Guide on harm done assessment for violations of other compliance measures

Table of contents

  1. Introduction
  2. Violations related to other compliance measures
  3. Violations related to complying with a Minister's directive
  4. Violations related to correspondent banking
  5. Violations related to requirements for foreign branches and subsidiaries
  6. Violations related to including prescribed information in prescribed electronic funds transfers (travel rule)
  7. Violations related to the requirement to assist FINTRAC

1. Introduction

This page presents how we assess the harm done and calculate the base penalty amount applied to violations of requirements related to correspondent banking, foreign branches and subsidiaries, complying with the Minister's Directive, prescribed information in prescribed electronic funds transfers (travel rule), and providing assistance or information reasonably required to FINTRAC.

1.1 Purpose of the guide

This guide presents how FINTRAC approaches the harm done criterion and the base penalty amount for violations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the Act) and its regulations. According to section 73.11 of the Act, FINTRAC must consider the harm done by a violation, that the purpose of an administrative monetary penalty (AMP) is to encourage compliance rather than to punish, and all other criteria prescribed in the regulations, including a reporting entity's (RE) history of compliance, when determining the amount of a penalty. Considerations for the non-punitive nature of an AMP and an REs' compliance history are assessed in another step in the penalty calculation and are outlined separately in FINTRAC's AMP policy.

1.2 Definition of harm

FINTRAC defines "harm" as the degree to which a violation interferes with achieving the objectives of the ActFootnote 1 or with FINTRAC's ability to carry out its mandateFootnote 2. Therefore, the consequences of non-compliance, when an AMP is imposed, are linked to its effects on Canada's efforts to combat money laundering and terrorist activity financing (ML/TF).

Compliance enforcement activities are undertaken to prevent and correct the harm that comes from non-compliance with the Act and regulations. REs' adherence to requirements such as record keeping and verifying client identity assists in the deterrence of ML/TF and supports investigations and criminal prosecutions. The requirements related to reporting ensure that FINTRAC is supplied with the high-quality, timely financial transaction reports it needs to produce the financial intelligence that helps with the investigation and prosecution of ML/TF offences.

1.3 Considering harm in AMP calculations

When determining a penalty, FINTRAC considers the harm caused, that is, the degree to which the non-compliance interferes with the purpose of the Act and/or with FINTRAC's mandate. Non-compliance and harm are measured using the standards described in this guide, which outline the benchmark amounts for the corresponding levels of harm for a specific violation. FINTRAC considers the specific circumstances of each case, including the extent of the non-compliance and mitigating factors, which may further reduce the actual amounts applied.

2. Violations related to other compliance measures

Compliance measures related to correspondent banking, foreign branches and subsidiaries, minister's directives, prescribed information in electronic funds transfers (EFTs) and assistance to the Centre have been put in place to strengthen Canada's Anti-Money Laundering and Anti-Terrorism Financing (AML/ATF) regime. In particular, measures related to correspondent banking, foreign branches and subsidiaries, and minister's directives help to achieve the objectives set out in subsections 3(c) and 3(d) of the Act concerning Canada's international commitment to fight transnational crime, especially ML/TF. These measures also strengthen Canada's ability to take targeted steps to protect Canada's financial system. Measures concerning prescribed information in EFTs help eliminate anonymous transactions and ensure that transaction information is made available for compliance, risk assessment, analysis, investigations and prosecutions. Finally, measures concerning assistance to FINTRAC are in place so that we can ensure REs comply with the requirements of the Act and its regulations. If an RE fails to meet these requirements, it interferes with the regime's ability to achieve the objectives of the Act and FINTRAC's mandate, which is to detect, prevent and deter ML/TF.

3. Violations related to complying with a Minister's directive

In order to safeguard the integrity of Canada's financial system, the Minister of Finance has the authority to issue directives to REs and their foreign branches and subsidiaries, in respect of a designated foreign jurisdiction or entity. A directive allows the Minister to require that specific measures be carried out beyond those of the Act and its regulations when a foreign jurisdiction or entity is at a heightened risk of facilitating ML/TF. These additional, targeted measures are designed to enhance existing requirements to mitigate the specific ML/TF risks of financial transactions originating from or destined to foreign jurisdictions or entities with ineffective or insufficient AML/ATF measures. These additional, targeted measures may help avoid an adverse impact on the integrity of Canada's financial system or on its reputation.

Table 1—Violations related to complying with a Minister's directive
Provision of the Act Description Classification of violation

11.43

Failure to comply with a ministerial directive

Very serious
$1-$500,000

11.44(1)

Failure to ensure that a foreign branch or foreign subsidiary complies with a ministerial directive

Very serious
$1-$500,000

3.1 Harm done in the case violations related to complying with a Minister's directive

Failing to comply with a Minister's directive could interfere with the achievement of the objectives described under paragraphs 3(c) and (d) of the Act with respect to fulfilling Canada's international commitments to fight transnational crime, particularly ML/TF, and enhancing Canada's targeted measures to protect its financial system from ML/TF. Non-compliance with a minister's directive poses a very high risk to the integrity of Canada's financial system and the safety of Canadians. This is because detection and mitigation measures would not be applied to transactions originating from or destined to a foreign state or a foreign entity that has an ineffective or insufficient AML/ATF regime. In a worst case scenario, suspicious transactions related to ML or TF offences could remain undetected, posing a risk to the financial system and the safety of Canadians.

3.2 Penalty determination for violations related to complying with a Minister's directive

When an RE or its foreign branches or subsidiaries fail to comply with a minister's directive, Canada's financial system is at risk to be used for international ML/TF transactions. The prescribed maximum penalty of $500,000 is applied when a directive is not implemented because ministerial directive violations pose the greatest harm to the achievement of the objectives of the Act and FINTRAC's mandate. 

The measures required by a Minister's directive vary, therefore, the penalty determination criteria for partial violations is dependent on the contraventions and the extent of the non-compliance. FINTRAC will consider the circumstances of each case to determine if there are mitigating factors that may reduce the penalty amount.

4. Violations related to correspondent banking

This section outlines FINTRAC's approach to the violations related to correspondent banking requirements, including harm assessments and penalty calculations.

4.1 Violation for having a correspondent banking relationship with a shell bank

Removing anonymity in transactions is one of the most important safeguards against the exploitation of Canada's financial system for ML/TF. Financial entities in Canada are specifically prohibited from having correspondent banking relationships with shell banks because this could facilitate anonymity in transactions and give little or no AML/ATF oversight. 

Table 2—Violation for having a correspondent banking relationship with a shell bank
Provision of the Act Description Classification of violation

9.4(2)

Having a correspondent banking relationship with a shell bank

Serious
$1-$100,000

4.1.1 Harm done in the case of a violation related to having a correspondent banking relationship with a shell bank

Shell banks operate outside the country where they are incorporated and licensed, and are not affiliated with a financial services group that is subject to supervision in that country. The control and management of a shell bank happens from a different jurisdiction, sometimes from a private residence, and poses a serious risk to Canada's AML/ATF regime as it is difficult to ensure regulatory oversight for requirements such as customer due diligence and risk mitigation.   The banking supervisor in the country where the shell bank operates is generally unaware of its existence. Shell banks pose a higher risk of ML/TF and they are known for being used to launder the proceeds of crime. If a financial entity in Canada were to allow a shell bank to access to Canada's financial system, this could interfere with the detection, prevention and deterrence of ML/TF activities here, and could also interfere with the achievement of one of the objectives set out in paragraph 3(c), of the Act which is to assist in fulfilling Canada's international commitments to participate in the fight against transnational crime, particularly money laundering, and the fight against terrorist activity. 

4.1.2 Penalty determination for a violation related to having a correspondent banking relationship with a shell bank

When an RE provides financial services to a shell bank, the RE provides the shell bank with broad access to the Canadian financial system, putting it at risk for ML/TF because of the anonymity the shell bank entails. An RE that has a correspondent banking relationship with a shell bank, that has conducted a transaction with that shell bank, poses the highest risk to Canada's AML/ATF regime and directly contravenes the prohibition under subsection 9.4(2) of the Act. Therefore, the penalty is determined at the prescribed maximum, $100,000. FINTRAC will consider mitigating factors in its calculation of the penalty.   

4.2 Violation related to obtaining approval of senior management for correspondent banking relationship

A correspondent banking relationship requires the financial entity's senior management oversight to ensure that it is not a conduit for anonymous, illicit financial transactions. Approval from senior management is required to enter into such a relationship, to ensure accountability at the highest level, and that the organization fully understands the associated ML/TF risks, and has the proper controls in place to mitigate risks.

Table 3—Violation related to obtaining approval of senior management for correspondent banking relationship
Provision of the Act Provision of the PCMLTFRFootnote 3 Description Classification of violation

9.4(1)(c)

15.1(1)

Failure of a specified entity entering into a correspondent banking relationship with a prescribed foreign entity to obtain the approval of senior management

Minor
$1-$1,000

4.2.1 Harm done in the case of a violation related to obtaining approval of senior management for a correspondent banking relationship

When approval to enter into a correspondent banking relationship is not obtained, there is high potential for harm related to the detection, prevention and deterrence of ML/TF in Canada, because there is no oversight and accountability from a financial entity's senior management which would ensure proper assessment and risk mitigation. Transactions posing high ML/TF risk could be conducted through a correspondent banking relationship that has not been scrutinized and risk-assessed by senior management. This makes the financial entity's operations more vulnerable to ML/TF offences and introduces vulnerabilities into Canada's financial system that may go undetected. 

4.2.2 Penalty determination for a violation related to obtaining approval of senior management for a correspondent banking relationship

When approval to enter into a correspondent banking relationship is not obtained, there is high potential for harm as the financial entity's operations are more vulnerable to ML/TF offences and introduces vulnerabilities into Canada's financial system that may go undetected. Therefore, the prescribed maximum penalty of $1,000 is determined for each correspondent banking relationship that senior management did not approve.

FINTRAC will consider relevant mitigating factors in its determination of the penalty. For example, if there have been no financial transactions or activities conducted with that foreign financial institution at the time that the non-compliance was discovered.

4.3 Violation related to ascertaining the name and address of a foreign financial institution

Financial entities that enter into a correspondent banking relationship are required to ascertain the name and address of the foreign financial institution by examining specific records from recognized authorities. This verification confirms the existence of the foreign financial institution and mitigates the possibility that the foreign financial institution is a shell bank. This information can be used for risk assessment, preparation of reports to FINTRAC, and as evidence when investigating and prosecuting ML/TF offences. 

Table 4—Violation related to ascertaining the name and address of a foreign financial institution
Provision of the Act Provision of the PCMLTFR Description Classification of violation

9.4(1)(a)

55.1(a)

Failure of a financial entity that enters into a correspondent banking relationship with a foreign financial institution to ascertain, in the prescribed manner, prescribed information in respect of the foreign financial institution

Minor
$1-$1,000

4.3.1 Harm done in the case of a violation related to ascertaining the name and address of a foreign financial institution

Financial entities that enter into a correspondent banking relationship are required to ascertain the name and address of the foreign financial institution by examining specific records from recognized authorities. This verification confirms the existence of the foreign financial institution and mitigates the possibility that the foreign financial institution is a shell bank. This information can be used as evidence when police investigate ML/TF offences and for the preparation of reports to FINTRAC, as well as risk assessments. 

Failing to ascertain the name and address of the foreign financial institution makes the Canadian RE's operations more vulnerable to ML/TF offences and introduces vulnerabilities into Canada's financial system that may go undetected.  

4.3.2 Penalty determination for a violation related to ascertaining the name and address of a foreign financial institution

The PCMLTFR set out the manner in which the foreign financial institution's name and address must be verified. The requirements were developed to ensure that records from a recognized authority are used to ascertain the information. 

Because of the risk that dealing with shell banks poses, when an RE has taken no measures to verify a foreign financial institution's name and address this constitutes a complete violation of the requirement, therefore the maximum penalty of $1,000 per instance will apply.

When the methods used to verify the information are not in line with the methods set out in the PCMLTFR, or when an RE fails to completely adhere to them, the requirement has not been met. As a result, the harm to achieving the objectives of the Act and FINTRAC's mandate is the same as that of a complete violation, therefore the same penalty ($1,000 per instance) will apply. FINTRAC will consider mitigating factors in its determination of the penalty.  For example, there have been no financial transactions or activities conducted with that foreign financial institution at the time that the non-compliance was discovered, or corrective measures were taken before any financial transactions or activities were conducted.

4.4 Violations related to ascertaining prescribed information in respect of a foreign financial institution

Correspondent banking relationships with foreign financial institutions that have AML/ATF policies and procedures in place help safeguard Canada's financial system from ML and TF. When foreign financial institutions do not have AML/ATF policies and procedures in place, the risk of exposure to ML/TF offences is heightened for REs transacting with them under correspondent banking relationships. This risk can be further heightened when foreign financial institutions have received civil or criminal penalties related to violations of AML/ATF requirements. 

Table 5—Violations related to ascertaining prescribed information in respect of a foreign financial institution
Provision of the Act

Provision of the PCMLTFR

Description Classification of violation

9.4(1)(e)

15.1(1) and (3)

Failure of a specified entity to take reasonable measures to ascertain whether a prescribed foreign entity with whom it has entered into a correspondent banking relationship has in place prescribed policies and procedures and, if they are not in place, to take prescribed measures

Minor
$1-$1,000

9.4(1)(a)

55.1(b)

Failure of a financial entity that enters into a correspondent banking relationship with a foreign financial institution to take reasonable measures to ascertain, in the prescribed manner, prescribed information in respect of the foreign financial institution and to conduct prescribed monitoring

Minor
$1-$1,000

4.4.1 Harm done in the case of violations related to ascertaining prescribed information in respect of a foreign financial institution

Financial entities entering into a correspondent banking relationship with foreign financial institutions must take reasonable measures to ascertain whether the foreign financial institutions have AML/ATF policies and procedures, including those for approval of new account openings, and whether there are any civil or criminal penalties that have been imposed. If the foreign financial institution does not have the required policies and procedures, or if there has been a civil or criminal penalty imposed, then the Canadian financial entity must take reasonable measures to conduct ongoing monitoring of all transactions under the correspondent banking relationship, for the purpose of detecting transactions that must be submitted as a Suspicious Transaction Report (STR). Not meeting these requirements could signify that the ML/TF risks posed by the correspondent banking relationship are not managed effectively, which can result in unreported suspicious transactions, a loss of financial intelligence and other non-compliance issues. This impedes the achievement of the objectives set out in subparagraph 3(a)(ii) and paragraph 40(b) of the Act.

4.4.2 Penalty determination for violations related to ascertaining prescribed information in respect of a foreign financial institution

The potential harm is highest when an RE fails to take reasonable measures to determine whether the above circumstances apply to a correspondent banking relationship. If ongoing monitoring is not conducted on a foreign financial institution that has no AML/ATF procedures in place, or the foreign financial institution has received civil or criminal penalties for non-compliance with AML/ATF requirements, the prescribed maximum penalty of $1,000 per instance applies.

FINTRAC will consider mitigating factors in its determination of the penalty. For example, FINTRAC will consider whether very limited financial services (or none) have been provided to the foreign financial institution; or whether ongoing monitoring is in place for all transactions, including those conducted under the correspondent banking relationship. In these cases, FINTRAC may consider a penalty amount that is lower than the maximum prescribed. 

4.5 Violations related to ascertaining that a foreign financial institution meets client identification requirements

Regulatory requirements are designed to identify individuals and entities that conduct, control, direct, or are involved in financial transactions in order to remove anonymity. The requirements extend to the clients of foreign financial institutions who can access Canada's financial system through a correspondent banking relationship. REs that allow clients of foreign financial institutions direct access to their accounts must take reasonable measures to find out if the foreign financial institutions apply the requirement to verify client identity and confirm the existence of entities in a manner that is consistent with the Act and its regulations. The REs must also take reasonable measures to find out if the foreign financial institutions agree to provide client identification data upon request. 

Table 6—Violations related to ascertaining that a foreign financial institution meets client identification requirements
Provision of the Act

Provision of the PCMLTFR

Description Classification of violation

9.4(1)(a)

55.2(a)

Failure of a financial entity that enters into a correspondent banking relationship with a foreign financial institution to take reasonable measures to ascertain whether the institution has met the prescribed requirements

Minor
$1-$1,000

9.4(1)(a)

55.2(b)

Failure of a financial entity that enters into a correspondent banking relationship with a foreign financial institution to take reasonable measures to ascertain whether the institution has agreed to provide customer identification data

Minor
$1-$1,000

4.5.1 Harm done in the case of violations related to ascertaining that a foreign financial institution meets client identification requirements

Failing to comply with the requirements described above potentially allows the clients of foreign financial institutions to conduct financial transactions directly through the RE, allowing them to move funds through Canada anonymously. This increases the Canadian financial system's exposure to ML/TF risk, because REs would not be able to identify the true beneficiaries of transactions. This violation contravenes the objectives set out in subparagraph 3(a)(i), paragraphs 3(c) and 40(e) of the Act and its regulations.

4.5.2 Penalty determination for violations related to ascertaining that a foreign financial institution meets client identification requirements

If an RE fails to take reasonable measures to find out if a foreign financial institution has met client identification requirements in keeping with sections 54 and 64 of the PCMLTFR, or if client identification data will be provided upon request, there is a high likelihood that individuals and entities that conduct, control, direct, or are involved in financial transactions in Canada through a correspondent banking relationship would not be identified. Therefore, the prescribed maximum penalty of $1,000 per instance applies.  

FINTRAC will consider mitigating factors in its determination of the penalty. This could include when an RE has not transacted with the foreign financial institution or the clients did not have direct access to the accounts under the correspondent banking relationship. Another example of a mitigating factor would be if the foreign financial institution ultimately meets the client identification standards set out in the PCMLTFR through other means or processes.   

4.6 Violations related to correspondent banking relationships records

See the guide on harm done assessment for record keeping violations for the harm rationale and penalty calculation for the violations below.

Table 7—Violations related to correspondent banking relationships records
Provision of the Act

Provision of the PCMLTFR

Description Classification of violation

9.1(4)(a)

15.1(1) and (2)

Failure of a specified entity entering into a correspondent banking relationship with a prescribed foreign entity to keep a prescribed record.

Minor
$1-$1,000

9.4(1)(d)

15.1(1)

Failure of a specified entity entering into a correspondent banking relationship with a prescribed foreign entity to set out in writing their obligations and those of the foreign entity in respect of the correspondent banking services

Minor
$1-$1,000

5. Violations related to requirements for foreign branches and subsidiaries

This section outlines FINTRAC's approach to the violations related to requirements for foreign branches and subsidiaries, including the harm assessments and penalty calculations.

5.1 Violations related to compliance policies for foreign branches and subsidiaries

The requirement for certain RE sectors to hold their foreign operations to the same compliance standards as those in Canada supports the objective under paragraph 3(a) of the Act to detect, prevent and deter ML/TF. It also fulfills Canada's international commitments to fight transnational crimes as per paragraph 3(c) of the Act.  

Table 8—Violations related to compliance policies for foreign branches and subsidiaries
Provision of the Act Description Classification of violation

9.7(1)

Failure to develop policies that establish requirements similar to those of sections 6, 6.1 and 9.6 of the Act and to ensure that foreign branches and foreign subsidiaries apply those policies

Serious
$1-100,000

9.7(2)

Applying policies that establish requirements similar to those of sections 6, 6.1 and 9.6 of the Act before they are approved by a board of directors

Serious
$1-100,000

5.1.1 Harm done in the case of violations related to compliance policies for foreign branches and subsidiaries

Failing to develop policies that meet the requirements similar to those of sections 6, 6.1 and 9.6 of the Act leaves foreign branches and foreign subsidiaries vulnerable to ML/TF, ultimately posing a risk to the RE in Canada as well, given the possibility of overlapping services and accounts. This results in the possibility of anonymous transactions being conducted across borders without the accountability and structure to ensure group-wide compliance. Also, the necessary information and records to support client identification, risk assessments, ongoing monitoring, and transaction reporting would be missing. This could ultimately result in suspicious transactions not being detected and reported to FINTRAC to support investigations and prosecutions of ML/TF offences. 

5.1.2 Penalty determination for violations related to compliance policies for foreign branches and subsidiaries

We use the penalty calculation for compliance program violations to address the failure to develop and apply compliance policies for foreign branches and subsidiaries. Refer to the guide on harm done assessment for compliance program violations for harm standards and penalty determinations.

5.2 Violation related to policies and procedures for the exchange of information between affiliated entities

The Act requires the development and application of policies and procedures on the exchange of information between REs and affiliated domestic or foreign entities for the purpose of detecting and deterring ML/TF offences, and assessing the risk of ML/TF offences. This coordinated approach makes for effective customer due diligence (CDD) and ML/TF risk management.

Table 9—Violation related to policies and procedures for the exchange of information between affiliated entities
Provision of the Act Description Classification of Violation

9.8(1)

Failure of an entity to develop and apply policies and procedures related to the exchange of information between it and affiliated entities

Serious
$1-100,000

5.2.1 Harm done in the case of a violation related to policies and procedures for the exchange of information between affiliated entities

Failing to develop and apply policies and procedures for the exchange of information between affiliated entities could leave Canada's financial system vulnerable to abuse. The objectives set out in the Act are not being met when measures are not taken to detect ML/TF activities (paragraph 3(a)), to assist in fulfilling Canada's international commitments to fight transnational crime (paragraph 3(c)), and to enhance Canada's capacity to take targeted measures to protect its financial system and mitigate the risk of being used for ML/TF activities (paragraph 3(d)).

5.2.2 Penalty determination for a violation related to policies and procedures for the exchange of information between affiliated entities

If there are no policies and procedures in place for the exchange of information between affiliated entities, the RE could be vulnerable to ML/TF risks through the affiliated entities' compliance gaps. When the required policies and procedures are non-existent, the maximum prescribed penalty amount of $100,000 applies because this poses the highest level of risk. 

FINTRAC will consider mitigating factors when determining the penalty. For example, after considering the completeness of policies and procedures on the exchange of information, the roles and responsibilities for the exchange of information, and the timeliness and frequency of exchanges, it may consider a penalty that is lower than the maximum prescribed. 

5.3 Violations related to record keeping and notification for foreign branches and subsidiaries

In order to mitigate the potential ML/TF risks to Canada's financial system stemming from financial interactions with foreign entities, REs must ensure that their overseas operations hold AML/ATF compliance standards similar to those of Canada. However, it is possible that the laws in a foreign jurisdiction may prohibit or conflict with the record keeping, identity verification or other compliance requirements of the Act and its regulations. When this is the case, an exception to applying similar AML/ATF compliance standards is justifiable.  REs must keep a record of the facts and reasons why the foreign branch or subsidiary cannot apply a compliance policy. They are also required to notify FINTRAC and their principal supervisory/regulatory body under federal or provincial law of these facts and reasons within a reasonable time. The record of the facts and reasons demonstrates the RE's compliance with the requirement and allows the RE the opportunity to thoroughly assess the types of ML/TF risks associated with its foreign branches/subsidiaries, the reasons why a compliance policy cannot be applied, and the mitigation measures needed. Notifying FINTRAC and other government supervisory/regulatory bodies of the facts and reasons also fulfills the international commitment to support the fight against ML/TF crimes.

Table 10—Violations related to record keeping and notification for foreign branches and subsidiaries
Provision of the Act Description Classification of Violation

9.7(4)

Failure to keep and retain a record of the fact that a foreign branch or foreign subsidiary cannot apply a policy and of the reasons why it cannot do so or to notify the Centre and the principal supervisory or regulating agency or body within a reasonable time

Minor
$1-$1,000

11.44(2)

Failure to keep and retain a record of the fact that a foreign branch or foreign subsidiary cannot comply with a ministerial directive and of the reasons why it cannot do so or to notify the Centre and the principal supervisory or regulating agency or body within a reasonable time

Serious
$1-$100,000

5.3.1 Harm done in the case of violations related to record keeping and notification for foreign branches and subsidiaries

Failing to keep a record of the fact that a foreign branch or subsidiary cannot comply with and AML/ATF policies and the reasons why it cannot do so, and failing to report it to FINTRAC and the supervisory/regulatory body, can result in ML/TF risks and AML/ATF gaps through the RE's operations in foreign jurisdictions. When the non-compliance of a foreign branch or subsidiary is not detected, understood, assessed and mitigated, it presents significant risk. This failure could interfere with Canada's understanding of the ML/TF and compliance risks associated with a foreign jurisdiction and could affect Canada's international commitments to fight against ML/TF. 

5.3.2 Penalty determination for violations related to record keeping and notification for foreign branches and subsidiaries

FINTRAC has identified four levels of harm related to these violations based on the RE's and Canada's ability to understand, assess and mitigate ML/TF risks related to foreign operations. The above-mentioned penalty ranges ($1 to $1,000 for compliance policy violations, and $1 to $100,000 for Minister's directive violations) are divided into four even intervals to show the various levels of harm. The highest harm category for both violations is assigned the prescribed maximum amounts of $1,000 and $100,000. The lowest of the four levels of harm has a penalty determination of $250 and $25,000. Penalty amounts may be reduced based on mitigating factors; however, they must be enough to encourage a change in compliance behaviour. 

The table below details the levels of harm, the types of non-compliance and the description of harm along with their corresponding penalties. 

When deficiencies fall into more than one harm category, the penalty is determined at the highest harm category, and is not cumulative. 

Table 11—Levels of harm and penalties for violations related to record keeping and notification for foreign branches and subsidiaries
Level of harm

Type of non-compliance

Harm description

Penalty (not considering mitigating factors)

Compliance policy:

Minister's directive:

Level 1

No record of fact and reasons; FINTRAC and supervisor/regulator not notified

Completely impedes Canadian authorities' and the RE's ability to assess the exception and consider associated risks for mitigation measures at both the national and RE level

$1,000

$100,000

Level 2

Record of facts and reasons exists but FINTRAC and supervisor/regulator are not notified

Impedes all Canadian authorities' ability to assess the exception and consider the associated risks for mitigation measures at a national level.

$750

$75,000

Level 3

No record of fact and reasons but FINTRAC and supervisor/regulator are notified

Although the proper Canadian authorities are made aware of the exceptions, documentation deficiencies can lead to inaccurate or incomplete ML/TF risk assessments of the exceptions, leading to ineffective measures at the RE level

$500

$50,000

Level 4

Record of facts and reasons exists; FINTRAC and supervisor/regulator notified but not within a reasonable time

Diminishes the Canadian authorities' ability to assess the exception and consider the associated risks in an efficient manner

$250

$25,000

5.3.3 Level 1 harm—No record of fact and reasons; FINTRAC and supervisor/regulator not notified

When an RE makes no effort to understand the facts and reasons why a foreign branch or subsidiary cannot comply with AML/ATF standards similar to those of Canada, does not record those facts and reasons, and fails to notify FINTRAC and its supervisor or regulator; this poses the highest level of risk because the RE is not able to detect, assess and mitigate the ML/TF risk, and Canada cannot evaluate the risk on the regime at large. Therefore, the penalty is determined at the prescribed maximum, $1,000 for compliance policy violations, and $100,000 for a minister's directive violations.

5.3.4 Level 2 harm—Record of facts and reasons exists but FINTRAC and supervisor/regulator are not notified

When FINTRAC and other supervisory or regulatory bodies are not notified of the facts and reasons why a foreign branch or subsidiary cannot comply, while mitigation measures may be in place at the RE, partners in Canada's AML/ATF regime would not be aware of the risks, nor would they be able to coordinate their compliance efforts and take measures to mitigate ML/TF risks for Canada. If the foreign compliance exception had regime-wide implications, FINTRAC would not have the opportunity to consider risk mitigation measures with other stakeholders such as the Department of Finance. Therefore, the penalty is set at $750 for compliance policy violations, and $75,000 for minister's directive violations.

5.3.5 Level 3 harm—No record of fact and reasons although FINTRAC and supervisor/regulator are notified

If an RE notifies FINTRAC and its principal supervisory or regulatory body but fails to keep a record that contains accurate, complete and up-to-date information on the facts and reasons, the harm done is lesser because the proper government bodies are made aware of the exceptions. However, documentation deficiencies can lead to inaccurate or incomplete ML/TF risk assessments of the exceptions, leading to ineffective measures at the RE level. Therefore, the penalty is set at $500 for compliance policy violations, and $50,000 for ministerial directive violations.

5.3.6 Level 4 harm—Record of facts and reasons exists; FINTRAC and supervisor/regulator notified but not within a reasonable time

If a record of the facts and reasons is kept, and FINTRAC and the principal supervisory or regulatory bodies are notified, but not in a timely manner, the efficient use of the information for risk assessment and compliance purposes, at a national level, would be affected. Therefore, the penalty is set at $250 for compliance policy violations, and $25,000 for minister's directive violations.

6. Violations related to including prescribed information in prescribed electronic funds transfers (travel rule)

REs that conduct EFTs in the course of their activities must make sure that each transfer includes the name, address and account number, or other reference number of the requesting client. When an RE receives an EFT in the course of its activities, it must take reasonable measures to ensure that any transfer includes the same information.

Information that identifies the parties to a transaction is essential in establishing the origin and the flow of funds which are needed for analysis, investigations and the prosecution of ML/TF offences. The information can be used by the RE for risk assessment, transaction reporting and other compliance requirements, where applicable.

Table 12—Violations related to including prescribed information in prescribed EFTs (travel rule)
Provision of the Act

Provision of the PCMLTFR

Description Classification of Violation

9.5(a)

66.1(1) and (2)

Failure of a prescribed person or entity to include prescribed information in prescribed electronic funds transfers

Minor
$1-$1,000

9.5(b)

66.1(1) and (2)

Failure of a prescribed person or entity to take reasonable measures to ensure that any transfer that the person or entity receives includes prescribed information

Minor
$1-$1,000

6.1 Harm done in the case of violations related to including prescribed information in prescribed EFTs (travel rule)

If the prescribed information is missing from a transfer, the harm is the same as the harm posed by not keeping a record. See the guide on harm done assessment for record keeping violations for the harm rationale.

6.2 Penalty determination for violations related to including prescribed information in prescribed EFTs (travel rule)

The harm of not including prescribed information in a prescribed EFT is the same as the harm posed by not keeping a record, therefore the same penalty applies. See the guide on harm done assessment for record keeping violations for the penalty determination.

7. Violations related to the requirement to assist FINTRAC

This section outlines FINTRAC's approach to the violations related to the requirement to assist FINTRAC in its mandate of ensuring compliance, including the harm assessment and penalty calculation.

7.1 Violations related to the requirement to provide an authorized person with reasonable assistance and information reasonably required, or provide information in accordance with a notice

FINTRAC is mandated to ensure REs' compliance with Parts 1 and 1.1 of the Act. In order to fulfill this mandate, it is essential for FINTRAC to have reasonable assistance from REs and access to reasonably required information when conducting compliance activities, like examinations.

Table 13—Violations related to the requirement to provide an authorized person with reasonable assistance and information reasonably required, or provide information in accordance with a notice
Provision of the Act Description Classification of Violation

62(2)

Failure to give reasonable assistance and information reasonably required to an authorized person

Serious
$1-$100,000

63.1(2)

Failure to provide, in accordance with a notice, documents or other information reasonably required by an authorized person

Serious
$1-$100,000

7.2 Harm done in the case of violations related to the requirement to provide an authorized person with reasonable assistance and information reasonably required, or provide information in accordance with a notice

Failing to give an authorized person reasonable assistance and to provide them with any information with respect to the administration of Part 1 and 1.1 of the Act and its regulations, or in accordance with a served notice, interferes with FINTRAC's compliance activities and its mandate under subsection 40(e) of the Act. These activities include examination planning and outreach. If FINTRAC is unable to ensure compliance, the regime's ability to detect, prevent and deter ML/TF and to mitigate risk is affected. FINTRAC cannot maintain a database of transaction reports or it cannot ensure the proper client identification and record keeping measures are in place in support of financial intelligence for investigations and prosecutions of ML/TF offences.

7.3 Penalty determination for violations related to the requirement to provide an authorized person with reasonable assistance and information reasonably required, or provide information in accordance with a notice

When an RE does not give reasonable assistance, the information reasonably required, or provide the information reasonably required in accordance with a notice, FINTRAC's ability to effectively and efficiently ensure compliance with the Act and its regulations is affected. This shows an RE's unwillingness to cooperate, or an attempt to operate outside of the Act and its requirements. Therefore, this violation results in the prescribed maximum penalty of $100,000. FINTRAC will consider mitigating factors in its determination of the penalty.

Date Modified: