an effective manner, so as to maximise the likelihood that the bank will at all times comply with its obligations under the AML/CFT Act and related regulations. (2) Prior to registration as a bank in New Zealand, the Reserve Bank expects each applicant: (a) to demonstrate that its proposed policies, systems and procedures to detect and deter money laundering and the financing of terrorism are reasonably likely to satisfy the requirements in (1)(b) above, post-registration; and (b) to make appropriate attestations or give appropriate undertakings to the Reserve Bank in relation to the intended implementation of those policies, systems and procedures in a manner consistent with the requirements in (1)(c) above. (3) From time to time the Basel Committee on Banking Supervision (“BCBS”) publishes its own guidance on banks’ management of risks related to money laundering and financing of terrorism. As at the date of publication of this document, the current version of the BCBS’ guidance is “Sound management of risk related to money laundering and financing of terrorism” dated January 2014 (Sound management of risks related to money laundering and financing of terrorism, PDF 404KB, January 2014) (4) The Reserve Bank expects, when a registered bank is creating, revising or refreshing its policies, systems and procedures to detect and deter money laundering and the financing of terrorism, that the bank will: (a) become familiar with the then current version of BCBS’ guidance on management of risks related to money laundering and financing of terrorism (“the Current BCBS Guidance”); and BS5 June 2016

4 (b) bear the Current BCBS Guidance in mind so that, where reasonably practicable and able to be done in a manner consistent with its obligations under the AML/CFT Act, its policies, systems and procedures reflect relevant parts of the Current BCBS Guidance in a manner appropriate to the size, complexity and nature of the bank’s business activities. (5) From time to time the New Zealand Police Financial Intelligence Unit (“FIU”) publishes guidelines and/or non-binding technical information related to the reporting of suspicious transaction reports and other reports required to be reported to the FIU pursuant to the AML/CFT Act and relevant regulations. (6) The Reserve Bank expects, when a registered bank is creating, revising or refreshing its policies, systems and procedures to detect and deter money laundering and the financing of terrorism, that the bank will: (a) become familiar with the then current FIU guidelines and non-binding technical information related to reporting entities’ FIU-related reporting obligations (“the Current FIU Preferences”); and (b) bear the Current FIU Preferences in mind so that, where reasonably practicable, its policies, systems and procedures reflect the Current FIU Preferences, taking into account the size, complexity and nature of the bank’s business activities. 4. Additional guidance (1) When a registered bank is creating, revising or refreshing its policies, systems and procedures to detect and deter money laundering and the financing of terrorism, the Reserve Bank recommends that the bank has regard to: (a) guidance from the Basel Committee on Banking Supervision on risk related to money laundering and the financing of terrorism; and (b) guidelines and other non-binding technical information from the New Zealand Police Financial Intelligence Unit. BS5 June 2016