Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Are Your Business Relationship Records Ready for FINTRAC?

This article is focused on business relationships that are not account-based (which means that if you are a financial institution or a securities dealer that only conducts transactions with your customers in the context of the accounts that they hold with you, you can skip this one).

Over the past few months, I have assisted some of my clients with their Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) examinations.  While I cannot generally answer questions on my clients’ behalf during these meetings, I can help them prepare for the examination, understand what the examiner is asking for, and redirect them if they stray off track (provided that they have signed an Authorizing_or_Cancelling_a_Representative form). While the businesses examined were quite different in size and complexity, their examinations have been similar, particularly when it came to questions about business relationships.  

For certain types of reporting entities, including money services businesses (MSBs), real estate businesses, and dealers in precious metals and stones (DPMSs) (which are the focus of this article), during each on-site review, the FINTRAC examiner requested a list of all the “Business Relationships” for the review period. Certain information was requested, which was the same in each instance, and included the following:

  • The purpose and intended nature of the business relationship (sometimes called PINBR for short);
  • The risk rating;
  • The date the reporting entity entered into a business relationship with the customer; 
  • The records of any ongoing monitoring (or enhanced measures for high risk business relationships) that has been conducted; and 
  • The last time the customer information was reviewed/updated.

In most cases, this information was not requested in advance.  This meant that it needed to be provided to the examiner while the examiner was on-site (typically a single business day).  For some reporting entities, obtaining this information was not something that their recordkeeping systems were set up to do easily.

Quick Review – What is a Business Relationship?

The Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) defines a Business Relationship as:

Any relationship with a client, established by a person or entity, to conduct financial transactions or provide services related to those transactions and, as the case may be,

(a) If the client holds one or more accounts with that person or entity, all transactions and activities relating to those accounts; or

(b) If the client does not hold an account, only those transactions and activities in respect of which that person or entity is required to ascertain the identity of a person or confirm the existence of an entity under these Regulations.

If you’re not entirely certain what that means, FINTRAC’s guidance on Business Relationship Requirements provides additional clarification:

You enter into a Business Relationship when you conduct two or more transactions where you have to:

    1. ID an individual; or
    2. Confirm the existence of an organization.

Specifically, conducting the following transactions or activities that require you to identify an individual or confirm the existence of an entity:

  • Remittances or transmissions of $1,000 or more (for MSBs);
  • Foreign currency exchange of $3,000 or more (for MSBs);
  • Issuing or redeeming negotiable instruments of $3,000 or more (for MSBs);
  • Large cash transactions (for all reporting entity types);
  • Suspicious transactions and attempted suspicious transactions (for all reporting entity types);
  • Activities which trigger a receipt of funds record (for Real Estate);
  • Virtual currency exchange transactions of $1,000 or more (for MSBs as of June 1, 2020);
  • Large Virtual Currency Transactions Reports (for all reporting entities as of June 1, 2020); and
  • Activities which trigger the creation of a client information record (it’s probably worth mentioning here that these will also trigger a third party determination):
    • Entering into an ongoing service agreement with a customer that is an entity (for MSBs); and/or
    • Entering into a purchase or sale agreement (for Real Estate).

In its simplest form, a business relationship means that a client or customer has done two things that cause identification requirements to be triggered.

Business Relationship Recordkeeping & Monitoring

When you establish a Business Relationship with a customer, you have three things to do.  

First, determine and record the “purpose and intended nature” of the Business Relationship. Some examples provided in the FINTRAC guidance are: 

For MSBs:

  • Foreign exchange for travel or purchase of goods; 
  • Funds transfers for family support or purchase of goods; 
  • Buying/cashing money orders or traveller’s cheques; 

For Real Estate businesses:

  • Purchasing or selling residential property;
  • Purchasing or selling commercial property;
  • Purchase or selling land for commercial use;

For DPMSs:

  • Purchasing or selling jewellery;
  • Purchasing or selling precious metals (for example, gold, silver, platinum, or palladium); and
  • Purchasing or selling precious stones (for example, diamonds, sapphires, emeralds, tanzanite, rubies, or alexandrite).

Next, you need to conduct ongoing monitoring of all Business Relationships, based on the level of risk.  This seems to be where the biggest stumbling blocks are for reporting entities. The purpose of ongoing monitoring is to ensure the following:

  • Detect any transactions that need to be reported as suspicious;
  • Keep identification and beneficial ownership information, as well as the purpose and intended nature records, up-to-date;
  • Reassess the risk level based on their transactions and activities; and 
  • Determine if the transactions make sense given the nature and purpose recorded.

It is not enough just to conduct the monitoring, you must be able to produce some type of record that proves that you’ve done the monitoring. The record should be specific about what was done, and what conclusions were drawn.

If there is something out of the ordinary, expect that the FINTRAC examiner will ask questions. For example, if a customer has indicated that the purpose and intended nature of the business relationship is “fund transfer for family support” but it is clear that payments are being made that are related to the purchase of goods, questions will be raised. It is expected that information about the purpose and intended nature of the business relationship is updated if it has changed – and that you will ask questions when the actual transaction patterns are different than what you expected.

It is this final step, keeping a record of the measures taken to monitor your business relationships and the information you obtain as a result, that is most crucial to successful examination results. 

The additional information collected about the customer is used to compare your expectations for that relationship, with the transactions that customer is conducting.  

Here are a few examples, broken down by industry:


If the nature and purpose provided was foreign exchange for travel, does it make sense that the customer returns every other day with $2,700 in cash?   


If the nature and purpose provided was purchasing jewellery as a wedding gift, does it make sense that the customer returns every month on the same day to make a new purchase?

Real Estate

If the nature and purpose provided was the purchase of a first-time owner-occupied home, does it make sense that the customer purchases another owner-occupied home shortly after?  

In each of the scenarios above, it is quite clear that the activities don’t align with the nature and purpose of the business relationship collected. This doesn’t automatically make it suspicious, but certainly leaves some questions that need answering. When you question the customer about the discrepancy, be sure you’re taking notes.  This does not have to be a complete reiteration (though it can be), but simply a brief synopsis of the conversation, any additional information collected and/or adjustments made to the customer’s risk rating. It should be written in a way that would be clear to someone from outside of your business that is reading the notes two years later.

Recording these types of discussions is paramount to evidence that you’re meeting your ongoing monitoring obligations because, in the compliance world, if you can’t prove it… it never happened.

FINTRAC Exam Readiness Tool for Business Relationships

We’ve made a quick checklist to help you prepare for your FINTRAC examinations.

Question Response & Action Plan
Can I generate a list of my business relationships for the examination period?
Is there a risk rating recorded for each business relationship?
Do I have evidence of ongoing monitoring being conducted?
Do I have evidence of enhanced due diligence and enhanced transaction monitoring for high risk business relationships?
Do I have the date of when I entered in the business relationship with each customer?
Is there a record of the last time the customer information was reviewed and/or updated?


Need a Hand?

Outlier has created a FINTRAC Examination Preparation Package, and it can be downloaded for free here.  FINTRAC has also provided information on their assessment manual, which details the approach and methods it uses to conduct compliance examinations

For additional information, assistance, or a review of your FINTRAC Examination submission package (the information requested by FINTRAC for an examination), you can get in touch using our online form, by emailing, or by calling us toll-free at 1-844-919-1623.  At Outlier, we firmly believe that good compliance is good business.

Are On Demand Products Right For You?

For certain industries, including dealers in precious metals and stones (DPMSs) and real estate, Outlier’s on-demand products are anti-money laundering (AML) and counter terrorist financing (CTF) programs that you can buy, customize online using our set up wizard, and download in fully customizable formats.

These can be purchased as single elements (Policies & Procedures, Risk Assessments, Training, Compliance Effectiveness Reviews) or bundled to save you money.

Why On Demand Products

Outlier’s Founder, Amber D. Scott, noticed two things that made her believe that on-demand products could help Canadian reporting entities. First, for many small and medium sized businesses, there are very similar business models and risk profiles. Second, many businesses don’t have the means to pay for consulting services but have the same obligations as larger reporting entities. She had a vision of creating a model that could level the playing field by making it easier for these businesses to create plain language documents in an affordable way.

Are On Demand Products Right For You?

While we’ve worked to keep the on demand products as plain language as possible, they will still require you to be able to read and understand the content and adjust them for your business model and compliance processes. You’ll also need to review and update them regularly (once a year – no matter what, and more often if Canadian laws and/or your business models change).

These program elements can save you money by providing a customizable framework for you to work with, but you’ll need to put in the time and effort to customize them and keep them up to date.

What If You Download A Product And Need Help?

If you’ve downloaded on demand products and you’re stuck, we can help. Please contact us and let us know what you need. In your request, include the product that you’ve purchased and describe the problem that you’re trying to solve. We’ll get back you within two business days. If you need help sooner, please mark your request as urgent, and we’ll do our best to get back to you sooner.

Is Outlier The Only Company That Can Help?

There are a number of professionals in Canada that can help you customize your program, including consultants, lawyers and Compliance Officers working in your field. Using Outlier’s on demand product doesn’t mean that we’re the only people that can work with you, in fact, we believe that competition makes us all better at what we do.

How Do I Buy On Demand Products?

You can buy our on demand products through this website using a credit card. Start by selecting the type of reporting entity that you are to view the products that are currently available.

If you’re looking for something that doesn’t seem to be on the list, please contact us.

An Unwitting Accomplice to Money Laundering

Handcuffs 1

When many of us think of money laundering, it involves large well organised criminal organizations, like the mafia or large drug cartels. We think of elaborate schemes, with money funnelled through many layers and across international borders, numbered bank accounts off shore accounts hiding millions. While these things do happen, money laundering also happens on a much smaller scale with much less elaborate plots. Since money laundering is something that is done to hide the proceeds of crime, it can relate to any amount of money that someone do not want to be traceable back to them (because that money was obtained through illegal means). The more easily something is passed from person to person anonymously, the more easily it can be used for money laundering. High value items can be used to launder money, as they can be bought or sold on secondary markets. Because jewellery can have a high value and be passed from person, it is a potential vehicle for money laundering. Jewellers in Canada and in the USA are required to report certain transactions, and the consequences for failing to do so can be severe.

The Case

On January 14, 2014, Alan Kashi of Pittsburg, PA (USA) plead guilty to failing to file a report of currency received by non financial business. In the USA, this report is called ‘IRS form 8300 Report of Cash Payments over 10,000,’ is similar to the report that Canadian Dealers in Precious Metals and Stones (DPMSs) are required to file with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). In the Kashi case, an undercover agent purchased an expensive watch, claiming during his conversation with Alan Kashi that the money that he was using came from cocaine distribution. In addition to the charges and related press, Mr. Kashi was required to forfeit $933,075. Sentencing in the criminal case is still pending.1

Alan Kashi maintains that he was ignorant of the law and didn’t realize that he had to report large cash transactions. In order to educate others that may face the same situation, he made a YouTube video explaining what happened and as a warning to other jewellers. It can be viewed here: Filing Form 8300 Part 1 and Part 2.

An Ounce Of Prevention

Perhaps you may think that criminals would be more likely to use a large jeweller, maybe because they have such a high volume of sales going on, they might be less likely to notice something suspicious happening. However, many larger companies have high tech systems in place such as cash registers that automatically request certain information on specific types of transactions (such as large cash transactions) before the transaction can be completed. These systems are in place to make sure that they are following the law. They have many more employees and therefore likely have a well trained Compliance Officer on their staff whose specific duties are to implement and maintain compliance policies and procedures. Smaller companies may not have the money or ability to implement such technologies, making them easier targets for criminals. In the Kashi case, the owner was operating a single store; with no one working there (including him) that knew the law. Unfortunately for Mr. Kashi, being ignorant of the law is not an excuse for breaking it. Anyone running a business is responsible for knowing and abiding by any laws and regulations that apply to it. In Canada, the rules that apply to DPMSs are the same, regardless of a company’s size or sophistication. It is imperative that you know the rules that apply to you and your business.

While the example of Kashi may have happened in the USA, it is still pertinent to companies in Canada. The forms and regulators are different, but the underlying obligations are similar. . In Canada, FINTRAC requires that reporting entities such as DPMSs submit reports about any cash transactions valued at CAD 10,000 or more (within a 24-hour period) and any suspicious transactions, even if they are not over the $10,000 threshold (and whether or not the transaction was completed They require that every reporting entity has a program in place to ensure that they are in compliance. FINTRAC can also request a review of your compliance program at any time, which must be submitted within 30 days of the request. All of this may seem a bit overwhelming, especially when the financial and legal risks are so great. Fortunately, there are very basic and easy to follow steps listed below that will help you to protect your business.

What You Need To Know

All DPMSs in Canada need to have an up to date compliance program that includes:

  • A Compliance Officer,
  • Documented Policies & Procedures,
  • A Risk Assessments,
  • Training and
  • AML Compliance Effectiveness Reviews (every two years).

Your AML Program should describe the things that you are doing in order to prevent, detect and deter money laundering and terrorist financing including:

  • Identifying your customers under certain conditions and keeping customer information up to date,
  • Reporting certain transactions to FINTRAC,
  • Monitoring the transactions that take place to determine whether or not there are reportable suspicious transactions, and
  • Keeping your records (including your program documents) up to date.

Red Flags

In the Kashi case, there were many red flags that should have warned him that something was amiss. For those familiar with Canadian legislation, it may be obvious that both a suspicious transactions report and a large cash transaction report should have been filed. Would it have been obvious to the members of your staff that deal with your customers every day? It’s important to keep your training program up to date and include examples of reportable transactions, including suspicious transactions. Here are some of the red flags that you should be aware of:

  • A customer that mentions involvement in criminal activities;
  • A customer that pays a large sum in cash in a way that is unusual;
  • A customer that asks about identification requirements and changes the transaction or payment method to avoid being identified;
  • A customer that refuses to be identified and refuses to complete a transaction rather than allowing you to see their identification documents;
  • A customer that pays for a high value item in cash, then returns the item and asks for a cheque or draft.

There are many more indicators in FINTRAC’s Guideline 2: Suspicious Transactions. If you are a Compliance Officer or business owner, you should read these indicators and train your staff to be aware of the indicators that apply to your business model.

Outlier has developed compliance resources for DPMSs. You can buy and customize program components online through our website or contact us if you need immediate assistance. If you are a member of the Canadian Jeweller’s Association or Jewellers Vigilance Canada, discounts apply to you, including free resources.

1 The United States Attorney’s Office, Western District of Pennsylvania, 01/15/14.

Return to Blog Listing