top of page
vincentmccartney

Is your AML CFT service provider legit?

man excited by his computer

Yesterday, New Zealand’s AML/CFT regulators released updated AML/CFT Program Guidelines.


One interesting and important section of this for me is paragraph 125, I assume the regulators see as important too as they felt the need to format it bold.


125. In all circumstances, you are responsible (and liable) for ensuring that the CDD or other AML/CFT functions conducted by a member of a DBG, another reporting entity (or equivalent) or an agent on your behalf, or through a third-party software solution, comply with the Act.


The message in here is important because it highlights that as a Reporting Entity you are responsible for ensuring that the service you may be using, be it outsourcing or 3rd party software tools, complies with the Act. And that there are consequences to not paying attention to who you are using.


Why have the regulators decided to highlight this?


I can hazard a guess that they have seen what I have seen over the past 11-years which is a combination of:


1.      Reporting Entities signing up to a service without doing any due diligence on their provider, thinking that it is a silver bullet to all of their AML/CFT needs.


2.      Unscrupulous service providers in the industry just to make a quick dollar. If a service is a lot cheaper than their competition then there is likely a good reason for this, rather than economies of scale it could be because they’re cutting corners and are not compliant with the Act. You do generally get what you pay for.


So how can you protect yourself and do everything you can to satisfy yourself that the service provider you are using is not only compliant with the AML/CFT Act but also fit for purpose for your business?


  1. Ask the provider for evidence, such as a Due Diligence Pack, that sets out how they believe in their opinion how and why their service is compliant with the Act.

  2. Ask the provider to provide reference customers for you to speak to.

  3. Ask your regulator or AML Advisor for their opinion on the service providers reputation.

  4. Ask the provider for their history? How long have they been around and are they based locally and therefore more attuned to local regulations?

  5. Engage an expert independent 3rd party such as VJMC Consulting to review your options with you.


Feel free to get in touch if you have any concerns regarding your service provider.

Komen


bottom of page