Obligations to comply with the requirements of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (“PCMLTFA”) are not limited to traditional financial entities handling large monetary transactions. If you are involved in the real estate industry, you may have an obligation to comply with PCMLTFA, report certain types of transactions to and be subject to compliance assessments executed by Financial Transactions and Reports Analysis Centre of Canada (“FINTRAC”).
Affected entities in the real estate industry include, but are not limited to, real estate developers who have sold at least five new houses or condominium units to the public after calendar year 2007, and real estate brokers and sales representatives acting as agents regarding the purchase or sale of real estate, including land, houses, commercial buildings, etc.—regardless of whether or not they receive a commission or have related fiduciary duties. There is an obligation to identify and report suspicious transactions that may be associated with the commission of money laundering or terrorist financing offences as well as maintain a compliance program.
Non-compliance can result in significant consequences, including criminal charges, up to five years imprisonment, fines of up to $2M and ongoing public notice of persons or entities receiving fines or penalties. While many of the requirements are the responsibility of employers, individuals are also obligated to report suspicious transactions and terrorist property. If you are a real estate broker, sales representative or real estate developer and required to maintain a compliance program, this document will help you to understand the basics and assess whether your Anti-Money Laundering (“AML”) and Anti-Terrorist Financing (“ATF”) program is in need of enhancement.
Basis of a compliance regime Your compliance regime should be tailored based on your organization’s size and complexity. However, in order to comply with guidance issued by FINTRAC, your program must incorporate at least the following five elements:
- Appointment of a compliance officer
Responsibility for the implementation of your compliance regime needs to be delegated to a designated individual in the organization. In order for this role to be truly effective, this individual should report to the board of directors, have access to senior management and be independent from any roles involving receipt, transfer or disbursement of funds.
- Development and implementation of written policies & procedures
While written compliance policies and procedures are at the core of a compliance regime, it is the communication and implementation of the processes which demonstrates your organization’s commitment to the prevention and detection of AML/ATF non-compliance. Your compliance policies and procedures must include, at a minimum, the applicable reporting, record keeping, client identification, risk assessment and risk mitigation requirements. These documents must be approved by a senior officer and reviewed periodically to stay current.
- Risk assessments
The purpose of AML/ATF risk assessments is to ensure that your organization is aware of your potential AML and ATF risk exposures and that appropriate controls are put in place to minimize these to an acceptable level. Your risk assessment should address factors such as the nature of your products/services, delivery channels, geographical areas and the relationships you have with your clients. Risk assessments must be documented, conducted on a regular basis, involve regular monitoring and must indicate measures taken to mitigate the risks identified. In addition, client identification documentation must be kept up to date, business relationships must be monitored on a regular basis and procedures must be developed to address high-risk situations.
- Ongoing compliance training program
Your compliance training program must continue to evolve along with the rest of your organization. Ongoing compliance training must be provided to employees, agents and other individuals who are authorized to act on behalf of your organization so that they are aware of industry specific indicators of potentially suspicious transactions.
- Periodic reviews
Your compliance regime must be reviewed at least every two years. Program reviews and results must be documented and cover your policies, procedures, training program, and risk assessment(s) to assess effectiveness. This process may involve testing a sample of client files to ensure that enhanced measures are applied where higher risks exist, and a review of the criteria and process for identifying and reporting suspicious transactions. Results must be reported to senior management within 30 days of each review.