Businesses covered by the AML/CFT (anti-money laundering and countering financing of terrorism) regime are known as reporting entities. If you operate a business that is a reporting entity you need to appoint a compliance officer to administer and maintain your AML/CFT programme.
The AML/CFT compliance officer is a key role in any organisation and any appointment to that role needs to be carefully considered. It is not a matter of simply assigning an employee, or yourself, to this role to demonstrate compliance with the Anti-Money Laundering and Countering Financing of Terrorism Act.
This is a critical role reporting to senior management. A senior manager is a company director or anyone in your business in a position to influence the management or administration of the business.
Another key element of the compliance officer’s role is liaison with the AML/CFT supervisor appointed for your business (the Department of Internal Affairs, the Reserve Bank, or the FMA, depending on the nature of the business). The appointee is the key contact between the AML/CFT supervisors and your business, and needs to be able to demonstrate they are competent to fill the position.
The compliance officer is responsible for administering and maintaining your AML/CFT programme and therefore they must be suitably qualified, with the influence to make recommendations to the board. It is very important that the board is fully aware of its obligations and therefore the AML/CFT compliance officer should regularly brief the board, discuss AML/CFT matters that may arise during the course of business, and update the board with any new legal obligations as they arise. For any AML/CFT-related queries from staff members, the compliance officer is the main point of contact.
To be able to identify the potential areas of most risk to the business, the compliance officer must fully understand the business and its clients. This is essential when writing and/or updating the risk assessment and compliance programme of the business.
The compliance officer must be an employee unless your business has no employees, in which case the role can be performed by you or by an external service provider. If your business is small, the position could be part-time, filled by an existing employee with the right level of seniority.
Because the AML/CFT compliance officer is a role with serious obligations, a number of things need to be done before an appointment is finalised:
- Prepare a role description, outlining responsibilities and authority
- If the appointee is an existing employee, update their employment agreement to include the new responsibilities. If the appointee is a new employee, include the new responsibilities in their employment agreement
- Vet the appointee by checking their background to determine their suitability for the role, making sure they are who they say they are and the information they have provided is correct. Follow up character references and do credit and police checks. If the appointee is an existing employee and was vetted at the time they were recruited, do the checks again as their circumstances may have changed between then and now
- Train the appointee on the AML/CFT legislation, regulations, and how to perform the obligations of their role
Next in the Dirty Money Series: Conducting a risk assessment
An AML/CFT risk assessment must:
- Enable the reporting entity to determine the level of risk involved in relation to its AML/CFT obligations
- Identify the risks faced by the reporting entity in the course of its business
- Describe how the reporting entity will ensure that the assessment remains current
- All of the above
Hint: Before conducting customer due diligence or establishing an AML/CFT programme, a reporting entity must first assess the risk of money laundering and the financing of terrorism it may reasonably expect to face in the course of its business.