VASPs Flashcards
What does acronym VASP stand for?
Virtual Asset Service Provider
What sector is VASP considered to be part of (FI, DNFBP)?
Financial Institutions (FI)
Name some of the actions done by FIs?
- Transferring money/value
- Currency exchanges
- Investing funds
- Administering/Managing funds
Deciding on Territorial Scope (Captured by the Act or Not)?
- NZ register VASP - 1 or more activities in NZ (YES)
- NZ VASP incorporated/formed - business activity wholly outside of NZ (NOT)
- Outside NZ VASP actively advertising or soliciting business NZ (YES)
Is VASP at high, medium or flow risk for ML/FT activitiesAND Why?
Yes.
Due to: easy access, wide geographic spread of services, and emphasis on anonymity.
DIA’s regulatory compliance approach?
- Monitoring reporting entities for compliance.
- Providing guidance.
- Investigating and enforcing compliance.
What areas of VASP DIA Supervises?
- Issuing or Managing the Means of Payment (e.g. issuing own crypto currency).
- Transferring Money or Value for, or on behalf of, a Customer (e.g. facilitating trade, arranging transactions)
3.
What are monitory tools compliance used by DIA?
- Desk based reviews (DBR) - reviews technical compliance.
- On-site inspections (OSI) - reviews effective implementation.
- Review annual reports (AR)
- Independent Audits (IA)
What are enforcement pathways available to DIA for non-compliance?
- Remediation (minor deficiencies) - set of expected outcomes to be done by RE within set time frame.
- Formal Warning, restraining injunctions, pecuniary penalty (more serious/deliberate)
- Criminal Offences (reckless or criminal behaviour)
What are Compliance Obligations on VASPs?
- Appoint Compliance Officer (first step).
- Conduct Risk Assessment.
- Create AML/CFT Programme.
- Submit Annual Reports (AR).
- Conduct Independent Audits.
- Save Records.
- Be aware of requirements for Wire Transfers.
What section in the Act requires RE to appoint a Compliance Officer, and what are the requirements?
- s 56(2)
- Can perform other functions other than AML/CFT obligations.
- Must be an employee.
- Must report to a senior manager.
- If no employee, can appoint externally.
What section requires RE to conduct Risk Assessment, and what are the requirements of Risk Assessment?
A) s 58 (must have written risk assessment).
B) Have regard for:
- Nature, Size, Complexity.
- Products and services.
- Delivery method of products and services.
- Types of customers you deal with.
- Countries you deal with.
- Institutions you deal with.
C) Regularly review and update RA when: material change to the business occurs, its service offerings, its clients base or where deficiencies in the effectiveness identified.