Author Royden McGee AML/CFT Consultant
About author

I am an AML/CFT specialist with expertise in audit, risk assessment, compliance frameworks, financial investigations, and practical fraud-prevention strategies. I assists reporting entities design and embed effective, business as usual AML/CFT processes tailored to their operations, ensuring obligations are met in a clear and sustainable way.

Introduction

New Zealand is about to make its biggest change to Anti-money Laundering and Counter Financing of Terrorism (AML/CFT) supervision in more than 10 years. From 1 July 2026, all reporting entities will be overseen by one single AML/CFT supervisor, funded partly by an industry levy. This new supervisor will have stronger powers including onsite inspections and compelled interviews, so firms need to get their systems and documentation in order well before the new regime starts.

Why this matters now

The Ministry of Justice is reshaping the AML/CFT system to reduce unnecessary compliance, while also tightening enforcement and meeting international (FATF) expectations.

Some changes have already taken effect and should be reflected in your current processes:

  • Risk‑based address verification
  • Longer timeframes for submitting SARs and PTRs
  • Risk-based customer verification (via the Statutes Amendment Bill)

The AML/CFT (Supervisor, Levy, and Other Matters) Amendment Bill sets out how the new single supervisor will work, how the levy will be charged, and what new powers the regulator will have. The Select Committee has proposed a firm start date of 1 July 2026, so firms should plan on that basis.

What’s changing (and what to watch)

1. Single supervisor and industry levy

  • The current three‑supervisor model will become one regulator, creating more consistency.
  • A new levy will help fund the regime.
  • Firms should model the financial cost and build it into their compliance budget.

2. Stronger regulatory powers

The new supervisor will be able to:

  • Require interviews
  • Set strict deadlines for information
  • Conduct onsite inspections

This means firms must be able to show real effectiveness, not just tick‑box policies.

3. Customer due diligence (CDD) changes

Already in force:

  • Risk-based identity and address verification
  • Risk-based source of funds/wealth in certain cases
  • Longer timeframes for SAR/PTR reporting

CDD workflows, templates, and QA checks should be updated to reflect these rules.

4. Designated Business Groups (DBGs)

Expected changes will require:

  • Clearer group‑wide AML programmes
  • Stronger governance and oversight
  • Better information sharing across offices or disciplines

This is especially relevant for multi‑office practices or firms with audit, tax, and advisory under one roof.

What this means for professional services firms

Accountants, auditors, and advisors work in high‑trust roles. Regulators will expect:

  • Risk assessments that reflect actual differences in client risk
  • Use of simplified due diligence where appropriate
  • Enhanced due diligence for high‑risk clients
  • Evidence of effectiveness, not just policy wording

Onsite inspections will test what is actually happening in practice.

What to do this quarter

1. Map your reporting entities and DBGs (if applicable)

  • Confirm which parts of your firm are reporting entities
  • Document group structure
  • Appoint a lead entity
  • Set up group‑wide controls and information-sharing protocols

2. Update your CDD policies and procedures

  • Embed the new risk‑based verification rules
  • Update templates, forms, and audit trails
  • Ensure quality assurance checks prove balance and effectiveness

3. Prepare for onsite inspections

Create an inspection‑ready folder containing:

  • AML/CFT programme
  • Risk assessment
  • Quality assurance results
  • Training records
  • Any remediation actions

Run staff walkthroughs so they know what to expect.

4. Plan budgets and resourcing

  • Include levy costs
  • Prepare for possible increases in monitoring and testing
  • Consider centralising analytics or ongoing monitoring to improve efficiency

In Summary

The shift to a single supervisor is designed to make AML/CFT oversight simpler, stronger, and more consistent. Firms that modernise early with good data, strong governance, and clear evidence of effectiveness will minimise disruption and cost when the new rules take effect. At Moore Markhams, we understand that the audit process can be resource-intensive, requiring considerable time and effort from your team. By finalising the audit before the due date, you can better manage these resources, preventing the last-minute running around, reducing the stress for you and your staff. Efficient resource management leads to smoother operations and a more focused approach to maintaining compliance.

Click here to get in touch.