Trust account management¶
| ID | MOD-133 |
| System | SD01 |
| Repo | bank-core |
| Build status | Deployed |
| Deployed | Yes |
| Last commit | 2b41724 |
Purpose¶
Manages the opening, ongoing governance, and closure of trust accounts. A trust account is held by one or more trustees on behalf of beneficiaries under a trust deed. Trust accounts are common in NZ and AU for family trusts, testamentary trusts, charitable trusts, and commercial trusts. They require distinct account-opening workflows because beneficial ownership rules require the bank to identify and verify not only the trustee(s) but also any beneficial owner with a material interest — and to obtain and retain the governing trust deed.
Regulatory context¶
Beneficial ownership rules. FATF Recommendation 25 requires financial institutions to understand the beneficial ownership and control structure of legal arrangements, including trusts, before establishing a business relationship. Both the NZ and AU AML/CFT regimes implement this requirement directly.
NZ AML/CFT Act. Section 22 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 requires reporting entities to conduct customer due diligence on the beneficial owners of trusts. Beneficial owners include trustees (as the legal owners), any settlor, any beneficiary who has received a distribution, and any person with effective control. Enhanced CDD is required where the trust structure presents higher risk — which applies to all trusts as a category under FATF guidance.
AU AML/CTF Act. The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and AUSTRAC rules require identification of beneficial owners of trusts. For discretionary trusts, the beneficial owner is the trustee and the settlor; for fixed trusts, beneficiaries with ≥ 25% interest must also be identified. The 2024 Tranche 2 reforms extended these obligations further.
The practical effect is that every trust account opening requires: (a) eIDV for all trustees, (b) eIDV for all beneficial owners with ≥ 25% interest, (c) enhanced CDD review, and (d) storage of the trust deed.
Trust types¶
| Trust type | Trustees | Beneficial owners | KYC requirements | Notes |
|---|---|---|---|---|
| Family trust (discretionary) | 1–3 typically | Discretionary — no fixed beneficial interest | All trustees + settlor; beneficiaries identified but not necessarily eIDV'd unless ≥ 25% interest received | Most common trust type in NZ and AU |
| Testamentary trust | Executor / appointed trustee | Defined by will | All trustees; named beneficiaries with ≥ 25% interest | Established on death of testator |
| Charitable trust | Trustees (board members) | Public benefit — no individual beneficiaries | All trustees (as governing persons) | Registered charitable trusts may have reduced risk rating |
| Commercial trust (unit trust) | Corporate trustee or individuals | Unit holders with ≥ 25% interest | All trustees + all unit holders ≥ 25%; full enhanced CDD | Higher complexity; may trigger additional FATF obligations |
Data model¶
-- core.trust_accounts
CREATE TABLE core.trust_accounts (
trust_account_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
account_id UUID NOT NULL REFERENCES core.accounts(account_id),
trust_name TEXT NOT NULL,
trust_type TEXT NOT NULL CHECK (trust_type IN (
'family_discretionary', 'testamentary', 'charitable', 'commercial_unit'
)),
trust_deed_document_id UUID NOT NULL, -- MOD-073 document vault reference
established_date DATE,
jurisdiction TEXT NOT NULL CHECK (jurisdiction IN ('NZ', 'AU', 'NZ + AU')),
enhanced_dd_completed BOOL NOT NULL DEFAULT false,
next_review_date DATE,
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
-- core.trust_parties
CREATE TABLE core.trust_parties (
party_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
trust_account_id UUID NOT NULL REFERENCES core.trust_accounts(trust_account_id),
customer_id UUID NOT NULL REFERENCES core.customers(customer_id),
party_role TEXT NOT NULL CHECK (party_role IN (
'trustee', 'beneficial_owner', 'appointor', 'protector'
)),
ownership_pct NUMERIC(5,2), -- null for discretionary trusts or non-ownership roles
kyc_status TEXT NOT NULL CHECK (kyc_status IN (
'pending', 'in_progress', 'verified', 'failed'
)) DEFAULT 'pending',
eidv_completed BOOL NOT NULL DEFAULT false,
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
CREATE INDEX ON core.trust_parties (trust_account_id);
CREATE INDEX ON core.trust_parties (customer_id);
ownership_pct for beneficial owners in discretionary trusts is stored as null — there is no fixed beneficial interest. This is a valid state; the bank must still identify the class of beneficiaries but cannot assign percentages. The ≥ 25% threshold only applies where a fixed interest exists.
Key operations¶
Account opening with beneficial ownership mapping. An agent initiates a trust account opening request and records the trust name, type, jurisdiction, and establishment date. All trust parties are enrolled — trustees, beneficial owners (with ownership percentage where fixed), appointors, and protectors. For each trustee and each beneficial owner with ≥ 25% interest, eIDV is initiated via MOD-009. The trust deed is uploaded to MOD-073 and the returned trust_deed_document_id is written to the trust account record. Enhanced CDD is performed covering the trust structure, source of wealth, and purpose of the account. The account is held in a pending state until all required KYC is complete, enhanced_dd_completed is true, and trust_deed_document_id is populated. On completion, bank.core.trust_account_activated is emitted.
Trustee change workflow. When a trustee is added or removed, a change request is created. The outgoing trustee's removal is recorded and the incoming trustee's eIDV is initiated via MOD-009. A CDD review is triggered automatically (FR-595). The change does not take effect on the account until the incoming trustee's KYC is complete and the CDD review is resolved. A new or amended trust deed (deed of trustee retirement and appointment) must be uploaded to MOD-073 and a new version reference written to the trust account record.
Periodic CDD review. The next_review_date is set at account opening based on the account's AML risk rating. On the review date, a review task is created and assigned to the relevant compliance officer. The review covers all trust parties' current KYC status, any changes in beneficial ownership, the account's transaction profile, and any adverse media or screening alerts. On completion, next_review_date is advanced and enhanced_dd_completed is refreshed.
Account closure. Closure requires confirmation that all outstanding balances are settled and no open transactions are pending. The trust account record is updated with the closure date. The trust deed and all party records are retained in the document vault and audit log in accordance with the bank's data retention policy. The ledger account is closed via MOD-001.
Requirements¶
| ID | Requirement |
|---|---|
| FR-593 | System shall prevent a trust account from activating until all trustees and all beneficial owners with an ownership interest ≥ 25% have individually completed eIDV via MOD-009, have been assigned a CDD risk tier, and the trust deed has been uploaded to MOD-073; partial KYC completion must not allow the account to open. |
| FR-594 | System shall record all trust parties — trustees, beneficial owners, appointors, protectors — in core.trust_parties with their role, ownership percentage where applicable, and KYC status; the sum of beneficial owner percentages need not equal 100% (discretionary trusts have no fixed beneficial interest) but any party with ≥ 25% interest must pass enhanced due diligence. |
| FR-595 | System shall trigger a trust account CDD review when any of the following occur: a trustee is added or removed, a beneficial owner change is notified, the account's AML risk rating is elevated by MOD-034, or the configured periodic review date is reached; the review must be completed within 30 days of the trigger event. |
| FR-596 | System shall store the trust deed and any deed of variation in MOD-073 with a reference from the trust account record; the trust deed reference must be present before the account can activate; replacement deeds must be stored as a new version, retaining the previous version for audit purposes. |
Module dependencies¶
Depends on¶
| Module | Title | Required? | Contract | Reason |
|---|---|---|---|---|
| MOD-009 | eIDV & document verification | Required | — | All trustees and beneficial owners above the ownership threshold must independently pass eIDV before the trust account can activate. |
| MOD-001 | Double-entry posting engine | Required | — | Trust account transactions are posted via the double-entry ledger engine in the same way as any other account type. |
| MOD-073 | Document vault | Required | — | The trust deed and any deed of variation must be stored in the document vault and referenced from the trust account record before activation. |
| MOD-047 | Agent action logger | Required | — | All trust account governance events — opening, trustee changes, beneficiary changes — are logged to the agent action audit trail. |
Required by¶
(No modules in this wiki currently declare a dependency on this module.)
Policies satisfied¶
| Policy | Title | Mode | How |
|---|---|---|---|
| AML-002 | Customer Due Diligence (CDD) Policy | GATE |
All trustees and beneficial owners with ≥ 25% interest must individually pass eIDV and CDD before the trust account activates — the account cannot open with partial KYC completion. |
| AML-004 | Politically Exposed Persons (PEP) Policy | GATE |
Trust accounts are treated as inherently higher-risk for AML purposes; enhanced due diligence is required for all trust accounts at opening and on any trigger event before the account or change takes effect. |
| PRI-001 | Privacy Policy | AUTO |
Each trustee's and beneficial owner's personal data is processed with individual consent; privacy rights (access and correction) are applied per person, not at the trust account level. |
| GOV-006 | Internal Audit Policy | LOG |
All trust account opening events, trustee changes, beneficiary changes, and account governance events are logged as immutable records for regulatory and audit purposes. |
Capabilities satisfied¶
(No capabilities mapped)
Part of SD01 — Core Banking Platform
Compiled 2026-05-22 from source/entities/modules/MOD-133.yaml