Proposed Regulations: Regulations Amending Certain Regulations Made under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, 2015 (Proposed Regulations)
Publication Date: July 4, 2015
Consultation: Representations may be made to the Department of Finance within 60 days of the publication date.
In force: Certain provisions are in force upon registration and remaining provisions are in force 12 months following registration. Registration date is not yet known.
On July 4, 2015, proposed amendments to various regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PC Act) were published in the Canada Gazette.
Some of the key proposed amendments provide for the following:
- New, less prescriptive methods for verification of identity. These proposed amendments are particularly relevant for entities that transact when the individual is not physically present. Such transactions are referred to in the industry as “non-face-to-face” and abbreviated as “NFTF” in this update.
- An update to the definitions of “signature” and “signature card” to more broadly include electronic signatures. This change is intended to facilitate NFTF account openings.
- New requirements regarding domestic politically exposed persons and heads of international organizations.
- An update to the record keeping requirement applicable to financial entities in respect of credit arrangements entered into with clients.
- Additional criteria to be considered in risk assessments conducted as part of compliance programs.
Highlights of proposed amendments
Verifications of Identity
Currently, under the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PC Regulations), entities that are required to verify the identity of individuals have limited options with respect to identification methods, particularly if they conduct business in an NFTF environment. Entities subject to requirements under this legislation include financial entities, life insurance companies, securities dealers, money services business, accountants and accounting firms, casinos and government entities (Reporting Entities).
The proposed amendments to the NFTF methods of verifying identity are a positive development for Reporting Entities. In place of the current highly prescriptive requirements, the Proposed Regulations allow Reporting Entities to verify identity by referring to information from a “reliable source,” as described in more detail below.
It is expected that the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) will provide guidance on the methods that will be acceptable to meet the new reliable source criterion. We will see whether FINTRAC will interpret the concept of reliable source in a manner that encourages innovation and facilitates new technologies.
Under the Proposed Regulations, Reporting Entities will be permitted to verify identity as follows:
- By referring to information that the Reporting Entity receives from a federal or provincial government body (or an agent or mandatary of such government body) and by verifying that either the name and address or the name and date of birth contained in this information are those of the individual whose identity is being verified;
- By referring to information contained in the person’s credit file located in Canada (provided the credit file has been in existence for at least three years) and verifying that the name, address, and date of birth are those of the individual whose identity is being verified;
- By doing any two of the following:
- referring to information from a reliable source that contains the individual’s name and address, and verifying that the name and address are those of the individual;
- referring to information from a reliable source that contains the individual’s name and date of birth, and verifying that the name and date of birth are those of the individual; or
- referring to information that contains the individual’s name and confirms the individual has a deposit account, credit card or other loan account with a financial entity, and verifying that information.
Additional proposed amendments are intended to limit the duplication of identity verification efforts. For example, a Reporting Entity will be permitted to rely on its own previous identity verification, unless the Reporting Entity has doubts about the information used to verify the individual’s identity. This is an expansion from the current exemption, which only applies where the Reporting Entity “recognizes” the individual (“recognize” has been interpreted to include only recognition by voice or sight, rather than online or digitally).
Also, the Proposed Regulations revise the permitted method of identity verification when the individual is physically present. In particular, unlike the current requirements in the PC Regulations, the Proposed Regulations (i) require an identification document to contain a photograph of the individual; and (ii) allow Reporting Entities to use identification documents issued by foreign governments (other than municipal governments).
The Proposed Regulations provide that (i) documents used to verify identity must be original, valid and current; and (ii) information used to verify identity must be valid and current and must not include an electronic image of a document. These limitations, particularly when read in the context of the “reliable source” requirement, raise questions as to what information and sources will be considered acceptable. We will see whether these provisions will be interpreted in a manner that is practical for entities that conduct online and mobile transactions.
Update to Signature Card Requirement
Under the PC Regulations, financial entities and securities dealers are required to keep a signature card for each account holder. The Proposed Regulations would update the definition of “signature card” to allow signature cards to be signed electronically. In addition, the proposed revised definition of “signature” will provide flexibility to institutions to determine the criteria under which they accept electronic signatures. These updates should assist entities that transact in an NFTF environment.
Additional Obligations: Domestic PEPs and Heads of International Organizations
Currently, under certain circumstances, such as account openings and large transactions ($100,000 or more), Reporting Entities are required to determine whether their existing or potential clients are politically exposed foreign persons (Foreign PEPs).
In June 2014, amendments1 to the PC Act added the following new categories: (i) politically exposed domestic persons (Domestic PEPs); and (ii) heads of international organizations (HIOs). The amendments to the PC Act require Reporting Entities to determine whether they are dealing with Domestic PEPs and HIOs and to take prescribed measures2 when such determinations are made, in addition to doing so in respect of Foreign PEPs.
To address these amendments, Reporting Entities will be required to update their search methodology to include individuals who are designated as Domestic PEPs and HIOs (in addition to the current requirements that only apply to Foreign PEPs) and apply the prescribed measures set out in the Proposed Regulations once a Domestic PEP or HIO determination is made.
Additional Obligations: Risk Assessment
Reporting Entities are required to implement a compliance program that must include an assessment and documentation of risks of money laundering and terrorist financing that arise in the course of their activities.
Currently, risk assessments must be based on criteria including the Reporting Entity’s clients and business relationships, products, delivery channels and geographic location of activities. The Proposed Regulations also require Reporting Entities to take into consideration new developments and the impact of new technologies on their clients, business relationships, products, delivery channels and geographic location of activities.
The Proposed Regulations also require financial entities to consider the risks resulting from their affiliates’ activities.
Additional Record Keeping Obligations – Reasonable Measures and Client Credit File
The Proposed Regulations add a requirement for Reporting Entities to keep a record of any reasonable measures they have taken (when reasonable measures are required under the PC Act or regulations) in situations where they were unable to determine the information specified.3
The record keeping requirement in connection with credit arrangements has been updated in the Proposed Regulations. Financial entities will be required to keep a record for every credit arrangement that includes the client’s financial capacity, the terms of the credit arrangement, and if the client is an individual, the address of the client’s business or place of work, in addition to the terms and conditions of the credit arrangement. This amendment creates a positive obligation for financial entities to collect and keep a record of specific information each time they enter into a credit arrangement with a client, whether or not such record would otherwise be created in the normal course of business.4
The bottom line
The Proposed Regulations are currently in draft and there is a 60-day comment period beginning from the date of publication (July 4, 2015). Once the regulations are registered (published in final form), the provisions discussed in this update will come into force immediately, except for the provisions regarding Domestic PEPs and HIOs, and the additional record keeping obligations, which will come into force 12 months following registration.
Reporting entities will be required to modify certain of their policies, practices, procedures and forms to address the proposed amendments. However, overall, the proposed amendments are likely to be beneficial to Reporting Entities as they will modernize the requirements for verifications of identity and signature cards and provide flexibility that does not currently exist in the regime. We will see whether guidance will interpret the new provisions in a manner that encourages innovation and adoption of new technologies.