PROCESSING...
Join Outlier’s David Vijan at the DIACC Executive Planery on November 6th, 2025.
The following topics will be explored during the panel discussion on “The Digital Trust Landscape: Open Banking & Client Identity Verification”:
Panel Details:
This gathering provides a unique opportunity to discuss and network with executives and leaders in the AML industry, fostering meaningful dialogue in a confidential setting guided by the Chatham House Rule.
During the session, the new regulatory updates, key topics, and challenges faced by REs in the industry will be addressed. This discussion aims to bring together decision-makers and industry experts to foster collaboration, exchange insights, and explore solutions to pressing challenges.
Details & Registration: By invitation only; further details forthcoming
Effective October 1, 2025, Canadian anti-money laundering (AML) reporting entities regulated by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) are required to report to Corporations Canada any material discrepancies identified between the beneficial ownership information that they have obtained and that is listed in Corporations Canada’s database.
This requirement was introduced to enhance the reliability of beneficial ownership information available to authorities and the public, and to reduce the opportunities for misuse of Canadian corporate structures in money laundering, tax evasion, and sanctions avoidance schemes. Since the usefulness of the beneficial ownership information depends on the accuracy of the information, amendments under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) now will require reporting entities to flag material discrepancies between the information provided by a corporation incorporated under the Canada Business Corporations Act (CBCA) and what is recorded in the registry, thereby supporting Corporations Canada in maintaining an accurate database.
A “material discrepancy” exists where beneficial ownership information collected by a reporting entity substantively contradicts what is publicly disclosed. While the regulations give limited guidance, missing beneficial owners are considered material, while minor typographical errors are not. Currently, the definition of “material” remains imprecise, which may create some uncertainty for compliance teams.
The requirement applies to reporting entities who have the existing obligation to take reasonable measures to confirm the accuracy of beneficial ownership information when they first obtain it and in the course of conducting ongoing monitoring of their business relationships.
Discrepancy reporting applies only to CBCA corporations that are active on the Corporations Canada registry.
Reporting entities are required to report a material discrepancy to Corporations Canada within 30 days after the day on which it is identified when the following criteria are met:
In these cases, reporting entities must check the Corporations Canada registry when a high-risk relationship is first identified and continue to check during ongoing monitoring of that high-risk business relationship.
If a previously reported discrepancy is identified again (i.e., during the course of ongoing monitoring) and it has not been resolved, it must be reported again. If there are other issues related to corporate status or registry info (not beneficial ownership information), this information can still be reported to Corporations Canada, but it must be done so separately. Voluntary reporting is permitted if the client is considered low-risk, but discrepancies are still found.
Reports are submitted through Corporations Canada’s online portal (accessed through the registry). The process is as follows:
For more detailed steps on reporting, you may refer to the guidance on submitting a beneficial ownership discrepancy report or the following Corporations Canada demo video, which together provide a comprehensive overview.
Note that inaccurate or incomplete reporting entity information will result in an invalid Beneficial Ownership discrepancy report. Amendments to submitted reports are currently not possible, and a new report will have to be submitted.
Reporting entities must retain the report acknowledgment and other supporting documentation as evidence of meeting obligations.
If you would like assistance in understanding what these changes mean to your business, or if you need help updating your compliance program and processes, please get in touch.
Opening remarks from Outlier Compliance Group Co-Founder and Chairperson Amber D. Scott at TCAE 2025 Toronto Compliance & AML ConferenceMany of us remember exactly where we were on this day 24 years ago.
Imagine this scenario: I was a new compliance analyst at Manulife, having started my first role after university just a month before in the Waterloo head office. I had been at my desk since 7 am when a colleague, her face streaked with tears, came by to tell our team to assemble for instructions in one of the conference rooms. There was little information, but what was known was devastating; America was under attack, on home soil.
Financial markets closed. Staff were sent home to await further instructions. When I went to my desk to pick up my handbag, my phone was ringing and I answered. It was a colleague in Toronto with mobility issues, who was not able to navigate the crowds at Union Station. So she had gone back to the office, which was now mostly empty, to wait, and she was terrified. We talked for two hours, until some of the crowds cleared.
While we were on the phone, my colleague and I would set our physical handset phones aside, and walk over to nearby meeting rooms to see if there were any updates on the news on the TVs there. It was 2001 – we couldn’t just Google it.
So much has changed since then. I think it’s fair to say that at the time, the idea of compliance was academically interesting, but if you asked me what I did – or why it mattered – neither money laundering, nor counter terrorism would have been top of mind.
But some things strike me as being eerily similar – we talked to each other that day about what was happening and what it meant. In the days that followed, the most common question asked was what can we do to help? In the months and years that followed, how do we make sure that this doesn’t happen again? We refused to be paralyzed by fear, and sought to build more resilient systems, even if these were sometimes inconvenient.
Today, while I have many more sources of information at my fingertips, I am still very reliant on people in my network when I need to understand something at a deep level. While I don’t have to put down a handset and go to the meeting room next door to see what’s on the news, I am every bit as reliant on colleagues and contacts to parse information, understand implications, and find truth.
Finding truth, in my estimation, is one of the greatest challenges of the modern era. The importance of truth cannot be overstated at a time when we are under continuous attack, pummeled with misinformation and disinformation, on a seemingly unending basis, from every possible direction, via every possible channel. On that score, I owe a huge debt to some of the folks in the room today, who have been unerring sources of insight, and of truth.
This is not an indictment of my own skills or abilities, but a call to the importance of communities, and knowledge sharing. Any one of us can be strong on our own, but no one can achieve a true level of badassery without community.
It is fitting then, that I am standing on this stage today with Souzan Ismaili, because no one builds community better than she does. Souzan is tireless in her quest to bring people together, to educate, and to create connections.
I don’t think that the importance of this work can be understated – but this is not just Souzan’s work. This is a call to action to every person here today, to build community, to find your sources of truth, and to be that Northstar for your colleagues when you can. It won’t always be easy, in fact, sometimes it will be hard – but we will always be stronger together.
The Outlier Compliance Group team is excited to welcome our newest member, Maria Shamou, as our administrative ninja.
Maria brings broad compliance knowledge complemented by over eight years of comprehensive customer service experience, paired with a strong foundation in administrative support and a strong interest in compliance along with a background in administrative support. She earned a Bachelor’s degree in Business Administration, and later completed a post-graduate program in Financial Services Compliance Administration at Seneca College. Through this program, she expanded her knowledge in anti-money laundering (AML) administration, risk management, privacy management, and financial services product knowledge. Her interest in financial services products led her to complete the Canadian Securities Course (CSC).
Maria is proud to support Outlier’s mission statement: “Good compliance is good business.”
Are you a money services business (MSB) that serves clients in Canada? Have you checked your MSB registration lately? If not, there’s no time like the present, and you can do so here.
There have been some changes to the process for updating registration information with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) that may not be immediately apparent, and further changes are forthcoming. As a reminder, when an MSBs’ information changes, including products, locations, key personnel such as the Compliance Officer, ownership, or agents, that information must be updated with FINTRAC within 30 days. MSB registration must also be renewed prior to the registration’s expiry date.
When your MSB registration information changes, the first step is to complete the change form on FINTRAC’s website and remember to submit it within 30 days of the change. This form has a number of checkboxes that must be selected, depending on the specific updates that are being requested, as well as a freeform field that can be used to provide additional information (but be brief, there is a 100-character limit). There is also an option to download and save a copy of the completed form, which should be kept as part of your AML records.
Once FINTRAC has received the form, they will reach out, usually to the email address provided in the form, with next steps. The most common next step is currently for FINTRAC to send a PDF form using Canada Post Connect (a secure portal for messages and document sharing), which must be completed and returned within a specific timeframe. As with the online registration form, you should save a copy of your completed change form.
Before your MSB registration expires, complete the renewal form on FINTRAC’s website. Remember, your MSB registration is valid for two years, and you need to renew it before it expires. This form is different from the change form, but does have a checkbox that must be selected if there are also changes to MSB registration information, as well as a freeform field that can be used to provide additional information (remember to be brief, as there is a 100-character limit). There is also an option to download and save a copy of the completed form, which should be kept as part of your AML records. You can also use the save a copy function to download a form in progress, which can be re-uploaded and completed later.
Once FINTRAC has received the form, they will reach out, usually to the email address provided in the form, with next steps. If there are changes to MSB registration information, the most common next step is currently for FINTRAC to send a PDF form using Canada Post Connect (a secure portal for messages and document sharing), which must be completed and returned within a specific timeframe. We recommend whitelisting @fintrac-canafe.gc.ca and @canadapost-postescanada.ca addresses, so that they don’t get caught in your spam filters.
In either of the above scenarios, we recommend that you always download and keep a copy of the registration details, which include the time and date when you submitted the document, so you have proof if required at a later date.
Prior to last year, MSBs received email reminders from FINTRAC when their registration was expiring, but it doesn’t seem that this is the case. You should not expect a notification from FINTRAC when your MSB registration is set to expire. We recommend setting a reminder in your calendar for 30 days before the registration expires, to make sure the form is submitted on time.
Whether you need assistance with your FINTRAC registration or AML compliance in general, you can contact us here or by email at info@outliercanada.com.
Today marks another milestone for us – 12 years since Outlier Compliance Group was founded.
What began as a bold and novel idea, building a consulting firm made up exclusively of seasoned compliance professionals with deep in-house experience, has grown into a thriving, trusted partner for clients navigating Canada’s ever-changing regulatory landscape.
Our name, inspired by Malcolm Gladwell’s “Outliers, the Story of Success” which espoused the notion that to be truly proficient in a skill, 10,000 hours of practice is required. That was the bar that was set, met, and most often exceeded by every compliance professional that joined our team over the years.
Over the years, we’ve grown, evolved, but have stayed true to our roots. We’ve learned that success comes from surrounding ourselves with exceptional people, from listening closely to our clients, and from being willing to adapt in the face of change. We’ve discovered the value of curiosity when navigating complexity, and the power of collaboration when tackling the most challenging problems.
Through it all, our mission has remained the same “good compliance is good business”. It’s the principle that guides our work, shapes our advice, and underpins every solution we deliver.
As the Canadian regulatory environment becomes increasingly complex, our mission and our learnings will play to our continued success and growth as we continue to provide top tier compliance and risk management services.
To our amazing team, past, present and future, thank you for your passion, expertise and resilience. To our clients, partners and industry peers, thank you for your trust and collaboration. Lastly, but by no means least, a special thank you to our CEO, David Vijan, and our Chairperson, Amber D. Scott, for keeping us on our toes and steering the ship with vision and purpose.
Here’s to 12 years of achievement and to the future.
BackgroundWe recently sought clarification from FINTRAC as it relates to identification requirements that Factoring Companies (Factors) must comply with.
Factors supply liquidity to a customer in exchange for the cash value of a certain amount of the customer’s accounts receivable (i.e. invoices) to be collected later by the factoring company. A factor is defined as a person or entity that is engaged in the business of factoring, with or without recourse against the assignor.
If you missed it, Factors became reporting entities under the PCMLTFA effective April 1, 2025. As a reporting entity, Factors must have in place a compliance program and comply with various requirements, including identification requirements. Please refer to our previous blog post on Factors that outlines full requirements that factors must comply with.
Factors must confirm identification using prescribed methods for individuals and entities where they are required to keep a record as defined under section 24.14 of the
Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations.
Section 24.14 states a factor shall keep the following records in respect of every factoring agreement that it enters into:
(a) an information record in respect of the person or entity with whom it enters into the agreement;
(b) if the information record is in respect of an entity, a record of the name, address and date of birth of every person who enters into the agreement on behalf of the entity and the nature of the person’s principal business or their occupation;
(c) if the information record is in respect of a corporation, a copy of the part of official corporate records that contains any provision relating to the power to bind the corporation in respect of transactions with the factor;
(d) a record of the financial capacity of the person or entity with which it enters into the agreement and the terms of the agreement;
(e) for any payment it makes; and
(f) a receipt of funds record in respect of every amount of $3,000 or more that it receives, unless the amount is received from a financial entity or public body or from a person who is acting on behalf of a client that is a financial entity or public body.
As it relates to the last record, funds may come from a party other than the factoring client (a third party) and in such instances it is not sufficient to rely on identification that would have been completed for the factoring client, but rather the third party would have to be identified.
Below is a response from FINTRAC:
Under the PCMLTFA, specifically section 24.14(f), a receipt of funds record must be kept for every amount of $3,000 or more, unless the funds are received from a financial entity, public body, or a person acting on behalf of such an entity.
In response to your question:
If funds are received from a party other than the identified factoring client, identification requirements may still apply depending on who that third party is.
If the third party is not:
then yes, identification and a receipt of funds record would be required, even if the factoring client has already been identified. This is because the receipt of funds record pertains to who the funds are actually received from, not just who the factoring agreement is with.
Identification of the factoring client alone is not sufficient if funds are received from another party who does not fall under the exemptions in s. 24.14(f). The source of funds must be identified and recorded accordingly.
The factoring company must take reasonable measures to identify the sender, document those efforts, and keep a receipt of funds record.
While this may prove to be challenging in some instances, demonstrating that reasonable measures were taken becomes critical.
If you would like assistance in understanding what this mean to your business, or if you need help in creating or updating your compliance program and processes, please get in touch.
We’re seeing FINTRAC ramp up Administrative Monetary Penalties against all sectors, however, for securities dealers we’re starting to see some heavy hits, something we haven’t seen before, signaling a graduated approach to compliance assessments by FINTRAC.
On July 3, 2025, FINTRAC announced an Administrative Monetary Penalty of $544,500 against an investment dealer headquartered in Vancouver, British Columbia. Additionally, on February 13, 2025, FINTRAC announced an Administrative Monetary Penalty of $66,000 against, a Wealth Management Securities Dealer in Ontario.
Securities dealers must fulfill specific obligations as required by the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations, to help combat money laundering and terrorist activity financing in Canada. As defined under the PCMLTFA, a securities dealer means a person or entity authorized under provincial legislation to engage in the business of dealing in securities or any other financial instruments or to provide portfolio management or investment advising services.
FINTRAC has the legislative authority to issue administrative monetary penalties (AMPs) to reporting entities that are found to be non-compliant with the PCMLTFA and associated Regulations. For more information, see Penalties for non-compliance.
Between the two notices, it was found that following compliance examinations, the following failures were found, which resulted in the AMPs:
Of all the findings, the ones that netted the highest AMP were related specifically to:
Failures in suspicious transaction reporting continue to be a big focus for FINTRAC and a trend with the larger value AMPs that we’ve been seeing.
Securities dealers are responsible for the following requirements under the PCMLTFA and associated Regulations:
If you need help in creating or updating your compliance program and processes, are due for a Compliance Effectiveness Review, or have general questions on your compliance obligations, please get in touch.
When it comes to AML compliance, submitting a Suspicious Transaction Report (STR) to FINTRAC is just the beginning, not the end.
In this short video presentation, Divya Bhaktha from Outlier Compliance Group breaks down exactly what you need to do after an STR is filed, and the consequences if you don’t follow-up correctly.
Public notice of administrative monetary penalties
Reporting suspicious transactions to FINTRAC
Guide on harm done assessment for suspicious transaction reports violations (section 2.3.4)
Need help navigating STR obligations? Email us at info@outliercanada.com or get in touch here.
