In 2019, there were numerous changes to financial institution regulations in Canada. British Columbia in particular saw a significant change in its regulatory framework through the passing of Bill 37. This article provides a recap of some of the major changes that financial institutions should keep in mind in 2020.
Regulatory update: Finalized changes to Canada's anti-money laundering rules
In June 2018, the Canadian government proposed amendments to regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Canada) (PCMLTF Act).
On July 10, 2019, the long-awaited Regulations Amending Certain Regulations Made Under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, 2019 (Amending Regulations) were published in the Canada Gazette. The proposed regulatory text published on June 9, 2018 is now replaced and finalized by the publication of the Amending Regulations, which, as anticipated, bring significant changes to Canada's anti-money laundering rules.
The overarching purpose of these changes is to strengthen the country's anti-money laundering regime by, among other things, regulating businesses dealing in money services business (MSBs) (including foreign MSBs), virtual currencies, updating customer due diligence and beneficial ownership requirements, and clarifying various other existing requirements.
It has also been noted that the PCMLTF Act and the associated regulations were originally intended for traditionally offered financial services and "bricks and mortar" institutions. With the financial industry increasingly moving to the digital world (e.g. prepaid cards, virtual currency and foreign MSBs), updating the legal framework under the PCMLTF Act has been seen as a necessity.
We have summarized some of the key changes below and recommend that all regulated entities review the full text of the Amending Regulations in detail.
Suspicious transaction reporting (STR)
Suspicious transaction reports no longer need to be filed with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) within 30 days after the day of detection, or within three days under the draft amending regulations. Now, suspicious transaction reports are to be sent to FINTRAC "as soon as practicable after [the reporting entity has] taken measures that enable them to establish that there are reasonable grounds to suspect that the transaction or attempted transaction is related to the commission of a money laundering offence or a terrorist activity financing offence".
There is currently no guidance on how FINTRAC will interpret "as soon as practicable", but this would likely be a subjective assessment made on a case-by-case basis.
On timing of report filings, Terrorist Property Reports are now to be sent to FINTRAC "immediately" (as opposed to the previous language of "without delay").
Reporting entities will now have to provide much more information in the reports themselves. For items that are not mandatory, FINTRAC views that if the information is in the reporting entity's records, then it is to be included in the report.
A non-exhaustive list of information to be included now in STRs is below:
- Type of device used by person or entity that conducts or attempted to conduct transaction online;
- Number that identifies such device;
- The IP address used by the device;
- In the case of a person, their alias, birth date, country of residence, citizenship, employer's name, employer's business address, employer's business telephone number;
- In the case of a corporation, the name, address and telephone number of each director, as well as name of each person who directly or indirectly owns or controls 25per cent or more shares of the corporation; and
- In the case of a trust, the name, address, and telephone number of each trustee, settlor of trust, beneficiary of trust, and of each person who directly or indirectly owns or controls 25 per cent or more units of a widely held or publicly traded trust.
Fortunately for reporting entities, the sweeping language in the previous draft of the Amending Regulations requiring "every other known detail that identifies the transaction or attempted transaction" did not make it into the final Amending Regulations.
Know your client (KYC)
Identity verification requirements no longer require reporting entities to rely on a document that is "original, valid and current" that "must not include an electronic image of a document". Now, reporting entities must use a document that is "authentic, valid and current" (emphasis added). Accordingly, reporting entities are now able to verify identification for documents presented electronically (e.g., by scans of identification documents). For additional information on this topic, see our earlier bulletin from November 2019.
There are also new requirements for reporting entities to make determinations on Politically Exposed Persons (PEPs). Reporting entities will now have to take reasonable measures to determine whether, for example, the following persons are PEPs:
- Persons who requests an initiation of an international electronic funds transfer (EFT) of $100,000 or more (including in virtual currency);
- Beneficiary for whom it receives an international EFT of $100,000 or more (including in virtual currency);
- A person who makes a payment of $100,000 or more to a prepaid payment product account; and
- A person, corporation or entity for whom it opens a prepaid payment product account.
Payment card processing activities
Payment card processing activities are exempt from a number of requirements introduced by the Amending Regulations. The exceptions include certain new obligations under provisions on KYC (identity verification), STR, PEPs, and record keeping requirements.
Prepaid payment products
Prepaid payment products (e.g., prepaid cards) and prepaid payment product accounts are now expressly regulated by the anti-money laundering regime; both terms are defined broadly by the Amending Regulations. Financial entities and life insurance companies issuing such products will now be subject to record-keeping requirements, KYC obligations, and making PEP determinations that apply to regular accounts.
Money services businesses
Foreign MSBs are also, ipso facto, a reporting entity under the PCMLTF Act and associate regulations, subject to the requirements therein. This does away with the current "real and substantial connection with Canada" test that FINTRAC currently employs to determine if foreign businesses are MSBs under the PCMLTF Act and it would require them to register with FINTRAC. Furthermore, financial entities are prohibited from opening or maintaining an account for, or having a correspondent banking relationship with, an unregistered foreign MSB.
For domestic and foreign MSBs, the list of circumstances where the MSB is required to determine beneficial ownership has expanded. Further to the requirement to take reasonable measures to confirm the accuracy of beneficial ownership information when it is first obtained, reporting entities must maintain ongoing monitoring. A change in beneficial ownership information triggers the requirement to confirm that the new information is accurate.
Money services businesses now also include entities that deal in "virtual currencies" (discussed below).
Similar to the inclusion of prepaid payment products and foreign MSBs, virtual currency transactions are also expressly regulated by Canada's anti-money laundering regime. Virtual currency is defined in the Amending Regulations as:
- a digital representation of value that can be used for payment or investment purposes that is not a fiat currency and that can be readily exchanged for funds or for another virtual currency that can be readily exchanged for funds; or
- a private key of a cryptographic system that enables a person or entity to have access to a digital representation of value referred to in paragraph (a).
Representation of value for "investment purposes" will likely capture some types of initial coin offerings, while "private key" will extend to entities that host digital wallets. As with inclusion of any new regulated activity, record-keeping and reporting obligations for virtual currency transactions have to be observed.
Electronic funds transfers
Another significant change is the amendment and expansion of the definition of an electronic funds transfer (EFT). EFTs now apply to domestic transactions, as the definition no longer limits itself to cross-border transactions (i.e., international EFTs). Furthermore, the definition of EFT now includes instructions initiated and received by the same person or entity, as well as an enumerated list of carve-outs.
Accordingly, reporting entities will need to ensure that all of its applicable EFTs fall within the carve-outs, or ensure that it reports any EFTs caught by the new definition.
New guidance on harm done assessments for calculating administrative monetary penalties
On August 29, 2019, FINTRAC released guidance on how it assesses harm done in relation to administrative monetary penalties (AMPs) issued under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.
FINTRAC has legislative authority to issue AMPs to reporting entities that are not in compliance with the PCMLTF Act or its regulations, which is why these new guidance documents are critical for reporting entities to understand. These documents come in the form of seven guides that demonstrate how FINTRAC approaches the harm done criteria when determining the amount of an AMP for violations under the PCMLTF Act. The seven guides are for harm done assessments relating to:
- compliance program violations;
- large cash transaction reports, electronic funds transfer reports, and casino disbursement reports violations;
- suspicious transaction reports violations;
- "know your client" requirements violations;
- record keeping violations;
- MSB registration violations; and
- violations of other compliance measures.
There are three criteria FINTRAC takes into account when determining the amount of a penalty:
- the purpose of the AMP;
- the harm done by the violation; and
- the reporting entity's history of compliance.
FINTRAC considers an effective AMP to be one where the penalty is proportional to the harm done and promotes future compliance. Mitigating factors are also taken into consideration, which could reduce the AMP to as low as the prescribed minimum penalty amount.
When assessing the harm done, it is important to note that FINTRAC considers both the potential harm and the resulting harm. The Act's regulations classify the harm done by a violation into differing levels of harm, which carry harsher penalties as the seriousness (i.e. level) of the violation increases. Once the level of harm is determined, then FINTRAC will adjust the base penalty by factoring in the purpose of the AMP and the reporting entity's history of compliance.
FINTRAC stated that it typically reduces the AMP for first-time violations by two-thirds and second-time violations by one-third. However, three or more violations will typically result in the application of the full base penalty. FINTRAC indicated that this declining reduction applies to the same violation, which suggests that if a reporting entity was issued an AMP for a different violation under the Act, FINTRAC may reduce that different penalty by two-thirds as well as it could be considered a first-time violation for that particular violation.
The 'harm done' assessment guides are available on FINTRAC's website.
A critical change under the PCMLTF Act is that FINTRAC must make all AMP's that it imposes public as soon as feasible. The information made public includes the nature of the violation, the name of the person or entity, and the amount of the penalty. On FINTRAC's website, it states that the website public notices will remain for ten years. Previously, s. 73.22 of the Act stated that FINTRAC might make public the information after the proceedings have ended. Now, FINTRAC no longer has any discretion and must make the information public even before appeal rights are exhausted.
Introducing the BCFSA: B.C. government makes major changes to the regulatory framework for financial institutions
On November 20, 2019, the Legislative Assembly of British Columbia passed the third reading of the newly introduced Bill 37, the Financial Institutions Amendment Act, 2019 (Bill 37), which received royal assent on November 28, 2019. The purpose of Bill 37 is to modernize the legislative framework, enhance consumer protections and help maintain public confidence in B.C.'s financial institutions. Bill 37 makes significant changes in the operations of credit unions, insurance companies and intermediaries and trust companies.
QuadrigaCX (Quadriga) is an online cryptocurrency exchange. Quadriga Fintech Solutions Corp., the owner and operator of Quadriga, stopped operating in January 2019 after the death of its founder and Chief Executive Officer who alone knew the encrypted passwords to gain access to the company's offline cryptocurrency reserves. This has left approximately 115,000 customers faced with the prospect of losing an aggregate CDN 260 million in virtual currency and cash.
A Supreme Court of Nova Scotia decision provided insight into the priorities that courts consider in the context of a Companies' Creditors Arrangement Act proceeding involving many stakeholders. An Ontario Superior Court of Justice decision granted an interpleader order to a bank that was holding deposits made by individuals and companies for intended transactions relating to Quadriga. The bank paid the funds into court so that depositors could be put on notice and entitlement.
Ahead of the MFDA's Seniors Summit held October 30, 2019, the MFDA released a brief bulletin of two dealer best practices:
- Requesting clients to name a trusted contact person (TCP); and
- Placing a temporary hold on transactions where there are reasonable concerns regarding financial exploitation of a client or a client's mental capacity.
Interestingly, both practices are triggered when the investment advisor or dealer has "reasonable concerns" about a client's capacity and/or financial situation.
Canadian financial institutions will be mandated to assess the human rights consequences associated with their project finance loans as of July 1, 2020.
The Supreme Court of Canada confirms that Quebec's tax authorities can require the production of bank records from the Calgary branch of a financial institution doing business in Québec.
On March 4, 2019, the federal government published amendments to certain regulations under the United Nations Act and the Special Economic Measures Act.
Given the increasing prevalence of digital assets including cryptocurrencies, regulation of crypto platforms may have increasing impact on the business of banking in Canada in the future. The Canadian Securities Administrators and the IIROC are asking for feedback on a proposed regulatory framework for platforms for sale, purchase and trading of crypto assets. The regulators are asking stakeholders to chime in on if and how securities laws should apply, best practices for regulation and asset storage, and potential regulatory exemptions.
Some have claimed that business is in the midst of a "blockchain revolution" and that distributed ledger technologies will create a new world. Blockchain technology is creating new issues in the area of creditors' remedies as the law sorts out what these digital assets are in law and how to regulate them. While cryptocurrency jurisprudence may be in its infancy, the decision in Copytrack Pte Ltd. v. Wall, one of the first cases to consider the tracing remedy in this context – demonstrates that there are theories, opportunities and possibilities, and courts willing to fashion effective remedies.
There have been recent changes to Canada's anti-money laundering regime under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act. Canada's money laundering, terrorism financing and fraud laws are highly developed.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.