VASPs

Question 1

What does acronym VASP stand for?

Answer 1

Virtual Asset Service Provider

Question 2

What sector is VASP considered to be part of (FI, DNFBP)?

Answer 2

Financial Institutions (FI)

Question 3

Name some of the actions done by FIs?

Answer 3

1. Transferring money/value
2. Currency exchanges
3. Investing funds
4. Administering/Managing funds

Question 4

Deciding on Territorial Scope (Captured by the Act or Not)?

Answer 4

1. NZ register VASP - 1 or more activities in NZ (YES)
2. NZ VASP incorporated/formed - business activity wholly outside of NZ (NOT)
3. Outside NZ VASP actively advertising or soliciting business NZ (YES)

Question 5

Is VASP at high, medium or flow risk for ML/FT activitiesAND Why?

Answer 5

Yes.

Due to: easy access, wide geographic spread of services, and emphasis on anonymity.

Question 6

DIA’s regulatory compliance approach?

Answer 6

1. Monitoring reporting entities for compliance.
2. Providing guidance.
3. Investigating and enforcing compliance.

Question 7

What areas of VASP DIA Supervises?

Answer 7

1. Issuing or Managing the Means of Payment (e.g. issuing own crypto currency).
2. Transferring Money or Value for, or on behalf of, a Customer (e.g. facilitating trade, arranging transactions)

3.

Question 8

What are monitory tools compliance used by DIA?

Answer 8

1. Desk based reviews (DBR) - reviews technical compliance.
2. On-site inspections (OSI) - reviews effective implementation.
3. Review annual reports (AR)
4. Independent Audits (IA)

Question 9

What are enforcement pathways available to DIA for non-compliance?

Answer 9

1. Remediation (minor deficiencies) - set of expected outcomes to be done by RE within set time frame.
2. Formal Warning, restraining injunctions, pecuniary penalty (more serious/deliberate)
3. Criminal Offences (reckless or criminal behaviour)

Question 10

What are Compliance Obligations on VASPs?

Answer 10

1. Appoint Compliance Officer (first step).
2. Conduct Risk Assessment.
3. Create AML/CFT Programme.
4. Submit Annual Reports (AR).
5. Conduct Independent Audits.
6. Save Records.
7. Be aware of requirements for Wire Transfers.

Question 11

What section in the Act requires RE to appoint a Compliance Officer, and what are the requirements?

Answer 11

1. s 56(2)
2. Can perform other functions other than AML/CFT obligations.
3. Must be an employee.
4. Must report to a senior manager.
5. If no employee, can appoint externally.

Question 12

What section requires RE to conduct Risk Assessment, and what are the requirements of Risk Assessment?

Answer 12

A) s 58 (must have written risk assessment).

B) Have regard for:

1. Nature, Size, Complexity.
2. Products and services.
3. Delivery method of products and services.
4. Types of customers you deal with.
5. Countries you deal with.
6. Institutions you deal with.

C) Regularly review and update RA when: material change to the business occurs, its service offerings, its clients base or where deficiencies in the effectiveness identified.