This article is a summary of the Department’s findings for the accountancy sector from its desk-based reviews and on-site inspections undertaken from January 2019 to January 2020.
Top 5 “compliant” areas
Review of AML/CFT programme
A business must review its AML/CFT programme to ensure it is current, identify any deficiencies in its effectiveness and then make changes as necessary. Many accountants have adequate procedures and policies for reviewing the AML/CFT programme.
The DIA checks to see if you have a process for review, who is responsible for undertaking reviews and how often this occurs. They see best practice as having effective version control. This allows you to keep track of your review procedures and see what and when changes have been made.
Another area that businesses are getting right is the compliance officer role. Under the Anti-Money Laundering and Countering Financing of Terrorism Act (the Act), a reporting entity must appoint someone to be the compliance officer. This is an important role as the compliance officer has responsibility for administering and maintaining the AML/CFT programme.
The DIA checks that you have appointed someone to this role and look at whether they are an employee who reports to a senior manager. If you are a sole practitioner, you are expected to be the compliance officer in most situations.
Regard to applicable guidance material
The DIA found that most accountants have considered guidance material produced by the AML/CFT supervisor and the Financial Intelligence Unit (FIU). This includes the New Zealand National Risk Assessment and the Accounting Sector Risk Assessment. These documents assist you to understand the types of money laundering or terrorism financing risks your business may face.
When undertaking a compliance review, checks are conducted to see if you have considered these documents in your risk assessment and in developing the policies and procedures for your AML/CFT programme.
Suspicious activity reporting
Reporting suspicious activity is a cornerstone of the AML/CFT regime. Your AML/CFT programme is checked carefully to ensure that it has effective policies, procedures and controls to meet this requirement.
The DIA checks whether your AML/CFT programme covers the required reporting timeframes, who is responsible for submitting the reports and how you ensure there is no “tipping off”. They also check whether you are registered for goAML, the FIU’s online portal for submitting suspicious activity reports.
Keeping risk assessment current
Most accountants have policies, procedures and controls for keeping their risk assessments current.
Keeping your risk assessment current involves regular review to identify deficiencies and then making changes as necessary. It also means staying informed on new or emerging money laundering and terrorism financing typologies and adjusting your risk assessment when this is relevant to your business.
Top 5 “non-compliant” areas
Wire transfer provisions
The Act contains requirements relating to information that must accompany a transfer of funds by electronic means. This ensures that a business passes on, or receives, information relating to the Originator and Beneficiary of every transfer of funds. Wire transfers present a high risk of money laundering which is why these requirements exist.
There are different parties to wire transfers; the Originator, the Ordering Institution, any Intermediary Institution, the Beneficiary Institution and the Beneficiary. Businesses should ensure they understand the relevant obligations when they are an Ordering or Beneficiary Institutions of a wire transfer. If a wire transfer is international, there is a further requirement to submit a Prescribed Transaction Report (PTR) to the FIU.
Some accountants have not demonstrated an understanding of what is required if they are an Ordering or Beneficiary Institution of a wire transfer.