Anti-Money Laundering and Countering Financing of Terrorism Act 2009

57 Minimum requirements for AML/CFT programmes

(1)

A reporting entity’s AML/CFT programme must be in writing and be based on the risk assessment undertaken in accordance with section 58 and include adequate and effective procedures, policies, and controls for—

(a)

vetting—

(i)

senior managers:

(ii)

the AML/CFT compliance officer:

(iii)

any other employee that is engaged in AML/CFT related duties; and

(b)

training on AML/CFT matters for the following employees:

(i)

senior managers:

(ii)

the AML/CFT compliance officer:

(iii)

any other employee that is engaged in AML/CFT related duties; and

(c)

complying with customer due diligence requirements (including ongoing customer due diligence and account monitoring); and

(d)

reporting suspicious activities; and

(da)

reporting prescribed transactions; and

(e)

record keeping; and

(f)

setting out what the reporting entity needs to do, or continue to do, to manage and mitigate the risks of money laundering and the financing of terrorism; and

(g)

examining, and keeping written findings relating to,—

(i)

complex or unusually large transactions; and

(ii)

unusual patterns of transactions that have no apparent economic or visible lawful purpose; and

(iii)

any other activity that the reporting entity regards as being particularly likely by its nature to be related to money laundering or the financing of terrorism; and

(h)

monitoring, examining, and keeping written findings relating to business relationships and transactions from or in countries that do not have or have insufficient anti-money laundering or countering financing of terrorism systems in place and have additional measures for dealing with or restricting dealings with such countries; and

(i)

preventing the use, for money laundering or the financing of terrorism, of products (for example, the misuse of technology) and transactions (for example, non-face-to-face business relationships or transactions) that might favour anonymity; and

(j)

determining when enhanced customer due diligence is required and when simplified customer due diligence might be permitted; and

(k)

providing when a person who is not the reporting entity may, and setting out the procedures for the person to, conduct the relevant customer due diligence on behalf of the reporting entity; and

(l)

monitoring and managing compliance with, and the internal communication of and training in, those procedures, policies, and controls.

(2)

In developing an AML/CFT programme, a reporting entity must have regard to any applicable guidance material produced by AML/CFT supervisors or the Commissioner relating to AML/CFT programmes.

Section 57(1): amended, on 11 August 2017, by section 28(1) of the Anti-Money Laundering and Countering Financing of Terrorism Amendment Act 2017 (2017 No 35).

Section 57(1)(d): amended, on 11 August 2017, by section 28(2) of the Anti-Money Laundering and Countering Financing of Terrorism Amendment Act 2017 (2017 No 35).

Section 57(1)(da): inserted, on 1 July 2017, by section 10 of the Anti-Money Laundering and Countering Financing of Terrorism Amendment Act 2015 (2015 No 96).

Section 57(2): inserted, on 11 August 2017, by section 28(3) of the Anti-Money Laundering and Countering Financing of Terrorism Amendment Act 2017 (2017 No 35).