Page last updated: 21 December 2022

AML/CFT

The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act) and its regulations place obligations on New Zealand’s financial institutions to detect and deter money laundering and terrorism financing. Find out if you need to comply and what your obligations are under the AML/CFT Act on this page. 

The three AML/CFT supervisors actively co-operate with each other and with the New Zealand Police’s Financial Intelligence Unit (FIU). FIU also publish guidance information for reporting entities on their obligations to report suspicious activities and prescribed transactions, and how to meet those obligations. To submit a suspicious activity report or a prescribed transaction report please view the goAML website from the New Zealand Police.

  • The FMA supervises designated business groups (DBGs) and reporting entities listed in Section 130 of the AML/CFT Act. 
  • The Reserve Bank supervises banks, life insurers, and non-bank deposit takers.
  • The Department of Internal Affairs covers casinos, non-deposit-taking lenders, money changers and reporting entities not covered by the other supervisors.

The reporting entities supervised by the FMA are listed in Section 130 of the AML/CFT Act. They include:

  • issuers of securities
  • licensed supervisors 
  • derivatives issuers and dealers
  • DIMS providers
  • fund managers
  • client money or property service providers
  • financial advice providers
  • equity crowdfunding platforms
  • peer-to-peer lenders.

The Minister of Justice may grant a range of exemptions to all or any of the AML/CFT Act’s requirements. 

The AML/CFT Act imposes several obligations:

Complete a written risk assessment

Section 58 of the AML/CFT Act requires each reporting entity to assess the risk it may reasonably expect to face of money laundering and financing of terrorism in the course of its business. The AML/CFT Act calls this a risk assessment. 

View Section 58 from New Zealand Legislation, Anti-Money Laundering and Countering Financing of Terrorism Act 2009.

A risk assessment is the first step a business must take before developing an AML/CFT compliance programme. The supervisors have issued a guideline on how to complete a risk assessment. Read the AML/CFT Audit Guideline for risk assessment and AML/CFT programme. 

Put in place a compliance programme

The AML/CFT Act takes a risk-based approach to compliance. Reporting entities (within the limits set by the AML/CFT Act and regulations) have some flexibility to determine the way in which they meet their obligations based on their risk assessment. Once a risk assessment is completed, a business can then put in place an AML/CFT programme that minimises or mitigates these risks.

The AML/CFT programme will set out your procedures, policies and controls for detecting, managing and mitigating the risk of money laundering, and the financing of terrorism your business may reasonably expect to face. The programme must be in writing and based on your risk assessment.

View the AML/CFT programme guideline.

Annual Reports obligation

All reporting entities are required to prepare an annual report on their risk assessment and AML/CFT programme. Download the AML/CFT annual report user guide to help you navigate the requirements.

Information from these reports will provide us with important information on the people and organisations we supervise, and help us:

  • understand the risk of money laundering and financing of terrorism activities in each reporting entity
  • ensure that information we have on our reporting entities is accurate and up-to-date
  • determine the best use of our AML/CFT resources.

Complete your AML/CFT annual report

Independent audit obligation

Each reporting entity must ensure its risk assessment and AML/CFT programme are audited every 3 years or at any other time at the request of the FMA. We may also request a copy of any audit report. You do not need to submit your audit report to us unless we request to see it.

How to get started

  • Engage an independent and qualified auditor early – this is to ensure one is available to assist you.
  • Review and address issues in your risk assessment, AML/CFT compliance programme and supporting policies and procedures internally before the independent audit.
  • Refer to the guidelines and reports and our FAQs that detail specific information on what is necessary to complete your AML/CFT audit.
  • It will take time for your auditor to review your risk assessment, compliance programme, test supporting evidence and prepare an audit report. You should also allow sufficient time (sometimes up to several weeks) to review the audit findings, and agree with the final report.

Prescribed Transactions Reporting (PTR) obligation

From 1 November 2017 reporting entities must submit PTR to the Financial Intelligence Unit (FIU) at the NZ Police.

The Anti-Money Laundering and Countering Financing of Terrorism (Prescribed Transactions Reporting) Regulations 2016 specify the following threshold values for the two types of prescribed transaction:

  • NZ $1,000 or more for an international wire transfer; and 
  • NZ$10,000 or more for a domestic physical cash transaction. 

In the case of an international wire transfer, the first reporting entity to transfer funds, and the last reporting entity to receive funds, must do a PTR. We expect that a reporting entity that receives and/or passes on instructions from a client to do an international wire transfer, but does not actually transfer the funds, is not required to do a PTR. This means that international wire transfers carried out by a bank on behalf of another reporting entity will be reportable by the bank.

If an international wire transfer is settled outside the banking system (for example if a reporting entity carries out a transaction on behalf of a client and as a result money is made available to a beneficiary at another entity in another jurisdiction) the reporting entity must submit a PTR.

Please refer to the FIU website for more information. If you have any further questions please email us at [email protected].

The Minister of Justice (MoJ) has the power to grant a ministerial exemption from any provisions of the Anti-Money Laundering and Countering Financing of Terrorism Act. Exemptions may be granted for businesses, transactions, products, services or customers and may be subject to conditions.

Visit the Ministry of Justice website for further information or to apply for an exemption.

Businesses that appear on the designated business groups (DBG) list have formed a DBG in accordance with the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act) and have notified the FMA of the DBG formation in accordance with the AML/CFT designated business group formation and change guideline PDF.

View the DBG List

About the DBG list

  • Only entities that have completed the necessary forms for notifying the FMA of their election to form or join a DBG are included on this list.
  • The list represents our current population of DBGs and is subject to change from time to time.
  • This list is for information only and the listing of a business does not imply we have approved of the activities of the business and does not certify compliance of the business with applicable legislation.
  • Each reporting entity within the DBG must complete an annual AML/CFT report, however, not all entities with a DBG are necessarily reporting entities. Where they are not reporting entities, we have highlighted them as such.
  • For more information see:

DBG Scope Guidelines

This guideline is designed to help reporting entities assist to make the decision on whether to form a designated business group and understand which obligations may be shared by members of a DBG.

Download Designated Business Group Scope Guidelines PDF.

DBG Formation Guidelines

This guideline is designed to help reporting entities forming a DBG understand the process for doing so. Entities may form a DBG if they are eligible to do so under the AML/CFT Act and associated regulations. This guideline highlights the eligibility criteria and election process and explains the process for notifying an AML/CFT supervisor of the formation of a DBG, any addition or withdrawal of a member, or any change in details. Guidance on information sharing in a DBG is provided in the DBG Scope Guideline.

Download Designated Business Group - Formation and Change Guideline PDF.

Formal warnings under section 80 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act) are issued to reporting entities (including public warnings), for breaches of the AML/CFT Act.

View AML formal warnings in our list of enforcement activity

Latest news

FMA files civil proceedings against InvestNow for alleged AML/CFT breaches
FMA has filed civil proceedings against InvestNow Saving and Investment Service Ltd, which trades as InvestNow, for alleged breaches of the Anti-Money ...
AML/CFT wire transfers fact sheet and wire transfer guidance for new regulations
The AML/CFT wire transfers fact sheet describes: what a wire transfer is, who are the parties to a wire transfer and what are the responsibilities pla ...
New AML/CFT regulations – joint statement by AML/CFT Supervisors on supervisory approach
The Department of Internal Affairs, the Financial Markets Authority and the Reserve Bank of New Zealand (‘the Supervisors’) welcome the changes to ...
Guidance Note: For duty holders that are AML/CFT reporting entities
FMA, DIA and RBNZ – along with their partner agencies – MFAT and NZ Police – have provided a Guidance Note for duty holders that are AML/CFT rep ...
AML/CFT customer due diligence: trusts
A trust is an arrangement where a person (the settlor) gives money or property to another person (the trustee), to be held in trust for the benefit of ...
AML/CFT beneficial ownership guideline
This guideline and associated fact sheets are to assist reporting entities to conduct customer due diligence of the beneficial owner of their customer ...