Are you an early stage FinTech and need money laundering act guidance or an AML solution?
Discover ComplyLaunch™, our automated solutions package for early stage FinTechs.
Register NowCanada is the second-largest financial destination in North America after the United States and hosts diverse business interests from across the world including commercial fintech service providers. While Canada has a developed a modern financial system, recent high-profile criminal incidents have exposed structural vulnerabilities to a range of money laundering and terrorism financing activities including many that affect the fintech industry. Therefore, Canada’s AML requirements for Fintechs need to be seriously considered.
In 2016, the Financial Action Task Force (FATF) pointed out Canada’s shortcomings in an evaluation, prompting the Canadian government to increase its focus on addressing AML requirements in Canada and in the fintech industry at a federal and provincial level.
Given that increased focus, and the significant penalties for noncompliance, fintech firms in Canada should be familiar with their regulatory obligations, and how to deploy appropriate AML/CFT measures to detect and prevent money laundering.
Like banks and other financial institutions, fintech service providers in Canada must abide by both public and private legislation at the federal and provincial levels. These Canadian AML requirements include:
Fintech regulations: Certain Canadian financial regulations are specifically relevant to fintech service providers. These include the Personal Information Protection and Electronic Documents Act (PIPEDA) which protects personal information handled by private sector firms, and the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).
The PCMLTFA is particularly important because sets out the regulations for CFT/AML compliance in Canada and requires all firms, including fintech service providers, to:
PCMLTFA Amendments: In 2018, the PCMLTFA was amended to modernize and align Canada’s AML requirements with international standards. The amendments introduce a definition of virtual currency and expand the scope of the legislation to cryptocurrency exchange and wallet providers. The amendments will come into force in Canada in 2021.
Fintechs may also be subject to provincial AML/CFT laws that vary based on the sector in which they operate. Fintech firms that are involved in the securities market, for example, are regulated at the provincial level by securities commissions. Similarly, provinces may impose their own data privacy and cybersecurity regulations.
Canada’s primary financial regulator is the Financial Transactions and Reports Analysis Centre (FINTRAC), which is responsible for identifying incidents of money laundering and terrorism. Fintech firms in Canada must report to FINTRAC when they detect suspicious activity that could indicate money laundering is taking place. FINTRAC maintains a national register of money services businesses and works with other law enforcement agencies to conduct investigations into fintech firms and other financial institutions that are suspected of wrongdoing.
Discover ComplyLaunch™, our automated solutions package for early stage FinTechs.
Register NowFintech firms may face specific AML/CFT risks depending on the sector in which they operate. Certain weaknesses in the industry, presented by products such as prepaid cards or remittance services, may also present opportunities for money launderers. With that in mind, specific AML risks and vulnerabilities for fintech firms include:
Structuring: Criminals may seek to take advantage of different Canadian fintech products or service providers in order to engage in multiple transactions, structing the introduction of their illegal money into the legitimate financial system without triggering AML measures.
Under FATF recommendations and the AML requirements of Canada as part of the updated PCMLTFA, fintech firms must put a risk-based AML/CFT program in place in order to achieve regulatory compliance. In the fintech industry, it is particularly important that firms deploy suitable Know Your Customer (KYC) measures in order to verify customer identities and understand the ways in which those customers use and interact with their fintech products. Accordingly, an AML program must include the following due diligence, screening and monitoring measures:
See how 1000+ leading companies are screening against the world's only real-time risk database of people and businesses.
Request a DemoOriginally published 06 January 2021, updated 19 May 2022
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).