It has released its AML/CFT monitoring report for 2016 to 2018.
The FMA has responsibility for about 500 financial advisers in the AML regime - they make up about two-thirds of its reporting entities.
The FMA said AML/CFT programmes needed to be kept up-to-date, and they had to be appropriate for businesses.
They had to align with processes, business structures, products and services offered. Risk assessments needed to be current and reviewed when changes were made to a business. The assessment should consider the size and complexity of the business, services provided, how they were delivered and the types of customers dealt with.
Director of regulation Liam Mason said reporting entities were at one extreme of compliance or the other.
The FMA had seen some well-documented risk assessments with well-defined rationale as to why certain levels of risk had been assigned to different aspects of risk considered, he said.
But some smaller businesses had clearly had a compliance programme put in place with the help of a consultant. Those were usually "off-the-shelf" and not tailored to the business, he said. All programmes had to be fit for purpose for the size and nature of a reporting entity.
Mason said, in many cases, those programmes offered by consultants were more complex than was needed.
"Very elaborate programmes for very simple businesses" made the FMA think that they would be hard to maintain, he said.
Mason said compliance consultants could be useful to advice firms but the solutions had to be right for each business.
Five years after the regime was introduced, the FMA now expected that people understood what was required, he said.
"We will be more exacting. Already, we are marking harder."
Comments
No comments yet.
Sign In to add your comment