AML Case Study

The Jiaxin Finance Investigation

Lan’s Enterprise Limited Training Program

Presented by: Angela Ji Contact: aml@gmfinance.co.nz Emergency Hotline: +64 09-309-8808

Training Objectives

  • Understand the Jiaxin Finance DIA investigation and its context
  • Identify the compliance failures that triggered regulatory action
  • Recognise the enforcement pathway DIA follows for money remitters
  • Apply the lessons learned to LEL’s own compliance operations
  • Reinforce the importance of proactive compliance over reactive remediation

Overview

  • DIA conducted a compliance investigation into Jiaxin Finance, a money remitter
  • Investigation revealed systemic AML/CFT compliance failures
  • Case is part of DIA’s escalating enforcement posture against non-bank reporting entities
  • Money remitters remain a high-priority supervisory target for DIA
  • Follows a pattern of enforcement actions against remitters: Ping An Finance, Lidong Foreign Exchange, NZForex

DIA Enforcement Context

Money remitters under the spotlight

  • The AML/CFT Act 2009 applies equally to all reporting entities — banks and non-banks alike
  • DIA has explicitly signalled that money remitters face heightened scrutiny
  • Remittance sector is identified as high-risk for money laundering due to:
    • High-volume, cross-border cash flows
    • Customer base often involving migrant remittances
    • Potential for structuring and layering
    • Variable compliance maturity across the sector

DIA Enforcement Pathway

Escalating regulatory tools

  1. Educational guidance — informal engagement
  2. Directions — formal requirement to act
  3. Formal warning — public record under s80
  4. Civil penalty — pecuniary penalty order
  5. Criminal prosecution — for knowing or reckless breaches

“Money remitters should expect stronger action for serious breaches. DIA uses escalating enforcement tools — from educational guidance through to prosecution.”

— Mike Stone, Director AML/CFT Group, DIA

Background of Jiaxin Finance

  • Money remittance and currency exchange business operating in New Zealand
  • Reporting entity under the AML/CFT Act 2009 since the regime’s commencement
  • Provided international money transfer services, primarily serving communities with links to China and Southeast Asia
  • Required to maintain a full AML/CFT compliance programme, conduct CDD, monitor transactions, and keep records — the same obligations that apply to LEL

What Makes Remitters High-Risk?

Inherent vulnerabilities

  • Cash-intensive operations — difficult to verify source of funds
  • Cross-border corridors — high-risk jurisdictions, variable sanctions regimes
  • High transaction volumes — monitoring must be systematic, not manual
  • Customer base — may include politically exposed persons, high-net-worth individuals, and informal value transfer systems
  • Competitive pressure — speed and convenience can override compliance checks

DIA Investigation Findings

How the investigation began

  • DIA initiated a supervisory review of Jiaxin Finance
  • Triggered by intelligence and risk-based supervisory selection
  • On-site inspection revealed significant gaps in compliance infrastructure
  • DIA issued a section 132 notice requiring production of compliance records
  • Investigation expanded from targeted review to full-scope compliance assessment

Compliance Failures Identified

Five areas of non-compliance

  1. AML/CFT Programme — failed to establish, implement and maintain an adequate programme
  2. Customer Due Diligence — deficient CDD processes, including failure to verify identity and beneficial ownership
  3. Enhanced CDD — failure to apply ECDD for high-risk customers and transactions
  4. Transaction Monitoring — insufficient monitoring to detect suspicious activity and trigger SAR obligations
  5. Record Keeping — failed to maintain records as required by the Act

Failure 1: AML/CFT Programme

  • Programme existed on paper but was not effectively implemented
  • Risk assessment was outdated and did not reflect actual business operations
  • Policies and procedures were generic — not tailored to the remittance sector’s specific risks
  • No evidence of regular programme review or board-level oversight
  • Compliance officer role was nominal — lacked authority and resources

A programme that exists on paper but is not implemented is a breach — not a partial compliance.

Failure 2: Customer Due Diligence

  • CDD was incomplete for a significant proportion of customers
  • Identity verification documents were missing or expired
  • Beneficial ownership was not identified for corporate customers
  • No evidence of ongoing CDD — customer files were not reviewed or updated
  • CDD was treated as a one-time onboarding exercise rather than a continuous obligation

Failure 3: Enhanced CDD

  • High-risk customers were not identified through a risk-rating process
  • No ECDD applied for:
    • Customers transacting through high-risk jurisdictions
    • Complex or unusually large transactions
    • Customers with inconsistent transaction patterns
  • No documented senior management approval for high-risk relationships
  • Risk-rating methodology was absent or inadequate

Failure 4: Transaction Monitoring

  • No systematic monitoring of transactions for suspicious patterns
  • Monitoring was manual and ad hoc — no automated thresholds or alerts
  • No evidence of review or escalation of unusual transactions
  • SAR filing obligations were not met — suspicious transactions went unreported
  • Monitoring did not produce reviewable, dated artefacts

Failure 5: Record Keeping

  • Transaction records were incomplete — unable to reconstruct the full picture of customer activity
  • CDD records were not retained for the required period
  • No audit trail demonstrating compliance actions taken
  • Records could not be produced promptly upon DIA request
  • Gaps in records are treated by the regulator as evidence of non-compliance

The Regulator’s Position

DIA’s enforcement stance on remitters

  • DIA has made clear that the remittance sector is a supervisory priority
  • Ping An Finance [2017] NZHC 2363 — first pecuniary penalty determination under the Act
  • Lidong Foreign Exchange — criminal conviction for money laundering (Ye Hua, 7.5 years)
  • NZForex — formal warning for 3,182 unreported PTRs (March 2025)
  • Jiaxin Finance investigation follows the same pattern: programme failure → CDD gaps → monitoring failure → record-keeping gaps

Enforcement Outcome

  • DIA’s investigation resulted in formal enforcement action against Jiaxin Finance
  • The entity was required to undertake immediate remediation of all areas of non-compliance
  • Public disclosure of the enforcement action — reputational consequence beyond the regulatory finding itself
  • Continued close monitoring by DIA officials during remediation period
  • Independent verification of remediation expected by the regulator

Why Enforcement, Not Just Education?

  • Failures were systemic, not isolated
  • Programme inadeacy was longstanding, not recent
  • CDD and monitoring gaps meant real money-laundering risk was unmanaged
  • DIA’s enforcement pathway is predictable and public — entities had fair warning
  • Education is the first tool; when it fails, escalation follows

“DIA uses escalating enforcement tools. Entities that do not respond to guidance should expect formal action.”

— DIA AML/CFT Supervision

Comparison with Ping An Finance

The precedent that matters

FactorPing An Finance (2017)Jiaxin Finance
SectorMoney remitterMoney remitter
CDD failuresYesYes
SAR failuresYesYes
Record-keeping failuresYesYes
Programme failuresYesYes
OutcomePecuniary penaltyEnforcement action

Ping An Finance established the objective test for suspicion — the same principles apply here

The Objective Test for Suspicion

From Ping An Finance to Jiaxin Finance

“The test of whether a transaction is ‘suspicious’ is objective, and not subjective.”

  • Your personal opinion about whether a transaction is suspicious does not matter
  • The standard is what a reasonable observer would conclude
  • The obligation to report arises when the reporting entity either becomes aware of the facts or by reasonable diligence would have become aware of them
  • Wilful blindness is not a defence

Lessons for Money Remitters

  1. A programme must be living — reviewed, updated, and implemented, not just documented
  2. CDD is a continuous obligation — not a one-time onboarding task
  3. ECDD must be triggered by risk — not applied arbitrarily
  4. Monitoring must produce evidence — system logs alone are insufficient
  5. Records are the audit trail — gaps are treated as breaches
  6. SAR obligations are non-negotiable — the objective test applies regardless of subjective belief

Why This Matters to LEL

We are in the same sector, under the same regulator

  • LEL is a money remitter — the same Act, the same obligations, the same DIA supervisor
  • Our risk profile is directly comparable to Jiaxin Finance
  • DIA’s enforcement actions against remitters are precedent-setting for our business
  • Programme adequacy is non-negotiable — it must be operational, not ceremonial
  • Transaction monitoring must produce evidence of review — not just system logs
  • Record keeping is the regulator’s window into our compliance — gaps are breaches

Self-Assessment: Are We at Risk?

  • When was our risk assessment last reviewed and updated?
  • Can we demonstrate ongoing CDD for every active customer?
  • Do we have a documented risk-rating methodology with ECDD triggers?
  • Does our transaction monitoring produce dated, reviewable artefacts?
  • Can we reconstruct any transaction from our records within 24 hours?
  • Have we filed a SAR whenever the objective test would require it?

If any answer is uncertain, we have work to do

Red Flags Specific to Remitters

  • Unusually large or frequent remittances inconsistent with customer profile
  • Structuring — multiple transactions just below reporting thresholds
  • Customers sending funds to high-risk jurisdictions without clear commercial purpose
  • Third-party funding — transactions paid for by someone other than the customer
  • Rapid in-and-out movement of funds with no apparent economic purpose
  • Customers who are reluctant to provide CDD information or provide inconsistent information

Operational Lessons for LEL

  1. Reconcile transaction counts against PTR filings monthly
  2. Review every high-risk customer file at least annually
  3. Document every monitoring decision — including decisions not to file a SAR
  4. Test CDD completeness with regular sampling — not just at onboarding
  5. Escalate any reconciliation discrepancy or monitoring gap immediately
  6. Brief the Compliance Officer on any pattern that could meet the objective suspicion test

The Cost of Non-Compliance

Financial and non-financial consequences

ConsequenceImpact
Formal warning / penaltyDirect financial cost
Public disclosureReputational damage
Remediation requirementsOperational disruption
Increased supervisory scrutinyOngoing compliance burden
Loss of correspondent bankingBusiness viability risk
Criminal prosecution (individuals)Personal liberty risk

The cheapest compliance is the compliance you do before DIA asks

Voluntary Self-Disclosure

The NZForex precedent

  • NZForex discovered its own PTR reporting gap (3,182 unreported transactions)
  • Voluntarily disclosed to DIA
  • Backfilled all missing reports
  • Commissioned an independent audit
  • Result: formal warning rather than civil penalty

“DIA acknowledges that NZForex has voluntarily disclosed the non-compliance, and we commend NZForex for disclosing the non-compliance, admitting fault and taking steps to resolve the system issue.”

— Serge Sablyak, Director Anti-Money Laundering, DIA

Key Takeaways

  1. Programme implementation beats programme documentation — DIA tests what you do, not what you wrote
  2. CDD is an active, ongoing obligation — not a tick-box at onboarding
  3. Monitoring must be systematic and evidenced — ad hoc review is not monitoring
  4. Record keeping is your compliance proof — no records means no compliance
  5. The objective suspicion test applies — regardless of your subjective belief
  6. Voluntary self-disclosure is the cheapest path — DIA rewards it explicitly
  7. DIA’s enforcement is predictable — read past actions, act before they become yours

Action Items for LEL Staff

  1. Review your customer files for CDD completeness this week
  2. Report any expired or missing CDD documentation immediately
  3. Flag any transaction you believe would meet the objective suspicion test
  4. Document all monitoring decisions — including reasons for not filing a SAR
  5. Complete the AML refresher training if not yet done this quarter
  6. Contact Angela Ji with any questions or concerns — no issue is too small

Contact Information

Questions?

Thank you for your attention

References

  • DIA — AML/CFT Enforcement Actions (dia.govt.nz)
  • AML/CFT Act 2009 — Part 2 obligations (CDD, ongoing CDD, SAR, record keeping)
  • AML/CFT Act 2009 — section 80 (formal warnings)
  • AML/CFT Act 2009 — section 91 (criminal liability for knowing or reckless breaches)
  • Department of Internal Affairs v Ping An Finance [2017] NZHC 2363 — objective test for suspicion
  • DIA Formal Warning — NZForex Limited (18 March 2025)
  • DIA Formal Warning — Hills Real Estate Limited (8 May 2023)