Designated Business Group Formation and Change Guideline

1 AML/CFT Anti-money laundering and countering financing of terrorism Designated Business Group – Formation and Change Guideline September 2025

2 Guideline to reporting entities on eligibility, formation, notification, and withdrawal from a designated business group

1. This guideline is to support reporting entities forming a designated business group (DBG) to understand the process for doing so. Entities may form a DBG if they are eligible to do so under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (Act) and associated regulations.
2. This guideline outlines the eligibility criteria and election process; and explains the process for notifying your AML/CFT supervisor of the formation of a DBG, any addition or withdrawal of a member, or any change in details. Guidance on sharing AML/CFT obligations in a DBG is separately covered in the supervisors’ DBG Scope Guideline.
3. This guideline has been produced by the AML/CFT supervisors under section 132(2) of the Act. This guideline does not constitute legal advice.
4. Section 5(4) of the Act requires you to take this guideline into account on the application of the definition of a DBG. Section 57(2) of the Act requires you to have regard to this guideline when developing your AML/CFT programme (if you are forming or are part of a DBG). After reading this guideline, if you still do not understand any of your obligations relating to a DBG you should contact your AML/CFT supervisor or seek legal advice. What you will find in this guideline
5. This guideline is in three parts: • Eligibility of members of a DBG • Election and notification • Withdrawal from a DBG – including dissolution of the DBG.
6. The form to elect, form, change or terminate a DBG can be found on the supervisors’ website. If you are supervised by the Department of Internal Affairs (the Department) you may also use AML Online1 to create and manage your DBG. Where this guideline refers to the DBG notification form or the election form, or requirements to undertake the process in writing, these requirements can also be fulfilled through AML Online. Eligibility for forming a DBG
7. A DBG is a group of two or more eligible entities that have elected (in writing) to form a group to enable some obligations under the Act to be met on a shared basis. Section 1 https://aml.dia.govt.nz/

3 5(1) of the Act and the AML/CFT (Definitions) Regulations 2011 define a DBG and give details of the types of entities eligible to form a DBG. 8. Guidance on developing an AML/CFT programme is available in the supervisors’ AML/CFT Programme Guideline. 9. There are various ways entities can be eligible to form a DBG and utilise the reliance/sharing provisions: • A related company within the meaning of section 2(3) of the Companies Act 1993 that is a reporting entity in New Zealand or a person in a country with sufficient AML/CFT systems and is regulated for AML/CFT purposes2 • Providers of a service under a joint venture agreement to which each member of the group is a party • Public service agencies, State enterprises or Crown entities • Providers of products or services in common with a public service agency, State enterprise or Crown entity • A body corporate that is:

• A company, either overseas or domestic, within the meaning of section 2 of the Companies Act 1993; and
• Related, within the meaning of section 12(2) of the Financial Markets Conduct Act 2013 to every other body corporate in the DBG; and
• Either a reporting entity resident in New Zealand or in a country with sufficient AML/CFT systems • A related law firm or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where lawyers are supervised/regulated within a sufficient AML/CFT system • A related conveyancer or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where conveyancing is supervised/regulated within a sufficient AML/CFT system • A related accounting practice or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where accountants are supervised/regulated within a sufficient AML/CFT system • A related trust and company service provider or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where trust and company service providers are supervised/regulated within a sufficient AML/CFT system • A related real estate agent or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where real estate agents are supervised/regulated within a sufficient AML/CFT system 2 Refer to paragraph (d)(i) in the definition of “designated business group” in section 5(1) of the Act.

4 • A related high-value dealer or subsidiary that is a reporting entity in New Zealand or an equivalent body in another country where high-value dealers are supervised/regulated within a sufficient AML/CFT system • A group of money transfer agents or sub-agents that are reporting entities3 • A related limited partnership4 • An entity or class of entities prescribed by regulations. 10. Members of a DBG do not always have to be reporting entities. As mentioned above, entity types within the definition of a DBG include government departments that are not covered by the scope of the Act. Any third party, such as an overseas parent company, may elect to join a DBG where they meet the eligibility criteria and undertake activities or obligations on behalf of other members of a DBG. Note that a reporting entity ultimately remains responsible (and liable) for compliance with its own AML/CFT obligations. 11. No member of a DBG may be a member of more than one DBG in New Zealand. 5 However, members of a DBG in New Zealand that operate overseas may also be a member of an overseas arrangement similar in nature to a DBG (as defined in the Act). 12. If considering forming a DBG with an entity overseas, information to assist you to determine what constitutes a country with sufficient AML/CFT systems is available in the supervisors’ Countries Assessment Guideline. 13. A DBG must elect a contact person. The contact person must notify their AML/CFT supervisor of any changes to the DBG, including withdrawal of any members of the DBG or termination of the DBG. 6 Any notification must be in writing and received by the AML/CFT supervisor within 30 days of the change. The notification form should be used for notifying an AML/CFT supervisor. Related designated non-financial businesses or professions 14. For designated non-financial businesses or professions (DNFBPs), 7 a reporting entity must take into account guidance issued by the Department regarding the meaning of ‘related’. 8 The Department has interpreted this to mean “connected” or “associated”. For further information refer to the DIA’s guidance on the meaning of related for DNFBP DBGs. 3 Regulation 7 of the AML/CFT (Definitions) Regulations 2011. 4 Regulation 7A of the AML/CFT (Definitions) Regulations 2011. 5 Paragraph (c) of the definition of “designated business group” in section 5(1) of the Act. 6 Paragraph (e) of the definition of “designated business group” in section 5(1) of the Act. 7 Law firms, conveyancing practitioners, incorporated conveyancing firms, accounting practices, trust and company service providers and real estate agents. 8 Section 5(4) of the Act

5 Election and notification 15. The election form referred to in this guideline is designed to assist entities with the election process and to ensure entities meet the requirements of the Act and regulations. 16. The AML/CFT (Definitions) Regulations 2011 state that certain information must be included in an election form: a. The name of each entity electing to join the DBG b. The name and contact details of the contact person for the DBG c. The name and contact details of each entity’s intended AML/CFT compliance officer9 d. Sufficient information to determine that each entity is eligible; and e. The date that the election will take effect (if more than 30 days from submission of an application containing the information in paragraphs (a) to (d)). 17. Reporting entities should notify the relevant AML/CFT supervisor by submitting the election form. This requirement may also be fulfilled for the Department's supervised reporting entities through AML Online. 18. Each reporting entity must elect to be a member of the DBG. Elections must be in writing and include agreement to adhere to applicable privacy requirements. Importantly, all members of a DBG must agree in writing to comply with the information privacy principles 5–12 in section 22 of the Privacy Act 2020 (Privacy Act),10 which cover the storage, access and accuracy of personal information held and limits on its use and disclosure. 19. New Zealand based members are already required to comply with the Privacy Act. However, they must still confirm that they will comply with the privacy principles. Overseas-based members must also provide assurance in writing that they will comply with the privacy principles in the Privacy Act or the equivalent protections in their jurisdiction. 20. The contact person of the DBG must agree to notify the AML/CFT supervisor in writing and within 30 days,11 of any change in information previously provided to any AML/CFT supervisor about the DBG. 21. The contact person of the DBG should send the completed election form to the relevant AML/CFT supervisor for each proposed New Zealand-based member. This will not necessarily be the same AML/CFT supervisor for all members of the proposed DBG. 9 Subject to certain conditions, Part 7 of the Schedule of the AML/CFT (Class Exemptions) Notice 2018 allows members of a DBG to share their compliance officer. 10 Section 36 of the Act. 11 Section 5(3) of the Act.

6 Timing and Approval 22. A DBG will be supervised by only one AML/CFT supervisor; either the Reserve Bank of New Zealand, Financial Markets Authority, or by the Department. 23. When the products and services provided by members of a DBG are covered by more than one AML/CFT supervisor, the AML/CFT supervisors will agree on the appropriate AML/CFT supervisor for that DBG. This decision will be based on the composition of the membership for the DBG and must be agreed to at the Sector Supervisors Forum (SSF) (see the Supervisory Framework Guideline for further information). Following the SSF, the agreed AML/CFT supervisor will notify the DBG. 24. An AML/CFT supervisor will respond to the DBG contact person in writing within 30 days of receiving the application for forming a DBG. The 30-day period starts the day after receipt of the notification of election. 25. An AML/CFT supervisor may request further information from the reporting entity or proposed DBG member to determine whether the DBG is eligible to be formed, or whether the proposed DBG member is eligible for membership in the DBG, as the case may be. The AML/CFT supervisor must do this within 30 days, starting from the day after receipt of the election form by the AML/CFT supervisor. If the AML/CFT supervisor requires additional information, then the election does not come into force. A new 30-day period will begin the day after further information is received by the AML/CFT supervisor. 26. To establish eligibility for membership, or whether the DBG is eligible to be formed, an AML/CFT supervisor may request further information, including: • The relationship to other entities (if entities are required to be related) • That the entities are in a joint venture • That each entity has agreed to the privacy principles • That an overseas entity is based in a country with sufficient AML/CFT systems and measures and how that was determined; or • That the overseas entity is supervised or regulated for AML/CFT purposes. 27. An AML/CFT supervisor may also decline formation of the DBG. This could be within the initial 30-day period or within any second or subsequent 30-day period.12 28. Elections will come into force 30 days after the AML/CFT supervisor receives the election form (not counting the day of receipt) unless, during that 30-day period, the AML/CFT supervisor has declined formation of the DBG or has requested further information. Members of a DBG may choose a date in the future for the DBG to take 12 Regulation 6 of the AML/CFT (Definitions) Regulations 2011

7 effect, provided that date is more than 30 days after the date the election form is submitted. Additional members 29. New members may elect to join an existing DBG at any time so long as: a. Sufficient information is provided to determine whether the proposed new member meets the eligibility criteria; b. The AML/CFT supervisor is given notice, by the contact person of the DBG 30 days before the election to join the DBG is intended to take effect; and c. The AML/CFT supervisor does not decline the addition of the new member.13

Withdrawal or dissolving a DBG 30. When a member of a DBG withdraws from the DBG, the contact person for the DBG is required to notify the relevant AML/CFT supervisor of the withdrawal of that entity. This must be in writing, within 30 days of the withdrawal.14 31. Similarly, the contact person must notify the AML/CFT supervisor if the DBG is to be terminated. This must also be in writing, within 30 days of the termination. 15 32. The election form should be used to notify your AML/CFT supervisor of changes to the DBG. You do not need your AML/CFT supervisor’s approval to withdraw a member from a DBG or terminate a DBG. However, it is a condition of membership that your written notification is provided within 30 days of the withdrawal or termination. 33. When a member withdraws from a DBG, or the DBG is dissolved, each reporting entity must ensure that all aspects of a risk assessment and AML/CFT programme that were previously shared with another member are now separately complied with by each reporting entity. This includes ensuring that the procedures, policies and controls applying to each aspect of the AML/CFT programme are adequate and effective. 34. If shared systems were used across a DBG, a reporting entity must make sure provision is made for duplicate or new systems, where appropriate, before any withdrawal from the DBG is effective. For example, if record-keeping obligations are undertaken by one member of the DBG, it may still be appropriate for the reporting entity withdrawing from the DBG to use the same processes as the DBG. 35. The reporting entity is responsible for ensuring that they will continue to comply with any privacy requirements. 13 Section 132(2)(f) of the Act. 14 Section 5(3) of the Act. 15 Section 5(3) of the Act.

8 This guideline refers to the DBG Scope Guideline, DBG Election Form, Countries Assessment Guideline and the AML/CFT Programme Guideline which are available on the websites of the AML/CFT supervisors. Version history November 2014 Initial version December 2017 Various changes February 2020 Combined forms, added reference to AML Online for DIA reporting entities and other minor changes that do not impact on guidance October 2022 Updated Privacy Act 1993 references to Privacy Act 2020 September 2025 Updated following amendment to Regulation 6 of the AML/CFT (Definitions) Regulations 2011 in which supervisors are able to decline formation of a DBG. Other minor formatting and editorial changes, including to reference the meaning of ‘related’ for the purposes of DNFBP eligibility to form a DBG. Removal of the DBG election form into a standalone document with minor editorial changes.