Information for Virtual Asset Service Providers
Register with us by clicking on the button below:
- Virtual Asset Service Providers Guideline - March 2020
- Financial Institutions Factsheet
- Developing your Risk Assessment and Programme
- Terrorism financing Risk Summary (July 2024)
- Financial Institutions Sector Risk Assessment - December 2019
- NEW! Guidance: New AML/CFT regulations for Virtual Asset Service Providers (VASPs) - July 2024
- Customer Due Diligence (Updated 29 April 2024)
- Identity Verification Code of Practice (Updated July 2021)
- Annual Reports (Updated June 2021)
- Audit Guideline (Updated 9 July 2021)
- NZ Police Financial Intelligence Unit National Risk Assessment
- Territorial Scope of the AML/CFT Act 2009
- Wire Transfers
- Country Risk and Sanctions (Updated May 2024)
- Designated Business Groups Guidelines (updated October 2022)
- NZ Financial Intelligence Unit (FIU)
- Frequently Asked Questions for DIA Reporting Entities
Virtual Asset Service Providers Guideline (March 2020)
This guide and fact sheet is designed to help Virtual Asset Service Providers to develop awareness of money laundering and terrorism financing and build their compliance programmes to meet their obligations under the AML/CFT Act.
- Virtual Asset Service Providers Guideline - PDF version (PDF, 492KB)
- Virtual Asset Service Providers Guideline - Word version (DOCX, 819KB)
(Updated August 2023)
- Virtual Asset Service Providers Factsheet - PDF version (PDF, 214KB)
- Virtual Asset Service Providers Factsheet - Word version (DOCX, 61KB)
Financial Institutions Factsheet
Any financial institution, either existing or established after the introduction of the AML/CFT Act came into force on June 2013, that in the ordinary course of business carries on one or more of the financial activities captured by the Act, is a reporting entity and must comply with the legislation and regulations.
This factsheet outlines what financial institutions are required to do to meet their AML/CFT obligations.
- Financial Institutions Factsheet (PDF, 778KB)
Developing your Risk Assessment and Programme
AML/CFT Programme Guideline (updated October 2022)
The guideline is designed to help reporting entities develop their AML/CFT programme as required under section 56 of the AML/CFT Act.
- AML/CFT Programme Guideline (PDF, 438KB)*
- AML/CFT Programme Guideline (Word, 564B)
Developing an AML/CFT programme is the next step after conducting a risk assessment. It involves developing the procedures, policies and controls to manage and mitigate money laundering and terrorism financing risks. A reporting entities AML/CFT programme must be based on their risk assessment.
Risk Assessment Guideline
The AML/CFT Risk Assessment Guideline is designed to help reporting entities conduct a risk assessment, as required under section 58 of the AML/CFT Act.
- Risk Assessment Guideline (PDF, 155KB)*
- Risk Assessment Guideline (Word, 1.3MB)
A risk assessment is the first step a business must take before developing an AML/CFT programme. It involves identifying and assessing the risks the reporting entity reasonably expects to face from money laundering and terrorism financing. Once a risk assessment is completed, a reporting entity must then put in place an AML/CFT programme that manages and mitigates these risks.
AML/CFT Risk Assessment and Programme: Prompts and Notes for DIA reporting entities (Prompts and Notes)
This guideline provides reporting entities with a series of questions, supervisory expectation, reference material and suggested best practice that will help guide their risk assessment and programme. It provides a starting point, which can be supplemented with more detailed information provided by DIA supervisors. This guideline can be used by all DIA-supervised reporting entities, both small and large.
This guideline is not mandatory. Reporting entities may choose to use alternative methodologies to conduct their risk assessment and develop their programme.
Terrorism Financing Risk Summary
Reporting entities must identify, assess, and mitigate their TF risks through their compliance programme. This risk summary provides an overview of Terrorism Financing risk factors relating to sectors supervised by the Department of Internal Affairs.
New Zealand remains exposed to Terrorism Financing risk; even small-scale financing within New Zealand could have significant impact. Terrorism financiers may manipulate New Zealand structures using methods similar to money launderers.
- Terrorism financing Risk Summary (PDF, 355KB)
Financial Institutions Sector Risk Assessment – December 2019
The Financial Institutions Sector Risk Assessment (SRA) is a review of the characteristics of the sectors covered by the AML/CFT Act including remitters, virtual asset service providers, payment providers, lenders and other financial institutions. This document is intended to help AML/CFT supervisors understand the money laundering and terrorism financing risks across these sectors and assist reporting entities by providing guidance on the specific risks and vulnerabilities relevant to their business.
Guidance: New AML/CFT regulations for Virtual Asset Service Providers (VASPs) – July 2024
This guidance is designed to inform and assist virtual asset service providers (VASPs) of the various changes to the requirements of the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 and associated regulations. The new regulations relate to VASPs wire transfer, prescribed transaction reporting and occasional transaction requirements.
Guidance: New regulations for Virtual Asset Service Provider (PDF, 167KB)
Customer due diligence
In this section:
- Beneficial Ownership Guideline (updated April 2024)
- Customer Due Diligence: Companies Guideline (updated April 2024)
- Customer Due Diligence: Trusts Guideline (updated May 2024)
- Customer Due Diligence: Limited Partnerships Guideline (NEW April 2024)
- Customer Due Diligence Fact Sheets
- Identity Verification Code of Practice
- Enhanced Customer Due Diligence (updated April 2024)
- Outsourcing Customer Due Diligence
- Nominee Directors and Nominee General Partners
Beneficial Ownership Guideline (updated April 2024):
A key task in meeting the requirements of the AML/CFT Act is to identify and verify customers’ beneficial ownership arrangements. This guideline is to assist reporting entities in meeting the requirement to perform customer due diligence on the customer and beneficial owners of the customer.
- Beneficial Ownership Guideline (PDF, 523KB)*
Customer Due Diligence: Companies Guideline (updated April 2024):
- Customer Due Diligence: Companies Guideline (PDF, 242KB)*
Customer Due Diligence: Trusts Guideline (updated May 2024):
- Customer Due Diligence: Trusts Guideline (PDF, 258KB)
Customer Due Diligence: Limited Partnerships Guideline (NEW April 2024):
- Customer Due Diligence: Limited Partnerships Guideline (PDF, 268KB)*
Customer Due Diligence Fact Sheets:
These fact sheets are designed to help reporting entities understand the identification and verification requirements for different types of customers. The fact sheets should be read in conjunction with the beneficial ownership guideline.
On 9 July 2021 the Anti-Money Laundering and Countering of Financing of Terrorism (Requirements and Compliance) Amendment Regulation came into force. The companies and partnerships guidance assists reporting entities to understand and implement the requirement to undertake customer due diligence for nominee directors and nominee general partners.
- Acting on behalf of others (PDF, 155KB)*
- Acting on behalf of others (Word, 1MB)
- Clubs and societies (PDF, 78KB)*
- Clubs and societies (Word, 1.1MB)
- Companies (See Companies Guideline above)
- Co-operative - Pending update (PDF, 76KB)*
- Co-operative - Pending update (Word, 1.1MB)
- Partnerships - Pending update (PDF, 196KB)*
- Partnerships - Pending update (Word, 346KB)
- Clarification of the position the AML/CFT supervisors are taking with respect of the AML/CFT Act interpretation of trust as a customer (PDF, 130KB)*
- Clarification of the position the AML/CFT supervisors are taking with respect of the AML/CFT Act interpretation of trust as a customer (Word, 1MB)*
Enhanced Customer Due Diligence Guideline (updated April 2024)
This guideline assists you to conduct enhanced customer due diligence (EDD) on your customers under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (the Act).
- Enhanced Customer Due Diligence Guideline (PDF, 348KB)*
Outsourcing Customer Due Diligence
Outsourcing CDD typically occurs during the onboarding process for a new customer. While these providers can provide a useful service, we want to remind reporting entities that outsourced CDD does not exist in isolation from their wider CDD procedures and obligations.
- Outsourcing your CDD requirements (PDF, 142KB)*
Identity Verification Code of Practice
Amended Identity Verification Code of Practice 2013
On 10 October 2013 an Amended Identity Verification Code of Practice was gazetted under section 64 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act). The amendments come into force on 1 November 2013.
- Amended Identity Verification Code of Practice 2013 (PDF, 131KB)*
- Amended Identity Verification Code of Practice 2013 (Word, 1.1MB)
Explanatory Note (updated August 2023)
The Explanatory Note clarifies requirements for electronic identity verification in accordance with the Amended Identity Verification Code of Practice 2013
- Explanatory Note (PDF, 232KB)*
- Explanatory Note (DOCX, 232KB)*
This August 2023 update replaces the previous version published in July 2021.
Guidance on Expired Passports for Identification in Customer Due Diligence
This factsheet outlines how to use expired passports for identification purposes in accordance with the Amended Identity Verification Code of Practice 2013:
- Guidance on Expired Passports for Identification in Customer Due Diligence - WORD version (DOCX, 168KB)
- Guidance on Expired Passports for Identification in Customer Due Diligence - PDF version (PDF, 156KB)
Factsheet: Birth Certificates with Redacted Information
This document outlines the position the AML/CFT Supervisors have taken on birth certificates with redacted information (other than name and date of birth) as a form of identification under the Identity Verification Code of Practice.
- Factsheet: Birth Certificates with Redacted Information - WORD version (DOCX, 265KB)
- Factsheet: Birth Certificates with Redacted Information - PDF version (PDF, 179KB)
Statement of Kiwi Access Card
This document outlines the position the AML/CFT Supervisors have taken on the kiwi access card as a form of identification for the purposes of Identity Verification Code of Practice.
- Statement on the Kiwi Access Card (PDF, 468KB)
Annual reports
Annual Reports for Financial Institutions and Casinos - updated June 2021
The annual report is a requirement under section 60 of New Zealand's Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
The User Guide: AML/CFT Report is designed to help reporting entities complete their annual reports. The form and content of the annual report is prescribed inthe Anti-Money Laundering and Countering Financing of Terrorism (Requirements and Compliance) Amendment Regulations 2017 – see schedule 2.
For more information about how to do this, including videos, see:
Audit Guideline
This guidance is to help reporting entities:
- understand the AML/CFT audit requirements in terms of the AntiMoney Laundering and Countering Financing of Terrorism Act 2009; and
- undertake an effective and credible audit of their risk assessment and AML/CFT programme.
This guidance will also be useful to persons who perform audits of risks assessments and AML/CFT programmes of reporting entities.
New regulations come into force on 9 July 2021 which will amend the audit timeframe from every 2 years to every 3 years. As of 9 July 2021, your next audit is due within 3 years of your last audit report. Please refer to the Audit section in the FAQs for further information on the audit timeframe change.
Please note that this guideline was created prior to the timeframe change from 2 years to 3 years so there will still be references to the outdated timeframe while we are in process of updating this document.
NZ Police Financial Intelligence Unit National Risk Assessment
The Financial Intelligence Unit of the New Zealand Police has released the National Risk Assessment (NRA) and a support document under the AML/CFT Act 2009.
The NRA is designed principally for the use of the Ministry of Justice, AML/CFT supervisors, and the New Zealand Customs Service. The NRA may also be useful to reporting entities in understanding the broader picture of money laundering and terrorist financing risks at a national level.
The NRA can be found on the Police website.
Territorial Scope of the AML/CFT Act 2009
This guideline is designed to help reporting entities understand the territorial scope of the AML/CFT Act and assist them to determine whether they have obligations under the Act.
- Territorial Scope of the AML/CFT Act 2009 (PDF, 144KB)*
Wire Transfers
This guideline is designed to help reporting entities understand the definition of wire transfer under the AML/CFT Act and sets out the minimum requirements for parties to a wire transfer.
- Wire Transfers (PDF, 142KB)*
- Wire Transfers (Word, 1.1MB)*
Country Risk and Sanctions
This guideline is designed to help reporting entities supervised by DIA who deal with other countries:
- assess the money laundering and terrorism financing risks related to those countries
- determine whether a country has insufficient AML/CFT systems or measures in place
- determine whether another entity is resident in a country with sufficient AML/CFT systems in place and supervised or regulated for AML/CFT purposes (for the purpose of forming a designated business group).
- Assessing Country Risk Guideline - March 2024 (PDF, 504KB)
- Assessing Country Risk Guideline - March 2024 (DOCX, 394KB)
A general guideline produced in 2012 by the AML/CFT Supervisors for all reporting entities to decide when assessment of another country’s AML/CFT regulatory environment is required and how to undertake this assessment, is also available here.
- Countries Assessment Guideline (PDF, 138KB) *
- Countries Assessment Guideline (Word, 222KB)
Russia Sanctions
May 2024 Update
New guidance for circumstances where a duty holder has frozen the assets or blocked transactions of a customer under the Russia Sanctions Act 2022, where a duty holder may wish to provide a justification to their customer for their actions.
New Guidance note: For Russian Sanctions Act duty holders (PDF, 100KB)
September 2023 Update
Duty holders for AML/CFT purposes are also duty holders under the Russia Sanctions Act 2022. The Act imposes three types of obligation on duty holders.
Read more here: Russia sanctions update for DIA- duty holders
March 2022 Update
Te Tari Taiwhenua Department of Internal Affairs, the Financial Markets Authority and Reserve Bank of New Zealand have issued this joint guidance for reporting entities in relation to the Russia Sanctions Act 2022: Impact of Russia Sanctions on AML/CFT reporting entities (PDF, 429KB)
More information on the 2022 update can be found here: Russia Sanctions Act
Designated Business Groups Guidelines
Designated Business Group - Scope Guideline (updated October 2022)
This guideline is designed to assist reporting entities to understand which obligations may be shared by members of a designated business group.
- Scope Guideline (PDF, 287KB)*
- Scope Guideline (Word, 484KB)
This October 2022 update replaces the previous version published in 2017.
Designated Business Group - Formation Guideline (updated October 2022)
This guideline is designed to help reporting entities understand the process for forming a Designated Business Group. This guideline also explains the process for notifying an AML/CFT supervisor about the formation of, or change to, a designated business group and provides the forms for doing so.
- Formation Guideline (PDF, 237KB)*
- Formation Guideline (Word, 565KB)
This October 2022 update replaces the previous version published in 2020.
NZ Financial Intelligence Unit (FIU)
Please visit https://fiu.police.govt.nz if you require goAML assistance with:
- How to register a new entity
- How to register a new user to an existing entity
- Useful frequently asked questions
Once logged into goAML further guidance and e-learning training is available by selecting the “?” icon on the blue task bar.