Our Supervision

Engagement

Supporting reporting entities to prevent harm

Education and engagement are key parts of our work to help businesses understand and implement effective practices to counter money laundering and financing terrorism.

Education and engagement are key parts of our work to help reporting entities understand and implement effective practices to counter money laundering and terrorism financing.

During the 12-month period ending 30 June 2020, we remained focussed on ensuring we provided reporting entities with support to deliver to the intent of the legislation, including publishing guidance material, and delivering webinars and educational training events. We also published articles on our website to help reporting entities keep up to date with emerging trends, reports and relevant news.

Our regulators also provide education on AML/CFT to reporting entities. This is achieved via many channels such as:

  • remediation plans when assessments are completed
  • queries answered through phone calls or emails received
  • visits with reporting entities to provide education about their AML/CFT obligations.
A lady is working with her laptop

Webinars

In 2019 we started creating webinars on specific AML/CFT topics to help educate reporting entities.

So far, the feedback has been positive. We also created a survey where reporting entities could let us know what webinar they would like to see next.

Keeping reporting entities up to date

We try to keep in touch and engaged with the reporting entities we supervise.

Newsfeed

We post important updates and useful AML/CFT articles on the AML/CFT homepage’s newsfeed.

Newsletter

We send a regular newsletter to AML/CFT compliance officers or listed delegates. This newsletter updates reporting entities on new or updated guidance, specific articles on AML/CFT topics, and what is happening in the AML/CFT system.

Previous newsletters can be found on the Department’s website.

Take survey from Survey Monkey website.

Our compliance assessments

Risk-based regulatory approach

See our DNFBPs and Casinos Sector Risk Assessment

Our regulatory approach is risk-based. This means we use intelligence and analysis and apply professional knowledge to target and prioritise our activities to the higher-risk areas for money laundering and terrorism financing.

This does not mean we ignore areas of lower risk. We continue to conduct compliance assessments on reporting entities in lower-risk sectors to ensure they are compliant. This also improves our knowledge of their respective sectors and any emerging risks or issues.

Over the 12 months to 30 June 2020, most of our desk-based reviews were completed on medium and medium-high risk (as stated in the sector risk assessments) reporting entities. This approach also recognised that, during that period, just over half of all our assessments were on sectors most recently onboarded to the AML/CFT Act obligations. These sectors include accountants, law firms and real estate agents.

Risk profile of reporting entities supervised by the Department

This chart uses sector ratings from the Sector Risk Assessments. Please note that individual reporting entity risk ratings vary within sectors.

A bar chart with four vertical bars depicting the risk profile of all Department of Internal Affairs’ reporting entities. The horizontal axis lists the four risk areas from left to right; low risk 3%, medium risk 12%, medium-high risk 77% and high risk 8%. A bar chart with four vertical bars depicting the risk profile of all Department of Internal Affairs’ reporting entities. The horizontal axis lists the four risk areas from left to right; low risk 3%, medium risk 12%, medium-high risk 77% and high risk 8%.
A lady is waving her Credit card over an EFTPOS machine A lady is waving her Credit card over an EFTPOS machine

Assessment type

Desk-based reviews

A desk-based review (DBR) is an assessment of the technical compliance of a reporting entity’s written risk assessment and AML/ CFT programme. These documents are the framework by which a reporting entity can effectively comply with its AML/CFT obligations.

Our desk-based reviews consider up to a total of 33 obligations identified in the AML/CFT Act. Our assessment approach is appropriate to the specific reporting entity, which means there will be instances where certain obligations are not assessed.

When undertaking a desk-based review, we notify the reporting entity in writing and request their AML/CFT documents. Once we have completed our review, we write a report that rates and comments on the technical compliance of these documents.

On-site inspections

An on-site inspection assesses the implementation and effectiveness of a reporting entity’s AML/CFT programme. In other words, the Department checks that a reporting entity is doing what the AML/CFT programme says it is doing.

An on-site inspection is undertaken at the reporting entity’s place of business and involves interviewing the compliance officer, inspecting AML/CFT practices and procedures, sample testing physical and electronic records, and interviewing some staff. In most circumstances, we notify a reporting entity in advance that an on-site inspection is to be scheduled.

On-site inspections may take just a few hours or several days depending on the size, nature and complexity of the reporting entity’s business. After an on-site inspection, we write a report detailing how well the reporting entity is implementing its AML/CFT programme and whether it is effective.

For areas of non-compliance we may provide requirements or make recommendations for how the reporting entity can become compliant. We record those actions as ‘remediation’.

Assessment ratings

Compliant: The reporting entity has met a requirement of the Act and no additional steps are required to achieve ongoing compliance.

Partially compliant: The reporting entity has partly met a requirement of the Act, however additional steps are required to achieve ongoing compliance.

Non-compliant: The reporting entity has failed to meet a requirement of the Act and immediate steps are required to be compliant.

Sector risk profile of DIA reporting entities by compliance assessment

This chart uses sector ratings from the Sector Risk Assessments. Please note that individual reporting entity risk ratings vary within sectors.

A bar chart with six vertical bars depicting the percentage of desk-based and on-site inspections based on the sector risk profiles of Department of Internal Affairs’ reporting entities. The horizonal axis lists three risk ratings from left to right with 3 dark purple columns which represents the 'Desk based reviews': medium risk 37%, medium-high risk 56%, and high risk 7%. Along with 3 light purple columns which represent the 'On-site inspections' ratings from left to right: medium risk 10%, medium-high risk 51%, and high risk 39%. A bar chart with six vertical bars depicting the percentage of desk-based and on-site inspections based on the sector risk profiles of Department of Internal Affairs’ reporting entities. The horizonal axis lists three risk ratings from left to right with 3 dark purple columns which represents the 'Desk based reviews': medium risk 37%, medium-high risk 56%, and high risk 7%. Along with 3 light purple columns which represent the 'On-site inspections' ratings from left to right: medium risk 10%, medium-high risk 51%, and high risk 39%. A bar chart with six vertical bars depicting the percentage of desk-based and on-site inspections based on the sector risk profiles of Department of Internal Affairs’ reporting entities. The horizonal axis lists three risk ratings from left to right with 3 dark purple columns which represents the 'Desk based reviews': medium risk 37%, medium-high risk 56%, and high risk 7%. Along with 3 light purple columns which represent the 'On-site inspections' ratings from left to right: medium risk 10%, medium-high risk 51%, and high risk 39%.

Assessment undertaken

Over the 12 months to 30 June 2020, we completed 200 desk-based reviews and 70 on-site inspections. Over half of all assessments focused on new sectors in the AML/CFT system – Accounting, Legal and Real Estate.

Desk-based reviews accounted for nearly 75% of our assessments, with over one-third of all these assessments being on Non-Bank Non-Deposit Taking Lenders.

On-site inspections predominantly focused on reporting entities in the money remittance, trust and company service provider, legal, real estate and accounting sectors.

Assessment Type by Sector

Table displaying assessment types, desk-based reviews and on-site inspections, by sector. The most desk-based reviews (35%) were undertaken in the non-bank non-deposit taking lender sector. The most on-site inspections (23%) were undertaken in the money remittance sector.
Desk based reviews Onsite inspections
Non-Bank Non-Deposit Taking Lender 35% 7%
Legal 26% 14%
Accounting 14% 10%
Real Estate 14% 21%
Remitters 3% 23%
TCSP 2% 14%
VASP 2% 1%
Casino - 1%
Cash Transport 1% 1%
Other 4% 6%

Assessment outcomes

A bar chart with four vertical bars depicting the assessment outcomes from both desk-based reviews and onsite inspections. The two assessment outcomes are remediation required and no further action. The first bar shows that following a desk-based review, 135 entities required remediation. The second bar shows that following an on-site inspection 42 entities required remediation. The third bar shows that following a desk-based review 65 entities required no further action. The fourth bar shows that following an on-site inspection, 28 entities required no further action. A bar chart with four vertical bars depicting the assessment outcomes from both desk-based reviews and onsite inspections. The two assessment outcomes are remediation required and no further action. The first bar shows that following a desk-based review, 135 entities required remediation. The second bar shows that following an on-site inspection 42 entities required remediation. The third bar shows that following a desk-based review 65 entities required no further action. The fourth bar shows that following an on-site inspection, 28 entities required no further action. A bar chart with four vertical bars depicting the assessment outcomes from both desk-based reviews and onsite inspections. The two assessment outcomes are remediation required and no further action. The first bar shows that following a desk-based review, 135 entities required remediation. The second bar shows that following an on-site inspection 42 entities required remediation. The third bar shows that following a desk-based review 65 entities required no further action. The fourth bar shows that following an on-site inspection, 28 entities required no further action.