Formal warnings, updates to legislation, seizing of assets, and reviews of audit reports and more, all featured in the headlines during 2022.
As the year draws to a close, we take a look back at the events which made a splash in the AML world and consider what we can learn from these incidents.
Our round-up of AML news for 2022
1. Police crackdown on gangs
Back in July, as part of Operation Bush, the Money Laundering Team at NZ Police made eight arrests and restrained $6.5 million in assets. The asset seizure included five properties, and two vehicles with a combined worth of $90,000.
This operation highlighted some of the key money laundering vectors in New Zealand – namely high-worth assets such as real estate and vehicles. It also shows how understanding indicators of money laundering in your own industry can help you recognise when customer actions might not fit their profile and need further investigation.
Indicators can include:
- Unexplained wealth that doesn’t fit with the information you have on your client;
- Desire to complete transactions quickly;
- Questions on your AML/CFT procedures;
- Not being able to meet your client, but only dealing with an intermediary; and
- Complex legal structures that do not have an apparent purpose.
Consider also how suspicions are raised and investigated in your business:
- Do you have a way for staff to discreetly highlight any issues that they notice?
- Do you have a record keeping system for investigating potentially suspicious activity? Where is that stored?
- How do you prevent tipping off?
- Do you have a clear understanding of the SAR filing process, and when you need to file?
- Can you access goAML quickly? Or, do you need to set up your goAML access?
2. No respite for Jiaxin Finance
Reasons for the charges were failure to keep adequate records and failure to report over $50 million of suspicious transactions.
This is a sharp lesson for all of us to ensure we stay on top of our record keeping, making sure the correct information is collected and stored, and we don’t fail to report suspicious activity.
3. Tax transfers
Accountants got a little help from The Associate Minister of Justice by allowing a class exemption for tax transfer activities for clients.
This means that entities undertaking tax trading or transfers on behalf of clients will no longer be required to undertake customer due diligence (CDD) on those clients. The exemption is now in force and will be reviewed in 2027.
The Department of Internal Affairs (DIA) also released their guidance on the Tax Transfers Class Exemption.
The key obligations are:
- Filing Suspicious Activity Reports (SARs) when suspicious activity is noted;
- Keeping records of SARs; and
- Carrying out Enhanced Due Diligence (EDD) when SARs are filed.
Where EDD cannot be carried out, the reporting entity must terminate the business relationship, in accordance with section 37 of the Act.
4. Suspicious activity reporting
The Financial Intelligence Unit (FIU) released their 22nd edition of the Suspicious Activity Report for May/June 2022.
A key message from the FIU was that suspicious activity reporting from Phase II entities reduced by around 35%. The FIU were expecting an increase in reporting, however, they did note that the crypto and gambling sectors increased their reporting year on year.
This was a clear message from the FIU for entities to brush up on their red flags, understand their obligations for reporting suspicious activities, and ensure that their teams have a clear procedure for escalating suspicious activity to the compliance officer.
5. Mongrel mob member charged
In August a senior member of the Mongrel Mob was sentenced to jail on charges of money laundering and Class A drug distribution and sales. Michael Ormsby was identified as the financial backer for the commercial distribution of methamphetamine across the Waikato. Ormsby was found to have made $165,000 in profit, despite working to separate himself from the operations and not be actively involved in the enterprise itself.
During a raid in December 2020, NZ Police found $30,000 of cash in his home. It was also found that in excess of $164,000 was deposited into company accounts that were ultimately linked to Ormsby over three years. Ormsby worked at a distance from the operation, but was able to significantly profit from it, by using company structures that obscured his involvement in the distribution of drugs.
A note to all of us that it pays to carry out stringent due diligence processes so that ultimate beneficial ownership can be verified.
6. Gold Corporation ordered to appoint external auditor
In August, AUSTRAC ordered Gold Corporation, also known as Perth Mint, to appoint an external auditor to undertake a review on the AML/CTF obligations of the entity. AUSTRAC identified compliance concerns which led to this order. Perth Mint’s auditor was given 180 days to return the report to AUSTRAC, and they will then examine the entity’s obligations, such as suspicious matter reporting, compliance with Part A of their AML/CTF Programme, and other obligations under the Act.
In New Zealand, the sector supervisors can also make these orders, even if the reporting entity has met their obligations to complete an audit every three years.
7. The US Treasury’s Financial Crimes Enforcement Network (FinCEN) issue a final rule on mandatory reporting beneficial ownership
FinCEN issued a final rule on mandatory reporting beneficial ownership. This rule requires most corporations, limited liability companies, and other entities created or registered in the United States to report information about beneficial owners to FinCEN.
This rule is designed to remove anonymity, and prevent the use of legal structures to create layers of anonymity behind which illicit actors can hide and benefit from their ill-gotten gains.
In New Zealand, opacity on beneficial ownership is being examined, with a regulatory impact assessment released in late 2021 addressing this issue. As this has not yet resulted in new obligations, reporting entities must continue to ensure that they are identifying and verifying beneficial owners and effective controllers.
8. The DIA gets busy reviewing audit reports
The Department of Internal Affairs (DIA) reviewed nearly 40 independent audit reports from reporting entities all over New Zealand, to understand the levels of compliance with the AML/CFT Act from those supervised businesses.
Key findings from the review included the following:
- Risk assessments, particularly on customers and institutions dealt with;
- Policies and procedures on staff training, and monitoring of compliance; and
- Policies and procedures on PEPs, EDD and examining and keeping written records.
The DIA noted that generic templated documentation is still being used, and that in their view, it does not comply with sections 57 and 58 of the AML/CFT Act.
This shows that while some templates may help you structure your documentation, you shouldn’t use them blindly as they can lead to naivety on what risks exist for your individual business.
9. Formal warning for InvestNow
In August, the FMA published a formal warning on InvestNow for failure to fully comply with AML/CFT obligations and requirements.
The warning focused on customer due diligence at all levels, including standard and enhanced customer due diligence, and verification of source of wealth and funds.
The warning highlighted failures to gather the nature and purpose of the business relationship and take reasonable steps to complete identity verification on customers and beneficial owners. The warning also included deficiencies in ongoing CDD.
As reporting entities we know how important getting CDD right is, and if your business dealings are digital and/or very liquid the level of risk you may experience is heightened and should be reflected in your risk assessment procedures.
If you can get it right first time you may be able to avoid enforced remediation and/or fines.
10. Sharesies closing accounts
Sharesies made the move to close down accounts where users hadn’t responded to requests for information under the AML/CFT Act requirements.
Over several months Sharesies worked to gather compliance information from users such as source of wealth and funds, as well as nature and purpose of accounts. Where they didn’t receive a response they began closing the relevant accounts and returned the value to the account owner.
Having this information is a key part of the AML Act so without it, Sharesies had no option but to close accounts. This is a reminder to us all that we shouldn’t hesitate to take action if our due diligence on customers is unable to establish the necessary compliance information.
11. Formal warning for OpenPay
November saw the DIA issue a formal warning to OpenPay Pty Ltd for failure to adequately monitor accounts and transactions.
As often is the case, OpenPay is not alleged to be involved in money laundering but a lack of criminal behaviour will not prevent the authorities from issuing warnings or fines. If you deal with transactions ensure you take a risk-based approach and monitor your customers transactions:
- Make sure transactions are anticipated.
- Ensure processes are set up to manage unexpected transfers.
- Document activity and processes in your compliance programme and make sure you adhere to it.
- If you’re using automated processes, check the accuracy and completeness of the data, make checks and don’t ignore any warnings.
12. Star Pty Limited face civil proceedings
In December, AUSTRAC announced that they commenced civil proceedings in the Federal Court against The Star Pty Limited and The Star Entertainment QLD Limited for alleged serious and systemic non-compliance with Australia’s AML/CTF laws.
The allegations included a lack of a risk assessment, risk-based systems in their AML/CTF programmes, and inappropriate EDD checks on high-risk customers. These oversights allowed customers to move money through opaque payment channels, and Star entities were not cognisant of the sources of that money.
So often breaches in compliance centre around customer due diligence and the level of assessment carried out on clients. It shows the importance of getting CDD right and ensuring enhanced due diligence is used on high-risk clients.
Lessons learned
Here we’ve spoken about just a handful of those who made the news for AML breaches or criminal offences in 2022, there are more. But what we can see from some of these examples is that AML best practices needs to be applied all the time. Ensure the right kind of due diligence is being conducted on all customers, don’t hesitate to report suspicious activity, keep diligent records and monitor transactions thoroughly.