March 2014
description
Transcript of March 2014
March 2014
New FINTRAC Rules and an AML Compliance program
Earleen MoultonSenior Legislative and Compliance Consultant
Requirement: AML Compliance Program
• Advisors, firms, MGAs, just as insurers, must establish a compliance program for themselves and their employees/advisors that includes the following key elements:– Appointment of a compliance officer– Establishment of compliance policies and
procedures– Regular reviews of these policies and procedures– Provide training to people who act on their behalf
(employees and advisors)– Document a risk assessment, take appropriate
precautions
New Regulations – overview
• Additional information collected at start of business relationship Know your client
• Enhanced customer due diligence (CDD) • Continue to know your client and stay connected• Show your work
• Manage risk • Stay close to high risk clients
• Advisors will need to be proactive• Keep good records• Provide complete and specific information
Business relationships
Defined as ‘a relationship you establish with a client to conduct financial transactions or provide service related to those transactions’
Additional information to collect at start of business relationship Intended use and purpose
Identify in writing the nature of the relationship Keep notes & records of measures to monitor relationships,
information you obtain New entity requirements
Ongoing monitoring
‘Periodic and risk-based’
Includes: • Following your policies & processes to detect
transactions that are required to be reported• Keeping client ID info current (use direct and indirect
means)• Reassessing the level of risk associated with client’s
transactions and activities • Determining whether transactions or activities of clients
are consistent with the information obtained/recorded about the client, including their risk assessment
Enhanced monitoring measures
• More frequent and stringent checks – business relationships – especially for high risk clents
o More frequent, regular assessment of risko Must keep ID updated o Intended use and purpose up to dateo Enhanced monitoring of transactions (consistent with
intended use and purpose)
Examples of enhanced measures
• Obtaining additional information on the client• Obtaining detailed information on the reasons
for the intended or conducted transactions • Identifying patterns of transactions that need
further examination or review• Increased monitoring of transactions of higher-
risk products, services or channels(internet sales)
Enhanced customer due diligence (CDD)
• Retain more info about corporations and other entities to establish ownership, control and organizational structure
• Previous “reasonable efforts” changed to “mandatory” for some requirements ID requirements of most senior active manager of the entity ascertaining signing authority for entities Intended use and purpose of the product(s)
• Consider as high risk• Conduct enhanced on-going monitoring• Keep records of attempts to obtain info
Beneficial owners
• Must keep ID• Owner information• Intended use and purpose, keep it up to date• Risk based
Tools available
• FINTRAC’s site– Guideline 4: Implementation of a Compliance
Regime – www.fintrac.gc.ca
• RepNet under Advisor Support > Compliance > Money laundering & terrorist reporting>
‘Guide to creating an anti-money laundering and anti-terrorism financing program’
• MGA’s tools
List of documents/tools on RepNet
Compliance program template
• Customize to your operation• Fields that are to be filled out are in blue• Please make sure you follow the instructions in
red• Delete instructions (in red) before printing
Self-review of compliance policies and procedures worksheet – RepNet : Advisor Support > Compliance > Money laundering & terrorist reporting
To help ensure your business is compliant with policies and procedures required under the Proceeds of Crime (Money Laundering) & Terrorist Financing Act, you should periodically review your business practices. Done regularly, these reviews will help determine if your business has policies and procedures in
place to comply with legislative and regulatory requirements, and whether those policies and procedures are being adhered to. Date of review: __________________ Name of person completing review: ______________________________ Signature of principal: ______________________________Compliance items Yes No Comments
Appointment of a compliance officer
1. I/We have appointed a Compliance Officer for our practice.
Written compliance policies and procedures
2. Within the past year, I/we have reviewed the criteria and process for identifying and reporting suspicious transactions and terrorist property and have established policies and procedures in this regard.
3. I/We are aware of the requirements under the legislation for record keeping.
4. I/We have reviewed the requirements under the legislation for client identification and verification and I/we collect all information required on product applications, or as required, for each particular line of business.
Sample policies and procedures
• Show your commitment to prevent, detect and address non-compliance
• Level of detail depends on– needs and the complexity of advisor’s business. – risk of exposure
• Review policies & procedures, steps to reporting– Can be adopted and customized– On RepNet
Risk assessment
• Required to have an assessment and documentation of risks related to money laundering and terrorist financing appropriate to the advisor’s practice
• Refer to the risk checklist in FINTRAC’s Guideline 4. This will help you:– Identify potential high risks of money laundering &
terrorist financing – Develop strategies to mitigate risk
Questions...
I’m around all day!