FINTRAC Amends PCMLTFA – More AML Requirements for Reporting Entities
The rise in money laundering, terror financing and other financial crime has encouraged regulatory authorities to enforce more rigid regulations regarding anti-money laundering (AML). Recently, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has amended the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA). Although the amendments were registered on June 25, 2019, they are in force as of June 01, 2021. Proof of corporate existence of beneficial owners, PEPs and HIOs screening, ongoing monitoring requirements, reports for virtual currency transactions, reporting of unsuccessful reasonable reasons of verification, and introduction of five new identity verification methods are some of the updates from FINTRAC. Take a look at the alterations and reconsider your AML/CFT policies right away!
UBO Requirements and Proof of Corporate Existence
As per the previously enforced regulations by FINTRAC, only life insurance, securities dealers and financial entities were obligated to perform identity verification on UBOs. However, this requirement has expanded to all reporting entities (RE), including accountants, crown agents, casinos, precious metal dealers, financial institutions, real estate, life insurance service providers, and securities dealers. Moreover, the REs have to update the beneficial ownership requirements on an ongoing basis. This includes all low to high-risk entities. The updated regulations also state that entities confirming beneficial ownership have to obtain proof of corporate existence. This proof must be a “most recent” certificate of the business.
Under the altered rules, reporting entities must record:
- Names of all trustees
- Names and addresses of people with 25% or more direct or indirect trust
- Ownership, control and trust structure information
Check how Shufti Pro can help you verify the identities of business entities with “Know Your Business solution”
PEPs and HIOs Screening
From June 01, 2021, all reporting entities have to verify Politically Exposed Persons (PEPs) and Heads of International Organisations (HIOs) as per FINTRAC’s amendments. The first guidance includes the methods of screening for casinos, securities and commodity dealers, and financial entities. According to the new guidelines:
- The duration of one’s status as PEP, HIO, family and close associates has been revised
- FINTRAC has also included ex-spouses in the “family member” definition
- There is no need for recordkeeping of unsuccessful reasonable measures
- Additional measures have been made that apply to reporting entities after certain PEP and HIO determinations
- Obligations for recordkeeping have been enhanced
Requirements for Ongoing Monitoring
The requirements for ongoing monitoring under FINTRAC are the same. However, new recordkeeping guidelines have been issued. According to these rules, reporting entities have to record all the information gathered during the ongoing monitoring of high-risk entities. All other ongoing monitoring records must be saved for five years from the date they are recorded as of June 1, 2021.
The new guidelines have also issued new requirements for enhanced ongoing monitoring. As long as the business relationship ends with the client, they are no longer high-risk. Furthermore, insurance sector, brokers and agents are no longer required to conduct ongoing monitoring in case of reinsurance under the new guidelines.
Records and Reports for Virtual Currency Transactions
For virtual currency transactions, FINTRAC has issued the following two major guidelines:
- All reporting entities have to maintain a large virtual currency transaction record (LVCTR) for any funds received as a digital currency and account for C$10,000 or more within 24 hours. These records must have the sender’s identity, date, amount, type of currency, and exchange rate.
- The REs are also guided to file large LVCTRs under certain circumstances, including scenarios when the received virtual currency can be exchanged for $10,000 or more within 24 hours.
FINTRAC’s 24-Hour Rule
The 24-hour rule by the regulatory authority deems all the previous transaction recording rules. Previously, reporting entities had to submit a separate report for every transaction whose aggregated total would have been $10,000 in 24 hours. Now, REs have to file only one large cash transaction, casino disbursements or electronic funds transfer.
Here are some details of the changes:
- The amount received from a person is under $10,000 and then another transaction below $10,000 is received on behalf of the same person will not trigger the 24-hour rule.
- If a reporting entity is located in different areas in Canada, every transaction falls under the 24-hour rule. These reports must be filed as one.
Exceptions of the 24-hour rule are:
- Large virtual currency transaction reports are not required if the beneficiary is: a public body, a very large corporation, or an administrator of a regulated pension fund.
- Similarly, electronic funds transfer reports are not required if the request is initiated on behalf of: a public body, a regulated pension fund administrator, or a very large corporation.
Unsuccessful Reasonable Measures Reporting
Previously, all regulated entities had to document all reasonable measures for unsuccessful verifications under PCMLTFA. This requirement has been revoked by FINTRAC and as of June 1, 2021, none of the REs has to submit unsuccessful “reasonable measures” for verification.
Requirements for Compliance Programs
Although the changes in FINTRAC’s guidelines are minor, they will make a profound impact on AML/CFT policies in the corporate world. Here is what the regulatory body has mentioned in the updated rules:
- The compliance policies must include a risk-based approach to suspend or reject any electronic funds transfer.
- The compliance procedures and programs of all the reporting entities must include references to ministerial directive requirements.
Recommended Guide: A comprehensive guide to KYC and AML compliance in the UK
Requirements for Third-Party Determination
With respect to large virtual currency transactions, FINTRAC has tailored recordkeeping and third-party determination requirements. As per the changes:
- REs must take all reasonable measures for third-party determination anytime a large virtual currency transaction is reported or maintain an LVCTR.
- Reasonable measures must be taken if a RE determines that a third party is involved in the transaction.
- Financial entities are not required to make third party determinations during account opening if the account is created for a credit card or prepaid payments for merchants.
- Third-party determinations are not required from casinos, security dealers and financial entities if account holders are any financial entity or a Canadian securities dealer.
Reporting of Terrorist Property
Every reporting entity has to submit terrorist property reports via fax and in case of unavailability of fax, these reports must be submitted through email.
FINTRAC’s 5 ID Verification Methods
FINTRAC has issued five different identity verification methods for the reporting entities.
A government-issued updated identity document that is issued by the federal, territorial or provincial entity must be verified. The details that will be verified include photo, unique identifying number and name. As per FINTRAC, remote verification is possible but, “the reporting entity must have a sound process to validate the government-issued identification document.”
Credit File Method
For verification, REs can acquire credit information from the Canadian credit bureau but the info must be updated and authentic. The credit file method will verify the full name, date of the credit file, name of the third-party holding credit file, and the individual’s credit file number.
Reporting entities can verify current information from two different but reliable resources. For successful verification, two conditions must be fulfilled out of the below-mentioned requirements:
- Name and address
- Name and date of birth
- Name and a deposit account (prepaid account, credit card or another loan account with a financial infrastructure)
If an RE uses the dual process method, there must be a record of the name, verification date, name of the two sources, the number associated with the source, and information type.
REs can also rely on affiliates or members of the financial service for verification and must record the full name, date of identity verification, name of member or affiliate, previously used method, and information that the member or affiliate has recorded.
One RE can rely on another reporting entity for verification and the record must include the full name, agreement of the RE or affiliate for the verification and the information the other RE used for validation.
To sum up, amendments in the PCMLTFA by FINTRAC have brought a lot of ease to the compliance programs for anti-money laundering screening. All reporting entities in Canada have to update their AML/CFT policies and ensure that the identity verification protocols fall under the five methods defined by FINTRAC.
Shufti Pro stays updated with the changes in KYC and AML regulations to provide KYC and AML compliance solutions that are in line with the FINTRAC regulations. Talk to our experts to know how we can help you comply with new KYC and AML amendments in the PCMLTFA.
Eager to stay updated on the latest news and insights from the world of KYC and AML? Sign up today and receive all the updates.