A Flexible but Rigorous Approach: Changes to Canada’s Anti-Money Laundering Regulations
Canada's draft regulations to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act have been enacted in final form. The amendments provide for more flexible client identification measures and recognize digital authentication, two changes that will facilitate digital commerce, and impose new substantial risk assessment requirements.
What You Need To Know
The most significant changes include:
- a more flexible client identification regime; the recognition of digital authentication;
- the implementation of the domestic politically exposed persons regime that was introduced in Bill C-31; and
- In light of the Financial Transactions and Reports Analysis Centre of Canada's (FINTRAC) recent propensity to levy administrative monetary penalties, reporting entities should consider the implications these new regulations may have for their operations and ensure that they implement new policies, procedures and training necessary to facilitate compliance with the new regime.
The regulations do not include anticipated rules to implement the dealing in the virtual currencies regime, which were introduced in Bill C-31.
During a transition period from June 30, 2016 to June 17, 2017, reporting entities subject to the regulations may, in their discretion, utilize the new, more flexible client identification measures, or continue to use existing measures. As of June 17, 2017, they must adopt the new measures and procedures set out in the regulations. In light of the Financial Transactions and Reports Analysis Centre of Canada's (FINTRAC) recent propensity to levy administrative monetary penalties, reporting entities should consider the implications these new regulations may have for their operations and ensure that, as necessary, they implement new policies, procedures and training to facilitate compliance with the new regime.
Client Identification
Existing client identification procedures have been replaced with a new, more flexible regime that allows for a broader range of sources to be used in ascertaining client identity. The new regulations specify certain sources that are sufficiently reliable to be used on their own (e.g., certain original government-issued photo identification), and also permit identification by reference to information from two separate reliable sources used in combination, chosen from three of the following alternatives (the "dual-process method"): a reliable source containing client name and address; a reliable source containing client name and birth date; and information containing the name of the client and confirming the client has a deposit, credit card or loan account with a Canadian financial entity. Reporting entities can also rely on a Canadian credit file that has been in existence for at least three years. The federal government (through its regulatory impact analysis statement) and FINTRAC have provided guidance on what constitutes acceptable information from a reliable source—this approach provides FINTRAC with flexibility to permit new identification products, including those in electronic formats, as they are developed.
The new regime imposes certain record-keeping requirements on reporting entities that have conducted client identification, such as requiring entities to record the type of documents used to ascertain client identity as well as the date the search was conducted. The amendments also aim to decrease administrative burden on businesses by permitting a reporting entity to rely in certain circumstances on customer due diligence previously performed by an agent with respect to the same client.
Client Authentication
The amended regulations also provide a definition of "signature" that includes an electronic signature or other information in electronic form that is created or adopted by the reporting entity and which is accepted by the reporting entity as being unique to that client. In adopting this definition, the federal government is deferring to reporting entities to decide what constitutes an electronic signature, based on the risk tolerance of the reporting entity. This amendment will assist reporting entities in satisfying requirements to obtain signature cards when opening accounts online or through mobile applications, and a related amendment will permit reporting entities to rely on the digital signature as a means of recognizing the identity of a client for future products or services.
Politically Exposed Domestic Persons
The new regulations extend the politically exposed foreign persons determination requirements to politically exposed domestic persons, heads of international organizations and designated family members thereof. Reporting entities are also required to determine whether their clients in certain circumstances are "closely associated with" such person, for personal or business reasons. FINTRAC guidance is expected to expand further on the scope of this definition. Reporting entities are now obligated to make this determination where, among other things, a client proposes to open a new account or make certain large specified transactions deemed to be of higher risk, such as lump sum payments of $100,000 or more.
Risk Assessments and New Technologies
Apparently in lieu of prescribing thresholds for prepaid products, the federal government has taken a broader approach through a new requirement that reporting entities expressly address new technologies in their risk assessment analyses. This does not preclude future regulations addressing prepaid cards specifically.
To discuss these issues, please contact the author(s).
This publication is a general discussion of certain legal and related developments and should not be relied upon as legal advice. If you require legal advice, we would be pleased to discuss the issues in this publication with you, in the context of your particular circumstances.
For permission to republish this or any other publication, contact Janelle Weed.
© 2024 by Torys LLP.
All rights reserved.