PROCESSING...

Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Micro Deposits & Micro Withdrawals

The Big DisclaimerAmber looking at laptop blank screen

We’re not lawyers and nothing that we write should be considered a legal opinion. Whether or not a solution will be acceptable to your regulators will always depend on your implementation and documentation – please contact us if you need help with either.

Background

There are a limited number of ways for Canadian reporting entities to identify individuals without meeting face to face. Previously, we have sought opinions from the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) on whether or not micro deposits and micro withdrawals could be used to confirm a customer’s identity. Until recently, the answer had been no. We reached out to FINTRAC again on the issue after learning that technology had evolved in a way that could meet the requirements. We’re pleased to share with you that FINTRAC is of the opinion that – given the right technology conditions – micro deposits and micro withdrawals can indeed be used to confirm a customer’s identity.

Confirmation Of A Deposit Account

The methods that can be used to confirm a customer’s identity are listed in Schedule 7 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR). (Since this post was written, Schedule 7 has been repealed and replaced by FINTRAC’s Methods to Identify Individuals). The “Confirmation of a Deposit Account Method” involves confirming that the person has a deposit account (this means a chequing or savings type of account) with a Canadian financial entity (this means a bank, credit union or caisse populaire). To use this method, reporting entities must keep a record of the name of the financial entity where the account is held, the account number and the date of the confirmation.

The key elements of this method involve determining that the account belongs to the person that you are trying to identify and determining that the account is indeed a chequing or savings type of account.

Micro Deposits and Micro Withdrawals

Previously, micro deposits and micro withdrawals were viewed as failing on both of these key elements. Confirming the amount of a micro transaction proved that a person had access to the account, but not that they owned the account. It was also viewed as impossible to determine the type of account (for instance the account may have been a line of credit that had a similar account number structure).

Fortunately, technology has advanced and some payment processors are able to conduct name matching (in some cases, payments are even stopped if there isn’t a match) as well as the type of account. Not all payment processors may have the capabilities, but if you’re looking for a way to automate some of your non face-to-face customer identification, this could be an option.

Implementation Checklist

We’ve broken down the implementation into seven key questions. If you’re able to answer yes in each case, you’re likely to be ready to implement micro deposits or micro withdrawals as an identification method.

  1. Does my payment processor conduct name matching (our client’s name against the account being debited or credited) and what confirmation do we receive of a match?
  2. Is our system set up to keep a record that demonstrates that the name was matched?
  3. Does my payment processor have access to the account type when an account is being debited or credited and can they pass that information to us and/or confirm for us that the account is a deposit account?
  4. Is our system set up to keep a record of the type of account or confirmation that the account is a deposit account?
  5. Is our system set up to keep a record of the name of the financial entity where the account is held?
  6. Is our system set up to keep a record of the account number?
  7. Is our system set up to keep a record of the date of the confirmation?

In addition to this list, you should also give some thought to what happens when identification fails (for example if the name doesn’t match or the account isn’t the right type). You’ll need to consider an alternative way to identify your client, and you probably don’t want their account stuck in limbo.

Need a Hand?

If you want to be certain that you’re meeting the standard described in this blog, or just someone to chat with to make sure that you’re on the right track please contact us.

Full Text Response

Good afternoon Ms. Scott,

Thank you for contacting the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Canada’s independent agency responsible for the collection, analysis, assessment and disclosure of information in order to assist in the detection, prevention, and deterrence of money laundering and financing of terrorist activities in Canada and abroad.

You indicated, “some payment providers have the capacity to match the customer’s name to the name on the account (and will not process transactions if there is not a match) and return information about the type of account to which the transaction was pushed.”

In light of this, you have asked whether micro-withdrawals and/or micro-deposits would be acceptable for use as confirmation of a deposit account provided that:

(a) there was a confirmed name match; and

(b) the account type was confirmed as a deposit account.

Subparagraph 64(1)(b)(ii) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) states that non-face-to-face identification can be done by using a combination of identification methods as set out in Part A of Schedule 7, the confirmation of deposit account method being one. This method of ascertaining a person’s identity consists of confirming that the person has a deposit account with a financial entity, other than an account referred to in section 62 of the PCMLTFR. For the deposit account method, paragraph 67(c) of the PCMLTFR requires that the client name, the deposit account number, the financial entity name, and the date of the confirmation be recorded. Therefore, if the payment provider confirms the client name, the deposit account number, the financial entity name, and the date of the confirmation, then yes, the micro-withdrawals and/or micro-deposits is an acceptable means to confirm a deposit account with a financial entity as per Part A of Schedule 7 of the PCMLTFR, and would satisfy one of the two combination methods required.

Please note that FINTRAC does not endorse nor advertise any products, companies, or providers of consumer information.

I trust this information will be of assistance.

Implementing 2014 AML & ATF Regulatory Changes

We’ve done many AML Compliance Effectiveness Reviews of late, and my first question to clients is always the same: have you implemented the changes that came into effect in February of this year? The answers have varied from a confident “Yes, of course!” to “What changes?” We have a simple guideline for blogs at Outlier. If we receive a question more than three times, we write about it, and we make as much useful information as possible free. We do this because we believe that knowledge is power – and that everyone should have access to it. In the spirit of making knowledge free and available, we’ve decided to share the most significant changes related to updates to the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) that came into effect earlier this year, and the solutions that we’ve implemented with our clients.

The Big Disclaimer

This blog was not written by a lawyer and shouldn’t be considered legal advice.

While our solutions have been reviewed by:

  • Outlier;
  • Our clients who have implemented these solutions; and
  • The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) (in the form of examinations conducted with our clients who have implemented these solutions),

this doesn’t guarantee that these solutions will be a perfect fit for your business. They will need to be edited and customized to suit your business model – but we think that they will point you in the right direction.

2014 PCMLTFR Changes In Brief

The most recent changes to the PCMLTFR came into effect in February of this year. Among the most significant changes were:

  • The addition of business relationships;
  • The addition of customer information updates (with more frequent updates for higher risk customers);
  • The addition of delivery channels to the risk assessment (bundled with products and services); and
  • The addition of enhanced transaction monitoring for higher risk customers.

Each of these changes has an impact on your anti-money laundering (AML) and anti-terrorist financing (ATF) program. They should be incorporated into your program documents (your policies, procedures and training) and have an impact on your operations (what you’re doing to meet these obligations).

Business Relationships

Reporting entities have a business relationship when a customer has performed any combination of transactions that requires identification and/or confirming the existence of an entity more than twice. This includes suspicious transactions and attempted suspicious transactions. When you have a business relationship with your customer, you must keep a record of the “purpose and intended nature of the business relationship.” In its simplest form, this means asking the customer the purpose of their business with you, and keeping a record of the response. This information is also useful in transaction monitoring, as it allows you to look for activity that isn’t consistent with the answer that the customer has provided.

This is something that you can ask your customer verbally (by phone is fine), by email, via a web form, by fax, or in any other way that makes sense for your business. You don’t need the customer to sign anything, but you do need to document the response. There is also flexibility in how you keep a record of the customer’s response.

If you have flexible information technology (IT) development, you can add a business relationship indicator to your system, as well as a field for the purpose and intended nature of the business relationship. Ideally, the system would detect business relationships automatically, and prompt your staff to collect information about the purpose and intended nature of the business relationship. If your business is relatively straightforward, you may even be able to develop a dropdown menu.

If your IT systems are less flexible, you’ll need to find another way to record this information. This can range from notes in the customer profile section of your client management system to an excel spreadsheet. Whichever method you use, you’ll need to think of a way to make sure that you know about all of the business relationships that exist.

You’ll also need to add a section to your program documentation that explains:

  • What a business relationship is;
  • How you know when you have a business relationship with your customer; and
  • What you do when there is a business relationship.

Your staff and agent training should also be updated to include a definition of business relationships, and your processes where you have a business relationship with your customer.

Here’s some sample language:

Business Relationships

We have a business relationship with anyone that has conducted two or more transactions that require identification (for individuals) or confirmation of the existence of an entity (for organizations). When we have a business relationship with our customer, we need to keep a record of the purpose and intended nature of their business relationship with us. Although this may seem self-evident, it is something that needs to be recorded.

Our system has been updated to prompt all staff to enter the purpose and intended nature of business relationships. This field is not optional; it must be completed whenever we have a business relationship with our customers.

We must also monitor business relationships that and keep information up to date (including customer identification, if the customer is active with us). The Compliance Officer will determine whether or not information about our customers and/or businesses relationships is up to date may contact staff for additional information.

Information Updates

Reporting entities must also keep customer information up to date. Updates should be more frequent for high-risk customers, although the PCMLTFR does not specifically prescribe how often these updates should take place. Depending on your business model and how frequently you interact with your customers, there may be significant differences in how often you perform updates.

Customer information updates refer to the customer’s name, address, email address, telephone number and occupation or principal business. Customers that are organizations are also required to confirm the organization’s beneficial ownership and director information.   This doesn’t mean that you need to collect the articles of incorporation (or other documentation that you’ve already got on file) a second time, but rather than you’re confirming with the customer that this information has not changed, or updating your records if there were any changes.

Once again, if your IT systems are flexible, you can add automatic prompts to ensure that this is completed. Anyone that uses online banking will be familiar with this the type of updates that have occurred this year. When you log into your account, you’re asked to confirm your personal details before proceeding to the banking site.

You’ll also need to add a section to your program documentation that explains:

  • What information must be updated;
  • How frequently this information is updated; and
  • How you update this information;

Your staff and agent training should also be updated to include information updates as well.

Here’s some sample language:

Customer Information Updates

Customer information updates refer to the customer’s name, address, email address, telephone number and occupation or principal business.

Customers that are organizations are also required to confirm the organization’s beneficial ownership and director information.

Inactive Customers

Inactive customers are re-identified in order to re-activate an account and conduct transactions that require identification.

Inactive customers that are required to be re-identified are also required to update their customer information.

Low & Medium-Risk Customers

Low and medium-risk customers that were identified face to face are required to update their customer information at the point that the identification document has expired.

In the case that there is no expiry date for the identification document initially provided, customer information is updated every five years.

In the case that the customer has been identified using non-face-to-face methods, customer information is updated every five years.

Low and medium-risk customers that are not recognized visually or by voice must be re-identified using either face to face or non face to face methods when they request transactions that require identification.

High-Risk Customers

High-risk customers are required to update their customer information every two years.

High-risk customers that are not recognized visually or by voice must be re-identified using either face-to-face or non face-to-face methods when they request transactions that require identification.

If the reason that a customer has been considered high-risk relates to doubts about the veracity of any of the information or identification provided, additional identification or confirmation of customer identification may be required at the Compliance Officer’s discretion.

Risk Assessment: Delivery Channels

Your Risk Assessment (that document that describes the risk that your business could be used to launder money or finance terrorism) already describes the risk related to your products and services (what you sell). This has been updated to include delivery channels (how you deliver your products and services to your customers). This should include all of the methods that you use to interact with your customers (whether they’re sales and service or service only), and a description of the risk associated with those methods. Generally speaking, high-touch delivery methods (anything that allows you to interact directly with the customer) provide more opportunities to detect potential money laundering or terrorist financing activities. This doesn’t mean that low-touch options like online ordering are bad, but it does mean that you need to have good controls in place to prevent money laundering and terrorist financing.

Your Risk Assessment should be updated to describe your “Products, Services and Delivery Channels” (rather than simply “Products and Services”). It should clearly explain how your products and services are delivered, and the risks associated with your delivery methods. The delivery methods should include all of your touch points with your customers (including things that may not be advertised, that you only do for existing customers).

Here’s some sample language:

Delivery Channels

We complete the sales process with our customers:

  • In person (at our retail/commercial locations);
  • In person (at locations other than our own premises);
  • Via mail;
  • Via phone;
  • Via fax;
  • Via internet.

In addition, we provide servicing to our customers:

  • In person
  • Via social media sites;
  • Via email; and
  • Via phone.

Our delivery channels include a mix of “high-touch” and “low-touch” options. High touch options provide us with greater opportunities to interact with our customers, observe customer behavior and ask questions. Low-touch options do not afford the same opportunities to observe behaviours. In these cases, we are more reliant on transaction monitoring and transaction review to detect unusual activity. In the case of low-touch options, we are generally able to contact the customer via our servicing channels to request additional details where the transaction is not consistent with what we know about the customer.

Enhanced Transaction Monitoring

Reporting entities are required to monitor transactions in order to identify patterns that may indicate that money laundering or terrorist financing is taking place. For higher risk customers, there must be some form of enhanced transaction monitoring. Enhanced means that it is different from the transaction monitoring that takes place for all customers. It can be different either in quality (what you do to monitor transactions) or quantity (how frequently monitoring takes place, or how unusual a transaction must be in order to generate an alert).

If you have an IT system that automatically monitors transactions and generates alerts, and there is flexibility in programming this system, you can make changes to the monitoring activities that take place based on customer risk level. If you’re monitoring transactions manually, you can incorporate enhanced transaction monitoring into the enhanced due diligence that you conduct for your high-risk customers. This can be as simple as reviewing the last two years of high-risk customer activity. Regardless of the method that you use to conduct enhanced transaction monitoring, you’ll need to update your program documentation to describe what you’re doing and what records you’re keeping.

Where transactions are monitored by an IT system, the language in your program documents should reflect the parameters set in your system. If you are monitoring transactions manually, here’s some sample language:

Enhanced Transaction Monitoring

For high-risk customers, enhanced transaction monitoring is conducted. The Compliance Officer (or a delegate) reviews the information that is on file about the customer, as well as records of the customer’s activity for the past two years. If there is activity that appears to be related to money laundering or terrorist financing, appropriate reports are filed with FINTRAC (and in the case of terrorist property, with CSIS and the RCMP).

High-risk customer accounts are reviewed at least annually, and more frequently where triggered by customer activity (for example where there is an internal report submitted to the Compliance Officer). The Compliance Officer will maintain complete records of the reviews and maintain these records for at least five years

Keeping Up To Date

Remember to document the fact that you’ve reviewed and updated your program. This can be done in a simple spreadsheet, or within the program documents. The record should include what updates were completed, when the updates were completed, and by whom the updates were approved.

Need A Hand?

If you need assistance reviewing your program, implementing the updates described in this blog, or just someone to chat with to make sure that you’re on the right track please contact us.

An Unwitting Accomplice to Money Laundering

Handcuffs 1

When many of us think of money laundering, it involves large well organised criminal organizations, like the mafia or large drug cartels. We think of elaborate schemes, with money funnelled through many layers and across international borders, numbered bank accounts off shore accounts hiding millions. While these things do happen, money laundering also happens on a much smaller scale with much less elaborate plots. Since money laundering is something that is done to hide the proceeds of crime, it can relate to any amount of money that someone do not want to be traceable back to them (because that money was obtained through illegal means). The more easily something is passed from person to person anonymously, the more easily it can be used for money laundering. High value items can be used to launder money, as they can be bought or sold on secondary markets. Because jewellery can have a high value and be passed from person, it is a potential vehicle for money laundering. Jewellers in Canada and in the USA are required to report certain transactions, and the consequences for failing to do so can be severe.

The Case

On January 14, 2014, Alan Kashi of Pittsburg, PA (USA) plead guilty to failing to file a report of currency received by non financial business. In the USA, this report is called ‘IRS form 8300 Report of Cash Payments over 10,000,’ is similar to the report that Canadian Dealers in Precious Metals and Stones (DPMSs) are required to file with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). In the Kashi case, an undercover agent purchased an expensive watch, claiming during his conversation with Alan Kashi that the money that he was using came from cocaine distribution. In addition to the charges and related press, Mr. Kashi was required to forfeit $933,075. Sentencing in the criminal case is still pending.1

Alan Kashi maintains that he was ignorant of the law and didn’t realize that he had to report large cash transactions. In order to educate others that may face the same situation, he made a YouTube video explaining what happened and as a warning to other jewellers. It can be viewed here: Filing Form 8300 Part 1 and Part 2.

An Ounce Of Prevention

Perhaps you may think that criminals would be more likely to use a large jeweller, maybe because they have such a high volume of sales going on, they might be less likely to notice something suspicious happening. However, many larger companies have high tech systems in place such as cash registers that automatically request certain information on specific types of transactions (such as large cash transactions) before the transaction can be completed. These systems are in place to make sure that they are following the law. They have many more employees and therefore likely have a well trained Compliance Officer on their staff whose specific duties are to implement and maintain compliance policies and procedures. Smaller companies may not have the money or ability to implement such technologies, making them easier targets for criminals. In the Kashi case, the owner was operating a single store; with no one working there (including him) that knew the law. Unfortunately for Mr. Kashi, being ignorant of the law is not an excuse for breaking it. Anyone running a business is responsible for knowing and abiding by any laws and regulations that apply to it. In Canada, the rules that apply to DPMSs are the same, regardless of a company’s size or sophistication. It is imperative that you know the rules that apply to you and your business.

While the example of Kashi may have happened in the USA, it is still pertinent to companies in Canada. The forms and regulators are different, but the underlying obligations are similar. . In Canada, FINTRAC requires that reporting entities such as DPMSs submit reports about any cash transactions valued at CAD 10,000 or more (within a 24-hour period) and any suspicious transactions, even if they are not over the $10,000 threshold (and whether or not the transaction was completed They require that every reporting entity has a program in place to ensure that they are in compliance. FINTRAC can also request a review of your compliance program at any time, which must be submitted within 30 days of the request. All of this may seem a bit overwhelming, especially when the financial and legal risks are so great. Fortunately, there are very basic and easy to follow steps listed below that will help you to protect your business.

What You Need To Know

All DPMSs in Canada need to have an up to date compliance program that includes:

  • A Compliance Officer,
  • Documented Policies & Procedures,
  • A Risk Assessments,
  • Training and
  • AML Compliance Effectiveness Reviews (every two years).

Your AML Program should describe the things that you are doing in order to prevent, detect and deter money laundering and terrorist financing including:

  • Identifying your customers under certain conditions and keeping customer information up to date,
  • Reporting certain transactions to FINTRAC,
  • Monitoring the transactions that take place to determine whether or not there are reportable suspicious transactions, and
  • Keeping your records (including your program documents) up to date.

Red Flags

In the Kashi case, there were many red flags that should have warned him that something was amiss. For those familiar with Canadian legislation, it may be obvious that both a suspicious transactions report and a large cash transaction report should have been filed. Would it have been obvious to the members of your staff that deal with your customers every day? It’s important to keep your training program up to date and include examples of reportable transactions, including suspicious transactions. Here are some of the red flags that you should be aware of:

  • A customer that mentions involvement in criminal activities;
  • A customer that pays a large sum in cash in a way that is unusual;
  • A customer that asks about identification requirements and changes the transaction or payment method to avoid being identified;
  • A customer that refuses to be identified and refuses to complete a transaction rather than allowing you to see their identification documents;
  • A customer that pays for a high value item in cash, then returns the item and asks for a cheque or draft.

There are many more indicators in FINTRAC’s Guideline 2: Suspicious Transactions. If you are a Compliance Officer or business owner, you should read these indicators and train your staff to be aware of the indicators that apply to your business model.

Outlier has developed compliance resources for DPMSs. You can buy and customize program components online through our website or contact us if you need immediate assistance. If you are a member of the Canadian Jeweller’s Association or Jewellers Vigilance Canada, discounts apply to you, including free resources.

1 The United States Attorney’s Office, Western District of Pennsylvania, 01/15/14. http://www.justice.gov/usao/paw/news/2014/2014_january/2014_01_15_03.html

Keeping Your Bank Happy

For many reporting entities, a growing concern has become obtaining and maintaining banking relationships.  Most, if not all, businesses need a banking relationship to survive and prosper.  If you are an individual in Canada, you are entitled to basic banking services, but it is not so for businesses.  Banks and other financial service providers choose the business customers that they will serve.  This means that the stakes can be very high for businesses shopping for a banking relationship.

As reporting entities themselves, banks and other financial services companies have similar obligations to other reporting entities.  They must understand their customers and their customer’s transactions.  There is mounting pressure for banks to conduct due diligence that includes reviewing the compliance programs of clients that are reporting entities.  As a business owner, your best defence against losing your banking relationship is making your banker’s work easier.

This isn’t something that most business owners have spent a lot of time thinking about, but a few hours every year can go a long way towards ensuring that your banking relationships keep operating smoothly.  Based on my clients (and my own) experiences, I’ve summed up a five-step plan to help you on your way, which includes links to free resources to help you get started.

Step 1:  Have A Compliance Program (and Keep It Up To Date)

All reporting entities need to have an anti money laundering (AML) and anti-terrorist financing (ATF) compliance program in place, that includes these five elements:

  1. Appoint A Compliance Officer (this is the person that is responsible for the compliance program; they should be fairly senior within your company and their appointment should be documented);
  2. Document Your Policies And Procedures (your documentation should be detailed enough to describe what you actually do, and be updated at least once a year);
  3. Create A Risk Assessment (this is a document that describes the risk that your business could be used to launder money or finance terrorism, and the controls that you have in place to prevent that from happening);
  4. Train Your Staff (this should happen at least once a year and all training sessions should be documented); and
  5. Have An AML Compliance Effectiveness Review (this is like an audit of your AML program and operations; it must be done at least every two years).

When you are creating and updating your documentation, remember that you and your staff are not the only people that will see it.  Your regulators, bankers and other people that don’t know your business the way that you do will also need to rely on your documentation.  This means that you need to write as if your reader doesn’t know your business.  Take the time to explain everything clearly.

If you need help creating a compliance program, please have a look at our resources pages for your reporting entity type or contact us.

Step 2:  Have a business plan

Your business plan should describe what you do, how you make money and include historical business volumes (for existing businesses) and predicted business volumes (for new and existing businesses).  This document should explain your business simply and clearly (to someone outside of your industry).  To make things easier for your banking service provider, you should explain the types of transactions that will go through your bank account and the estimated volumes.

Many business owners are hesitant to describe their transactions and marketing strategies in any type of document that will leave their hands.  This type of thinking can seriously harm banking relationships, especially if the bank perceives you as being secretive or evasive.  Remember that the bank needs to understand your business in order to keep you as a customer, and the easier that you can make it for them to understand, the better off you’ll be.

I’ve worked with consulting firms that charge high rates for business planning, but there is no real need to spend a lot of money creating a business plan.  There are many free resources available for Canadian businesses.  Here are some of my favourites:

Not surprisingly, the banks themselves offer many of these resources!

Step 3:  Have Contracts In Place

Any third party that is involved in your business (vendors, agents, etc) should have contracts in place, and your bankers may ask to see these agreements.  The contracts should spell out what the third party is obligated to do on your behalf and the copies of the agreements that you provide to your banker should be signed and dated by all parties.  Don’t provide original documents to your bank unless you are required to do so (often banks want copies only, as they will not be returned to you).

Many existing businesses have long-term business relationships that may never have had a formal agreement in place.  In these cases, especially if the third party is doing something like identifying customers on your behalf, you will need to get written agreements.  These don’t need to be overly complicated.  The agreement should state what all parties are required to do and when.  It can be a plain language document that you draft yourself, or something more complicated that you work on with the advice of a lawyer.  The important thing is that you have agreements in place and that they’re clear enough to allow the reader to understand how the parties are related.

Step 4:  Take The Time to Build Alliances

You don’t usually get to speak directly with your bank’s compliance department. The sales representative or branch manager is your liaison. They need to be your advocate.  In this type of scenario, a person becomes your advocate not because you’re cute or gave a nice gift but because they know, understand and can explain your business. This takes patience and time.  Remember you need them as much as they need you. Make it a no brainer for them to want you as a customer (profitable, low risk, low effort).

Your representative at the branch is your point of contact and can act as a sounding board for your documentation.  For instance, if they have requested your business plan, ask if you can walk through it with them and get their advice before it is submitted to the bank’s head office or compliance department.  Remember that they can’t write documentation for you, but they can provide excellent insights about what the bank expects to see.

Step 5:  Consider Having Audited Financial Statements Completed

In some cases, your financial service provider may require audited financial statements. Only a licensed accounting professional or firm (specifically someone with a CA or CPA) can issue this type of report in Canada.  The process involves an independent evaluation of your company’s financial statements and other documents.  The auditor expresses an opinion about your company’s financial statements, based on the audit work performed, to state if they feel that the financials are free from material errors.  This is not specific to anti-money laundering.  The audit report refers to the company’s financial risk and fraud risk, among many other topics, to give your financial service provider more comfort over the financials they are reviewing to help lower your risk profile.  While we at Outlier aren’t accountants, and don’t perform this type of work, we’re happy to recommend accounting firms that have experience with audited financial statements, including our friends at Helen Loukatos Chartered Accountant, who’ve generously given us permission to link to this Money Service Businesses Audit FAQ.

Stepping It Up

All of this is relatively simple, but it takes time.  Consider it an investment in your business.  If you need a hand getting started, please feel free to contact us.

Return to Blog Listing