PROCESSING...

Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Ministerial Directives Related to Iran & LVCTRs

There have been a number of conversations floating around about FINTRAC Large Virtual Currency Transaction Reporting (LVCTR) obligations as it relates to transactions involving Iran, and potentially involving Iran, under the current Ministerial Directive (MD). While this is not a new requirement (LVCTRs were effective June 1, 2021 and the original MD became effective July 25, 2020), there has been clarification provided with regards to reporting, and what activities trigger which reports.

For background, Outlier Compliance Group wrote an article on what the Iran-related MD entails, so if you are not familiar with the requirements, we suggest starting there.

Existing Guidance

The existing MD guidance does not align with the information provided in a recent policy interpretation for reporting transactions involving Iran that generally are not otherwise reportable, such as a transaction below the reporting threshold. The current guidance says the following:

Any transaction involving the receipt of virtual currency (VC) for exchange to Iranian rial, or VC that is equivalent to an amount under the reporting threshold of $10,000 CAD must be reported using the LVCTR by:

    • Inserting the IR2020 code when using the LVCTR upload; or
    • Selecting IR2020 in the ‘Ministerial Directive’ field of the LVCTR.
    • Because the report is related to the MD, you must ensure that the information provided reflects a connection to Iran.

Recent Interpretation

On June 11, 2023, a policy interpretation was submitted to clarify FINTRAC’s expectations with regards to reporting VC transactions related to the Iran MD. A few specific scenarios were included to ensure an easily digestible response was provided. The portion below is the most noteworthy sections of the response from FINTRAC clarifying the expectation of reporting virtual currency transactions that are below the reporting threshold where there is a nexus to Iran:

To answer your question regarding other instances that could involve the receipt of VC originating from Iran in one or more transactions under the threshold, please refer to section 3) of the Ministerial Directive. It states that any transaction (originating from or bound for Iran) must be treated as a high-risk transaction for the purposes of subsection 9.6(3) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), and must be reported to FINTRAC. Where these transactions involve the receipt of VC but cannot be reported using an LVCTR, they must be reported using the Suspicious Transaction Report (STR) with the IR2020 code.  Only completed transactions can be reported through an STR if the only reason for reporting is that the transaction is originating from or bound for Iran. An attempted transaction should only be reported when you have reasonable grounds to suspect that the transaction is related to the attempted commission of a money laundering or terrorist activity financing offence. 

Further to section 3(a) of the Ministerial Directive, you need to look at a variety of elements when determining whether a transaction originates from or is bound for Iran because the circumstances of each transaction are different. The exchange of VC for Iranian rial is not the only circumstance in which a VC transaction may fall under the Ministerial Directive. After you’ve considered the facts, contexts and indicators of a transaction and you determine it is subject to the Ministerial Directive, you must determine if the transaction(s) should be reported using the LVCTR or STR, as described above.

I’ve provided the reporting information for the scenarios you presented in your email:

    1. Virtual currency that originates from an identified virtual currency exchange in Iran.
      • Report the transaction in the STR with code IR2020.
    2. Virtual currency that originates from a wallet address identified as being in or from Iran.
      • When the conductor, beneficiary or third party address details list Iran as the country, and the transaction is not a VC exchange to Iranian rial, report the transaction in the STR with code IR2020.
    3. Travel rule information from the receiving client (or from a participant in the travel rule network) that sent the virtual currency from an address associated with an Iranian virtual currency exchange, or a person or entity in Iran that is not captured under the Ministerial Directive.
      • If a VC transaction has travel rule information that indicates it originates from or is bound for Iran and it does not meet the LVCTR criteria for the Ministerial Directive, the transaction must be reported using the STR with code IR2020.

So What Do I Need To Do?

What is important to understand in this clarification, is the obligation to report every transaction that has a nexus to Iran, such as originating from a VC exchange in Iran, and how that is to be reported. Where a transaction is not otherwise reportable to FINTRAC via an LVCTR, it must be reported using a Suspicious Transaction Report (STR) and the MD indicator IR2020 must be selected (we also suggest including IR2020 in the opening of the narrative in Section G). Transactions that are not otherwise reportable to FINTRAC include VC exchange transactions below the reporting threshold, as referenced in the response from FINTRAC.

Moving Forward

In order to ensure you are compliant with the MD obligation, a thorough lookback to June 1, 2021 for all VC transactions below the reporting threshold, that may have had a nexus with Iran, needs to be performed. Should transactions that should have been reported be found, a Voluntary Self-Disclosure of Non Compliance (VSDONC) should be submitted to FINTRAC. For more information on VSDONCs and how to complete one, please see our blog post on the topic.

Need a Hand?

If you are looking for help completing a lookback or would like a second set of eyes on a VSDONC, please feel free to contact us.

Don’t Share STRs or STR Data

Recently the Compliance Officer from a small reporting entity reached out to me to ask an uncomfortable question: should they provide copies of the Suspicious Transaction Reports (STRs) that they had filed with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) to their financial services providers such as a credit union or bank?

This was a difficult situation for the reporting entity’s Compliance Officer because they were afraid of pushing back too much with the financial services provider. Like most non-bank reporting entities, they rely heavily on the services provided by the bank in order to be able to operate their business. Financial service providers, such as banks and credit unions, have the ability to close the accounts of businesses in Canada (often called de-risking), and it can be difficult for some types of reporting entities to establish new banking or payments relationships. The financial services provider in this situation has significantly more power than the reporting entity that is dependent on them.

My gut reaction was that the reporting entity should not disclose the contents of their STR reports, or provide copies. In Canadian legislation, disclosing the fact that an STR was made, or disclosing the contents of such a report, with the intent to “prejudice a criminal investigation” can be punishable as a criminal offence, with penalties of up to 2 years imprisonment (this is also known as “tipping off”). While there did not appear to be any intent to prejudice a criminal investigation in this case, it still seemed like a bad idea. I did a quick check-in with fellow AML geeks on LinkedIn. There are some great comments here, and I had a number of conversations in DMs and by phone. No one seemed to think that the reporting entity should be providing copies of STRs.

The question then became how to best empower the reporting entity to push back effectively. I submitted the following request to FINTRAC and to the Office of the Privacy Commissioner (OPC), both of which have mechanisms to allow Canadians and Canadian companies to ask the regulators to opine on matters free of charge:

One of our clients, a Canadian Money services business (MSB) has been asked by their financial services provider (bank/credit union) to provide copies of the suspicious transaction reports (STRs) and Attempted Suspicious Transaction Reports (ASTRs) that have been filed with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) on an ongoing basis. This struck us as being an overreach in terms of the information that should be disclosed to a service provider, and we are reaching out for an opinion on the appropriateness of these requests.

The financial service provider appears to be of the opinion that this is a reasonable request, and that they may close the MSB’s bank account if the STRs and ASTRs are not provided by the MSB.

I let both FINTRAC and OPC know that I had submitted requests to both. So far, only FINTRAC has responded. Their response is below in full (TL:DR: reporting entities should not share copies of STRs reported to FINTRAC).

Thank you for contacting the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Canada’s independent agency responsible for the receipt, analysis, assessment and disclosure of information in order to assist in the detection, prevention and deterrence of money laundering and the financing of terrorist activities in Canada and abroad.

I am writing further to your email of July 16th, 2020, wherein you requested clarification regarding the sharing of suspicious transaction reports (STRs) submitted to FINTRAC.

As you know, section 8 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) states that no person or entity shall disclose that they have made, are making, or will make a report under section 7, or disclose the contents of such a report, with the intent to prejudice a criminal investigation, whether or not a criminal investigation has begun.

The PCMLTFA sets out a regime in which the information contained in financial transaction reports sent to FINTRAC (including STRs) is protected from disclosure except in very limited circumstances. The Act also includes specific provisions aimed at protecting the personal information under FINTRAC’s control. For example, as you may be aware, the PCMLTFA is founded on a prohibition on disclosure (s. 55(1), PCMLTFA). Any disclosure of information or intelligence by FINTRAC must fall under one of the exceptions to this prohibition. Outside of these exceptions, FINTRAC is prohibited from disclosing the contents of financial transaction reports, or even acknowledging their existence.

While reporting entities (REs) are not subject to the same prohibitions, FINTRAC strongly believes that STRs should be regarded as highly sensitive documents, given the role FINTRAC plays in the fight against money laundering (ML) and terrorist activity financing (TF) in Canada, and the fact that STRs are a key source of FINTRAC’s intelligence holdings. From FINTRAC’s perspective, it is not in the public interest for REs to disclose financial transaction reports and the information contained therein. Even beyond this, the collection or disclosure of financial transaction reports, including STRs, without a valid purpose and authority, may infringe on legislated privacy protection obligations. Almost all information within financial transaction reports is personal information about an identifiable individual and is considered financial intelligence by

FINTRAC, collected for the sole purpose of reporting to FINTRAC. The potential harm that could occur from the disclosure of the information in these financial transactions reports is great, and includes compromising: (1) police and national security investigations that are both ongoing or could be undertaken in the future; (2) sources of the information/intelligence within the reports, placing those sources at risk of retaliation; and (3) FINTRAC’s compliance activities, given that data provided by REs is always provided in confidence and that confidence is expected to be maintained by all parties. FINTRAC relies on the information included within STRs to support disclosure of financial intelligence to police and other law enforcement and national security organizations, in the interest of detecting, preventing and deterring ML and TF.

Therefore, while your client (MSB) is not prohibited from sharing the STRs it has submitted to FINTRAC with its service provider (Bank/CU), unless it is with the intent to prejudice a criminal investigation, strong consideration should be given to the above.

If you would like a PDF copy of the complete question and policy position for your due diligence files, or to provide to an external party that is requesting copies of your STRs, or information about their content, you can download it here.

Response from FINTRAC – Re_ Sharing Copies of STRs_ASTRs

A version of this Q&A is also now posted on FINTRAC’s website (PI-10662).

The response from OPC, in contrast, was underwhelming. In essence, they will investigate specific complaints, but they will not issue advanced rulings. That said, if any service provider is insisting that copies of STRs must be shared with them, a complaint to the OPC may be an option.

Response from the Office of the Privacy Commissioner of Canada – INFO-084075

Need a hand?

If you have AML or privacy-related questions, we can help. You can get in touch using our online form, by emailing info@outliercanada.com, or by calling us toll-free at 1-844-919-1623.

FINTRAC’s 2016 Real Estate Brief

Quick Overview

A little over a month ago, FINTRAC published an operational brief for the Canadian real estate industry.  The brief was intended to assist reporting entities in meeting the obligations to report suspicious transactions or attempted suspicious transactions that related to potential money laundering or terrorist financing.  The publication provided some common indicators that may be present in a transaction that suggest money laundering or terrorist financing could be involved.

What Does it Mean?

The suspicious indicators provided by FINTRAC list circumstances or activities that might signal potentially illicit activity.  This does not mean that if one or more of the indicators are present that the transaction is definitely suspicious and must be reported to FINTRAC, it is meant to ensure that you are aware of the potential that suspicious activity may be taking place.  In that context, if you are involved in real estate transactions, you must be aware of the indicators in the brief.  If you do encounter a transaction that may be considered suspicious, you will need to collect additional information that will aid in your decision to report it or document why it was not considered suspicious.

What Now?

In order to ensure familiarity for anyone who interacts with customers and their transactions, the list of FINTRAC’s indicators should be included in your ongoing AML compliance training program.  Furthermore, the indicators should also be included in your procedure manuals, allowing easy access to the information.  Finally, the indicators should be incorporated into your Risk Assessment documentation.  Specifically, when determining customer risk and the controls used to effectively mitigate potential risks.

We’ve made it easier for you to integrate this content into your program by putting the indicators in a Word document for you.

Need a Hand?

Outlier has taken the list of indicators provided by FINTRAC and formatted them into an easy to use Microsoft Word document, which can be downloaded here: FINTRAC Indicators Specific to Real Estate Transactions.  This should allow companies within the real estate sector to easily update their documentation and ensure they are sufficiently monitoring for potentially suspicious activity.  If you aren’t sure what to do with this information and would like some assistance, please feel free to contact us.

Would You Recognize Real Estate Red Flags?

Rodney_FINTRACOn November 14th, 2016 FINTRAC released a brief for all reporting entities who may be involved in real estate transactions.  The briefing is intended as guidance to provide some examples of indicators that may be present in transactions that may suggest they are linked to money laundering or terrorist financing.  The indicators described have been taken from transactions suspected of being related to money laundering or terrorist financing reported internationally.  The briefing focuses on the potential risks and vulnerabilities within the real estate industry and provides suggestions on how to ensure reporting entities are sufficiently meeting suspicious transaction reporting obligations.

The briefing is meant to provide operational guidance given the small overall number of suspicious transactions that have been reported to FINTRAC by the Real Estate industry.  The briefing states that these indicators will be used by FINTRAC to assess compliance with your reporting obligations.  If you are a reporting entity that interacts with the real estate industry in one form or another, the indicators and scenarios outlined in this brief should be considered when updating your Risk Assessment and training materials.

To put things into perspective, though the actual size of the real estate market is difficult to determine precisely, CMHC has produced some statistics.  CMHC suggests that between 2003 and 2013 over $9 trillion of mortgage credits were negotiated and roughly 5 million sales took place through Multiple Listing Services (MLS).  In contrast, FINTRAC received only 127 Suspicious Transactions Reports (STRs) from real estate brokers, agents and developers and 152 by other types of reporting entities, such as banks and trust/loan companies.  To go a step further, in FINTRAC’s 2015 Annual Report, between April 1, 2014 and March 31, 2015, a total of 92,531 STRs were filed across all reporting entities.

 

re-strs-filed-vs-sales

This evidence supports FINTRAC’s assertion that operational guidance for the real estate industry is needed.

The indicators and examples covered in the brief outline numerous scenarios that may suggest that a transaction is related to a money laundering or terrorist financing offense.  It also speaks to how the appearance of legitimacy obfuscates the clarity of suspicious transactions and requires more than a just “gut feel”.  What is required is the consideration of the facts related to the transaction and their context.  Does the transaction with all the known factors, positive or negative, make sense?

 

What This Means to Your Business? 

First off, FINTRAC will be using the indicators provided to assess your compliance with reporting obligations.  This has a couple different applications.  The first being, does your AML compliance program documentation make reference to the suspicious indicators that are provided.  Basically, are staff aware of the elements that may be present in a transaction that would suggest money laundering or terrorist financing may be occurring?

Secondly, is there an oversight process to ensure if there are transactions that contain one or more of these indicators where an STR was not submitted, is reviewed?  If so, does the process ensure supporting evidence that the Compliance Officer reviewed the transaction and determined there were not reasonable grounds to suspect its relation to money laundering or terrorist financing?  When you encounter a transaction involving any of the indicators provided, it is very important that you collect as much information as possible to assist the Compliance Officer with their determination of whether there are reasonable grounds to suspect that a transaction, or attempted transaction, may be related to money laundering or terrorist financing.  Alternatively, even if none of the indicators provided by FINTRAC are present but we still feel there is “something off” about our customer’s transaction, speak with your Compliance Officer.  They will be able to provide some insight on additional information that may assist our decision.  Once you have collected any additional information you may still not feel comfortable, but this does not mean you cannot complete the transaction, but that you must be sure your Compliance Officer is provided with all the information, which includes our reason for the escalation, so that they can decide whether there are reasonable grounds to suspect it may be related to a money laundering or terrorist financing offense.  The Compliance Officer will document their decision and, if necessary, submit an STR to FINTRAC.

Need a Hand?

If you are a reporting entity that interacts with the real estate industry and would like assistance updating your AML compliance program documentation or simply have some questions, please contact us.

Is Your MSB Ready for a FINTRAC Exam?

Rodney_MSB2
We get a lot of questions about examinations conducted by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). While we’re happy to be able to help our customers in their examinations (you can check out our free resources for FINTRAC exams here), the responsibility during the examination will rest with the money services business (MSB), mainly with the MSB’s Compliance Officer.

FINTRAC’s expectations have changed dramatically, since MSB’s were first required to comply with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its enacted regulations. In 2015, we noticed that there was a dramatic shift in focus of MSB examinations. FINTRAC’s examiners were much more interested in detailed procedures (documents that describe how MSBs are complying with the PCMLTFA and regulations), and the Risk Based Approach.

One of the most important things that MSBs can do to ensure that their AML compliance programs are up to date, and at the same time, prepare for FINTRAC examinations, is to read FINTRAC’s published guidance. Two important guidance topics published in 2015 are, the Risk-Based Approach Guide (this guide describes what is the risk-based approach) and the Risk-Based Approach Workbook for MSBs (this workbook is for MSBs looking to implement a risk-based approach). While guidance published by FINTRAC doesn’t carry the weight of law or regulation, it does provide valuable insight about FINTRAC’s expectations.

Another excellent source of information is FINTRAC’s published Policy Interpretations. These are FINTRAC’s official answers to questions asked by MSBs and other reporting entities.

In Person & Desk Examinations

Whether the FINTRAC exam is in person or desk (conducted by phone) examinations, they follow very similar formats. The key difference is the regulator’s ability to request additional operational data during onsite examinations.

It is ok for you to take notes throughout the examination process (and we recommend that you do). You are permitted to have a lawyer, consultant or other representative with you (if you do, FINTRAC will request that you complete the Authorized Representative Form in advance). While your representative cannot generally answer questions on your behalf, they can prompt you if you are nervous or stuck, and help you to understand what is being asked of you, if it is not clear.

If you do not speak English and/or French fluently, we highly recommend that you have a person present who can translate questions and responses for you.

If you are not certain what the examiner is asking for, you should always ask for clarification before answering.

For in person examinations, do not invite the examiner to have a pint, lunch or even a coffee. FINTRAC has very strict policies around bribery, to the extent that if I am out socially with an acquaintance who works for FINTRAC, I cannot pay for their tea. It may feel a little bit “over the top”, not to be able to extend these courtesies, but don’t be offended – it’s not you, it’s policy.

The Introduction

The examiner will provide a brief overview of the examination process as a formal opening to the examination. At the end of this introduction, the examiner will ask if you have any questions. At this point, it can be useful to provide a very brief (five minutes maximum) overview of your business.

Your introduction should reflect the materials that you have already submitted to FINTRAC (which ideally included an opening letter that described anything about the business that would not be readily apparent to the examiner, or anything that you believe could be misunderstood). Key facts about your business include:

  • Your corporate structure and ownership;
  • The types of products and services that are offered / types of transactions that are conducted;
  • Where your offices, agents and customers are located;
  • How you connect with and your customers; and
  • Anything significant that has changed since your last FINTRAC examination.

This synopsis must be very brief. If there is anything that is complex, it should be included as an explanation in your initial package (preferably in a simplified chart form – for example an ownership structure chart).

The examination will then begin. At the end of each section, the examiner will ask if you have any questions and let you know whether there are any deficiencies.

Part 1 – FINTRAC MSB Registration

In this part, FINTRAC will go through your MSB registration field by field and confirm that the information is accurate. The most common errors that we have seen are:

  • Not listing a trade name/operating name;
  • Not listing all relevant locations;
  • Listing bank accounts that are inactive or not listing bank accounts that are active;
  • Not including MSB or agent relationships (either buying from or selling to another MSB);
  • Incomplete ownership information; and
  • Senior Management and/or Compliance Officer information, that is out of date.

Although it is not technically part of the registration, some examiners will ask about the Compliance Officer’s responsibilities/duties at this stage.

Failure to update the MSB registration in the “prescribed form and manner” is the single most common deficiency for MSBs from 2008 to the present, accounting for deficiencies in 61% of examinations (according to FINTRAC data released in 2015).

Part 2 – Compliance Policies & Procedures

In this part, FINTRAC will ask questions about the policy and procedure documents that you have provided in advance of the examination. There are a few standard questions that are generally asked:

  • Who wrote the policies and procedures?
  • Were the versions submitted to FINTRAC the most recent versions?
  • When were they updated?
  • When and how do you identify your customers?
  • How do you ensure that identification is up to date?
  • How do you monitor transactions?
  • How do you recognize, document and monitor “business relationships” (note: this is any time that you have either an ongoing service agreement with a customer and/or your customer has performed two or more transactions that require identification).
  • What are indicators of a suspicious transaction?

The examiner will also ask a number of questions based on the documents that you have submitted, including questions about compliance-related processes.

Part 3 – Risk Assessment

In this part, FINTRAC will focus on your Risk Based Approach, asking specific questions about the Risk Assessment and related documents that you have provided in advance of your examination. Again, there are some common questions that are asked:

  • Do you have any high-risk customers or business relationships?
  • What factors do you consider in determining that a customer or business relationship is high risk?
  • How are customer due diligence and enhanced due diligence different (both generally, and in your processes and documentation)?

Most additional questions will be related to risk management processes. For example, it has been common in the last few months for examiners to ask if a customer or transaction could be rejected (“Yes, if it was outside of our risk tolerance.”)

This may also lead to questions about whether or not an Attempted Suspicious Transaction Report (ASTR) or Suspicious Transaction Report (STR) was filed. If there were reasonable grounds to suspect money laundering or terrorist financing, the answer should be yes, if not, you should explicitly say, “There were not reasonable grounds to believe that this event was related to money laundering or terrorist financing” then provide an explanation.

Part 4 – Operational Compliance & Reporting

In this part, the examiner will ask questions about specific transactions. Some of the cases that you must be ready to explain are:

  • A reportable transaction (generally an electronic funds transfer or EFT) was reported by another reporting entity;
  • A transaction matches an indicator of potentially suspicious activity (if there were reasonable grounds to suspect money laundering or terrorist financing, the answer should be yes, if not, you should explicitly say that “there were not reasonable grounds to believe that this event was related to money laundering or terrorist financing” then provide an explanation); and
  • Business relationships and ongoing monitoring (in particular, if this did not occur earlier in the examination).

During a desk examination, the examiners do not request additional materials.

During onsite examinations, it has become commonplace for examiners to request additional materials. These are generally related to:

  • Business relationships;
  • Ongoing monitoring (including the monitoring of business relationships),
  • High risk customers;
  • Enhanced due diligence; and
  • Other risk-based processes.

Be clear with the examiner about what can be extracted easily from your IT systems, and in the case that data cannot be extracted easily, be prepared to show the examiner an example (or several). If your system has an “auditor access” feature (generally read only access with search capability), it can be useful to set this up in advance of the onsite visit.

Exit Interview

Congratulations – you’ve made it to the finish line!

At this point, the examiner will sum up the findings (if there are any), and read a standard disclosure statement. For most of us, the disclosure statement is terrifying, as it talks about penalties. This is standard process – do not be alarmed. When the examiner has finished, you may ask if a penalty is being recommended (if you’re a worrier, please do this). Not all FINTRAC examiners will provide guidance at this stage, but it doesn’t hurt to ask.

The examiner will let you know when to expect a formal letter (generally within 30 days of the end of an examination).

After the Examination

You will receive a formal letter that details FINTRAC’s findings, as well as whether or not an Administrative Monetary penalty (AMP) is being recommended. In the case that there is a potential penalty, we recommend taking action as soon as possible). In most cases, FINTRAC does not require MSBs to submit an action plan (but your bank might still require that you do this, and it’s a good idea to keep a record of the actions that you’ve taken to correct any deficiencies).

Need a Hand?

If you are an MSB that needs compliance assistance preparing for an FINTRAC exam, remediating findings, or setting up an AML compliance program, please contact us.

Suspicious Transaction Reporting in 2015

Preparing for a FINTRAC examination

At the Canadian Institute’s 14th Annual AML Forum, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) reviewed its expectations for suspicious transaction reporting. FINTRAC emphasized that suspicious transaction reports (STRs) are vital to the agency’s mandate as Canada’s financial intelligence unit (FIU) and ongoing collaboration with law enforcement agencies. While reporting entities (REs) in Canada have been required to report transactions for quite a few years, we’ve had many questions from REs about what FINTRAC expects and looks for in examinations. FINTRAC’s most recent guidance is useful in tuning your technology, enhancing your processes, and asking the right questions at industry association meetings.

What is FINTRAC Looking for in STRs?

When FINTRAC conducts compliance examinations, they will be applying three tests to STR data, including:

  1. Entity Practitioner: FINTRAC will look for transactions that are similar to those involved in STRs that you have reported. If there are similar transactions or transaction patterns that have not been reported to FINTRAC, there should be an explanation for the difference. Where possible, this explanation should be documented.
  2. Sector Practitioner: FINTRAC will compare the number and type of STRs submitted by similar entities. The size and type of business are taken into consideration.
  3. Reasonable Practitioner: FINTRAC will analyze a sample of reported STRs and unreported transactions against relevant guidance. In this case, relevant guidance means the suspicious transaction indicators from FINTRAC’s Guideline 2 that are applicable to your business.

These are terms that we’re likely to hear more about over the coming months, and there are compliance program adjustments (most of them relatively simple) that can be made to ensure that you’re meeting this standard.

Tune Your Technology

Amber looking at laptop FINTRAC screen

Most REs use software solutions to detect potentially suspicious transactions. Almost all transaction monitoring software uses some type of rules-based system to determine when alerts should be generated. These rules should, at minimum, reflect the indicators that are applicable to your business. Not all of the indicators from FINTRAC’s Guideline 2 will be applicable to your business. Where possible, you should document the decisions that you make about your transaction monitoring rules, including the rationale for those decisions.

The most sophisticated software platforms have machine learning functions. These can take the decisions that have been made about previous alerts and use this information to refine how the program works. For example, if a particular pattern of transactions was deemed to be suspicious, the program may look for similar patterns.

If you’re not using software that does this on its own, don’t panic. You can review the STRs that you’ve submitted to FINTRAC to determine whether your transaction monitoring rules are tuned to reflect the types of money laundering and terrorist financing threats that you’ve previously encountered. This should be done on a regular basis (for example, as part of your Risk Assessment updates). If you have an STR that is related to a pattern that you don’t have a rule to cover, you may want to do this sooner, rather than waiting for the next scheduled update.

Train Your Staff

Training

Over the years, I’ve heard many Compliance Officers express frustration about not knowing whether or not STR data has been useful to FINTRAC or law enforcement. To close this gap, I’ve looked for articles and speakers from FINTRAC and law enforcement that could provide meaningful information about the type of information that is most useful. The same principle applies to your staff.

You can use existing cases (you’ll want to remove any personal information for training purposes) to demonstrate the type of transactions that you want your staff to escalate to compliance for review. Existing cases from the media, and end to end cases provided by training companies like TAMLO, are also excellent resources. Keeping your annual training fresh is a challenge, and using your STRs as cases is one way to do that, while also meeting FINTRAC’s expectations.

Refine Your Audits & Effectiveness Reviews

AML Compliance Effectiveness Review

Are your auditors and/or reviewers using the same tests that FINTRAC is using to assess your compliance? If you’re not certain, ask.

If you perform self-assessment testing, you may want to include these tests as well.

As of 2015, all AML Compliance Effectiveness Reviews performed by Outlier will use these three key tests to assess STR data.

Ask Your Industry & Working Groups for More

Hanshake

Most REs have excellent industry associations and working groups such as the Canadian Banker’s Association (CBA), Canadian MSB Association (CMSBA) or the Canadian Jewellers Association (CJA). These groups are excellent resources and can help you understand STR trends across your industry. If you’re not a member, you may still be able to attend regular conferences or events.

Need A Hand?

We would love to hear from you. If there are topics that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Return to Blog Listing