Q&A with Dr Giulia Dondoli: Certified Anti-Money Laundering Specialist Audit (CAMS-Audit) | Founder, Total AML.
The 2025 National Risk Assessment highlighted real estate as a high-risk area for money laundering. What were the most significant findings lawyers should be aware of?
The 2025 National Risk Assessment highlighted real estate as a high-risk area for money laundering. What were the most significant findings lawyers should be aware of?
Real estate continues to feature prominently in asset seizure data, with lawyers and conveyancers playing a central role in facilitating property transactions. This makes law firms and real estate businesses particularly vulnerable to exploitation by criminals seeking to launder illicit funds through New Zealand property.
Suspicious activity reports from lawyers reveal that individuals are attempting to purchase real estate without disclosing their source of funds, and in some cases, refusing to comply with the sector’s anti-money laundering and counter-terrorism financing (AML/CFT) requirements.
Between January 2018 and December 2023, real estate was the third most commonly restrained asset in New Zealand (after cash and vehicles). This reinforces that property remains a highly attractive channel for criminal exploitation and a priority focus for regulators and reporting entities alike.
From June 2025, property law firms must apply ongoing customer risk ratings. What are the biggest challenges you expect practitioners to face with this change?
The AML/CTF Act has, from the outset, implicitly required firms to risk-rate their clients. For instance, Section 22(1)(d) of the Act mandates enhanced customer due diligence (CDD) for high-risk customers, an obligation that presupposes firms can identify who those high-risk customers are.
While many firms have been informally assessing risk, the real challenge lies in documenting and evidencing the process. A clearly defined client risk rating methodology should be written down, incorporated into the firm’s enterprise-wide risk assessment or compliance programme, and made readily available for external stakeholders such as auditors or the Department of Internal Affairs.
Beyond documentation, firms should establish policies, procedures, and controls that:
- Define how the methodology will be reviewed and updated,
- Set out how effectiveness will be tested, and
- Clarify how client risk ratings will be recorded, retained, and reassessed as part of ongoing CDD obligations.
- What practical strategies can firms adopt to integrate customer risk ratings into their AML/CFT programs without overburdening day-to-day practice?
Firms should make the most of the systems they already have in place. Many technology providers (whether practice management platforms or dedicated AML/CFT solutions) are now offering client risk rating tools that can be customised to varying degrees.
Where such integrated tools are not available, firms can still embed client risk rating into their existing processes by adapting record-keeping systems. For example, risk rating questions can be incorporated into client application forms, matter intake forms, or AML/CFT checklists already in use.
As with most aspects of AML/CFT compliance, robust record-keeping is critical.
Financial criminals continue to exploit property transactions — what red flags or pressure points should lawyers be watching most closely in 2026?
According to the latest National Risk Assessment, real estate as a property type can be used for money laundering, primarily during layering and integration of the proceeds of crime. This includes renovating with illicit cash; repaying mortgage debt with illicit cash; manipulating purchase price between a complicit vendor and purchaser; and using legal structures to conceal beneficial ownership. Nominee ownership may also occur to navigate foreign buyer rules.
Having worked with over 200 reporting entities across New Zealand and Australia, what’s the most common compliance gap you encounter — and how can lawyers avoid it?
I still see firms relying on templates that are not fit for purpose, both in their enterprise-wide risk assessments and compliance programmes, as well as in their client or matter risk rating forms.
Some of the most common issues include:
- Overly complex policies and procedures that require escalation steps and multiple partner approvals, even in sole-practitioner firms.
- Outdated templates that have not been reviewed or updated for years, and therefore fail to reflect key amendments to the AML/CFT regime.
- Arbitrary transaction monitoring thresholds (e.g., $1M or $10M) that bear no relation to the firm’s nature, size, and complexity, or typical transaction values.
Templates can be useful tools, but only when applied thoughtfully. Firms should carefully tailor any adopted template to their own business model and review it regularly to ensure it remains relevant, proportionate, and aligned with current AML/CFT obligations.
Dr Giulia Dondoli
Dr Giulia Dondoli is a Certified Anti-Money Laundering Specialist (CAMS) with an additional certification in audit (CAMS-Audit) and seven years of experience in AML/CFT compliance and consulting. Giulia is the Founder and Principal Consultant at Total AML and has audited and helped hundreds of reporting entities in New Zealand and Australia. Giulia holds a PhD in Law from the University of Waikato.
