PROCESSING...

Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Proposed 2023 AML Changes: Mortgage Lenders and Armoured Car Services

Background

February seems to be the month for proposed legislative changes.

On February 18, 2023, draft amendments to the regulations under the Proceeds of Crime Money Laundering and Terrorist Financing Act (PCMLTFA), and a net-new draft regulation, were published in the Canada Gazette. If you’re the type that likes to read original legislative text, you can find it here. We (thanks Rodney) also created a redlined version of the regulations, with new content showing as tracked changes, which can be found here.

These changes are meant to renew and improve Canada’s anti-money laundering (AML) and Counter Terrorist Financing (CTF) regime, adapting to new money laundering (ML) and terrorist financing (TF) risk. One of the most significant changes, in our opinion, is the introduction of two new regulated entity types, mortgage lenders and armoured car companies.

Currently, mortgages issued by financial entities are captured under the PCMLTFA but these amendments would make all entities involved in the mortgage lending process (brokers responsible for mortgage origination, lenders responsible for underwriting the loan, and administrators responsible for servicing the loan) reporting entities. The intent here is to level the playing field between regulated and unregulated mortgage lenders, and to deter misuse of the sector for illicit activities.

While the activity of transportation is not currently supervised for AML purposes per se, armoured car carriers provide services largely to regulated entities. Given the flow of funds that is typically seen in this sector, reconciliation and identification of the origin of funds can sometimes be challenging, and allows funds to move with some degree of anonymity, which is an ML/TF vulnerability.

The draft regulations also introduce new requirements for correspondent banking relationships, and additional requirements related to the Money Services Business (MSB) registration. There are also some technical amendments related to existing reporting requirements and changes related to Administrative Monetary Penalties (AMPs).

Lastly, a new regulation would introduce a prescribed formula for the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) to assess the expenses it incurs in the administration of the PCMLTFA against reporting entities. Such models are seen from other regulators, such as the Office of the Superintendent of Financial Institutions (OSFI) and the Financial Consumer Agency of Canada (FCAC). Currently, FINTRAC is funded through appropriations.

In the following sections, we have summarized what we feel are the most important requirements to note.

Armoured Car Companies

The proposed changes would require a company that engages in “transporting currency or money orders, traveller’s cheques or other similar negotiable instruments” (except for cheques payable to a named person or entity) to be considered an MSB. As such, the following obligations will have to be met:

  • Development of a compliance program;
  • Maintaining an up-to-date MSB registration with FINTRAC;
  • Conducting compliance effectiveness reviews;
  • Reporting certain transactions;
  • Identifying customers;
  • Record keeping;
  • Risk ranking customers and business relationships;
  • Conducting transaction monitoring and list screening;
  • Conducting enhanced due diligence and transaction monitoring for high-risk customers and business relationships; and
  • Follow ministerial directives and transaction restrictions.

One record keeping obligation to note, which is new for armoured car companies, is the requirement to record the following information when transporting CAD 1,000 or more of cash or virtual currency, or CAD 3,000 or more in money orders or similar negotiable instruments:

  • The date and location of collection and delivery;
  • The type and amount of cash, virtual currency or negotiable instrument transported;
  • The name and address of the person or entity that made the request, the nature of their principal business/occupation and, in the case of an individual, their date of birth;
  • The name and address, if known, of each beneficiary;
  • The number of every account affected by the transport, the type of account, and the name of the account holder;
  • Every reference number that is connected to the transport, and has a function; equivalent to that of an account number; and
  • The method of remittance.

An additional requirement that will apply to armoured car companies is in relation to PEP determinations (existing PEP requirements for MSBs still apply). Specifically, a PEP determination is required whenever a person requests that the MSB transport more than CAD 100,000 in cash or virtual currency, or in an amount that is not declared.

Under the proposed regulations, there are some exemptions for reporting that are noteworthy. Large Cash and Large Virtual Currency reporting requirements will not apply where there is an agreement of transportation between:

  • The Bank of Canada and a person or entity in Canada;
  • Two financial entities;
  • Two places of business of the same person or entity; or
  • Canadian currency coins for purposes of delivery under the Royal Canadian Mint.

It is noteworthy, based on the definition, that there may be more than just armoured car companies that are captured under these new requirements. This will be clarified in guidance from FINTRAC that will follow publication of the legislation.

The requirements applicable to armoured car companies will come into force eight months after final publication in the Canada Gazette.

Mortgage Lending

The proposed regulations would require mortgage lenders, brokers, and administrators (mortgage participants) to put in place compliance regimes, similar to that of other regulated entities, which include the following:

  • Development of a compliance program;
  • Conducting compliance effectiveness reviews;
  • Reporting certain transactions;
  • Identifying customers;
  • Keeping records;
  • Risk ranking customers and business relationships;
  • Conducting transaction monitoring and list screening;
  • Conducting enhanced due diligence and transaction monitoring for high-risk customers and business relationships; and
  • Follow ministerial directives and transaction restrictions.

It is noteworthy, that many mortgage brokers already have existing voluntary AML compliance programs and already apply AML measures. This is in part due to various securities regulations and lending partners.

The requirements applicable to mortgage lending will come into force six months after final publication in the Canada Gazette.

Cost Recovery

As part of this round of regulatory changes, there is a net-new regulation, the Financial Transactions and Reports Analysis Centre of Canada Assessment of Expenses Regulations. This regulation will allow FINTRAC to pass on expenses, to reporting entities, that it incurs in the administration of the PCMLTFA. Only the following prescribed entity types are affected by this:

  • Banks and authorized foreign banks;
  • Life insurance companies;
  • Trust and loan corporations; and
  • Every entity that made more than 500 threshold reports during the previous fiscal year.

The regulations provide a formula that FINTRAC would use to calculate the assessment amounts payable by reporting entities on the basis of their annual asset value, and the volume of all threshold transaction reports submitted. For clarity, threshold transaction reports include Large Cash Transaction Reports (LCTRs), Large Virtual Currency Transaction Reports (LVCTRs), Electronic Funds Transfer Reports (EFTRs), and Casino Disbursement Reports (CDRs).

The requirement would come into force on April 1, 2024. This means FINTRAC would commence recovering costs from the 2024-2025 fiscal year and forward.

Other Changes

Enhancing MSB registration

Under the proposed amendments, as part of MSB registration, MSBs would now need to include the telephone numbers and email addresses of its president, directors and every person who owns or controls 20% or more of the MSB. This is in addition to current required information. Additionally, the number of the MSB’s agents, mandataries and branches in each country will be added (currently, only those within Canada are required).

This requirement will come into force twelve months after final publication in the Canada Gazette.

Streamlining requirements for sending AMPs

Under the proposed amendments, FINTRAC would be allowed to serve a reporting entity solely by electronic means when issuing an AMP. Currently, FINTRAC would also have to send an additional copy by registered mail.

This requirement would come into force on registration.

What Next?

There is a 30 day comment period (ending March 20, 2023) for the proposed regulations. It is strongly recommended that industry, and potentially impacted companies, review carefully and provide feedback. Comments can be submitted online via the commenting feature after each section of the proposed changes, or via email directly to Julien Brazeau, Associate Assistant Deputy Minister, Financial Sector Policy Branch, Department of Finance, 90 Elgin Street, Ottawa, Ontario K1A 0G5.

We’re Here To Help

If you have questions related to the proposed changes, or need help starting to plan, you can get in touch using the online form on our website, by emailing us directly at info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

The Proposed Retail Payment Activities Regulations

Background

On February 11, 2023, the proposed Retail Payment Activities Regulations were published in the Canada Gazette. This is to support the Retail Payment Activities Act (RPAA) which was released under Bill C-30 and received royal assent in June 2021. The Retail Payment Activities Regulations are required to bring the RPAA into force.

A Payment Service Provider (PSP) is defined as an individual or entity who performs payment functions as a service or business activity that is not incidental to another service or business activity. Certain entities, such as financial institutions, are exempt as they are regulated under other federal obligations (i.e., Office of the Superintendent of Financial Institutions’ Operational Risk and Enterprise Risk management guidelines.)

The current lack of requirements and supervision increases risks, such as the risk of financial loss in instances of business insolvency, and threats to the security of sensitive personal information. The Regulations aim to address gaps in the supervision of unregulated PSPs and are meant to align with other jurisdictions which already have regimes for PSPs.

The principles that guide the Regulations are:

  • Necessity — supervision should address risks that lead to significant harm to end users and avoid duplication of existing rules;
  • Proportionality — level of supervision should be commensurate with the level of risk posed by the payment activity;
  • Consistency — similar risks should be subject to a similar level of supervision; and
  • Effectiveness — requirements should be clear, accessible and easy to integrate within different payment services.

PSPs will be required to apply and register with The Bank of Canada (no date for this yet). There is a proposed registration fee of CAD 2500. Additionally, an annual assessment fee will be required.

In the following sections, we have summarized what we feel are the most important requirements to note.

Operational Risk Management

PSPs will have to implement and maintain an Operational Risk Framework consisting of the following:

  • Identify its operational risks (i.e., business continuity, cybersecurity, fraud, data management, information technology, human resources, process and product design and implementation, change management, physical security and third parties);
  • Protect its retail payment activities from those risks;
  • Detect incidents and control breakdowns;
  • Respond to and recover from incidents;
  • Review, test and audit its Risk Management Framework;
  • Establish roles and responsibilities for the management of operational risk;
  • Have access to sufficient human and financial resources; and
  • Manage risks from third-party service providers, agents and mandataries.

PSP must ensure that the above are proportional to the impact that a reduction, deterioration, or breakdown of its payment activities could have on end users.

Incident Response

Under the proposed Regulations, PSPs must develop a comprehensive plan for investigating, responding to and recovering from incidents that have a material impact on an end user. An incident is defined as an event or series of related events that is unplanned and that results in or could reasonably be expected to result in the reduction, deterioration or breakdown of any payment activity performed by a PSP.

The incident would be reported to the Bank of Canada and would include the following at a minimum:

  • A description of the incident;
  • The impact on individuals or entities listed in the Act; and
  • Actions taken by the PSP to respond to the incident.

There would also need to be a notice to impacted end users and other impacted parties.

PSPs can only resume operations after an incident once they have verified the integrity and confidentiality of all systems, data and information have been restored, and that it is able to perform retail payment activities without reduction, deterioration or breakdown.

Audit, Testing and Training

Under the proposed Regulations, PSP’s will have to complete various types of testing related to the Framework and have training in place.

All staff who have a role in establishing, implementing or maintaining the PSP’s Risk Management Framework must be provided with the information and training that are necessary to carry out that role.

Framework Review

On at least an annual basis, PSP’s must evaluate its compliance with regulatory requirements. Such a review is also required before any significant changes are made to the PSP’s operations or controls after an incident (defined in the section above).  The findings of the review must be reported to a senior officer.

Testing

PSPs must also establish and implement a testing methodology to determine the effectiveness of its Risk Management Framework. This must be tested at least once every three years and findings must also be provided to a senior officer.

Independent Review

In addition to the above, a PSP must have their Framework independently reviewed at least every three years. The review must be documented and describe the scope, methodology use and findings. Findings of the review must be reported to a senior officer.

Biennial Independent Review

PSPs must have requirements related to safeguarding of funds tested at least once every two years by a sufficiently skilled individual who has had no role in the establishment, implementation, or maintenance of the safeguarding requirements under a PSPs Framework. We discuss what safeguards requirements are below.

Safeguards

PSPs will be required to hold customer funds in a trust account or a segregated account, with insurance or a guarantee to safeguard end-user funds against financial losses due to insolvency.

For consumer protection, the Regulations contain requirements to protect the end user from loss. These requirements include:

  • End-user funds must be held at prudentially regulated financial institutions;
  • Insurance or guarantee cannot be from an affiliate of the PSP;
  • The proceeds from the insurance or guarantee cannot form part of the PSP’s estate;
  • The Bank of Canada must be notified at least 30 days in advance of the cancellation of the insurance or guarantee;
  • PSPs must implement and maintain a written fund safeguarding framework to ensure that end-users have reliable access to their funds without delay; and
  • PSPs must keep a ledger with the names of their end-users and the amount of funds held.

This will require detailed flow of funds documentation.

Reporting

Under the proposed Regulations , PSPs will have to complete various types of reports.

Annual Report

PSPs will need to provide an annual report to the Bank of Canada, no later than March 31 of each year.  Some of the information that must be contained in the report is:

  • A description of any changes made to the payment service provider’s risk management and incident response framework;
  • A description of the human and financial resources for implementing and maintaining the risk management and incident response framework;
  • A description of the PSP’s operational risks in respect of the reporting year, their potential causes and the manner in which they were identified;
  • A description of the systems, policies, procedures, processes, controls, including any approvals required;
  • A description of training;
  • A description of all reviews, and independent reviews; and
  • A description of any incidents that the payment service provider experienced during the reporting year.

Also, the report will need to contain certain volume and value statistics related to the services a PSP is providing.

Significant Change Report

PSPs will be required to notify the Bank of Canada, at least five days in advance, before making a significant change that could materially impact operational risks or the safeguarding of end user funds.

The information that must be contained in the report is:

  • The name and contact information of the individual who may be contacted regarding the significant change;
  • A description of the change or new activity to be performed;
  • The reason for the change or new activity;
  • The date on which the change is to be made;
  • The PSP’s assessment of the effect that the change or new activity will have on its operational risks; and
  • A copy of all documentation in relation to the PSP’s Risk Management Framework, that has been amended to reflect the change or new activity, including any necessary approvals.

If a PSP has senior officers, the change or new activity must be approved and receive formal sign off by senior management before submission of a report. This should be taken into account from a planning perspective, as it can take some time to obtain such internal approvals.

Incident Report

PSPs must report incidents that have a material impact on an end user, other PSPs, or designated financial market infrastructures, to the Bank of Canada and other impacted individuals and entities.

The information that must be contained in the report is:

  • A description of the incident;
  • What impact does the incident have on individuals and entities; and
  • What actions have been taken by the PSP to respond and remediate.

The Regulations do not make it clear what timeframe is required for reporting such incidents, however they do state the standard time to respond to a request from the Bank of Canada is 15 days. Failure to report an incident can result in an administrative monetary penalty classified as very serious.

What Does This Mean?

From the highlights, it’s evident that these Regulations will create a substantial burden for PSPs, especially ones that are smaller or just starting. A significant amount of time, resources and cost are going to be needed to manage the compliance requirements that PSPs will need to follow. If a PSP does not comply or there is partial compliance, they may be subject to administrative monetary penalties that range from CAD 1,000,000 per each serious violation, up to CAD 10,000,000 per each very serious violation. The draft Regulations did not make clear what a dispute process would like.

It should be noted that most PSPs captured under the RPAA are also considered money services businesses (MSBs), and as such must also comply with anti-money laundering (AML) compliance obligations. Check out our blog related to that here.

What Next?

Due to these changes not being final, we wait. There is no set date for when we can expect final legislation or when they will come into force, but it is a good time to start budgeting and align resources.

Also, as there is a 45-day comment period for the proposed Regulations which closes on March 28, 2023, PSPs should review the Regulations carefully and provide feedback. Comments can be submitted online via the commenting feature after each section of the proposed Regulations, via email, or via regular mail to Nicolas Marion, Senior Director, Payments Policy, Department of Finance, 90 Elgin Street, Ottawa, Ontario K1A 0G5.

We’re Here To Help

If you have questions related to the proposed changes, or need help starting to plan, you can get in touch using the online form on our website, by emailing us at info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

New Illegal Wildlife Trade Indicators

FINTRAC has published a new Operational Alert on the Illegal Wildlife Trade.

The alert includes diagrams of known fund flows, both into and out of Canada (though the latter is most common). Three categories of indicators are included:

  • General wildlife trade,
  • Import into Canada, and
  • Export from Canada.

As a Compliance Officer, it’s important to think through where these indicators might be visible to you and your team. For instance, if you are offering remittance or payment services, and there is an available memo or purpose of payment field, there are several keywords in the indicators that should be added to your monitoring parameters (if they haven’t been already).

All Canadian reporting entities must use this information to:

  • Update the indicators in training materials,
  • Update the indicators in policies and procedures, and
  • Update transaction monitoring mechanisms (where applicable) to detect relevant indicators.

Of course, if you require assistance, Outlier Compliance is here to help. Please feel free to contact us.

Suspicious Transaction Reporting Updates

FINTRAC has published updated resources related to upcoming changes to suspicious transaction reports (STRs) on its Draft Documents page. This includes updated draft guidance on STRs, expected to come into force in September 2023.

While the updated forms are not yet in use, it is important that you communicate these changes to your information technology (IT) teams and service providers. The documentation published this week includes JSON schemas and API endpoints.

For reporting entities that complete STR reporting manually through FINTRAC’s online reporting portal, it is also important to familiarize yourself with updated structured reporting fields, including:

  • URL,
  • Type of device used,
  • Username,
  • Device identifier number,
  • Internet protocol address, and
  • Date and time in which online session request was made.

These can be reviewed in the draft STR form.

Of course, if you require assistance, Outlier Compliance is here to help, please contact us.

New Terrorist Financing Indicators

FINTRAC Registration

FINTRAC has published updated indicators related to terrorist activity financing.

These are subdivided into three broad types of violent extremism:

  • religiously motivated violent extremism (RMVE),
  • politically motivated violent extremism (PMVE), and
  • ideologically motivated violent extremism (IMVE).

Each subtype has distinct characteristics and indicators. While it can be tempting to think that these types of things don’t happen here, unfortunately, they can and do happen here in Canada. As a Compliance Officer, it’s important to think through where these indicators might be visible to you and your team.

All Canadian reporting entities must use this information to:

  • Update the indicators in training materials,
  • Update the indicators in policies and procedures, and
  • Update transaction monitoring mechanisms (where applicable) to detect relevant indicators.

Of course, if you require assistance, Outlier Compliance is here to help, please contact us

Outlier Compliance Group welcomes Karene Lewis!

The Outlier Compliance Group team is thrilled to welcome our newest member, Karene Lewis!

Karene brings deep banking (including credit union) and money services business (MSB) experience.

Karene’s Bio

Karene joins the Outlier team with more than 15 years of experience in the financial services sector; over 10 years of experience working in the Credit Union sector; over eight years of working experience building relationships with MSBs and PSPs, and enhancing and managing compliance programs for a variety of regulated entities.

Her areas of knowledge and experience in regulatory compliance and risk management were gained through various roles throughout her career in the financial services sector; managing regulatory compliance and risk, contributing to the development and implementation of policies and procedures, conducting comprehensive internal compliance audits, effectiveness reviews, risk assessments and the training of team members, senior management and executives; with proven strengths in communication and building strong business relationships.

Karene got into compliance when in her role as Business Relationship Manager, she was tasked with managing the MSB and high-risk client program for the financial institution. In order to become more familiar with the industry that she was now going to be working so closely with, she attended a Canadian MSB conference, where she learned so much about these regulated entities, how they are typically formed out of a need to provide financial services to often underserved communities and as a way for families to send financial assistance to family members in need, in diasporas around the world. With this knowledge, she was hooked and wanted to find out how she could help bring a positive light to this much-needed service while ensuring adherence to all applicable regulatory compliance laws and regulations.

Karene supports Outlier’s mission statement, “good compliance can enable good business.” She is passionate about compliance and risk management and believes that businesses can be successful and compliant at the same time; sometimes all you need is a little help and some guidance to set you on the right path.

Please join us in welcoming Karene!

She’ll be attending the Futurist conference in Toronto as her first official Outlier event. Please say hello and welcome her to the team.

EFTs, PSPs & Crowdfunding : Canada’s Changing Regulatory Landscape

On April 27th, 2022 amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) and associated regulations related to penalties for non-compliance were passed. These amendments were unusual, as there was little prior public consultation, no pre-publication for public comment, and they came into force “on publication” (right away). This is particularly unusual, as new business models were included in the money services business (MSB) and foreign money services business (FMSB) categories.

Specifically, a number of payment services providers (PSPs) became MSBs through a change in the definition of electronic funds transfers (EFTs), and companies that provide crowdfunding services also became MSBs/FMSBs. Historically, these types of changes would have included a pre-publication of the proposed amendment with time for industry participants to comment. There is also, generally, a period of time between the publication of final amendments and the coming into force date (often a year). Absent these buffers, both industry and Canada’s AML regulator, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) have been scrambling to assess the many nuances of the amendments.

While we’ve seen a number of responses to individual applicants for MSB registrations and requests for policy interpretations from FINTRAC, today’s release was the first substantial piece of public guidance from the regulator. For those inclined, it can be accessed here: https://fintrac-canafe.canada.ca/notices-avis/2022-07-21-eng

EFTs and PSPs

What may have seemed like an inconsequential change to the definition of EFTs, which removed certain exemptions, has significant impacts on payment services providers.

“As payment services are not a prescribed service under the PCMLTFA, FINTRAC is taking the position that persons or entities that provide invoice payment services or payment services for goods and services are engaged in the business of remitting or transmitting funds, or dealing in virtual currency.”

FINTRAC’s guidance goes on to define each of these activities and the (very limited) exemptions in each case.

Crowdfunding

While crowdfunding gets a nod in the title of the guidance, it doesn’t really factor into the substance of today’s piece. There are definitions in the amendments themselves in this case, and it’s likely that additional guidance will follow as FINTRAC works through these registrations.

crowdfunding platform means a website or an application or other software that is used to raise funds or virtual currency through donations. (plateforme de sociofinancement)”

crowdfunding platform services means the provision and maintenance of a crowdfunding platform for use by other persons or entities to raise funds or virtual currency for themselves or for persons or entities specified by them. (services de plateforme de sociofinancement)”

FINTRAC’s MSB/FMSB Registration Process

The guidance notes that FINTRAC is working to get businesses registered “over the next several weeks.” As there are many businesses that will be newly registering as MSBs or FMSBs, industry participants should expect some delays. It has also become much more common for FINTRAC to ask for additional details about the business, such as the business model and flow of funds.

There is also a tool to check to see if your business should be registered: https://www.fintrac-canafe.gc.ca/msb-esm/questions/2-eng

If you’re ready to register, you can find an overview of the process and links to the pre-registration form here: https://fintrac-canafe.canada.ca/msb-esm/register-inscrire/reg-ins-eng

Requesting Policy Interpretations

There are two important FINTRAC email addresses. If you have a question specifically about whether or not your business should register, first try msb-esm@fintrac-canafe.gc.ca.

For other policy interpretation requests (or if your request is particularly complex), your best avenue is most likely guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

Enforcement Actions

FINTRAC’s guidance indicates that the regulator will take a reasonable approach to entities required to register.

“We understand that there will be challenges in meeting certain obligations. FINTRAC will be reasonable in its assessment and enforcement approach and is committed to working with reporting entities subject to the PCMLTFA and its Regulations to increase their awareness, understanding and compliance with their obligations. Please continue to monitor our website for updates or additional guidance.”

This gentle approach will not last indefinitely. If your business needs to be registered (and get its house in order AML compliance-wise), it’s time to get started.

We’re here to help.

Whether you want a hand drafting a policy interpretation request, an AML compliance program, or training for your newly minted AML Compliance Officer (congratulations, I’m sorry), we’re here to help. Please get in touch.

Effectiveness Reviews for Dealers in Virtual Currency

Effective June 1, 2020, dealers in Virtual Currency activities were considered as Money Services Businesses (MSBs) and as such, must comply with MSB obligations under amendments made to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA). One obligation is to have an AML effectiveness review at least once every two years. MSBs must start their effectiveness review no later than two years from the start of their previous review or in the case of dealers in Virtual Currency, no later than June 1, 2022, the date they were considered to be MSBs under law.

Such reviews must test your compliance program and effectiveness of your operations. Our reviews follow a similar format to examinations conducted by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), which you can read more about in a previous Blog Post.

We’re Here To Help

If you have not yet engaged or commenced your review, there are still a couple of weeks to be compliant. If you would like to engage Outlier to conduct your AML Compliance Effectiveness Review or have questions regarding this obligation, please get in touch.

The Iran Ministerial Directive’s Impact

Quick Overview

On July 25, 2020, a new Ministerial Directive (MD) was published in the Canada Gazette by the Minister of Finance on financial transactions associated with the Islamic Republic of Iran.  On July 27, 2020, FINTRAC issued guidance on how to incorporate the MD into your anti-money laundering (AML) program, along with some indicators for determining if a transaction is associated with Iran. This MD requires that every transaction originating from or bound for Iran be treated as high risk, regardless of the amount. This includes identifying every client, performing customer due diligence, and recording certain information. It is vital that your AML compliance program documentation contains internal processes related to MDs, even if you do not conduct transactions with Iran (or North Korea, based on the previous MD issued December 9, 2017).

What is a Ministerial Directive?

MDs are specific requirements imposed by the Minister of Finance that are meant to mitigate risks associated with activities that pose elevated risk and safeguard the integrity of Canada’s financial system. To date, these areas of elevated risk have been identified by the Financial Action Task Force (FATF) as posing strategic deficiencies with regards to international standards for anti-money laundering and counter terrorist financing.

What does this Ministerial Directive require?

The guidance from FINTRAC states that every bank, credit union, financial services cooperative, caisse populaire, authorized foreign bank and Money Services Business (MSB) must:

  • Treat every financial transaction originating from or bound for Iran, regardless of its amount, as a high-risk transaction;
  • Verify the identity of any client (person or entity) requesting or benefiting from such a transaction;
  • Exercise customer due diligence, including ascertaining the source of funds in any such transaction, the purpose of the transaction and, where appropriate, the beneficial ownership or control of any entity requesting or benefiting from the transaction;
  • Keep and retain a record of any such transaction;
  • Determine whether there are reasonable grounds to suspect the commission or attempted commission of a money laundering or terrorist financing offence and report all suspicious transactions to FINTRAC;
  • Reporting all other reportable transactions (if applicable).

To be clear, this MD does not apply to transactions where there is no suspicion or explicit connection with Iran and there is no evidence of the transaction originating from or being bound for Iran. A couple of examples were provided in the FINTRAC Guidance:

  • A client who has previously sent funds to Iran requests an outgoing EFT, where the transaction details do not suggest that this transaction is bound for Iran and you are unable to obtain further details about the transaction destination; or
  • The client’s identification information is the only suggestion of a connection to Iran (for example, a transaction where the conductor’s identification document is an Iranian passport).

What does it mean to you?

It is important to understand that even if your business does not facilitate transactions involving Iran, it is expected that you have a process in place for adhering to MDs, including how the Compliance Officer stays up to date. Within your AML compliance program documentation, you need to have a section that talks about MDs generally, plus specific procedures related to handling the current MDs (transactions involving Iran and North Korea). In the FINTRAC guidance related to this MD, it states that during an examination, FINTRAC will assess your compliance with MDs and failures to do so are considered very serious and may result in a penalty.

What now?

In order to ensure familiarity for anyone who interacts with customers and their transactions, the list of FINTRAC’s indicators should be communicated immediately.  Furthermore, the indicators should also be included in your procedure manuals and annual AML compliance training topics, allowing easy access to the information. Documenting the information and related processes for MDs is very important so you can demonstrate to FINTRAC your adherence to the requirements during an examination.

Need a hand?

We’ve made it easier for you to integrate this content into your program by putting the information into a Word document for you. If you aren’t sure what to do with this information and would like some assistance, please feel free to contact us.

Amending the Amendments! 2020 AML Changes for Real Estate

Background

Back on July 10, 2019, the highly anticipated final version of the amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations were published. However, on June 10, 2020, further amendments to those amended regulations were published in the Canada Gazette. To make reading these changes a little easier, we have created a redlined version of the regulations, with new content showing as tracked changes, which can be found here.

The purpose of this round of amendments is to better align measures with international standards and level the playing field across reporting entities by applying stronger customer due diligence requirements and beneficial ownership requirements to designated non-financial businesses and professions (DNFBPs). The amendments come into force on June 1, 2021.

We have summarized the changes that will have an impact on real estate developers, brokers, and sales representatives below.

Business Relationship

One of the most significant proposed changes for real estate developers, brokers, and sales representatives is related to the definition of a business relationship. Currently, a business relationship is defined as:

If a person or entity does not have an account with you, a business relationship is formed once you have conducted two transactions or activities for which you have to:

  • verify the identity of the individual; or
  • confirm the existence of the entity.

The amendments change the definition for real estate developers, brokers, and sales representatives to the first time that the person or entity is required to verify the identity of the client.

For business relationships, a reporting entity must:

  • keep a record of the purpose and intended nature of the business relationship;
  • conduct ongoing monitoring of your business relationship with your client to:
    • detect any transactions that need to be reported as suspicious;
    • keep client identification and beneficial ownership information, as well as the purpose and intended nature records, up-to-date;
    • reassess your client’s risk level based on their transactions and activities; and
    • determine if the transactions and activities are consistent with what you know about your client;
  • keep a record of the measures you take to monitor your business relationships and the information you obtain as a result.

 This change in definition also means that ongoing monitoring must be applied for the following purposes:

  1. detecting any transactions that are required to be reported;
  2. keeping client identification information and the information up to date;
  3. reassessing the level of risk associated with the client’s transactions/activities; and
  4. determining whether transactions or activities are consistent with the information obtained about their client, including the risk assessment of the client.

PEP

The amendments will require real estate developers, brokers, and sales representatives to make a Politically exposed persons (PEP) determination when they enter into a business relationship (as defined above) with a client.

In addition, they will also be required to take reasonable measures to determine whether a client from whom they receive an amount of CAD 100,000 or more is a PEP.

If a positive determination is made, the following records must be kept:

  1. the office or position, and the organization or institution, in respect of which the person is determined to be a politically exposed foreign person, a politically exposed domestic person or a head of an international organization, or a family member of, or a person who is closely associated with, one of those persons;
  2. the date of the determination; and
  3. the source, if known, of the person’s wealth.

Beneficial Ownership

The amendments will require real estate developers, brokers, and sales representatives to comply with existing beneficial ownership requirements that apply to other reporting entities.

This means when identifying an entity, a reporting entity needs to collect the following information for all Directors and individuals who own or control, directly or indirectly, 25% or more of the organization:

  • Their full legal name;
  • Their full home address; and
  • Information establishing the ownership, control, and structure of the entity.

A record of the reasonable measures to confirm the accuracy of the information, when it is first obtained and in the course of ongoing monitoring of business relationships, must be retained.

We’re Here To Help

If you would like assistance in updating your compliance program and processes, or have any questions related to the changes, please get in touch!

Return to Blog Listing