The Proceeds of Crime (Money Laundering) and Terrorist Financing Act requires all individual Brokers and Agencies to adopt a compliance regime to ensure they, and their employees, are compliant with the Act. It is your responsibility to ensure that you are aware of your obligations and have the appropriate regime in place.
FINTRAC expects the following five components be present within your documented compliance regime in order to ensure you are meeting your obligations.
1. Appointing a Compliance Officer: This must be someone in a Management role within the office, someone who can/will take on the overall responsibility for the overall regime. If you are an individual, sole proprietor ~ Congratulations! You are now your Compliance Officer.
2. Develop detailed, auditable compliance policy and procedures for reporting and record keeping: These procedures should be approved by a Senior Manager and/or the owners of your organization and should include sufficient information to demonstrate how you and your employees identify and/or report to FINTRAC. Here are some of the things your policies should include;
a. How to complete a third party determination;
b. How you would identify (ID) a client in a non-face-to-face situation;
c. What is a suspicious transaction, how to record it, where to report it;
d. What is an attempted suspicious transaction, how to record it, where to report it;
e. How to handle cash transactions (ie. not accepted by your office);
f. What constitutes terrorist property, what needs to be reported, where to report it;
g. What needs to be included in a Client Information Record, where is this information maintained in your office;
h. What is a Beneficial Owner and how are they identified, how often do you verify the information (ie. 2 years);
i. What are the documentation requirements for Politically Exposed Persons and HIO’s?;
j. All of the obligations outlined by FINTRAC must be mentioned in your policies, even if they do not apply to your office. Acknowledge the requirement, outline why it does not apply to your business.
3. Assess and document the money laundering and terrorist financing risks unique to your business: This assessment must be documented with consideration of the types of products you offer, the clients you deal with, the source of client funds and the geographical location of your business and the clients you do business with. You must conduct a risk assessment of your clients and business at least every two years.
4. Ongoing review of the effectiveness of your compliance program: This review should take place at minimum every two years in order to ensure your policies and procedures are up to date and adhered to. The review can be completed by an independent third party or through self-assessments and/or audits. An action plan should be created to address any deficiencies identified or updates and changes that may be required.
5. On-going Compliance training for employees and others acting on behalf of your organization. All training measures should be documented along with attendance of any face-to-face or webinar training completed/attended. Training should take place at minimum on an annual basis to ensure the knowledge is refreshed, current and up to date. A training plan for AML should be included for all new employees joining your organization.
We suggest that you visit the FINTRAC website (www.fintrac.gc.ca) regularly to ensure that you remain current on any legislative changes that may occur. We also encourage you to visit our website for additional tools and resources to help you set up your own independent AML compliance regime.
Remember,
Good Business is Compliant and Compliance Matters!