Corporate Information

Raison d’être, mandate and role: who we are and what we do

Raison d’être

The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) is Canada's financial intelligence unit (FIU). The Centre assists in the detection, prevention and deterrence of money laundering and the financing of terrorist activities. FINTRAC's financial intelligence and compliance functions are a unique contribution to the safety of Canadians and the protection of the integrity of Canada's financial system.

FINTRAC acts at arm's length and is independent from the police services, law enforcement agencies and other entities to which it is authorized to disclose financial intelligence. It reports to the Minister of Finance, who is in turn accountable to Parliament for the activities of the Centre.

Mandate and role

FINTRAC was established by, and operates within the ambit of, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its Regulations. The Centre is one of several domestic partners in Canada's anti-money laundering and anti-terrorist financing (AML/ATF) regime, which is led by the Department of Finance.

Vision

To be the leader in the exploitation of financial intelligence.

Responsibilities

FINTRAC fulfills its mandate by engaging in the following activities:

In addition, FINTRAC is part of the Egmont Group, an international network of FIUs that collaborate and exchange information to combat money laundering and terrorist activity financing. FINTRAC also contributes to other multilateral fora such as the Financial Action Task Force (FATF), the Asia-Pacific Group on Money Laundering (APG) and the Caribbean Financial Action Task Force (CFATF), participating in international policy making and the provision of technical assistance to other FIUs.

FINTRAC is headquartered in Ottawa, with regional offices located in Montréal, Toronto, and Vancouver.

Protecting the Privacy of Canadians

The protection of the personal information entrusted to FINTRAC is an overarching and fundamental consideration in all aspects of the Centre's operations. The PCMLTFA provides the framework for the management, disclosure and destruction of all information contained in the Centre's transaction reports and other records. All facets of FINTRAC's operations are subject to rigorous security measures that ensure the safeguarding of the Centre's physical premises and IT systems, including the handling, storage and retention of all personal and other sensitive information under its control.

The legislation also establishes that FINTRAC can only make a financial intelligence disclosure to prescribed police and to other disclosure recipients listed in the PCMLTFA when specific legal thresholds are met. Furthermore, the PCMLTFA clearly defines what information shall be disclosed. Any other disclosure or improper use of information is prohibited and can result in severe penalties, including a fine of up to $500,000 and/or up to five years' imprisonment.

As part of its outreach efforts, FINTRAC provides guidance and training to reporting entities on the importance of submitting information in accordance with the requirements in the legislation and regulations.

As required pursuant to the PCMLTFA, the Office of the Privacy Commissioner (OPC) reviews FINTRAC's information protection measures every two years. The third review of the OPC was published in September 2017. FINTRAC has accepted the Privacy Commissioner's recommendations and will use them to further strengthen its comprehensive approach to safeguarding the personal information of Canadians.

Operating context

The world's financial systems are rapidly evolving. With the advent of agile methodologies, big data, predictive analytics, distributed systems, and new payment platforms and digital currencies, the financial services industry is seeing an unprecedented level of digital disruption. In particular, FinTech – the name given to start-ups and more established companies using technology to make financial services more effective and efficient – is expanding rapidly, blurring the industry's boundaries and forcing both banking officials and regulators to address issues of changing payment systems and mobility.

With the increasing speed of change and the application of technology challenging traditional concepts of privacy, data security and ownership there is an increasing risk that organized crime groups, cyber criminals, human traffickers and terrorist organizations, among others, may be growing more sophisticated, seeking to manipulate any vulnerability in the financial system which would allow them to integrate the proceeds of their crimes into the legitimate economy. More so, serious and organised crime has sought to exploit professional facilitators to support the growth of their criminal enterprises, conceal illicit wealth and frustrate law enforcement efforts.

Similarly, terrorism is an enduring global challenge that continues to evolve. Technology is facilitating online radicalisation as well as terrorist funding. Attacks by small groups or lone actors are increasingly becoming more common in western countries. Terrorist groups and lone actors are seeking to exploit financial services and products to fund travel to and activities in conflict zones.

Amendments to the PCMLTFA in 2014 and 2015 enhanced FINTRAC's ability to disclose financial intelligence to regime partners on threats to the security of Canada and provided the Centre with the ability to disclose information to provincial securities regulators. With the implementation of Budget 2014 and 2015, the Government also announced that new regulations would be developed, including in relation to foreign money services businesses, prepaid access products and entities dealing in virtual currencies.

FINTRAC continues the process of aligning its operations and business processes to increase its efficiency and effectiveness. The transformation of the Centre's analytics system is a key priority of FINTRAC's transformation agenda and its impact will be sweeping and long lasting.  The new analytics system is expected to be in production in 2018-19 and will bring efficiency through the automation of manual work and allow for the full use of the Centre's data and knowledge.

Key risks

As Canada's financial intelligence unit and a partner in Canada's AML/ATF regime, FINTRAC operates in a dynamic, constantly changing environment. In seeking to be proactive in identifying risks and opportunities, FINTRAC must anticipate and assess internal and external risk factors that can affect the design and delivery of its programs and the achievement of its strategic outcome.

In recent years, FINTRAC has broadened its understanding of the corporate risks associated with its operational environment. In general, these risks are well identified and the associated risk response activities are integrated and stable. FINTRAC's current risk management strategies aim to reduce the probability of occurrence and provide a greater level of comfort with the remaining risk exposure.

FINTRAC's approach to the identification, assessment and management of risks supports the use of risk information on a systematic and continuous basis and allows for oversight and collaboration in managing common risk elements.

Key risks
Risks Risk response strategy Link to the department’s Core Responsibilities Link to mandate letter commitments or to government wide and departmental priorities
Business Processes and Systems Risk – There is a risk that FINTRAC's business processes and systems may not be able to deliver on the Centre's current mandate or adapt to future innovations and enhancements in business requirements.

In the context of an ever-changing technology landscape and the rapidly evolving threat posed by money laundering and terrorism financing, FINTRAC must continuously modernize its business processes and systems to safely receive, protect, optimize and dispose of its information assets. To ensure that FINTRAC's business processes and systems support the Centre's ability to deliver its programs, FINTRAC employs many important safeguards and controls, including:

  • Conducting technical analysis to ensure the Centre has the tools and resources required to address day-to-day operational issues and to provide input into future business processes and systems;
  • Implementing a five-year Investment Plan, including continuous investment in infrastructure;
  • Submitting a three-year IT Plan to TBS, highlighting all IM/IT initiatives and where SSC support may/will be required. Prioritization information is also submitted to TBS, along with the IT Plan;
  • Working closely with SSC and partners concerned with protecting National Security to identify potential synergies; and
  • Optimizing business process through the operationalization of new analytical system.
  • Compliance with Anti-Money Laundering and Anti-Terrorism Financing Legislation and Regulations
  • Production and Dissemination of Financial Intelligence
  • Internal Services

FINTRAC priority:

  • Modernize analysis and systems to support an ever-changing environment

Budget 2017:

  • Strengthening Canada's Anti-Money Laundering and Anti-Terrorist Financing Regime
  • Preparing for the Digital Economy
  • Canada's Digital Future
Resource Management Risk – There is a risk that FINTRAC will be unable to attract and retain an adaptable, skilled and engaged workforce, and equip them with the tools and resources needed to successfully deliver programs and services.

FINTRAC places a strong focus on the effective management of both human and financial resources especially during periods of change and transformation. As a small organization, FINTRAC faces many challenges and limitations regarding its human resources capacity and its flexibility to cash manage funds. To ensure that FINTRAC can manage its resource management risks, particularly through periods of transformation, and ensure the effective stewardship of public resources, the Centre employs a range of controls, including:

  • HR planning strategies that include demographics analysis, staffing forecasts, and succession planning to anticipate and respond to capacity and change management issues;
  • Comprehensive resource management framework, including forecasts and spending review;
  • Budget and workforce discussions at Management Committees; and
  • Monitoring, analysis and advice of Financial and HR Advisors to support program and service management.
  • Compliance with Anti-Money Laundering and Anti-Terrorism Financing Legislation and Regulations
  • Production and Dissemination of Financial Intelligence
  • Internal Services

FINTRAC priorities:

  • Grow our talent
  • Renew our workforce
  • Facilitate partner collaboration to achieve common objectives
Security and Privacy Risk – There is a risk that the information entrusted to FINTRAC may be improperly accessed, used, obtained and/or compromised.

FINTRAC employs a comprehensive suite of safeguards and controls to address security and privacy risk from both internal and external threats. Some of the most important of these include:

  • FINTRAC's Personnel Security Program ensures that all personnel and contractors are screened to appropriate levels;
  • Information Management and Security programs that provide direction and guidance on the capture, storage, protection, access to, classification, dissemination and eventual disposition of all information;
  • Business Continuity Plans are in place for all critical functions or services with strategies and action plans to mitigate the impact of any incident and resume operations in a reasonable amount of time; and
  • A Privacy Management Framework is in place to ensure that privacy protection is reflected in all aspects of program operations.
  • Compliance with Anti-Money Laundering and Anti-Terrorism Financing Legislation and Regulations
  • Production and Dissemination of Financial Intelligence
  • Internal Services

FINTRAC priorities:

  • Modernize analysis and systems to support an ever-changing environment
  • Facilitate partner collaboration to achieve common objectives

Budget 2017:

  • Protecting Canadians and Canada's Critical Infrastructure

Back to Departmental Plan

Date Modified: