In December 2025, the Reserve Bank of New Zealand sent one of its clearest signals yet to the financial sector. By filing civil proceedings against ASB Bank for breaches of the AML/CFT Act, the regulator made it clear that compliance in name alone is no longer sufficient. What matters now is whether anti-money laundering controls actually work in practice.

This was not a case about proven money laundering or terrorism financing. It was about operational effectiveness, timeliness, and accountability. For banks and financial institutions across New Zealand, that distinction is significant.

The action marks a turning point in how AML compliance will be assessed going forward. It reflects a shift from reviewing policies and frameworks to testing whether institutions can demonstrate real-world outcomes under scrutiny.

What Happened and Why It Matters

The Reserve Bank’s filing outlines multiple failures by ASB to meet core obligations under the AML/CFT Act. These included shortcomings in maintaining an effective AML programme, carrying out ongoing customer due diligence, applying enhanced due diligence when required, and reporting suspicious activity within mandated timeframes.

ASB admitted liability across all causes of action and cooperated with the regulator. The Reserve Bank also clarified that it was not alleging ASB knowingly facilitated money laundering or terrorism financing.

This clarification is important. The case is not about intent or criminal involvement. It is about whether an institution’s AML framework operated effectively and consistently over time.

For the wider market, this is a regulatory signal rather than an isolated enforcement action.

What the Reserve Bank Is Really Signalling

Read carefully, the Reserve Bank’s message goes beyond one bank. It reflects a broader recalibration of supervisory expectations.

First, AML effectiveness is now central. Regulators are no longer satisfied with documented programmes alone. Institutions must show that controls detect risk, escalate appropriately, and lead to timely action.

Second, speed matters. Delays in suspicious transaction reporting, extended remediation timelines, and slow responses to emerging risks are viewed as material failures, not operational inconveniences.

Third, governance and accountability are under the spotlight. AML effectiveness is not just a technology issue. It reflects resourcing decisions, prioritisation, escalation pathways, and senior oversight.

This mirrors developments in other comparable jurisdictions, including Australia, Singapore, and the United Kingdom, where regulators are increasingly outcome-focused.

Why This Is a Critical Moment for New Zealand’s Financial System

New Zealand’s AML regime has matured significantly over the past decade. Financial institutions have invested heavily in frameworks, teams, and tools. Yet the RBNZ action highlights a persistent gap between programme design and day-to-day execution.

This matters for several reasons.

Public confidence in the financial system depends not only on preventing crime, but on the belief that institutions can detect and respond to risk quickly and effectively.

From an international perspective, New Zealand’s reputation as a well-regulated financial centre supports correspondent banking relationships and cross-border trust. Supervisory actions like this are closely observed beyond domestic borders.

For compliance teams, the message is clear. Supervisory reviews will increasingly test how AML frameworks perform under real-world conditions, not how well they are documented.

Common AML Gaps Brought to Light

While the specifics of each institution differ, the issues raised by the Reserve Bank are widely recognised across the industry.

One common challenge is fragmented visibility. Customer risk data, transaction monitoring outputs, and historical alerts often sit in separate systems. This makes it difficult to build a unified view of risk or spot patterns over time.

Another challenge is static monitoring logic. Rule-based thresholds that are rarely reviewed struggle to keep pace with evolving typologies, particularly in an environment shaped by real-time payments and digital channels.

Ongoing customer due diligence also remains difficult to operationalise at scale. While onboarding checks are often robust, keeping customer risk profiles current requires continuous recalibration based on behaviour, exposure, and external intelligence.

Finally, reporting delays are frequently driven by workflow inefficiencies. Manual reviews, alert backlogs, and inconsistent escalation criteria can all slow the path from detection to reporting.

Individually, these issues may appear manageable. Together, they undermine AML effectiveness.

Why Traditional AML Models Are Under Strain

Many of these gaps stem from legacy AML operating models.

Traditional architectures rely heavily on static rules, manual investigations, and institution-specific intelligence. This approach struggles in an environment where financial crime is increasingly fast-moving, cross-border, and digitally enabled.

Compliance teams face persistent pressure. Alert volumes remain high, false positives consume investigator capacity, and regulatory expectations continue to rise. When resources are stretched, timeliness becomes harder to maintain.

Explainability is another challenge. Regulators expect institutions to articulate why decisions were made, not just that actions occurred. Systems that operate as black boxes make this difficult.

The result is a growing disconnect between regulatory expectations and operational reality.

The Shift Toward Effectiveness-Led AML

The RBNZ action reflects a broader move toward effectiveness-led AML supervision.

Under this approach, success is measured by outcomes rather than intent. Regulators are asking:

• Are risks identified early or only after escalation?
• Are enhanced due diligence triggers applied consistently?
• Are suspicious activities reported promptly and with sufficient context?
• Can institutions clearly explain and evidence their decisions?

Answering these questions requires more than incremental improvements. It requires a rethinking of how AML intelligence is sourced, applied, and validated.

Rethinking AML for the New Zealand Context

Modernising AML does not mean abandoning regulatory principles. It means strengthening how those principles are executed.

One important shift is toward scenario-driven detection. Instead of relying solely on generic thresholds, institutions increasingly use typologies grounded in real-world crime patterns. This aligns monitoring logic more closely with how financial crime actually occurs.

Another shift is toward continuous risk recalibration. Customer risk is not static. Systems that update risk profiles dynamically support more effective ongoing due diligence and reduce downstream escalation issues.

Collaboration also plays a growing role. Financial crime does not respect institutional boundaries. Access to shared intelligence helps institutions stay ahead of emerging threats rather than reacting in isolation.

Finally, transparency matters. Regulators expect clear, auditable logic that explains how risks are assessed and decisions are made.

Where Technology Can Support Better Outcomes

Technology alone does not solve AML challenges, but the right architecture can materially improve effectiveness.

Modern AML platforms increasingly support end-to-end workflows, covering onboarding, screening, transaction monitoring, risk scoring, investigation, and reporting within a connected environment.

Advanced analytics and machine learning can help reduce false positives while improving detection quality, when applied carefully and transparently.

Equally important is the ability to incorporate new intelligence quickly. Systems that can ingest updated typologies without lengthy redevelopment cycles are better suited to evolving risk landscapes.

How Tookitaki Supports This Evolution

Within this shifting environment, Tookitaki supports institutions as they move toward more effective AML outcomes.

FinCense, Tookitaki’s end-to-end compliance platform, is designed to support the full AML lifecycle, from real-time onboarding and screening to transaction monitoring, dynamic risk scoring, investigation, and reporting.

A distinguishing element is its connection to the AFC Ecosystem. This is a collaborative intelligence network where compliance professionals contribute, validate, and refine real-world scenarios based on emerging risks. These scenarios are continuously updated, allowing institutions to benefit from collective insights rather than relying solely on internal discovery.

For New Zealand institutions, this approach supports regulatory priorities around effectiveness, timeliness, and explainability. It strengthens detection quality while maintaining transparency and governance.

Importantly, technology is positioned as an enabler of better outcomes, not a substitute for oversight or accountability.

What Compliance Leaders in New Zealand Should Be Asking Now

In light of the RBNZ action, there are several questions worth asking internally.

• Can we evidence the effectiveness of our AML controls, not just their existence?
• How quickly do alerts move from detection to suspicious transaction reporting?
• Are enhanced due diligence triggers dynamic or static?
• Do we regularly test monitoring logic against emerging typologies?
• Could we confidently explain our AML decisions to the regulator tomorrow?

These questions are not about fault-finding. They are about readiness.

Looking Ahead

The Reserve Bank’s action against ASB marks a clear shift in New Zealand’s AML supervisory landscape. Effectiveness, timeliness, and accountability are now firmly in focus.

For financial institutions, this is both a challenge and an opportunity. Those that proactively strengthen their AML operating models will be better positioned to meet regulatory expectations and build long-term trust.

Ultimately, the lesson extends beyond one case. AML compliance in New Zealand is entering a new phase, one where outcomes matter as much as intent. Institutions that adapt early will define the next standard for financial crime prevention in the market.

If there is one thing everyone in the financial industry felt in the last few years, it was the speed at which scams evolved. Fraudsters became smarter, attacks became faster, and stolen funds moved through dozens of accounts in seconds. Consumers were losing life savings. Banks and fintechs were overwhelmed. And regulators had to act.

This is the backdrop behind the Anti-Financial Account Scamming Act (AFASA), Republic Act No. 12010 — the Philippines’ most robust anti-scam law to date. AFASA reshapes how financial institutions detect fraud, protect accounts, coordinate with one another, and respond to disputes.

But while many have written about the law, most explanations feel overly legalistic or too high-level. What institutions really need is a practical, human-friendly breakdown of what AFASA truly means in day-to-day operations.

This blog does exactly that.

What Is AFASA? A Simple Explanation

AFASA exists for a clear purpose: to protect consumers from rapidly evolving digital fraud. The law recognises that as more Filipinos use e-wallets, online banking, and instant payments, scammers have gained more opportunities to exploit vulnerabilities.

Under AFASA, the term financial account is broad. It includes:

• Bank deposit accounts
• Credit card and investment accounts
• E-wallets
• Any account used to access financial products and services

The law focuses on three main categories of offences:

1. Money Muling

This covers the buying, selling, renting, lending, recruiting, or using of financial accounts to receive or move illicit funds. Many young people and jobseekers were unknowingly lured into mule networks — something AFASA squarely targets.

2. Social Engineering Schemes

From phishing to impersonation, scammers have mastered psychological manipulation. AFASA penalises the use of deception to obtain sensitive information or access accounts.

3. Digital Fraud and Account Tampering

This includes unauthorised transfers, synthetic identities, hacking incidents, and scams executed through electronic communication channels.

In short: AFASA criminalises both the scammer and the infrastructure used for the scam — the accounts, the networks, and the people recruited into them.

Why AFASA Became Necessary

Scams in the Philippines reached a point where traditional fraud rules, old operational processes, and siloed detection systems were not enough.

Scam Trend 1: Social engineering became hyper-personal

Fraudsters learned to sound like bank agents, government officers, delivery riders, HR recruiters — even loved ones. OTP harvesting and remote access scams became common.

Scam Trend 2: Real-time payments made fraud instant

InstaPay and other instant channels made moving money convenient — but also made stolen funds disappear before anyone could react.

Scam Trend 3: Mule networks became organised

Criminal groups built structured pipelines of mule accounts, often recruiting vulnerable populations such as students, OFWs, and low-income households.

Scam Trend 4: E-wallet adoption outpaced awareness

A fast-growing digital economy meant millions of first-time digital users were exposed to sophisticated scams they were not prepared for.

AFASA was designed to break this cycle and create a safer digital financial environment.

New Responsibilities for Banks and Fintechs Under AFASA

AFASA introduces significant changes to how institutions must protect accounts. It is not just a compliance exercise — it demands real operational transformation.

These responsibilities are further detailed in new BSP circulars that accompany the law.

1. Stronger IT Risk Controls

Financial institutions must now implement advanced fraud and cybersecurity controls such as:

• Device fingerprinting
• Geolocation monitoring
• Bot detection
• Blacklist screening for devices, merchants, and IPs

These measures allow institutions to understand who is accessing accounts, how, and from where — giving them the tools to detect anomalies before fraud occurs.

2. Mandatory Fraud Management Systems (FMS)

Both financial institutions and clearing switch operators (including InstaPay and PESONet) must operate real-time systems that:

• Flag suspicious activity
• Block disputed or high-risk transactions
• Detect behavioural anomalies

This ensures that fraud monitoring is consistent across the payment ecosystem — not just within individual institutions.

3. Prohibition on unsolicited clickable links

Institutions can no longer send clickable links or QR codes to customers unless explicitly initiated by the customer. This directly tackles phishing attacks that relied on spoofed messages.

4. Continuous customer awareness

Banks and fintechs must actively educate customers about:

• Cyber hygiene
• Secure account practices
• Fraud patterns and red flags
• How to report incidents quickly

Customer education is no longer optional — it is a formally recognised part of fraud prevention.

5. Shared accountability framework

AFASA moves away from the old “blame the victim” mentality. Fraud prevention is now a shared responsibility across:

• Financial institutions
• Account owners
• Third-party service providers

This model recognises that no single party can combat fraud alone.

The Heart of AFASA: Temporary Holding of Funds & Coordinated Verification

Among all the changes introduced by AFASA, this is the one that represents a true paradigm shift.

Previously, once stolen funds were transferred out, recovery was almost impossible. Banks had little authority to stop or hold the movement of funds.

AFASA changes that.

Temporary Holding of Funds

Financial institutions now have the authority — and obligation — to temporarily hold disputed funds for up to 30 days. This includes both the initial hold and any permitted extension. The purpose is simple:
freeze the money before it disappears.

Triggers for Temporary Holding

A hold can be initiated through:

• A victim’s complaint
• A suspicious transaction flagged by the institution’s FMS
• A request from another financial institution

This ensures that action can be taken proactively or reactively depending on the scenario.

Coordinated Verification Process

Once funds are held, institutions must immediately begin a coordinated process that involves:

• The originating institution
• Receiving institutions
• Clearing entities
• The account owners involved

This process validates whether the transaction was legitimate or fraudulent. It creates a formal, structured, and time-bound mechanism for investigation.

Detailed Transaction Logs Are Now Mandatory

Institutions must maintain comprehensive transaction logs — including device information, authentication events, IP addresses, timestamps, password changes, and more. Logs must be retained for at least five years.

This gives investigators the ability to reconstruct transactions and understand the full context of a disputed transfer.

An Industry-Wide Protocol Must Be Built

AFASA requires the entire industry to co-develop a unified protocol for handling disputed funds and verification. This ensures consistency, promotes collaboration, and reduces delays during investigations.

This is one of the most forward-thinking aspects of the law — and one that will significantly raise the standard of scam response in the country.

BSP’s Expanded Powers Through CAPO

AFASA also strengthens regulatory oversight.

BSP’s Consumer Account Protection Office (CAPO) now has the authority to:

• Conduct inquiries into financial accounts suspected of involvement in fraud
• Access financial account information required to investigate prohibited acts
• Coordinate with law enforcement agencies

Crucially, during these inquiries, bank secrecy laws and the Data Privacy Act do not apply.

This is a major shift that reflects the urgency of combating digital fraud.

Crucially, during these inquiries, bank secrecy laws and the Data Privacy Act do not apply.

This is a major shift that reflects the urgency of combating digital fraud.

Penalties Under AFASA

AFASA imposes serious penalties to deter both scammers and enablers:

1. Criminal penalties for money muling

Anyone who knowingly participates in using, recruiting, or providing accounts for illicit transfers is liable to face imprisonment and fines.

2. Liability for failing to protect funds

Institutions may be held accountable if they fail to properly execute a temporary hold when a dispute is raised.

3. Penalties for improper holding

Institutions that hold funds without valid reason may also face sanctions.

4. Penalties for malicious reporting

Consumers or individuals who intentionally file false reports may also be punished.

5. Administrative sanctions

Financial institutions that fail to comply with AFASA requirements may be penalised by BSP.

The penalties underscore the seriousness with which the government views scam prevention.

What AFASA Means for Banks and Fintechs: The Practical Reality

Here’s what changes on the ground:

1. Fraud detection becomes real-time — not after-the-fact

Institutions need modern systems that can flag abnormal behaviour within seconds.

2. Dispute response becomes faster

Timeframes are tight, and institutions need streamlined internal workflows.

3. Collaboration is no longer optional

Banks, e-wallets, payment operators, and regulators must work as one system.

4. Operational pressure increases

Fraud teams must handle verification, logging, documentation, and communication under strict timelines.

5. Liability is higher

Institutions may be held responsible for lapses in protection, detection, or response.

6. Technology uplift becomes non-negotiable

Legacy systems will struggle to meet AFASA’s requirements — particularly around logging, behavioural analytics, and real-time detection.

How Tookitaki Helps Institutions Align With AFASA

AFASA sets a higher bar for fraud prevention. Tookitaki’s role as the Trust Layer to Fight Financial Crime helps institutions strengthen their AFASA readiness with intelligent, real-time, and collaborative capabilities.

1. Early detection of money mule networks

Through the AFC Ecosystem’s collective intelligence, institutions can detect mule-like patterns sooner and prevent illicit transactions before they spread across the system.

2. Real-time monitoring aligned with AFASA needs

FinCense’s advanced transaction monitoring engine flags suspicious activity instantly — helping institutions support temporary holding procedures and respond within required timelines.

3. Deep behavioural intelligence and comprehensive logs

Tookitaki provides the contextual understanding needed to trace disputed transfers, reconstruct transaction paths, and support investigative workflows.

4. Agentic AI to accelerate investigations

FinMate, the AI investigation copilot, streamlines case analysis, surfaces insights quickly, and reduces investigation workload — especially crucial when time-sensitive AFASA processes are triggered.

5. Federated learning for privacy-preserving model improvement

Institutions can enhance detection models without sharing raw data, aligning with AFASA’s broader emphasis on secure and responsible handling of financial information.

Together, these capabilities enable banks and fintechs to strengthen fraud defences, modernise their operations, and protect financial accounts with confidence.

Looking Ahead: AFASA’s Long-Term Impact

AFASA is not a one-time regulatory update — it is a structural shift in how the Philippine financial ecosystem handles scams.

Expect to see:

• More real-time fraud rules and guidance
• Industry-wide technical standards for dispute management
• Higher expectations for digital onboarding and authentication
• Increased coordination between banks, fintechs, and regulators
• Greater focus on intelligence-sharing and network-level detection

Most importantly, AFASA lays the foundation for a safer, more trusted digital economy — one where consumers have confidence that institutions and regulators can protect them from fast-evolving threats.

Conclusion

AFASA represents a turning point in the Philippines’ fight against financial scams. It transforms how institutions detect fraud, protect accounts, collaborate with others, and support customers. For banks and fintechs, the message is clear: the era of passive fraud response is over.

The institutions that will thrive under AFASA are those that embrace real-time intelligence, strengthen operational resilience, and adopt technology that enables them to stay ahead of criminal innovation.

The Philippines has taken a bold step toward a safer financial system — and now, it’s time for the industry to match that ambition.

In early December 2025, Australian authorities executed one of the most significant financial crime crackdowns of the year — dismantling a sprawling A$150 million money-laundering syndicate operating across New South Wales. What began as an illicit tobacco investigation quickly escalated into a full-scale disruption of an organised network using shell companies, straw directors, and cross-border transfers to wash millions in criminal proceeds.

This case is more than a police success story. It offers a window into Australia’s evolving financial crime landscape — one where illicit trade, complex laundering tactics, and systemic blind spots intersect to form a powerful engine for organised crime.

The Anatomy of an Illicit Tobacco Syndicate

The syndicate uncovered by Australian Federal Police (AFP), NSW Police, AUSTRAC, and the Illicit Tobacco Taskforce was not a small-time criminal operation. It was a coordinated enterprise that combined distribution networks, financial handlers, logistics operators, and front companies into a single ecosystem.

What investigators seized tells a clear story:

• 10 tonnes of illicit tobacco
• 2.1 million cigarettes packaged for distribution
• Over A$300,000 in cash
• A money-counting machine
• Luxury items, including a Rolex
• A firearm and ammunition

These items paint the picture of a network with scale, structure, and significant illicit revenue streams.

Why illicit tobacco?

Australia’s tobacco excise — among the highest globally — has unintentionally created a lucrative black market. Criminal groups can import or manufacture tobacco products cheaply and sell them at prices far below legal products, yet still generate enormous margins.

As a result, illicit tobacco has grown into one of the country's most profitable predicate crimes, fuelling sophisticated laundering operations.

The Laundering Playbook: How A$150M Moved Through the System

Behind the physical contraband lay an even more intricate financial scheme. The syndicate relied on three primary laundering techniques:

a) Straw Directors and Front Companies

The criminals recruited individuals to:

• Set up companies
• Open business bank accounts
• Serve as “directors” in name only

These companies had no legitimate operations — no payroll, no expenses, no suppliers. Their sole function was to provide a façade of legitimacy for high-volume financial flows.

b) Rapid Layering Across Multiple Accounts

Once operational, these accounts saw intense transactional activity:

• Large incoming deposits
• Immediate outbound transfers
• Funds bouncing between newly created companies
• Volumes inconsistent with stated business profiles

This rapid movement made it difficult for financial institutions to track the money trail or link transactions back to illicit tobacco proceeds.

c) Round-Tripping Funds Overseas

To further obscure the origin of funds, the syndicate:

• Sent money to overseas accounts
• Repatriated it disguised as legitimate business payments or “invoice settlements”

To a bank, these flows could appear routine. But in reality, they were engineered to sever any detectable connection to criminal activity.

Why It Worked: Systemic Blind Spots Criminals Exploited

This laundering scheme did not succeed simply because it was complex — it succeeded because it targeted specific weaknesses in Australia’s financial crime ecosystem.

a) High-Profit Illicit Trade

Australia’s tobacco excise structure unintentionally fuels criminal profitability. With margins this high, illicit networks have the financial resources to build sophisticated laundering infrastructures.

b) Fragmented Visibility Across Entities

Most financial institutions only see one customer at a time. They do not automatically connect multiple companies created by the same introducer, or accounts accessed using the same device fingerprints.

This allows straw-director networks to thrive.

c) Legacy Rule-Based Monitoring

Traditional AML systems rely heavily on static thresholds and siloed rules:

• “Large transaction” alerts
• Basic velocity checks
• Limited behavioural analysis

Criminals know this — and structure their laundering techniques to evade these simplistic rules.

d) Cross-Border Complexity

Once funds leave Australia, visibility drops sharply. When they return disguised as payments from overseas vendors, they often blend into the financial system undetected.

Red Flags Financial Institutions Should Watch For

This case provides powerful lessons for compliance teams. Below are the specific indicators FIs should be alert to.

KYC & Profile Red Flags

• Directors with little financial or business experience
• Recently formed companies with generic business descriptions
• Multiple companies tied to the same:
  • phone numbers
  • IP addresses
  • mailing addresses
• No digital footprint or legitimate online presence

Transaction Red Flags

• High turnover in accounts with minimal retained balances
• Rapid movement of funds with no clear business rationale
• Structured cash deposits
• Transfers between unrelated companies with no commercial relationship
• Overseas remittances followed by identical inbound amounts weeks later

Network Behaviour Red Flags

• Shared device IDs used to access multiple company accounts
• Overlapping beneficiaries across supposedly unrelated entities
• Repeated transactions involving known high-risk sectors (e.g., tobacco, logistics, import/export)

These indicators form the behavioural “signature” of a sophisticated laundering ring.

How Tookitaki Strengthens Defences Against These Schemes

The A$150 million case demonstrates why financial institutions need AML systems that move beyond simple rule-based detection.

Tookitaki helps institutions strengthen their defences by focusing on:

a) Typology-Driven Detection

Pre-built scenarios based on real-world criminal behaviours — including straw directors, shell companies, layering, and round-tripping — ensure early detection of organised laundering patterns.

b) Network Relationship Analysis

FinCense connects multiple entities through shared attributes (IP addresses, devices, common directors), surfacing hidden networks that traditional systems miss.

c) Behavioural Analytics

Instead of static thresholds, Tookitaki analyses patterns in account behaviour, highlighting anomalies even when individual transactions seem normal.

d) Collaborative Intelligence via the AFC Ecosystem

Insights from global financial crime experts empower institutions to stay ahead of emerging laundering techniques, including those tied to illicit trade.

e) AI-Powered Investigation Support

FinMate accelerates investigations by providing contextual insights, summarising risks, and identifying links across accounts and entities.

Together, these capabilities help institutions detect sophisticated laundering activity long before it reaches a scale of A$150 million.

Conclusion: Australia’s New Financial Crime Reality

The A$150 million illicit tobacco laundering bust is more than a headline — it’s a signal.

Illicit trade-based laundering is expanding. Criminal networks are becoming more organised. And traditional monitoring systems are no longer enough to keep up.

For banks, fintechs, regulators, and law enforcement, the implications are clear:

• Financial crime in Australia is evolving.
• Laundering networks now mirror corporate structures.
• Advanced AML technology is essential to stay ahead.

As illicit tobacco continues to grow as a predicate offence, the financial system must be prepared for more complex laundering operations — and more aggressive attempts to exploit gaps in institutional defences.