News

Editor’s Note: In this month’s installment of our series, the moneylaundering.com legal team reviews Australia and New Zealand’s new focus on cybersecurity, and legislative and regulatory reforms to combat financial crime amid the COVID-19 pandemic.

Australia and New Zealand over the past year have sought to ensure that their financial systems remain operational and shielded from risks linked to heightened digitalization of financial services during the novel coronavirus pandemic.

On Nov. 30, 2020, Australian lawmakers adopted legislation to streamline customer identification, prohibit correspondent relationships with shell banks, and authorize reporting entities to more readily share suspicious matter reports.

Australia’s financial intelligence unit, AUSTRAC, has moved forward with implementing the legislation and issuing guidance on the new requirements for correspondent accounts, customer due diligence, money laundering and terrorist financing risk assessments, board and senior management oversight and reporting suspicious transactions.

The Australian Prudential Regulation Authority has prioritized cybersecurity during the pandemic.

On Nov. 26, APRA unveiled plans to more robustly enforce cyber protocols, improve data-sharing mechanisms and harmonize regulations and supervision of the financial services industry’s online defenses. In a series of speeches, APRA’s chair emphasized the importance of securing cyberspace and managing cyber risks in mutual banking.

New Zealand separately forged ahead with an updated framework for combating financial crime and addressing risks tied to designated non-financial businesses and professions, including by outlining account-monitoring obligations for bookkeepers and flagging anti-money laundering compliance shortcomings in the legal and real estate sectors.

The Financial Action Task Force approved of the upgrades in a mutual evaluation report on April 29, 2020, but advised New Zealand to implement and enforce targeted sanctions, improve collection and distribution of ownership data, allocate sufficient funds towards AML supervision and enforcement, and task its financial intelligence unit with flagging emerging trends and risks.

On June 22, 2020, New Zealand’s Department of Internal Affairs, or DIA, reminded financial institutions of their obligation to complete an independent audit every two years pursuant to the Anti-Money Laundering and Countering Financing of Terrorism Act.

DIA then joined with the Reserve Bank of New Zealand, or RBNZ, and Financial Markets Authority in issuing new guidelines for conducting enhanced due diligence, clarifying when customers’ sources of funds must be identified and verified.

DIA this year has specified the types of financial service providers that fall under AML obligations, assessed the legal and real estate sectors’ adherence to AML norms and vetting of politically exposed persons, and signaled its intention to conduct similar assessments going forward.

The RBNZ has responded to the promulgation of online threats and incidents during the pandemic by stressing the importance of cybersecurity.

On April 28 of this year, three months after disclosing a high-profile data breach incident against a third-party file-sharing provider, the RBNZ formally outlined its cybersecurity expectations for the financial services industry.

Contact Leily Faridzadeh at LFaridzadeh@acams.org