Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

The Iran Ministerial Directive’s Impact

Quick Overview

On July 25, 2020, a new Ministerial Directive (MD) was published in the Canada Gazette by the Minister of Finance on financial transactions associated with the Islamic Republic of Iran.  On July 27, 2020, FINTRAC issued guidance on how to incorporate the MD into your anti-money laundering (AML) program, along with some indicators for determining if a transaction is associated with Iran. This MD requires that every transaction originating from or bound for Iran be treated as high risk, regardless of the amount. This includes identifying every client, performing customer due diligence, and recording certain information. It is vital that your AML compliance program documentation contains internal processes related to MDs, even if you do not conduct transactions with Iran (or North Korea, based on the previous MD issued December 9, 2017).

What is a Ministerial Directive?

MDs are specific requirements imposed by the Minister of Finance that are meant to mitigate risks associated with activities that pose elevated risk and safeguard the integrity of Canada’s financial system. To date, these areas of elevated risk have been identified by the Financial Action Task Force (FATF) as posing strategic deficiencies with regards to international standards for anti-money laundering and counter terrorist financing.

What does this Ministerial Directive require?

The guidance from FINTRAC states that every bank, credit union, financial services cooperative, caisse populaire, authorized foreign bank and Money Services Business (MSB) must:

  • Treat every financial transaction originating from or bound for Iran, regardless of its amount, as a high-risk transaction;
  • Verify the identity of any client (person or entity) requesting or benefiting from such a transaction;
  • Exercise customer due diligence, including ascertaining the source of funds in any such transaction, the purpose of the transaction and, where appropriate, the beneficial ownership or control of any entity requesting or benefiting from the transaction;
  • Keep and retain a record of any such transaction;
  • Determine whether there are reasonable grounds to suspect the commission or attempted commission of a money laundering or terrorist financing offence and report all suspicious transactions to FINTRAC;
  • Reporting all other reportable transactions (if applicable).

To be clear, this MD does not apply to transactions where there is no suspicion or explicit connection with Iran and there is no evidence of the transaction originating from or being bound for Iran. A couple of examples were provided in the FINTRAC Guidance:

  • A client who has previously sent funds to Iran requests an outgoing EFT, where the transaction details do not suggest that this transaction is bound for Iran and you are unable to obtain further details about the transaction destination; or
  • The client’s identification information is the only suggestion of a connection to Iran (for example, a transaction where the conductor’s identification document is an Iranian passport).

What does it mean to you?

It is important to understand that even if your business does not facilitate transactions involving Iran, it is expected that you have a process in place for adhering to MDs, including how the Compliance Officer stays up to date. Within your AML compliance program documentation, you need to have a section that talks about MDs generally, plus specific procedures related to handling the current MDs (transactions involving Iran and North Korea). In the FINTRAC guidance related to this MD, it states that during an examination, FINTRAC will assess your compliance with MDs and failures to do so are considered very serious and may result in a penalty.

What now?

In order to ensure familiarity for anyone who interacts with customers and their transactions, the list of FINTRAC’s indicators should be communicated immediately.  Furthermore, the indicators should also be included in your procedure manuals and annual AML compliance training topics, allowing easy access to the information. Documenting the information and related processes for MDs is very important so you can demonstrate to FINTRAC your adherence to the requirements during an examination.

Need a hand?

We’ve made it easier for you to integrate this content into your program by putting the information into a Word document for you. If you aren’t sure what to do with this information and would like some assistance, please feel free to contact us.

Amended AML Regulations June 10, 2020 – Redlined Versions

The following red-lined versions have been created to reflect final amendments to Canadian anti-money laundering (AML) regulations published in the Canada Gazette on June 10, 2020.  Amendments to the Cross-border Currency and Monetary Instruments Reporting Regulations will come into force on June 1, 2020. All other amendments will come into force on June 1, 2021. We have created industry specific blogs to make understanding the changes easier, which are located here.

Redlined versions of all the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations are listed below for download.

These documents are not official versions of the regulations. Official versions can be found on the Government of Canada’s Justice Laws Website.

Regulations Amending the Regulations Amending Certain Regulations Made Under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act

Please click the link below for downloadable PDF file.

Regulations Amending the Regulations Amending Certain Regulations Made Under the Proceeds of Crime July 2019 – Redlined_June 2020

Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations

Please click the links below for downloadable pdf files.
PCMLTF_July_2019_Redlined_Full_July_2019 – Redlined_June 2020

Proceeds of Crime (Money Laundering) and Terrorist Financing Suspicious Transaction Reporting Regulations

Please click the links below for downloadable pdf files.
PCMLTF_Suspicious_Transaction_Reporting_Regulations_July_2019 – Redlined_June 2020

Proceeds of Crime (Money Laundering) and Terrorist Financing Registration Regulations

Please click the link below for a downloadable PDF file.
PCMLTF_Registration_Regulations_July_2019 – Redlined_June 2020

Proceeds of Crime (Money Laundering) and Terrorist Financing Administrative Monetary Penalties Regulations

Please click the link below for a downloadable pdf file.
PCMLTF_Administrative_Monetary_Penalties_Regulations_July_2019 – Redlined_June 2020

Proceeds of Crime (Money Laundering) and Terrorist Financing Cross-Border Currency and Monetary Instruments Reporting Regulations

Please click the link below for a downloadable pdf file.
PCMLTF_Cross-Border_Currency_and_Monetary_Instruments_Reporting_Regulations_July_2019 – Redlined_June 2020

Need a Hand?

Whether you need to figure out if you’re a dealer in virtual currency, to put a compliance program in place, or to evaluate your existing compliance program, we can help. You can get in touch using our online form, by emailing info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

Regulations for Dealers in Virtual Currency – June 2020

Effective June 1, 2020, entities engaged in Virtual Currency activities are considered as Money Services Businesses (MSBs), and are required to register with FINTRAC and comply with MSB obligations under amendments made to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) that were released on July 19, 2019. Those amendments also require, as of June 1, 2021, reporting large virtual currency transactions. The Department of Finance has since made further amendments to those amended regulations, published in the Canada Gazette on June 10, 2020.

To make reading these changes a little easier, we have created a redlined version of the regulations, with the most recent changes showing as tracked changes, which can be found here.

Dealers in Virtual Currency

It’s important to start by understanding what’s being regulated. This is best done by considering some of the definitions that have been added to the regulation.

fiat currency means a currency that is issued by a country and is designated as legal tender in that country. (monnaie fiduciaire)

funds means

(a) cash and other fiat currencies, and securities, negotiable instruments or other financial instruments that indicate a title or right to or interest in them; or

(b) a private key of a cryptographic system that enables a person or entity to have access to a fiat currency other than cash.

For greater certainty, it does not include virtual currency. (fonds)

virtual currency means

(a) a digital representation of value that can be used for payment or investment purposes that is not a fiat currency and that can be readily exchanged for funds or for another virtual currency that can be readily exchanged for funds; or

(b) a private key of a cryptographic system that enables a person or entity to have access to a digital representation f value referred to in paragraph (a). (monnaie virtuelle)

virtual currency exchange transaction means an exchange, at the request of another person or entity, of virtual currency for funds, funds for virtual currency or one virtual currency for another. (opération de change en monnaie virtuelle)

In terms of who will be regulated, businesses (whether or not the business is incorporated) that conduct transactions on behalf of their customers, including:

  • Exchanging digital currencies for fiat currencies; and
  • Exchanging between virtual currencies.

Current Obligations

Client Identification:

Dealers in Virtual Currency must identify individuals and confirm the existence of entities when they:

  • Remit or transmit funds (see definition above) of $1,000 or more at the request of a customer;
  • Conduct a foreign exchange transaction of $3,000 or more;
  • Enter into an ongoing service agreement with a customer (conduct transactions for a customer that is an entity);
  • Conduct a large cash transaction; and
  • Must take reasonable measures to identify individuals who conduct or attempt to conduct a suspicious transaction.

As of June 2021, there will be an additional requirement to identify virtual currency exchange transactions valued at CAD 1,000. This will include exchanging fiat and virtual currency, as well as exchanges between virtual currencies.

Information on acceptable methods to identify clients can be found on FINTRAC’s website. 

Reporting:

For reporting, there are two important dates. By June 1, 2020, dealers in virtual currency will need to report the same types of transactions that MSBs are currently required to report. These are:

  • Electronic Funds Transfers: if you send or receive international electronic funds transfers (EFTs), including wires, valued at CAD 10,000 or more, by or on behalf of the same customer, it must be reported to FINTRAC within 5 working days.
  • Large Cash Transactions: if you receive cash (this means fiat in the form of bills and/or coins) valued at CAD 10,000 or more in the same 24-hour period, by or on behalf of the same customer, it must be reported to FINTRAC within 15 calendar days.
  • Suspicious Transactions: if there are “reasonable grounds to suspect” that a completed attempted transaction is related to money laundering or terrorist financing, it must be reported to FINTRAC “as soon as practicable” of the discovery of a fact that led you to determine that the transaction was suspicious.

FINTRAC defines “as soon as practicable” in its Glossary as follows:

A time period that falls in-between immediately and as soon as possible within which a suspicious transaction report (STR) be submitted to FINTRAC. In this context, the report must be completed promptly, taking into account the facts and circumstances of the situation. While some amount of delay is permitted, it must have a reasonable explanation. The completion and submission of the report should take priority over other tasks.

FINTRAC has released more specific guidance on what “measures” enable reporting entities to have “reasonable grounds to suspect”.

More information on suspicious transaction reporting can be found on FINTRAC’s website.

  • Terrorist Property: if you’re in possession of property (which includes funds and virtual currency) that belong to a terrorist or terrorist group, it must be reported without delay, and the property must be frozen. In addition to reporting to FINTRAC, these reports are also sent to the CSIS and RCMP – by fax. In order to know if customers fall into this category, it is important to screen against the United Nations Security Council consolidated list. We’ve worked with some friends on a tool to make this easier, which you can try here (use the code Free100 for a free trial).

If you are required to report transactions valued at CAD 10,000 or more in a 24-hour period, you must have a mechanism in place to detect reportable transactions which is described in your compliance documentation.

By June 1, 2021, a new report will be introduced:

  • Large Virtual Currency Transactions: if you receive virtual currency valued at CAD 10,000 or more in the same 24-hour period, by or on behalf of the same customer, it must be reported to FINTRAC within 5 working days.

Amendments to the Amendments

The amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) that were published in the Canada Gazette on June 10, 2020 create the following obligations for dealers in Virtual Currency:

Travel Rule

One of the most significant changes that will impact Virtual Currency Dealers as MSBs relates to a new requirement for records to be kept on all virtual currency transfers of CAD 1,000 or more.

The record must contain the following:

  1. include with the transfer, the name, address and, if any, the account number or other reference number of both the person or entity that requested the transfer and the beneficiary; and
  2. take reasonable measures to ensure that any transfer received includes the information referred to in paragraph (a) above.

Where the information required was not obtained, MSBs must have written risk-based policies and procedures for determining if the transaction should be suspended, rejected, or if another follow-up measure should be taken.

PEP

In addition to the existing requirement for MSBs to take reasonable measures to determine whether a client from whom they receive an amount of CAD 100,000 or more is a Politically exposed person (PEP), the amendments will require MSBs to make a PEP determination when they establish a business relationship with a client.

A reminder that a business relationship is defined as:

If a person or entity does not have an account with you, a business relationship is formed once you have conducted two transactions or activities for which you have to:

  • verify the identity of the individual; or
  • confirm the existence of the entity.

MSBs will also periodically need to take reasonable measures to determine whether a person with whom they have a business relationship is a PEP. We will have to await guidance from FINTRAC on this, but our guess is the frequency for determination will align to the frequency for customer information and identification updates.

Given the definition of a business relationship, we do not expect this requirement to be overly burdensome. If you currently conduct list screening, PEP screening could easily be added to that process. You are also able to ask the customer directly, while presenting the definition of a PEP, and record their response.

If a positive determination is made, the following records must be kept:

  1. the office or position, and the organization or institution, in respect of which the person is determined to be a politically exposed foreign person, a politically exposed domestic person or a head of an international organization, or a family member of, or a person who is closely associated with, one of those persons;
  2. the date of the determination
  3. the source, if known, of the person’s wealth;
  4. the risk rating; and
  5. the name of the member of senior management who reviewed the client, and the date the client was approved.

Other Relevant Blog Posts for Dealers in Virtual Currency

What’s happening in the VC community? 

Messaging Standard Overview

In October 2018, the Financial Action Task Force (FATF) adopted changes to its Recommendations to explicitly clarify that they apply to financial activities involving virtual assets (VA), effectively expanding the scope of the Recommendations to apply to virtual asset service providers (VASPs) and other obliged entities that engage in or provide covered VA activities.

“There exists a need for VASPs to adopt uniform approaches and establish common standards to enable them to meet their obligations resulting from the FATF Recommendations as they apply to affected entities”.

The implementation of obligations such as the travel rule for virtual currency transactions, in the majority of cases, would require an accompanying technology. To tackle issues such as this, a cross-industry, cross-sectoral joint working group of technical experts was formed in December 2019 and a new technical standard developed by the group.  The Joint Working Group on interVASP Messaging Standards (JWG) was established  by three leading international industry associations representing VASPs:
Chamber of Digital Commerce
Global Digital Finance
International Digital Asset Exchange Association 

We will have to wait for FINTRAC guidance to see if such a standard is provided as an example.

More information on the working group can be found here.

To download a copy of the standard anonymously, use this link:

DOWNLOAD THE STANDARD

We’re Here To Help

If you would like assistance in updating your compliance program and processes, or have any questions related to the changes, please get in touch!

Amending the Amendments! 2020 AML Changes for MSBs

Background

Back on July 10, 2019, the highly anticipated final version of the amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations were published. However, on June 10, 2020, further amendments to those amended regulations were published in the Canada Gazette. To make reading these changes a little easier, we have created a redlined version of the regulations, with new content showing as tracked changes, which can be found here.

The purpose of this round of amendments is to better align measures with international standards and level the playing field across reporting entities by applying stronger customer due diligence requirements and beneficial ownership requirements to designated non-financial businesses and professions (DNFBPs). The amendments come into force on June 1, 2021.

We have summarized the changes that will have an impact on Money Services Businesses (MSB)s below.

Travel Rule

One of the most significant changes that will impact MSBs and Foreign Money Services Businesses (FMSB)s relates to a new requirement for records to be kept on all virtual currency transfers of CAD 1,000 or more.

The record must contain the following:

  1. include with the transfer, the name, address and, if any, the account number or other reference number of both the person or entity that requested the transfer and the beneficiary; and
  2. take reasonable measures to ensure that any transfer received includes the information referred to in paragraph (a) above.

Where the information required was not obtained, MSBs and FMSBs must have written risk-based policies and procedures for determining if the transaction should be suspended, rejected or if another follow-up measure should be taken.

PEP

In addition to the existing requirement for MSBs and FMSBs to take reasonable measures to determine whether a client from whom they receive an amount of CAD 100,000 or more is a Politically exposed person (PEP), the amendments will require MSBs and FMSBs to make a PEP determination when they establish a business relationship with a client.

A reminder that a business relationship is defined as:

If a person or entity does not have an account with you, a business relationship is formed once you have conducted two transactions or activities for which you have to:

  • verify the identity of the individual; or
  • confirm the existence of the entity.

MSBs and FMSBs will also periodically need to take reasonable measures to determine whether a person with whom they have a business relationship is a PEP. We will have to await guidance from FINTRAC on this, but our guess is the frequency for determination will align to the frequency for customer information and identification updates.

Given the definition of a business relationship, we do not expect this requirement to be overly burdensome. If you currently conduct list screening, PEP screening could easily be added to that process. You are also able to ask the customer directly, while presenting the definition of a PEP, and record their response.

If a positive determination is made, the following records must be kept:

  1. the office or position, and the organization or institution, in respect of which the person is determined to be a politically exposed foreign person, a politically exposed domestic person or a head of an international organization, or a family member of, or a person who is closely associated with, one of those persons;
  2. the date of the determination; and
  3. the source, if known, of the person’s wealth.

We’re Here To Help

If you would like assistance in updating your compliance program and processes, or have any questions related to the changes, please get in touch!

2019 AML Changes for MSBs

Background

On July 10th, 2019, the highly anticipated final amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations were published. This article is intended to give a high-level summary of the amendments as specific to MSBs. If you’re the type that likes to read original legislative text, you can find it here. We also created a redlined version of the regulations, with new content showing as tracked changes, which can be found here.

It is expected that all regulated entities will have to significantly revamp their AML compliance program due to the amount of changes. There are three different “coming into force” dates that should be noted.

  • June 25, 2019: a wording change from “original” to “authentic” related to identification. This is welcomed news for digital identification.
  • June 1, 2020: changes related dealers in virtual currency (which do not apply to MSBs).
  • June 1, 2021: all other regulatory amendments.

While this does give regulated entities some time to get their AML compliance programs updated and in order, we recommend that you start budgeting and planning now.

Guidance from FINTRAC, related to the changes in regulation, is expected to be seen ahead of coming into force dates. Given the legislative changes, there will be changes to FINTRAC policy interpretations as well so be sure to monitor closely and save any interpretations that you may have used for due diligence purposes.

Hefty Disclaimer

This article should not be considered advice (legal, tax or otherwise). That said, any of the content shared here may be used and shared freely – you don’t need our permission. While we’d love for content that we’ve written to be attributed to us, we believe that it’s more important to get reliable information into the hands of community members (meaning that if you punk content that we wrote, we may think you’re a jerk but we’re not sending an army of lawyers).

Foreign MSBs

In the past, foreign MSBs only had to comply with Canadian AML requirements if they had a “real and substantial connection” to Canada. A “real and substantial connection” was defined in FINTRAC policy interpretations as having one or more of the following statements be true:

  • Is the business incorporated in Canada;
  • Does the business have agents in Canada;
  • Does the business have physical locations in Canada; and/ or
  • Does the business maintain a bank account or a server in Canada.

The final amendments create obligations for foreign businesses that direct and provide certain services to people located in Canada, via the Internet. If you are a foreign MSB, check out our blog on full requirements as they relate to a foreign MSB with dealings in Canada.

What Does This Mean For My Business?

Changes to Canada’s AML regulations will have a direct impact on MSB AML obligations, including the following:

  • Customer identification;
  • Reporting; and
  • Compliance Program requirements.

While there are quite a number of changes, only some will have more of an impact on MSBs. We’ve summarized the changes that will impact MSBs below.

Customer Identification

Currently, there is a requirement that when customers are identified, the document and/or data that you collect must be in its “original” format. This has been interpreted to mean that if the customer receives a utility bill in the mail, they must send you the original paper (not scanned or copied) document. The final regulations replace the word “original” with “authentic”, and state that a document used for verification of identity must be “authentic”, valid and current. This would allow for scanned copies of documentation, and/or for software that can authenticate a person’s identification documents.

Other changes to the identity verification requirements are as follows:

  • A customer’s identity must be verified if they are the beneficiary of an international EFT of CAD 1,000 or more;
  • For credit file verification (single source) the credit file information must now be derived from more than one source; and
  • For the dual source method, when relying on a credit report as part of a dual source, the credit file must have been in existence for at least six months. Additionally, the person or entity that is verifying the information cannot be a source.

In addition, there are provisions that allow reporting entities to rely on the identification conducted previously by other reporting entities. If this method is used to identify a customer, the reporting entity must immediately obtain the identification information from the other reporting entity and have a written agreement in place requiring the entity doing the identification to provide the identification verification as soon as feasible.

FINTRAC Reporting

Reporting EFTs of CAD 10,000 or More

If you conduct international remittance transactions at the request of your customers, the requirement to report transactions of CAD 10,000 or more will now be your responsibility, not your financial services provider.

The final amendments removes the language commonly known as the “first in, last out” rule. This means that the first person/entity to ‘touch’ the funds for a transaction incoming to Canada, or the last person/entity to ‘touch’ the funds for a transaction outgoing from Canada, had the reporting obligation (as long as the prescribed information was provided to them). The update will change the reporting obligation to whoever maintains the customer relationship. So, if you initiate a transaction at your customer’s request (outgoing transaction), or provide final receipt of payment to your customer (incoming transaction), it will be your obligation to report that transaction to FINTRAC.

Virtual Currency Reporting

If you conduct transactions involving virtual currencies such as bitcoin, you will be required to report the receipt, or the sending, of amounts of CAD 10,000 or more in a virtual currency transaction to FINTRAC. These are basically the same as Large Cash Transaction reporting obligations, including making a determination of whether the person is acting on behalf of a third-party. There will also be the requirement for reporting entities to maintain a Large Virtual Currency Transaction record.

For more information on the full scope of updates specific to virtual currency, please check out our full article here.

The 24-Hour Rule

The final regulations clarify that multiple transactions performed by, or on behalf of, the same customer or entity, or are for the same beneficiary, within a 24-hour period, are to be considered as a single transaction for reporting purposes when they total CAD 10,000 or more. This would mean that only one report would need to be submitted to capture all transactions that aggregate to CAD 10,000 or more. If you use software to automatically detect these types of transactions, you should begin discussions with your IT department or software provider to determine the time and resources that will be required to update the detection process.

For example, currently, a Large Cash Transaction Report must be submitted either for single transactions of CAD 10,000 (or more), or for multiple transactions of less than CAD 10,000 each that add up to CAD 10,000 or more in a 24-hour period. This can result in situations where two reports are filed for transactions taking place in a 24-hour period.

Cash deposit of CAD 12,000 – LCTR #1 for CAD 12,000

Cash deposits of CAD 5,000 and CAD 6,000 – LCTR #2 for CAD 11,000

Using the same example, under the new rules we would have:

Cash deposits of CAD 12,000, CAD 5,000 and CAD 6,000 – Single LCTR for CAD 23,000

We can expect to see guidance from FINTRAC ahead of the enforce date. If you have questions prior to this,  it is possible to write to FINTRAC to request a policy interpretation.

Suspicious Transaction Reporting

Currently, if a reporting entity has reasonable grounds to suspect that a transaction, or attempted transaction, is related to money laundering or terrorist financing, a report must be submitted to FINTRAC within 30 days of the date that a fact was discovered that caused the suspicion. The revised regulations amended this to “’as soon as reasonably practicable’ after measures have been completed to establish that there are reasonable grounds to suspect that a transaction or attempted transaction is related to money laundering or terrorist financing”.

This would require reports to be submitted to FINTRAC shortly after a reporting entity conducts an analysis that established reasonable grounds for suspicion. It will be important to have detailed processes for unusual transaction investigations. It will be interesting to see how FINTRAC looks at this obligation during examinations.

Terrorist Property Reporting

A very small change (or clarification), related to Terrorist Property Reports, has been made in the final regulations. The timing requirement for filing has changed from “without delay” to “immediately”. This means regulated entities need to report that they are in possession of terrorist property as soon as they become aware.

Information Included in Reports to FINTRAC

Certain information is required in reports to FINTRAC. The final regulations introduce changes to reporting schedules, requiring more detailed information to be filed with FINTRAC then previously was required. Even where information is marked as being optional, if a reporting entity has the information, it becomes mandatory to include it. Some of the additional data fields are:

  • every reference number that is connected to the transaction;
  • type of device used by person who makes request online;
  • number that identifies device;
  • internet protocol address (IP address) used by device;
  • person’s or entity’s user name; and
  • date and time of person’s online session in which request is made.

These fields may require significantly more data to be included in reports, especially for transactions that are conducted online. Such changes may mean working with your IT folks to ensure you are retaining the needed data in a format that will be easy to extract.

For full details on what has changed for FINTRAC report fields, we have created unofficial redline which can be found here.

Ongoing Compliance Training

The amended regulations have introduced a requirement to document a plan for ongoing compliance training. This differs from the current requirement to develop and maintain a written training program.

In practice, this means that in addition to documenting all of the training that has already been completed, you will need to clearly document future training plans.

Risk Assessment Obligations

With the last round of AML changes, we saw the addition of “New Technologies and Developments” as a newly added category to the Risk-Based Approach requirements. This round of changes makes the next logical progression, which is the obligation to assess the money laundering and terrorist financing risk of any product, delivery channel or new technology before implementation. Meaning, if you are looking to take your business online and are going to use this fancy, new ID software, you had better take careful inventory and document where your risks are, and be sure the appropriate controls have been put in place, before going live but many MSBs have already implemented this best practice.

We’re Here To Help

If you would like assistance in updating your compliance program and processes, or have any questions related to the changes, please get in touch using our online form on our website, by emailing info@outliercanada.com or by calling us toll-free at 1-844-919-1623.

Canada’s Proposed AML Changes for MSBs

What’s Old is New Again, Well Updated

On June 9th, 2018, draft amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations (there are five separate regulations that we’re going to collectively call regulations here for simplicity’s sake). This article is intended to give a high-level summary of the proposed amendments as they relate to Money Services Businesses (MSBs).

This article should not be considered advice (legal, tax or otherwise). That said, any of the content shared here may be used and shared freely – you don’t need our permission. While we’d love for content that we’ve written to be attributed to us, we believe that it’s more important to get reliable information into the hands of community members (meaning that if you punk content that we wrote, we may think you’re a jerk but we’re not sending an army of lawyers).

Finally, we want to encourage the community to discuss the proposed changes and submit meaningful feedback for policy makers. The comment period for this draft is 90 days. After this, the Department of Finance takes the feedback to the bat cave and drafts a final version of the amendments. From the time that the final version is published, the draft indicates that there will be 12 months of transition to comply with the new requirements.

♬The Times Regulations Are Changing♬

Foreign MSBs

Currently, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has issued a policy interpretation (PI-5594) in August of 2013, which states that a “real and substantial connection” to Canada must be present for an entity to be required to register as an MSB with FINTRAC.  A “real and substantial connection” was defined in the interpretation as having one or more of the following:

  • Whether the business is incorporated in Canada;
  • Whether the business has agents in Canada;
  • Whether the business has physical locations in Canada; and/ or
  • Whether the business maintains a bank account or a server in Canada.

The draft amendments introduce a new definition, which is “Foreign Money Services Business” that means anyone serving Canadian customers or entities in Canada is now subject to all Canadian requirements no matter where they are located.  Throughout the proposed changes, where there is a reference to money services businesses, there is also a reference to foreign money services businesses.  This will be significant to MSBs who operate non-face-to-face in the online marketplace and do not reside in Canada.

Non-Face-To-Face Customer Identification

Currently, there is a requirement that when customers are identified using the dual process method, the document and/or data that you collect is in its “original” format. This has been interpreted to mean that if the customer receives a utility bill in the mail, they must send you the original paper (not scanned or copied) document. The word “original” will be replaced with “authentic” (meaning that so long as you believe that the utility bill is a real utility bill for that person, it doesn’t need to be the same piece of paper that they received in the mail).

In addition, there are provisions that would allow reporting entities to rely on the identification conducted previously by other reporting entities. If this method is used to identify a customer, the reporting entity must immediately obtain the identification information from the other reporting entity and have a written agreement in place requiring the entity doing the identification to provide the identification verification within 3 days of the request.

Reporting EFTs of $10,000 or More

If you conduct international remittance transactions at the request of your customers, the requirement to report transactions of $10,000 or more will now be your responsibility, not your financial services provider.

The proposed change removes the language commonly known as the “first in, last out” rule.  This means that the first person/entity to ‘touch’ the funds for transactions incoming to Canada or the last person/entity to ‘touch’ the funds for a transaction outgoing from Canada had the reporting obligation (as long as the prescribed information was provided to them).

The update will change the reporting obligation to whoever maintains the customer relationship. So if you initiate a transaction at your customer’s request (outgoing transaction) or provide final receipt of payment to your customer (incoming transaction), it will be your obligation to report that transaction to FINTRAC.

For example, if the flow of the instructions for payment were as follows:

Currently, the reporting obligation of the outgoing EFT would fall to the bank in Canada.  With the draft updates, the reporting obligation would now fall to the MSB in Canada, because they have the relationship with the customer initiating the transaction.

 

Third Party Determination

Currently, the obligation to determine whether a third party is involved in a transaction relates to Large Cash Transactions.  The proposed changes would include the obligation to make a third party determination for all EFTs of $10,000 or more.  This would also require similar record keeping obligations as a third party determination under the current Large Cash Transaction records.

Suspicious Transaction Reporting

Currently, if a reporting entity has reasonable grounds to suspect that a transaction or attempted transaction is related to money laundering or terrorist financing, a report must be submitted to FINTRAC within 30 days of the date that a fact was discovered that caused the suspicion. This change appeared in the last round of amendments that came into force last year, and the proposed new wording would be another significant change:

The person or entity shall send the report to the Centre within three days after the day on which measures taken by them enable them to establish that there are reasonable grounds to suspect that the transaction or attempted transaction is related to the commission of a money laundering offence or a terrorist activity financing offence.

This means that a report would be due three days after the reporting entity conducts an investigation or does something that allows them to reach the conclusion that there are reasonable grounds to suspect.

Information Included In Reports to FINTRAC

Certain information is required in reports to FINTRAC. Even where information is marked as being optional, if a reporting entity has the information, it becomes mandatory to include it. Some of the additional proposed data fields are:

  • every reference number that is connected to the transaction,
  • type of device used by person who makes request online,
  • number that identifies device,
  • internet protocol address (IP address) used by device,
  • person’s user name, and
  • date and time of person’s online session in which request is made.

These fields may require significantly more data to be included in reports, especially for transactions that are conducted online.

Ongoing Compliance Training

Currently, there are five required elements of a Canadian AML compliance program, but there is soon to be a sixth.  Before you get too worried, it’s not that major.  The change is specific to your ongoing compliance training obligations, which says you must institute and document a plan for your ongoing compliance training program and the delivery of the training.  Basically, in your AML compliance program documentation, you need to provide a description of your training program for at least the next year and how the training will be delivered. Many MSBs have already implemented this best practice.

Risk Assessment Obligations

With the recent addition of the “New Technologies and Developments” category to the Risk-Based Approach requirements, the next logical progression has be added.  The updates include the obligation to assess the money laundering and terrorist financing risk of any new technology before implementation.  Meaning, if you are looking to take your business online and are going to use this fancy, new non-face-to-face ID system, you had better take careful inventory of where your risks are and be sure the appropriate controls have been put in place before going live. Much like the training plan, many MSBs have already implemented this best practice.

Virtual Currency

The draft updates also include major changes related to virtual currency. “Dealers in virtual currencies’ would be regulated as MSBs. New record keeping and reporting obligations would apply to all reporting entities that accept payment in virtual currency, or send virtual currency on behalf of their customers.

For more information on updates specific to virtual currency, please check out our full article.

What Next

If you’ve read this far, congratulations and thank you!

We hope that you will contribute your thoughts and comments. You can do this by contacting the Department of Finance directly. Their representative on this file is:

Lynn Hemmings

Acting Director General

Financial Systems Division

Financial Sector Policy Branch

Department of Finance

90 Elgin Street

Ottawa, Ontario

K1A 0G5

Email: fin.fc-cf.fin@canada.ca

If you would like assistance drafting a submission, or have questions that you would like Outlier to answer, please get in touch!

If you are interested in sharing your comments with the Canadian MSB Association (and we highly encourage you to do so) please email luisa@global-currency.com. She will have more information on the industry group’s submission and consultation process.

Canada’s AML Rules for “Virtual Currency”

On June 9th, 2018, draft amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations (there are five separate regulations, that we’re going to collectively call regulations here for simplicity’s sake). While not all of the proposed amendments are related to virtual currency, many are (the term virtual currency comes up 304 times in about 200 pages). This article is intended to give a high-level summary of the proposed amendments as they relate to virtual currency for businesses in that industry (exchanges, brokerages, etc.).

This article should not be considered advice (legal, tax or otherwise). That said, any of the content shared here may be used and shared freely – you don’t need our permission. While we’d love for content that we’ve written to be attributed to us, we believe that it’s more important to get reliable information into the hands of community members (meaning that if you punk content that we wrote, we may think you’re a jerk but we’re not sending an army of lawyers).

Finally, we want to encourage the community to discuss the draft and submit meaningful feedback for policymakers. To this end, we’re going to be posting, hosting and attending community events. We’ve also set up a survey that can be completed without submitting any personal information (though you may choose to do so). If you would like one of our compliance nerds at your event, please get in touch. If you’re already having a related event that benefits the community, let us know or post it in the comments.

The comment period for this draft is 90 days. After this, the Department of Finance takes the feedback to the bat cave and drafts a final version of the amendments. From the time that the final version is published, the draft indicates that there will be 12 months of transition to comply with the new requirements.

What to expect when you’re expecting (to be regulated)?

While we acknowledge that our sample is biased (people that talk to compliance geeks), we know that many businesses such as brokerages and exchanges have expected to be regulated as money services businesses (MSBs) since Bill C-31 was passed in 2014. Many of these businesses already have in place the required elements of an anti-money laundering (AML) compliance regime, including:

  1. The appointment of a Compliance Officer;
  2. Written policies and procedures;
  3. A documented risk assessment;
  4. Training; and
  5. Effectiveness testing (like an audit, but for compliance).

In addition, many have been voluntarily reporting suspicious activity to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), the body under which they expect to be regulated for AML.

The proposed amendments would formalize compliance program requirements, as well as create new requirements specific to businesses “dealing in virtual currency” (which would now be considered MSBs). While “dealing in virtual currency” itself is not defined, the text of the regulations implies that it will include exchanging, sending, and receiving virtual currency on behalf of other people or entities. Such entities would be required to register as MSBs if they are serving Canadian customers (whether or not they are located in Canada).

There are a number of thresholds that are proposed, including identification (at CAD 1,000) and reporting (at CAD 10,000). In each case, specific information must be collected and recorded. The identification methods that are available in these circumstances are relatively prescriptive, although the proposed amendments do make some headway towards supporting a broader array of identification methods by requiring that documents be considered “authentic” rather than requiring documents in their original format. Of course, as with any complex issue, guidance from FINTRAC will be required before we’re certain how this will be interpreted by the regulator (It’s good news; we’re just not sure how good, yet).

As always in compliance, the devil is in the details. What follows is a few of those key details, as well as some of the issues that we anticipate. We encourage you to conduct your own analysis and to join the conversation.

What’s In A Definition?

Definitions are generally not very interesting. When was the last time that you read the dictionary? (Sidenote: if you are a serious scrabble geek and do this on the regular, you will enjoy this section more than most)… In this case though, definitions matter. Definitions will make a difference in terms of the businesses and activities that are regulated, and how they are regulated. Fortunately, our community includes a number of engineers, debaters, and other individuals with a penchant for the precise – and your skills are needed here. We encourage you to carefully consider the following and to submit feedback on how they can be improved.

authorized user means a person who is authorized by a holder of a prepaid payment product account to have electronic access to funds or virtual currency available in the account by means of a prepaid payment product that is connected to it.

funds means

(a) cash and other fiat currencies, and securities, negotiable instruments or other financial instruments that indicate a title or right to or interest in them; or

(b) information that enables a person or entity to have access to a fiat currency other than cash.

For greater certainty, it does not include virtual currency. (fonds)

fiat currency means a currency that is issued by a country and is designated as legal tender in that country.

large virtual currency transaction record means a record that indicates the receipt of an amount of $10,000 or more in virtual currency in a single transaction and that contains the following information:

(a) the date of the receipt;

(b) if the amount is received for deposit into an account, the name of each account holder;

(c) the name, address and telephone number of every other person or entity that is involved in the transaction, the nature of their principal business or their occupation and, in the case of a person, their date of birth;

(d) the type and amount of each virtual currency involved in the receipt;

(e) the exchange rate used and the source of the exchange rate;

(f) the number of every other account that is affected by the transaction, the type of account and the name of each account holder;

(g) every reference number that is connected to the transaction;

(h) every other known detail that identifies the receipt; and

(i) if the amount is received by a dealer in precious metals and precious stones for the sale of precious metals, precious stones or jewellery,

(i) the type of precious metals, precious stones or jewellery,

(ii) the value of the precious metals, precious stones or jewellery, if different from the amount of virtual currency received, and

(iii) the wholesale value of the precious metals, precious stones or jewellery.

prepaid payment product means a product that is issued by a financial entity and that enables a person or entity to engage in a transaction by giving them electronic access to funds or virtual currency paid to a prepaid payment product account held with the financial entity in advance of the transaction. It excludes a product that enables a person or entity to access a credit or debit account or one that is issued for use only with particular merchants.

prepaid payment product account means an account that is connected to a prepaid payment product and that permits

(a) one or more transactions that total $1,000 or more to be conducted within a 24-hour period; or

(b) a balance of funds or virtual currency available of $1,000 or more to be maintained.

virtual currency means

(a) a digital currency that is not a fiat currency and that can be readily exchanged for funds or for another virtual currency that can be readily exchanged for funds; or

(b) information that enables a person or entity to have access to a digital currency referred to in paragraph (a).

virtual currency exchange transaction means an exchange, at the request of another person or entity, of virtual currency for funds, funds for virtual currency or one virtual currency for another.

virtual currency exchange transaction ticket means a record respecting a virtual currency exchange transaction — including an entry in a transaction register — that sets out

(a) the date of the transaction;

(b) in the case of a transaction of $1,000 or more, the name, address and telephone number of the person or entity that requests the exchange, the nature of their principal business or their occupation and, in the case of a person, their date of birth;

(c) the type and amount of each of the funds and virtual currencies involved in the payment made and received by the person or entity that requests the exchange;

(d) the method by which the payment is made and received;

(e) the exchange rate used and the source of the exchange rate;

(f) the number of every account that is affected by the transaction, the type of account and the name of each account holder;

(g) every reference number that is connected to the transaction; and

(h) every other known detail that identifies the transaction.

Diving Deeper – Obligations and Potential Issues

1 – Do the definitions capture unintended parties?

We were surprised to see that there were not specific carve-outs for certain types of tokens, including securities, and tokens intended specifically for gaming. The definition, as it’s currently written seems capable of encompassing both tokenized security offerings and gaming tokens.

In addition, the second part of the definition that includes “information that enables a person or entity to have access to a digital currency referred to in paragraph (a).” has the potential to open the definition even more broadly. For instance, if I have stored a copy of a seed phrase or a hardware device with a vault service – have they received virtual currency? Are they sending virtual currency to me if the contents of my vault are couriered to me?

 2 – What about peer-to-peer, decentralized applications, and smart contracts?

The amendments as they are presented appear to take the view that transactions have intermediaries. There are no specific carve-outs for peer-to-peer transactions (though we expect that previous guidance could be applied here), decentralized applications, and smart contracts. This may be a particularly contentious issue in the case of an exchange from one “virtual currency” to another – especially where such an exchange is initiated or completed without any human intervention. Similarly, questions arise for wallet service providers. For instance, what if a wallet provider does not have access to private keys, but connects to applications that permit users to initiate transactions that would be considered to be exchange transactions under the current definition?

That said, there are some astute exclusions, including the following activities which are explicitly not covered:

(a) a transfer or receipt of virtual currency as compensation for the validation of a transaction that is recorded in a distributed ledger; or

(b) an exchange, transfer or receipt of a nominal amount of virtual currency for the sole purpose of validating another transaction or a transfer of information.

Nonetheless, it is difficult to determine where the policymakers intended to draw the line, and where the regulator will later enforce it…

3 – Jurisdiction doesn’t matter; foreign money services businesses (MSBs) are covered.

While not specific to virtual currency, it is noteworthy that the proposed amendments expand the definition of an MSB to include any business that is providing prescribed services in Canada. As we’ve seen in the case of the NY BitLicense, badly drafted legislation can drive away business and lead to a lack of service providers willing to do business in a region.

While we’re not suggesting that the proposed amendments are nearly as ill-conceived as the NY BitLicense, it is important to consider whether or not these will affect Canadians’ ability to access services, and the attractiveness of the Canadian market generally for innovative international businesses. While we do not expect this particular amendment to be altered, we would encourage businesses located outside of Canada that serve Canadians to comment.

What Next?

If you’ve read this far, congratulations and thank you!

We hope that you will contribute your thoughts and comments. You can do this by contacting the Department of Finance directly. Their representative on this file is:

Lynn Hemmings

Acting Director General

Financial Systems Division

Financial Sector Policy Branch

Department of Finance

90 Elgin Street

Ottawa, Ontario

K1A 0G5

Email: fin.fc-cf.fin@canada.ca

If you would like assistance drafting a submission, or have questions that you would like Outlier to answer, please get in touch!

You can also answer specific questions in our survey, or join us at a community event.

The Secret Project: 2017

Thank you to the Canadian MSB Association for allowing us to present our research findings at the 2017 Fall Conference.

Money Services Business (MSB) and bitcoin business banking in Canada is the most significant barrier to entry. We set out to prove that the derisking crisis is real. In a first world country, this is absurd. We hope that this research facilitates an open and honest dialogue, that includes those with the power to improve the situation.

For those that have asked, here are our slides:

The Secret Project- MSB Banking (PDF)

The Secret Project- MSB Banking (PowerPoint)

Raw data: use it as you see fit. Seriously. We believe in open source. Information wants to be free.

Google Drive Access

A video of the presentation will follow.

 

An MSB by Any Other Name

What’s in an MSB?

Under Canadian federal legislation, a money services business (MSB), in Canada, is a person or entity engaged in the business of any of the following activities:

  • Foreign exchange dealing;
  • Remitting or transmitting funds by any means or through any person, entity or electronic funds transfer network; or
  • Issuing or redeeming money orders, traveller’s cheques or other similar negotiable instruments (except for cheques payable to a named person or entity).

More detailed guidance on these specifications can be found in FINTRAC Interpretation Notice no. 1, published by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). There is also a number of excellent guidance documents for MSBs available on FINTRAC’s website.

Payment Service Providers (PSPs) and Payment Processors

We’ve had a lot of MSBs lately calling to ask if they can simply declare themselves as payment service providers (PSPs) or payment processors rather than MSBs.

The short answer is “no.”

The long answer is “only if you change your business model to include only PSP activities.”

PSP or payment processing services, in FINTRAC’s view are quite restricted. These include providing payment processing services for the purposes of:

  • Payroll and commission payments, or
  • Tuition fee payments, or
  • Utility bill payments, or
  • Mortgage and rent payment.

These services do not, generally, involve any element of foreign exchange. While this is probably not the answer that many MSBs are looking for, especially those that are labouring to maintain banking relationships in the current climate, it is important information. Operating an MSB without registering with FINTRAC or maintaining a compliance program can lead to penalties including administrative monetary penalties (AMPs) and the publication of the MSB’s name on FINTRAC’s website. To date, 36 MSBs have received a total of $814,805 in AMPs.

Corollary Services

There are also cases where MSB type activities are performed as a “corollary” another product or service. In these instances, the business does not offer MSB type products or services to the public as standalone services, but provides these in order to facilitate other services. The most common exemption that we have seen relates to lending services.

For example: A company that is in the business of automotive lending (loans) might make a payment on its customer’s behalf to a car dealership. In this case, the payment that is remitted to the car dealership could be considered “remitting or transmitting funds by any means or through any person, entity or electronic funds transfer network” (which would be an MSB service), however, it is only remitted for the purpose of issuing the loan, and is considered a corollary.

There are, however, a number of cases that might appear to be corollary services on the surface, which are not. Unless your business model is identical to a business model where FINTRAC has already issued a policy interpretation citing the MSB services offered as a corollary, we highly recommend seeking a policy interpretation from FINTRAC in order to ensure that you are not carrying out MSB business in the regulator’s view.

FINTRAC’s Policy Interpretations – Just Ask

Fortunately, FINTRAC publishes its policy interpretations on its website. We’ve pulled together the most relevant of these in this document.

MSB PSP FINTRAC Policy Interpretation at 16Jan2017

FINTRAC’s policy positions are provided as guidance to the industry. If you have specific questions about your business model, you may contact FINTRAC directly via email at: guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

There is no cost to contacting FINTRAC directly, however, it generally takes 4-8 weeks (in our experience) to receive a response in writing. We recommend reading and referring to FINTRAC’s existing guidance (including guidelines and policy interpretations) in order to frame your question effectively.

Need a Hand?

If you have questions about this document, would like to receive a copy in Word, or need assistance with compliance, please feel free to contact us. We aim to answer all queries within 2 business days.

Phone: (844) 919-1623

Email: info@outliercanada.com

Web Form: https://www.outliercanada.com/contact-us/

Sanctions This Week: July 25th – 29th, 2016

 

OSFISanctions Pic

There were no updates released from OSFI this week.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released four updates last week.  One update was related to the publication of Cuba-related Frequently Asked Questions (FAQ), covering some of the recent changes made to the sanctions that had previously been placed on Cuba.  Other updates included the removal of 12 individuals from the Counter Terrorism Designations List, the issuance of a Finding of Violation and the publication of Iran General License J.

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.

The update to the Cuba-related FAQs was for the issuance of a new FAQ (#38) and a revision of an existing FAQ (#39), relating to certain information collection and recordkeeping requirements for persons subject to U.S. jurisdiction who provide authorized carrier or travel services to or from Cuba for specifically licensed travelers.

The update to the Counter Terrorism Designations List included the removal of 12 individuals of Libyan origin who are currently residing in the UK.

The Finding of Violation was issued to Compass Bank, which uses the trade name BBVA Compass, for violations of the Foreign Narcotics Kingpin Sanctions Regulations. From June 12, 2013 to June 3, 2014, Compass maintained accounts on behalf of two individuals on OFAC’s List of Specially Designated Nationals and Blocked Persons (the “SDN List”).

The final update of the week was related to OFAC issuing “General License J”, authorizing the re-exportation of certain civil aircraft to Iran on temporary sojourn and related transactions.

See the Cuba-related FAQ update on OFAC’s website.

See the Counter Terrorism Designations List update on OFAC’s website.

See the issuance of a Finding of Violation to Compass Bank on OFAC’s website.

See the Iran General License J details on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Return to Blog Listing


PROCESSING...