- ANTI-MONEY LAUNDERING AND COUNTERING FINANCING OF TERRORISM
- Frequently Asked Questions
- News and Updates
- Information for Crown entities
- Information for Businesses
- Annual AML/CFT Report
- AML Online
- Educational Videos
- AML/CFT Legislation
- List of Reporting Entities
- Court Decisions
- Information for the Public
- Archives
- Contact us
Information for Online Marketplaces
- Guide to complying with the Anti-Money Laundering and Countering Financing of Terrorism Act (July 2026)
- Guidance for Online Marketplaces
- Developing your Risk Assessment and Programme (updated July 2026)
- Ordinary Course of Business Guidance (updated July 2026)
- Customer Due Diligence (updated July 2026)
- Identity Verification Code of Practice (updated 4 June 2026)
- Annual reports
- Audit Guidance (updated July 2026)
- NZ Police Financial Intelligence Unit National Risk Assessment
- Territorial Scope of the AML/CFT Act 2009 (updated July 2026)
- Guidance: Wire transfers and prescribed transaction reporting (updated July 2026)
- Country Risk and Sanctions (updated July 2026)
- Designated Business Group Guidance (updated July 2026)
- NZ Financial Intelligence Unit (FIU)
Guide to complying with the Anti-Money Laundering and Countering Financing of Terrorism Act - July 2026
This factsheet and quick start guide has been developed to inform AML/CFT reporting entities of their obligations under the Act and provide guidance on how to comply with those obligations.
Factsheet:
- A guide to complying with the Anti-Money Laundering and Countering Financing of Terrorism Act (PDF, 340KB)
Quick Start Guide:
- AML/CFT Reporting Entity Quick Start Guide (PDF, 1.2MB)
Guidance for Implementing New Customer Risk-Rating
The Department has released new guidance to assist reporting entities in establishing a customer risk-rating system for new customers, as required under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (the Act).
Effective from 1 June 2025, reporting entities must keep a record of the customer's risk rating, review the rating when conducting ongoing customer due diligence and account monitoring, and should update the rating where appropriate.
- Guidance: Customer Risk-Rating (PDF, 251KB)
Guidance for Online Marketplaces
From 1 June 2025, online marketplaces must comply with the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (the Act).
An online marketplace is “a process that is operated online to enable members of the public to conclude contracts for the sale and purchase of goods or the provision or acquisition of non-financial services.”
The Department of Internal Affairs has produced guidance for providers of online marketplaces, to help ensure that they understand their obligations under the Act.
Guidance for Online Marketplaces (PDF, 436KB)
Frequently asked questions are currently in development and will be published on this page soon.
Developing your Risk Assessment and Programme (updated July 2026)
Risk Assessment Guidance (updated June 2026)
The AML/CFT Risk Assessment Guidance is designed to help reporting entities conduct a risk assessment, as required under section 58 of the AML/CFT Act.
- Risk Assessment Guidance (PDF, 834KB)
A risk assessment is the first step a business must take before developing an AML/CFT programme. It involves identifying and assessing the risks the reporting entity reasonably expects to face from money laundering and terrorism financing. Once a risk assessment is completed, a reporting entity must then put in place an AML/CFT programme that manages and mitigates these risks.
AML/CFT Programme Guidance (updated June 2026)
The guidance is designed to help reporting entities develop their AML/CFT programme as required under section 56 of the AML/CFT Act.
AML/CFT Programme Guidance (PDF, 864KB)*
Developing an AML/CFT programme is the next step after conducting a risk assessment. It involves developing the procedures, policies and controls to manage and mitigate money laundering and terrorism financing risks. A reporting entities AML/CFT programme must be based on their risk assessment.
Terrorism Financing Risk Summary
Reporting entities must identify, assess, and mitigate their TF risks through their compliance programme. This risk summary provides an overview of Terrorism Financing risk factors relating to sectors supervised by the Department of Internal Affairs.
New Zealand remains exposed to Terrorism Financing risk; even small-scale financing within New Zealand could have significant impact. Terrorism financiers may manipulate New Zealand structures using methods similar to money launderers.
Terrorism financing Risk Summary (PDF, 355KB)
Interpreting "Ordinary Course of Business" Guidance (updated July 2026)
This guidance is designed to assist businesses to interpret the meaning of the phrase “ordinary course of business,” referred to in the Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
- Interpreting "Ordinary Course of Business" Guidance (PDF, 1.2MB)
This July 2026 update replaces the previous version published in 2017.
In this section:
- Beneficial Ownership Guidance (updated July 2026)
- Customer Due Diligence: Companies Guidance (updated July 2026)
- Customer Due Diligence:Trusts Guidance (updated July 2026)
- Customer Due Diligence: Limited Partnerships Guidance (updated July 2026)
- Customer Due Diligence Guidance (updated September 2025)
- Identity Verification Code of Practice
- Enhanced Customer Due Diligence (updated June 2026)
- Outsourcing to a Third-Party Agent (updated July 2026)
- Reliance on Another Reporting Entity (July 2026)
Beneficial Ownership Guidance (updated July 2026)
A key task in meeting the requirements of the AML/CFT Act is to identify and verify customers’ beneficial ownership arrangements. This guidance is to assist reporting entities in meeting the requirement to perform customer due diligence on the customer and beneficial owners of the customer.
- Beneficial Ownership Guidance (PDF, 523KB)*
Customer Due Diligence: Companies Guidance (updated July 2026)
- Customer Due Diligence: Companies Guidance (PDF, 242KB)
Customer Due Diligence: Trusts Guidance (updated July 2026)
- Customer Due Diligence: Trusts Guidance (PDF, 258KB)
Customer Due Diligence: Limited Partnerships Guidance (updated July 2026)
Customer Due Diligence Guidance (updated July 2026)
The customer due diligence guidance documents are designed to help reporting entities to understand the identification and verification requirements for different types of customers. These guidance documents should be read in conjunction with the beneficial ownership and enhanced customer due dilligence guidance.
The Customer Due Diligence: Companies and Customer Due Diligence: Limited Partnerships Guidance assists reporting entities to understand and implement the requirement to undertake customer due diligence for nominee directors and nominee general partners.
- Acting on Behalf of Others Guidance (PDF, 360KB) - updated July 2026
- Customer Due Diligence: Clubs and societies Guidance (PDF, 555KB) - updated July 2026
- Customer Due Diligence: Companies Guidance (see above) - updated July 2026
- Customer Due Diligence: Co-operatives Guidance (PDF, 578KB) - updated July 2026
- Sole traders and partnerships (PDF, 561KB) - updated July 2026
Enhanced Customer Due Diligence Guidance (updated June 2026)
This guidance assists you to conduct enhanced customer due diligence (EDD) on your customers under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (the Act).
Enhanced Customer Due Diligence Guidance (PDF, 700KB)
Outsourcing to a Third-Party Agent (updated July 2026)
This guidance is intended to help reporting entities to understand the money laundering and terrorism financing risks and responsibilities associated with outsourcing their AML/CFT obligations to a third-party agent.
- Outsourcing to a Third-Party Agent (PDF, 450KB)
Reliance on Another Reporting Entity (July 2026)
This guidance is intended to support reporting entities to understand the risks and responsibilities associated with relying on another reporting entity (or equivalent in another country) for their customer due diligence requirements under the AML/CFT Act.
- Reliance on Another Reporting Entity (PDF, 409KB)
Identity Verification Code of Practice
Identity Verification Code of Practice 2026
A new Identity Verification Code of Practice has been published under the Anti Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act). The new Code commences on 1 July 2026.
- Identity Verification Code of Practice 2026 (PDF, 340KB)
- Fact Sheet – Identity Verification Code of Practice update 2026 (PDF, 800KB)
Annual Reports for Financial Institutions and Casinos - updated June 2021
The annual report is a requirement under section 60 of New Zealand's Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
The User Guide: AML/CFT Report is designed to help reporting entities complete their annual reports. The form and content of the annual report is prescribed inthe Anti-Money Laundering and Countering Financing of Terrorism (Requirements and Compliance) Amendment Regulations 2017 – see schedule 2.
Annual AML/CFT Report for Financial Institutions and Casinos (PDF, 1MB)
For more information about how to do this, including videos, see:
Audit Guidance (updated July 2026)
An independent audit must be conducted every three years, unless you are notified by the Department that a four-year timeframe applies, or at any other time at the request of the Department.
This guidance is designed to support reporting entities to:
- understand the AML/CFT audit requirements under the AML/CFT Act; and
- undertake an effective and credible audit of their risk assessment and AML/CFT programme.
This guidance will also be useful to persons who perform audits of risks assessments and AML/CFT programmes of reporting entities.
The Financial Intelligence Unit of the New Zealand Police has released the National Risk Assessment (NRA) and a support document under the AML/CFT Act 2009.
The NRA is designed principally for the use of the Ministry of Justice, the Department, and the New Zealand Customs Service. The NRA may also be useful to reporting entities in understanding the broader picture of money laundering and terrorist financing risks at a national level.
The NRA can be found on the Police website.
Territorial Scope of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (updated July 2026)
This guidance is designed to assist businesses to assess whether they have obligations under the AML/CFT Act.
This July 2026 update replaces the previous version published in 2019.
- Territorial Scope of the AML/CFT Act 2009 (PDF, 1MB)
Wire transfer and prescribed transaction reporting
Guidance: Wire transfers and prescribed transaction reporting (updated July 2026)
This guidance is intended to support reporting entities to meet their wire transfer and prescribed transaction reporting obligations under the AML/CFT Act.
Assessing Country Risk Guidance
This guidance is designed to help reporting entities supervised by DIA who deal with other countries:
- assess the money laundering and terrorism financing risks related to those countries
- determine whether a country has insufficient AML/CFT systems or measures in place
- assess whether another person or entity is resident in a country with sufficient AML/CFT systems or measures in place and/or is supervised or regulated for AML/CFT purposes
- determine whether another entity is sufficiently supervised and monitored by a banking supervisor
- manage and mitigate the ML/TF risks associated with those countries.
- Assessing Country Risk Guidance - updated July 2026 (PDF, 874KB)
Russia Sanctions
May 2024 Update
New guidance for circumstances where a duty holder has frozen the assets or blocked transactions of a customer under the Russia Sanctions Act 2022, where a duty holder may wish to provide a justification to their customer for their actions.
New Guidance note: For Russian Sanctions Act duty holders (PDF, 100KB)
September 2023 Update
Duty holders for AML/CFT purposes are also duty holders under the Russia Sanctions Act 2022. The Act imposes three types of obligation on duty holders.
Read more here: Russia sanctions update for DIA- duty holders
March 2022 Update
Te Tari Taiwhenua Department of Internal Affairs, the Financial Markets Authority and Reserve Bank of New Zealand have issued this joint guidance for reporting entities in relation to the Russia Sanctions Act 2022: Impact of Russia Sanctions on AML/CFT reporting entities (PDF, 429KB)
More information on the 2022 update can be found here: Russia Sanctions Act
Designated Business Group Guidance (updated July 2026)
These July 2026 updates replace the previous versions published in September 2025.
Designated Business Group - Scope Guidance (updated July 2026)
This guidance is designed to assist reporting entities to understand which obligations may be shared by members of a designated business group.
- Designated Business Group: Scope Guidance (PDF, 465KB)
Designated Business Group - Formation and Change Guidance (updated July 2026)
This guidance is designed to help reporting entities to understand the process to elect, form, change or terminate a designated business group.
- Designated Business Group: Formation Guidance (PDF, 384KB)
Designated Business Group: Notification Form (updated July 2026)
Reporting entities may complete the notification form to inform the Department of a request to elect, form, change, or terminate a designated business group.
You can also manage a DBG through AML Online.
Please visit https://fiu.police.govt.nz if you require goAML assistance with:
- How to register a new entity
- How to register a new user to an existing entity
- Useful frequently asked questions
Once logged into goAML further guidance and e-learning training is available by selecting the “?” icon on the blue task bar.
