types of organizations indicate a more aggressive regulatory
posture compared to the past. In addition, the fines imposed
on industry players for AML/CTF breaches have increased in
Canada over time, and while fines levied are not as substantial in
comparison to the US or UK, further increases are expected.
What is considered a robust AML/CTF program?
In line with FINTRAC’s Guideline 4, all securities dealers
are required to establish an AML/CTF program which consists
of the following:
1. The appointment of a compliance officer;
2. Development and implementation of written
compliance policies and procedures. The policies
and procedures have to be written, kept up to
date and approved by senior management;
3. The assessment and documentation of risks
for money laundering and terrorist financing
and measures to mitigate high risks;
4. Implementation and documentation of an
ongoing compliance training program; and
5. A documented review of the effectiveness of policies
and procedures, training program and risk assessment.
AML/CTF regulatory reviews we have seen indicate that
emphasis is placed on ensuring that the institution can demonstrate
they take an enterprise-wide view to their risk assessment
methodology (noted in point 3 above); including all lines of business
and all products and services offered within those lines of business.
The key is to ensure that after the high risk products or services
and high risk clients are identified, there is a clear picture as to
how the entity is mitigating those risks by directly linking them to
associated controls. It is only when these connections are made
can the efficiency of these controls be tested.
It is also important to reinforce that there is a regulatory
requirement to conduct an independent bi-annual review of the
institution’s AML/CTF regime review (part of point 5 above). While
‘independent’ means independent of the AML/CTF compliance
function, the caveat is that the individual/s undertaking the review
are required to have sufficient AML/CTF knowledge of regulations
and leading industry practice to evaluate the program efficiently.
Note that no AML/CTF program is perfect and as regulatory
expectations change, so too must a firm’s AML/CTF program.
Therefore, an important component of an effective bi-annual
review is the identification of areas of weakness in the program
and improvements. In addition, the regime needs to be evaluated
in light of known amendments to the Act with action points made
to ensure, at a minimum, a plan is in place to address compliance
when the amendments become effective.
Our experience has shown that the regulators are also focused
on ensuring the institution’s training program (noted in point 4
above) accommodates and addresses the roles of employees
affected by AML/CTF issues. Therefore, training programs should
be tailored to responsibilities that are connected with AML/CTF
risks and issues. In addition, the evaluation of the training program
should address new joiners, frequency of training, maintenance of
a training log and the ongoing development of training material.
Further guidance in relation to AML/CTF obligations for a
securities dealer can be located on FINTRAC’s website (http://
Compliance in the future
As indicated, Canada continues to advance its AML/CTF
regulations and enforcement efforts closer to current international
expectations. However, even with the proposed changes to
the PCMLTFA, there will be continuing differences in certain
requirements in Canada in comparison to some our major trading
partners. For example:
• Canada does not require independent documentary evidence
of a Customer’s shareholding structure.
• Canada does not validate the source of funds for all
customers (only required for high risk customers where
enhanced due diligence is performed).
• The source of wealth of customers or their significant
beneficial owners is not commonly explored in Canada to
ensure they are the true individuals behind the customer
for whom the relationship is established. This procedure is
significant because it mitigates the risk of omitting nominee
shareholders or third parties being appointed.
• While government issued identification is required to verify
the existence of an individual, there is no explicit mention
that independent address verification is required.
• It is industry standard to apply a 25% shareholding threshold
in order to classify an individual as a “relevant beneficial
owner” who requires identity verification irrespective of the
risk classification. In comparison, in the UK for example, it is
common practice that this threshold is reduced to 10% for
higher risk customers as a form of additional due diligence
to mitigate the higher risk imposed.
While Canada plays AML/CTF catch-up, the world is not
remaining static. Global AML/CTF regulations and expectations
continue to evolve which will only means that continued changes
and enhancements to Canada’s AML/CTF rules and regulations
should be expected. It is clear that Canada is forging its way forward
but there is much to do to converge standards with those leading
the global fight. In the end, the message for Canadian securities
dealers is that change in the world of AML/CTF regulation and
compliance must be seen as the new normal.
For more information contact:
1. Titled ‘Guidance for Portfolio Managers, Exempt Market Dealers and other
Registrants on Know-Your-Client, Know-Your-Product and Suitability Obligations’
2. Please see CSA Staff Notice 31-336 for further explanation and National
Instrument 31-103-Registration Requirements, Exemptions and Ongoing
Registrant Obligations for the KYC obligations of registrants.
3. Implementation of a Compliance Regime, Section 3
4. EMDs are subject to FINTRAC’s relevant AML/CTF guidelines and reporting
obligations as they fall under FINTRAC’s ‘securities dealer’ definition.