On October 13, Canada's Department of Finance published draft amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) to improve Canada's compliance with the Financial Action Task Force's Recommendation 5 (now reformulated as Recommendation 10). As we discussed in a Financial Services Update earlier this year, the FATF's Recommendation 10 sets out essential criteria regarding customer due diligence and record-keeping.
In order to improve compliance with Recommendation 10, the Department of Finance initiated a consultation process in November 2011 to address deficiencies in the customer due diligence provisions under the PCMLTFR. The Department eventually received 41 responses to its consultation paper and also conducted follow-up discussions with stakeholders prior to releasing the amendments last month. Principally, the amendments add a definition of "business relationship" to the PCMLTFR and clarify the obligations surrounding ongoing monitoring and the circumstances under which reporting entities must take enhanced customer due diligence measures. According to the Department of Finance, the proposed amendments do not introduce any new administrative burdens on regulated entities but, rather, resolve ambiguities in the PCMLTFR.
As we discussed earlier this year, the November 2011 consultation paper proposed extending certain AML/ATF obligations, currently applicable to account openings and prescribed financial transactions, to business relationships. Under the proposed amendments, "business relationship" would be defined as a relationship with a client to conduct financial transactions or provide services related to those transactions and (i) where the client holds one or more accounts with the regulated entity, all transactions and activities relating to those accounts; or (b) if the client does not hold an account, only those transactions and activities in respect of which the regulated entity is required to ascertain the identity of a person or confirm the existence of an entity.
The definition would, however, generally exclude the transactions or activities for which exceptions already exist to record keeping and obligations regarding ascertaining identity under the PCMLTFR. Further, every person or entity that enters into a business relationship under the PCMLTFR would be required to keep a record setting out the purpose and intended nature of the business relationship.
The amendments would also add provisions to the PCMLTFR with respect to the obligation to undertake ongoing monitoring. "Ongoing monitoring" under the amendments is defined to mean periodic monitoring for the purpose of (i) detecting reportable transactions; (ii) keeping client identification information, including information regarding beneficial ownership, up to date; (iii) reassessing the level of risk associated with the client's transactions and activities; and (iv) determining whether transactions or activities are consistent with the information obtained about the client, including the client's risk assessment.
Under the new provisions to the PCMLTFR, regulated entities that are required to ascertain the identify of a person or confirm the existence of an entity would then be generally required to conduct ongoing monitoring of its business relationship with the person or entity, and also keep a record of the measures taken and the information obtained. Where ongoing monitoring suggests there to be a high risk of money laundering or terrorist activity, the regulated entity would be required to treat the person or entity as high risk and take certain prescribed measures.
The proposed amendments would also make the exemptions from requirements regarding ascertaining identity and record keeping, currently found at section 62 of the PCMLTFR, inapplicable in cases of suspicious transactions.
Under the current PCMLTFR, regulated entities that are required to confirm the existence of an entity when opening an account must confirm the existence of the entity and take reasonable measures to obtain the name, address and occupation of everyone that owns or controls 25% or more of the entity. In the case of a corporation, regulated entities must take reasonable measures to obtain the name and occupation of all directors of the corporation and the name, address and occupation of everyone that owns or controls 25% or more of the shares of the corporation. Regulated entities must keep records of the information, and, where the required information cannot be obtained, a record must be kept indicating why the information could not be obtained.
Under the proposed amendments, the regulated entities would still be required to obtain information regarding the directors and shareholders owning or controlling 25% or more of the shares of a corporation and, in the case of entities other than corporations, the names and addresses of everyone that owns or controls 25% or more of the entity. However, the amendments would also require that in the case of trusts, the name and addresses of all trustees and known beneficiaries and settlors be obtained. Further, regulated entitles would be required, in all cases, to obtain information establishing the ownership, control and structure of the entity in question.
Meanwhile, the wording that requires regulated entities to take "reasonable measures" to obtain the necessary information has been removed. While the change would otherwise suggest that the requirement to obtain the requisite information is now unconditional, the amendments also require that if the information cannot be obtained, a regulated entity take reasonable measures to ascertain the identity of the most senior managing officer of the entity and treat the entity as high risk. Thus, the unconditional requirement to obtain the information appears to be qualified. Further, the amendments would require regulated entities to take reasonable measures to confirm the accuracy of information obtained and maintain records regarding the measures taken.
High risk clients
Currently, the PCMLTFR prescribe certain special measures that are required for circumstances where the risk of money laundering or terrorist activity is considered to be high. These special measures include taking reasonable measures to keep client identification and related information up to date, taking reasonable measures to conduct ongoing monitoring for the purpose of detecting transactions that are required to be reported to the Financial Transactions and Reports Analysis Centre of Canada, and mitigating the identified risks.
Under the proposed amendments, the prescribed measures required in high risk situations would include taking "enhanced measures" based on a risk assessment to ascertain the identity of any person or confirm the existence of any entity in addition to other measures set out in the PCMLTFR and taking "any other enhanced measure" to mitigate the identified risks. Such measures would include keeping client identification information and corporate information up to date and conducting ongoing monitoring of business relationships for the purpose of detecting reportable transactions.
Comments on the proposed amendments are being accepted within 30 days of the publication date of the notice. While the amendments will require that regulated entities review and potentially update their processes to ensure compliance with monitoring and recordkeeping requirements, the proposals are not expected to come into force for some time, as the amendments will not be effective until one year after final publication.