There has been a lot of action in Canada lately on the anti-money laundering (“AML”) and anti-terrorist financing (“AFT”) regulation and enforcement landscape. First, there was the coming into force on February 14, 2014 of the much anticipated changes to the AML and AFT legislation (collectively, the “2014 Amendments”), which aim to bring Canada’s AML and AFT regulation and enforcement regime closer to current international expectations and, in doing so, impacts the way financial institutions and other entities with AML and AFT responsibilities identify their clients, monitor business relationships and otherwise manage their AML and AFT risks. Directly on the heels of this, on March 28, 2014, Bill-31 the Economic Action Plan 2014 Act, No. 1 (“Bill-31″) was tabled, which, once passed, will, among other things, extend Canada’s AML and AFT legislation to persons and entities who do not have a place of business in Canada but are engaged in offering money business services to Canadians on a cross-border basis. This article will focus on the recent 2014 Amendments and the implications thereof and will include a brief overview of the additional changes on the horizon in Canada.
Summary of the 2014 Amendments. Canada’s AML and AFT regime centres around the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Canada) and the regulations relating thereto which apply to designated financial and non-financial entities known as “reporting entities” that provide access to financial systems including financial institutions, Canadian life insurance companies and money services businesses. The three main categories of changes to the Canadian AML legislation as a result of the 2014 Amendments are as follows: (1) creation of the concept of a “business relationship”, (2) new ongoing monitoring requirements and enhanced due diligence requirements for high-risk clients and (3) increased beneficial ownership requirements.
Creation of the concept of a “Business Relationship”. The focal point of the 2014 Amendments is client knowledge and due diligence, and such amendments require reporting entities to identify instances where a “business relationship” with a client has been established and determine all components of such relationship. A new definition of “business relationship” has been added to the regulations, which includes any relationship between a reporting entity and a client to either conduct financial transactions or perform services related to those transactions. In instances where a client holds at least one account with the reporting entity, all transactions and activities relating to such accounts will fall under the ambit of the business relationship. If a client does not hold an account with the reporting entity, then all transactions and activities where the reporting entity is required to confirm the identity of a person or entity will qualify as a business relationship. As a result of these changes, reporting entities that are transaction-based will need to implement measures to ensure that they have risk controls and assessments in place for certain of their one-off transactions.
The new concept of business relationship forms the basis for which money-laundering risk is evaluated and which control measures are applied. The extent of such control measures varies, with some measures such as periodic identification information update and risk and transaction review applying to all business relationships and other, advanced risk measures only applying to business relationships that are assessed as high-risk.
Ongoing Monitoring Requirements and Enhanced Due Diligence for High-Risk Clients. Many view the most significant change resulting from 2014 Amendments to be the new requirements for ongoing monitoring of business relationships. Prior to the 2014 Amendments, reporting entities were only required to be on the look- out for suspicious transactions and for monitoring their “high-risk” relationships, and reasonable measures were all that was required to keep client information up-to-date and to conduct periodic monitoring of high-risk relationships. This has greatly expanded, as there are now explicit requirements to monitor all business relationships (including pre-existing business relationships) on a continual basis and to keep a record of the measures taken to monitor the business relationship and the information obtained through monitoring. Reporting entities now must monitor their business relationships to (i) detect transactions that must be reported to the Financial Transactions Report Analysis Centre of Canada, (ii) keep beneficial ownership up to date, (iii) maintain a record of the purpose and nature of the business relationship, (iv) reassess the risk level associated with the client’s activities and transactions and (v) evaluate whether the transactions and activities are consistent with the information obtained about the client, including risk assessment.
In addition, reporting entities must now have written policies and procedures in place to accomplish such monitoring objectives, which will be costly for many reporting issuers who were not previously equipped to periodically collect such information. Such policies and procedures will include asking clients to provide information or to confirm or update their identification information by using non-face-to-face identification methods for persons and consulting electronic documentation for entities. There is no prescribed time frame for the ongoing monitoring requirements, and the guidelines recognize that the trigger may be based on client interaction rather than the passage of time. However, the general rule of thumb is that high-risk clients should be monitored more frequently than non-high risk clients, and that high-risk clients must be subject to enhanced due diligence such as updating the client information and monitoring the business relationship more frequently and implementing any other appropriate enhanced measures. Such measures could include obtaining additional information on the client such as occupation, volume of assets, source of funds, and reasons for intended use or conducted transactions, taking additional steps to verify documents, requiring the first payment to be carried out though an account in the client’s name subject to similar due diligence standards and obtaining the approval of senior management to enter into or maintain the business relationship. The penalty for failing to comply with the enhanced monitoring and due diligence measures are high with Canada’s AML and AFT legislation imposing penalties of up to $2 million and /or five years in jail for incorrect reporting.
Beneficial Ownership. Prior to the 2014 Amendments, reporting entities were only required to take reasonable measures to determine beneficial ownership of a client, which could be interpreted as a “best-efforts” basis. However, as a result of the recent legislative changes, it is now mandatory for reporting entities to ascertain the beneficial ownership of their clients. When prescribed, every organization must obtain information on all individuals who own or control 25% or more of the entity having its existence confirmed. In addition, there is a new requirement to confirm the accuracy of such information (for instance, by reviewing constating documents, annual returns, and/or records of decisions of the applicable entity), and to keep a record of such confirmation. There is now also an obligation to keep information regarding beneficial ownership up-to-date, with the frequency of such ongoing monitoring requirements depending on the risk assessment of each particular client. If beneficial ownership information cannot be obtained or confirmed, reporting entities are required to obtain the name of the most senior managing officer and take reasonable measures to confirm their identity. In these situations, the client will need to be treated as a “high-risk” client, requiring enhanced due diligence and other risk-mitigation measures going forward.
Additional Changes on the Horizon. As previously mentioned, shortly after the 2014 Amendments took effect, Bill C-31 was tabled, and is currently in its first reading. One of the most significant impacts of Bill C-31 is that it will have the effect of expanding who is considered a reporting entity for the purposes of Canada’s AML/AFT legislation. As a result, once Bill C-31 is passed, the obligations described above will apply cross-border to foreign entities who do not have a place of business in Canada but are engaged in offering money business services to Canadians. Other amendments include enhanced due diligence for politically exposed persons and expanding the purview of Canada’s AM/AFT regime to dealers in virtual currencies. This all goes to show that the AML/AFT landscape in Canada is anything but static and that companies will need to continue to adapt to changes in the AML/AFT landscape.