6 Tips to Keep the Balance Between Privacy and AML Obligations


1. Prepare In Advance

The updated privacy act took effect on December 1st, 2020. You should already have a compliance officer in place.

If you need help with your Privacy Policy, check out the free Priv-o-matic tool.

Hold data securely and dispose of it when you are required to.

2. Schedule Check-In Times

Make sure your systems are working correctly and that you are testing them periodically. You must respond to requests within 20 working days.

Introduction of new criminal offences with penalties for non-compliance are increasing from $2,000 to $10,000.

3. Take a Moment to Understand Why

  • Strengthening of privacy protection - that includes your own.

  • Promotion of early intervention and risk management.

  • Enhancement of the Privacy Commissioner's role.

4. Learn the Basics

The Privacy Commissioner will have the power to 'Name and Shame'.

The Act will have extraterritorial effect meaning overseas entities doing business in New Zealand are subject to the same obligations.

5. Honesty is the Best Policy

Mandatory Breach Reporting: If you have a breach you believe has caused or is likely to cause serious harm, you will be required to notify the people affected and the Privacy Commissioner as soon as possible.

Keep an eye out for the new breach notification tool online.

6. Be Flexible and Transparent

You can be made to provide individuals with access to their personal information.

Access directions will be enforceable in the Human Rights Review Tribunal.

60% of complaints are from people denied access to their information.

Want to know more? Reach out at draml@ticc.nz or contact us.