Page last updated: 21 December 2022


The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act) and its regulations place obligations on New Zealand’s financial institutions to detect and deter money laundering and terrorism financing. Find out if you need to comply and what your obligations are under the AML/CFT Act on this page. 


The three AML/CFT supervisors actively co-operate with each other and with the New Zealand Police’s Financial Intelligence Unit (FIU). FIU also publish guidance information for reporting entities on their obligations to report suspicious activities and prescribed transactions, and how to meet those obligations. To submit a suspicious activity report or a prescribed transaction report please view the goAML website from the New Zealand Police.

  • The FMA supervises designated business groups (DBGs) and reporting entities listed in Section 130 of the AML/CFT Act. 
  • The Reserve Bank supervises banks, life insurers, and non-bank deposit takers.
  • The Department of Internal Affairs covers casinos, non-deposit-taking lenders, money changers and reporting entities not covered by the other supervisors.

The reporting entities supervised by the FMA are listed in Section 130 of the AML/CFT Act. They include:

  • issuers of securities
  • licensed supervisors 
  • derivatives issuers and dealers
  • DIMS providers
  • fund managers
  • client money or property service providers
  • financial advice providers
  • equity crowdfunding platforms
  • peer-to-peer lenders.

The Minister of Justice may grant a range of exemptions to all or any of the AML/CFT Act’s requirements. 

The AML/CFT Act imposes several obligations:

Complete a written risk assessment

Section 58 of the AML/CFT Act requires each reporting entity to assess the risk it may reasonably expect to face of money laundering and financing of terrorism in the course of its business. The AML/CFT Act calls this a risk assessment. 

View Section 58 from New Zealand Legislation, Anti-Money Laundering and Countering Financing of Terrorism Act 2009.

A risk assessment is the first step a business must take before developing an AML/CFT compliance programme. The supervisors have issued a guideline on how to complete a risk assessment. Read the AML/CFT Audit Guideline for risk assessment and AML/CFT programme. 

Put in place a compliance programme

The AML/CFT Act takes a risk-based approach to compliance. Reporting entities (within the limits set by the AML/CFT Act and regulations) have some flexibility to determine the way in which they meet their obligations based on their risk assessment. Once a risk assessment is completed, a business can then put in place an AML/CFT programme that minimises or mitigates these risks.

The AML/CFT programme will set out your procedures, policies and controls for detecting, managing and mitigating the risk of money laundering, and the financing of terrorism your business may reasonably expect to face. The programme must be in writing and based on your risk assessment.

View the AML/CFT programme guideline.

Annual Reports obligation

All reporting entities are required to prepare an annual report on their risk assessment and AML/CFT programme. Information from these reports will provide us with important information on the people and organisations we supervise, and help us:

  • understand the risk of money laundering and financing of terrorism activities in each reporting entity
  • ensure that information we have on our reporting entities is accurate and up-to-date
  • determine the best use of our AML/CFT resources.

Complete your AML/CFT annual report

Independent audit obligation

Each reporting entity must ensure its risk assessment and AML/CFT programme are audited every 2 years or at any other time at the request of the FMA. We may also request a copy of any audit report. You do not need to submit your audit report to us unless we request to see it.

How to get started

  • Engage an independent and qualified auditor early – this is to ensure one is available to assist you.
  • Review and address issues in your risk assessment, AML/CFT compliance programme and supporting policies and procedures internally before the independent audit.
  • Refer to the guidelines and reports and our FAQs that detail specific information on what is necessary to complete your AML/CFT audit.
  • It will take time for your auditor to review your risk assessment, compliance programme, test supporting evidence and prepare an audit report. You should also allow sufficient time (sometimes up to several weeks) to review the audit findings, and agree with the final report.

Prescribed Transactions Reporting (PTR) obligation

From 1 November 2017 reporting entities must submit PTR to the Financial Intelligence Unit (FIU) at the NZ Police.

The Anti-Money Laundering and Countering Financing of Terrorism (Prescribed Transactions Reporting) Regulations 2016 specify the following threshold values for the two types of prescribed transaction:

  • NZ $1,000 or more for an international wire transfer; and 
  • NZ$10,000 or more for a domestic physical cash transaction. 

In the case of an international wire transfer, the first reporting entity to transfer funds, and the last reporting entity to receive funds, must do a PTR. We expect that a reporting entity that receives and/or passes on instructions from a client to do an international wire transfer, but does not actually transfer the funds, is not required to do a PTR. This means that international wire transfers carried out by a bank on behalf of another reporting entity will be reportable by the bank.

If an international wire transfer is settled outside the banking system (for example if a reporting entity carries out a transaction on behalf of a client and as a result money is made available to a beneficiary at another entity in another jurisdiction) the reporting entity must submit a PTR.

Please refer to the FIU website for more information. If you have any further questions please email us at [email protected].

The Minister of Justice (MoJ) has the power to grant a ministerial exemption from any provisions of the Anti-Money Laundering and Countering Financing of Terrorism Act. Exemptions may be granted for businesses, transactions, products, services or customers and may be subject to conditions.

Visit the Ministry of Justice website for further information or to apply for an exemption.

Businesses that appear on the designated business groups (DBG) list have formed a DBG in accordance with the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act) and have notified the FMA of the DBG formation in accordance with the AML/CFT designated business group formation and change guideline PDF.

View the DBG List

About the DBG list

  • Only entities that have completed the necessary forms for notifying the FMA of their election to form or join a DBG are included on this list.
  • The list represents our current population of DBGs and is subject to change from time to time.
  • This list is for information only and the listing of a business does not imply we have approved of the activities of the business and does not certify compliance of the business with applicable legislation.
  • Each reporting entity within the DBG must complete an annual AML/CFT report, however, not all entities with a DBG are necessarily reporting entities. Where they are not reporting entities, we have highlighted them as such.
  • For more information see:

DBG Scope Guidelines

This guideline is designed to help reporting entities assist to make the decision on whether to form a designated business group and understand which obligations may be shared by members of a DBG.

Download Designated Business Group Scope Guidelines PDF.

DBG Formation Guidelines

This guideline is designed to help reporting entities forming a DBG understand the process for doing so. Entities may form a DBG if they are eligible to do so under the AML/CFT Act and associated regulations. This guideline highlights the eligibility criteria and election process and explains the process for notifying an AML/CFT supervisor of the formation of a DBG, any addition or withdrawal of a member, or any change in details. Guidance on information sharing in a DBG is provided in the DBG Scope Guideline.

Download Designated Business Group - Formation and Change Guideline PDF.

Formal warnings under section 80 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act) are issued to reporting entities (including public warnings), for breaches of the AML/CFT Act.

View AML formal warnings in our list of enforcement activity

Latest news

Consultation: AML/CFT Act - Draft regulations public consultation
Consultation published by The Ministry of Justice (the Ministry) on proposed changes to regulations made under the Anti-Money Laundering and Counterin ...
FMA files court proceedings against Tiger Brokers, alleging AML/CFT Act breaches
We have filed civil High Court proceedings against Tiger Brokers for allegedly breaching the AML/CFT Act.
AML/CFT enhanced customer due diligence guideline
The AML/CFT enhanced customer due diligence guideline assists you to conduct enhanced customer due diligence (EDD) on your customers under the Anti-Mo ...
FMA warns InvestNow for AML/CFT deficiencies and failures
FMA has issued a formal warning to InvestNow Saving and Investment Service Limited for failing to comply with anti-money laundering requirements.
Impact of Russia Sanctions on AML/CFT reporting entities
An update from the three AML/CFT Act supervisors to reporting entities on what is required of them under the Russia Sanctions Act 2022.
Outsourcing CDD to a third-party provider
Section 34 of the AML/CFT Act allows a reporting entity to authorise and rely on an agent to conduct CDD procedures on its behalf. Read the guidance.