Language selection

Search

Archived FINTRAC Policy Interpretations

Archived information

Archived information is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

This content is archived and will be kept online until March 31, 2023, for reference purposes only.

Compliance Program

Compliance officer – internal or external appointment

Question:

Is it acceptable for a reporting entity to outsource the role of Compliance Officer if all aspects of the Compliance Officer element are met within the agreement?

Answer:

Pursuant to subparagraph 71(1)(a) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), for the purpose of subsection 9.6(1) of the Act, a person or entity referred to in that subsection shall, as applicable, implement the compliance program referred to in that subsection by appointing a person — who, where the compliance program is being implemented by a person, may be that person — who is to be responsible for the implementation of the program.

FINTRAC’s guidance further explains that in order to implement an effective compliance program the appointed compliance officer needs to:

  • have the necessary authority and access to resources in order to implement an effective compliance program and make any desired changes;
  • have knowledge of the business' functions and structure;
  • have knowledge of the applicable sector's money laundering and terrorist activity financing (ML/TF) risks and vulnerabilities as well as ML/TF trends and typologies; and 
  • understand the applicable sector's legal requirements under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations.

While the compliance officer is appointed, it is the reporting entity's responsibility to meet its compliance program requirements under the PCMLTFA and its associated Regulations. As a best practice, the compliance officer should have the ability to report compliance related issues to, and meet with the board of directors, senior management or owner/chief operator on a regular basis.

Neither the Act nor its associated Regulations prescribe who must be appointed as the compliance officer nor the manner in which they are appointed. As such, so long as the reporting entity appoints a person responsible for the implementation of the program and that person has the necessary authority and access in order to implement the program effectively, then the reporting entity may appoint a person outside of their business. As a reminder, it the reporting entity that remains legally responsible for meeting its obligations under the Act and its associated Regulations.

Date answered: 2020-09-28

PI Number: PI-10887

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Regulations: 71(1)(a)

Act: 9.6(1)

Impact of legalized cannabis on branches and subsidiaries

Question:

Can branches/subsidiaries in other countries support the cannabis-related activities of our Canadian clients since it is legal here?

Answer:

All financial entities, securities dealers and life insurance companies must ensure that foreign branches and subsidiaries apply policies similar to the record keeping, verifying identity, and compliance program requirements under the PCMLTFA, to the extent permitted by the laws of the foreign country, and this includes the requirement to assess the risk of money laundering or terrorist activity financing offences, and apply risk mitigation measures when the risk is considered to be high.

With that being said, branches and subsidiaries of Canadian reporting entities operating in other countries are subject to the laws and regulations of those countries, as well as the policies and procedures developed in those jurisdictions. The legalization of cannabis in Canada does not mean that other countries will allow the branches and subsidiaries of Canadian reporting entities operating within these countries to offer business services related to cannabis outside of Canada.

For more information on foreign branches, subsidiaries and affiliates requirements please see FINTRAC’s Foreign branches, subsidiaries and affiliates requirements Guidance.

Date answered: 2018-10-17

PI Number: PI-8758

Activity Sector(s): Financial entities, Life insurance, Securities dealers

Obligation(s): Compliance Program

Regulations: 71(1)

Act: 9.6, 9.7

Risk assessment of a legal cannabis business

Question:

I would like clarification from FINTRAC on questions related to legalized cannabis:

  1. Do we have an obligation to assess the risk of our individual clients in relation to the legalization of cannabis?
  2. If yes, what should we consider when assessing the risk of a cannabis business?
  3. Can we refuse to offer services to a legal cannabis business?
  4. What do we do if an entity in another country refuses a transaction because the entity initiating the transaction is a legal cannabis business?

 

Answer:

Pursuant to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations, a reporting entity must, as with all clients, evaluate the risk of a money laundering or terrorist activity financing offence as it relates to their business.

While cannabis will be legal in Canada, there is still the potential for illicit activity to occur, as is the case for many products and services. Therefore, reporting entities should familiarize themselves with what is and is not legal when it comes to cannabis so that they may effectively detect patterns of suspicious transactions and activities, and risk assess all clients appropriately.

In assessing risk, a reporting entity should consider factors such as whether:

  • the business is properly licensed - federally, or in the province or territory in which it is located;
     
  • the business abides by the applicable municipal requirements;
     
  • the transactional activity (e.g. use of debit, credit, cash, etc.) is consistent with what is expected from other retailers or similar types of businesses; and
     
  • the types and amounts of the transactions conducted are consistent with what is known about the business (normal and expected activity for that business) and the industry itself.

It is up to each reporting entity to determine what is considered acceptable for its business operations.

Finally, while cannabis will be legal in Canada, this may not be the case for other countries and FINTRAC can only emphasize the importance of meeting the obligations as outlined in a country’s laws and regulations when operating in, or transacting with, that country.

Date answered: 2018-10-17

PI Number: PI-8756

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Regulations: 71(1), 71.1

Act: 9.6

Legalized Cannabis and the risk-based approach

Question:

What are the expectations for accounts related to legal cannabis businesses? Will FINTRAC accept a risk-based approach on the accounts themselves or will you expect us to consider them high risk regardless of the individual risk assessments?

Answer:

Pursuant to sections 9.6(1) and (2) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and subsection 71(1)(c) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), all reporting entities are required to assess the risk of money laundering and terrorist activity financing offences associated with their business and product lines, taking into consideration:

  • their clients and business relationships;
  • their products, services, and delivery channels;
  • the geographic location of their activities;
  • new technologies and their impact on their clients, business relationships, products, delivery channels, or the geographic location of their activities;
  • in the case of a financial entity, life insurance company, or securities dealer, their foreign and domestic affiliates that carry out similar activities; and
  • other relevant factors.

That being said, there are no special or additional requirements under the PCMLTFA or its associated Regulations regarding legal cannabis businesses.

However, when a reporting entity considers opening an account for a legal cannabis business, as for any business, they must assess and document the risk(s), taking the above into consideration, as part of their compliance program’s policies and procedures and risk-based approach. In addition, they must implement measures to mitigate against any risk identified, as applicable, in a manner that is appropriate for, and tailored to, their business operations.

If it is determined that the risks associated with a particular business are high, then pursuant to section 9.6(3) of the PCMLTFA they must take enhanced measures as outlined in section 71.1 of the PCMLTFR, which include taking additional steps to identify individuals and confirm the existence of entities, conduct ongoing monitoring on a more frequent basis, and take any other additional measures to mitigate risks.

Date answered: 2018-10-17

PI Number: PI-8754

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Regulations: 71(1), 71.1

Act: 9.6

Ongoing compliance training program

Question:

Can you kindly advise if a real estate brokerage must continue to have updated FINTRAC training for all of its agents every 2 years, if the brokerage already has a compliance program in place and all agents have been trained on the program.

I understand that the brokerage must complete a risk assessment every 2 years, but am unsure if all agents must also undergo additional formal FINTRAC training as well every 2 years.

Answer:

Pursuant to subsection 9.6(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), every real estate broker or sales representative is required to establish and implement, in accordance with the regulations, a program intended to ensure their compliance with Part 1 and Part 1.1. of the PCMLTFA. For this purpose, paragraph 71(1)(d) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) specifies that if the real estate broker or sales representative has employees, agents or mandataries or other persons authorized to act on their behalf, they are required to develop and maintain a written ongoing compliance training program for those employees, agents or mandataries or other persons. Paragraph 71(1)(e) of the PCMLTFR further requires that they must institute and document a review of the policies and procedures, the risk assessment and the training program for the purpose of testing their effectiveness, which review is required to be carried out every two years by an internal or external auditor, or by the real estate broker or sales representative if they do not have such an auditor.

While the training program is a component of the overall compliance program, it also has obligations specific to it. Namely, as outlined in FINTRAC’s guidance: Compliance program requirements, the training program must be reviewed and adjusted on an ongoing basis and in a timely manner based on the business needs. It is for each real estate broker or sales representative to determine what is considered an appropriate “ongoing basis” for its business. However, it should be noted that the frequency cannot be never.

In addition, every two years, at a minimum, the real estate broker or sales representative is required to conduct a review of the business’ overall compliance program, of which the training program is a part. As specified in FINTRAC’s guidance: Compliance program requirements, the review must be designed to allow for the identification and documentation of any gaps and weaknesses within the real estate broker or sales representative’s compliance program to ensure that the business is effectively detecting and preventing the risks of money laundering and terrorist activity financing, as well as to ensure that the prescribed requirements under the PCMLTFA and its associated Regulations are fulfilled.

If, as a result of the review, any internal or external factors have an impact on the compliance program of the real estate broker or sales representative, such as any changes to the business model, the introduction of new products or services, or emerging trends or vulnerabilities of money laundering and terrorist activity financing, then changes to the training program may be necessary in order for it to be up to date and effective. The real estate broker or sales representative must ensure that their training program is updated accordingly and that all employees, agents or mandataries or other persons (which include the “front line” as well as senior management) receive the appropriate training in relation to their functions and duties within the business. For employees, agents or mandataries or other persons that have already been trained and where the training program in place is up to date and effective, they could receive, as an example, training that focuses only on the changes.

Therefore, the training program can be updated and provided at any moment and it does not need to be tied to the two-year review.

Date answered: 2018-03-07

PI Number: PI-8457

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Guidance: Compliance program requirements

Regulations: 71(1)(d)

Act: 9.6(1)

Senior level and senior management

Question:

I am seeking clarification regarding the requirement for reporting entities to appoint a compliance officer as part of their compliance program obligation under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations. Specifically, I would like to know what constitute a senior level and senior management.

Answer:

Pursuant to subsection 9.6(1) of the PCMLTFA, “every person or entity referred to in section 5 shall establish and implement, in accordance with the regulations, a program intended to ensure their compliance with Part 1 and Part 1.1”. Paragraph 71(1)(a) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) states that “a person or entity referred to in that subsection shall, as applicable, implement the compliance program by […] appointing a person — who, where the compliance program is being implemented by a person, may be that person — who is to be responsible for the implementation of the program”.

FINTRAC’s Guidance: Compliance program requirements further explains at section 1, Compliance officer, that “Depending on the size of your business, you could be the compliance officer or it could be another individual, such as:

 

  • a senior manager, the owner or the operator of your small business; or
  • someone from a senior level who has direct access to senior management and the board of directors of your large business”.

A senior officer is defined at subsection 1(2) of the PCMLTFR and means, in respect of an entity (if applicable):
(a) a director of the entity who is one of its full-time employees;
(b) the entity’s chief executive officer, chief operating officer, president, secretary, treasurer, controller, chief financial officer, chief accountant, chief auditor or chief actuary, or any person who performs any of those functions; or
(c) any other officer who reports directly to the entity’s board of directors, chief executive officer or chief operating officer.

Therefore, for large business, it is FINTRAC’s expectation that the compliance officer should operate in the capacity of a senior officer and have direct access to those who manage and control the business.

Date answered: 2017-11-15

PI Number: PI-8152

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Guidance: Compliance program requirements

Regulations: 1(2)

Act: 9.6(1)

Medicinal marijuana Business

Question:

We would like to know if FINTRAC has any recommendations for financial entities who are considering opening accounts or providing loans to medicinal marijuana businesses, specifically in regards to their risk assessment and ongoing monitoring obligations as per the Proceeds of Crimes (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations.

Answer:

Before addressing your main enquiry, please note that FINTRAC’s mandate extends to the administration of the PCMLTFA and its associated Regulations. While reporting persons or entities subject to Part 1 and Part 1.1 of the PCMLTFA are required to comply with their obligations outlined therein, they may choose to establish and implement policies and procedures that go beyond the requirements of the PCMLTFA and its associated Regulations. FINTRAC cannot comment on specific business practices or decisions, and as such, I will only reference the requirements outlined within the PCMLTFA and its associated Regulations in my response.

Pursuant to subsection 9.6(1) of the PCMLTFA, “every person or entity referred to in section 5 shall establish and implement, in accordance with the regulations, a program intended to ensure their compliance with Part 1 and Part 1.1”. Subsection 9.6(2) of the PCMLTFA further specifies that “the program shall include the development and application of policies and procedures for the person or entity to assess, in the course of their activities, the risk of a money laundering offence or a terrorist activity financing offence”. In that regard, paragraph 71(1)(c) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) requires reporting persons or entities to implement a compliance program that assesses and documents, in a manner that is appropriate for the person or entity, the risk referred to in subsection 9.6(2) of the Act, taking into consideration:

(i) the person’s or entity’s clients and business relationships,
(ii) the person’s or entity’s products and delivery channels,
(iii) the geographic location of the person’s or entity’s activities,
(iii.1) any new developments in respect of, or the impact of new technologies on, the person’s or entity’s clients, business relationships, products or delivery channels or the geographic location of their activities,
(iii.2) in the case of an entity that is referred to in any of paragraphs 5(a) to (g) of the Act, any risk resulting from the activities of an entity that is affiliated with it and that is referred to in any of those paragraphs or from the activities of a foreign entity that is affiliated with it and that carries out activities that are similar to those of entities referred to in any of those paragraphs, and
(iv) any other relevant factor.

As a result, when a financial entity considers opening an account for a medicinal marijuana business, such activities must be taken into account as part of their compliance program’s policies and procedures and risk-based approach. A reporting person or entity must undertake an assessment of risk related to money laundering and terrorist financing offences associated with their clients and business relationships and then implement measures to mitigate the risks, in a manner that is appropriate for, and tailored to, their business operations. Pursuant to subsection 9.6(3) of the PCMLTFA, if a financial entity considers that the risks associated are high, they must take the prescribed special measures outlined in section 71.1 of the PCMLTFR, which includes conducting ongoing monitoring on a more frequent basis.

With that being said, there are no special or additional requirements under the PCMLTFA and its associated Regulations specifically regarding these types of businesses. FINTRAC does not prescribe who a financial entity can or cannot provide financial services to, and as such, it is up to the financial entity to determine what is considered acceptable for its business operations.

Date answered: 2017-09-08

PI Number: PI-8122

Activity Sector(s): Accountants, British Columbia notaries, Casinos, Dealers in precious metals and stones, Financial entities, Life insurance, Money services businesses, Real estate, Securities dealers

Obligation(s): Compliance Program

Regulations: 71(1)(c)

Act: 9.6(1)

No requirement to record a Yes/No check box for identification purposes

Question:

Do credit unions need to include in records an actual Yes or No check box confirming that the person's identity was verified or do robust policies and procedures fulfill the obligation?

Answer:

The new methods to ascertain the identity of individual clients are detailed at subsection 64(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR). For all of the new identification methods, certain information must be verified in order to ascertain the identity of a client.

There are specific record keeping requirements outlined at section 64.2 of the PCMLTFR, that prescribe the information that must be kept when ascertaining identity. While a Yes or No check box confirming that a person’s identity was verified is not included in the prescribed information, there is a requirement to record the date on which an identification method was used and the information relating to the method used.

Additionally, as part of its compliance program, a financial entity must have written policies and procedures for client identification. The policies and procedures must be clearly communicated, understood and adhered to by all who deal with clients. 

Therefore, while a financial entity is not required to include a Yes or No check box confirming that a person’s identity was verified, a financial entity is required to document its policies and procedures for client identification, and keep accurate records, as per section 64.2 of the PCMLTFR.

Date answered: 2017-03-13

PI Number: PI-7658

Activity Sector(s): Financial entities

Obligation(s): Compliance Program, Record Keeping

Guidance: Record keeping requirements for financial entities

Regulations: 64(1), 64.2

Operational Briefs and Alerts - Verification of list

Question:

I would like to obtain more information about the Operational Alert: Identification of higher risk currency exchange houses in Daesh - accessible territory in Iraq. Specifically, should Credit Unions compare the names listed in this brief to the names of members in the credit union, and would this comparison be just like the terrorist name/entity compare?

Answer:

Operational Briefs and Alerts provide indicator-based information for reporting entities on specific money laundering and terrorist financing issues, with a focus on methods, threats, and vulnerabilities. These products are intended to support reporting entities in meeting their compliance obligations, to assist them with factors to consider in their risk assessments, and provide an additional information resource when they consider their need for possible risk mitigation.

More specifically, this Operational Alert provides specific guidance to Canadian reporting entities about named foreign financial entities (noted in Appendix A) through which the Canadian financial system could be exposed to Daesh-related terrorist financing. In this context, FINTRAC is reminding all reporting entities subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations of their obligations to submit suspicious transaction reports (STR) and terrorist property reports (TPR) to FINTRAC and to risk assess their clients accordingly.

The requirement to report an STR to FINTRAC is identified at section 7 of the PCMLTFA, which states that “Subject to section 10.1, every person or entity referred to in section 5 shall report to the Centre, in the prescribed form and manner, every financial transaction that occurs or that is attempted in the course of their activities and in respect of which there are reasonable grounds to suspect that
(a) the transaction is related to the commission or the attempted commission of a money laundering offence; or
(b) the transaction is related to the commission or the attempted commission of a terrorist activity financing offence”.

Regarding the TPR obligation, subsection 7.1(1) of the PCMLTFA stipulates that “every person or entity referred to in section 5 that is required to make a disclosure under section 83.1 of the Criminal Code or under section 8 of the Regulations Implementing the United Nations Resolutions on the Suppression of Terrorism shall also make a report on it to the Centre, in the prescribed form and manner”. FINTRAC’s Guideline 5: Submitting Terrorist Property Reports to FINTRAC, and FINTRAC’s website further indicate that a TPR must be sent to FINTRAC, without delay, when reporting entities have property in their possession or control that they know is owned or controlled by or on behalf of a terrorist or a terrorist group.

As part of its compliance program and in accordance with paragraph 71(1)(c) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), a reporting entity must assess and document its risks in relation to money laundering offences or terrorist activity financing offences. The risk assessment must take into consideration the reporting entity’s: 
• clients and business relationships,
• products and delivery channels,
• geographic location of its activities, and
• any other relevant factor(s).

Therefore, to answer your question, in order to meet the obligations outlined within the PCMLTFA and its associated Regulations, it is recommended that reporting entities compare the names listed in Appendix A to current and future clients. Clients should be assessed as high-risk as applicable, and prescribed special measures must be applied, as required under section 71.1 of the PCMLTFR.

Date answered: 2017-03-07

PI Number: PI-7660

Activity Sector(s): Financial entities

Obligation(s): Verifying identity, Compliance Program, Reporting

Guidance: Compliance Program, 5

Regulations: 71(1)c)

Act: 7, 7.1(1)

Training program for the board of directors

Question:

I am seeking clarification concerning the compliance training program requirements. More specifically, I am asking whether a financial entity’s board of directors is required to receive training.

Answer:

Pursuant to subsection 9.6(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), every reporting entity is required to establish and implement, in accordance with the regulations, a program intended to ensure their compliance with Part 1 and Part 1.1. of the PCMLTFA. For this  purpose, subsection 71(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), specifies that if the reporting entity has employees, agents or mandataries or other persons authorized to act on their behalf, they are required to develop and maintain a written ongoing compliance training program for those employees, agents or mandataries or other persons.

Subsection 71(1) of the PCMLTFR further requires that a review of the training program, along with the policies and procedures and the risk assessment, must be carried out every two years to test the effectiveness. The findings, any updates, and the status of implementation of the updates must be reported to a senior officer in written form within 30 days of the review. A senior officer, in respect of an entity, is defined at subsection 1(2) of the PCMLTFR as:
(a) a director of the entity who is one of its full-time employees;
(b) the entity’s chief executive officer, chief operating officer, president, secretary, treasurer, controller, chief financial officer, chief accountant, chief auditor or chief actuary, or any person who performs any of those functions; or
(c) any other officer who reports directly to the entity’s board of directors, chief executive officer or chief operating officer.

As indicated in FINTRAC’s guidance, a training program is required to ensure that all those who have contact with clients, who see client transaction activity, who handle cash or funds in any way or who are responsible for implementing or overseeing the compliance regime understand the reporting, client identification and record keeping requirements. This includes those at the "front line" as well as senior management.

Therefore, to answer your question, while it is encouraged to do so, a Board of Directors is not required to complete a financial entity’s training program if it does not carry out any of the financial entity’s activities and does not operate in the capacity of the senior officer.

Date answered: 2016-10-25

PI Number: PI-7651

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2), 71(1)

Act: 9.6(1)

Obligations for real estate if they do not accept/receive funds

Question:

What are the FINTRAC compliance and reporting requirements, if any, for real estate brokerages and real estate agents if they do not accept, receive, or retain any funds or money of any kind from their clients?

Answer:

Pursuant to section 37 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), every real estate broker or sales representative is subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) when they act as an agent in respect of the purchase or sale of real estate.

As a reporting entity subject to the PCMLTFA and its associated Regulations, a real estate broker or sales representative is required to have a compliance regime, ascertain identification, keep records, and report to FINTRAC. Information on all of these obligations is available in the guidelines FINTRAC has issued. In particular, I would direct you to the compliance regime requirements as these are not further detailed below.

It should first be noted that I have refrained from outlining the receipt of funds and large cash transaction obligations, based on the information you provided, namely that the real estate broker or sales representative does not accept funds/money. You may wish, though, to review these requirements, outlined in section 39 of the PCMLTFR. I also encourage you to review all of the Regulations and the guidance available, as I have only summarized these briefly below.

Every real estate broker or sales representative, while engaging in an activity described in section 37 of the PCMLTFR, must keep a client information record in respect of every purchase or sale of real estate (paragraph 39(1)(b) of the PCMLTFR). The client information record sets out a client’s name and address and
(a) if the client is a person, their date of birth and the nature of their principal business or their occupation, as applicable; and
(b) if the client is an entity, the nature of their principal business.

Furthermore, pursuant to subsection 10(1) of the PCMLTFR, where a real estate broker or sales representative is required to keep a client information record, they must make a third party determination, and as required by subsection 59.2(1) of the PCMLTFR, they must:
(a) in accordance with subsection 64(1), ascertain the identity of every person who conducts the transaction;
(b) in accordance with section 65, confirm the existence of and ascertain the name and address of every corporation on whose behalf the transaction is conducted and the names of its directors; and
(c) in accordance with section 66, confirm the existence of every entity, other than a corporation, on whose behalf the transaction is conducted.

There also exist requirements for real estate brokers or sales representatives when one or more of the parties to the real estate transaction are not represented. These are outlined in subsections 59.2(3) and (4) of the PCMLTFR.

You have indicated that a real estate broker or sales representative may not receive any funds/money, so the large cash transaction and receipt of funds obligations may not be triggered, but this does not negate the possibility of a suspicious transaction report, as this may be triggered by aspects of the real estate transaction unrelated to the receipt of money/funds involved. Suspicious transaction obligations are further outlined in subsection 53.1(1) of the PCMLTFR.

Date answered: 2016-02-18

PI Number: PI-6393

Activity Sector(s): Real estate

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 10(1), 37, 39, 53.1(1)

Act: Part 1

DPMS compliance regime

Question:

What are the compliance regime requirements specific to dealers in precious metals and stones (DPMS)? More specifically, is a DPMS required to include, in its compliance regime, policies and procedures for identification methods it will not be carrying out?

Answer:

Once a DPMS conducts the triggering activity of $10,000 or more in a single transaction, and is subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations, the DPMS has the obligations outlined therein. Generally speaking, where a reporting entity does not conduct a particular type of transaction, we would not expect the reporting entity to include, in its compliance program, policies and procedures associated with that transaction. We would, however expect a reporting entity to include language to substantiate the lack of policies and procedures for a particular obligation. For example, an online entity that never accepts cash could include a line to that effect (e.g., we do not conduct cash transactions.). This ensures that all employees of the reporting entity are aware of the policies and practices of the entity, and also serves to explain why there are no procedures in place for cash transactions.

That said, pursuant to subsection 53.1(1) of the Proceeds and Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), except if the identity has been previously ascertained as required by the PCMLTFR, every person or entity that is subject to the PCMLTFR shall take reasonable measures to ascertain, in accordance with subsection 64(1), the identity of every person with whom the person or entity conducts or attempts to conduct a transaction that is required to be reported to the Centre under section 7 of the PCMLTFA. There is, however, an exception to this, outlined in subsection 53.1(2) of the PCMLTFR, that stipulates that subsection 53.1(1) of the PCMLTFR does not apply if the person or entity believes that complying with that subsection would inform the person that the transaction and the related information is being reported under section 7 of the Act. The requirement is, first and foremost, to take reasonable measures to ascertain the identity of a person or entity party to a suspicious transaction. As such, the reporting entity is required to have in place policies and procedures specific to these reasonable measures. Should an entity determine, on a case-by-case basis, that to comply with subsection 53.1(1) of the PCMLTFR, by implementing said reasonable measures, would inform the person that the transaction and the related information is being reported under section 7 of the Act, then the reporting entity is not required to carry out the reasonable measures, for the case in question.

Date answered: 2015-12-10

PI Number: PI-4438

Activity Sector(s): Dealers in precious metals and stones

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 39.1, 53.1

Act: Part 1, 7

Risk matrix

Question:

Concerning the record-keeping requirements for life insurance companies, brokers and financial entities, could you provide us with information on the requirement to include the creation of a risk matrix where clients are rated based on various factors?

Answer:

It is first important to note that only reporting entities, as outlined in section 5 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), are subject to the requirements of the PCMLTFA and its associated Regulations. Reporting entities include accountants, British Columbia notaries, casinos, dealers in precious metals and stones, financial entities, money services businesses, real estate brokers and sales representatives, securities dealers, and finally life insurance companies, brokers and agents.

That said, in 2008, the Government of Canada introduced amendments to the PCMLTFA and its Regulations to enhance the Canadian anti-money laundering and anti-terrorism financing (AML/ATF) regime. As part of these amendments, the Risk-Based Approach (RBA), which requires reporting entities to conduct assessments of their exposure to money laundering and terrorism financing risk using a number of prescribed criteria, was introduced.

As a result, FINTRAC has published Guidance on the Risk-Based Approach to Combatting Money laundering and Terrorist Financing. This guidance document is structured to help reporting entities better understand what the RBA is and take inventory of their risks relating to products, services and delivery channels, clients and business relationships, geography and other relevant factors. It will also help in implementing effective mitigation measures and in monitoring the money laundering and terrorist financing risks reporting entities may have or encounter as part of their activities and business relationships. To help reporting entities assess business and relationship-based risks, FINTRAC provides an example of a likelihood and impact matrix tool in Annex C of the Guidance document.

Date answered: 2015-12-07

PI Number: PI-6384

Activity Sector(s): Life insurance

Obligation(s): Compliance Program

Guidance: Compliance Program

Act: 5

9.7(3) - Subsidiary of the subsidiary

Question:

Our question is regarding subsection 9.7(3) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).

FINTRAC has previously indicated that subsection 9.7(1) does not apply to subsidiaries of subsidiaries. However, would FINTRAC still expect that the parent would be covering the subsidiary of the subsidiary? In other words, would the subsidiary of the subsidiary still be covered by the policies of the parent of its parent?

For example, Parent A has foreign subsidiary B. Foreign subsidiary B has subsidiary C.

Answer:

Subsection 9.7(3) of the PCMLTFA provides exemptions for
(a) an entity that is a subsidiary of an entity to which subsection 9.7(1) applies; or
(b) an entity that is a subsidiary of a foreign entity that has developed policies that establish requirements for its subsidiaries that are similar to the requirements of sections 6, 6.1 and 9.6, if that subsidiary is applying those policies to the extent it is permitted by, and do not conflict with, the laws of Canada or a province

Based on your example, the exemption applies to foreign subsidiary B which does not have to develop policies for its subsidiary C. It is also clear that Parent A will have to develop policies to foreign subsidiary C, but only if foreign subsidiary C carries out activities similar to those of entities referred to in paragraphs 5(a) to (g), and that is either wholly-owned by Parent A or has financial statements that are consolidated with Parent A.

Specifically, in respect to paragraph 9.7(3)(b) of the PCMLTFA,

  1. Foreign Parent B has a Canadian subsidiary D, and the Canadian subsidiary D has a foreign subsidiary E. In the case where foreign subsidiary E is also owned by foreign Parent B, the exemption applies to Canadian subsidiary D which does not have to develop policies for its foreign subsidiary E. Foreign Parent B will develop policies to foreign subsidiary E. In the case where foreign subsidiary E is only owned by Canadian subsidiary D, the exemption under 9.7(3)(b) of the PCMLTFA will not apply and Canadian subsidiary D will be required to develop policies for its foreign subsidiary E.
  2. Although Canadian subsidiary D is a reporting entity subject to the PCMLTFA and its associated Regulations, its policies developed by foreign Parent B can be acceptable if they are tailored to its Canadian reality. That means that FINTRAC would find Canadian subsidiary D’s policies compliant if they are not in conflict with the PCMLTFA and its associated Regulations, even if they were developed by foreign Parent B.

Date answered: 2015-11-19

PI Number: PI-6373

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Act: 9.7(3)

Compliance program for a group plan

Question:

Should the sponsors of group insurance plans set up a compliance program? For example, does an insurer that offers a bundle including life insurance, prescription drug insurance and dental insurance have to set up a compliance program even though life insurance only costs a fraction of the total package?

Answer:

The legislative obligations described in the Proceeds of Crime (Money Laundering) and Terrorist Financing Act are applicable to life insurance companies, brokers and agents.

Subsection 1(2) of the Regulations defines life insurance broker or agent as “a person or entity that is registered or licensed under provincial legislation to carry on the business of arranging contracts of life insurance."

This subsection also defines life insurance companies: “means a life company or foreign life company to which the Insurance Companies Act applies or a life insurance company regulated by a provincial act.“

This means that if life insurance brokers or agents are registered or licensed under provincial legislation to arrange life insurance contracts, they are subject to the PCMLTFA. If life insurance companies are subject to the Insurance Companies Act, they are subject to the PCMLTFA.

If one of the above definitions applies to a person or an entity, that person or entity is subject to the PCMLTFA and has the following obligations, regardless of the type of products offered. It must report significant cash transactions involving the receipt of $10,000 or more in cash and must keep large cash transactions records. it must report transactions performed or attempted regarding which there are reasonable grounds to suspect that they are related to an actual or attempted money laundering or terrorist financing offence. It must also do record-keeping, ascertain clients' identity, establish whether the person with whom one is dealing is a politically exposed foreign person, establish whether the person who submits the amount is acting on behalf of a third party and, finally, it must have a compliance program.

General exceptions are applicable to ascertaining identity, e.g. the purchase of an insurance policy that is exempt, namely a policy issued for purposes of coverage rather than investment in accordance with subsection 306(1) of the Income Tax Regulations; upon the purchase of a group life insurance policy having no surrender value or savings component; upon the purchase of an immediate or deferred annuity which is fully paid by means of the funds transferred directly from a registered pension plan or from the proceeds of a group life insurance policy or the purchase of a registered annuity contract or a registered retirement income fund; upon the purchase of a registered plan, including a locked-in retirement account, an RRSP, a retirement savings account, and any other registered plan; upon opening an account whose holder or settlor is a pension fund governed by a federal or a provincial law; or any transaction engaged in by a manager of a reverse income mortgage or a structured settlement.

Date answered: 2015-10-05

PI Number: PI-6363

Activity Sector(s): Life insurance

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2)

Sole proprietorship is considered to be a person

Question:

Could you specify whether a sole proprietorship is considered an entity for the purposes of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations?

Answer:

The PCMLTFA defines the term entity as “a body corporate, a trust, a partnership, a fund or an unincorporated association or organization.” Therefore, a sole proprietorship is not an entity. Instead, because a sole proprietorship is a business that is owned and operated by an individual, it is considered to be a person as defined by section 2 of the PCMLTFA.

Consequently, paragraph 11.1(1)(c) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) is not applicable as beneficial ownership information is not required, the record-keeping obligations for financial entities at paragraph 14(c)(ii) are not applicable but paragraph 14(c)(i) must be applied, and subject to section 62 and 63, financial entities must ascertain the identity of a sole proprietor as per paragraph 54(a). Paragraph 54(e) is not applicable in this situation.

Date answered: 2015-09-08

Answer updated on: 2019-07-16

PI Number: PI-6357

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 11.1(1)c), 14(c)(i), 54(a)

Act: 2

Obligations for new and old housing

Question:

Your website states "new" housing. What is in place to ensure real estate agents local or overseas, are reporting large cash purchases? Why does this not apply to all housing. What controls are in place to crosscheck this? If not old housing, is there anything in place on this going forward and examining past practices?

Does FINTRAC monitor ALL real estate deals, be it OLD or NEW? Or just new? If foreign agents are involved in the sale, what measures does FINTRAC undertake to ensure the validity of the transaction? Is this left to the agent to report? What expertise does the agent possess with money laundering transactions? Are they sufficiently trained to report such transactions to FINTRAC? Will FINTRAC look at reporting by agents in regards to foreign ownership more closely for ALL real estate transactions?

Answer:

On its website, FINTRAC provides a plain language interpretation of the obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated Regulations for each of the sectors identified under Part 1. In addition to the specific sector information, FINTRAC has written guidelines that outline in detail the requirements for each report, the record keeping and client identification requirements for each sector, and information on creating and maintaining a compliance regime.

Regarding the real estate sector, subsection 1(2) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) defines a real estate broker or real estate sales representative as “a person or entity that is registered or licensed under provincial legislation in respect of the sale or purchase of real estate.” Section 37 of the PCMLTFR further indicates that every real estate broker or sales representative is subject to Part 1 of the PCMLFTA when they act as an agent in respect of the purchase or sale of real estate.

Also included in the real estate sector, a real estate developer is defined as “on any given day in a calendar year, a person or entity who, in that calendar year and before that day or in any previous calendar year after 2007, has sold to the public, other than in the capacity of a real estate broker or sales representative,
(a) five or more new houses or condominium units;
(b) one or more new commercial or industrial buildings; or
(c) one or more new multi-unit residential buildings each of which contains five or more residential units, or two or more new multi-unit residential buildings that together contain five or more residential units.”

According to subsection 39.5(1) of the PCMLTFR, “Every real estate developer is subject to reporting obligations under Part 1 of the PCMLTFA when
(a) in the case of a person or of an entity other than a corporation, they sell to the public a new house, a new condominium unit, a new commercial or industrial building or a new multi-unit residential building; and
(b) in the case of an entity that is a corporation, they sell to the public a new house, a new condominium unit, a new commercial or industrial building or a new multi-unit residential building on their own behalf or on behalf of a subsidiary or affiliate.”

Therefore, in response to your query, the references to “new” housing, made in the sector profile page for the real estate sector, that you have identified, relate to real estate developers who sell new houses, new condominium units, new commercial or industrial buildings, and new multi-unit residential buildings. Real estate brokers and sales representatives, who act as an agent in the purchase or sale of existing real estate, are identified in the first paragraph of the sector profile page you referenced and are also obligated to report to FINTRAC in certain situations, such as when they receive cash in amounts of $10,000 or more.

In response to your second question, the definitions indicate that only real estate brokers and sales representatives, registered or licensed under provincial legislation, are required to report to FINTRAC, when they act as an agent in respect of the purchase or sale of real estate. As such, foreign real estate agents are only subject to the Act and Regulations if they are also registered or licensed under provincial legislation within Canada and only when they act as agents in the purchase or sale of real estate within Canada.

Regarding your question about whether real estate agents and developers are sufficiently trained to report to FINTRAC, subsection 71(1) of the PCMLTFR requires that reporting entities implement a compliance regime which must include, amongst other things, written compliance policies and procedures that are kept up to date, as well as a written ongoing compliance training program for all employees. The compliance regime is put in place to ensure reporting entities are aware of the record keeping, client identification, and reporting requirements under the Act and Regulations. As a result, it is up to the real estate broker, sales representative, and developer to ensure they are equipped to identify and accurately report information to FINTRAC when cash is received in an amount of $10,000 or more, when there are financial transactions that they have reasonable grounds to suspect are related to the commission of a money laundering offence or terrorist financing offence, including transactions that they have reasonable grounds to suspect are related to the attempted commission of a money laundering or terrorist financing offence, and when the transaction involves property that is owned or controlled by or on behalf of a terrorist or terrorist group.

Date answered: 2015-06-19

PI Number: PI-6317

Activity Sector(s): Real estate

Obligation(s): Compliance Program, Reporting

Guidance: Compliance Program

Regulations: 1(2), 37, 39.5(1)

Act: Part 1

Deposit Brokers or Mandatories of Financial Institutions

Question:

We are enquiring as to whether deposit brokers, operating on behalf of financial institutions, require a Chief Anti-Money Laundering Officer (CAMLO) or whether they fall under the compliance regime of the financial institutions, as they are the reporting entities?

Answer:

Only persons or entities outlined in section 5 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) are subject to Part 1 of the PCMLTFA. Registered Deposit Brokers are not reporting entities and are therefore not subject to Part 1 of the PCMLTFA. However, where they may act as the agent of a reporting entity, it is the reporting entity, as the one subject to the PCMLTFA, that is responsible for the appropriate application of the PCMLTFA and its associated Regulations.

In that respect, deposit brokers who operate as agents of financial institutions, would not be required to appoint their own CAMLO (compliance officer). As per paragraph 71(1)(a) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), the financial institutions, as the principal, are responsible for implementing a compliance regime and appointing a compliance officer who would be responsible for the policies and procedures as outlined in paragraph 71(1)(b) of the PCMLTFR. The deposit brokers would then be subject to the compliance regime established by the financial institutions.

Date answered: 2014-10-10

PI Number: PI-6249

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 71(1)(a), (b)

Act: Part 1, 5

Obligations of the real estate sector for the establishment of a compliance regime

Question:

  1. Are real estate agencies responsible for having their own compliance regime?
  2. Are real estate brokers who are not employees in the legal or fiscal sense, but who are brokers with an agency, required to have their own compliance regime?

Answer:

  1. Yes.

Pursuant to section 37 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (the Regulations), “Every real estate broker or sales representative is subject to Part 1 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the Act) when they act as an agent in respect of the purchase or sale of real estate.” Subsection 1(2) of the Regulations defines a real estate broker or sales representative as “a person or entity that is registered or licensed under provincial legislation in respect of the sale or purchase of real estate.”

Consequently, the agency (which meets the definition under subsection 1(2) is subject to Part 1 of the Act; therefore, under paragraph 9.6(1) of the Act, which stipulates that “Every person or entity referred to in section 5 shall establish and implement, in accordance with the regulations, a program intended to ensure their compliance with this Part and Part 1.1,” the agency must establish its own compliance regime.

  1. This depends on the agreements between the agencies and the brokers.

With respect to terminology, a distinction must be made between an employee and a self employed person under the regulations. Therefore, “If it is determined, based on the relationship between the broker and his/her firm, that the broker is self-employed, and given that a self-employed worker is not considered to be an employee (in accordance with the generally accepted criteria, for example, the parties’ intentions, performance of work, compensation, reporting relationship), the self-employed person would in fact be required to establish his/her own compliance regime.”

Here are some example situations to clarify this:
a) The broker is employed by a real estate agency.

  • For this to be the case, the broker must clearly be employed by the agency, and that is a question of fact. It depends on the intentions of the broker and the agency, including, for example, whether the broker’s salary is paid by the agency and whether the agency establishes the broker’s working conditions.
  • In this case, the agency must implement a compliance regime. Because the broker must follow the agency’s policies and procedures, he/she is not required to implement his/her own compliance regime; rather, he/she adheres to the employer’s compliance regime (which is the purpose of subsection 6(1) of the Regulations).

b) The broker is a self-employed person who works exclusively for the agency pursuant to an agreement to that effect (contract).

  • Once again, this is a question of fact and depends on the intentions of the broker and the agency. It applies, for example, if a written agreement exists according to which the broker acts solely on behalf of the agency, even though he/she is not an employee of the agency.
  • In this case, the agency must implement a compliance regime. Because the broker must follow the policies and procedures of the agency in accordance with the written agreement, he/she is not required to implement his/her own compliance regime; rather, he/she adheres to the employer’s compliance regime (which is the purpose of subsection 6(2) of the Regulations).

c) The broker is a self-employed person who is employed by the agency, but also works for him/herself, or the broker does not have an employment relationship or written agreement with any agency.

  • When a broker performs any tasks that are not under an agency’s control (for example, when acting as a broker for the sale of a property that he/she listed him/herself or when involved in the sale or purchase of property by an individual), the broker must establish his/her own compliance regime because he/she then becomes a reporting entity.

Date answered: 2014-10-03

PI Number: PI-6248

Activity Sector(s): Real estate

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2), 37

Act: Part 1

Compliance regime for DPMS sales agents that receive a commission

Question:

In the DPMS sector there are sales agents or agencies that are not employees of companies but are self employed. They work on commission from the orders they write for those supplier companies. They are not responsible for the invoice or collection of payment from the retailers they sell to. They submit orders to and receive a commission from the supplier of the products they sell. Do they need a compliance regime?

Answer:

As per subsection 1(2) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), a DPMS is defined as “a person or entity that, in the course of its business activities, buys or sells precious metals, precious stones or jewellery. It includes a department or agent of Her Majesty in right of Canada or of a province when the department or agent is carrying out the activity, referred to in section 39.1, of selling precious metals to the public. ”

Section 39.1 of the PCMLTFR indicates that once a DPMS engages in the purchase or sale of precious metals, precious stones or jewellery, in an amount of $10,000 or more in a single transaction, it is subject to Part 1 of the PCMLTFA.

Based on the information you provided, it would appear that the sales agents or agencies are not subject to PCMLTFA and do not require a compliance regime, as they are not directly engaged in the buying or selling of precious metals, precious stones or jewellery. Instead, this responsibility would fall upon the DPMS supplier companies who supply the commission to the sales agents or agencies.

Should the sales agents or agencies ever become directly involved in the sales of these products, for example, if they receive payment from the retailer on behalf of the supplier company, or if they provide the product directly to the retailer, then they would be subject to the PCMLTFA and the obligations outlined therein, which include establishing a compliance regime.

As a side note, if the DPMS supplier companies rely on the sales agents or agencies to meet their client identification obligations, as per section 64.1 (1) of the PCMLTFR, then the DPMS supplier companies are also responsible for ensuring that written agreements or arrangements are in place with the sales agents or agencies.

Date answered: 2014-09-30

PI Number: PI-6243

Activity Sector(s): Dealers in precious metals and stones

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2), 39.1, 64.1 (1)

Frequency and scope of scanning against OSFI list

Question:

Questions on the scanning of account holders to the OSFI list of Terrorist.

Is the scan of names required only for the account holders?

  • For a personal account, those individuals named on the account?
  • For a business account on the name of the business? on the beneficial owners 25% or more? Owners of any %? Or signing officer on the account?

Is there any stipulated requirement as to how often a terrorist scan of designated persons must be conducted?

Answer:

Pursuant to subsection 7.1(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), every person or entity referred to in section 5 that is required to make a disclosure under section 83.1 of the Criminal Code or under section 8 of the Regulations Implementing the United Nations Resolutions on the Suppression of Terrorism (RIUNRST) shall also make a report on it to the Centre, in the prescribed form and manner.

With regard to the question on the scanning of account holders to the OSFI list of Terrorist, I will start by referring you to the language of subsection 83.1(1) of the Criminal Code:
Every person in Canada and every Canadian outside Canada shall disclose without delay to the Commissioner of the Royal Canadian Mounted Police or to the Director of the Canadian Security Intelligence Service
(a) the existence of property in their possession or control that they know is owned or controlled by or on behalf of a terrorist group; and
(b) information about a transaction or proposed transaction in respect of property referred to in paragraph (a).

and of subsection 8 (1) of the RIUNRST:
Every person in Canada and every Canadian outside Canada shall disclose forthwith to the Commissioner of the Royal Canadian Mounted Police and to the Director of the Canadian Security Intelligence Service
(a) the existence of property in their possession or control that they have reason to believe is owned or controlled by or on behalf of a listed person; and
(b) information about a transaction or proposed transaction in respect of property referred to in paragraph (a).

The requirement is that the property in the reporting entity’s possession be “owned or controlled by or on behalf of” either

  • a “terrorist group”, where subsection 83.01 of the CC defines a terrorist group as
    (a) an entity that has as one of its purposes or activities facilitating or carrying out any terrorist activity, or
    (b) a listed entity, and includes an association of such entities. (and “entity” means a person, group, trust, partnership or fund or an unincorporated association or organization.)
     
  • Or a “listed person” which under RIUNRST means a person whose name is listed in the schedule in accordance with section 2, with the exception of the following:
    (a) the entities referred to in the Regulations Establishing a List of Entities; and
    (b) Usama bin Laden or his associates, or any person associated with the Taliban within the meaning of section 1 of the United Nations Al-Qaida and Taliban Regulations.

It should also be noted “property” does not stop at “account” but includes any type of real or personal property in your possession or control. This includes any deed or instrument giving title or right to property, or giving right to recover or receive money or goods, including funds, financial assets or economic resources. For example, cash, bank accounts, insurance policies, money orders, real estate, securities, and traveler’s cheques, precious metals and stones among other types of assets, are considered property.

From this, we understand that the requirements, for both business and personal accounts, extend beyond the account holder to include those who may control the account, and that scanning of OSFI or others lists in respect of accounts may not be sufficient as property does not stop at account.

With regard to the question about “how often a terrorist scan of designated persons must be conducted”, as soon as a reporting entity meets the requirements under section 7.1 (1) of the PCMLTFA - i.e. the person or entity is required to make a disclosure under section 83.1 of the Criminal Code or under section 8 of the RIUNRST, then they must also make a report to FINTRAC. Reporting entities are expected to make such reports once it is known that they are in possession of property owned or controlled by or on behalf of a terrorist group or a listed person, so while the PCMLTFA does not require reporting entities to perform specific scanning against lists nor does it prescribe any frequency to do so, the PCMLTFA does require Terrorist Property Reports to be sent to the Centre when they are required under the Criminal Code or the RIUNRST. In order to adequately produce those reports, then it would be expected that the reporting entities’ P&Ps would be in line with the legislative requirements of those Acts and regulations in order to also be compliant with the PCMLTFA.

Date answered: 2014-08-14

PI Number: PI-6216

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Act: 5, 7.1(1)

Clarification of subsections 71.1(a)and 71.1(b)of the PCMLTFR

Question:

I wonder why, in the following interpretation, its application is limited to taking reasonable measures to "keep client information up to date" (which clearly does not refer to information regarding the client's ID information, but rather information about the client).

And yet, if the legislator had wanted to restrict the updating solely to information about the individual, the wording "keep client information record," as defined in the PCMLTFR, could have been used.

However, paragraph 71.1(a)uses the wording "keep client identification information" which, in my view, refers to the client's identity in its broadest sense, namely

a) certain pieces of nominative information that must be kept (as stipulated in the clauses pertaining to record-keeping in sections 12 to 49 of the PCMLTFR); and
b) the notion of ascertaining the client's identity provided for in this section, as described in sections 53 to 67 of the PCMLTFR.

Moreover, with experience, most reporting entities adopt a special client re-identification policy (rather than simply updating their name, address, date of birth, phone number and occupation).

This broader interpretation is also in line with section 3 of the Act, since a formal re-identification is a good way of detecting and deterring money laundering.

Answer:

Section 71.1 of the PCMLTFR was amended and the new version took effect on February 1, 2014. To this end, and in order to respond to your question, we decided to go back over the facts presented in Policy Interpretation 804 and to re-interpret them in light of the new section.

In its risk assessment, the Caisse populaire identified certain at-risk accounts. It adopted a series of measures targeting these accounts, including a monthly review of account transactions and the updating, when necessary, of its clients' information. To do so, it contacts members directly in order to check whether they are still living at the same address and still have the same phone number and the same job. The information on the ID is not checked. Consequently, clients who opened their account prior to the legislative requirements, even if they are high-risk clients, have no information on file regarding their ID information.

In order to update client identity information, should the Caisse meet with clients face-to-face to confirm the ID documents on file?

Section 71.1 of the PCMLTFR stipulates as follows: "The prescribed special measures that are required to be taken by a person or entity referred to in subsection 9.6(1) of the Act for the purpose of subsection 9.6(3) of the Act are the development and application of written policies and procedures for

a) taking enhanced measures based on the risk assessment undertaken in accordance with subsection 9.6(2) of the Act to ascertain the identity of any person or confirm the existence of any entity in addition to the measures required in sections 54, 54.1, 55, 56, 57, 59 and 59.1, subsection 59.2(1), section 59.3, subsection 59.4(1) and sections 59.5, 60 and 61; and

b) taking any other enhanced measure to mitigate the risks identified in accordance with subsection 9.6(3) of the Act, including
(i) keeping client identification information and the information referred to in section 11.1 up to date; and
(ii) in addition to the measures required in sections 54.3, 56.3, 57.2, 59.01, 59.11, 59.21, 59.31, 59.41, 59.51, 60.1 and 61.1, conducting ongoing monitoring of business relationships for the purpose of detecting transactions that are required to be reported to the Centre under section 7 of the Act.

According to the PCMLTFR, the reporting entity is required to keep the identity information of its clients up to date, not re-identify the clients. The reporting entity must develop and implement policies and procedures aimed at ensuring that the identity information of its clients is kept up to date. Once a client is identified by the reporting entity as being high-risk, the frequency of ongoing control and client identity updating activities must be increased and other, more rigorous measures, must be taken, as required.

Client identification information depends on the information that the reporting entity needs to confirm or obtain from its clients and the records it is required to keep. Client identification information that needs to be updated generally includes:

  • for an individual, the individual’s name, address, telephone number and occupation or principal business;
  • for a corporation, its name and address and the names of the corporation’s directors; and
  • for an entity other than a corporation, its name, address and principal place of business.

Measures to keep client identification up to date include asking the client to provide information to confirm or update their identification information. In the case of an individual client, measures also include confirming or updating the information through the options available to ascertain the identity of individuals who are not physically present. In the case of clients that are entities, reasonable measures to keep client identification up to date include consulting a paper or an electronic document to confirm information, or obtaining the information verbally from the client. The reporting entity may also decide to update the information in other appropriate manners.

In the case of clients who opened their accounts prior to the legislative requirements, we have already indicated in previous policy interpretations, and we continue to affirm, that there are no legislative requirements that oblige the identification of clients who opened their accounts prior to the coming into force of our Act and its associated regulations, the reason being that legislative requirements cannot be retroactively applied. However, the reporting entity must nevertheless keep the information it has on these clients up to date.

To summarize:
71.1(a) is solely for verifying the identity of an individual or the existence of an entity. Hence, when verifying a client's identity, either face-to-face or by means of a combination of identification methods if the person is not physically present, the reporting entity must take additional measures (over and above those already in place for client identification) to verify the identity.

71.1(b) is simply designed to mitigate identified client risks by keeping client identification information (name, address, phone number and occupation or primary business) up to date.

Date answered: 2014-03-07

PI Number: PI-6115

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 71.1

Training requirement - Sole shareholder corporation

Question:

I would like clarifications on the requirement according to which a reporting entity with employees has to develop a written ongoing compliance training program. The entity in question is a dealer in precious metals and stones that has a single employee who is also the sole shareholder of the business. The business does not currently have a compliance regime.

Answer:

Subsection 9.6(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the Act) made it a requirement for every person or entity referred to in section 5 to establish and implement, in accordance with the regulations, a program intended to ensure their compliance with Part 1 of the Act. Paragraph 71(1)(d) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (the Regulations) stipulates that:

  • 71. (1) For the purpose of subsection 9.6(1) of the Act, a person or entity referred to in that subsection shall, as applicable, implement the compliance program referred to in that subsection by

(d) if the person or entity has employees, agents or other persons authorized to act on their behalf, developing and maintaining a written ongoing compliance training program for those employees, agents or persons;

In the above scenario, it is a matter of determining whether the sole stakeholder is an employee of the business. For example, does he or she receive a salary or another form of compensation, not including dividends paid from shares in the company. If he or she is considered as an employee, then a training program pursuant to paragraph 71(1)(d) of the Regulations must be developed and updated. However, we recommend that the training program be proportionate to the entity, i.e., if there is only one employee, there is no reason for the entity to develop an extensive training program. A simple program would suffice in this case.

Date answered: 2013-12-19

PI Number: PI-5666

Activity Sector(s): Dealers in precious metals and stones

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 71(1)(d)

Act: 9.6(1)

The Caisse - SWIFT electronic fund transfer compliance regime

Question:

As concerns the relationship between the Caisse and its members with respect to electronic fund transfers, the Caisse has confirmed that the Caisses populaires do not have an account at the Caisse. They do, however, have the option of opening foreign currency accounts in the books of the Caisse. Whenever an electronic fund transfer request is sent to the Caisse, the Caisse populaire must debit the member's account and credit this amount in their liquidity fund. If the member has a foreign currency account other than CAD or USD, however, the Caisse populaire does not need to debit the member's account. Once the electronic funds transfer is processed, the Caisse debits the liquidity fund in question or the member's foreign currency account, which is on the books of the Caisse.

If the transfer request is made through businesses or individuals accounts, the member's account is debited once the transaction is confirmed/signed. At the current time, the Caisse populaire receives a credit in the CAD or USD liquidity fund, which is debited once the electronic funds transfer is processed by the Caisse. Only in the case of a business account does the financial settlement take place at the Caisse.

Who is responsible for implementing a compliance regime for SWIFT electronic funds transfers?

Answer:

As regards the implementation of a compliance regime, FINTRAC expects the documentation, such as policies and procedures, as well as the risk-based approach, etc., to reflect the reality of each reporting entity, by taking into account the products and services that it provides for its clients. In other words, the Caisse needs to have a compliance regime that reflects the obligations associated with its SWIFT electronic funds transfer activities when it sends these funds on behalf of its clients (such as the Caisses populaires). It also means that the Caisses populaires must have a compliance regime that reflects the obligations associated with their electronic funds transfer activities when they forward, to the Caisse, electronic funds transfer requests from their clients (business clients or individuals).

In terms of responsibility for reporting electronic funds transfers, subsection 12(1)(b) of the Regulations reads as follows: "Subject to section 50 and subsection 52(1), every financial entity shall report the following transactions and information to the Centre (...) the sending out of Canada, at the request of a client, of an electronic funds transfer of $10,000 or more in the course of a single transaction, together with the information referred to in Schedule 2 or 5, as the case may be."

On the other hand, subsection 12(3) of the Regulations notes that "Paragraph (1)(b) applies in respect of a financial entity that orders a person or entity, to which subsection (1), 28(1) or 40(1) applies, to send out of Canada an electronic funds transfer made at the request of a client, unless it provides that person or entity with the name and address of that client." Hence, the Caisse populaire is not obliged to report the electronic funds transfer if it provides the Caisse with the client's name and address. In such cases, the electronic funds transfer is reported as a SWIFT electronic funds transfer by the Caisse, which must complete the following fields:

Outgoing SWIFT messages report information

Part A: Transaction Information
Part B: Information on Client Ordering Payment of Electronic Funds Transfer (in this case, an individual who is a client of the Caisse populaire)
Part C: Information on Person or Entity Sending Electronic Funds Transfer (in this case, the Caisse)
Part D: Information on Person or Entity Ordering Electronic Funds Transfer on Behalf of a Client (in this case, the Caisse populaire)
Parts E, F, G, H, I or J: As applicable
Part K: Information on Client to Whose Benefit Payment is Made
Part L: As applicable

Date answered: 2013-12-02

PI Number: PI-5656

Activity Sector(s): Financial entities

Obligation(s): Compliance Program, Reporting

Guidance: Compliance Program

Regulations: 12(1)(b), 12(3)

EFT and STR requirements

Question:

Since July 31, 2010, the Caisse populaire has positioned itself as a reporting entity. It is no longer a simple service provider.

One of the reasons for this change in status is the way SWIFTs are reported at FINTRAC. Prior to July 31, 2010, all SWIFT transfers received by FINTRAC were reported under the number of the reporting entity requesting the transfer for all 377 caisses populaires. Since July 31, 2010, all SWIFTs without exception have been entered under reporting entity number 1234.

Following one of our meetings as part of the review we are currently conducting for the entity, we confirmed that requests for SWIFT transfers can be done in three ways:

  • ABC (Online for clients who have an account at a credit union. This service is offered for clients with business or personal accounts)
  • In person at the credit union
  • Between caisses populaires (a client can go to a caisse populaire other than the one that holds his/her portfolio)

It should be noted that in all three ways of initiating the SWIFT, the Caisse populaire never meets with clients in person.

Our questions are as follows:

  1. Under these circumstances, which reporting entity is responsible for reporting suspicious transactions?
  2. Under these circumstances, which reporting entity is responsible for keeping records for each electronic funds transfer, as prescribed by subsection 66.1(2), in an amount of $1,000 or more sent at the request of a client?
  3. Under these circumstances, does the reporting entity have to add something to its policies and procedures, risk-based approach, etc?

Answer:

  1. Section 7 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act stipulates that, "Subject to section 10.1, every person or entity referred to in section 5 shall report to the Centre, in the prescribed form and manner, every financial transaction that occurs or that is attempted in the course of their activities and in respect of which there are reasonable grounds to suspect that
    (a) the transaction is related to the commission or the attempted commission of a money laundering offence; or
    (b) the transaction is related to the commission or the attempted commission of a terrorist activity financing offence."

    If the Caisse populaire have reasonable grounds to suspect that a financial transaction that occurs or that is attempted in the course of their activities is related to the commission or the attempted commission of a money laundering offence or a terrorist activity financing offence, a suspicious transaction report must be submitted to FINTRAC. They may have differing reasonable grounds to suspect.
     

  2. Subsection 14(m) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (the Regulations) stipulates that, "Subject to subsection 62(2), every financial entity shall keep the following records in respect of a transaction or the opening of an account other than a credit card account: [...] where, at the request of a client, it sends an electronic funds transfer, as prescribed by subsection 66.1(2), in an amount of $1,000 or more, a record of

    (i) if the client is a person, their name, address, date of birth and telephone number and the nature of their principal business or their occupation, as applicable,
    (ii) if the client is an entity, the name, address, date of birth and telephone number of the person initiating the transaction on behalf of the entity and the nature of that person’s principal business or their occupation, as applicable,
    (iii) the relevant account number, if any, and the reference number, if any, of the transaction and the date of the transaction,
    (iv) the name or account number of the person or entity to whom the electronic funds transfer is sent, and
    (v) the amount and currency of the transaction."

    This requirement applies to both reporting entities involved in the transaction because both reporting entities have each sent an electronic funds transfer. While the electronic funds transfer was reported by the Caisse populaire centrale (because it received the name and address from the caisse populaire), the caisse populaire still has to comply with its record keeping requirements.
     

  3. FINTRAC expects documents, such as policies and procedures, the risk-based approach, etc, to reflect the reporting entity's situation by taking into account the products and services it offers to its clients.

Date answered: 2013-09-13

PI Number: PI-5613

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Transaction reporting requirements, Compliance Program, Know your client requirements

Regulations: 14(m), 66.1(2)

Act: 7

2 year review

Question:

I am trying to obtain clarification on the specific time requirements for completion of the Bi-annual Review. Guideline 4 indicates the following:.
“Another component of a comprehensive compliance regime is a review of your compliance policies and procedures to test their effectiveness. The review has to be done every two years. It has to cover ……………”

One of the services ABC Ltd offer credit unions is an Effectiveness review of their Compliance Regime. Many credit unions completed their review in June of 2010. There is an unwritten understanding that the review must be completed by June 2012.

Is there any flexibility to have the review completed within the calendar year i.e in Sept 2012, November 2012 or must the review be completed by June 23, 2012. Our concern, and the concern of our client credit union, is non-compliance and their desire to be compliant with Regulations. If the review is completed within the calendar year, would this be considered compliant.

Any clarification that you can provide would be greatly appreciated.

Answer:

Paragraph 71(1)(e) of the Proceeds of Crime Money Laundering) and Terrorist Financing Regulations (PCMLTFR) states that a person or entity shall implement the compliance program by “instituting and documenting a review of the policies and procedures, the risk assessment and the training program for the purpose of testing their effectiveness, which review is required to be carried out every two years by an internal or external auditor of the person or entity, or by the person or entity if they do not have such an auditor”.

To add to this, subsection 37(1) of the Interpretation Act defines the expression “year” by “any period of twelve consecutive months”.

Based on the above, our position is that a review must be started no later than 24 months from the start of the previous one and completed prior to the start of the next review.

Date answered: 2012-07-19

PI Number: PI-5430

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 71(1)(e)

MLS Listings

Question:

Here is a summary:

  • We are a new real estate brokerage (no clients yet)
  • We will only offer $169 flat fee listings for private seller types
  • In the Listing Agreement, the seller agrees that the seller's lawyer will act as agent to negotiate offers, pay commission and hold deposits
  • Our sole responsibility is to maintain the MLS listing (we have no role in the offer process)

In our business model, then, the real estate lawyer acts as agent for the seller.

Since the real estate lawyer must collect FINTRAC information from the seller, do we still need to do it?

Answer:

If you are a real estate broker, you are subject to legislative obligations under the PCMLTFA when you act as an agent regarding the purchase or sale of real estate.

However, if your sole responsibility is to maintain the MLS listing, and if the agreement outlines that the mere poster is not acting as an agent in respect of the purchase or sale of real estate for the seller of the property, then the mere poster is not subject to the PCMLTFA and its associated Regulations.

Date answered: 2012-07-10

PI Number: PI-5426

Activity Sector(s): Real estate

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2)

Act: 5(j)

Agent/principal relationship

Question:

I have set out below the plans that are in place (or currently being negotiated)

  1. Current Position

ABC Inc. Canada is a Money Service Business and is registered under FINTRAC until November 2013.
We have a store handling full buy/sell foreign transactions and 230 plus stores/agents registered which are offering foreign currency pre order services along with 27 ATM's (offering four currency solutions a combination of CAD$, USD$, GBP, Euro and Mexican Peso) across Canada.

We have a full operational and money laundering training program in place for our store network which is ongoing.
We have a Compliance Manager and conduct audits of the stores to evaluate their level of compliance and take remedial action accordingly.
We have an action plan in place following an audit by FINTRAC in November 2011 and also have completed a Risk Document.

  1. Proposed Position

We are proposing to outsource the entire foreign exchange business to two separate organisations under a licensing agreement where they would continue to provide the services under the ABC Inc. brand name.

The full buy/sell store (one location only) would be managed by XYZ Inc. who already operates as a Money Service Business and would take over the administration and operation of the site including the FINTRAC regulation and training (The site is within ABC Inc. corporate building but a fully enclosed separate unit). All regulation and operation requirements would fall under the XYZ Inc. operation as they would take over the site and introduce their policies and procedures.

The existing pre order service through 230 plus locations along with the 27 ATMs would be managed by our current ATM provider (123 Technologies Inc) who currently have dealings with FINTRAC for ATM deployment but does not hold a Money Service Business arrangement for selling foreign currency services. This application is now being arranged.

123 Technologies Inc would take over the administration and operation of the pre order locations and take over the current policies and procedures introduced by ABc Inc. Canada as referred above (including all operational and compliance procedures, audits and risk documentation - two members of staff currently running the ABC Inc. Canada operation would join 123 Technologies Inc with one being the Compliance Manager.

It is envisaged that this licensing agreement will be initiated from 1 July 2012

  1. Clarification - with effect from 1 July 2012

123 Technologies Inc will now register all the locations in FINTRAC under their registration and complete all other information required on the company to complete FINTRAC documentation?

ABC Inc. Canada will remove all locations under their FINTRAC registration?

123 Technologies Inc will take responsibility and as part of the transition, ownership of all administration, operation, money laundering training, audit and risk assessment as relates to the stores operated under ABC Inc. Cook. This will be set out in the licensing agreement between ABC Inc. Canada and 123 Technologies Inc.

To summarize the employers at the pre order locations currently under ABC Inc. Canada FINTRAC registration will still be employed by ABC Inc. Canada, but all the functions associated with running that operation including the regulation will now be managed and the responsibility of 123 Technologies Inc. Please can you confirm the above steps are correct or what actions we will need to take between now and 1 July on 1 July and post 1 July that ensure all the correct details are filed with FINTRAC.

Answer:

It would depend on the nature of the contractual relationship between ABC Inc. Canada and the “two separate organisations under a licensing agreement”. As always, it is a question of fact.

As per paragraph 6(2) of the PCMLTFR, if there is an agent/principal relationship between ABC Inc. Canada and the two separate organizations, ABC Inc. Canada is still responsible to meet all requirements of the Act:

“where a person or entity who is subject to the requirements of these Regulations, other than a life insurance broker or agent, is an agent of or is authorized to act on behalf of another person or entity referred to in any of paragraphs 5(a) to (l) of the Act, it is that other person or entity rather than the agent or the authorized person or entity, as the case may be, that is responsible for meeting those requirements”.

If the contract makes the two separate organizations ABC Inc. Canada's agents (the two separate organizations will be the employees of ABC Inc. Canada), then ABC Inc. Canada would remain on the hook for the obligations (i.e. the usual rules for agents and employees, with the usual exception that the agent or employee might have a personal obligation to report STRs for which they have reasonable grounds themselves). ABC Inc. Canada must contact FINTRAC to list the two separate organizations as their agents.

If the contract states that the two separate organizations will provide services (i.e. reporting), then ABC Inc. Canada is still on the hook for all obligations. ABC Inc. Canada (or may be the two separate organizations) must contact FINTRAC to enter the two separate organizations as their service providers.

In addition, I would like to make a comment with respect to the training responsibility that will be “pass on” to the two separate organizations: paragraph 71(1)(d) of the PCMLTFR states that if ABC Inc. Canada “has employees, agents or other persons authorized to act on their behalf”, shall develop and maintain “a written ongoing compliance training program for those employees, agents or persons”.

Date answered: 2012-05-03

PI Number: PI-5405

Activity Sector(s): Money services businesses

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 6(2), 71(1)(d)

DPMS triggering activities

Question:

Operating as a secondhand/ pawnbroker for over 20 years. We loan money on numerous types of articles such as musical instruments, tools, audio/ video equipment as well as gold and precious metals in the form of jewellery.

The City of Edmonton has a bylaw in place whereas we are required to report any and all transactions (no matter how small or large) to the Edmonton Police Services. A report is transmitted to the police daily for their review. The information required to be reported is:
Full name, address, date of birth, description of person as well as the information from 2 pieces of government issued identification. A complete description of the article(s) received including serial numbers and or distinguishing markings. Also, the price paid for each article.

Since I have been in business I have never done a jewellery transaction (buying or selling) to an individual for even close to the $10,000 amount. Our records show the average transaction for the acquisition of jewelry to be less than $75.00 per transaction and the average jewellery sale to be under $200.00.

However, over the course of many years we have acquired a considerable amount of scrap jewellery. The only effective way of converting this inventory into revenue is to sell it in its present form to a licensed refiner.

So, my question is simple.
Am I subject to the reporting requirements of the legislation if I sell scrap jewellery to a refiner in excess of $10,000.00 in a single transaction.

Answer:

A dealer in precious metals and stones means an individual or an entity that buys or sells precious metals, precious stones or jewellery, in the course of its business activities. It is subject to the requirements (see 39.2, 39.3 of the PCMLTFR) if it is ever engaged in the purchase or sale of precious metals, precious stones or jewellery in an amount of $10,000 or more in a single transaction. In other words, it is not subject to these requirements if it is engaged only in purchases or sales of less than $10,000 per transaction.

If the entity conducts a single transaction of +10,000$ relating to the purchase or the sale of precious metals/stones, it becomes a DPMS.

The purchases or sales referred to above exclude those carried out for, connected with, or for the purpose of:

  • manufacturing jewellery;
  • extracting precious metals or precious stones from a mine; or
  • cutting or polishing precious stones.

In other words, if all of its purchases and sales are related to these manufacturing, extracting, cutting or polishing activities, it is not subject to these requirements.

To clarify the exemption to the triggering activities to become a DPMS, we look at the exception prescribed in s. 39.1 of the regulations:

"... other than such a purchase or sale that is carried out in the course of, in connection with or for the purpose of manufacturing jewellery, extracting precious metals or precious stones from a mine or cutting or polishing precious stones, is subject to Part 1 of the Act."

Although the purpose of the sale described is not "in the course of" or "for the purpose of" manufacturing for the entity's business, it is still considered "in connection with". Therefore, the exception applies to this entity if it does its due diligence to confirm that the customer will be using the precious metals for the purpose of manufacturing jewellery.

It is important to note that it is a question of fact to determine the nature of the transaction and not only the nature of its customers' business.

If the customer is a manufacturer but does not intend to use the purchase for manufacturing purposes, the exception does not apply.

So it is important for the entity to determine if the transaction is related to manufacturing jewellery, extracting precious metals or precious stones from a mine or cutting or polishing precious stones.

Date answered: 2012-02-20

PI Number: PI-5385

Activity Sector(s): Dealers in precious metals and stones

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2), 39.1

Obligations of a bank and its US service provider

Question:

The Bank is dealing with a US credit card company.

ABC Bank has entered into an agreement with a US supplier for the issuing of credit cards for Canadians. Through this agreement, the Bank is sponsoring the supplier for the issuance of credit cards bearing the Bank's identifier.

Under the agreement, it is the service provider that is responsible for setting up the policies, procedures and systems for the issuance and management of the credit cards, in accordance with applicable legislation and regulations, including the PCMLTFA and Regulations.

Essentially, the roles and responsibilities are shared as follows:

  • The Bank is the card issuer.
  • Credit cards issued are the property of ABC Bank.
  • The ABC Bank must be identified as the issuing bank on all the cards.
  • The supplier is responsible for client relations, in accordance with applicable legislation, including the PCMLTF Act and Regulations.
  • The supplier is responsible for enforcing policies and procedures to ensure compliance with regulations.

Hence, as we see it, although the Bank is responsible for the program to tackle PCMLTF within the framework of this agreement, it is the supplier who is in charge of managing the day-to-day operations, under the Bank's supervision.

Answer:

In response to the question from ABC Bank regarding the business model submitted by ABC Bank outlining the obligations of the bank and the US service provider (for the issuance of credit cards for Canadians).

The bank wants its supplier to 1) set up all the policies, procedures and systems for the issuance and management of the credit cards, in accordance with applicable legislation and regulations, including the PCMLTF Act and Regulations; 2) develop a written program to tackle CMLTF; and 3) be duly registered with FINTRAC as the bank's agent so that the supplier can report suspicious transactions (STRs) directly to FINTRAC.

Section 6(2) of the Regulations stipulates that “ (...) where a person or entity who is subject to the requirements of these Regulations, other than a life insurance broker or agent, is an agent of or is authorized to act on behalf of another person or entity referred to in any of paragraphs 5(a) to (l) of the Act, it is that other person or entity rather than the agent or the authorized person or entity, as the case may be, that is responsible for meeting those requirements.”

Furthermore, according to paragraph 71(1) (d) of the Regulations, if an entity “ (...) has employees, agents or other persons authorized to act on their behalf” it is responsible for “developing and maintaining a written ongoing compliance tracking program for those employees, agents or persons.”

It should be noted that a service provider cannot sort STRs. STRs, and the obligation to report them, are the responsibility of the reporting entity, in this case, the bank. It is up to the bank to decide whether or not they should be reported, and whether or not the transaction is suspicious.

However, if there is a clear delegation specifically dealing with STRs, and if the reporting entity chooses its delegate, this delegate may be responsible for reporting STRs to FINTRAC. Obviously, a service provider without delegation cannot sort STRs.

It is important to remember that, at the end of the day, responsibility lies with the reporting entity.

The bank must register its service provider with FINTRAC and declare it as being its agent or mandatory.

Date answered: 2012-01-13

PI Number: PI-5375

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Transaction reporting requirements, Compliance Program

Regulations: 6(2), 71(1)(d)

Appropriate approval of policies and procedures

Question:

Regarding 71 (1) (b) P&Ps approved by a senior officer.

A credit union has sent me their P&Ps but there is no indication it was approved by a senior officer. The Compliance Officer is a Senior Manager and reports to the VP of Risk Management. The question is what is the meaning of "approved". Is verbal, email sign off on P&Ps or the minutes of a meeting with the Board of directors approval of their P&Ps acceptable approval?

Answer:

71(1)(b) indicates that the P&Ps must be developed and applied, kept up to date and approved by a senior officer.

The definition in s. 1(2) of a Senior Officer in respect to an entity means (if applicable) - a full time director employed by the entity; the CEO, the chief operating officer, president, secretary, treasurer, controller, CFO, chief accountant, chief auditor or chief actuary, or any person who performs those functions or any other officer who reports directly to the entity's board of directors, CEO or chief operating officer. As long as the compliance officer fits in this definition, then he can approve the policies and procedures.

71(1)(b) does not specify what type (as in written, signed off etc.) of approval is required from the senior officer. Therefore, I believe that the approval may take any form... however, the burden of proof that it was effectively approved by a senior manager rests on the reporting entity.

As you are ensuring compliance with the Act, I feel that a signature, an email, or a paper trail would permit the regional officers to ensure that there was approval from a senior officer, especially in light of the fact that the policies and procedures are in writing.

Date answered: 2010-04-28

PI Number: PI-5354

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 1(2), 71(1)b)

Agent obligations in regards to training

Question:

Various entities are using or in the process of using agents or mandataries under 64.1. For example, the entire CPs network is in the process of implementing 64.1 with a myriad of car dealerships. Does 71(1)(d) apply to agents under 64.1? Section 71(1)(d) uses the word "agent" and "any other person authorized to act on their behalf". Section 64.1 does also use the word "agent". We would like to know if 71(1)(d) applies to 64.1?

Answer:

No, subsection 71(1)(d) does not apply to agents referred to in subsection 64.1. Unfortunately, subsection 64.1 refers to the term agent, however, the term utilized does not have the same meaning as the word agent in the context of subsection 71(1)(d) and training.

The term agent that is used within subsection 64.1 is only for the purpose of identifying on your behalf and represents only a very limited mandate that you give to someone else (and that person or entity does not act on your behalf... they only identifies for you). The term agent used in 71(1)(d) has a broader mandate as that person or entity that acts on your behalf.

Date answered: 2010-01-04

PI Number: PI-4759

Activity Sector(s): Financial entities

Obligation(s): Compliance Program

Guidance: Compliance Program, Methods to identify individuals and confirm the existence of entities

Regulations: 71(1), 64.1

Requirement for how compliance regime is documented.

Question:

Section 71(1)(d) requires that training includes "developing and maintaining a written ongoing compliance training program". What exactly do we mean by "written"? Is a written syllabus/curriculum/outline of what (subject-high level- not actual content), when, who, how, etc of the ongoing training that "will be" or "is" offered be sufficient? Or rather does having written documentation of the training content such as written documents, powerpoint slides, or videos, pamphlets, audio, etc. satisfy the "written" portion of the regulations?

Answer:

The regulations only indicate that the RE must develop training and maintain a written ongoing training as per subsection 71(1)(d), without giving much indication as what must be in writing exactly.

The guidelines however are more explicit and indicate the following:

Effective June 23, 2008, your training program has to be in writing and you have to maintain it. This means that the program itself has to be in writing, but the way the training is delivered does not have to be in writing. For example, you could deliver your training program using computer-based software, information sessions, face-to-face meetings, etc. You also have to ensure that your training program is reviewed and adjusted in a timely manner to reflect your needs.

Therefore, the process and the schedule (i.e. the plan) of the training should be in writing, however, not the training itself (i.e. the material).

Date answered: 2009-09-11

PI Number: PI-4676

Activity Sector(s): Real estate

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 71(1)(d)

Pre-authorized remittance

Question:

We have a situation where we have a number of Filipino contract workers who are working in remote areas and do not have access to a remittance service. These workers need to remit funds to their families in the Philippines on a monthly basis. These workers have requested the recruitment agency to do the remittance on their behalf. The workers will authorize their employer to deduct from their salaries the amount they intend to remit to their families. These funds will in turn be sent to the agency for remittance.

The agency came to us for assistance in implementing this plan. After assessing the risks involved and KYC requirements we have come up with the following suggested resolution:

  • ABC will appoint the agency to act as an agent for the workers.
  • the agency (agent) will require all workers to complete an ABC First Time Remitter Form, which will contain complete information on the worker. These info will also include a government issued ID. The agent will keep a copy of this form for his files and send another copy to ABC for our files.
  • for the first remittance transaction, each worker will be requested to complete and sign a remittance transaction form. This includes info on both the sender and recipient. For subsequent remittance transactions, a remittance transaction form will be completed by the agent based on instructions from the worker. All these forms will be signed by the agent and faxed to ABC for processing.
  • funds will be remitted to ABC by the agent.

Could you kindly review and analyze the foregoing and advise if it is acceptable for us to implement?

Answer:

Yes we agree with you that this entity appointed in the Philippines would be an agent of the principal MSB i.e. ABC. However, under our legislation, the principal has to list only its Canadian agents, and in this case, this agent is based in the Philippines (therefore would not have to be listed under our laws).

ABC as the principal MSB is responsible for the reporting and record keeping obligations, and they have to train their Canadian agents. However the principal has no obligation under our legislation to train their foreign agents (i.e. the agents that operate outside Canada). Having said this, to ensure that their agents working outside the country collect and report back the correct information, it would be a best practice for the principal to "train" or "instruct" their foreign agents on what is expected of them and what information should be collected by them, as ultimately the principal MSB will be responsible for all the legislative requirements.

In regards to client identification, they do not need a written agreement to that effect (as this is a MSB/agent relationship and not a mandate given to an "agent" to identify on your behalf).

Date answered: 2009-07-03

PI Number: PI-4621

Activity Sector(s): Money services businesses

Obligation(s): Compliance Program

Guidance: Compliance Program

Licensed agent's obligations

Question:

  1. If a life insurance agent is licensed, but not selling life insurance - are they responsible for having a compliance regime?
     
  2. When a life insurance agent/brokerage or company sells property and casualty insurance - as well as life insurance - my understanding is that you have given guidance indicating that the entity is responsible for the compliance regime STR/LCTR/TPR aspects of those products also, but that the client identity and record keeping obligations were not an issue. Am I correct?

Answer:

  1. The life insurance brokers and companies are simply covered because they are life insurance brokers or companies (as opposed to other sectors that either have triggering activities or because they hit a threshold and then they are covered.) Therefore even though they are not selling life insurance or have no clients per se, they would still have to put in place a compliance regime and report STRs.

    However, their compliance regime would be somewhat very limited if they have no clients and do not sell life insurance, i.e. probably very brief P&P's on STRs for example, a compliance officer and next to nothing in regards to their risk assessment.
     

  2. The entity is responsible for the compliance regime, STR and TPR - but not for the LCTR.

Date answered: 2009-04-29

PI Number: PI-4571

Activity Sector(s): Life insurance

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 6(2), 71(1)

Accountants, triggering activities vs public body

Question:

The firm conducts the triggering only for one client. The thing is that this client is a public body.

Now,

  • taking into account that paragraph 36(1)(a) of the PCMLTFR states that an accounting firm does not have to keep a Receipt of funds record when the amount is received from a financial entity or a public body;
  • Taking into account this means there is no ID requirement for this client in this case according to section 59.1 since this reporting entity does not have to keep a Receipt of funds record;
  • Taking into account subsection 36(2) of the PCMLTFR that states that an accountant firm does not have to keep a Large Cash Transaction Record when the amount is received from a financial entity or a public body;
  • Taking into account this means there is no ID requirement for this client in this case according to section 53 since this reporting entity does not have to keep a Large Cash Transaction Record;
  • Taking into account there is no LCT reporting requirement (section 35) if 10 000$ in cash is received from a public body.

The question is: does this reporting entity still need to have a compliance regime in place?

Answer:

Yes. As soon as a RE is conducting one of the triggering activities, it has to implement a compliance regime. STR and TPR requirements still apply. A RBA (among the other compliance regime elements) is also required despite the fact that the risk of ML/TF can be seen as minimal.

However, the nature,complexity and size of the business should be considered in designing the regime.

Date answered: 2009-04-17

PI Number: PI-4411

Activity Sector(s): Accountants

Obligation(s): Compliance Program

Guidance: Compliance program

Regulations: 35, 36(1)(a), 36(2), 53, 59.1, 71

Secondary signer & POA related issue

Question:

Accounting firm B has been appointed as the power of attorney for the client's personal account a while ago. However, they haven't exercised the power since they were appointed. Meantime, are they still subject to the Act (assuming this is the only potential triggering activity) & are required to have a compliance regime in place or are they only covered when the POA is exercised & funds are paid?

Answer:

No they are not covered by our Act, because the accounting firm has not yet been engaged in any of the triggering activities of subsection 34(1).

Date answered: 2009-03-06

PI Number: PI-4537

Activity Sector(s): Accountants

Obligation(s): Compliance Program

Guidance: Compliance Program

Regulations: 34(1)

Date Modified: