PROCESSING...

Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Ministerial Directives Related to Iran & LVCTRs

There have been a number of conversations floating around about FINTRAC Large Virtual Currency Transaction Reporting (LVCTR) obligations as it relates to transactions involving Iran, and potentially involving Iran, under the current Ministerial Directive (MD). While this is not a new requirement (LVCTRs were effective June 1, 2021 and the original MD became effective July 25, 2020), there has been clarification provided with regards to reporting, and what activities trigger which reports.

For background, Outlier Compliance Group wrote an article on what the Iran-related MD entails, so if you are not familiar with the requirements, we suggest starting there.

Existing Guidance

The existing MD guidance does not align with the information provided in a recent policy interpretation for reporting transactions involving Iran that generally are not otherwise reportable, such as a transaction below the reporting threshold. The current guidance says the following:

Any transaction involving the receipt of virtual currency (VC) for exchange to Iranian rial, or VC that is equivalent to an amount under the reporting threshold of $10,000 CAD must be reported using the LVCTR by:

    • Inserting the IR2020 code when using the LVCTR upload; or
    • Selecting IR2020 in the ‘Ministerial Directive’ field of the LVCTR.
    • Because the report is related to the MD, you must ensure that the information provided reflects a connection to Iran.

Recent Interpretation

On June 11, 2023, a policy interpretation was submitted to clarify FINTRAC’s expectations with regards to reporting VC transactions related to the Iran MD. A few specific scenarios were included to ensure an easily digestible response was provided. The portion below is the most noteworthy sections of the response from FINTRAC clarifying the expectation of reporting virtual currency transactions that are below the reporting threshold where there is a nexus to Iran:

To answer your question regarding other instances that could involve the receipt of VC originating from Iran in one or more transactions under the threshold, please refer to section 3) of the Ministerial Directive. It states that any transaction (originating from or bound for Iran) must be treated as a high-risk transaction for the purposes of subsection 9.6(3) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), and must be reported to FINTRAC. Where these transactions involve the receipt of VC but cannot be reported using an LVCTR, they must be reported using the Suspicious Transaction Report (STR) with the IR2020 code.  Only completed transactions can be reported through an STR if the only reason for reporting is that the transaction is originating from or bound for Iran. An attempted transaction should only be reported when you have reasonable grounds to suspect that the transaction is related to the attempted commission of a money laundering or terrorist activity financing offence. 

Further to section 3(a) of the Ministerial Directive, you need to look at a variety of elements when determining whether a transaction originates from or is bound for Iran because the circumstances of each transaction are different. The exchange of VC for Iranian rial is not the only circumstance in which a VC transaction may fall under the Ministerial Directive. After you’ve considered the facts, contexts and indicators of a transaction and you determine it is subject to the Ministerial Directive, you must determine if the transaction(s) should be reported using the LVCTR or STR, as described above.

I’ve provided the reporting information for the scenarios you presented in your email:

    1. Virtual currency that originates from an identified virtual currency exchange in Iran.
      • Report the transaction in the STR with code IR2020.
    2. Virtual currency that originates from a wallet address identified as being in or from Iran.
      • When the conductor, beneficiary or third party address details list Iran as the country, and the transaction is not a VC exchange to Iranian rial, report the transaction in the STR with code IR2020.
    3. Travel rule information from the receiving client (or from a participant in the travel rule network) that sent the virtual currency from an address associated with an Iranian virtual currency exchange, or a person or entity in Iran that is not captured under the Ministerial Directive.
      • If a VC transaction has travel rule information that indicates it originates from or is bound for Iran and it does not meet the LVCTR criteria for the Ministerial Directive, the transaction must be reported using the STR with code IR2020.

So What Do I Need To Do?

What is important to understand in this clarification, is the obligation to report every transaction that has a nexus to Iran, such as originating from a VC exchange in Iran, and how that is to be reported. Where a transaction is not otherwise reportable to FINTRAC via an LVCTR, it must be reported using a Suspicious Transaction Report (STR) and the MD indicator IR2020 must be selected (we also suggest including IR2020 in the opening of the narrative in Section G). Transactions that are not otherwise reportable to FINTRAC include VC exchange transactions below the reporting threshold, as referenced in the response from FINTRAC.

Moving Forward

In order to ensure you are compliant with the MD obligation, a thorough lookback to June 1, 2021 for all VC transactions below the reporting threshold, that may have had a nexus with Iran, needs to be performed. Should transactions that should have been reported be found, a Voluntary Self-Disclosure of Non Compliance (VSDONC) should be submitted to FINTRAC. For more information on VSDONCs and how to complete one, please see our blog post on the topic.

Need a Hand?

If you are looking for help completing a lookback or would like a second set of eyes on a VSDONC, please feel free to contact us.

Proposed 2023 AML Changes: Mortgage Lenders and Armoured Car Services

Background

February seems to be the month for proposed legislative changes.

On February 18, 2023, draft amendments to the regulations under the Proceeds of Crime Money Laundering and Terrorist Financing Act (PCMLTFA), and a net-new draft regulation, were published in the Canada Gazette. If you’re the type that likes to read original legislative text, you can find it here. We (thanks Rodney) also created a redlined version of the regulations, with new content showing as tracked changes, which can be found here.

These changes are meant to renew and improve Canada’s anti-money laundering (AML) and Counter Terrorist Financing (CTF) regime, adapting to new money laundering (ML) and terrorist financing (TF) risk. One of the most significant changes, in our opinion, is the introduction of two new regulated entity types, mortgage lenders and armoured car companies.

Currently, mortgages issued by financial entities are captured under the PCMLTFA but these amendments would make all entities involved in the mortgage lending process (brokers responsible for mortgage origination, lenders responsible for underwriting the loan, and administrators responsible for servicing the loan) reporting entities. The intent here is to level the playing field between regulated and unregulated mortgage lenders, and to deter misuse of the sector for illicit activities.

While the activity of transportation is not currently supervised for AML purposes per se, armoured car carriers provide services largely to regulated entities. Given the flow of funds that is typically seen in this sector, reconciliation and identification of the origin of funds can sometimes be challenging, and allows funds to move with some degree of anonymity, which is an ML/TF vulnerability.

The draft regulations also introduce new requirements for correspondent banking relationships, and additional requirements related to the Money Services Business (MSB) registration. There are also some technical amendments related to existing reporting requirements and changes related to Administrative Monetary Penalties (AMPs).

Lastly, a new regulation would introduce a prescribed formula for the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) to assess the expenses it incurs in the administration of the PCMLTFA against reporting entities. Such models are seen from other regulators, such as the Office of the Superintendent of Financial Institutions (OSFI) and the Financial Consumer Agency of Canada (FCAC). Currently, FINTRAC is funded through appropriations.

In the following sections, we have summarized what we feel are the most important requirements to note.

Armoured Car Companies

The proposed changes would require a company that engages in “transporting currency or money orders, traveller’s cheques or other similar negotiable instruments” (except for cheques payable to a named person or entity) to be considered an MSB. As such, the following obligations will have to be met:

  • Development of a compliance program;
  • Maintaining an up-to-date MSB registration with FINTRAC;
  • Conducting compliance effectiveness reviews;
  • Reporting certain transactions;
  • Identifying customers;
  • Record keeping;
  • Risk ranking customers and business relationships;
  • Conducting transaction monitoring and list screening;
  • Conducting enhanced due diligence and transaction monitoring for high-risk customers and business relationships; and
  • Follow ministerial directives and transaction restrictions.

One record keeping obligation to note, which is new for armoured car companies, is the requirement to record the following information when transporting CAD 1,000 or more of cash or virtual currency, or CAD 3,000 or more in money orders or similar negotiable instruments:

  • The date and location of collection and delivery;
  • The type and amount of cash, virtual currency or negotiable instrument transported;
  • The name and address of the person or entity that made the request, the nature of their principal business/occupation and, in the case of an individual, their date of birth;
  • The name and address, if known, of each beneficiary;
  • The number of every account affected by the transport, the type of account, and the name of the account holder;
  • Every reference number that is connected to the transport, and has a function; equivalent to that of an account number; and
  • The method of remittance.

An additional requirement that will apply to armoured car companies is in relation to PEP determinations (existing PEP requirements for MSBs still apply). Specifically, a PEP determination is required whenever a person requests that the MSB transport more than CAD 100,000 in cash or virtual currency, or in an amount that is not declared.

Under the proposed regulations, there are some exemptions for reporting that are noteworthy. Large Cash and Large Virtual Currency reporting requirements will not apply where there is an agreement of transportation between:

  • The Bank of Canada and a person or entity in Canada;
  • Two financial entities;
  • Two places of business of the same person or entity; or
  • Canadian currency coins for purposes of delivery under the Royal Canadian Mint.

It is noteworthy, based on the definition, that there may be more than just armoured car companies that are captured under these new requirements. This will be clarified in guidance from FINTRAC that will follow publication of the legislation.

The requirements applicable to armoured car companies will come into force eight months after final publication in the Canada Gazette.

Mortgage Lending

The proposed regulations would require mortgage lenders, brokers, and administrators (mortgage participants) to put in place compliance regimes, similar to that of other regulated entities, which include the following:

  • Development of a compliance program;
  • Conducting compliance effectiveness reviews;
  • Reporting certain transactions;
  • Identifying customers;
  • Keeping records;
  • Risk ranking customers and business relationships;
  • Conducting transaction monitoring and list screening;
  • Conducting enhanced due diligence and transaction monitoring for high-risk customers and business relationships; and
  • Follow ministerial directives and transaction restrictions.

It is noteworthy, that many mortgage brokers already have existing voluntary AML compliance programs and already apply AML measures. This is in part due to various securities regulations and lending partners.

The requirements applicable to mortgage lending will come into force six months after final publication in the Canada Gazette.

Cost Recovery

As part of this round of regulatory changes, there is a net-new regulation, the Financial Transactions and Reports Analysis Centre of Canada Assessment of Expenses Regulations. This regulation will allow FINTRAC to pass on expenses, to reporting entities, that it incurs in the administration of the PCMLTFA. Only the following prescribed entity types are affected by this:

  • Banks and authorized foreign banks;
  • Life insurance companies;
  • Trust and loan corporations; and
  • Every entity that made more than 500 threshold reports during the previous fiscal year.

The regulations provide a formula that FINTRAC would use to calculate the assessment amounts payable by reporting entities on the basis of their annual asset value, and the volume of all threshold transaction reports submitted. For clarity, threshold transaction reports include Large Cash Transaction Reports (LCTRs), Large Virtual Currency Transaction Reports (LVCTRs), Electronic Funds Transfer Reports (EFTRs), and Casino Disbursement Reports (CDRs).

The requirement would come into force on April 1, 2024. This means FINTRAC would commence recovering costs from the 2024-2025 fiscal year and forward.

Other Changes

Enhancing MSB registration

Under the proposed amendments, as part of MSB registration, MSBs would now need to include the telephone numbers and email addresses of its president, directors and every person who owns or controls 20% or more of the MSB. This is in addition to current required information. Additionally, the number of the MSB’s agents, mandataries and branches in each country will be added (currently, only those within Canada are required).

This requirement will come into force twelve months after final publication in the Canada Gazette.

Streamlining requirements for sending AMPs

Under the proposed amendments, FINTRAC would be allowed to serve a reporting entity solely by electronic means when issuing an AMP. Currently, FINTRAC would also have to send an additional copy by registered mail.

This requirement would come into force on registration.

What Next?

There is a 30 day comment period (ending March 20, 2023) for the proposed regulations. It is strongly recommended that industry, and potentially impacted companies, review carefully and provide feedback. Comments can be submitted online via the commenting feature after each section of the proposed changes, or via email directly to Julien Brazeau, Associate Assistant Deputy Minister, Financial Sector Policy Branch, Department of Finance, 90 Elgin Street, Ottawa, Ontario K1A 0G5.

We’re Here To Help

If you have questions related to the proposed changes, or need help starting to plan, you can get in touch using the online form on our website, by emailing us directly at info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

The Proposed Retail Payment Activities Regulations

Background

On February 11, 2023, the proposed Retail Payment Activities Regulations were published in the Canada Gazette. This is to support the Retail Payment Activities Act (RPAA) which was released under Bill C-30 and received royal assent in June 2021. The Retail Payment Activities Regulations are required to bring the RPAA into force.

A Payment Service Provider (PSP) is defined as an individual or entity who performs payment functions as a service or business activity that is not incidental to another service or business activity. Certain entities, such as financial institutions, are exempt as they are regulated under other federal obligations (i.e., Office of the Superintendent of Financial Institutions’ Operational Risk and Enterprise Risk management guidelines.)

The current lack of requirements and supervision increases risks, such as the risk of financial loss in instances of business insolvency, and threats to the security of sensitive personal information. The Regulations aim to address gaps in the supervision of unregulated PSPs and are meant to align with other jurisdictions which already have regimes for PSPs.

The principles that guide the Regulations are:

  • Necessity — supervision should address risks that lead to significant harm to end users and avoid duplication of existing rules;
  • Proportionality — level of supervision should be commensurate with the level of risk posed by the payment activity;
  • Consistency — similar risks should be subject to a similar level of supervision; and
  • Effectiveness — requirements should be clear, accessible and easy to integrate within different payment services.

PSPs will be required to apply and register with The Bank of Canada (no date for this yet). There is a proposed registration fee of CAD 2500. Additionally, an annual assessment fee will be required.

In the following sections, we have summarized what we feel are the most important requirements to note.

Operational Risk Management

PSPs will have to implement and maintain an Operational Risk Framework consisting of the following:

  • Identify its operational risks (i.e., business continuity, cybersecurity, fraud, data management, information technology, human resources, process and product design and implementation, change management, physical security and third parties);
  • Protect its retail payment activities from those risks;
  • Detect incidents and control breakdowns;
  • Respond to and recover from incidents;
  • Review, test and audit its Risk Management Framework;
  • Establish roles and responsibilities for the management of operational risk;
  • Have access to sufficient human and financial resources; and
  • Manage risks from third-party service providers, agents and mandataries.

PSP must ensure that the above are proportional to the impact that a reduction, deterioration, or breakdown of its payment activities could have on end users.

Incident Response

Under the proposed Regulations, PSPs must develop a comprehensive plan for investigating, responding to and recovering from incidents that have a material impact on an end user. An incident is defined as an event or series of related events that is unplanned and that results in or could reasonably be expected to result in the reduction, deterioration or breakdown of any payment activity performed by a PSP.

The incident would be reported to the Bank of Canada and would include the following at a minimum:

  • A description of the incident;
  • The impact on individuals or entities listed in the Act; and
  • Actions taken by the PSP to respond to the incident.

There would also need to be a notice to impacted end users and other impacted parties.

PSPs can only resume operations after an incident once they have verified the integrity and confidentiality of all systems, data and information have been restored, and that it is able to perform retail payment activities without reduction, deterioration or breakdown.

Audit, Testing and Training

Under the proposed Regulations, PSP’s will have to complete various types of testing related to the Framework and have training in place.

All staff who have a role in establishing, implementing or maintaining the PSP’s Risk Management Framework must be provided with the information and training that are necessary to carry out that role.

Framework Review

On at least an annual basis, PSP’s must evaluate its compliance with regulatory requirements. Such a review is also required before any significant changes are made to the PSP’s operations or controls after an incident (defined in the section above).  The findings of the review must be reported to a senior officer.

Testing

PSPs must also establish and implement a testing methodology to determine the effectiveness of its Risk Management Framework. This must be tested at least once every three years and findings must also be provided to a senior officer.

Independent Review

In addition to the above, a PSP must have their Framework independently reviewed at least every three years. The review must be documented and describe the scope, methodology use and findings. Findings of the review must be reported to a senior officer.

Biennial Independent Review

PSPs must have requirements related to safeguarding of funds tested at least once every two years by a sufficiently skilled individual who has had no role in the establishment, implementation, or maintenance of the safeguarding requirements under a PSPs Framework. We discuss what safeguards requirements are below.

Safeguards

PSPs will be required to hold customer funds in a trust account or a segregated account, with insurance or a guarantee to safeguard end-user funds against financial losses due to insolvency.

For consumer protection, the Regulations contain requirements to protect the end user from loss. These requirements include:

  • End-user funds must be held at prudentially regulated financial institutions;
  • Insurance or guarantee cannot be from an affiliate of the PSP;
  • The proceeds from the insurance or guarantee cannot form part of the PSP’s estate;
  • The Bank of Canada must be notified at least 30 days in advance of the cancellation of the insurance or guarantee;
  • PSPs must implement and maintain a written fund safeguarding framework to ensure that end-users have reliable access to their funds without delay; and
  • PSPs must keep a ledger with the names of their end-users and the amount of funds held.

This will require detailed flow of funds documentation.

Reporting

Under the proposed Regulations , PSPs will have to complete various types of reports.

Annual Report

PSPs will need to provide an annual report to the Bank of Canada, no later than March 31 of each year.  Some of the information that must be contained in the report is:

  • A description of any changes made to the payment service provider’s risk management and incident response framework;
  • A description of the human and financial resources for implementing and maintaining the risk management and incident response framework;
  • A description of the PSP’s operational risks in respect of the reporting year, their potential causes and the manner in which they were identified;
  • A description of the systems, policies, procedures, processes, controls, including any approvals required;
  • A description of training;
  • A description of all reviews, and independent reviews; and
  • A description of any incidents that the payment service provider experienced during the reporting year.

Also, the report will need to contain certain volume and value statistics related to the services a PSP is providing.

Significant Change Report

PSPs will be required to notify the Bank of Canada, at least five days in advance, before making a significant change that could materially impact operational risks or the safeguarding of end user funds.

The information that must be contained in the report is:

  • The name and contact information of the individual who may be contacted regarding the significant change;
  • A description of the change or new activity to be performed;
  • The reason for the change or new activity;
  • The date on which the change is to be made;
  • The PSP’s assessment of the effect that the change or new activity will have on its operational risks; and
  • A copy of all documentation in relation to the PSP’s Risk Management Framework, that has been amended to reflect the change or new activity, including any necessary approvals.

If a PSP has senior officers, the change or new activity must be approved and receive formal sign off by senior management before submission of a report. This should be taken into account from a planning perspective, as it can take some time to obtain such internal approvals.

Incident Report

PSPs must report incidents that have a material impact on an end user, other PSPs, or designated financial market infrastructures, to the Bank of Canada and other impacted individuals and entities.

The information that must be contained in the report is:

  • A description of the incident;
  • What impact does the incident have on individuals and entities; and
  • What actions have been taken by the PSP to respond and remediate.

The Regulations do not make it clear what timeframe is required for reporting such incidents, however they do state the standard time to respond to a request from the Bank of Canada is 15 days. Failure to report an incident can result in an administrative monetary penalty classified as very serious.

What Does This Mean?

From the highlights, it’s evident that these Regulations will create a substantial burden for PSPs, especially ones that are smaller or just starting. A significant amount of time, resources and cost are going to be needed to manage the compliance requirements that PSPs will need to follow. If a PSP does not comply or there is partial compliance, they may be subject to administrative monetary penalties that range from CAD 1,000,000 per each serious violation, up to CAD 10,000,000 per each very serious violation. The draft Regulations did not make clear what a dispute process would like.

It should be noted that most PSPs captured under the RPAA are also considered money services businesses (MSBs), and as such must also comply with anti-money laundering (AML) compliance obligations. Check out our blog related to that here.

What Next?

Due to these changes not being final, we wait. There is no set date for when we can expect final legislation or when they will come into force, but it is a good time to start budgeting and align resources.

Also, as there is a 45-day comment period for the proposed Regulations which closes on March 28, 2023, PSPs should review the Regulations carefully and provide feedback. Comments can be submitted online via the commenting feature after each section of the proposed Regulations, via email, or via regular mail to Nicolas Marion, Senior Director, Payments Policy, Department of Finance, 90 Elgin Street, Ottawa, Ontario K1A 0G5.

We’re Here To Help

If you have questions related to the proposed changes, or need help starting to plan, you can get in touch using the online form on our website, by emailing us at info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

Suspicious Transaction Reporting Updates

FINTRAC has published updated resources related to upcoming changes to suspicious transaction reports (STRs) on its Draft Documents page. This includes updated draft guidance on STRs, expected to come into force in September 2023.

While the updated forms are not yet in use, it is important that you communicate these changes to your information technology (IT) teams and service providers. The documentation published this week includes JSON schemas and API endpoints.

For reporting entities that complete STR reporting manually through FINTRAC’s online reporting portal, it is also important to familiarize yourself with updated structured reporting fields, including:

  • URL,
  • Type of device used,
  • Username,
  • Device identifier number,
  • Internet protocol address, and
  • Date and time in which online session request was made.

These can be reviewed in the draft STR form.

Of course, if you require assistance, Outlier Compliance is here to help, please contact us.

New Terrorist Financing Indicators

FINTRAC has published updated indicators related to terrorist activity financing.

These are subdivided into three broad types of violent extremism:

  • religiously motivated violent extremism (RMVE),
  • politically motivated violent extremism (PMVE), and
  • ideologically motivated violent extremism (IMVE).

Each subtype has distinct characteristics and indicators. While it can be tempting to think that these types of things don’t happen here, unfortunately, they can and do happen here in Canada. As a Compliance Officer, it’s important to think through where these indicators might be visible to you and your team.

All Canadian reporting entities must use this information to:

  • Update the indicators in training materials,
  • Update the indicators in policies and procedures, and
  • Update transaction monitoring mechanisms (where applicable) to detect relevant indicators.

Of course, if you require assistance, Outlier Compliance is here to help, please contact us

First AML Compliance Effectiveness Review Timing

As a company that gets to work with a lot of startups, and existing companies entering the Canadian market, we get to help folks understand the regulatory landscape in Canada. One of the required elements of a Canadian compliance program is an AML Compliance Effectiveness Review. These reviews must be completed every two years at a minimum. You can think of it like an audit, but for compliance.

The purpose of an effectiveness review is to determine whether your AML compliance program has gaps or weaknesses that may prevent your business from effectively preventing, detecting and deterring money laundering and terrorist financing. Recently, we have seen an increased focus on Effectiveness Reviews during FINTRAC examinations. Specifically, on whether the review really tested the effectiveness of the compliance program as a whole (not just what you say you’re doing, but also what you’re actually doing). This has led to FINTRAC examiners requesting the working papers for completed effectiveness reviews where the report did not clearly describe how the effectiveness was tested and assessed. This is the main reason Outlier has started providing our working papers with the final report. This also provides a pretty good reference point for making sure you are meeting your regulatory expectations.

First Time for Everything

In previous engagements, Outlier has operated on the theory that the clock for when your first review was due stemmed from the MSB’s FINTRAC registration date. However, we were incorrect. It wasn’t until a recent conversation where the registration date preceded any customer transactions by six months, that really spurred on an official clarification from the regulator. The trigger for the 2-year clock to start ticking is not registration but “a registered MSB is required to create a compliance program once it engages in one or more of the MSB-related activities.” This means that the clock starts ticking after the MSB has conducted their first transaction.

Here is a PDF version of the policy interpretation we received from FINTRAC that you can keep for your records.

Potential Corrections

If we have completed a review for you in the past that has a commencement date prior to your first customer transaction, please feel free to reach out so we can amend your report to the proper date.

Upcoming Effectiveness Reviews

While this article talks about your first review, you must also be sure to initiate all subsequent reviews within 2 years of the start date of your previous review. Please note that this is based on the previous commencement date, not the date of completion or issuance of the final report.

Need a Hand?

If you are looking for an idea of pricing for an upcoming review or have questions about a review that is currently underway, please feel free to contact us.

9 Years of Entrepreneurship


If you had told me ten years ago that I would be in the longest-running position in the history of my career, I wouldn’t have believed you. Back then, I was unhappy for various reasons, and while I had started to think about what I really wanted from my work life, I had yet to take some of the big steps to get there. I won’t go into the gory details of where I was or the situations that weren’t working for me. Suffice it to say that there was a lot that wasn’t working, and I didn’t know how to fix it… but I had some ideas.

If you’re sitting in a spot, like I was then, perhaps feeling a bit despairing and lost despite what many might consider your own success, this post is for you. It’s been written as a love letter, from the woman that I am today to the woman that I was then… Whether today you’re solving problems like a champion, just putting one foot in front of the other, or sitting on the couch thinking that you may want to get up – it’s all part of the journey.

Give yourself permission to name the things that you really want

Once, a former mentor (Lin, a founder of CU Training, now retired) literally gave me permission to take notes with coloured markers. The notes included cartoons of key points. I love to draw. It’s a great memory aid, but it’s something that I saw as being “unprofessional” and had trained myself out of…

This conversation got me thinking – what else hadn’t I given myself permission to write (or draw)? Were there things that I wasn’t giving words to?

Of course, there were.

In fact, there were a whole lot of things that I had been afraid, for one reason or another, to think too deeply about, let alone describe. So many of these things related to what I really wanted from life.

Write it down

This led to a trip to a shop in Victoria, BC, where I bought a beautiful notebook that I didn’t write anything in for a while. It would become the place where I wrote down what I wanted in life. This is the page from that book for “work.”

When I put pen to paper in this book, the rules are simple. I don’t beat myself up about what’s not working in my current state. I have a good think about what I really want, and I write it down. Whether it seems improbable or downright impossible, I write it down.

Looking back at this page, written over a year before my company, Outlier Compliance Group was a conscious thought, I can see its beginnings here.

Keep writing

I look back at and add to the old pages, building on the ideas there. It makes me smile to see where I’ve grown into myself and accomplished things that I thought impossible. I add new pages to the book.

It’s easier now to give myself permission to write than it was at first, but it’s still not easy! That’s okay. I think that’s part of how I know that I’m still growing and pushing myself.

Be open to opportunity

In the last decade, I’ve worked with amazing companies and entrepreneurs. I’ve consulted governments and NGOs. I’ve taught classes and presented at conferences around the world. I’ve made the type of career decisions and personal investments that have set me up to be secure in a way that I would have found unfathomable. Some of the people that I admire most in the world have become mentors and friends.

Sometimes, I think about where I was at various points in my life: living in poverty, in the foster care system, in very unhealthy work environments, and I wish that I could reach back into the past and let that version of me see the me that I am today… to let that version of me know that all of the hard work that I was doing would prepare me for opportunities that I wouldn’t have dared to dream of then.

The best part is that, eventually, success can become a virtuous cycle. The more opportunity I seize, the more seems to flow my way, and the more I am prepared to tackle… and the more that I am able to help others to help themselves along the way!

Take enough risk to get knocked down

This is not to say that it’s easy to seize opportunities, or that I don’t get knocked down from time to time. I do, and it’s not fun!

When something knocks me down, I try to remember that this is the price of “stepping into the ring.” Sometimes, I’ll get knocked down.

This is part of the risk-return curve; there’s no success without risk.

Get back up and do it again

Once, an interviewer presented me with a big list of leadership characteristics and asked me what the most important was to me. After reading the list, I asked if I could add another word to the list. That word is relentlessness, and I stand by it.

This is not to say that I keep doing the same thing over and over and expecting a different result, but rather that I learn, adjust tactics and pursue my goals with ardour.

If you can’t find it, build it

I think that everyone close to me had a sense that I would do something entrepreneurial long before I did. I was always looking for novel ways to solve problems, no matter the environment that I was in. This has become the number one question that I ask entrepreneurs that come to me for advice – what problem are you solving?

It’s important from a business perspective, as well as from a personal satisfaction perspective. When we understand what we’re doing and why, we all tend to be more motivated and focused.

Find your tribe

I am grateful every day for the incredible people in my life. I grew up feeling like an outsider, and I had to a large extent, accepted that this is the way I would always feel (and I was ok with that). It takes me by surprise sometimes to realize that I don’t feel that way anymore. I spend most of my waking hours solving problems and socializing with people that I love, respect and admire. Even when we’re dealing with difficult or stressful situations, I am still grateful for my friends, colleagues and clients every day.

The caveat here is that there are only 24 hours in a day. Each hour that you spend with the wrong folks is a missed opportunity to spend time with the right folks. Choose wisely!

Forgive yourself

This is something that I am still learning, and maybe I will be forever… When I make mistakes, I take it hard. I can hold a grudge for a very long time, and while I think that’s healthy in some cases, I shouldn’t be holding a grudge against myself. Making mistakes is part of learning and growing, and I need to be honest, forgive myself and get to learning rather than dwelling.

The idea that there are only 24 hours in a day is important here too. Time spent beating oneself up is not time well spent.

FINTRAC MSB Registration Expired?!?

FINTRAC Registration

Over the past few months, we have heard from several money services businesses (MSBs) that have experienced issues in renewing their MSB registrations with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). In most cases, these issues are easily resolved. However, if MSB registration issues are not addressed promptly, administrative monetary penalties (AMPs) or criminal charges may ensue.

It is likely that registration-related issues have become more common as FINTRAC is increasingly requesting additional information or clarifications from MSBs as part of the initial registration and registration renewal process. These requests are sent via email to the contact person listed in the MSB registration form.

Check Your MSB registration Status

You can view the status of your MSB registration by searching for your business on the public MSB registry. While this article is about the MSB registration status, anytime you are on this page, it is a useful practice to check to ensure that all of the information is up to date. There are several possible options for the “Registration status of MSB” field:

Registered: this is the status that is displayed for active MSBs. The detailed view will also show the expiry date of the registration.

Ceased: this status is displayed when an MSB has cancelled their registration (e.g. because the business is no longer conducting MSB activity or is only performing MSB activity as the agent of another MSB).

Expired: this status is displayed when an MSB has not submitted an MSB registration renewal on time, has not responded to requests for information from FINTRAC, or has not provided sufficient information to FINTRAC to complete the renewal process.

Revoked: this status indicates that FINTRAC has revoked an MSB’s registration.

If the Expiry Date is Coming Up Soon

If you notice that your MSB’s registration is expiring soon, there are several steps that you should take proactively. First, make sure that you have your login credentials and access FINTRAC’s secure MSB Registration portal. On the left-hand side of the screen, you may see an option to submit your renewal application. If this option is not yet present, it is still a useful practice to select “view completed form” and review the MSB information to ensure that everything is up to date. If there is anything that needs to be updated, you can update the form (information must be updated within 30 days of any changes; do not wait for the renewal date to make updates).

If the renewal can be processed at this time, make sure that you take the time to look at all data fields. Are these fields complete and accurate? Does the information related to the MSB’s beneficial ownership match what will be found in any corporate registries (if not, additional information and/or correction may be required before the registration can be processed). FINTRAC may request additional information by email, and your registration will not be renewed until these queries have been satisfied.

If the Registration is Expired

If you notice that your registration has expired, you should immediately access FINTRAC’s secure MSB Registration portal to renew it. It may be that you have simply missed a deadline, or that you did not notice an error message or request for additional information from FINTRAC. Whatever the cause, you should work to resolve the issue and renew the registration as soon as possible.

If you are not able to renew the registration, contact FINTRAC immediately by emailing guidelines-lignesdirectrices@fintrac-canafe.gc.ca and MSBRegistration@fintrac-canafe.gc.ca immediately with the subject line “URGENT – MSB Renewal Issue – Renewal Date Passed”.

  • In the body of the email, let them know:
  • The company name and MSB number
  • That you have been attempting to renew the MSB registration
  • If you have responded to any requests for additional information, the details of these correspondences (attach copies if possible)
  • Ask what information is needed at this stage to renew the MSB registration

Keep a copy of this and all communications with FINTRAC.

You may also want to consider making a voluntary self-declaration of non-compliance (VSDONC) to FINTRAC. For help with disclosures, check out our previous blog post.

If you receive a “Notice of Violation”

Where an MSB registration is expired, and the MSB continues to perform MSB activities (other than as an agent for another MSB), a penalty may be assessed, and a “Notice of Violation” may be issued. At this stage, a law firm should be engaged (we’re happy to recommend competent firms if this is something that you need). There are specific and relatively short timeframes for all response steps, and this should be treated as urgent.

We’re here to help.

If you are not sure what to do next or need assistance with compliance, please get in touch.

EFTs, PSPs & Crowdfunding : Canada’s Changing Regulatory Landscape

On April 27th, 2022 amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) and associated regulations related to penalties for non-compliance were passed. These amendments were unusual, as there was little prior public consultation, no pre-publication for public comment, and they came into force “on publication” (right away). This is particularly unusual, as new business models were included in the money services business (MSB) and foreign money services business (FMSB) categories.

Specifically, a number of payment services providers (PSPs) became MSBs through a change in the definition of electronic funds transfers (EFTs), and companies that provide crowdfunding services also became MSBs/FMSBs. Historically, these types of changes would have included a pre-publication of the proposed amendment with time for industry participants to comment. There is also, generally, a period of time between the publication of final amendments and the coming into force date (often a year). Absent these buffers, both industry and Canada’s AML regulator, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) have been scrambling to assess the many nuances of the amendments.

While we’ve seen a number of responses to individual applicants for MSB registrations and requests for policy interpretations from FINTRAC, today’s release was the first substantial piece of public guidance from the regulator. For those inclined, it can be accessed here: https://fintrac-canafe.canada.ca/notices-avis/2022-07-21-eng

EFTs and PSPs

What may have seemed like an inconsequential change to the definition of EFTs, which removed certain exemptions, has significant impacts on payment services providers.

“As payment services are not a prescribed service under the PCMLTFA, FINTRAC is taking the position that persons or entities that provide invoice payment services or payment services for goods and services are engaged in the business of remitting or transmitting funds, or dealing in virtual currency.”

FINTRAC’s guidance goes on to define each of these activities and the (very limited) exemptions in each case.

Crowdfunding

While crowdfunding gets a nod in the title of the guidance, it doesn’t really factor into the substance of today’s piece. There are definitions in the amendments themselves in this case, and it’s likely that additional guidance will follow as FINTRAC works through these registrations.

crowdfunding platform means a website or an application or other software that is used to raise funds or virtual currency through donations. (plateforme de sociofinancement)”

crowdfunding platform services means the provision and maintenance of a crowdfunding platform for use by other persons or entities to raise funds or virtual currency for themselves or for persons or entities specified by them. (services de plateforme de sociofinancement)”

FINTRAC’s MSB/FMSB Registration Process

The guidance notes that FINTRAC is working on getting businesses registered “over the next several weeks.” As there are many businesses that will be newly registering as MSBs or FMSBs, industry participants should expect some delays. It has also become much more common for FINTRAC to ask for additional details about the business, such as the business model and flow of funds.

There is also a tool to check to see if your business should be registered: https://www.fintrac-canafe.gc.ca/msb-esm/questions/2-eng

If you’re ready to register, you can find an overview of the process and links to the pre-registration form here: https://fintrac-canafe.canada.ca/msb-esm/register-inscrire/reg-ins-eng

Requesting Policy Interpretations

There are two important FINTRAC email addresses. If you have a question specifically about whether or not your business should register, first try msb-esm@fintrac-canafe.gc.ca.

For other policy interpretation requests (or if your request is particularly complex), your best avenue is most likely guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

Enforcement Actions

FINTRAC’s guidance indicates that the regulator will take a reasonable approach to entities required to register.

“We understand that there will be challenges in meeting certain obligations. FINTRAC will be reasonable in its assessment and enforcement approach, and is committed to working with reporting entities subject to the PCMLTFA and its Regulations to increase their awareness, understanding and compliance with their obligations. Please continue to monitor our website for updates or additional guidance.”

This gentle approach will not last indefinitely. If your business needs to be registered (and get its house in order AML compliance-wise), it’s time to get started.

We’re here to help.

Whether you want a hand drafting a policy interpretation request, an AML compliance program, or training for your newly minted AML Compliance Officer (congratulations, I’m sorry), we’re here to help. Please get in touch.

Effectiveness Reviews for Dealers in Virtual Currency

Effective June 1, 2020, dealers in Virtual Currency activities were considered as Money Services Businesses (MSBs) and as such, must comply with MSB obligations under amendments made to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA). One obligation is to have an AML effectiveness review at least once every two years. MSBs must start their effectiveness review no later than two years from the start of their previous review or in the case of dealers in Virtual Currency, no later than June 1, 2022, the date they were considered to be MSBs under law.

Such reviews must test your compliance program and effectiveness of your operations. Our reviews follow a similar format to examinations conducted by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), which you can read more about in a previous Blog Post.

We’re Here To Help

If you have not yet engaged or commenced your review, there are still a couple of weeks to be compliant. If you would like to engage Outlier to conduct your AML Compliance Effectiveness Review or have questions regarding this obligation, please get in touch.

Return to Blog Listing