Use the Lexology Navigator tool to compare the answers in this article with those from other jurisdictions.    

Record keeping, disclosure and compliance

Record-keeping and disclosure requirements

What record-keeping and disclosure requirements apply to companies and relevant individuals under the anti-money laundering, terrorism financing and fraud legislation?

Reporting entities under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) must keep certain records relating to their compliance regime. The specific record-keeping requirements vary for each reporting entity. In general, they include:

  • requirements to keep records relating to know your client verification;
  • the clients’ intentions with respect to the purpose of entering into a business relationship with the reporting entity;
  • the intended use of accounts that a client has with a reporting entity;
  • efforts to undertake ongoing monitoring to identify suspicious transactions;
  • beneficial ownership, control details and business structures for clients that are entities;
  • records of efforts and details of third parties for whom transactions are undertaken;
  • determinations of politically exposed persons or heads of international organisations;
  • related risk assessments and decisions to do business with such persons;
  • a documented risk assessment of the business assessing money laundering and terrorist financing exposure;
  • steps taken to mitigate identified risks relating to foreign branches or subsidiaries or correspondent banking relationships;
  • reports filed with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), the primary anti-money laundering regulator in Canada; and
  • information relating to account openings, relevant terms and conditions and certain transactions and – where the PCMLTFA requires that “reasonable efforts” be undertaken to obtain or verify certain information – records of the efforts taken, when they were taken and, if unsuccessful, why.

Reporting entities under the PCMLTFA must generally file with FINTRAC:

  • suspicious transaction reports where there are reasonable grounds to suspect a transaction or attempted transaction of any value is related to money laundering or terrorist financing;
  • large cash transaction reports for transactions of C$10,000 or more in cash in a single transaction or multiple transactions within a 24-hour period.

Terrorist property holdings must be reported to FINTRAC, and generally to the Royal Canadian Mounted Police (RCMP) or the Canadian Security Intelligence Service (CSIS). This requirement applies regardless of the value of the property.

International electronic funds transfers of C$10,000 or more must be reported to FINTRAC and to the Canada Revenue Agency when conducted in a single transaction or multiple transactions within a 24-hour period. Casino disbursements of C$10,000 or more in a single transaction or multiple transactions within a 24-hour period must also be reported to FINTRAC.

The Canadian economic sanctions regime also requires certain businesses to monitor for property held by or on behalf of designated persons within their possession or control and report that property to the CSIS or the RCMP – and, in some cases, the primary regulator for their business.


What internal compliance measures are required and/or advised for companies in relation to the anti-money laundering, terrorism financing and fraud legislation?

It is prudent for any party engaged in material international business to have a policy to comply with Canadian economic sanctions to ensure they are not dealing in property of designated persons with whom they are prohibited to deal. Certain businesses are required by law to monitor for such transactions. This obligation typically applies to banks, cooperative credit societies, credit unions and caisses populaires, certain insurance businesses, fraternal benefit societies, trust and loan companies regulated by Canadian law, participants in the securities sector and money services businesses.

Reporting entities under the PCMLTFA must also:

  • appoint a compliance officer responsible for their compliance programme;
  • develop, apply and keep up to date written compliance policies and procedures, including enhanced measures to mitigate high-risk business;
  • conduct and document a money laundering and terrorist financing risk assessment of their business activities and relationships;
  • develop and maintain a written ongoing compliance training programme for employees, agents and others authorised to act on their behalf; and
  • complete an effectiveness review of their compliance programme no less than every two years.

Money service businesses must also register with FINTRAC and comply with requirements of similar applicable laws in the province of Quebec if they carry on business in that province.

What customer and business partner due diligence is required and/or advised for companies in relation to the anti-money laundering, terrorism financing and fraud legislation?

Sanctions screening of business partners and assessment of money laundering or terrorist financing risk is prudent risk management practice for all businesses. However, only certain stipulated entities have strict obligations to implement an anti-money laundering, anti-terrorist financing or sanctions screening and compliance regime. Outside these businesses, such policies are valuable to ensure compliance with anti-money laundering, terrorism financing and fraud legislation of general application. Whistleblower programmes are prudent and facts that are identified or reported through these should be investigated and addressed. Ignoring signs of criminal activity may establish ‘recklessness’, which can be sufficient to support findings of knowledge or intent to commit criminal acts.

Click here to view the full article.