Changes to the AML/CFT Act

On 7 Nov 2022, the Ministry of Justice (MOJ) released their Report (the Report) on the Review of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the Act). 

The Report identifies that the AML/CFT regime has not been applied with a sufficiently risk-based approach, with some requirements framed in an overly-prescriptive way and others lacking sufficient guidance for reporting entities. The consequence of this is that efforts by agencies and reporting entities are not always being prioritised towards areas of highest risk. 

The Report provides important commentary on the effectiveness of the AML/CFT regime so far and the cost of compliance, and makes 215 recommended changes to the Act and supporting material to bring our regime in line with global standards.   

SHIFT principal consultant Sean Condon shares his insights on what to expect as the MOJ recommendations are implemented over the coming years.

When and how will changes to the AML/CFT Act be implemented?

Recommendations from the Report will be rolled out in stages over a long period of time. Timing will depend on whether implementation requires:  

  1. a legislative change;
  2. a regulatory change (after further consultation); or  
  3. the issuing of a code of practice / Ministerial exemption / guidance.  

At the Police FIU conference (8-9 Nov 2022) the MOJ suggested that the exposure draft for short-term regulatory changes would be published as soon as this month (Dec 22) with a short consultation period to follow. The discussion document for legislative changes can be expected by May 2023; we look forward to providing further insights on this next year.

The most likely items to be addressed in the first tranche of proposed AML/CFT changes include:

  • Address verification; relaxing the obligation on reporting entities to verify the address of most customers (excluding only those where enhanced Customer Due Diligence (CDD) is required). 
  • Trusts; removing the blanket requirement for enhanced CDD for trusts and moving to a more risk-based model.  
  • Beneficial Ownership; clarifying the beneficial owner definition to make clear that it includes a person with “ultimate ownership or control”. This would mean that a person on whose behalf a transaction is conducted meets the criteria for beneficial owner only in circumstances where they exercise indirect ownership or control of a customer. This may mean the end of the managing intermediaries’ exemption. 

Other notable AML/CFT recommendations from the MOJ:

  • Identity Verification Code of Practice; updates to reflect the Digital Identity Trust Services Framework (once enacted). The explanatory note will also be updated.  
  • Politically Exposed Persons (PEP); expanding the requirements to include domestic PEPs (although with lesser requirements).  
  • Licensing; recommending that some entities be licensed for AML/CFT – specifically those not required to be licensed under other legislation (including remitters and trust and company service providers). 
  • Auditor oversight; creation of some sort of regulatory oversight for AML/CFT auditors and agents and a registration process for all reporting entities. 
  • Infringement notices; if entities are late with their annual AML/CFT reports, their supervisors may have the power to distribute penalties in the future.  
  • Sanctions; use of the Act to support implementation of Sanctions. 
  • Source of Wealth / Funds; reporting entities would need to define the circumstances in which they obtain and verify source of wealth and/or funds in accordance with their risks. 

If you’d like to learn more about the changes to the AML/CFT Act get in touch with us