When it comes to compliance, many Canadian investment firms are not meeting their anti-money laundering (“AML”) obligations. This article assists these firms by providing them with valuable insights.
What are the Requirements? What Types of Firms are Responsible?
The Proceeds of Crime (Money Laundering) and Terrorist Financing Act (“PCMLTFA” or “the Act”) requires that a firm have a policy against money laundering and activity that facilitates money laundering or funding of terrorist/criminal activities.
The Financial Transactions and Reports Analysis Centre of Canada (“FINTRAC”) defines securities dealers as “an individual or entity authorized under provincial legislation to engage in the business of dealing in securities or any other financial instruments or to provide portfolio management or investment advising services…”
The implementation of a compliance program is a regulatory requirement for anyone that is subject to the Act, including securities dealers. They are required to customize a compliance program to reflect their size and the complexity of their operations. The compliance program should include:
- A designated individual that will be responsible for AML (i.e. Chief Compliance Officer)
- Development of compliance policies and procedures
- Maintenance of an ongoing compliance training program
- Renewal of policies and procedures in order to test their effectiveness
Also, firms also need to consider certain items when designing policies and procedures:
- Risk Assessment
- Due Diligence
- Enhanced Due Diligence (“EDD”)
- Ongoing Monitoring
- Reporting Requirement
- Independent Review
Risk Assessment Are Used to Highlight Firm Gaps
FINTRAC’s guideline require that firm’s perform an analysis of inherent risks that are relevant to their operations:
- Client base
- Products and services offered
- Type of transactions performed
- Geographic location
Due Diligence is Paramount in Knowing Your Client
Firms must ensure that measures are taken to identify individuals and entities. Due diligence should be performed on each client and consist of obtaining and documenting information. At a minimum, each security dealer should obtain information that includes understanding who the client is (i.e. occupation), the extent of their assets (i.e. source of wealth), purpose of the relationship, intended products and services to be used, and determination of whether an enhanced due diligence is required. This is accomplished through the Know Your Client process (“KYC”), which from an AML perspective incorporates knowing that all sources of funds are legitimate. This will certainly consist of obtaining the relevant identification:
- Individuals: A valid passport, driver’s license, birth certificates, etc.
- An entity: The certificate of incorporation, etc.
During the process of onboarding, a firm should always be diligent and look for any inconsistencies or suspicions arising from information gathered. Indicators may include:
- Vague information on occupation, business or source of wealth
- Request that correspondence be sent to a P.O. Box or some alternative address
- Secretive and does not want to meet in person
- Asks questions about the firm’s controls
- Occupation does not make sense in relation to funds they want to deposit
- Deposits are followed within a short period of time by wire transfers of funds to high risk countries
In the noted cases, the firm should have a process where if they accept such clients, they should impose restrictions and enhance their monitoring or simply outright decline to onboard such a client.
Enhanced Due Diligence is Required When Client Risk is “High”
An EDD program should be determined on clients and activities that have a “High” risk rating. Elements considered should include:
- Politically exposed persons (“PEPs”)
- Non-resident clients
- Recent business relationship
- Value of assets and sources thereof
- Adverse news releases
- Transactions performed by clients deemed suspicious or unusual
Ongoing Monitoring Provides Important Safeguard
Ongoing monitoring of client transactions is a critical part of an effective AML compliance program because it helps in detecting suspicious and unusual transactions. It also prevents the inadvertent facilitation of money laundering or fraudulent schemes.
A firm should consider the following:
- Follow up on client accounts that have “High” risk rating (i.e. client updates)
- Confirm the source of funds and intended use of the account
- Review incoming and outgoing transactions for trends
- Update the risk rating
- Keep records of the information gathered, analysis performed and measures taken
FINTRAC Demands Specific Reporting Requirements
In order to meet their obligations, each firm is responsible to report to FINTRAC the following:
- Suspicious Transactions: Any actual or attempted financial transaction if there are reasonable grounds to suspect a related money laundering or terrorist activity financing offence.
- Large Cash Transactions: Any cash transaction of $10,000 or more performed in one or more transactions within a single 24-hour period.
- Electronic fund transfers: Incoming and outgoing international EFTs of $10,000 or more made in one or more payments within a single 24-hour period.
- Terrorist property: Once confirmed that client belongs to a terrorist group.
Each firm needs to take responsibility over reporting requirements seriously as the consequences of failing to file can lead to a fine and/or imprisonment. For instance, failing to report a suspicious transaction can result in a fine of $2 million.
Training is Key
Each firm is responsible in developing and maintaining an AML employee training program that provides education about the firm’s internal policies and procedures that meet requirements (i.e. KYC, employee role and responsibilities, indicators of suspicious activity, reporting requirements and penalties). Consideration should be given to ensure that training programs are tailored to each employee and maintained in written form.
When new employees are hired, as part of their orientation process, an overview of AML requirements should be provided. On a periodic basis the firm should ensure that a review of the training program is conducted as well as updates to existing content in order to incorporate new requirements.
Independent Review to be Performed Every Two Years
FINTRAC requires that an independent review be conducted every two years to test the effectiveness of the policies and procedures of a firm’s AML program. The objective is to help the firm in evaluating their controls and recommend to the firm any modifications.
In conclusion, each firm has a regulatory responsibility as well as a moral duty to implement a proper AML compliance program. Otherwise, it could lead to a distortion in global economic activity driven by crime and its many associated tragic repercussions.PDF version