Guideline 6C: Record Keeping and Client Identification for Money Services Businesses

February 2014

This replaces the previous version of Guideline 6C: Record Keeping and Client Identification for Money Services Businesses issued in July 2010. This version includes guidance on obligations, which come into effect February 1, 2014, to better understand your clients and related business relationships.

Table of Contents

  1. General
  2. Record Keeping and Client Identification Obligations
  3. Records To Be Kept
  4. Client Identity
  5. Ongoing Monitoring of Business Relationship and Related Records
  6. Records about Beneficial Ownership and Control
  7. Third Party Determination and Related Records
  8. Politically Exposed Foreign Person Determination and Related Records
  9. How Should Records Be Kept?
  10. Penalties for Non-Compliance
  11. Comments?
  12. How to Contact FINTRAC
Note: Content in this section may require additional software to view. Consult our Help page.

Guideline 6C: Record Keeping and Client Identification for Money Services Businesses (PDF version, 627 KB)

1. General

The objective of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act is to help detect and deter money laundering and the financing of terrorist activities. It is also to facilitate investigations and prosecutions of money laundering and terrorist activity financing offences. This includes reporting, record keeping, client identification and compliance regime requirements for money services businesses.

A money services business means an individual or an entity that is in the business of any of the following activities:

  • foreign exchange dealing;
  • remitting or transmitting funds by any means or through any individual, entity or electronic funds transfer network; or
  • issuing or redeeming money orders, traveller's cheques or other similar negotiable instruments. This does not include redeeming cheques payable to a named individual or entity. In other words, cashing cheques made out to a particular individual or entity is not included.

Money services businesses include alternative money remittance systems, such as Hawala, Hundi, Chitti, etc. For more information about who is engaged in the money services business, see the FINTRAC Interpretation Notice No. 1, available under "General publications" on the Publications page of FINTRAC's website (http://www.fintrac-canafe.gc.ca).

If you are a money services business, this guideline has been prepared to help you meet your record keeping and client identification obligations.

This guideline uses plain language to explain the most common situations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act as well as the related Regulations. It is provided as general information only. It is not legal advice, and is not intended to replace the Act and Regulations.

Record keeping and client identification obligations for other types of reporting persons or entities are explained by sector in other versions of this guideline (financial entities; securities dealers; life insurance companies, brokers and agents; agents of the Crown that sell or redeem money orders; accountants, real estate; dealers in precious metals and stones; British Columbia notaries; and casinos).

For more information about money laundering and terrorist financing, or other requirements under the Act and Regulations applicable to you, see the guidelines in this series:

  • Guideline 1: Backgrounder explains money laundering, terrorist financing, and their international nature. It also provides an outline of the legislative requirements as well as an overview of FINTRAC's mandate and responsibilities.
  • Guideline 2: Suspicious Transactions explains how to report a suspicious transaction. It also provides guidance on how to identify a suspicious transaction, including general and industry-specific indicators that may help when conducting or evaluating transactions.
  • Guideline 3: Submitting Suspicious Transaction Reports to FINTRAC explains to reporting entities when and how to submit suspicious transaction reports. There are two different versions of Guideline 3, by reporting method.
  • Guideline 4: Implementation of a Compliance Regime explains the requirement for reporting entities to implement a regime to ensure compliance with their obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and associated Regulations.
  • Guideline 5: Submitting Terrorist Property Reports to FINTRAC explains to reporting entities when and how to submit terrorist property reports.
  • Guideline 6: Record Keeping and Client Identification explains the requirement for reporting entities to ascertain the identity of their clients and keep records. There are several different versions of Guideline 6, with each one applicable to a particular sector.
  • Guideline 7: Submitting Large Cash Transaction Reports to FINTRAC explains when and how to submit large cash transaction reports. There are two different versions of Guideline 7, by reporting method.
  • Guideline 8: Submitting Electronic Funds Transfer Reports to FINTRAC explains when and how to submit electronic funds transfer reports. There are three different versions of Guideline 8, by type of electronic funds transfer and reporting method.
  • Guideline 9: Submitting Alternative to Large Cash Transaction Reports to FINTRAC explains when and how financial entities can choose the alternative to large cash transaction reports. This is only applicable to financial entities.
  • Guideline 10: Submitting Casino Disbursement Reports to FINTRAC explains when and how to submit casino disbursement reports. There are two different versions of Guideline 10, by reporting method.

If you need more help after you read this or other guidelines, call FINTRAC's national toll-free enquiries line at 1-866-346-8722.

Throughout this guideline, several references are provided to additional information that may be available on external websites. FINTRAC is not responsible for the accuracy, reliability or currency of the information contained on those external websites. The links provided are based on information available at the time of publishing of this guideline.

Throughout this guideline, any references to dollar amounts (such as $10,000) refer to the amount in Canadian dollars or its equivalent in foreign currency. Furthermore, all references to cash mean money in circulation in any country (bank notes or coins). In this context, cash does not include cheques, money orders or other similar negotiable instruments. Also, any references to the term "securities dealer" means an individual or entity authorized under provincial legislation to engage in the business of dealing in securities or any other financial instruments or to provide portfolio management or investment advising services.

This guideline describes your record keeping obligations under Canada's Proceeds of Crime (Money Laundering) and Terrorist Financing Act. Your policies and procedures may cover situations other than the ones described in this guideline, and you may require additional records to be kept for purposes other than your requirements under this legislation. For example, the retention period for your records can be longer than what is described in this guideline, but it cannot be shorter.

2. Record Keeping and Client Identification Obligations

As a money services business, you have to do the following:

  • When you conduct a large cash transaction, your record keeping and client identification obligations are as follows:
    • Keep a large cash transaction record (see section 3);
    • Ascertain the identity of the individual (see section 4); and
    • Make a third party determination and keep related records (see section 7).
  • When you create client credit files in the normal course of business, you have to keep them (see section 3).
  • When, in the normal course of business, you create or receive internal memoranda about services you provide to your clients, you have to keep them (see section 3).
  • When you enter into an ongoing electronic funds transfer, funds remittance or foreign exchange service agreement with an entity, or a service agreement for the issuance or redemption of money orders, traveller's cheques or other negotiable instruments, you have to do the following:
    • Keep a record about the individuals who sign the agreement on behalf of the entity (see section 3);
    • Keep a list of employees authorized to order transactions under the agreement (see section 3);
    • Obtain and take reasonable measures to confirm the beneficial ownership information of the entity and keep related records (see section 6); and
    • Keep a client information record about the entity (see section 3). This also requires that you confirm the existence of the entity (see section 4). You also have to make a third party determination and keep related records (see section 7).
  • When you conduct certain transactions of $3,000 or more, your record keeping and client identification obligations are as follows:
    • Keep a record about the transaction (see section 3); and
    • Ascertain the identity of the individual (see section 4).
  • When you conduct a foreign exchange transaction, your obligations are as follows:
    • Keep a foreign exchange transaction ticket (see section 3); and
    • Ascertain the identity of the individual if the transaction is for $3,000 or more (see section 4).
  • When you remit or transmit certain funds, your record keeping and client identification obligations are as follows:
    • For an amount of $1,000 or more, you have to keep a record and ascertain the identity of the client (see sections 3 and 4);
    • Include originator information with the transfer (see section 3); and
    • For an amount of $100,000 or more, you have to make a determination of whether you are dealing with a politically exposed foreign person and if so, take other measures (see section 8).
  • When you have to submit a suspicious transaction report to FINTRAC, your obligations include the following:
    • If you have not already ascertained the identity of the individual who conducted or attempted to conduct the transaction, ascertain the identity of the individual (see section 4); and
    • Keep a copy of the report (see section 3).
  • When you have to ascertain the identity of your client or confirm the existence of a corporation or other entity, you may have a business relationship with that client. If so, your obligations are as follows:
    • Conduct ongoing monitoring of your business relationship and keep related records (see section 5); and
    • Keep a record of the purpose and intended nature of the business relationship (see section 5).

There are some exceptions and these are explained throughout each section.

The use of personal information in Canadian commercial activities is protected by the Personal Information Protection and Electronic Documents Act (PIPEDA), or by substantially similar provincial legislation. You have to inform individuals concerning the collection of personal information about them. However, you do not have to inform individuals when you include personal information about them in any of the reports that you are required to make to FINTRAC. You can get more information about your responsibilities in this area from the following:

3. Records To Be Kept

As a money services business, in addition to the records described in sections 5 to 8, you have to keep the following records:

  • Large cash transaction records;
  • Certain records created in the normal course of business;
  • Client records about ongoing service agreements;
  • Records for certain transactions of $3,000 or more;
  • Foreign currency exchange transaction tickets;
  • Records about certain funds remitted or transmitted; and
  • Suspicious transaction report records.

Details about each of these types of records are provided in subsections 3.2 through 3.8.

See section 4 for information about identification requirements that may be associated to the events triggering record keeping requirements.

3.1 General exceptions to record keeping

If you keep information in a record that is already readily available in any other record that you have kept under these rules (as described throughout this guideline), you do not have to keep that information again.

3.2 Large cash transaction records

This is a record for every amount of cash of $10,000 or more that you receive from a client in a single transaction. For example, if your client brings you $10,000 in cash to conduct any type of transaction with your money services business, you have to keep a large cash transaction record. In addition to this record, a large cash transaction will also require a report to FINTRAC, as explained in Guideline 7: Submitting Large Cash Transaction Reports to FINTRAC.

If you know that two or more cash transactions of less than $10,000 each were made within a 24-hour period (that is, 24 consecutive hours), by or on behalf of the same client, these are considered to be a single large cash transaction if they add up to $10,000 or more. In this case, you would have to keep a large cash transaction record, and report the transaction to FINTRAC as explained above.

Do not keep a large cash transaction record or make a large cash transaction report to FINTRAC if the cash is received from a financial entity or a public body. In this context, a financial entity means any of the following:

  • a bank (that is, one that is listed in Schedule I or II of the Bank Act) or an authorized foreign bank with respect to its operations in Canada;
  • a credit union or a caisse populaire;
  • a financial services cooperative (in the province of Quebec) or a credit union central (in all other provinces);
  • a trust and loan company; or
  • an agent of the Crown that accepts deposit liabilities.

Also in this context, a public body means any of the following or their agent:

  • a Canadian provincial or federal department or Crown agency;
  • an incorporated Canadian municipal body (including an incorporated city, town, village, metropolitan authority, district, county, etc.); or
  • a hospital authority. A hospital authority means an organization that operates a public hospital and that is designated to be a hospital authority for GST/HST purposes. For more information on the designation of hospital authorities, refer to GST/HST Memoranda Series, Chapter 25.2, Designation of Hospital Authorities available from the Canada Revenue Agency website (http://www.cra-arc.gc.ca) in the forms and publications listed by document type.

Contents of a large cash transaction record

For any large cash transaction, the information you have to keep in a large cash transaction record includes the following:

  • the amount and currency of the cash received;
  • the name, date of birth and address of the individual from whom you received the cash and that individual's principal business or occupation;
  • the date of the transaction;
  • the purpose, details and type of transaction (for example, the cash was used to purchase a money order, etc.), including whether any other individuals or entities were involved in the transaction;
  • how the cash was received (for example, in person, by mail, by armoured car, or any other way); and
  • if an account was affected by the transaction, include the following:
    • the number and type of any such account;
    • the full name of the client that holds the account; and
    • the currency in which the account's transactions are conducted.

Be as descriptive as possible regarding the business or occupation. Record information that clearly describes it, rather than use a general term. For example, in the case of a consultant, the occupation recorded should reflect the area of consulting, such as "information technology consultant" or "consulting forester." As another example, in the case of a professional, the occupation should reflect the nature of the work, such as "petroleum engineer" or "family physician."

If you have to ascertain the identity of the individual conducting the large cash transaction, see subsection 3.9 for additional information that is required on the large cash transaction record.

3.3 Certain records created in the normal course of business

You have to keep the following records that you create in the normal course of business with a client concerning any of your money services business activities as listed in section 1.

Client credit files

A client credit file means a record you create in the normal course of business that relates to a credit arrangement with your client, such as a loan or other type of credit agreement. This includes your client's name, address and financial capacity as well as the terms of credit. It also includes your client's principal business or occupation, the name of the business (if any), and your client's business address or place of work address. For more information about recording business or occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record."

Client credit files include credit applications that were declined. This also includes cancelled credit applications unless the application was cancelled before it was considered by the money services business.

Internal memoranda

An internal memorandum means any memo, note, message or similar communication that you create or receive, in the normal course of business, about services you provide to your clients.

3.4 Client records about ongoing service agreements

You have to keep certain records when you enter into any of the following agreements, whether the agreement is verbal or in writing:

  • an ongoing electronic funds transfer, funds remittance or foreign exchange service agreement with an entity; or
  • a service agreement with an entity for the issuance or redemption of money orders, traveller's cheques or other negotiable instruments.

In either of these cases, you have to keep the following records:

  • when the agreement is in writing, a record about the individuals who sign the agreement on behalf of the entity;
  • a list of employees authorized to order transactions under the agreement; and
  • a client information record about the entity.

Record about those who sign the agreement

This is a record of the name, address, date of birth and occupation of every individual who signed the ongoing service agreement on behalf of the entity.

List of authorized employees

This is a list containing the name, address and date of birth of every employee of the entity who is authorized to order transactions under the ongoing service agreement.

Client information record

A client information record sets out your client's name, address and the nature of the client's principal business. This record is only required about an entity with which you have an ongoing service agreement as described above.

For more information about recording business, see subsection 3.2, under the heading "Contents of a large cash transaction record."

If you create a client information record about a client that is a corporation, you also have to keep the following additional record. If, in the normal course of business, you get a copy of the part of the official corporate records showing the provisions that relate to the power to bind the corporation regarding transactions, you have to keep a copy of it. This could be a certificate of incumbency, the articles of incorporation or the bylaws of the corporation that set out the officers duly authorized to sign on behalf of the corporation, such as the president, treasurer, vice-president, comptroller, etc. If there were changes subsequent to the articles or bylaws that relate to the power to bind the corporation regarding the transactions and these changes were applicable at the time the client information record was created, then the board resolution stating the change would be included in this type of record.

3.5 Records for certain transactions of $3,000 or more

You have to keep a record for the following transactions that you conduct with an individual or an entity.

  • If you receive $3,000 or more for the issuance of traveller's cheques, money orders or other similar negotiable instruments, keep a record of the date, the amount received and the name, address and date of birth of the individual who gave you the amount. This record also must indicate whether the amount was received in cash, cheques, traveller's cheques, money orders or other similar negotiable instruments.

    However, if you receive the amount from a financial entity, you do not have to keep a record about it.

  • If you cash $3,000 or more in money orders, keep a record of the name, address and date of birth of the individual cashing the money order. This record also must indicate the name of the issuer of the money order.

If you have to ascertain the identity of the individual conducting any of these types of transaction, see subsection 3.9 for additional information that is required on the record.

3.6 Foreign currency exchange transaction tickets

For every foreign currency exchange transaction you conduct, regardless of the amount, you have to keep a transaction ticket. A transaction ticket means a record that sets out the following information:

  • the date, amount and currency of the purchase or sale; and
  • the method, amount and currency of the payment made or received.

A transaction ticket can take the form of an entry in a transaction register, as long as it contains the information required, as explained in this subsection.

If the transaction was $3,000 or more and conducted by an individual, the foreign currency exchange transaction ticket also has to set out the name, address and date of birth of the individual.

If you have to ascertain the identity of the individual conducting the foreign currency exchange transaction, see subsection 3.9 for additional information that is required on the transaction ticket.

3.7 Records about certain funds remitted or transmitted

Information to include with outgoing funds transfers

If you send an electronic funds transfer (EFT) of any amount, at the request of a client, you have to include originator information with the transfer. Originator information means the name, address and, if any, the account number or reference number of the client who requested the transfer. You should not send any EFTs without including originator information.

An EFT means the transmission–through any electronic, magnetic or optical device, telephone instrument or computer–of instructions for the transfer of funds to or from Canada. In the case of messages sent through the SWIFT network, only SWIFT MT 103 messages are included. In addition, only in the context of originator information, an EFT includes any transmission of instructions for the transfer of funds within Canada that is a SWIFT MT 103 message.

An EFT does not include the following transactions:

  • that use credit or debit cards, when the recipient has an agreement with the payment service provider for the payment of goods and services;
  • where the recipient withdraws cash from their account;
  • that use direct deposits or pre-authorized debits; or
  • that use cheque imaging and presentment.

Information to be included with incoming funds transfers

If you receive an EFT, you have to take reasonable measures to ensure it includes originator information. In this context, reasonable measures could include contacting the institution that sent the payment instructions.

These requirements apply to the same EFTs, including the same exclusions, as those described above under the heading "Information to include with outgoing funds transfers."

Record about remitting or transmitting funds

If you remit or transmit funds, whether internationally or domestically, in an amount of $1,000 or more, you have to keep a record. This record has to include the following:

  • if the client is an individual, the individual's name, address, date of birth and telephone number as well as the nature of their principal business or occupation;
  • if the client is an entity, the name, address, date of birth and telephone number of the individual who initiated the transaction on behalf of the entity, as well as the nature of the individual's principal business or occupation;
  • the reference number and the date of the transaction;
  • the name of the individual or entity to whom the amount is remitted or transmitted; and
  • the amount and currency of the transaction.

For more information about recording business or occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record."

If you have to ascertain the identity of the individual conducting the transaction, see subsection 3.9 for additional information that is required on the record about the remittance or transmission of funds.

If the funds remitted or transmitted involved an exchange to or from a foreign currency, see subsection 3.6 for additional information required in a transaction ticket.

3.8 Suspicious transaction report records

When you have to report a suspicious transaction to FINTRAC, you have to keep a copy of the report. See Guideline 3: Submitting Suspicious Transaction Reports to FINTRAC for more information about obligations related to this report.

3.9 Identification information on all records

If you have to ascertain the identity of an individual, as explained in section 4, in association with any of the records mentioned in section 3, you have to keep the individual's name with that record. You also have to keep the following with that record:

Identification documents

If you have to ascertain the identity of the individual using an identification document, the record has to include the type of document you used to ascertain the individual's identity, its reference number and its place of issue.

Identification of clients not physically present

If you do not use an identification document but use methods for a client who is not physically present (as described in subsection 4.6), you have to include whichever of the following, according to the methods used:

  • If you use a cleared cheque to ascertain the individual's identity, the record has to include the name of the financial entity and the account number of the deposit account on which the cheque was drawn;
  • If you confirm that the individual holds a deposit account with a financial entity, the record has to include the date on which you made the confirmation as well as the name of the financial entity where the account is held and the number of the account;
  • If you rely on a previous confirmation of the individual's identity by an affiliate of yours, the record has to include the name of that other entity as well as the type and reference number of the record that they previously relied on to ascertain the individual's identity;
  • If you use an identification product, the record has to include the name of the identification product, the name of the entity offering it, the search reference number and the date you used the product to ascertain the individual's identity;
  • If you consult a credit file, the record has to include the name of the entity keeping the credit file and the date you consulted it; and
  • If you use an attestation signed by a commissioner of oaths in Canada or a guarantor in Canada, you have to keep the attestation.

4. Client Identity

4.1 When and how do you have to ascertain client identity?

As a money services business, you have to take the following measures to ascertain the identity of individuals or to confirm the existence of entities (entities meaning: corporations, trusts, partnerships, funds, and unincorporated associations or organizations), subject to the general exceptions outlined in subsection 4.2.

Subsections 4.3 and 4.5 explain the need to ascertain the identity of an individual when they conduct a large cash transaction, certain transactions of $3,000 or more, or a remittance or transmission of $1,000 or more. In these events, you must ascertain the identity of an individual, unless an exception applies as explained below. Also, if you suspect that the transaction is related to a money laundering or terrorist financing offence, you must file a suspicious transaction report, as explained in section 4.4.

Refer to section 3 for information about record keeping requirements that may be associated to the events triggering identification requirements.

Once you have conducted two transactions with a client that require you to ascertain the identity of the client, you have entered into a business relationship with that client. See section 5 for more information on business relationships and related records.

4.2 General exceptions to client identification

In addition to the exceptions explained throughout the rest of section 4, the following general exceptions apply to client identification requirements.

Once you have ascertained the identity of an individual as explained in this guideline, you do not have to ascertain their identity again if you recognize the individual (visually or by voice) at the time of a future event that would otherwise trigger the identification requirement. However, if you have any doubts about the identification information previously collected, you will have to ascertain that individual's identity again.

Once you have confirmed the existence of a corporation and confirmed its name, address and the names of its directors (as explained in subsection 4.7), you are not required to confirm that same information in the future.

Once you have confirmed the existence of an entity other than a corporation (as explained in subsection 4.7), you are not required to confirm that same information in the future.

4.3 Client identity for large cash transactions

You have to ascertain the identity of any individual with whom you conduct a large cash transaction, at the time of the transaction, if you have to keep a large cash transaction record for it, as described in subsection 3.2.

See subsection 4.6 to find out how to ascertain the identity of an individual for a large cash transaction.

4.4 Client identity for suspicious transactions

When you have to send a suspicious transaction report to FINTRAC, you have to take reasonable measures, before the transaction is reported, to ascertain the identity of the individual who conducted or attempted to conduct the transaction. This does not apply in the following circumstances:

  • if you had already ascertained the identity of the individual as required and you have no doubts about that previous identification information; or
  • if you believe that doing so would inform the individual that you are submitting a suspicious transaction report.

In this context, reasonable measures to ascertain the identity of an individual include using either of the options available to identify individuals who are not physically present. They also include asking the individual for an identification document. However, reasonable measures exclude any method that you believe would inform the individual that you are submitting a suspicious transaction report.

It is important to remember that all suspicious transactions and attempted transactions, including transactions that are normally exempt from client identification requirements, require you to take reasonable measures to ascertain your client's identity. See Guideline 2: Suspicious Transactions for more information.

4.5 Other client identity for individuals

You have to ascertain the identity of an individual if you conduct any of the following transactions:

  • you conduct a foreign currency exchange transaction of $3,000 or more;
  • you issue or redeem traveller's cheques, money orders or other similar negotiable instruments for $3,000 or more; or
  • you remit or transmit $1,000 or more by any means or through any individual or entity.

If you are required to ascertain the identity of an individual in any of these cases, you have to do so at the time of the transaction. If a transaction combines remitting or transmitting with either of the others listed above, such as remitting an amount converted from foreign currency to Canadian, the $1,000 threshold applies.

You do not have to ascertain the identity of individuals if they are conducting the transaction on behalf of their employer under an ongoing service agreement described in subsection 3.4.

See subsection 4.6 to find out how to ascertain the identity of an individual for this purpose.

4.6 How to ascertain the identity of an individual

See subsection 3.9 for additional information that is required on certain records when you have to ascertain the identity of individuals.

To ascertain the identity of an individual, refer to the individual's birth certificate, driver's licence, passport, record of landing, permanent resident card or other similar document.

You can refer to an individual's provincial health card, but only if it is not prohibited by provincial or territorial legislation. For example, you cannot refer to an individual's provincial health card from Ontario, Manitoba, Nova Scotia or Prince Edward Island, since health cards cannot be used for this purpose in these provinces. As another example, in Quebec, you cannot request to see a client's health card, but you may accept it if the client wants to use it for identification purposes. If you have questions about the use of health cards for identification, please contact the appropriate provincial issuer for more information.

For a document to be acceptable for identification purposes, it must have a unique identifier number. Also, the document must have been issued by a provincial, territorial or federal government. For example, a birth or baptismal certificate issued by a church would not be acceptable for this purpose. Also, an identification card issued by an employer for an employee (that is, an employee identification card) is not acceptable.

The document also has to be a valid one and cannot have expired. For example, an expired driver's licence would not be acceptable.

A social insurance number (SIN) card can be used to ascertain the identity of a client, but the SIN (that is, the number itself) is not to be provided to FINTRAC on any type of report. The Office of the Privacy Commissioner (http://www.priv.gc.ca) has produced a fact sheet concerning best practices for the use of SINs. Please consult it for more information on this topic.

Examples of other documents that can be used to verify the identity of a client include a certificate of Indian status or a provincial or territorial identification card issued by any of the following (or their successors):

  • the Insurance Corporation of British Columbia;
  • Alberta Registries;
  • Saskatchewan Government Insurance;
  • the Department of Service Nova Scotia and Municipal Relations;
  • the Department of Transportation and Public Works of the Province of Prince Edward Island;
  • Service New Brunswick;
  • the Department of Government Services and Lands of the Province of Newfoundland and Labrador;
  • the Department of Transportation of the Northwest Territories; or
  • the Department of Community Government and Transportation of the Territory of Nunavut.

Valid foreign identification, if equivalent to an acceptable type of Canadian identification document, would also be acceptable for the purposes explained in this guideline. For example, a valid foreign passport is acceptable.

When you refer to a document to ascertain the identity of an individual, it has to be an original, not a copy of the document. In cases where it is not possible for you to view the original yourself, you may choose to use an agent or mandatary to verify the original identification document on your behalf. Even if you use an agent or mandatary, you are responsible for making sure the identification requirements are met.

Use of an agent or mandatary

If you use an agent or mandatary for client identification, you have to enter into a written agreement or arrangement with the agent or mandatary outlining what you expect them to do for you. In addition, you have to obtain from the agent or mandatary the customer information that was obtained according to the agreement or arrangement.

Your agent or mandatary can ascertain the identity of your client for you using an identification document. In cases where your client is not physically present at the conducting of a transaction, your agent or mandatary can also use the options explained below.

Individual not physically present

If you have to ascertain the identity of an individual who is not physically present you will have to use one or the other of the following options:

OPTION 1: Affiliate

To ascertain the identity of an individual using this option, you have to first obtain the individual's name, address and date of birth. Then, you have to confirm that one of the following has ascertained the identity of the individual by referring to an original identification document:

  • a financial entity, life insurance company or securities dealer affiliated with you; or
  • an entity affiliated with you and whose activities outside Canada are similar to those of a financial entity, life insurance company or securities dealer.

To use this option, you have to verify that the individual's name, address and date of birth provided to you correspond with the information kept in the records of that other entity.

In this context, an entity is affiliated with you if you fully own it or it fully owns you, or you are both fully owned by the same entity.

If your affiliate is not a financial entity, life insurance company or securities dealer as described above, you cannot use this option to confirm identification. Read the information above under the heading "Use of an agent or mandatary" if you choose to use that affiliate for client identification.

OPTION 2: Combination of methods

To ascertain the identity of an individual using this option, you have to use a combination of two of the following methods. In each of the two methods you use, the individual's information has to be consistent with what you have in your records. The information also has to be consistent from one method to the other. For example, if each of the methods you use has the name, address and date of birth information about the individual, all of it has to agree with what you have in your records.

The methods below may not apply for all clients. For example, the methods would not be available to ascertain the identity of a client outside Canada who is conducting a transaction with you, but has no Canadian credit history, no access to a Canadian guarantor and no deposit account with a financial entity. In this case, ascertaining the identity of the client using an identification document may necessitate the use of an agent or mandatary, as explained above.

Identification product or credit file method

You can use either of the following methods but you cannot combine them:

  • Refer to an independent and reliable identification product. It must be based on personal information as well as Canadian credit history about the individual of at least six months duration. This type of product can use a series of specific questions, based on an individual's credit file, to help you ascertain client identity.
  • With the individual's permission, refer to a credit file. The credit file must have been in existence for at least six months.

Products for either of these methods are available commercially, such as those used for credit ratings.

Attestation method

Obtain an attestation that an original identification document for the individual has been seen by a commissioner of oaths or a guarantor. The attestation must be on a legible photocopy of the document and include the following information:

  • the name, profession and address of the commissioner of oaths or the guarantor;
  • the signature of the commissioner of oaths or the guarantor; and
  • the type and number of the identifying document provided by the individual whose identity you must ascertain.

In this context, a guarantor has to be an individual engaged in one of the following professions in Canada:

  • a dentist, a medical doctor or a chiropractor;
  • a judge, a magistrate or a lawyer;
  • a notary (in Quebec) or a notary public;
  • an optometrist or a pharmacist;
  • an accredited public accountant (APA), a chartered accountant (CA), a certified general accountant (CGA), a certified management accountant (CMA), a public accountant (PA) or a registered public accountant (RPA);
  • a professional engineer (P. Eng., in a province other than Quebec) or engineer (Eng. in Quebec); or
  • a veterinarian.
Cleared cheque or deposit account method

You can use either of the following methods, but you cannot combine them.

  • Confirm that a cheque drawn on a deposit account that the individual has with a financial entity has cleared. This means a cheque that was written by the individual, cashed by the payee and cleared through the individual's account. It does not include pre-authorized payments as these are not cheques written by the individual.
  • Confirm that the individual has a deposit account with a financial entity. You could do this by viewing an original bank statement.

For either method, the account has to be with a financial entity, as described in subsection 3.2.

The account cannot be one that is exempt from identification requirements for the financial entity, such as a registered retirement savings plan or a reverse mortgage. For more information about accounts that cannot be used for the cleared cheque or deposit account methods, see Guideline 6G: Record Keeping and Client Identification for Financial Entities.

4.7 Client identity for corporations and other entities

You have to confirm the existence of any corporation or other entity for which you have to keep a client information record, within 30 days of creating this record. In the case of a corporation, in addition to confirming its existence, you also have to determine the corporation's name, address and the names of its directors, within 30 days of creating the client information record.

When you have to confirm the existence of an entity, you also have to obtain and confirm the entity's beneficial ownership information, as explained in section 6.

You do not have to do any of this if the entity is a public body or a very large corporation (as defined below) with which you have an ongoing service agreement. The same is true regarding a subsidiary of either of those entities, if the financial statements of the subsidiary are consolidated with those of the public body or very large corporation.

For information about what is considered a public body in this context, see subsection 3.2. Also in this context, a very large corporation is one that has minimum net assets of $75 million on its last audited balance sheet. The corporation's shares have to be traded on a Canadian stock exchange or on a stock exchange outside Canada that is designated by the Minister of Finance. The corporation also has to operate in a country that is a member of the Financial Action Task Force (FATF). For more information about stock exchanges outside Canada that are designated by the Minister of Finance, refer to the July 2, 2008 news release available in the News area of the Department of Finance's website (http://www.fin.gc.ca).

To find out which countries are members of the FATF, refer to its website (http://www.fatf-gafi.org).

Corporations

To confirm the existence of a corporation as well as the corporation's name and address, refer to the following documents:

  • the corporation's certificate of corporate status;
  • a record that has to be filed annually under provincial securities legislation; or
  • any other record that confirms the corporation's existence. Examples of these include such other records as the corporation's published annual report signed by an independent audit firm, or a letter or a notice of assessment for the corporation from a municipal, provincial, territorial or federal government.

You also have to determine the names of the corporation's directors. To do this, you may need to see the list submitted at the time of their application for incorporation. In the case of a corporation that is a securities dealer, you do not need to determine the name of the corporation's directors.

The record you use to confirm a corporation's existence can be paper or an electronic version. Although such information may be available verbally (such as by telephone), it is not acceptable for these purposes, as you have to refer to a record. If the record is in paper format, you have to keep the record or a copy of it.

If the record is an electronic version, you have to keep a record of the corporation's registration number, the type and source of the record. An electronic version of a record has to be from a public source. For example, you can get information about a corporation's name and address and the names of its directors from a provincial or federal database such as the Corporations Canada database which is accessible from Industry Canada's website (http://www.ic.gc.ca). As another example, you may also get this type of information if you subscribe to a corporation searching and registration service.

Entities other than corporations

To confirm the existence of an entity other than a corporation, refer to a partnership agreement, articles of association or any other similar record that confirms the entity's existence. The record you use to confirm the existence of an entity can be paper or an electronic version. Although such information may be available verbally (such as by phone), it is not acceptable for these purposes, as you have to refer to a record. If the record is in paper format, you have to keep the record or a copy of it.

If the record is an electronic version, you have to keep a record of the entity's registration number, the type and source of the record. An electronic version of a record has to be from a public source.

4.8 Keeping client identification information up to date

Your compliance regime has to include an assessment, in the course of your activities, of the risk of money laundering or terrorist financing. Guideline 4: Implementation of a Compliance Regime provides more information about risk assessment requirements. According to this assessment, you have to keep client identification information up to date as part of your ongoing monitoring obligations.

Measures to keep client identification information up to date include asking the client to provide information to confirm or update identification information. In the case of an individual client, this can also include confirming or updating the information by using the same options that are available to ascertain the identity of individuals who are not physically present.

In the case of clients that are entities, measures to keep client identification information up to date include consulting a paper or electronic record as explained in subsection 4.7, or obtaining information verbally to keep client identification information up to date.

The frequency with which client identification information is to be kept up to date will vary depending on your risk assessment of your client. As part of your ongoing monitoring obligations, you have to keep all client identification information up to date. For high-risk clients, you must update client identification information more frequently and perform more frequent monitoring, as well as adopt any other appropriate enhanced monitoring measures (see examples in section 5).

If you have used one of the exceptions found in 4.2 (General exceptions to client identification) where you were not required to ascertain the identity of a client and therefore, do not have any client information in your records, there will be no client information to update as part of your ongoing monitoring obligations as described in section 5 (Ongoing Monitoring of Business Relationship and Related Records), but your other ongoing monitoring obligations still apply.

5. Ongoing Monitoring of Business Relationship and Related Records

Business relationship

A business relationship is a relationship that you establish with a client to conduct financial transactions or provide services related to those transactions.

You enter into a business relationship when you conduct two or more transactions in which you have to:

  • ascertain the identity of the individual (see section 4); or
  • confirm the existence of a corporation or other entity (see sections 4 and 6).

If you use the exception to ascertaining the identity of a client where you recognize the individual (as described in 4.2 General exceptions to client identification) in the case of a second transaction that requires you ascertain the identity of a client, you have entered into a business relationship with that client nonetheless. This is because it is the requirement to ascertain identity that triggers the business relationship.

You should determine that a business relationship has been established as soon as reasonably practicable following the second transaction requiring that the client's identity be ascertained. As a best practice, this should be done within 30 calendar days.

For money services businesses, the business relationship only includes transactions and related activities for which you have to ascertain the identity of your client. However, when you have to send a suspicious transaction report, you must still take reasonable measures to ascertain the identity of the client even if the transactions in question do not normally require it. See section 4 for more information on these transactions and activities.

If you have a client who conducts two or more suspicious transactions, even if you are unable to ascertain the identity of the client, you have still entered a business relationship with that client. This is because suspicious transactions require you to take reasonable measures to ascertain the identity of the client (subject to the circumstances described in section 4.4), and so two or more of these transactions will trigger a business relationship. You must treat this business relationship as high-risk, and undertake more frequent ongoing monitoring and updating of client identification information, as well as any other appropriate enhanced measures (see examples under "Ongoing monitoring" below).

A business relationship is established when two transactions that require you to ascertain the identity of your client occur within a maximum of five years from one another. If a period of five years passes from the last transaction that required you to ascertain the identity of your client, the business relationship with that client ceases.

Once the business relationship is established, you must also:

  • conduct ongoing monitoring of your business relationship with your client; and
  • keep a record of the measures you take to monitor your business relationship and the information you obtain as a result. See section 5.1 for a description of what information you must keep for this record.

Ongoing monitoring

Ongoing monitoring means that you have to monitor your business relationship with a client on a periodic basis. Use your risk assessment of the client with whom you have a business relationship to determine how frequently you will monitor that business relationship. The risk assessment requires you to consider each one of your clients when assessing their risk for money-laundering and terrorist activities financing. However, an individual written assessment is not required for each client, so long as you can demonstrate that you put your client in the correct risk category, according to your policies and procedures, and risk assessment. You have to perform ongoing monitoring of each business relationship to:

  • detect suspicious transactions that have to be reported;
  • keep client identification, beneficial ownership information, and the purpose and intended nature of the business relationship up to date;
  • reassess the level of risk associated with the client's transactions and activities; and
  • determine whether the transactions or activities are consistent with the information previously obtained about the client, including the risk assessment of the client.

The above-listed requirements do not need to follow the same timeframe, so long as you monitor your high-risk clients more frequently and with more scrutiny than you do your low-risk clients.

In order to keep client and beneficial ownership information up to date, you may update the information you have on record every time the client conducts a transaction that requires you to ascertain their identity.

As an example, you may choose to reassess the level of risk associated with a client's transactions and activities, and to determine whether the transactions or activities are consistent with the information you have on your client, for your low-risk clientele, every two years, while performing the same monitoring of your high-risk clients on a more frequent basis. However, depending on the circumstances of your operations, a different ongoing monitoring period for low-risk clients may be appropriate.

In the context of monitoring on a periodic basis, the frequency of your monitoring will vary depending on your risk assessment of your client. As part of your ongoing monitoring obligations, you have to monitor all of your business relationships, and you must monitor business relationships you consider high-risk more frequently, as well as update client identification information and adopt any other appropriate enhanced measures.

Here is a non-exhaustive list of enhanced measures you could take to mitigate the risk in cases of high-risk business relationships:

  • Obtaining additional information on the client (e.g. occupation, volume of assets, information available through public databases, Internet, etc.).
  • Obtaining information on the source of funds or source of wealth of the client.
  • Obtaining information on the reasons for intended or conducted transactions.
  • Obtaining the approval of senior management to enter into or maintain the business relationship.
  • Identifying patterns of transactions that need further examination.
  • Requiring the first payment to be carried out through an account in the client's name with a bank subject to similar client due diligence standards.
  • Increased monitoring of transactions of higher-risk products, services and channels.
  • Establishing more stringent thresholds for ascertaining identification.
  • Gathering additional documents, data or information; or taking additional steps to verify the documents obtained.
  • Establishing transaction limits.
  • Increasing awareness of high-risk activities and transactions.
  • Increasing internal controls of high-risk business relationships.
  • Obtaining the approval of senior management at the transaction level for products and services that are new for that client.

If as a result of your ongoing monitoring you consider that the risk of a money laundering or a terrorist financing offence in a business relationship is high, your risk assessment in your compliance regime must treat that client as a high risk. In this case, you must conduct more frequent monitoring of your business relationship with that client, update that client's identification information more frequently, and adopt any other appropriate enhanced measures (see examples above).

5.1 Business relationship record

When you enter into a business relationship with a client, you have to keep a record of the purpose and intended nature of the business relationship. You also have to review this information on a periodic basis and keep it up to date. This is done to ensure that you continue to understand your client's activities over time so that any changes can be measured to detect high-risk transactions and activities. This may lead you to increase the frequency of ongoing monitoring, update their client identification information more frequently, and adopt any other appropriate enhanced measures (see examples above).

The purpose and intended nature of the business relationship is information that should allow you to anticipate the transactions and activities of your client.

For clients with whom you have a business relationship on the basis that they have completed two transactions that required you to ascertain their identity, or in the case of entities, to confirm their existence; you must document the purpose and intended nature of the business relationship that best describes your dealings with that client.

Here is a short, non-exhaustive list of examples of purpose and intended nature of a business relationship in your sector:

  • Foreign exchange, travel or purchase of goods
  • Funds transfers, family support or purchase of goods
  • Buying or cashing money orders or traveller's cheques

Guideline 4: Implementation of a Compliance Regime provides more information about risk assessment requirements.

6. Records about Beneficial Ownership and Control

When you have to confirm the existence of an entity, at the same time, you have to obtain, take reasonable measures to confirm, and keep records of the information about the entity's beneficial ownership. Beneficial ownership refers to the identity of the individuals who ultimately control the corporation or entity, and cannot be another corporation or another entity. You must search through as many levels of information as necessary in order to determine beneficial ownership. However, there may be cases where there is no individual who owns or controls 25% or more of an entity. You must still keep a record of the measures you took and the information you obtained in order to reach that conclusion.

In this context, reasonable measures to confirm the accuracy of beneficial ownership information would include asking the client to provide documentation. You can rely on the information provided by clients, but you should use discernment when determining if the documentation is appropriate. Documents and references that you obtain to confirm the information (such as the website where you found the information) have to be kept in your records.

Here is a short, non-exhaustive list of documents that could be provided by clients to confirm beneficial ownership information:

In the case of corporations:

  • Articles of incorporation
  • Annual returns
  • Shareholder agreements

In the case of entities other than corporations:

  • Articles of constitution
  • Partnership agreements
  • Records of decisions

You have to obtain, take reasonable measures to confirm and keep a record of the following beneficial ownership information:

  • If the entity is a corporation:
    • the names of all directors of the corporation;
    • the names and addresses of all individuals who directly or indirectly own or control 25% or more of the shares of the corporation; and
    • information on the ownership, control and structure of the corporation.

The following is an example of ownership, control and structure of a corporation:

ABC Canada Inc. is a for-profit corporation with 100 privately traded shares in circulation. It is incorporated pursuant to the Canada Business Corporations Act. John Brown owns 15 of the shares and Green Company Ltd. owns the remaining 85 shares. James Smith is President of ABC's board of directors; his wife, Jane Smith, is ABC's Chief Financial Officer; and their three children make up the other members of the board.

In this example:

  • Ownership of the corporation is shared by John Brown (15 % of the shares) and Green Company Ltd. (85% of the shares);
  • All members of the board of directors (the 5 members of the Smith family) exercise control of the corporation. Because Green Company Ltd. owns 85% of the corporation's shares, it also exercises control. However, in a case like this, you must research further into the ownership until you find an individual who owns enough shares in Green Company to own or control 25% or more of ABC Canada or until you find that there is no such individual;
  • The structure of the corporation is that of a privately traded, for-profit corporation incorporated pursuant to the Canada Business Corporations Act.
  • If the entity is a trust:
    • the names and addresses of all trustees and all known beneficiaries and settlors of the trust; and
    • information on the ownership, control and structure of the trust.

The trust deed will provide you the information on the control and structure of the trust. If you are unable to obtain the names and addresses of the trustees, beneficiaries or settlors of the trust, you must find the name of the senior managing officer of the trust, that is, the person in the trust company who is in fact responsible for the management of that trust, such as an account manager.

  • If the entity is other than a corporation or trust:
    • the names and addresses of all individuals who directly or indirectly own or control 25% or more of the entity; and
    • information on the ownership, control and structure of the entity.

The following is an example of ownership, control and structure of an entity that is neither a corporation nor a trust:

Rainbow Money Services is a money services business (MSB) in Vancouver owned by Howard and Betty. Howard and Betty paid a lawyer to draft a partnership agreement for the business, which they both signed. According to the agreement, Howard will invest $100,000 in the partnership to buy equipment and rent space for the MSB, and Betty will be solely responsible for operating the MSB and performing its business. All decisions related to the partnership must be unanimous; in case of a disagreement, either partner can decide to end the partnership. Howard and Betty will split the income from the MSB 50/50, and if they decide to end the partnership, Howard will get 85% of the proceeds of the sale of the business assets, while Betty will get 15%.

In this example:

  • Ownership of the entity is shared between Howard and Betty;
  • Howard and Betty both control the partnership;
  • The structure of the entity is a partnership between Howard and Betty, constituted pursuant to a contract governed by the laws of British Columbia.

If this information cannot be obtained or its accuracy cannot be confirmed, you have to:

  • obtain the name of the most senior managing officer of the corporation, trust or other entity;
  • take reasonable measures to ascertain the identity of the most senior managing officer of the corporation, trust or other entity; and
  • treat that corporation, trust or other entity as high-risk in your risk assessment document of your compliance regime, and undertake more frequent monitoring, updating of client identification information, and any other appropriate enhanced measures (see examples in section 5).

You do not need to ascertain the identity of the most senior managing officer when there is no individual who owns or controls 25% or more of an entity.

In the context of this section, the senior managing officer of a corporation or an entity may include but is not limited to its director, chief executive officer, chief operating officer, president, secretary, treasurer, controller, chief financial officer, chief accountant, chief auditor or chief actuary, as well as any individual who performs any of those functions. It also includes any other officer who reports directly to the entity's board of directors, chief executive officer or chief operating officer. In the case of a sole proprietor or a partnership, the senior managing officer can be the owner or the partner.

In the context of this section, the senior managing officer of a trust is the trustee, that is, the person who is authorized to administer or execute on that trust.

To ascertain the identity of the most senior managing officer, use one of the methods described in section 4.6 or obtain it through public sources. You also have to keep a record of this information.

Not-for-profit organization

If you have to confirm the existence of an entity that is a not-for-profit organization, you also have to do the following:

  • Determine whether or not that entity is a registered charity for income tax purposes and keep a record to that effect. To make this determination, you can ask the client or consult the charities listing on the Canada Revenue Agency website (http://www.cra-arc.gc.ca).
  • If that entity is not a registered charity, determine whether or not it solicits charitable financial donations from the public and keep a record to that effect. To make this determination, you can ask the client.

Keeping beneficial ownership information up to date

According to your compliance regime's assessment of risk, in all situations, you have to keep beneficial ownership information up to date. Measures to keep beneficial ownership information up to date include those explained at the beginning of section 6.

The frequency with which such information is to be kept up to date will vary depending on your risk assessment of your client. As part of your ongoing monitoring obligations, you have to keep all beneficial ownership information up to date. For high-risk clients, you must update beneficial ownership information more frequently and perform more frequent monitoring, as well as adopt any other appropriate enhanced monitoring measures (see examples in section 5).

7. Third Party Determination and Related Records

7.1 Third party determination

You have to make a third party determination when you have to keep any of the following records:

  • Large cash transaction record
    Whenever you have to keep a large cash transaction record (as explained in subsection 3.2), you have to take reasonable measures to determine whether the individual who gives you the cash is acting on behalf of a third party.
  • Client information record
    Whenever you are required to keep a client information record as explained in subsection 3.4, you have to take reasonable measures to determine whether the client is acting on the instructions of a third party.

In this context, a third party is an individual or entity other than the individual who conducts the transaction. When you are determining whether a "third party" is involved, it is not about who "owns" the money, but rather about who gives instructions to deal with the money. To determine who the third party is, the point to remember is whether the individual in front of you is acting on someone else's instructions. If so, that someone else is the third party.

In making a third party determination when employees are acting on behalf of their employers, they are considered to be acting on behalf of a third party.

Reasonable measures

What constitutes reasonable measures will vary in accordance with the context in which they occur, and therefore could differ from one situation to the next. However, reasonable measures would include retrieving the information already contained in your files or elsewhere within your business environment, or obtaining the information directly from the client.

7.2 Third party records

If you determine that there is in fact a third party, as explained above, you have to keep a record of the following information:

  • the third party's name, address and principal business or occupation;
  • if the third party is an individual, the third party's date of birth;
  • the incorporation number and place of incorporation if the third party is a corporation; and
  • in the case of a large cash transaction, the nature of the relationship between the third party and the individual who gives you the cash; or
  • in the case of a client information record, the nature of the relationship between the third party and the client. For examples of third party relationships, see field 18 of Part G in the large cash transaction report.

For more information about recording business or occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record."

If you are not able to determine that there is in fact a third party, but you have reasonable grounds to suspect that there are instructions of a third party involved, you have to keep a record to indicate the following:

  • in the case of a large cash transaction, whether, according to the individual giving the cash, the transaction is being conducted on behalf of a third party; or
  • in the case of a client information record, whether, according to the client, the transaction is being conducted on behalf of a third party.

This record must also indicate details of why you suspect the individual is acting on a third party's instructions.

8. Politically Exposed Foreign Person Determination and Related Records

A politically exposed foreign person is an individual who holds or has ever held one of the following offices or positions in or on behalf of a foreign country:

  • a head of state or government;
  • a member of the executive council of government or member of a legislature;
  • a deputy minister (or equivalent);
  • an ambassador or an ambassador's attaché or counsellor;
  • a military general (or higher rank);
  • a president of a state‑owned company or bank;
  • a head of a government agency;
  • a judge; or
  • a leader or president of a political party in a legislature.

A politically exposed foreign person also includes the following family members of the individual described above:

  • mother or father;
  • child;
  • spouse or common‑law partner;
  • spouse's or common‑law partner's mother or father; and
  • brother, sister, half-brother or half-sister (that is, any other child of the individual's mother or father).

8.1 Politically exposed foreign person determination

You have to take reasonable measures to determine whether you are dealing with a politically exposed foreign person for certain electronic funds transfers.

Once you have determined that an individual is a politically exposed foreign person, you will not have to do it again. However, if you initially determined that an individual was not a politically exposed foreign person, you must still take reasonable measures to determine whether you are dealing with a politically exposed foreign person for every prescribed electronic funds transfer, since the client's status may have changed.

Electronic funds transfers

An electronic funds transfer (EFT) means the transmission–through any electronic, magnetic or optical device, telephone instrument or computer–of instructions for the transfer of funds to or from Canada. In the case of messages sent through the SWIFT network, only SWIFT MT 103 messages are included. An EFT does not include the instructions for the transfer of funds from one place in Canada to another in Canada.

You have to take reasonable measures to determine if the initiator of an outgoing electronic funds transfer (EFT) of $100,000 or more is a politically exposed foreign person. The initiator means the individual who requested the EFT whether the initiator is acting on behalf of an entity (including a corporation) or on their own behalf. This determination has to be done within 14 days after the transaction occurred.

For the purposes of politically exposed foreign person determination, an outgoing EFT means the transmission of instructions for the transfer of $100,000 or more outside Canada at the request of a client.

If an individual who is the initiator of an EFT of $100,000 or more is a politically exposed foreign person, you also have to do the following:

  • take reasonable measures to establish the source of funds used by the initiator for the transaction; and
  • within 14 days after the transaction occurred, get a member of senior management to review the transaction.

When an individual is the beneficiary of an incoming EFT of $100,000 or more, you have to take reasonable measures to determine whether you are dealing with a politically exposed foreign person. This has to be done within 14 days after the transaction occurred. In this particular case, the beneficiary is the individual who is the recipient of the funds of $100,000 or more from outside Canada. For the purposes of politically exposed foreign person determination, an incoming EFT means the reception of instructions for the transfer of $100,000 or more from outside Canada, at the request of a client. 

If an individual who is the beneficiary of an EFT of $100,000 or more is a politically exposed foreign person, you also have to get a member of senior management to review the transaction, within 14 days after the transaction occurred.

You have to make the determination and get senior management to review the transaction within a single period of 14 days. For example, if it takes you 5 days after the transaction to make the determination that you are in fact dealing with a politically exposed foreign person, you have 9 days left to get senior management to review the transaction.

Reasonable measures

In the context of this subsection, reasonable measures to determine whether or not you are dealing with a politically exposed foreign person include the following:

  • asking the client; or
  • consulting a credible source of commercially or publicly available information about politically exposed persons.

In establishing the source of funds, reasonable measures also include asking the client.

Senior management

Also in the context of this section, senior management means an individual who has the following:

  • authority to make and be held accountable for management decisions about this type of transaction;
  • awareness of the money laundering or terrorist financing risks to which the money services business or this type of transaction is exposed; and
  • awareness of politically exposed foreign persons.

8.2 Politically exposed foreign person records

Once a transaction has been reviewed, as explained in subsection 8.1, you have to keep a record of the following:

  • the office or position of the individual who is a politically exposed foreign person;
  • the source of the funds, if known, that were used for the transaction;
  • the date you determined the individual to be a politically exposed foreign person;
  • the name of the member of senior management who reviewed the transaction; and
  • the date the transaction was reviewed.

9. How Should Records Be Kept?

You should maintain an effective record-keeping system to enable FINTRAC to have access to the records in a timely fashion. Your records have to be kept in such a way that they can be provided to FINTRAC within 30 days of a request to examine them.

For the requirements explained in this guideline, you can keep records in a machine-readable or electronic form, as long as a paper copy can be readily produced from it. For example, if you have a document imaging system, you do not have to produce the original document for these purposes, as long as you can print the imaged one.

The record keeping requirements explained in this guideline are about each record to be kept. Your record keeping system can store the information required for any one record separately, as long as you are able to readily retrieve and put the information together for the record whenever necessary.

Also, for records that are kept electronically, an electronic signature of the individual who must sign the record has to be retained. An electronic signature means an electronic image of the signature and does not include a personal identification number (PIN).

You are not required to keep a copy of the reports you make to FINTRAC (other than the suspicious transaction report as explained in subsection 3.8), but you may choose to do so. It is recommended that you keep the information that FINTRAC sends you in the acknowledgement message about each report processed. This provides the date and time the report was received along with its identification number.

Timeframe for keeping records

In the case of client information records, records to confirm the existence of an entity (including a corporation), client credit files, beneficial ownership records, politically exposed foreign person records and records about ongoing service agreements, these records have to be kept for five years from the day the last business transaction was conducted.

In the case of a copy of a suspicious transaction report, the record has to be kept for a period of at least five years following the date the report was made.

In the case of all other records, the records must be kept for a period of at least five years following the date they were created.

Employees or contractors who keep records for you

Your employees who keep records (as described in section 3) for you are not required to keep those records after the end of their employment with you. The same is true for individuals in a contractual relationship with you, after the end of that contractual relationship. This means that you have to get and keep the records that were kept for you by any employee or contractor before the end of that individual's employment or contract with you.

10. Penalties for Non-Compliance

Failure to comply with your record keeping or client identification requirements can lead to criminal charges against you. Conviction of failure to retain records could lead to up to five years imprisonment, to a fine of $500,000, or both. Alternatively, failure to keep records or ascertain the identity of clients can lead to an administrative monetary penalty. For more information on penalties, you can also consult the "Penalties for non-compliance" section of FINTRAC's website.

11. Comments?

These guidelines will be reviewed on a periodic basis. If you have any comments or suggestions to help improve them, please send your comments to the mailing address provided below, or by email to guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

12. How to Contact FINTRAC

For further information on FINTRAC and its activities, reporting and other obligations, please go to FINTRAC's website (http://www.fintrac-canafe.gc.ca) or contact FINTRAC:

Financial Transactions and Reports Analysis Centre of Canada
234 Laurier Avenue West, 24th floor
Ottawa ON  K1P 1H7
Canada

Toll-free: 1-866-346-8722