What are my AML/CFT obligations?

Most financial advisers have some level of AML/CFT obligation and must take that obligation seriously. The degree of obligation and how it is exercised is determined by the type of financial adviser, the products they deal with and their position within the reporting entity.

Therefore, it is recommended that every financial adviser have at least a basic understanding of the Anti Money Laundering and Countering Financing of Terrorism Act 2009 (hereafter referred to as the AML/CFT Act). Those who have more in-depth obligations – especially AFAs or other entities who deal with category 1 products – should undertake enhanced AML/CFT training. Strategi Institute has training packages that can be used to up-skill financial advisers and staff.

reporting entity has additional obligations under the AML/CFT Act. This will require more than just knowing about the AML/CFT Act.

Do I have an AML/CFT obligation?

Use this simple table to find out if you have any sort of AML/CFT obligation:

Your situation Directors' responsibilities under the Companies Act 1993 Financial Advisers Act 2008 AML/CFT Act 2009 Crimes Act 1961 Code of Professional Conduct for Authorised Financial Advisers
All NZ residents       Y  
Directors of companies (not being reporting entities) Y     Y  
Directors/senior managers of a reporting entity Y   Y Y  
AFAs (non-category 1 products)   Y Y Y Y
AFAs dealing in category 1 products   Y Y Y Y
AFAs not acting as intermediaries for their clients to buy financial products   Y   Y Y
Other entities dealing in category 1 products (e.g. QFEs)   Y Y Y  


  • Companies Act 1993 requires that directors ensure their companies are trading legally plus reasonable steps are taken to identify and mitigate risk. This means they should be aware of money laundering/financing terrorism (ML/FT) and have procedures in place within the company to meet their legal obligations
  • Financial Advisers Act 2008 requires all financial advisers and brokers to engage in conduct that will encourage public confidence in the professionalism and integrity of financial advisers and brokers. Financial advisers and brokers are an integral part of the financial system. This means they should have knowledge of and adhere to the requirements of the AML/CFT in order to contribute towards enhancing public confidence in the financial system.
  • AML/CFT Act 2009 requires reporting entities to meet specific obligations such as developing a risk assessment, AML/CFT programme and being audited every two years. Those who are employed in the reporting entity must follow the rules and procedures of that reporting entity relating to AML/CFT.
  • Crimes Act 1961 makes it illegal to undertake money laundering and financing of terrorism. This applies to everyone in NZ.
  • Code of Professional Conduct requires AFAs under Code Standard 14 to have the competence, knowledge and skills to provide the service plus Code Standard 15 requires AFAs to have knowledge of the Code, the FA Act and other legal obligations relevant to being an AFA. This means they need to know the basics of the AML/CFT Act.

Satisfying the requirements of the AML/CFT Act

Under the AML/CFT Act, it is possible for your business to discharge your compliance obligations relating to the development of a risk assessment and a documented AML/CFT programme. This is because if you are a reporting entity by virtue of being an AFA, then it is likely the business you provide the advisory services through will also be a reporting entity.

Consider the following example:

Joe Blogg of Joe Blogg Financial Services Ltd is an AFA authorised to provide the following financial services:

  • Wholesale and/or generic finacnial adviser service
  • Keeping, investing, administering, or managing money, securities, or investment portfolios on behalf of other persons

Joe Blogg Financial Services Ltd is also registered to provide:

  • Keeping, investing, administering, or managing money, securities, or investment portfolios on behalf of other persons
  • Wholesale and/or generic financial adviser services
  • As an employer or principal of a financial adviser and/or qualifying financial entity

In the example, both Joe Blogg and Joe Blogg Financial Services Ltd are reporting entities having obligations under the AML/CFT Act. Joe still has to comply with the AML/CFT Act but the responsibility for undertaking the risk assessment and development of written policies/procedures can be undertaken by his company Joe Blogg Financial Services Ltd to avoid duplication.

This implies if you are working as an AFA in a small advisory business then your business can develop the AML/CFT process. However, as an AFA, you should ensure that your business does develop those processes within the defined timeframe.

If Joe Blogg operates as a sole trader then the obligations will apply to him in his individual capacity.

Financial advisers’ key AML/CFT obligations

If you are a reporting entity, your key AML/CFT obligations are:

  • A written risk assessment.
  • An AML/CFT programme including your policies, procedures, and controls for:
    • Managing and mitigating the risks identified in the risk assessment.
    • Vetting of staff (if you have any).
    • Training of relevant staff (if you have any).
    • Applying appropriate customer due diligence (CDD).
    • Reporting suspicious transactions (STR).
    • Ensuring adequate record keeping.
    • Maintaining AML/CFT programme up-to-date.
    • Preventing products and/or transactions that favour anonymity being used for money laundering or financing of terrorism.
    • Ensuring your business adheres to its AML/CFT programme.
    • Reviewing your AML/CFT programme and getting it audited.

Consequences for non-compliance with AML/CFT Act

A reporting entity that fails to comply with the various requirements of the AML/CFT Act may face penalties ranging from a formal warning or enforceable undertakings (this is an undertaking of a certain course of action a reporting entity makes to an AML/CFT Supervisor, which is enforceable by law) to serious criminal and civil penalties. These could range from fines up to $200,000 for an individual (up to $2 million for entities). Examples of breaches could include failure to conduct CDD as prescribed, failure to establish, implement, or maintain an AML/CFT programme, failure to keep records, etc.

Certain offences (e.g. relating to suspicious transaction reports) could attract a fine up to $300,000 and/or a term of imprisonment up to 2 years for individuals and a fine up to $5 million for an entity.

Note: The information on offences and penalties provided above is simply for illustrative purposes and not an exhaustive list of offences and penalties under the AML/CFT Act. Refer to Part 3, ‘Enforcement’, of the AML/CFT Act for complete information relating to offences and penalties.

Need help?

Strategi Institute has produced a comprehensive manual which will assist AFAs and owners of small to medium-sized financial adviser businesses to understand their AML/CFT obligations and to undertake and document an acceptable risk assessment and AML/CFT programme. The manual guides the user via a series of checklists, guidance notes, templates and appendices along the route to AML/CFT compliance.

Strategi Institute also offers AML/CFT training for financial advisers, staff, networks and QFEs.

Strategi Ltd can be engaged to provide specialist assistance with the development and maintenance of your AML/CFT programme, or to be the AML/CFT auditor of your business.