Financial entities must fulfill specific obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations to help combat money laundering and terrorist financing in Canada. Under the PCMLTFA, financial entities include:
- All Canadian banks, foreign banks in Canada, and full service and lending foreign bank branches in Canada. These entities are established under Canada’s Bank Act and are regulated by the Office of the Superintendent of Financial Institutions (OSFI);
- Financial services cooperatives, savings and credit unions and caisses populaires that are regulated by a provincial Act; as well as credit union centrals when they provide services to anyone other than a member institution;
- Trust companies and loan companies that are regulated under the federal Trust and Loan Companies Act, or that are regulated by a provincial Act that is equivalent to the Trust and Loan Companies Act;
- Departments, agents and mandataries of the Crown that accept deposit liabilities when providing financial services to the public. Deposit liabilities are amounts that are left with the agent or mandatary of the Crown, but that the agent or mandatary of the Crown owes to the person or entity that left the funds.
The financial entities described above are responsible for providing FINTRAC with certain transaction reports, for implementing a compliance program and for keeping records that may be required for law enforcement investigations. Their obligations under the PCMLTFA and associated Regulations are described below.
A comprehensive and effective compliance program is the basis of meeting all of your obligations under the PCMLTFA and associated Regulations. During a FINTRAC examination, it is important to demonstrate that the required documentation is in place and that employees, agents, and all others authorized to act on your behalf are well trained and can effectively implement all the elements of your compliance program. A senior officer must approve the compliance program and the compliance officer must have the necessary authority to carry out the requirements of the program. You must:
- Appoint a compliance officer responsible for the implementation and oversight of the compliance program;
- Develop and apply written compliance policies and procedures that are kept up to date and approved by a senior officer;
- Apply and document a risk assessment, including mitigation measures and strategies;
- Develop and maintain a written training program for employees, agents, and others authorized to act on your behalf; and
- Review your compliance program (policies and procedures, risk assessment and training program) every two years for the purpose of testing its effectiveness.
See Compliance program requirements, the Risk-based approach guide and the Risk-based approach workbook for credit unions/caisses populaires for more information on these obligations.
Know your client
As a financial entity, you must verify the identity of clients for certain activities and transactions according to the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR). Part of knowing your client includes following the methods to identify clients, as well as conducting certain additional activities as listed below:
- When to identify individuals and confirm the existence of entities – Financial entities;
- Methods to identify individuals and confirm the existence of entities;
- Business relationship requirements;
- Ongoing monitoring requirements;
- Beneficial ownership requirements;
- Third party determination requirements; and
- Politically exposed persons and heads of international organizations – Financial entities.
Financial entities are required to complete reports about certain transactions and property and submit them to FINTRAC. Financial transaction reports are critical to FINTRAC’s ability to analyze transactions in order to develop financial intelligence that is disclosed to law enforcement and partner agencies. Therefore, the quality of your reporting will be reviewed by FINTRAC in examinations.
Suspicious transactions: Within 30 days of determining that there are reasonable grounds to suspect that a transaction or an attempted transaction is related to the commission or attempted commission of a money laundering or terrorist financing offence, you must submit a suspicious transaction report (STR). The following STR guidance pieces explain how to identify and report STRs and all three should be read together. See What is a suspicious transaction report?, Reporting suspicious transactions to FINTRAC and Money laundering and terrorist financing indicators - Financial entities.
Terrorist property: When you know that property in your possession or under your control is owned, controlled by or on behalf of a terrorist or a terrorist group, you must submit a report without delay. You must also submit a report to the Royal Canadian Mounted Police (RCMP) and the Canadian Security Intelligence Service (CSIS). See Guideline 5: Submitting Terrorist Property Reports.
Large cash transactions: When you receive $10,000 CAD or more in cash (including taxes or other fees) either in a single transaction or in multiple transactions within a 24-hour period, you must submit a report within 15 calendar days. See Guideline 7A: Submitting Large Cash Transaction Reports to FINTRAC electronically and Guideline 7B: Submitting Large Cash Transaction Reports to FINTRAC by paper.
Alternative to large cash transactions: If you are a bank, credit union, caisses populaire, trust company, loan company or agent of the Crown that accepts deposit liabilities, you may choose the alternative to large cash transaction reporting for corporate clients that meet specific conditions. See Guideline 9: Alternative to Large Cash Transaction Reports to FINTRAC.
Electronic funds transfers: When you send or receive client-initiated instructions to transfer $10,000 CAD or more internationally; either in a single transaction or in multiple transactions within a 24-hour period, you must submit a report within 5 business days. See Guideline 8A: Submitting non-SWIFT Electronic Funds Transfer Reports to FINTRAC electronically, Guideline 8B: Submitting SWIFT Electronic Funds Transfer Reports to FINTRAC and Guideline 8C: Submitting non-SWIFT Electronic Funds Transfer Reports to FINTRAC by paper.
If you have a computer and an internet connection, you must submit all reports to FINTRAC electronically, except Terrorist Property reports, which can only be submitted on paper.
You are responsible for keeping certain account, transaction and client identification records. These records are to be kept in such a way that they can be provided to FINTRAC within 30 days if required to do so. See Record keeping for financial entities for details.
Correspondent banking relationships
If your business enters into a correspondent banking relationship with a foreign financial institution, you have specific obligations related to this agreement. See Correspondent banking relationship requirements.
Foreign branches, subsidiaries and affiliates
If you have foreign branches, foreign subsidiaries or affiliates, you have to develop policies to establish requirements similar to your record keeping and retention, client identity verification, and your compliance program requirements. Furthermore, your compliance program must include an assessment of money laundering and terrorist activity financing risk related to the foreign branch, subsidiary or affiliate’s operations, and implement risk mitigation controls when the risk is considered to be high. See Foreign branches, subsidiaries and affiliates requirements.
Penalties for non-compliance
Non-compliance with Part 1 or 1.1 of the Proceeds of Crime (Money Laundering) Terrorist Financing Act may result in criminal or administrative monetary penalties.
FINTRAC has created a Guidance glossary that defines certain terms used throughout its guidance documents.
- Date Modified: