Canadian Anti-Money Laundering Requirements – Changes Effective June 1, 2021
On June 1, 2021, a series of regulatory amendments made to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the “PCMLTFA”) and regulations over the past few years will come into force, together with changes to guidance issued by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). Our prior summaries of the regulatory amendments can be found here and here, along with our summaries of the changes to the FINTRAC guidance issued in February, March and May 2021.
In particular, the following guidance has been updated by FINTRAC effective June 1:
- FINTRAC Guidance released February 2021:
- FINTRAC Guidance released March 2021:
- FINTRAC Guidance released May 2021:
- Compliance Program Requirements
- Methods to Verify the Identity of Persons and Entities
- Third Party Determination Requirements
- Reporting Terrorist Property
- Prepaid Payment Products and Prepaid Payment Product Accounts (new guidance)
- The 24-Hour Rule (new guidance)
- Travel Rule Requirements (new guidance)
The following summarizes the changes to the PCMLTFA, its regulations and the FINTRAC guidance effective June 1.
New Obligations with Respect to Prepaid Payment Products and Virtual Currency Transactions
1. Prepaid Payment Products/ Prepaid Payment Product Accounts
FINTRAC has provided new guidance applicable to financial entities (“FEs”), life insurance companies, and life insurance broker and agent entities that offer prepaid payment products (“PPPs”) to the public, or maintain prepaid payment product accounts (“PPPAs”).
PPPs are products issued by a FE which enable a person or entity to engage in a transaction by giving them electronic access to funds or to virtual currency (“VC”) paid into a PPP account held with the FE in advance of a transaction taking place. PPPs do not include products that enable a person or entity to access a credit or debit account, are issued for use only with particular merchants (for example, a retail store) or are issued for single use for the purposes of a retail rebate program.
PPPAs are accounts which are connected to a PPP that permit funds or VC totaling $1,000 or more to be added to the account within a 24-hour period, or a balance of funds or VC of $1,000 or more to be maintained.
PPPAs are subject to account opening obligations, like other types of accounts. As well, transactions carried out with PPPs connected to PPPAs are subject to transaction obligations. Similar to credit card accounts, PPP accounts will be subject to identity verification requirements before they are activated. Where a business opens a PPPA with a FE, that FE would have all of the obligations associated with that PPPA. Financial entities must identify account holders, authorized users, and anyone making payments of $1,000 or more to a PPPA. “Authorized users” are defined as persons who are authorized by a holder of a PPPA to have electronic access to funds or VC available in the account by means of a PPP that is connected to it.
FEs will be required to keep records of PPP account holders and authorized users, as well as PPP account transaction records. However, these record keeping requirements will not apply to a FE that is processing PPP payments on behalf of a merchant.
The following records need to be maintained by a FE:
- Record for every PPPA holder and every authorized user
- Every application related to the PPPA
- Every debit and credit memo created or received related to the PPPA
- Copy of every account statement sent to the holder of the PPPA
- “Prepaid payment product slip” for every payment made to the PPPA that includes:
- the date of the payment;
- the name of the person or entity that made the payment;
- the type and amount of each type of funds or each of the VCs involved in the payment;
- the method by which the payment was made;
- the name of each PPPA holder; and
- the account number and, if different, the number that identifies the PPP that is connected to the account.
Account Transaction Records
- Foreign currency exchange transaction ticket for every foreign currency exchange transaction
- VC exchange transaction ticket for every VC exchange transaction
- Record of the initiation of an international EFT of $1,000 or more that was requested by a person or an entity for which the funds were transferred from a PPPA
- Record of the final receipt of an international EFT of $1,000 or more that was remitted to a beneficiary by payment to a PPPA
- Record of the transfer of VC in amount equivalent to $1,000 or more from a PPPA
- Record of the receipt of VC in an amount equivalent to $1,000 or more that was remitted to a beneficiary by payment to a PPPA
2. Virtual Currency Transactions
All reporting entities (“REs”) will be required to submit a large VC transaction report (“LVCTR”) whenever the RE receives an amount equivalent to $10,000 or more in a single transaction, or in multiple transactions totaling $10,000 or more in a consecutive 24-hour period, subject to certain exceptions. The LVCTR must be submitted to FINTRAC within five business days of receiving the amount. As the Bank of Canada does not publish exchange rates for VC, the rate a RE has established for use in the normal course of business must be used to determine if the dollar threshold has been met.
REs will also be required to maintain the following records in respect of VC transactions and verify the identity of every person or entity involved in these transactions, as applicable:
- VC Transactions: All REs will be required to keep a large VC transaction record when receiving a VC amount of $10,000 or more. A large VC transaction record should consist of information similar to what is currently required for large cash transaction records, including information regarding any persons or entities involved in the transaction, the date on which the VC was received, the type and amount of each VC transaction, reference numbers and transaction identifiers, all sending and receiving addresses, the exchange rates used and their source, and information regarding any accounts affected by the transaction (for example, an account that provides the funds).
- VC Transfers and Exchange Transaction Tickets: FEs, MSBs and foreign MSBs will also be subject to record keeping requirements for VC transfers that are $1,000 or more. This will apply if the entity is transferring VC at the request of a person or entity, or is receiving VC for remittance to a beneficiary. The entity will also be subject to the travel rule when transferring VC. When receiving VC, an entity must take reasonable measures to ensure that the transfer includes the prescribed information. FEs, MSBs and FMSBs will also be required to keep VC exchange transaction tickets where VC is exchanged for funds, funds are exchanged for VC or one VC is exchanged for another, regardless of the amount.
REs will also have the obligation to make third party determinations when they are required to report a large VC transaction or to keep a large VC transaction record. In particular, this means that a RE must take reasonable measures to determine whether the person from whom they are receiving the VC is acting on behalf of a third party.
New Obligations for Designated Non-Financial Businesses and Professions
1. Politically Exposed Persons/ Heads of International Organizations Determination
Previously, only FEs, securities dealers, money services businesses (“MSBs”) and life insurance companies were required to determine whether their customers were politically exposed persons (“PEPs)/ heads of international organizations (“HIOs”).
As of June 1, 2021, all RE sectors, including accountants; departments and agents, or mandataries, of the Crown that accept deposit liabilities, sell money orders to the public or engage in the sale of precious metals to the public; British Columbia notaries; casinos; dealers in precious metals and precious stones; and real estate brokers or sales representatives and real estate developers, i.e designated non-financial businesses and professions (“DNFBPs”) will have PEP and HIO obligations under the PCMLTFA and its regulations. The PEP and HIO guidance issued by FINTRAC explains a RE’s obligations in relation to determining who is PEP, HIO or person related to or closely associated with them. The guidance applies to both foreign and domestic PEPs, unless otherwise specified.
There are also RE sector-specific PEP and HIO requirements, which can be found in the further guidance published. The account-based REs guidance applies to FEs, securities dealers and casinos. The non-account-based REs guidance will apply to accountants, agents of the Crown, British Columbia notaries, dealers in precious metals and precious stones, real estate developers, brokers and sales representatives, MSBs and foreign money services businesses (“FMSBs”).
2. Beneficial Ownership Requirements
Currently, the PCMLTFA and its regulations only require FEs, securities dealers, MSBs and life insurance companies to be subject to beneficial ownership requirements when verifying the identity of an entity. DNFBPs will now be required to obtain information regarding beneficial owners of corporations, trusts and not-for-profit organizations. All REs will also have to keep records and take reasonable measures to confirm the accuracy of the beneficial ownership information they obtain.
1. Methods to Verify the Identity of Persons and Entities
- Reliance Method – The guidance now provides for a new reliance method as a way to identify a person or entity, by relying on measures that were previously taken by another RE or an affiliated foreign entity. Similar to the other methods in the guidance, a RE’s compliance program’s policies and procedures must describe the processes it follows when using the reliance method.
- Simplified Identification Method – The guidance also now provides for a new simplified identification method to verify the identity of certain prescribed entities. The simplified identification method is only available to financial entities and securities dealers. The simplified procedure allows these REs to be deemed to comply with the identification requirements of certain entities if the RE considers there is a low risk of a money laundering or terrorist activity financing offence based on its risk assessment and the RE is satisfied that, within the applicable time period for which it had to verify identity, the entity existed and that every person who it dealt with on behalf of the entity was authorized to do so. REs must keep a record of their risk assessment outlining the grounds for their determination that there is a low risk of an offence.
If a RE has previously verified the identity of a person or entity using the reliance method or simplified identification method, it must verify the identity of the person or entity again for any subsequent transaction or activity.
2. Record Keeping and Client Identification
In addition to the new record-keeping requirements outlined above with respect to PPPs and VC transactions, below are some key changes to the record keeping requirements.
- Electronic Fund Transfers: Casinos, FEs, MSBs and FMSBs will be required to maintain records of electronic fund transfers (“EFTs”) of $1,000 or more. Currently, entities are only required to keep EFT records that are initiated at the request of a client. The updated guidance extends this to EFTs initiated “at the request of a person or entity”. Furthermore, entities which are intermediaries when sending an international EFT of $1,000 or more, or are the final recipient of an international EFT of $1,000 or more must also abide by the EFT record keeping requirements. Also, international EFTs and EFTs within Canada sent via a SWIFT MT-103 message or equivalent will be subject to the travel rule, which requires financial institutions to pass on certain information to the next financial institution a transaction is sent to.
- Casinos: Casinos must now keep a record of transactions made by their customers of $3,000 or more.
3. The 24-Hour Rule
FINTRAC has provided new guidance describing when REs must consider multiple transactions within a 24-hour period as a "single transaction". This concept is referred to as "the 24-hour rule”. This rule requires REs to aggregate multiple transactions when they total $10,000 or more within a consecutive 24-hour windowand the transactions are conducted by the same person or entity, on behalf of the same person or entity, or for the same beneficiary (person or entity). The 24-hour rule applies to all reports with a reporting threshold of $10,000. The guidance further sets out how to aggregate transactions under the 24-hour rule and exceptions to the rule.
On June 1, 2021, these obligations will apply only to the reporting of large VC transactions. The obligations will apply to large cash transactions, EFTs and casino disbursements when FINTRAC updates the report forms for those transactions. Until then, REs should continue to apply the 24-hour rule as outlined in FINTRAC Interpretation Notice No. 4 (pre-June 1, 2021).
4. Travel Rule Requirements
FINTRAC has provided new guidance applicable to FEs, MSBs, FMSBs and casinos regarding the travel rule. The travel rule is the requirement to ensure that specific information is included with the information sent or received in an EFT or a VC transfer.
FEs, MSBs, FMSBs and casinos must include the following travel rule information when initiating an EFT:
- the name, address and account number or other reference number (if any) of the person or entity who requested the transfer;
- the name and address of the beneficiary; and
- if applicable, the beneficiary's account number or other reference number.
Where an EFT or a VC transfer is received that ought to include the travel rule information but does not, the RE must take reasonable measures to obtain such information. These reasonable measures should be outlined in the RE’s policies and procedures. These policies and procedures should also set out what to do when, after taking reasonable measures, one is unable to obtain the travel rule information, including under what circumstances the transaction will be allowed, suspended or rejected.
5. Business Relationship
FINTRAC’s guidance on business relationships has been updated to provide that real estate developers, brokers and sales representatives will now enter into a business relationship with a client the first time they are required to verify the client’s identity.
In addition, MSBs and FMSBs will now enter into a business relationship if they enter into a service agreement with an entity to provide services such as remitting or transmitting funds through an electronic funds transfer network or dealing in virtual currencies.
The updated business relationship guidance also provides specific circumstances where a business relationship is not created. Once a business relationship has been entered into, the RE must keep a record of the purpose and intended nature of the business relationship.
6. Compliance Program Requirements
The compliance program requirements under the PCMLTFA and associated regulations apply to all REs. REs will now be required to cover travel rule requirements to include specific information on EFT and VC transfers as part of their compliance policies and procedures. REs will be required to develop and apply written risk-based policies and procedures to help determine whether they should suspend or reject an EFT or VC transfer they receive. A RE’s policies and procedures will also have to describe the steps the RE will take for all obligations that require it to take reasonable measures.
7. Ongoing Monitoring
The ongoing monitoring guidance, which has remained largely unchanged, provides that insurance companies, brokers and agents will not have to conduct ongoing monitoring when dealing in reinsurance. The updated guidance provides information relating to the ongoing monitoring requirements under the PCMLTFA and its regulations, which apply to all REs.
8. Third Party Determination Requirements
The updated guidance includes certain record-keeping requirements that REs will be subject to if they are not able to make a third party determination, but have reasonable grounds to suspect that a third party is involved.
The updated guidance also includes certain exceptions for FEs, securities dealers, casinos and life insurance companies, brokers or agents. For example, REs will not have to make a third party determination when opening a credit card or a prepaid payment product account. Life insurance companies, brokers or agents will not need to make a third party determination if they keep an information record on a beneficiary in connection with the sale of a life insurance policy under which the RE is to remit an amount of $10,000 or more to the beneficiary over the duration of the policy.
9. Terrorist Property Reporting Requirements
The updated guidance provides that the terrorist property reporting (“TPR”) requirements under the PCMLTFA and associated regulations apply to all REs. FINTRAC notes that TPRs differ from other reports that are submitted to FINTRAC because a transaction or attempted transaction does not have to occur to require the filing of a TPR. Rather, it is the mere existence of property owned or controlled by or on behalf of a terrorist group that requires a RE to submit a TPR.
10. Correspondent Banking Relationships
Correspondent banking relationships occur when an agreement or arrangement for the provision of services is made between a foreign financial institution and a FE. The current guidance applies to banks, credit unions, caisses populaires and trust companies as examples of Canadian FEs that can enter into a correspondent banking relationship. The updated guidance has broadened the scope of applicable entities subject to the guidance to also include:
- A life insurance company, or an entity that is a life insurance broker or agent, that offers loans or prepaid payment products to the public, or maintains accounts for these loans or prepaid payment products, other than:
- loans made by the insurer to a policy holder if the insured person has a terminal illness that significantly reduces their life expectancy and the loan is secured by the value of an insurance policy;
- loans made by the insurer to a policy holder for the sole purpose of funding the life insurance policy;
- advance payments made by the insurer to a policy holder who is entitled to them;
- a credit union central, when it offers financial services to non-members, and
- an agent of the Crown, when it accepts deposit liabilities while providing financial services to the public.
The updated guidance also notes that the correspondent banking relationship requirements do not apply to activities related to the processing of payments by credit card or PPP for a merchant.
FINTRAC Assessment of Compliance with June 1, 2021 Obligations
FINTRAC issued a notice stating it will exercise flexibility and reasonability when assessing REs’ compliance with the new requirements. From June 1, 2021 to March 31, 2022, FINTRAC will assess compliance with the regulatory requirements in effect prior to June 1, 2021. FINTRAC will begin assessing compliance with the amended requirements on April 1, 2022, though transactional information may be assessed by FINTRAC for a period prior to April 1, 2022, while exercising reasonability and taking into consideration the flexible measures previously communicated in the Notice on forthcoming regulatory amendments and flexibility.
The notice states that as of June 1, 2021, REs will be required to comply with VC transaction obligations, including submission of a LVCTR. The notice recognizes that some entities may be facing challenges in meeting this obligation, and sets out procedures when REs are unable to meet the requirements, as well as a timeline for full implementation of an entity’s large VC transaction reporting system.
With certain exceptions set out in the notice, REs are not required to submit a voluntary self-declaration of non-compliance to FINTRAC for non-compliance with the June 1, 2021 requirements until December 1, 2021.
For more information about our firm’s Fintech expertise, please see our Fintech group’s page.