The Department of Internal Affairs

Te Tari Taiwhenua | Department of Internal Affairs

Building a safe, prosperous and respected nation



 

Lawyers and Conveyancers Guidance - Diagram descriptions

Diagram 1

This graphic shows two potential trajectories of a scenario. The scenario is where a client approaches a lawyer to act for them but they are in fact trying to launder money or finance terrorism. At first the lawyer is innocent and unaware of the client’s true intentions. Then when red flags are apparent to the lawyer there are two potential pathways. In one pathway the lawyer follows the law and reports their suspicions. As their suspicions increase they cease acting for their client. In the second pathway the lawyer is initially wilfully blind, but over time becomes complicit in the criminal offending.

Diagram 2

This flow chart aims to help lawyers and conveyancers understand when they are captured by the AML/CFT Act and must comply with its requirements. Some lawyers will read this flow chart and see that they are not ever captured and will not need to establish a compliance programme. The flow chart explains the activities that are specified in the AML/CFT Act and highlights there are other legislative instruments that lawyers and conveyancers can use to find out if they are otherwise exempt from the requirements of the AML/CFT Act.

It starts with a heading “Am I captured by the AML/CFT Act as a DNFBP?” It asks if you are a particular profession ie – in a law firm, conveyancing practice, accountancy practice, real estate agency or trust and company service provider. If the answer is “yes” then you go down to the next box which asks about the kinds of activities you do in the ordinary course of your business. It asks if you “act as a formation agent of legal persons or legal arrangements” or “act as, or arrange for a person to act as a nominee director, or a nominee shareholder, or trustee in relation to legal persons or legal arrangements” or “manage client funds (other than sums paid for professional services), accounts securities or other assets” or, “provide real estate agent work to effect a transaction” or provide  registered office or business address” (there is more detail provided on that point), or “engage in or give instructions on behalf of a customer to another person for…” a range of services which are detailed in a bulleted list. If the answer the reader has is “yes” they are told that “you are captured and must comply with the AML/CFT legislation” but a comment of “unless” is provided also “there is an exemption which excludes your business from compliance requirements”. If the answer the reader has is “no” then they are informed that “you are not captured”. A comment is added here to say “NB: If in the future you are asked to conduct any activity described above, you will need to determine if you are captured by the Act.”

Diagram 3

This flow chart aims to help lawyers define when it is appropriate to submit a suspicious activity report (SAR) by determining when legal professional privilege applies and when it does not. It goes through a series of steps where lawyers need to consider certain factors. Depending on their answers to questions at each step they should proceed or not proceed with submitting an SAR.

The diagram starts with a heading “Lawyers may find it helpful to ask the following questions when considering whether to file an SRA”. The first box says “Are there reasonable grounds to suspect the transaction/service or inquiry in question is or may be relevant to the investigation or prosecution of any person for a money laundering offence, financing terrorism offence, or other relevant criminal activity?”. If the answer is “no” then there is “No need to file an SAR”. But, if the answer is “yes” or “unsure” then the next question to consider is “Does the information giving rise to the suspicion meet the definition of a privileged communication in section 42(1) of the AML/CFT Act?” If the answer is “no” then you need to “file the SAR.” If the answer is “yes” then the next question to consider is “Is privilege lost for any of the reasons given in section 42(2)?” If the answer is “yes” then you need to “File the SAR”. If the answer is “yes” then the next question to consider is “Can you file the SAR without disclosing the privileged information?” If the answer is “yes” then you must “File the SAR”; but, if the answer is “no” then, as the next box says, “you cannot file the SAR.” 

Diagram 4

This simple graphic summarises each of the steps that lawyers and conveyancers must do to firstly establish their compliance programme to meet the requirements of the new AML/CFT legislation and then secondly to operate their compliance programme. It provides section references to the AML/CFT Act to enable them to seek more information where needed.

The diagram starts with the heading “Compliance requirements for reporting entities.” There are four sections.

The first section is titled “Establish a compliance programme”. There are three boxes in this section:

  1. Appoint a Compliance Officer Section 56  Reporting entitles must appoint a compliance officer who will have responsibility for administering and maintaining the AML/CFT Programme. An employee should be appointed to this role who reports to a senior manager. In the case of a sole practitioner, we would expect the sole practitioner to be the compliance officer. If that is not possible, an external person must be appointed as a compliance officer. 
  2. Conduct a Risk Assessment Section 58 Reporting entities are required to undertake an assessment of the risks posed to their business by money laundering and financing of terrorism crimes. The risk assessment should be in writing and be informed by the Phase 2 Sector Risk Assessment, which is available on the DIA website.
  3. Develop an AML/CFT Programme Section 57 The AML/CFT programme must be based on the risk assessment described above and be in writing. It should include policies, procedures and controls for ensuring all compliance obligations are adequately and effectively met.

The second section is titled “Maintain your compliance programme”. There are four boxes in this section:

  1. Conduct Customer Due Diligence Part 2, Subpart 1 Reporting entities must conduct CDD when conducting an occasional transaction or activity or when establishing a business relationship with a client who is requesting assistance with a captured activity, or when an existing client makes this kind of request (if the reporting entity doesn’t hold all the information required already). There are three levels of CDD depending on the circumstances.
  2. Keep records Sections 49 – 55 Reporting entities must keep records of transactions, suspicious activities, the documents verifying the identities of clients and other parties or beneficiaries, and any other related records that may be of interest to the supervisor. Records must be kept at least five years.
  3. Ongoing customer due diligence and ongoing account monitoring - Section 31 Reporting entities are required to undertake ongoing CDD and ongoing account monitoring. This is to ensure that you have ongoing confidence that the business relationship and the transactions within the relationship are consistent with the customer’s business and risk profile, and you can spot any suspicious activity early.
  4. Review your compliance programme - Section 59 The supervisor expects reporting entities to conduct a regular review of their compliance programme. This is to ensure that any business changes or new risks in the operating environment are referenced in the programme and it remains fit-for-purpose.

The third section is titled “Report and audit”. There are two boxes in this section:

  1. Submit an annual report - Section 60 Reporting entities must submit an annual report. This report must be in the prescribed form and be submitted to the supervisor at the time set by the supervisor. The report must take into account the results and implications of the audit (see below) and any information prescribed in the regulations.
  2. Audit your risk assessment and compliance programme every two years – Section 59AAt least every two years a reporting entity must review its risk assessment and compliance programme and have it audited by an independent person who is suitably qualified to conduct the audit. Supervisors may also require an audit to be undertaken on request at shorter notice.

The fourth section is titled “Report to the FIU”. There is one box in this section:

  1. Report to the Financial Intelligence Unit – Subparts 2 and 2A When reporting entities identify suspicious activity, they must report it to the FIU. They should also submit prescribed transaction reports to the FIU as necessary. Lawyers will not be required to submit any privileged communication (as defined in the Act) in either report category.