News

Canada’s financial intelligence unit signaled in recent publications that it still seeks wide discretion to penalize or refrain from penalizing firms that fail to report suspicious activity or violate other anti-money laundering rules, sources told ACAMS moneylaundering.com.

On Feb. 7, the Financial Transactions and Reports Analysis Centre of Canada, or Fintrac, published its procedures for examining firms for AML purposes and assessing or withholding penalties after a high court ruled in May 2016 that a lack of transparency around both processes precluded challenges against the agency’s enforcement decisions.

The ruling by the Federal Court of Appeal paralyzed Fintrac’s enforcement capabilities after the regulator had already attracted controversy the month prior by levying a CA$1.2 million penalty without naming the offender, which CBC News later identified as Manulife Bank.

While the new policies appear designed in part to overcome prior legal objections, Fintrac still faces the prospect of new challenges as enforcement resumes, according to Marc Lemieux, an attorney in Montreal.

“The test is to see whether Fintrac has plugged every hole that court decisions had found in its former approach,” Lemieux said. “We’re all curious to see how the new penalties will be administered.”

Financial institutions involved in “very serious” violations, paying fines of more than $100,000 or already penalized for AML infractions risk being publicly named under Fintrac’s new policies, which the regulator outlined in five releases of guidelines following a nearly three-year review.

One of the documents, a revised penalty policy, states that regulators will base their assessments on the standard of “reasonable grounds to believe” that an institution violated AML requirements and affected Fintrac’s ability to collect financial intelligence.

The publications come months after Fintrac Director Nada Semaan said at the ACAMS AML and Financial Crimes Conference in Toronto that Canadian regulators would never target financial institutions with hundreds of millions of dollars in fines as their U.S. counterparts sometimes do.

“We are an administrative regime, not a ‘gotcha’ regime … we will never see that volume of penalties in Canada,” Semaan told attendees. “It is not our first response, and that’s why you haven’t seen a lot.”

The Feb. 7 guidance specifies a maximum $1,000 fine for each minor violation, $100,000 for “serious” violations and $500,000 for “very serious” violations, but does not define those terms. Individuals caught breaching AML rules face a maximum $100,000 fine, according to the guidance.

But those totals may vary substantially in practice because first-time violations typically see a two-thirds reduction to the final penalty, and second-time violations a one-third reduction. Moreover, according to the guidance, all AML infractions carry a minimum $1 fine regardless of their severity, creating potentially very broad ranges of penalties.

“AMPs [administrative monetary penalties] are not issued automatically in response to non-compliance,” the Feb. 7 guidelines state. “An AMP is generally used when other compliance options have failed.”

The documents indicate that even as Fintrac suggests it will levy penalties only after a succession of failures, it still has the ability to fine banks and other institution for egregious first-time violations.

“It appears to be a more collaborative approach … we’ll see how it plays out in practice,” Jason Beitchman, an attorney with Rayman Beitchman in Toronto, said. “They still have discretion to say, ‘We think this is a very serious problem.'”

Examinations

Fintrac on Feb. 7 also published the 66-page manual examiners use to assess the quality of Canadian financial institutions’ AML programs and systems for reporting suspicious transactions, marking the first time the FIU has outlined its expectations in detail.

“In our assessments, we focus more on the overall soundness of a business’ compliance program and less on the technical aspects of compliance.”

Examinations cover whether firms have appointed compliance officers, implemented training and audit programs, assessed their unique vulnerabilities to financial crime, taken steps to verify the identities of their clients “and confirm their existence.”

According to the manual, examiners focus on clients and business lines that pose the highest risk to the firm and compare transactional activity to pre-established red flags for money laundering and terrorist financing.

Examiners also check that all potentially illicit transactions have been reported to Fintrac, and “review the unusual transactions identified by your monitoring system that you did not report to confirm that your decisions were sound.”

Fintrac noted that the manual does not establish new “requirements or expectations,” but, according to Lemieux, the attorney in Montreal, the disclosure that examiners review a financial institution’s basis for not filing a suspicious transaction report, or STR, may come as a surprise.

“This is new with respect to STRs, and may have the perverse effect of encouraging ‘defensive’ reporting,” Lemieux said, referring to money laundering and terrorist financing.

After an examination, Fintrac documents its findings in a letter to the financial institution and discloses whether it intends to issue a penalty. Firms have 30 days to provide the regulator with additional data to reduce or eliminate the fine, and can appeal the outcome.

While Canadian banks will find the manual’s requirements familiar, smaller non-bank institutions may not be expecting some of Fintrac’s expectations, such as whether a business has “sufficient resources” to review transactions, said Nicolas Choules-Burbidge, former head of AML for Canada’s Office of the Superintendent of Financial Institutions, or OSFI.

Compliance officers should document their investigations of transactions flagged by their monitoring systems, especially those that do not result in an STR, Choules-Burbidge said.

“If I was chief compliance officer, I’d be paying more attention to those files than the [STRs] that you actually did file.”

Contact Daniel Bethencourt at dbethencourt@acams.org