The following modules in Anti-Money Laundering Workflows have been reviewed and extensively updated:

• Introduction to AML Workflows
  • Step 1. Understanding the purpose and approach of AML Workflows
  • Step 2. Understanding how to use AML Workflows
• Understanding the Key Features of the AML/CFT Regime
  • Step 1. Understanding the AML/CFT regime — history and international context
  • Step 2. Evolution of the New Zealand AML/CFT law — background and context
  • Step 3. Understanding the purposes of the AML/CFT Act
  • Step 4. Dates for staged implementation of Phase 2
  • Step 5. Understanding the complex nature of the AML/CFT regime
  • Step 6. Key players and government agencies
  • Step 7. Reporting entities’ key obligations and prohibitions
• Understanding Financial Crime — Money Laundering, Terrorism Financing and How it Affects Lawyers
  • Step 1. What is money laundering?
  • Step 2. What are the recognised three stages of a money laundering process?
  • Step 3. What is terrorism financing?
  • Step 4. How are lawyers at risk of money laundering attempts?
• Coverage of Captured Legal Services
  • Step 1. Understand that coverage is “activity-based”
  • Step 2. Recognise the place of lawyers among the types of reporting entity
  • Step 3. Engage with the detail of lawyers’ activities that are captured under Phase 2
  • Step 4. To whom and when do these activities apply?
  • Step 5. Translate legislative coverage into the typical law firm practice areas
  • Step 6. Consider what is carried out in the “ordinary course of business”
  • Step 7. What, if any, exemptions might apply?
  • Step 8. Understand that a designated business group (DBG) relates to a set of individually covered entities
• Reporting of Prescribed Transactions and Suspicious Activities
  • Step 1. Understand the types of reports and issues arising
  • Step 2. Engage with the FIU’s online goAML system
  • Step 3. Design and document a prescribed transaction reporting process
  • Step 4. If relevant, include wire transfers in your ECDD section
  • Step 5. Introduction to suspicious activity reporting
  • Step 6. Design and document a suspicious activity reporting process
  • Step 7. The thorny issue of legal professional privilege and ethical obligations
  • Step 8. Secrecy/non-disclosure around SARs — no “tipping off”
  • Step 9. Other matters deserving attention after making a SAR

The last-mentioned step concerning suspicious activity reports (SARs) is new. Here is an extract:

Step 9. Other matters deserving attention after making a SAR

For most law firms, the experience of having to make a SAR about a client is hopefully a rare event. Compare that with a bank or large financial institution, which may end up making many reports each week about various transactions or elements of suspicion in its customer base.

Having to go through the process of considering a SAR, and what elements have led to a suspicion, even if no SAR eventually results (e.g. because initial suspicion is overcome by legitimate explanations provided), can be a valuable and instructive process.

It is suggested that a checklist of matters to consider afterwards, including a debrief with the relevant lawyers and the firm’s AMLCO [AML/CFT compliance officer], would be good practice. A policy to that effect could be drafted into the firm’s CP [compliance programme] documents.

Ongoing client relationship?

One important consideration after a SAR is made is whether and how the firm can safely continue with the rest of the instructions or client matters that are on foot. It is not automatically a case where the client should not be serviced; indeed, depending on the circumstances there may be an ethical obligation to continue to do so. However, as with Phase 1 financial entities, suspicious activity may lead to close consideration about future services and the nature of the client relationship moving forward. Many banks move swiftly to terminate or revise the terms of client accounts and facilities when they become too risky or troublesome in this area.

The obligations in s 37 of the AML/CFT Act are especially important with regard to situations where a lawyer has been unable to complete a form of necessary CDD [customer due diligence]. In particular, careful thought should be given to the carve-out in s 37(2) for continuing with other non-captured legal services and activities as part of that client relationship.

The NZLS [New Zealand Law Society] has prepared a helpful guide (NZLS “Continuing to act after filing suspicious activity report” <www.lawsociety.org.nz>), which lawyers in the firm and (especially) the AMLCO, should become familiar with.

In DIA [Department of Internal Affairs] Guideline: Lawyers and Conveyancers — Complying with the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (December 2017), available at <www.dia.govt.nz>, the DIA also mentions the internal investigation process leading up to a determination of whether to make a SAR or not. Even if ultimately deciding that no SAR is required, the DIA says (at 21):

“You are also strongly advised to keep any detailed records of your assessment of whether an SAR is required, including any determinations of whether information is legally privileged.”

Checklist of matters to consider after making a SAR

Here are some of the possible matters that could go into a checklist for consideration after making a SAR (but this is not exhaustive; please design a bespoke version for your firm):

• Has the obligation in s 22A of the AML/CFT Act (Enhanced CDD required for certain activities requiring SAR) been adequately addressed?
• Is the firm prepared to handle possible FIU [Financial Intelligence Unit] feedback or requests for further information and records about the SAR? Who is the key contact person/liaison with the FIU if that happens?
• Carry out a debrief meeting with all legal staff affected or involved in the SAR — review the circumstances leading up to the situation, the red flags that were present, the contrary legitimate explanations or theories that may have been available, and any learnings or steps that need to be taken in future.
• Have the obligations in s 37 of the AML/CFT Act (Prohibitions if CDD not conducted) been considered, if relevant?
• Consider with the relationship partner the nature of that particular client work and future relationship or ongoing instructions. Does this raise the risk level that the client now represents to the firm? What approach will be taken if new instructions are forthcoming?
• Should consideration be given to terminating the client relationship (i.e. “de-risking”), and what factors in the NZLS guidance (NZLS “Continuing to act after filing suspicious activity report” <www.lawsociety.org.nz>) come into play given the factual circumstances?
• Review the nature of information obtained at the new client/matter stage. Was sufficient detail gathered that could have given early indication of the issue arising that eventually led to suspicion? Could the new client process be improved, or tweaks made to the firm’s documented CP controls?
• Review the firm’s RA [risk assessment]. Are the listed risks still appropriate? Was the risk that arose and led to suspicion included in the list, or previously thought to be remote and low-risk? A review and update of the RA may well be desirable.
• Have good records and file notes been prepared about the SAR? Where will they be kept for easy access and reconstruction, as required by s 49A of the AML/CFT Act, and potentially in relation to s 51 for RAs?

For the full update and further information, see Gary Hughes Anti-Money Laundering Workflows (online ed, Thomson Reuters) on Westlaw NZ.