The Department of Internal Affairs collects personal information through AML Online to carry out its functions under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009. We only collect the information necessary to provide our services.

We will not disclose personal information provided by you to any third parties, except where authorised by law. Examples include supplying information to other government agencies for law enforcement purposes where the other agency has a proper interest in receiving the information.

Information matching is carried out in accordance with Part 10 of the Privacy Act and is monitored by the Office of the Privacy Commissioner. See more about information matching.

The Department takes information security seriously. Our systems, including the information you provide us by email, through our websites and by other methods is monitored for security purposes. This may include monitoring and access by third parties that provide services to the Department. This monitoring ensures that your information and the Department’s information and systems are kept safe.


AML Online uses cookies to temporarily store session and authentication information so you do not have to repeatedly sign in, and the website can remember some of your previous actions.

Right to Personal Information
You have the right to view any personal information about you held by the Department, and to ask that we correct it if it’s wrong. To do this, you can email us at:

Or write to:
The Privacy Officer
Department of Internal Affairs
PO Box 805
Wellington 6140


The Department may collect statistical information about your visit to our website to help us improve it. This information does not identify individuals. We use Microsoft Application Insights to collect and analyse this information.

The information Microsoft Application Insights collects includes:

  • Web server telemetry (HTTP requests, Uri, time taken to process the request, client IP address)
  • Web page information (page, user and session counts, page load times, exceptions)
  • Performance counters (memory, CPU, network occupancy)
  • Client and server context (operating system, locale, device type, browser, screen resolution)
  • Exceptions
  • Dependencies (calls to external services)

The data is collected and stored within the Microsoft regional data centre.   

If you have any questions, please email: