Cryptocurrency makes an appearance for the first time and is rated 'high risk' in the 2021 Financial Markets Authority (FMA) Sector Risk Assessment on Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT).
Categorised by the FMA as Virtual Asset Service Providers (VASP), cryptocurrency service providers weren't included in the last risk assessment (2017) and encompasses cryptocurrency and token or crypto-asset transactions.
The newly minted category frequently allows for a cloak of anonymity, is global by nature and suited to fast moving, cross-border transactions. This makes virtual assets more challenging to pin down from a regulatory point of view and more vulnerable to criminal use.
The FMA is New Zealand’s financial markets conduct regulator but doesn't regulate cryptocurrencies.
VASPs are primarily supervised by the Department of Internal Affairs (DIA) for compliance with the AML/CFT Act rather than the FMA, which only supervises a small number, but reports on the level of risk associated with a wide range of financial sectors and practices.
James Greig, director of supervision at the FMA, said derivatives were a traditionally risky area because accounts could be opened easily and are able to be held by non-New Zealand residents in higher risk jurisdictions.
The risk assessment assists the entities required to report to the FMA under the AML/CFT regime by helping them understand the level of risk associated with their own category, along with any other trends or emerging issues.
These entities will now be required to carry out an individual risk assessment of their business, based on the latest findings, and plug any gaps in their risk profile.
The risk level of nine categories has not changed since 2017, as per the table below.
“The sectors we supervise are generally expected to be the target of more sophisticated money launderers, as these criminals are familiar with capital markets and financial products. This means it’s essential that entities understand their key risks and take the necessary steps to detect and prevent money laundering and terrorist financing," said Greig.
The FMA includes risk guidance in the assessment, highlighting factors like transaction size, product value, outsourcing, delivery channel, high-risk jurisdictions and the level of trust built with the client.
The sector risk assessment is compiled using information from the Police Financial Intelligence Unit’s current and past National Risk Assessments, and the current sector risk assessments of the Reserve Bank and the DIA, who are the other two supervisors under the AML/CFT Act.