New Zealand AML/CFT Compliance Updates To Require A Customer Risk Rating Model

The Financial Markets Authority has issued the AML/CFT Customer Risk Rating Guideline. The Department Internal Affairs, another AML/CFT Supervisor, has set its boundaries of what regulatory expectation looks like for a Customer Risk Rating Model.

Regulation 12AC

Regulation 12AC came into force on 1 June 2025 and relates to obligations under the Anti-Money Laundering and Countering Financing of Terrorism Act.

Businesses that are captured under the Anti-Money Laundering and Countering Financing of Terrorism Act must now rate customers (interchangeably referred to as clients) and retain record keeping of the Customer Risk Rating Model.

Fast Implementation

AML360™ has a demonstrable solution for all sized businesses. Our systems allow businesses to quickly implement a reliable and tested risk-based solution.

Providing a flexible scorecard and risk matrix model, risk configurations are easily updated to meet sector environment changes and regulatory updates.

AML/CFT Risk Score Card

The term Risk Score Card and Risk Matrix can be used interchangeably.

The Score Card may in practice refer to the Risk Indicator level with a score of 1 for Very Low and a score of 5 for Very High. In between may be Low, Medium and High.

The Score Card reflects the risk level that either increases (drives upward) or reduces (drives downward) the overall risk level.

Where Score Cards reflect the individual risk sources, the Risk Matrix reflects the overall Risk Range.

AML/CFT Ongoing Monitoring

A Customer Risk Rating will feed into the frequency of Ongoing Monitoring and Reporting.

Customer Risk Rating Reports and Ongoing Monitoring Records need to be maintained to demonstrate decision-making.

AML/CFT Auditors and AML/CFT Supervisors will expect to test adequacy.

Risk-Based Approach

There does not need to be perfection in a risk-based approach. The AML/CFT Act expects reasonable adequacy.

Ongoing Monitoring and Reporting should reflect that the Customer Risk Rating is in alignment with the Account Activity. When the risk levels of the account activity increase – so too should the Customer Risk Rating. When the risk levels of the account activity or products services decrease – so too should the Client Risk Rating.

Case Management and Escalations

Case Escalation systems should be available to enable the Anti-Money Laundering Compliance Officer to make determinations of whether a ‘red flag’ triggers suspicious activity.

Customer Risk Ratings and Ongoing Monitoring

This is where the real elbow grease starts with an AML/CFT compliance framework.

If the business operations rely on labour intensive systems, then AML/CFT Compliance costs will likely be high. Not only will AML/CFT compliance costs be high, but AML/CFT compliance efficiency will likely be low.

Labour Intensive Processes Push Up Costs

AML/CFT compliance frameworks rely heavily on data management and risk decision-making. The process of decision-making is required to be demonstrated.

Humans cannot think very fast when determining a lot of difference data sources. To streamline AML/CFT compliance, data science and data reporting systems are necessary. AML360™ AML/CFT regulatory technology combines data analysis and reporting to assists AML/CFT compliance efficiency, reduce operational cost and protect business brand.

Ongoing Monitoring Requires Flexibility

A Customer Risk Rating Model needs to have flexibility. This flexibility should enable Risk Score Cards and Risk Appetites to adjust to the business environment and regulatory updates.

Regulatory updates may come from Sector Risk Assessments, National Risk Assessments, Codes of Practice or Guidelines. The quicker an AML/CFT Programme can adjust to these changes, the better the level of regulatory compliance.

AML360™ Regulatory Technology

Don’t make the mistake of leaving AML/CFT compliance on the back-burner.

Take control, reduce operational costs and gain compliance efficiency with AML360™.

Our Customer Risk Rating Models are flexible to the Nature, Size and Complexity of business and industry sectors.

AML360™ incorporates testing reports to support your risk rating methodology.

Don’t waste time or take regulatory risk with labour-intensive processes.

Get in Touch for a FREE TRIAL.

© Scoop Media