Language selection

Search

Ongoing monitoring requirements

Overview

This guidance came into effect on June 1, 2021.

The ongoing monitoring requirements under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations apply to all reporting entities (REs).

Who is this guidance for

  • All reporting entities (REs)

In this guidance

  1. What is ongoing monitoring?
  2. When must I conduct ongoing monitoring?
  3. When must I conduct enhanced ongoing monitoring?
  4. What are the exceptions to conducting ongoing monitoring?
  5. What records do I need to keep for ongoing monitoring?
  6. When does the requirement for ongoing monitoring end?
  7. When does the requirement for enhanced ongoing monitoring end?

1. What is ongoing monitoring?

Ongoing monitoring is a process that you must develop and use to review all the information you have obtained about the clients with whom you have a business relationship, in order to:Footnote 1

For more information about when you enter into a business relationship with a client see FINTRAC's Business relationship requirements guidance.

Your process for conducting ongoing monitoring could include the monitoring of an individual client or of groups of clients. References to the ongoing monitoring of a client in this guidance refers to both an individual client and groups of clients, depending on your processes.  

2. When must I conduct ongoing monitoring?

When you enter into a business relationship with a client you must periodically conduct ongoing monitoring of that business relationship, based on your risk assessment.Footnote 2

The frequency at which you conduct ongoing monitoring will depend on the risk level assigned to clients in your risk assessment. For example, clients identified as posing a low risk may require less frequent ongoing monitoring whereas those in your high-risk category will require that you take enhanced measures. For more information on risk assessment requirements and enhanced measures, see FINTRAC's Compliance program requirements guidance.

FINTRAC expects that your policies and procedures will include the frequency at which you will conduct ongoing monitoring of your clients, based on your risk assessment for a client or group of clients.

3. When must I conduct enhanced ongoing monitoring?

You must take enhanced measures and conduct enhanced ongoing monitoring of a client that you have identified as posing a high risk in your risk assessment. This means that you must take extra measures in addition to what is required, as appropriate for the level of client risk.Footnote 3

You could consider the following methods to conduct enhanced ongoing monitoring of your high-risk clients:

4. What are the exceptions to ongoing monitoring?

You do not have to conduct ongoing monitoring in the following situations:

  1. Financial entities: You do not have to conduct ongoing monitoring for a group plan account held within a dividend or a distribution reinvestment plan (including a plan that allows members to purchase additional shares or units with contributions other than the dividends or distributions paid by the sponsor of the plan), if the sponsor of the plan:Footnote 4
    • is an entity whose shares or units are traded on a Canadian stock exchange; and
    • operates in a country that is a member of the Financial Action Task Force.
  2. Insurance companies, brokers or agents: You do not have to conduct ongoing monitoring when you are dealing in reinsurance.Footnote 5

5. What records do I need to keep for ongoing monitoring?

You must keep records of the measures you take and of the information obtained from the ongoing monitoring of your clients with whom you have a business relationship.Footnote 6 This includes:

You must outline the measures you use to conduct the ongoing monitoring of your business relationships in your policies and procedures, which can form part of your ongoing monitoring records. However, the information you obtain as a result of your ongoing monitoring is likely to be specific to a particular business relationship and not captured in your policies and procedures, so it should be documented separately. You can document and update the information you obtain through your ongoing monitoring activities across several records. For example, updates to the client identification, beneficial ownership or business relationship information you have, could be recorded in any file you maintain on a client.

Retention: You must keep a record of the ongoing monitoring measures taken and the information obtained from that ongoing monitoring for at least five years from the date the record was created.Footnote 7

6. When does the requirement for ongoing monitoring end?

You are no longer required to conduct ongoing monitoring when your business relationship with a client ends. For more information about when a business relationship ends, see FINTRAC's Business relationship requirements guidance.

7. When does the requirement for enhanced ongoing monitoring end?

You are no longer required to conduct enhanced ongoing monitoring when your business relationship ends or when, based on your risk assessment, you no longer consider a client to pose a high risk. When you no longer consider a client high-risk, you are still required to conduct ongoing monitoring of the client at the frequency determined by the client's new risk rating. For more information about when a business relationship ends, see FINTRAC's Business relationship requirements guidance.

Details and history

Published: February 2021

For assistance

If you have questions about this guidance, please contact FINTRAC by email at guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

Date Modified: