An independent audit is simply a thorough review of the company's risk assessment and compliance program by an independent auditor. The audit is needed to provide the organization with a clear outline of issues requiring urgent attention to ensure regulations are complied with.
Financial regulators use these audits to find cases that are considered to be a violation of AML regulations in the time duration the audit covers.
An independent audit tests the company's KYC
due diligence procedures; employee training; systems for ongoing monitoring and systems for
reporting money laundering activities. Independent audits also review previous audit reports to assess the effectiveness of implemented changes. Section 59(2) of the New Zealand AML/CFT Act
requires an independent audit of risk assessment and AML compliance program every two years or when requested by a supervisor. Criteria for selection
: An independent auditor must have AML expertise and meet regulatory expectations. Under section 59B(3)
, the auditor must not have participated in developing the organization's risk assessment and AML compliance program.
Furthermore, auditors should have adequate resources and look to minimize compliance costs. Adequate experience in developing professional audit processes is a bonus.