When to verify the identity of persons and entities—Securities dealers

June 2017 

When to identify individuals and confirm the existence of entities – Securities dealers

June 2017

This guidance on client identification is applicable to securities dealers that are subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations.

Details on how to identify individuals and confirm the existence of entities are available in FINTRAC’s guidance Methods to identify individuals and confirm the existence of entities.

Throughout this guidance, references to dollar amounts (such as $10,000) are in Canadian dollars. Furthermore, all references to cash mean money in circulation in any country (bank notes or coins) and do not include cheques, money orders or other similar negotiable instruments.

The Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) specify when you must identify an individual or confirm the existence of an entity, and how you must do this. The point at which you identify a client will vary depending on the activity or transaction that is carried out. Knowing your clients includes identifying them in accordance with the Regulations, but you also have further obligations in this regard, such as requirements related to the ongoing monitoring of business relationships, the determination of politically exposed persons or heads of international organizations, beneficial ownership and third party determination. Please refer to FINTRAC’s guidance on these subjects for more information.

**Note: Exceptions to your client identification requirements are listed in the last section of this guidance.

Identifying clients

As a securities dealer, you must identify individuals and confirm the existence of entities for certain activities and transactions, as listed below. Entities can be corporations, trusts, partnerships, funds, and unincorporated associations or organizations.

When you have to confirm the existence of an entity that is a corporation, you also have to verify its name and address, and the names of the corporation’s directors.

The formation of a business relationship and the ensuing obligations are tied to your requirements to identify clients. You are in a business relationship with every individual or entity that holds an account with you. For non-account-based relationships, you are considered to be in a business relationship with every individual you have had to identify at least twice, and with every entity whose existence you have had to confirm at least twice. If you have not identified an individual or confirmed the existence of an entity because an exception applied, you are still considered to be in a business relationship and must conduct ongoing monitoring and keep certain records.

You are also required to take reasonable measures to determine if a client is acting on the instruction of a third party when creating an account operating agreement, a signature card or conducting a large cash transaction. In this case, reasonable measures may include asking the individual, or relying on information you may already have about the individual. If you determine that the individual in front of you is acting on someone else's instructions, that “someone else” is the third party.

As a securities dealer, you are responsible for identifying clients for:

  1. Account openings
  2. Large cash transactions
  3. Suspicious transactions

1. Account openings

You must identify all individuals who are authorized to give instructions on an account for which a signature card, account operating agreement, or account application is created. A signature card is a document signed by an individual authorized to give instructions on an account, or electronic data that constitutes a signature. It can include the hand written signature of an individual or an electronic signature that is created or adopted by an individual. The electronic signature can be numeric, character-based, or biometric as long as it is unique to the individual and a record can be kept. This must be done before any transaction is carried out on the account other than an initial deposit.

When you open an account for an entity, you must:

  • confirm its existence;
  • obtain the beneficial ownership information; and,
  • in addition, for an entity that is a corporation, you must also verify its name and address, and the names of its directors.

This must be done within 30 days after the account is opened.

When you open a business account, you do not have to identify every individual authorized to give instructions on the account if you have identified at least three of these individuals. These individuals must be identified before the first transaction occurs on the account, other than the initial deposit.

If you cannot identify an individual or confirm the existence of an entity in connection with the opening of a new account, you cannot open the account.

You also must identify individual members of a group plan account for whom you have to keep a signature card. The signature card is required for individual members when the member’s contributions are not made by payroll deduction or by the plan sponsor, or when the existence of the plan sponsor is not confirmed. This verification has to take place at the time of the contribution.

2. Large cash transactions

You must identify every individual who conducts a large cash transaction at the time the transaction takes place. A large cash transaction occurs when you receive $10,000 or more in cash in a single transaction. A large cash transaction also occurs when there are multiple cash transactions of less than $10,000 each that total $10,000 or more within a 24-hour period, when you know that they are conducted by, or on behalf of, the same individual or entity.

3. Suspicious transactions

You must take reasonable measures to identify individuals who conduct or attempt to conduct suspicious transactions before sending a Suspicious Transaction Report. Reasonable measures in this case may include asking the individual to provide photo identification.

All suspicious transactions and attempted suspicious transactions, including transactions that are normally exempt from client identification requirements, require you to take reasonable measures to identify them.

Keeping client identification information up to date 

You must update client information at a frequency that will vary based on your risk assessment. As part of your ongoing monitoring requirements, you must keep all client identification information up to date. High-risk clients’ identification information must be updated more frequently, and you must take any other appropriate enhanced measures.

To keep client identification information up to date, you must take measures such as asking the client to provide information to confirm or update their identification information. In the case of an individual, this may include confirming or updating the information by using the options that are available to identify individuals who are not physically present.

In the case of clients that are entities, measures to keep client identification information up to date may include consulting a paper or electronic record or obtaining information verbally.

Exceptions

General exception

You do not have to re-identify an individual or re-confirm the existence of an entity if you previously did so using the methods specified in the Regulations in place at the time and kept the associated records, so long as you have no doubts about the information used.

When creating a signature card for an account, an account operating agreement or an account application, you can apply an exception to identifying an individual or confirming the existence of an entity if the account is for a public body or very large corporation. The same is true regarding a subsidiary of either of those types of entities, if the financial statements of the subsidiary are consolidated with those of the public body or very large corporation.

You do not have to identify an individual who is authorized on a business account, so long as you have identified at least three individuals authorized to give instructions on the account. If one of the three identified individuals leaves the business, you must identify another individual authorized on the account.

You do not have to identify the individual who conducts a large cash transaction, if the cash is received from a financial entity or public body.

You do not have to take reasonable measures to identify the individual who conducts or attempts to conduct a suspicious transaction only if:

  • you have already identified the individual as required and have no doubts about the identification information; or
  • you believe that identifying the individual would inform them that you are submitting a Suspicious Transaction Report.

Account openings

You are not required to identify an individual or confirm the existence of an entity that opens an account, in respect of the following:

  • the opening of an account for the sale of mutual funds where there are reasonable grounds to believe that the identity has been verified in accordance with subsection 64(1) by a securities dealer in respect of
    • the sale of the mutual funds for which the account has been opened, or
    • a transaction that is part of a series of transactions that includes that sale;
  • the opening of an account by an entity for the deposit by a life insurance company affiliated with that entity of a death benefit under a life insurance policy or annuity where:
    • the account is opened in the name of a beneficiary that is an individual;
    • only the death benefit may be deposited in the account; and,
    • the policy or annuity contract, under which the claim was made for the death benefit has been in existence for a period of at least two years before the day on which the claim for the death benefit was made;
  • an individual who already has an account with you and opens a subsequent account;
  • the purchase of an exempt policy as defined in subsection 306(1) of the Income Tax Regulations;
  • the purchase of a group life insurance policy that does not provide for a cash surrender value or a savings component;
  • the purchase of an immediate or deferred annuity that is paid for entirely with funds that are directly transferred from a registered pension plan or from a pension plan that is required to be registered under the Pension Benefits Standards Act, 1985 or similar provincial legislation;
  • the purchased of a registered annuity policy or a registered retirement income fund;
  • for the purchase of an immediate or deferred annuity that is paid for entirely with funds from the proceeds of a group life insurance policy;
  • for a transaction that is part of a reverse mortgage (a loan based on the equity of a home) or a structured settlement (a financial or insurance arrangement to resolve a personal injury claim);
  • for the deposit and sale of shares from a corporate demutualization or the privatization of a Crown corporation;
  • in the name of an affiliate of a financial entity, if that affiliate carries out activities that are similar to those of the individuals and entities referred to in paragraphs 5(a) to (g) of the Act;
  • the opening of a registered plan account, including a locked-in retirement plan account, a registered retirement savings plan account, and a group registered retirement savings plan account;
  • established pursuant to the escrow requirements of a Canadian securities regulator or Canadian stock exchange or any provincial legislation;
  • where the account holder or settlor is a pension fund that is regulated by or under an Act of Parliament or of the legislature of a province;
  • in the name of, or in respect of which instructions are authorized to be given by, a financial entity, a securities dealer or a life insurance company or by an investment fund that is regulated under provincial securities legislation;
  • solely to provide customer accounting services to a securities dealer; and,
  • an account or credit card account is opened for a corporation that is a securities dealer; in this case, you do not have to verify the names of the corporation’s directors.

If you open a group plan account, other than those identified above, you do not have to identify, or keep a signature card for individual members of the plan if:

  • the existence of the entity that is the plan sponsor has been confirmed; and,
  • the individual member contributions are made by the sponsor of the plan or by means of payroll deductions.
March 2021

When to verify the identity of persons and entities—Securities dealers

March 2021

This guidance comes into effect on June 1, 2021.

This guidance on client identification describes when securities dealers must verify the identity of persons and entities as required by the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations. Details on how to verify the identity of persons and entities are available in FINTRAC's Methods to verify the identity of persons and entities guidance.

This document answers the following questions:

  1. When do I have to verify the identity of persons and entities?
  2. What is the difference between verifying identity and keeping client identification information up to date?
  3. What are the exceptions to my client identification requirements

**Note: Throughout this guidance, references to dollar amounts (such as $10,000) are in Canadian dollars.

1. When do I have to verify the identity of persons and entities?

As a securities dealer, you must verify the identity of clients for the following:

  1. Large cash transactions
  2. Large virtual currency (VC) transactions
  3. Suspicious transactions
  4. Accounts—account holders and persons authorized to give instructions

a. Large cash transactions

You must verify the identity of every person or entity from which you receive $10,000 or more in cash when the transaction takes places.Footnote 1 This includes a situation where you are deemed to have received cash because you have authorized another person or entity to receive it on your behalf.Footnote 2

**Note: This obligation is subject to the 24-hour rule.Footnote 3

b. Large virtual currency (VC) transactions

You must verify the identity of every person or entity from which you receive VC in an amount equivalent to $10,000 or more when the transaction takes place.Footnote 4 This includes a situation where you are deemed to have received VC because you have authorized another person or entity to receive it on your behalf.Footnote 5

**Note: This obligation is subject to the 24-hour rule.Footnote 6

c. Suspicious transactions

You must take reasonable measures to verify the identity of every person or entity that conducts or attempts to conduct a suspicious transaction, regardless of the amount, and including transactions that would normally be exempt from client identification requirements, before sending a Suspicious Transaction Report (STR).Footnote 7

d. Accounts—Account holders and persons authorized to give instructions

Account holders

You must verify the identity of every person for whom you open an account before the first transaction, other than the initial deposit, is carried out on the account.Footnote 8 You must also verify the identity of every corporation and entity other than a corporation for which you open an account, within 30 days after the day on which the account is opened.Footnote 9

Persons authorized to give instructions

You must verify the identity of every person who is authorized to give instructions on an account before the first transaction, other than the initial deposit, is carried out on the account.Footnote 10

This includes verifying the identity of the individual members of a group plan account who are authorized to give instructions, when a contribution to the plan is made in respect of the member.Footnote 11

You cannot open an account for a person, corporation, or other entity if you cannot verify their identity in accordance with the Regulations.Footnote 12

2. What is the difference between verifying identity and keeping client identification information up to date?

As part of your ongoing monitoring requirements for business relationships, you must keep client identification information up to date, at a frequency that will vary based on your risk assessment, and as outlined in your policies and procedures.Footnote 13 This does not require you to re-identify clients in accordance with the methods to verify identity. As explained in the ongoing monitoring guidance, the requirement is only for you to keep client identification information up to date. This is understood to be information that you have about your client such as their name and address. In the case of a person, this would also include, but is not limited to, the nature of their principal business or their occupation; and in the case of an entity, the nature of its principal business.

3. What are the exceptions to my client identification requirements?

You do not have to re-identify a person or an entity if you previously did so using the methods specified by the Regulations in place at the time, and kept the associated records, so long as you have no doubts about the information used.Footnote 14

Large cash transactions

You do not have to verify the identity of a person or entity that conducts a large cash transaction if:

Large VC transactions

You do not have to verify the identity of a person or entity that conducts a large VC transaction if you receive the VC from a client that is an FE or a public body, or from a person acting on behalf of a client that is an FE or public body.Footnote 17

When you receive VC as compensation for the validation of a transaction that is recorded in a distributed ledger or you receive a nominal amount of VC for the sole purpose of validating another transaction or a transfer of information – you do not need to keep a large VC transaction record and do not need to verify identity.Footnote 18

Suspicious transactions

You do not have to take reasonable measures to verify the identity of the person or entity that conducts or attempts to conduct a suspicious transaction only if:

  • you have already verified the identity of the person or entity as required and have no doubts about the identification information;Footnote 19 or
  • you believe that verifying the identity of the person or entity would inform them that you are submitting an STR.Footnote 20

Public bodies, very large corporations and trusts

When opening an account, you do not have to verify the identity of a person or entity if the account is for:Footnote 21

  • a public body;
  • a very large corporation or trust; or
  • a subsidiary of those types of entities, if the financial statements of the subsidiary are consolidated with those of the public body, or very large corporation or trust.

Account openings

You do not have to verify the identity of a person who opens an account, or is authorized to give instructions in respect of an account in the following circumstances:Footnote 22

  • if the person already has an account with you and opens a subsequent account;
  • if the person is authorized on a business account, so long as you have verified the identity of at least three persons authorized to give instructions on the account. If one of the three identified persons leaves the business, you must verify the identity of another person authorized on the account;
  • an account that is opened for the sale of mutual funds where there are reasonable grounds to believe that the person's identity has been verified by a securities dealer in accordance with the methods in the Regulations, in respect of:
    • the sale of the mutual funds for which the account has been opened, or
    • a transaction that is part of a series of transactions that includes that sale;
  • an account that is opened at the request of an entity for the deposit, by a life insurance company affiliated with that entity, of a death benefit under a life insurance policy or annuity where:
    • the account is opened in the name of a beneficiary that is a person;
    • only the death benefit may be deposited in the account; and,
    • the policy or annuity contract, under which the death benefit claim was made has been in existence for at least two years before the claim for the death benefit was made.

Other activities exempted from client identification requirements

You do not have to verify the identity of persons and entities, as listed in this guidance, for the following:Footnote 23

  • the sale of a registered annuity policy or a registered retirement income fund;
  • the opening of an account for the deposit and sale of shares from a corporate demutualization or the privatization of a Crown corporation;
  • the opening of an account in the name of an affiliate of an FE, if that affiliate carries out activities that are similar to those of the persons and entities referred to in paragraphs 5(a) to (g) of the Act;
  • the opening of a registered plan account, including a locked-in retirement plan account, a registered retirement savings plan account, and a group registered retirement savings plan account;
  • the opening of an account established pursuant to the escrow requirements of a Canadian securities regulator or Canadian stock exchange or any provincial legislation;
  • where the account holder or settlor is a pension fund that is regulated by or under an Act of Parliament or of the legislature of a province;
  • the opening of an account in the name of, or in respect of which instructions are authorized to be given by an FE, a securities dealer, a life insurance company or by an investment fund that is regulated under provincial securities legislation; and,
  • the opening of an account solely to provide customer accounting services to a securities dealer.

These exceptions do not apply to large cash transactions, large VC transactions, or suspicious transactions.

Group Plans

If you open a group plan account, other than those for which exceptions already apply, you do not have to verify the identity of the individual members of the plan if:

  • the identity of the entity that is the plan sponsor has been verified; and
  • the individual member contributions are made by the sponsor of the plan or by payroll deductions.Footnote 24
Date Modified: