Archived information is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Investment Dealers Association of Canada' Submission in Response to Finance Canada's Enhancing Canada's Anti-Money Laundering and Anti-Terrorist Financing Regime consultation:
Investment Dealers Association of Canada
Association Canadienne des courtiers en valeurs mobilières
Direct line: 416-943-6903
September 30, 2005
Director, Financial Sector Division
Department of Finance
140 O'Connor Street
Dear Ms. Lafleur:
Thank you for the opportunity to comment on the Department of Finance's Consultation Paper:
"Enhancing Canada's Anti-Money Laundering and Anti-Terrorist Financing Regime."
The IDA is the national self-regulatory organization of investment dealers. It conducts direct regulatory oversight of all of its members across the country. It is formally recognized as a self-regulatory organization under the Securities Acts of Alberta, British Columbia, Manitoba, Nova Scotia, Ontario, Quebec and Saskatchewan. Applications for recognition are pending in New Brunswick and Newfoundland. The legislation in Prince Edward Island does not yet permit formal recognition, although the IDA operates in these jurisdictions as if the recognition was in place.
The IDA supports the efforts of the Government of Canada and the international community to fight money laundering. Since the promulgation of the Regulations under the previous Proceeds of Crime (Money Laundering) Act (1991) the IDA has provided its Members with education and guidance on anti-money laundering (AML) and anti-terrorist financing (ATF) requirements and has conducted audits of their compliance with the Regulations as part of its regular sales compliance reviews. It recently signed a Memorandum of Understanding (MOU) with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) to share information on its review findings regarding Member compliance with the AML and ATF requirements, which it had provided voluntarily prior to the changes in the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) that made it possible for FINTRAC to sign such MOUs.
The IDA has also consulted with and written comment letters to the Department of Finance in connection with all amendments to Canada's anti-money laundering and anti-terrorist financing laws and regulations. It wrote a comment letter to the Financial Action Task Force regarding the proposed changes to the 40 Recommendations in 2003 and sent a representative to an October, 2002 industry consultation session regarding the proposed changes.
Finally, the IDA has passed and implemented its own anti-money laundering requirements, particularly requirements to identify and verify the identity of the beneficial owners of corporate and trust accounts. These requirements, also of use in the regulation of securities markets, were passed by the IDA Board immediately after the revisions to the FATF 40 Recommendations in June 2003.
Suite 1600, 121 King Street West
Toronto, Ontario M5H 3T9
The IDA generally supports the objectives of the Consultation Paper and the specific proposals outlined, with the caveats noted below. We believe that the concerns raised can best be addressed by a careful approach to implementation of the proposals including extensive prior consultation with affected financial institutions.
1. The Consultation Paper takes too narrow a view of the meaning of a risk basis for customer due diligence.
The Consultation Paper's response to the FATF comments on use of a risk basis in customer due diligence is to identify four more types of transactions for which financial institutions can apply reduced or simplified measures. In doing so, it continues to limit use of the risk-based approach to the identification of regulation exemptions, whereas the FATF recommendation would extend its use to the development by financial institutions of their own risk-based procedures.
The decision on use of risk-based measures affects many other aspects of the current regulations and the proposed changes. Our comments on specific proposals, particularly Proposal 1.7, will deal with the issue in greater detail.
|Recommendation 1: The CDD regulations should be amended to give reporting entities latitude to risk assess their customers, businesses and products and craft CDD procedures commensurate with those risks. In conjunction with this change, the proposed AML/ATF Advisory Committee or a separate group with industry. government, regulatory and law enforcement participation should develop and issue guidelines regarding appropriate AML/ATF risk assessment and control practices.|
2. The Consultation Paper retains a bias towards documentary methods of customer identification and verification.
In several proposals the Consultation Paper continues to treat documentary identification and verification as the preferred method. However, documents can be forged, altered, falsified or invented in ways that are difficult for experts to identify, let alone financial institution employees whose expertise lies elsewhere.
Many financial institutions already make use of data sources such as credit bureaus and databanks for purposes such as credit control and fraud prevention. In many cases these may provide better verification of identity in that customers do not know what sources are being checked and a person's or entity's presence in a databank – and in some instances its continuous presence over a long period - is harder if not impossible to falsify.
In this regard, The Joint Money Laundering Steering Group (JMLSG) in the United Kingdom notes in the introduction to a consultation paper issued in March, 2005:
JMLSG also revisited the use of electronic verification in the light of the greatly expanded range of data now held electronically in respect of individuals and non personal legal entities. JMLSG believes that, subject to carefully assessed controls, firms should be encouraged to make greater use of electronic verification, as this is transparent to the customer, and can reduce the requirement for customers to produce paper-based documents whilst at the same time providing a significant level of assurance as to the customer's identity.
|Recommendation 2: The current and proposed Regulations should be amended to allow increased use of data-based methods of customer identity verification in all situations. Such methods should be on subject of the guidelines recommended in Recommendation 3.|
3. The Consultation Paper focuses almost entirely on new initiatives. It does not raise or solicit comments or suggestions arising from experience to date with the current law and regulations.
Canada's anti-money laundering regulations have now been in place for 12 years. The last major revision was implemented three years ago. In the IDA's view, those revisions failed to address a number of important issues that make the requirements complex, over broad and inconsistent. The enhancements outlined in the Consultation Paper continue to add requirements while doing little to address current problems or re-examine the underlying philosophy and practical outcomes from 12 years of experience, domestic and international, or developments other than the revisions to the FATF 40 Recommendations.
The IDA believes that now is an ideal opportunity for close consultation with reporting entities, their regulators and associations that will lead to a significantly more effective anti-money laundering and anti-terrorist financing regime. In that respect, the formation of an advisory committee as described in Proposal 5.1, even on an informal basis, is recommended.
|Recommendation 3: The Department of Finance should, prior to completing final amendments to PCMLTFA and the regulations thereunder, consult with industry and other interested parties on current implementation and other problems identified through experience in complying with the current regulations and considering remedying such problems in the final amendments.|
4. The Consultation Paper does not address previously identified problems with or lacunae in the current regime.
In its comment letters on previous statutory and regulatory amendments the IDA has raised a number of issues that could not be addressed because of time constraints and that have not been dealt with in the Consultation Paper. We suggest that they should be addressed as part of the process being initiated by the Consultation Paper. This comment letter will outline some of those issues.
|Recommendation 4: The Department of Finance should review previous comment letters and suggestions to identify other proposals that could not be implemented at the time but should be in this round of amendments.|
The following comments are ordered on the sequence in which they occur in the Consultation Paper and do not reflect any judgment on the relative importance of the recommendations. We are neutral regarding any proposals that are not the subject of comment. This does not mean that we do not support them, merely that we have no expertise on the topic.
Proposal 1.4 – Suspicious Transactions and Doubtful Client Information
The proposal deals with situations in which "there is a suspicion of money laundering or terrorist financing." It is unclear whether the proposal will impose a subjective standard – i.e. the financial reporting entity is actually suspicious of money laundering or terrorist financing – or an objective standard – i.e. the reporting entity has reasonable grounds for suspicion.
It is similarly unclear as to whether the second trigger for the requirement to repeat CDD procedures – doubt as to the veracity or accuracy of previously obtained information – is intended to be a subjective or objective standard.
Setting the threshold for the requirement is important in terms of the frequency with which financial institutions are likely to be faced with conducting or re-conducting customer due diligence procedures. It is likely that they will do something of the sort when they are actually suspicious, less likely when they are simply reviewing or reporting unusual activity. The objective standard is likely to cause more frequent implementation of CDD measures because it is harder to determine when the threshold has been reached and is more likely to result in defensive action.
The IDA nonetheless supports the objective standard in both instances. States of mind can seldom be adequately proven and can be pleaded in the face of the most egregious circumstances. The objective standard and possibility of a requirement to take additional steps will make reporting entities consider carefully each situation with which they are confronted and reduce the amount of defensive reporting of borderline transactions or those should simply trip a preliminary review.
|Recommendation 5:Any regulation requiring the conduct of identification and verification procedures on existing customers because of suspicion of money laundering or terrorist financing or doubt regarding the veracity or accuracy of previously obtained CDD information should be clear as to whether the trigger is actual suspicion/doubt or reasonable grounds for suspicion/doubt. The IDA recommends a "reasonable grounds" standard in both cases.|
The proposal would require that in cases of suspicion the financial institution conduct – if it hasn't before – or repeat customer identification and verification procedures if "there are doubts as to the veracity or adequacy of previously obtained customer information." The latter requirement suggests a dual test, whereas we would suggest that the procedures should be conducted or repeated whenever there is doubt as to the veracity or accuracy of previously obtained customer identification information, whether or not there is yet a suspicion of money laundering or terrorist financing.
The scope of the information in doubt should be kept narrow, i.e. to the information required under AML/ATF regulations. Reporting entities gather other information about customers for business or regulatory purposes and should not be subject to AML regulations if some of it appears doubtful or inaccurate.
In the event a reporting entity's doubts prove to be founded, it should consider the source of the inaccuracy and any likely reasons and, if there are reasonable grounds to suspect that they are part of an attempt to establish a venue for future money laundering or terrorist financing activities, should report the matter to FINTRAC. In the absence of AML/ATF suspicion, the reporting entity should be permitted to make its own decision on the correct course of action
|Recommendation 6: Any reporting entity having reasonable grounds to doubt the accuracy or veracity of previously obtained CDD information required under the PCMLTF Regulations should be required to conduct CDD procedures sufficient to confirm the information. If the information proves to be inaccurate and the reporting entity has reasonable grounds for suspecting that the inaccuracy may be related to money laundering or terrorist financing activity, the reporting entity should review any transactions conducted to determine whether they are suspicious and, even if it does not identify suspicious transactions, should report the matter to FINTRAC as attempted suspicious activity under Proposal 2.1, subject to the modifications to that proposal contained in Recommendation 24.|
The proposal appears to indicate that the verification procedures to be undertaken would be the same procedures as required on account opening, but identifies a significant problem – that the subject of the suspicion will be tipped off. It is difficult to see how the current required procedures could be followed without tipping off a money launderer, terrorist or terrorist financier, any one of which is likely to be highly suspicious of any unusual information or other requests.
This aspect of the proposal highlights the utility of adopting a risk-based approach to CDD adopting data-based identification and verification methods (see Recommendations 3 and 4). Reporting entities would be able to develop a suite of verification procedures based on the assessed risk related to the specific customer. Suspicion of money laundering or terrorist financing or doubt as to the veracity of CDD information would clearly place the customer in a high risk category. If not already in that category, the reporting entity would have higher level procedures to implement, which could be totally transparent to the customer and obviate the concern about tipping off. Such procedures could include checking of additional databases, running checks through credit reporting agencies (even where credit has not been requested) or retaining internal or external investigative assistance to conduct background inquiries and verify information in the field.
Proposal 1.5 – Politically Exposed Persons (PEPS)
The proposal appears to have a dual trigger for PEP requirements: 1) transactions above a certain threshold and 2) reasonable grounds to suspect that the customer is a foreign or domestic PEP.
It is unclear what purpose a transactional trigger serves. We believe that the proposed procedures should relate to any customer that is a PEP, regardless of the level of transactions undertaken. PEPs would, under a risk-based system, be considered higher risk customers, but reporting entities would also be able to apply risk-based transactions monitoring systems such that normal transactions by PEPS would not require scrutiny, while large or unusual transactions would be flagged for consideration as to the possibility that the assets involved were derived from corruption.
Pre-transaction review and senior management approval can be extremely difficult to implement, particularly when transactions do not normally involve human intervention. If a reporting entity has identified PEPs, sufficient post-transaction monitoring of transactions can be done using normal monitoring systems and procedures. We therefore do not believe that pre-transaction approval should be required where it is not already part of a business-related process.
|Recommendation 7: Requirements regarding PEPs should include CDD measures and risk-based monitoring, but should not require prior approval of transactions that is not already part of an established business process.|
It will be difficult for reporting entities to identify PEPs, particularly in dealing with foreign customers where there is no clear information such as occupation or the holding of a readily apparent public office to identify the client or potential as a PEP. The proposal does not comment on the extent to which close relatives and associates of PEPs should themselves be considered PEPs. The wider the net, the more difficult the identification problem will be.
|Recommendation 8: The regulations regarding PEPs should contain a clear definition as to who is or is not a PEP with particular attention to whether or what relatives and associates of public office holders should themselves be considered PEPs.|
At least on the domestic front, one approach would be for the Government of Canada to implement requirements for PEPs to identify themselves as such to reporting entities, if necessary encouraging other levels of government to implement similar measures. It could also build a database available to reporting entities identifying domestic PEPs.
Internationally, the Government of Canada, acting through international bodies such as FATF encouraging similar requirements in all countries and should encourage the development of databases available to reporting entities which identify PEPs. Guidelines for CDD as recommended in Recommendation 3 should include checking of such databases as both a good business practice and a sufficient exercise of due diligence in the absence of any unusual factors (examples of which could be delineated) raising suspicion that the customer is a PEP.
|Recommendation 9: The Government of Canada should undertake measures to assist reporting entities in identifying PEPs and recognize the use of any resulting facilities, in the absence of any other information suggesting that a customer or potential customer is a PEP, as sufficient CDD in identifying PEPS.|
Proposal 1.6 - Correspondent Banking
The proposal appears to be limited to correspondent banking relationships. Securities dealers have correspondent trading relationships with other securities dealers, domestic and foreign, which are of a totally different nature from correspondent banking relationships. Regulations regarding correspondent trading relationships between securities dealers should be dealt with separately.
|Recommendation 10: Regulations regarding correspondent banking relationships should be worded so as not to include correspondent trading relationships between securities dealers.|
The proposal suggests consideration of a prohibition against correspondent banking relationships with shell banks. IDA Regulation 1300, which imposes requirements to identify the beneficial owners of corporate and other non-personal accounts, also prohibits dealings with shell banks. The prohibition should extend to all reporting entities.
However, the definition of "shell bank" needs to be carefully worded, as reputable international banking concerns do in some circumstances maintain subsidiaries that meet the definition in the proposal of "having no physical presence in any country" but nonetheless fall under the regulatory regime of its home country. Such subsidiaries should be exempted. Consideration could be given to a requirement that the parent bank certify that the subsidiary follows appropriate AML procedures or is subject to consolidated regulation in a country having an AML regime that conforms to international standards.
|Recommendation 11: All reporting entities should be prohibited from dealing with shell banks, other than those that are subsidiaries of international banking concerns and are subject to regulation by a domestic banking regulator in a country having an adequate AML regime.|
As noted on Page 14 of the Consultation Paper, FATF Recommendation 5 states:
Financial institutions should apply each of the CDD measures under [Recommendation 5]..., but may determine the extent of such measures on a risk sensitive basis depending on the type of customer, business relationship or transaction. The measures that are taken should be consistent with any guidelines issued by competent authorities. For higher risk categories, financial institutions should perform enhanced due diligence. In certain circumstances, where there are low risks, countries may decide that financial institutions can apply reduced or simplified measures.
The Consultation Paper focuses on the last part of the recommendation by identifying four types of transactions for which financial institutions can apply reduced or simplified measures. It ignores the first part, which would permit financial institutions to determine the extent of CDD measures on a risk-sensitive basis.
The use of risk-based systems and application of varied CDD procedures resulting from assessed risk is becoming widely accepted internationally. For example, Article 7, Section 2 of the recently passed Third Money Laundering Directive of the European Union states:
The institutions and persons covered by this Directive shall apply each of the customer due diligence requirements in paragraph 1, but may determine the extent of such measures on a risk-sensitive basis depending on the type of customer, business relationship, product or transaction. The institutions and persons covered by this Directive should be able to demonstrate to the authorities mentioned in Article 33, including self-regulatory bodies, that the extent of the measures is appropriate in view of the risks of money laundering and terrorist financing.
The JMLSG in the United Kingdom takes the same approach, as noted in the introduction to its draft revised guidance:
1.3 In 1990, many firms lacked formal control systems targeted at money laundering, and so the guidance had to start from a position of educating firms about the need for systems, as well as specifying their design. But there is now greater industry awareness of the importance of having cost-effective and proportionate systems and procedures. These must take account of the inherent risks in the business, arising from customers, products and geographical areas.
1.4 The formal status of industry guidance has changed significantly under recent legislation. The Money Laundering Regulations 1993 and 2001 provided that, in considering whether any breach of the Regulations had taken place, a court could consider whether a firm had followed any relevant industry guidance (such as that set out in the JMLSG's guidance). The Proceeds of Crime Act 2002, the Terrorism Act 2000 and the Money Laundering Regulations 2003 provide that, in considering whether such a breach has taken place, a court must consider whether a firm followed such guidance.1.5 The FSA has also indicated that in assessing a firm's compliance with the requirements of the FSA Money Laundering Sourcebook ("ML"), it will have regard to the relevant provisions of JMLSG's guidance. It has also signalled a shift away from an emphasis on identification (ID) and record keeping to assessing firms' compliance with their own procedures.
1.6 There is therefore a strong presumption that firms will have regard to the guidance. The guidance is needed as a manual of advice and good practice to firms on how to meet their regulatory and legal obligations.
1.7 A more clearly risk-based approach to money laundering prevention means that some discretion is given to individual firms in how they assess and mitigate the risk they face. The risk-based approach is promoted by the 31-nation Financial Action Task Force in its 40 Recommendations, and is being embraced by the European Union in the drafting of its forthcoming3rd Directive on money laundering and terrorist financing.
1.8 The greater discretion (and responsibility) allowed to management under a risk-based approach means that new guidance needs to be given in this area. It is important that senior management takes full responsibility for managing money laundering risk.
1.9 Identification procedures imposed on customers should take account of the money laundering risk that particular customers present. It is therefore important to manage money laundering risk in a way that is consistent with minimising the inconvenience caused to customers, whilst at the same time allowing the firm to meet its obligations.
1.10 Senior management must therefore be fully engaged in the decision making processes, and must take ownership of the risk-based approach, since it will be held accountable if the approach is inadequate. That said, provided the assessment of the risks and the selection of mitigation procedures has been approached in a considered way, all the relevant decisions are properly documented, and the firm's procedures are followed, the risk of censure should be minimised.
1.11 For all the above reasons, therefore, JMLSG took a decision, fully supported by the government and the FSA, to undertake a radical revision of its industry guidance.
Risk-based systems cut both ways, requiring financial institutions to scale their CDD efforts to the risk involved – reduced or simplified measures for low risk customers, heightened measurements for high risk clients.
While this approach places greater reliance on financial institutions, in the IDA's view it would significantly improve Canada's AML regime by permitting financial institutions to focus their AML efforts where most needed. Forcing them to take the same measures in all instances wastes resources on low-risk situations, tending to lead to rote compliance with the form or the requirements rather than willing partnership in meeting their ends. An adjustment of approach is particularly critical at this juncture, when new requirements such as beneficial ownership identification, involving significant investments in resources, are about to be implemented.
A true risk-based approach does not mean abandoning requirements to the whims of the regulated entities. FATF Recommendation 5clearly calls for guidelines by competent authorities, but guidelines and prescriptive rules are entirely different things. A great deal of work on guidelines to assist financial institutions in developing effective, risk-based anti-money laundering procedures has been done by the Wolfsberg Group, JMLSG, the Securities Industry Association in the United States and other groups. The development of and agreement on guidelines could certainly be a central role of the proposed AML/ATF Advisory Committee.
Recommendation 1 above encapsulates our recommendation regarding the implementation of the revisions to FATF Recommendation 5. As to specific measures for identification and verification under a risk-based system, we have further comments below with regard to proposal 1.9.
Proposal 1.7 also proposes extension of the record-keeping exemptions to the range of transactions that are exempt from customer identification requirements under the current regulations.
The exact extent and meaning of this proposal is unclear, particularly in its reference to exempt transactions. The current regulations contain a host of exemptions cross-referenced to requirements found elsewhere in ways that do not always make sense. Most of these relate to identification and verification procedures at account opening. For example, securities dealers are required under Section 23 of the current Regulations to obtain corporate information and documents about corporate customers, with an exemption for financial entities as defined in the Regulations. However, the exemption extends only to Section 21(1).
Proposal 1.8 – Agents or Introducers
The proposal would, subject to conditions, permit reporting entities to use third parties to verify a customer's or potential customer's identity by viewing a government-issued document as required under the regulations.
The heading of the proposal uses the term "introducers" but the text seems to refer to agents. The term "introducer" has a variety of meanings in different contexts. In general, it suggests a pre-existing relationship between the introducer and the customer or prospective customer. In the securities industry, it refers to a specific type of services relationship between dealers that we will comment on below. We suggest that the term should be avoided in the discussion of the retention by a reporting entity of a third party to conduct verification procedures.
There are many situations in which businesses make use of agents to act on their behalf. In the securities industry, the relationship between a dealer and individuals acting on its behalf may be a principal-agent relationship. IDA By-law 39 covers such relationships. In such cases the agent may be largely indistinguishable from an employee.
IDA Members have also made use of accounting and law firms to conduct money laundering verification on their behalf using letters of instruction rather than contracts.
For business purposes it is always essential that the terms of the relationship be clear. The principal is always responsible for the acts of its agent done within those terms and for keeping proper records of things done by the agent on its behalf. For that reason, we see no benefit in a regulation imposing a specific form of documentation for such arrangements.
|Recommendation 12: The use of agents to conduct identity verification procedures should not be subject to any specific requirements as to the form of documentation of the arrangement.|
The proposals do not include any provision for referral of customers from one financial institution to another as provided for in FATF Recommendation 9:
9. Countries may permit financial institutions to rely on intermediaries or other third parties to perform elements (a) through (c) of the CDD process or to introduce business, provided that the criteria set out below are met. Where such reliance is permitted, the ultimate responsibility for customer identification and verification remains with the financial institution relying on the third party.
The criteria that should be met are as follows:
a) A financial institution relying upon a third party should immediately obtain the necessary information concerning elements (a) – (c) of the CDD process. Financial institutions should take adequate steps to satisfy themselves that copies of identification data and other relevant documentation relating to the CDD requirements will be made available from the third part upon request without delay.
b) The financial institution should satisfy itself that the third party is regulated and supervised for, and has measures in place to comply with CDD requirements in line with Recommendations 5and 10.
It is left to each country to determine in which countries the third party that meets the conditions can be based, having regard to information available on countries that do not or do not adequately apply the FATF Recommendations.
The European Union has incorporated into the Third Money Laundering Directive provisions in Articles
12 to 14 that allow a financial institution to rely on the CDD conducted by another financial institution in a country having equivalent anti-money laundering laws and regulatory mechanisms. Furthermore, the specific data and documents relied upon by the referring financial institution need not be the same as those required in the home jurisdiction of the reliant financial institution.
The reliant financial institution must receive the necessary CDD information from the referring financial institutions but not the CDD documents, which must only be available from the third party financial institution on request.
The Third Money Laundering Directive also makes provisions in Article 37 for the Commission to make a determination that a country does not have sufficient laws and regulatory mechanisms in place for such reliance to be placed on its financial institutions.
Because they would still be ultimately responsible for CDD, under a risk-based system which permits reliance on third party financial institutions reporting entities would still be required to carefully assess the extent to which they are prepared to rely on the financial institutions in any given country and, beyond that, to particular financial institutions.
As this approach is becoming acceptable internationally in dealing with foreign financial institutions, it is clearly an approach that could be taken with regard to the referral of customers between reporting entities within Canada.
The implementation of this kind of regime in Canada would go a long way to relieving much of the unnecessary duplication of effort by financial institutions both domestically and in different countries.
Such a regime should also give consideration to the role of affiliates of reporting entities. While foreign affiliates could simply be considered third party financial institutions, the common ownership results in a greater community of interest between the reporting entity and the affiliate. In many cases the reporting entity and affiliate will be subject to enterprise-wide controls and consolidated regulation in the parent company's home country. In such cases consideration should be given to permitting reliance on foreign affiliates whatever their location, provided that in the event the country of location does not have sufficient laws or regulatory mechanisms the affiliate complies with Canadian requirements as regards CDD measures undertaken for the reporting entity.
|Recommendation 13: The Government of Canada should consider implementing regulations permitting reporting entities to rely on CDD measures conducted by other reporting entities in Canada, by financial institutions in countries with adequate anti-money laundering regimes in place in accordance with FATF Recommendation 9 and by foreign affiliates of reporting entities.|
Proposal 1.9 – Non-Face-to-Face Customer Identification Measures
We support the proposal for establishing alternatives to the review of government-issued documentation for verifying identity. However, we believe that the use of such measures should not be restricted to situations in which it is impossible to review documentary evidence of identity.
Data bases such as credit bureau records, land registries, voters rolls, city and telephone directories both current and historical as well as other methods such as employer confirmations can provide evidence of an individual's identity and life history that in total provide better assurance of identity than documents. Many of these are standard procedures in establishing a relationship.
The use of these methods in a risk-based system should be able to supplant the review of government documents for low-risk customers.
|Recommendation 14: The use of non-documentary methods of identity verification should be applicable where appropriate within a risk-based approach with regard to all customers or potential customers.|
Proposal 1.10 – Identification of Third Parties and Beneficial Owners
The IDA generally supports the proposal, subject to the caveats noted below, and itself passed amendments to IDA Regulation 1300 requiring its Members to identify and verify the identity of beneficial owners of corporate and other non-personal customers and the settlers and beneficiaries of trust accounts.
It is important to recognize the difference between beneficial owners – those owning the client – and third parties – those on whose behalf transactions are conducted. Beneficial ownership does not make the owner a third party and third parties are not beneficial owners. We suggest that it is best to keep the two relationships separated and analyze the necessity for and nature of the regulations separately. A recent decision regarding IDA Regulation 1300 by the British Columbia Securities Commission in the matter of Lines Overseas Management appears to indicate that the distinction is not clear in the IDA Regulation, and we are considering amending it accordingly.
|Recommendation 15: Regulations regarding the treatment of third parties should be wholly separate and distinguishable from those governing beneficial owners of non-personal accounts.|
The Consultation Paper proposes a threshold of ten percent ownership, directly or indirectly, to trigger an identification and verification requirement for corporations. While this is consistent with the IDA's regulation, the European Union Third Money Laundering Directive adopts a twenty-five per cent threshold, while noting that consideration will be given to reducing it in future to twenty per cent.
The exact threshold is in some sense arbitrary. Ten percent ownership hardly gives an individual control over the corporation, while for a determined money launderer a higher threshold may simply reduce the number of undisclosed nominees that must be found to give an appearance of legitimacy without risking background enquiries.
However, it is also important to legitimate international business that regulations be consistent between countries. Customers do not understand and are impatient with differing requirements when dealing with financial institutions in different countries and particularly when dealing with different subsidiaries or business units of multinational financial institutions. For that reason, we suggest that the Government of Canada consider making its threshold consistent with that of the European Union. In the event this happened, the IDA might consider revising its Regulation 1300, although that Regulation also has uses in regulating securities markets activities that might call for a lower threshold.
The Consultation Paper does not propose a threshold for identification of beneficiaries of trusts. Thresholds are designed to eliminate time-consuming and costly measures directed at parties of minimal interest. We see no reason why trust beneficiaries should not be subject to the same thresholds of interest as beneficial owners of corporations.
|Recommendation 16: The Government of Canada should consider a higher threshold for beneficial ownership requirements, consistent with the threshold in the European Union Third Money Laundering Directive. The thresholds should extend to the beneficiaries of trusts.|
The proposal would require reporting entities to obtain, verify and keep records regarding beneficial owners. It is unclear what information would need to be verified.
One possibility is that the ownership of ten percent and above interests be verified. This can be very difficult to verify, requiring corporate records that may be difficult to obtain or out of date and can in any event be readily falsified by those controlling the corporation, making actual verification of the ownership impossible. We recommend that reporting entities be entitled to accept information received from the authorized representatives of the entity with which they are dealing as to the identity of beneficial owners over the threshold without requiring specific documentation thereof. The information and source thereof should of course be recorded by the reporting entity.
The situation is the same for trusts. While some involve extensive documentation, there are many informal trusts for which there is little or no documentation.
|Recommendation 17: Requirements regarding the obtaining of information on beneficial owners of corporations and other non-personal entities and settlers and beneficiaries of trusts should be limited to the requirement to obtain the information from the authorized representatives of the entity and record the information and source.|
The second type of verification is confirmation of the identity of the beneficial owners as identified by the representatives of the entity. This requirement adds significantly to the burden on financial institutions since it can involve multiple parties, geographically dispersed who may not have much interest in co-operating or may resent having to take any trouble to, for example, arrange to present documentary evidence of identity to the reporting entity or its agent.
The addition of a verification requirement makes it particularly important to implement a risk-based approach and permit alternative methods of verification. The IDA adopted a flexible approach to the process, requiring that Members conduct sufficient verification procedures to give them reasonable grounds for believing that the beneficial owners are real people as described. A risk-based approach would permit alternative procedures depending on the nature of the entity and the business being conducted, and might range from very simple procedures in low risk cases to significant background checking including review of government-issued identity documents in high risk situations. The application of the risk-based approach should again be subject to guidelines and best practice which could be developed by the proposed advisory committee or other groups combining industry, government, regulatory and law enforcement expertise.
The problem is even greater with trusts, which are fundamentally different from corporations. The beneficiaries of trusts may include minor children, cover a class of persons or be indeterminate as to exact interest until the trust is collapsed. They therefore call for even greater flexibility.
The proposal calls for obtaining and verifying the identity of senior officers and directors of non-profit organizations (NPOs). There are many well-known NPOs for which such a requirement appears to be excessive. There are also countless small NPOs such as local sporting and fraternal organizations that raise funds to support their activities, and for which the procedures outlined would be excessive. While NPOs have been highlighted as potential conduits for terrorist funding, the extension of similar requirements to all NPOs appears to be excessive in most cases and insufficient in others. Once again, we suggest that a risk-based approach to the proposed requirements is more appropriate. We question, for example, whether registered charities should be subject to the requirements rather than having the Canada Revenue Agency conduct the appropriate checks prior to granting registration.
|Recommendation 18: Identification and verification of the identity of beneficial owners of corporate and other non-personal accounts, and of the settlers and beneficiaries of trusts, should be subject to a flexible standard permitting the use of a risk basis and methods appropriate to the specific customer details. Charities registered by CRA should be exempt from any requirements.|
Several types of corporations, trusts and other non-personal entities should be exempt from any requirements as beneficial ownership including publicly traded entities, which can include both corporations and trusts. Similarly, estates and other testamentary trust should be exempt. The Government of Canada should undertake careful study and consultation with the industry to ensure that all appropriate exemptions are identified prior to drafting final regulations in this matter.
|Recommendation 19: The Government of Canada should consult with industry to identify types of corporations, trusts and other non-personal entities that should be exempt from beneficial ownership requirements because there is little or no risk of their being used for money laundering or terrorist financing.|
As regards the identification of third parties, the IDA has already provided written comments on third party identification as applied to inter-dealer transactions in industry conducting extensive agency business on behalf of clients and in which the originating dealer maintains the client relationship and has full knowledge of all of the business directed to the correspondent dealer.
The Consultation Paper makes a blanket statement about third party identification requirements. At the very least, the exemptions currently available to securities dealers in Section 9(5)of the PCMLTF Regulations with regard to the third party clients of other securities dealers should be maintained.
Furthermore, the current exemption applies only to securities dealers conducting business solely in acceptable foreign jurisdictions. In some countries other types of financial institutions such as banks are
permitted to conduct securities transactions on behalf of clients. Some foreign securities dealers are also permitted under Canadian securities laws to conduct limited business with Canadian residents without registration, particularly with institutional customers and these dealers are technically excluded from the exemption while not being included in the AML/ATF requirements relevant to registered dealers. We suggest that the reasons for the limitation to securities dealers doing business solely outside of Canada should be revisited with a view to extending it to other types of financial institutions that conduct securities transactions on an agency basis and to relate it to transactions by such institutions on behalf of foreign clients.
|Recommendation 20: The exemptions from third party identification requirements current available to securities dealers under PCMLTF Regulation 9(5)should be retained and re-examined with a view to expanding it to other types of financial institutions that conduct agency transactions in securities.|
In this regard, consideration should be given to exemptions from both beneficial ownership requirements and most current CDD requirements for the securities trading accounts of financial institutions, both domestic and foreign, that are exempt from third party reporting requirements under PCMLTF Regulation 9.5. Such institutions early out securities transactions on behalf of clients. It is the clients that are of concern, not the owners or the institution or the traders authorized to give instructions to the Canadian dealer.
In a risk-based system the Canadian dealer would have to establish bona fides of the domestic or foreign financial institution, but they already do this in any event through ascertaining the entity's registration in the institution's home jurisdiction, membership in clearing organizations through which the transactions are settled or reference to other outside sources of information on securities dealers and financial institutions.
|Recommendation 21: Securities dealers should be exempt from the current CDD and proposed beneficial ownership requirements when opening accounts for domestic and foreign financial institutions for the purposes of trading in securities, subject to a general requirement that the dealer establish the bona fides of the financial institution. Consideration could be given to limiting such exemptions to those financial institutions subject to third party reporting exemptions under PCMLTF Regulation 9(5).|
Proposal 1.11 – Ongoing Due Diligence
The Consultation Paper proposes that reporting entities be required to monitor ongoing transactions on an ongoing basis and implement procedures to ensure that customer information remains up-to-date.
The proposal contains very little detail without which it is difficult to assess.
Reporting entities are already under an obligation to report suspicious transactions and implement policies and procedures that will enable them to comply with all anti-money laundering laws and regulations. Compliance with that obligation cannot be done without transaction monitoring. The proposal contains no information about what extra monitoring may be needed or what end it would serve, since monitoring for AML purposes is already implied in the Regulations. If the proposal is not backed by any specific requirements designed to fill gaps in the current regulations, it is redundant. If it is designed to deal with identified problems, those should be laid out for discussion with the financial services industry to determine the best approach to remedying them.
IDA Members are already required under Regulation 1300.1(a) to remain current on relevant information regarding their customers. In practice it is impossible to remain up-to-date on everything about a client. Certain information will be updated by force of necessity, such as changes of address for clients who receive trade confirmations and account statements through the mail. Other information that is not of immediate use may not be updated without the client volunteering the information, which many clients will not do if there is no practical benefit. For others there may be a disincentive for clients to update information; for example a corporate client will be reluctant to report changes in beneficial ownership if it means putting new beneficial owners through a verification process.
Proactive measures by a dealer are often triggered by transactions revealing a discrepancy between the known client information and the transaction details. Some dealers may go beyond such triggers and conduct cyclical updates either by contacting the clients or sending negative confirmation letters (no reply means no changes). However, depending on the cycle adopted even these will leave some account information out of date and even with the best will in the world the dealer is dependent on the client to provide the updated information.
The proposal makes no comment on what information would be considered relevant for this purpose or of any trigger for updating. As written it presents at least the possibility of unrealistic expectations and significant added expense with no analysis as to the benefits to be derived.
It is possible that either of these proposed requirements would fit within a risk-based system under which reporting entities would be expected to conduct a higher level of monitoring of high-risk customers, but the proposal as published suggests broader application and a true risk-based system has not been proposed.
|Recommendation 22: The Government of Canada should take no further action of Proposal 1.11 without providing greater detail regarding its purpose and expectations and determining whether it adds anything to existing requirements. Any more detailed proposal should be discussed with reporting entities to determine its feasibility and costs in order to properly weigh them against perceived benefits.|
Proposal 1.13 – Client Information Transmission on Electronic Funds Transfers (EFTs)
Proposal 1.13 would require reporting entities receiving EFTs to take reasonable measures to ensure that the EFT includes information regarding the originator of the EFT. Securities dealers generally receive any EFTs through their banks. It is unclear whether the requirement is placed on the bank or the dealer, what such reasonable measures might be or how the bank or securities dealer, which is merely the recipient of the EFT, would force the sending financial institution to provide the missing information.
Furthermore, it is unclear what the consequences of failure to obtain the information would be. Would the bank or securities dealer be forced to reject the EFT or cease accepting EFTs from the particular financial institution?
This matter is of particular concern to securities dealers because the EFT is likely to relate to settlement of a securities transaction already consummated. Any interference in that settlement process places the dealer at financial risk.
Reporting entities are already required to monitor transactions and report any that are suspicious of money laundering or terrorist financing. In some circumstances the receipt of payment through EFTs and/or the absence of originator information on EFTs might identify activity as unusual or help confirm it as suspicious. Outside of that context. the requirement to scrutinize for originator information threatens to create difficulties without providing obvious benefits.
|Recommendation 23: The Government of Canada should reconsider the proposal to require recipient reporting entities to take reasonable measure to ensure that EFTs include originator information.|
Proposal 2.1 – Reporting of Suspicious Attempted Transactions
The IDA supports the adoption of a requirement to report suspicious attempted transactions. We believe that much information useful to AML efforts can be derived from such reports. Many dealers have reported that in fact they frequently identify attempts to establish accounts and turn them away such that no transactions are ever completed.
However, because the dealer may receive little or no specific transactional data many of the details required to be reported under the proposal would not be available and the dealer may have obtained little in the way of documentation. Furthermore, the reporting entity may have limited opportunity to collect information once it has decided not to accept the account or transaction, therefore the collection of information to be reported should be subject to a best efforts standard.
We believe that the proposal should relate to specific activity that goes beyond the transactional, such as attempts to open accounts that raise suspicion of possible money laundering or terrorist financing intent as can arise when, for example, the information provided by the prospective customer does not check out or identity documents are questionable.
We recognize that the lack of specific transaction details may render some such information harder to analyze and furthermore that the lack of such details will require either the redesign of existing forms or design of new forms with fewer mandatory fields and more free text capabilities, but the received information regarding customer or would-be customer identity may nonetheless assist in identifying or fleshing out patterns of activity of interest to law enforcement.
We agree that the reporting of suspicious attempted activity should be subject to guidelines and recommend that they be developed through the proposed AML/ATF Advisory Committee.
|Recommendation 24: The reporting of suspicious transactions should be expanded to include activity suspicious of money laundering or terrorist financing even when no specific transactional data is available to the reporting entity. Reporting entities should be subject to a best efforts standard regarding the collection of information for suspicious activity reports.|
Proposal 3.2 – Creation of an Administrative and Monetary Penalties Regime
The IDA supports this proposal. We would simply suggest that FINTRAC undertake to work with existing regulatory regimes governing reporting entities to ensure that as far as is reasonable violations are dealt with only once by one agency. We have been encouraged by the flexible and co-operative compliance approach FINTRAC has taken to date and trust that it would continue in the application of enforcement procedures to AML compliance violations.
Proposal 3.3 – Sharing Compliance-Related Information with Foreign Partners
We support the proposal, but note that the ability for FINTRAC to share such information with foreign FIUs would help create the groundwork for allowing reporting entities to establish more cost-effective AML/ATF measures, including such things as enterprise-wide systems and procedures (i.e. crossing corporate boundaries within a group under common control), reliance on AML procedures conducted by affiliates in foreign countries and reliance on the CDD measures of third party financial institutions as suggested in Recommendation 13.
Proposal 5.1 – Creating a New AML/ATF Advisory Committee
We strongly support the proposal. However, as noted at various points in the above comments we believe that the mandate of the Advisory Committee should be expanded to include, whether directly or through issue-specific working groups as suggested, the development of guidance to be used within a true risk-
based approach. Furthermore, the Advisory Committee might well serve as a mechanism to advise on international matters such as the extent to which reporting entities could rely on CDD measures undertaken by financial institutions in specific countries.
Proposal 6.16 – Reporting Entities Going Out of Business
The proposal would transfer accountability for non-compliance violations to the directors of a reporting entity which goes out of business.
While we agree with the intent of the proposal, we believe that the target of ongoing accountability should be the controlling mind and management of the entity. Who falls within that group will vary from entity to entity and may include some but not all of the directors and some but not all of the executive management, whether or not they are directors. It may also include the party specifically designated as responsible for anti-money laundering compliance under PCMLTF Regulation 71(2)(a), who may be neither a director nor a senior executive officer of the entity. Furthermore there are reporting entities that are not corporations and do not have directors.
|Recommendation 25: Accountability for non-compliance violations in reporting entities that go out of business should be transferred to those individuals constituting the controlling mind and management of the reporting entity and any others specifically responsible for AML/ATF compliance. The Regulations should permit accountability to be determined on a case-by-case basis based on the specific facts of the reporting entity.|
Problems with the Current Regulations Not Addressed in the Consultation Paper
With reference to Recommendations 1 and 2 above, we have several concerns with the current PCMLTF Regulations that we believe should be addressed in the current round of revisions. We have pointed some of these out before, and no doubt consultation with reporting entities and other interested parties would elicit further examples. Therefore the following list of concerns is not presented as exhaustive.
1. Drafting of the PCMLTF Regulations
As noted in previous comment letters, the IDA and its Members have continued to find navigation through the PCMLTF Regulations and location of specific items difficult because of their organization and internal cross-references. For example, in order to arrange the requirements by topic, while covering all the different kinds of entities subject to the Act, sections 62, 64, 65and 66 contain different and sometimes multiple cross-references within each subsection to other sections and subsections of the Regulations. As support of this finding, we note that FINTRAC has felt it necessary to publish guidance that simply pulls together the existing regulations applicable to specific types of entities from the physical separation of sections affecting specific types of reporting entities and the morass of cross-references.
The IDA suggests that, given the importance of clarity and compliance, it would be much easier for those subject to the regulations to identify and understand the requirements if they were organized entity by entity rather than topic by topic, i.e. all requirements on banks and similar institutions would be given, followed by those on securities dealers, insurance companies, etc. While this would make the regulations longer in that some provisions would have to be repeated for each type of financial institution, we believe that the increase in length would be more than made up for by the improvement in clarity. Exceptions could be made for simple provisions that apply to all, such as section 71.
Furthermore, the multiple cross-references may play a role in inconsistencies in the Regulations such as the one noted regarding Section 23(1) of the PCMLTF Regulations described in our comments above on Proposal 1.7. Redrafting the Regulations as suggested would help identify such inconsistencies
In making this recommendation we acknowledge that adoption of a risk-based approach would eliminate the necessity of so many cross-references, which are necessitated by the need to provide exemptions to prescriptive regulations.
|Recommendation 26: The IDA recommends that the Regulations be re-organized so that all of the detailed requirements on each type of entity subject to the regulations are kept together and made continuous.|
2. Service Relationships
We previously requested that the PCMLTF Regulations deal with what IDA Regulations call introducing/carrying relationships.
IDA By-law 35 permits agreements between Members in which one Member, called the carrying broker, provides record keeping, custodial and other services to another Member, called the introducing broker. We understand that mutual fund dealers have similar relationships.
Technically under By-law 35, the client is considered to be the client of both the introducing and the carrying broker for certain purposes. The transactional records are maintained by the carrying broker and confirmations and monthly statements are sent to the client by the carrying broker. However, the point of contact with the client is the introducing broker, which is primarily responsible for obtaining of documents and agreements and know-your-client requirements, takes the clients transactional instructions and has access to all of the account transaction records.
As the carrying broker opens an account in the clients name, it is technically subject to the PCMLTF Regulations in doing so, even though it is the introducing broker that has the client relationship. We suggest that the Regulations should explicitly state that in this type of arrangement it is the introducing broker that is responsible for compliance with the Act and Regulations.
|Recommendation 27: The IDA recommends that where a reporting entity (the carrier) provides services to another reporting entity (the introducer) that involve the opening of client accounts at the carrier, but where the carrier has no direct contact with the client, the Regulations make it clear that the introducer is responsible for compliance with the PCMLTF Regulations.|
3. Commodity Futures Dealers
PCMLTFA does not currently apply to commodity futures dealers. Commodity futures can, in some instances, provide ideal vehicles for money laundering and commodity futures dealers receive from and deliver to clients cash and other financial assets. We see no reason to exempt them from PCMLTFA and risks in their not being covered.
|Recommendation 28: PCMLTFA should be expanded to cover commodity futures dealers.|
4. Definition of Securities Dealers
We noted in past comments the difficulties with providing an adequate definition of "securities dealer" for the purposes of PCMLTFA. The most recent amendments simplified the definition to make it include only securities dealers registered under Provincial securities legislation, but in doing so it restricted the application of the AML requirements too far, leaving gaps in coverage and creating an unlevel playing field for those in the securities business.
For example, there are dealers that are exempt from registration in most Provinces in that they only deal with wealthy clients – generally designated as "accredited investors" in the applicable regulations, in transactions in certain types of securities considered to be relatively safe for all investors, such as
Government of Canada bonds, or in certain transactions above a size threshold, such as private placements of securities in excess of a set amount.
In Ontario and Newfoundland those that engage only in exempt transactions are required to be registered as Limited Market Dealers and therefore PCMLTFA and the Regulations apply to them. In other Provinces they are not required to be registered. Clearly the ability to deal with wealthy customers in large size transactions and in some cases in highly liquid securities carries risks of money laundering, and such dealers should be subject to PCMLTFA requirements.
There are also other kinds of dealers emerging, dealing in such instruments as foreign exchange contracts that are designed never to involve an actual foreign exchange transactions, but whose status as either securities or commodity futures contracts is currently in some doubt. These kinds of dealers should also be subject to PCMLTFA requirements.
|Recommendation 29: The Government of Canada should consult with the Provincial securities regulatory authorities to identify all of the types of dealing that can be done without registration, including dealing by foreign dealers, and craft a revised definition of "securities dealer" that will be all-inclusive.|
5. Exempt entities and their subsidiaries
There are a number of exemptions to the current Regulations applicable to CDD measures regarding corporations, such as the verifications exemptions in section 62(2)(b) for public companies above a certain size.
We have previously commented on the size threshold and listing requirements in that regulation, which was originally designed for credit purposes and should not be relevant to the exemption. In a risk-based system a reporting entity would have to consider conducting extra CDD measures and monitoring for certain types of public companies such as unlisted companies with few or no operating assets, but a specific asset threshold would not be relevant and should not be established by regulation.
|Recommendation 30: The exemptions in section 62(2)(b) for public companies should not be subject to an asset threshold or listing requirements.|
The regulation does not deal with the opening of accounts for subsidiaries of exempt entities. In many cases a holding company that meets the current tests for exemption under section 62(2)(b) will operate through subsidiaries that will be the actual entities opening and operating accounts at reporting entities. Exemptions available under the regulations to parent companies should flow through to their operating subsidiaries.
|Recommendation 31: Exemptions from CDD requirements with respect to entities should apply to their subsidiaries.|
Thank you for the opportunity to comment on the proposed amendments to Canada's AML/ATF laws and regulations and your consideration of our comments and recommendations.
Lawrence N. Boyce
Sales Compliance & Registration
1. The Joint Money Launder Steering Group, Prevention of money launder/combating the financing of terrorism: Guidance for the UK financial sector taking account of risk – A consultation paper, March 2005, Introduction, p. 8, s. 2.8. JMLSG "comprises the leading UK trade associations in the financial services industry. It's aim is to promulgate good practice in countering money laundering and terrorist financing." The foreword to the consultation paper notes that the "proposals have been subject to discussion across a broad section of the industry, and with government, regulators and law enforcement, as part of the development process." [Return]
3. "Draft Directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering, and terrorist financing" available at
- Note: to read the PDF version you need Adobe Acrobat Reader on your system. If the Adobe download site is not accessible to you, you can download Acrobat Reader from an accessible page at: http://www.adobe.com/products/acrobat/alternate.html. If you choose not to use Acrobat Reader you can have the PDF file converted to HTML or ASCII text by using one of the conversion services offered by Adobe at http://www.adobe.com/products/acrobat/access_onlinetools.html.
- To view the RTF version, use the document conversion features available in most modern word processing software, or use a file viewer capable of reading RTF.
http://register.consilium.eu.int/pdf/en/05/st10/st10245.en05.pdf. We understand that the final directive is still being translated and the text verified. [Return]
5. 2005 BCSECCOM 144, British Columbia Securities Commission Weekly Summary Issue 01:10, Week Ending March 11, 2004. Paragraphs 23 and 24 of the decision note:
23 However, even if we were able to conclude that the exemption applied, or even that the dealers involved obtained the information required by paragraph (b) of Regulation 1300.1, that is not the complete answer. Paragraph 1300.1(b) specifies only one aspect of the general KYC requirement in paragraph (a) of Regulation 1300.1. It deals with the beneficial ownership of the corporate client opening the account. This has nothing to do with the identity of other persons having a financial interest in the account. Therefore, when a person other than the corporate account holder is identified as having a financial interest in the account, that has to mean something other than an interest by reason of that person being a shareholder of the corporate accountholder.
24 This brings us to the second aspect of particular interest, which is the more fundamental concern we have. The issue as we framed it was not the identity and beneficial ownership of Lines Overseas, but the identity of persons other than Lines Overseas who apparently have a financial interest in its accounts. This information, it seems to us, would be one of the "essential facts" that paragraph 1300.1(a) requires members to learn, and the paragraph 1300.1(c) exemption is not relevant to it.
The paragraph 1300.1(c) was in fact intended to cover those third parties who in a sense had a financial interest in a transaction for the account of a foreign securities dealer. This apparent failure in clarity exemplifies the dangers of mixing rules on third parties conducting transactions through entities with those regarding the beneficial ownership of those entities. [Return]