Criminal Record Checks and FINTRAC Registration: What MSBs and FMSBs and their agents and mandataries need to know

A purple and orange gradient graphic with The AML Shop logo and the words Criminal Record Checks and FINTRAC Registration. What MSBs and FMSBs and their agents and mandataries need to know

Introduction 

Are you a domestic money services business (MSB) or a foreign money services business (FMSB) applying for a new FINTRAC registration, renewing/submitting a change request for an existing registration and there has been a change in director or owner information? 

If the answer is yes and you are wondering about your obligations and requirements when submitting a criminal record check, read on.

The list of obligations for MSBs/FMSBs continues to grow!

As of June 1, 2021:

The requirement to submit a criminal record check during the registration process was first introduced, however, this requirement was limited to FMSBs only.

Criminal record check obligations were enhanced as of October 1st, 2025.

Here is what you need to know:

🟠 Both MSBs and FMSBs are now required to submit a criminal record check upon applying for a new FINTRAC registration.

🟠 MSBs are also now required to submit criminal record checks when renewing or submitting a change request for an existing registration AND there has been a change in director or ownership information

🟠 FMSBs are required to submit criminal record checks when renewing or submitting a change request for existing registrations, even if there are no changes in director or ownership information.

🟠 The requirement for criminal record checks now also applies to agents or mandataries that are acting on behalf of an MSB/FMSB.


Why are criminal record checks required?


At a high level it’s simple: FINTRAC wants to ensure that individuals or entities controlling MSBs are not using these businesses as fronts for illegal activity, including activities related to money laundering and terrorist financing (ML/TF). 

And to help meet international standards set by the FATF in 2025, Canada is taking a harder stance on ensuring MSBs and FMSBs are not run or controlled by criminal organizations.

You can think of criminal record checks as just another step in the vetting process of an MSB’s or FMSB’s regulatory compliance 🕵️


Who should be issuing Criminal Record Checks?


To date, we know many of our MSB/FMSB clients have had difficulty in processing their criminal record checks with FINTRAC, as FINTRAC is very strict about who issues the criminal record checks and how the documents are delivered to them.  


Our MSB team routinely hears that entities are having difficulty processing their criminal record checks. With that in mind, we would like to provide the following tips:

.

🟠  A criminal record check must be issued by a competent authority which is defined as “any person or organization that has the legally delegated or invested authority, capacity, or power to issue criminal record checks”. What this actually means is the criminal record check must be issued by a law enforcement agency or a person or entity that has the proper delegated or invested authority, capacity, or power to issue a criminal record check, through an agreement with a law enforcement agency or any other official documentation. 

🟠 A screening company (like an employment or HR agency) that is acting as an intermediary on your behalf, by collecting and transferring the personal information to a competent authority for criminal record check purposes, provides an aggregated report. This report is not acceptable to FINTRAC as the screening company is NOT a competent authority. Only the official criminal record check issued by the competent authority must be provided to FINTRAC, without alteration. You can ask the screening company if they are willing to release the official criminal record check.

❌ Do not cut corners here - checks will not get approved if you do not follow the obligations to the rule, thereby delaying, or even cancelling, your registration application. Going directly to law enforcement to get checks done will save you time, vs. using screening companies - and in the world of MSBs/FMSBs, time is money! Every day you lose not operating, is a day of revenue out the window 💸


Criminal record checks must always be submitted in English or French

If the criminal record check is in a language other than English or French, it must be translated and attested to by a certified translator. A certified translator is an individual that holds the title of professional certified translator that is granted by a Canadian provincial or territorial association or body that is competent under Canadian provincial or territorial law to issue such certification OR by a foreign organization or body competent under the laws of that jurisdiction.

FINTRAC has published a non-exhaustive list of Canadian translation associations to assist MSBs and FMSBs in obtaining proper documentation (https://fintrac-canafe.canada.ca/msb-esm/msb-eng#s6). 

You must also obtain the Statement of certification or proof that the translated document was issued from a competent and certified translator. This can be a certificate of authenticity signed by the certified translator and containing the translator's stamp or the translator's membership number.

The criminal record check, translation and certificate of authenticity should be scanned into a single document when submitting to FINTRAC.


When are criminal record checks required?


✅ For MSBs


A criminal record check is triggered as an obligation for MSBs when the entity is applying for a new registration or, when there has been a change to a director or individual who owns or controls 20% or more of the MSBs entity or its shares. 


A criminal record check is not required for MSBs who are looking to update their registration or when submitting a registration renewal and there is NO change in director or ownership.


✅ For FMSBs 

If you are an FMSB, you have more obligations, as your risk factors are higher. A criminal record check is ALWAYS required when applying for either a new FINTRAC registration or renewing an existing registration - regardless of if there is a change to the directors or ownership information.


✅ For MSBs/FMSBs that utilize Agents or Mandataries that are entities

Criminal checks are required for those in any of the following roles or titles (or their equivalent): 

🟠 Chief Executive Officer (CEO)

🟠 President

🟠 Directors

🟠 Any person that owns or controls, directly or indirectly, 20% or more of the entity or shares of the entity 


💡Pro-tip: Look beyond the surface.

FINTRAC looks at “Control in Fact”. If your agents are a husband and wife that each own 10% shares in the company - the spousal connection triggers FINTRAC to view this situation as an individual with 20% control indirectly (due to acting in concert). Also - if your agent is a holding company, you must look up the chain to find the exact individuals that indirectly own the entity. 

✅ For MSBs/FMSBs that utilize Agents or Mandataries that are Individuals

Criminal Record Checks must be obtained for the individuals themselves.

What you need to know about agent or mandatary criminal checks.

🕒 Timing counts.

You must review your agent and its criminal record status every 2 years as part of your overall ongoing monitoring and Know Your Agent (KYA) obligations.

Agent or Mandatary criminal record checks need to be obtained and reviewed before the MSB engages with the party and within 30 days after the second anniversary of the most recent review of the agent or mandatary (reviews occur every 2 years). 

🗓️ Example: if on January 1, 2026 the most recent verification and review of the criminal record check was conducted and the agent or mandatary is verified to still act on behalf of the MSB or FMSB, the criminal record check review and verification is due by January 31, 2028, which is within 30 days of the second anniversary.

✏️ Don’t ignore the who, what and where.

Criminal record checks need to be issued by a competent authority of the country in which the individual resides OR by an entity or authority authorized to issue documents within that country. 

💡 Pro-tip: Watch out for expired checks.

The Criminal Record Check conducted must be issued no more than 6-months before you use it.

For renewals, the check must be issued within 6-months from the day of your most current 2-year review

For new applications, the check must be issued within 6-months of the day you send your application to FINTRAC.


👀 Conclusion - There will be more coming.

As with anything compliance related, requirements are ever-evolving - and in the world of MSBs, the evolution of the regulatory landscape is progressively swift. 

This latest boost in requirements for criminal record checks reflects one of the many new steps that MSBs face today in their regulation.


And…you can expect regulation to continue expanding as FINTRAC increases their commitment to fight ML/TF as part of ongoing changes in this space as seen in:

📣 The passing of Bill C-12 (The Strong Borders Act)

🇨🇦 The approval of Bill C-15 (The Budget Implementation Act, No.1)

🌎 Increasing international pressures via FATF compliance standards. 

At The AML Shop we have helped hundreds of MSBs navigate compliance and “as-they-happen” regulation changes - We would love to support your business with anything compliance related including:


🔶 Advisory and Program Development

🔶 MSB registrations and Renewals 

🔶 Ongoing Advisory Support

🔶 AML Training

🔶 RPAA Services

🔶 And more!

Learn more

The Government of Canada Announces New Measures to Help Protect Canadians from Extortion

Graphic titled 'Protecting Canadians from Extortion' by The amlSHOP, featuring a stylized icon of a masked figure behind a protective shield with a Canadian maple leaf on a magenta and orange gradient background

By: Mark Ambrose (Principal, Anti-Financial Crime and Regulatory Compliance)

Background on New Measures 📝

On February 12, 2026, The Honourable François-Philippe Champagne, Minister of Finance and National Revenue, wrote a letter to the Director and Chief Executive Officer of the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Ms. Sarah Paquet[i], acknowledging that:

  • Extortion is a serious threat to Canada’s economic integrity and the safety and well-being of Canadians;

  • Extortion supports and perpetuates organized criminal activities;

  • The proceeds of extortion and associated organized criminal activity are laundered through the Canadian financial system; and

  • FINTRAC is an important partner in combatting these threats through the development of timely and high-quality financial intelligence necessary for law enforcement to take effective and prompt action.

Further to the above, on February 19, 2026, the Department of Finance released a public statement on new measures to help protect Canadian individuals and businesses from the injurious effects of extortion[ii].

In support of the above public statement, the FINTRAC published three Strategic Intelligence backgrounders:

  • Backgrounder: Targeted indicator profiles on laundering the proceeds of extortion[iii];

  • Backgrounder: Working in partnership with the private sector to counter extortion[iv]; and

  • Backgrounder: Establishment of a new liaison function to support efforts countering extortion[v].

These announcements highlight several new government initiatives aimed at strengthening Canada's capacity to detect, disrupt, and prevent extortion[vi].

Why this matters ✅: FINTRAC will expect that financial institutions will quickly update their risk assessments to incorporate the intelligence from these new bulletins, with consequential amendments to ongoing monitoring and training, based on our recent examination observations.

Extortion in the Media 📺

As widely reported in Canadian media[vii], geographical regions such as Brampton (Ontario), Surrey (British Columbia), Edmonton (Alberta), and Winnipeg (Manitoba) have been disproportionally impacted, following a wave of attempted extortions, shootings and arsons aimed predominantly at South Asian individuals and business owners[viii].

In 2025, 133 extortion threats and 49 shootings were reported to Surrey Police. In January 2026, there were a further 43 extortion threats and 10 shootings, with some conducted by what police believe are highly organized international gangs, and others believed to be carried out by smaller, local copycat groups[ix].

In 2023, Edmonton police launched Project Gaslight to respond to extortion threats and arson attacks on homes that began in the fall[x]. In 2024, 54 charges were brought against six people linked to the extortions of dozens of wealthy South Asian people. In the fall of 2025, five charges were brought against another person accused of three drive-by shootings in both Edmonton and Winnipeg[xi].

What is Extortion? 🤔

A generally accepted definition of extortion is the act or practice of obtaining a benefit (e.g., money or goods) from an individual, business, or group of individuals or businesses by force or threat of physical or psychological harm[xii].

Canada’s Criminal Code[xiii] states that a person commits extortion when, with intent, by threats, accusations, menaces, or violence, induces or attempts to induce a person to do anything or cause anything to be done.

Observations from the Department of Finance state that extortion activity is typically carried out by organized networks operating across borders and using digital platforms[xiv].

Government Actions to Combat Extortion 🛑

The key new measures include: 

  • Prioritizing Financial Intelligence Resources: FINTRAC will surge resources to combat extortion. This will enable law enforcement to receive more timely and relevant financial intelligence to identify criminal networks and support investigations.

  • Launching the Countering Extortion Partnership with financial institutions, government, and law enforcement: FINTRAC will work closely with Canadian banks, credit unions, and financial service providers of virtual assets, including cryptocurrencies, alongside partners such as the Office of the Superintendent of Financial Institutions (OSFI), the Royal Canadian Mounted Police (RCMP), and local police, where applicable, to enhance information sharing and share best practices to fight extortion.

  • Assigning financial intelligence experts to support police: FINTRAC will assign dedicated liaison officers to work directly with local law enforcement in the most affected areas, such as Ontario, British Columbia, and Alberta. These officers will provide specialized financial intelligence expertise, strengthen information sharing, and ensure that financial intelligence supports enforcement efforts, investigations, and prosecutions.

  • Providing financial institutions with clear guidance on how to detect extortion transactions: FINTRAC will issue Targeted Indicator Profiles (TIPs) to help financial institutions recognize extortion-related transaction patterns, facilitating quicker and more accurate reporting.

  • Publishing intelligence on how criminals move and hide extortion money: Strategic intelligence on laundering methods used by extortionists will be made public to aid detection efforts.

The above-identified actions will also build on broader federal measures announced in Budget 2025 to combat organized crime, including the creation of the new Canada Financial Crimes Agency, significant investments to strengthen the RCMP's investigative capacity, and enhanced coordination with law enforcement and intelligence partners[xv].

The federal government is also enhancing anti-money laundering and anti-terrorist financing (AML/ATF) regulations, with proposed reforms such as Bill C-12, the Strengthening Canada’s Immigration System and Borders Act (the Act). The Act proposes comprehensive reforms to AML/ATF supervision, compliance, and enforcement, including increasing AML/ATF civil penalties by 40 times their current level[xvi]. For more information on this, please read our comprehensive Bill C-12 update here


FINTRAC's Role and Strategic Intelligence  💡

Targeted Indicator Profiles

FINTRAC, as Canada's anti-money laundering and anti-terrorist financing (AML/ATF) supervisor and financial intelligence unit, collaborates with businesses and law enforcement to combat financial crime by producing strategic and tactical intelligence.

As part of the Countering Extortion Partnership, FINTRAC is developing Targeted Indicator Profiles (also termed TIP sheets) to share practical indicators and typologies related to extortion with financial institutions. This initiative aims to improve the detection and reporting of suspicious transactions linked to extortion, enhancing the quality of intelligence provided to law enforcement.

TIPs will be shared through trusted channels and updated based on feedback from private sector entities to keep pace with evolving criminal methods. These profiles will help businesses monitor extortion-related activities more effectively, supporting investigations and asset forfeiture actions.

To enhance operational support, FINTRAC will also establish a liaison function deploying Financial Intelligence Liaison Officers to work onsite with law enforcement agencies in priority regions. These officers will foster a timely exchange of operational insights and help law enforcement effectively leverage FINTRAC’s capabilities.

This focused approach builds on a successful model previously used to prioritize intelligence related to the fentanyl crisis. Expected outcomes include the rapid deployment of intelligence resources, improved law enforcement support, accelerated dissemination of intelligence products, and enhanced identification of money laundering trends linked to extortion.

Conclusion ☑️

For too many Canadian individuals and businesses, extortion is a reality of everyday life – one that brings fear, intimidation, and harm to communities and families alike, and that undermines all Canadians’ sense of safety.

The Canadian government is intensifying efforts to combat extortion by enhancing financial intelligence capabilities, fostering partnerships with financial institutions and law enforcement, and deploying dedicated resources to affected regions.

FINTRAC will play a critical role, and all reporting entities should pay close attention to the TIP sheets, expected to be published on or before March 31, 2026.

Furthermore, it will be critical that reporting entities ensure they have operationalized appropriate controls to detect and expeditiously report suspicious extortion-related transactions to FINTRAC.


REFERENCES:

[i] Government of Canada – Department of Finance; Letter from the Minister of Finance and National Revenue to the Director and Chief Executive Officer of FINTRAC; https://www.canada.ca/en/department-finance/news/2026/02/letter-from-the-minister-of-finance-and-national-revenue-to-the-director-and-chief-executive-officer-of-fintrac.html; Accessed March 1, 2026.

[ii] Government of Canada – Department of Finance; Government announces new measures to help protect Canadians and businesses against extortion; https://www.canada.ca/en/department-finance/news/2026/02/government-announces-new-measures-to-help-protect-canadians-and-businesses-against-extortion.html; Accessed March 1, 2026.

[iii] Government of Canada – Financial Transactions and Reports Analysis Centre of Canada (FINTRAC); Backgrounder: Targeted indicator profiles on laundering the proceeds of extortion; https://fintrac-canafe.canada.ca/intel/extortion-extorsion/profiles-profils-eng; Accessed March 1, 2026.

[iv] Government of Canada – Financial Transactions and Reports Analysis Centre of Canada (FINTRAC); Backgrounder: Working in partnership with the private sector to counter extortion; https://fintrac-canafe.canada.ca/intel/extortion-extorsion/partner-partenaire-eng; Accessed March 1, 2026.

[v] Government of Canada – Financial Transactions and Reports Analysis Centre of Canada (FINTRAC); Backgrounder: Establishment of a new liaison function to support efforts countering extortion; Backgrounder: Establishment of a new liaison function to support efforts countering extortion; Accessed March 1, 2026.

[vi] Government of Canada – Department of Finance; Government announces new measures to help protect Canadians and businesses against extortion; https://www.canada.ca/en/department-finance/news/2026/02/government-announces-new-measures-to-help-protect-canadians-and-businesses-against-extortion.html; Accessed March 1, 2026.

[vii]  The Globe and Mail; B.C. mayor says 20 additional RCMP officers to support anti-extortion operations; Wolfgang Depner; The Canadian Press; Published January 28, 2026.

[viii] The Globe and Mail; Surrey, Brampton mayors call for Ottawa to declare extortion crisis a national emergency; Wolfgang Depner; Vancouver; Published January 30, 2026.

[ix] Ibid.

[x] Ibid.

[xi] Ibid.

[xii] Wikipedia; https://en.wikipedia.org/wiki/Extortion; Accessed March 1, 2026.

[xiii] Government of Canada; Criminal Code (R.S.C., 1985, c. C-46); https://laws-lois.justice.gc.ca/eng/acts/c-46/section-346.html; Accessed March 1, 2026.

[xiv] Government of Canada – Department of Finance; Government announces new measures to help protect Canadians and businesses against extortion; https://www.canada.ca/en/department-finance/news/2026/02/government-announces-new-measures-to-help-protect-canadians-and-businesses-against-extortion.html; Accessed March 1, 2026.

[xv] Ibid.

[xvi] Ibid.

Be sure to reach out to one of our AML experts if you have questions about this article or AML Compliance.

Contact US

The March 2026 FINTRAC Advisory on FATF High-Risk Jurisdictions

An image with The AML Shop logo and the words AML Expert Updates and tagline We Help Keep FINTRAC Happy

Compliance teams take note 🚨

FINTRAC recently posted an advisory about High Risk and Jurisdictions under increased monitoring, following the recent Financial Action Task Force (FATF) February 2026 Plenary.

Reporting entities must review this advisory and adjust their risk assessments and compliance measures based on global shifts in money laundering and terrorist financing risk…and report to FINTRAC accordingly.

Key points from this advisory include: 

High Risk Jurisdictions subject to a call for action


These geographies are flagged as high-risk and are subject to Enhanced Due Diligence (EDD) and in certain cases, Ministerial Directives (countermeasures) are in place.


🔴 Democratic People’s Republic of Korea (DPRK) - subject to countermeasures

🔴 Iran - subject to countermeasures

🔴 Myanmar - subject to EDD

New additions to Jurisdictions under increased monitoring

These geographies are subject to repairing deficiencies to decrease their money laundering or terrorist financing (ML/TF) risk and are under increased monitoring.  Remember, FINTRAC expects reporting entities to perform EDD on jurisdictions under increased monitoring - and this should be noted in your Risk Based Approach (RBA). 

🔴 Kuwait

🔴 Papua New Guinea 

What does this mean for reporting entities? 

Risk Assessment updates. You must ensure you include in your RBA the updated FATF geographic risk profiles

Enhanced Due Diligence is mandatory. Enhanced scrutiny of transactions and dealings with these noted geographies is required, for example verification of source of funds and beneficial ownership (if dealing with a corporation or trust)

Suspicion Matters. Remember to file STRs regardless of geography if there is risk of a ML/TF or sanctions evasion offences; but for High-Risk and Jurisdictions subject to increased monitoring, you will need to perform EDD on these transactions - regardless of suspicion, to stay onside with regulators. 

At The AML Shop, our RBA and Financial Intelligence Unit can help your business with Sanctions compliance and ensure you are assessing your risk correctly and applying these principles in practice as part of your overall compliance. 

Reach out to us today to find out how We Help Keep FINTRAC Happy.

RPAA Expert Updates - Annual Reporting Updates from the Bank of Canada

INTRODUCTION

Attention PSPs regulated under the RPAA - we have information we know many of you have been eagerly anticipating ⭐

The Bank of Canada (BOC) has announced new resources regarding Annual Reporting.

REMINDER - Annual Reporting for all registered PSPs must be submitted prior to March 31, 2026.  And we are here to pass along to you everything you need to know!

Note, although reporting functionality is not yet live in PSP Connect, the BOC is encouraging PSPs to review their resources (listed below) in advance to help clarify the process.

Pro-tip ⭐ DM us to get in touch with one of our RPAA experts for extra assurance that you understand your obligations.

But for now, let’s discuss what resources are currently available to you, to get you on the path of completing your FIRST annual report like a superstar.

Available Resources via the BOC

🟠 Recorded Information Sessions

https://www.youtube.com/watch?v=6GOa8YskBPU

This information session hosted by the BOC is an ABSOLUTE MUST WATCH video resource designed to help PSPs understand and confidently prepare their 2025 Annual Report ahead of the March 31, 2026 deadline.

As your resident RPAA experts, we all agree that the information in this session is vital and that many of you will benefit from reviewing (covering many topics you have asked us about!)

The information session walks PSPs through what to expect during Annual Reporting and includes the following topics:

🌟 Overview of Annual Reporting Requirements

🌟 Who must submit the Annual Report

🌟 Preparing for submission

🌟 Timelines for annual reporting

🌟 A step-by-step walkthrough of PSP Connect annual reporting sections, including how to access, complete, submit, and amend the Annual Report form

🌟 Helpful resources, guidance materials, and where to get support

Key Highlights from this session:

  • The Bank has communicated that the reporting form will be available in PSP Connect the week of February 2nd, 2026.

  • All PSPs registered by March 30th, 2026 must complete the 2025 annual report.

  • PSPs that become registered between March 9th and March 30th 2026 will have an extension until April 28th, 2026 to submit the annual report (if needed); everyone else is required to submit the annual report by the regular deadline of March 31st, 2026.

  • Prior to accessing the annual report form, each PSP is required to confirm their  registration information is accurate or amend if required.

  • After submitting the annual report, and prior to March 31st 2026, PSPs are able to make an amendment to their submitted annual report by accessing PSP Connect and selecting the annual reporting section. PSPs can  select ”View Details”, and then select “Submit an Amendment”.


🟠 A Step-by-Step Guide to Annual Reporting

https://www.bankofcanada.ca/wp-content/uploads/2026/01/How-to-complete-an-annual-report-A-step-by-step-guide.pdf

The BOC published a comprehensive guide that gives you a step-by-step account of what questions will be included as part of the annual reporting form.

Reviewing and preparing answers for the annual report in advance will help during submission. PSPs are not required to complete the entire report at once, and are able to save their progress and return later to continue. The questions within the annual report are dynamic and will adjust based on how the PSP responds to earlier questions.

Key Questions from the step-by step guide:

  • Questions related to risk management and incident response, including if the framework was approved during the 2025 calendar year.

  • Questions related to measures in place during the calendar year 2025.

  • Questions surrounding how third party service providers were assessed in 2025

  • Questions regarding the means of how the PSP is safeguarding funds (in trust vs. insurance or guarantee).

  • Questions around the max value of end-user funds held and a month-by-month average.

  • Question on an estimated of the total value of EFTs broken down by payment method (for example card issuance, card acceptance, direct credit or direct debit, e-money or digital wallet, international remittance, Other).

  • Financial Information questions including the PSPs total revenue, operating expenses, profit or loss, total assets, total liabilities and total equity.

🔶🔶 Now, if you are keen and want to keep reading about these important updates, keep reading below! Or, if you are tired or strapped for time and would like one of our RPAA experts to support you, reach out to us today via DM or email contactus@theamlshop.ca

🟠 Information about annual reporting of retail payment activities metrics

If you are a registered PSP, understanding the reporting metrics required is critical for maintaining compliance. Fortunately, the Bank of Canada has clarified reporting requirements under the RPAA and the expected associated metrics. We have provided a summary below, but still encourage you to review the official document via the BOC here https://www.bankofcanada.ca/2024/10/annual-reporting-of-retail-payment-activity-metrics/

What needs to be reported?

The Bank endeavours to monitor the "ubiquity and interconnectedness” of the payments ecosystem. Thus, PSPs must report on four key quantitative metrics:

Fund Holding

💲The total value of end-user funds held.

A PSP holds end user funds if it keeps funds of a payer or payee at rest and pending a future withdrawal or transfer. This includes when the PSP is awaiting further instructions prior to  processing the transfer, and when the instructions are not for the immediate transfer and instead for a future transfer date.

Examples of when a PSP will hold funds include:

  • PSP receives payer funds and has not received instructions to transfer or is awaiting further instructions prior to processing the transfer to the payee.

  • PSP holds funds as a balance or in a wallet, until an end-user withdraws or transfers the funds.

  • PSP receives funds and instructions to transfer but the transfer date is dated in the future and the PSP is considered to be holding the funds until the future date arrives.

Transaction Volume

💸 The number and value of Electronic Funds Transfers (EFTs)

End-Users

👥 Total number of end users served

PSP Reach

💳 The number of other PSPs you provide services to.

Why this matters

The Bank of Canada uses these metrics to:

✨ Prioritize Supervision: Applying a risk-based approach to oversight.

✨ Enforcement: Determining proportionate actions or including administrative monetary penalties for non-compliance.

✨ Insights: Monitoring broader trends and issues in the retail payment space.

Compliance Tip ✅ PSPs are expected to take "all reasonable steps" to ensure data accuracy.  Providing false or misleading information is considered a violation under the RPAA.

🟠 Supervisory Policy on Annual Reporting

The BOC has also recently highlighted to PSPs that they should revisit the BOC’s Supervisory Policy on annual reporting.

Below we have prepared a quick summary of the key supervisory policy points when it comes to annual reporting, however we encourage you to read the BOC’s full supervisory policy here https://www.bankofcanada.ca/2024/10/annual-reporting/

Key Highlights:

Submission Deadline

The annual report must be submitted via PSP Connect by March 31st, each year - starting March 31st, 2026.

Reporting Scope

Reports must cover the previous calendar year’s activities and financial metrics should reflect the PSP’s most recent fiscal year-end.

What your report should cover:

The Bank will assess performance across several areas, including:

✨ Operational risk management and incident response frameworks

✨ Holding and safeguarding of end-user finds

✨ Ubiquity and interconnectedness (see retail payments activities metrics above for more  details ☝️)

✨ Record Keeping Practices

✨ Financial Metrics

✨ Any other information the Bank requires for its supervision of PSPs

Data Integrity

Remember, providing false or misleading information is strictly prohibited under Section 61 of the RPAA. It is also possible that the Bank may request follow-up information after a report is filed to verify compliance. Be accurate in all reporting...trust us, it matters.

Why reviewing the Supervisory Policy matters:

The BOC’s reporting structure supports a risk-based approach to supervision. A main objective of the RPAA is to ensure that Canada’s payment ecosystem remains reliable, transparent and secure for all end-users. Your business must stay up to date on the supervisory policy in order to fulfill its compliance obligations.

Compliance Tip ✅: Be proactive and review the full RPAA and RPAR guidelines to ensure your internal record-keeping aligns with the questions in PSP Connect. This will save you headaches (and extra time) at reporting time. If you need one of our RPAA experts to help distill what you need to know to make your documents the best they can be - we have worked on dozens of RPAA engagements and can help your business navigate this.

CONCLUSION

Annual Reporting is coming. Our advice is to stay as informed as possible, so you can remain diligent, get ahead of any potential mishaps and eliminate compliance issues in your reporting.

Our RPAA experts are on stand by to help you with all measures of RPAA compliance - including understanding Annual Reporting.

Learn more about RPAA SERVICES


Over $197 Million in FINTRAC Penalties issued to FMSBs

An image with a penalty document that reads FINE and virtual currency images with text overlay FINTRAC is watching, over $197M in penalties issued to FMSBs in the last 6 months

Enforcement trends are going sky high for FMSBs  📈

In the last 6 months, FINTRAC has taken a harder line than ever on the enforcement of regulated entities, and in particular against Foreign MSBs (FMSBs) that have routinely made volumes of non-compliance errors - with total penalties issued to the tune of over $197 million dollars. This all since July 2025…😱

Here are some key facts on violations that are getting FMSBs into hot water:


🚫 No Registration with FINTRAC.

This is non-negotiable. FINTRAC requires any entity that is considered an MSB in Canada (including foreign and virtual currency operators), must be registered with FINTRAC.


🚫 Multiple Violations and the “Per-Instance” Strategy.  

FINTRAC is actively leveraging their powers to penalize each infraction SEPARATELY and issue cumulative penalties. Meaning, for businesses like virtual currency operators that have high transaction volumes, penalties can really add up if non-compliance is rampant. For example, in the case of Cryptomus (fined nearly $177 million), over 1,000 STR violations were found - and each violation was penalized individually…Yikes. This per-instance style enforcement paired with potential new administrative penalties of up to 40X more (as tabled in proposed Bill C-12), could have entities seeing even higher record penalties. 

If you would like to learn more about proposed Bill-C12, read our article on this topic here.


🚫 Ministerial Directive Violations.

As part of anticipated shifts in legislation and the global AML FATF audit, to help the perception of increased security of our borders and illicit activities, tougher ministerial directives on sanctioned countries are now a reality and the enforcement against non-compliance is a big focus for FINTRAC.

Canada is a nuanced market and you need experts that know the intricacies of the local regulations and laws to help.  We have assisted hundreds of MSBs with their compliance and we would love to support yours. Reach out to us for a free consult today contactus@theamlshop.ca

Learn more about our MSB Services

Proposed Bill C-12 and AML

In June 2025, the Federal Government read proposed Bill C-2 (aka The Strong Borders Act) for the first time in the House of Commons. This proposed bill was highly scrutinized due to controversial policies surrounding lawful access and digital surveillance powers, resulting in a bill that would have been difficult to pass quickly.  As a result, Bill C-2 was paused, and Bill C-12 was introduced.

Proposed Bill C-12 eliminates the controversial policies from proposed Bill C-2 surrounding lawful access and digital surveillance powers that would allow law enforcement powers to basic subscriber information from any provider in Canada, without a warrant.

Additionally, proposed guidelines that would have restricted cash payments, donations and deposits over $10,000 and all third-party deposits (for non-bank businesses) were originally tabled in C-2, but left out of Bill C-12 as well due to their controversial nature. However, although these restrictions on cash transactions and deposits did not make their way into Bill C-12, they did not disappear entirely and have resurfaced in the 2025 Fall Budget (see our post on this topic here).

Pushing Bill C-2 forward would have been difficult because of these highly critiqued propositions and thus, the Bill has now been split into an “easier to implement version”…enter proposed Bill C-12.

Want to learn more? Below our experts have put together a recap for you of important things you need to know regarding AML and the new proposed Bill C-12:

➡️ Higher FINTRAC penalties and new cumulative caps are still expected.

If enacted, this bill would authorize FINTRAC to penalize up to 40X the current penalty structure. This means maximum penalties for very serious offences could skyrocket up to $20 million per offence. For cumulative violations, there would be a cap set at $20 million or 3% of gross revenues.

As you can imagine, for high revenue entities - multiple violations could result in penalties of hundreds of millions of dollars or higher 💸

➡️ FINTRAC enrollment requirements would still broaden by requiring universal enrollment.

All PCMLTFA reporting entities would have to be enrolled with FINTRAC and maintain their enrollment. If you don’t enroll or maintain enrollment, you could face consequences which could even potentially include the possibility of criminal charges.

FINTRAC’s current registration processes take months now, with only several thousand registrants. Prepare for a far longer delay when 30,000 businesses have to go through the enrollment processes.

Keep fear of regulators at bay. We can help you, just like we have helped hundreds of other companies and MSBs in their registration and enrollment process. 🤝

➡️ Anonymous Accounts prohibition.

Although this may seem obvious and already enforced, there is more to it than you might imagine. This amendment to the PCMLTFA would prohibit any anonymous accounts from being opened. However, if you dig under the surface, what this would really mean for regulated entities is that an account is deemed anonymous if the account opener cannot be verified under existing identity verification requirements.

No verified existence = no opened account 🚫

➡️ More scrutiny of compliance programs and effectiveness reviews.

FINTRAC would take a harder stance on its review of compliance programs and their component elements. FINTRAC would have the ability to levy fines and penalties where compliance programs and documents may exist but are perhaps not in FINTRAC’s judgement of being effective in mitigating money laundering, terrorist financing and sanctions risks.

The current standard of having a documented, written compliance program would no longer cut it.  It would have to be effective…not just tested routinely for its effectiveness.

And, failure to meet FINTRAC’s new compliance program standards in this proposed regime could result in a serious violation and cost your company millions of dollars in penalties.

The catch is understanding and knowing exactly what regulators are looking for here…as we predict, it will be highly subjective and industry specific. Remember, our experts have been involved in numerous FINTRAC exams and we have seen how things typically play out during an examination. Our in-depth experience in this area can help evaluate the benchmarks appropriate for your business and industry.

Because of the subjective nature of these proposed requirements, having an AML Shop expert on your side could save you a ton of headache. 💆

Conclusion:

Despite provisions from proposed Bill C-2 dropping off the current radar in the new revised legislation, select key elements remain proposed in Bill C-12 to help increase Canada’s efforts against financial crime and AML compliance.

Namely in:

🇨🇦 Significantly increasing Administrative Monetary Penalties

🇨🇦 The broadening of FINTRAC registration requirements

🇨🇦 Prohibiting anonymous accounts

🇨🇦 More scrutiny of compliance programs and effectiveness reviews

Our AML expert team has worked on volumes of engagements for all reporting entity types and can help you navigate how your business handles these potential new changes with accuracy and ease. Reach out to our team today to get started.

We Help Keep FINTRAC Happy.

CONTACT US

Canada's Fall 2025 Budget and AML - new $10,000 + Cash payments, donations and deposits proposed restrictions critiques

Image of a hand depositing money and a bag of cash with the text Cash Deposits over $10K & all third-party deposits proposed restrictions are back

In proposed Bill C-2, restrictions were introduced disallowing acceptance of cash payments, donations or deposits over $10,000 for most organizations, except Banks and Credit Unions with an additional blanket banning of all 3rd party cash deposits (regardless of amount, with exceptions to be prescribed).

After receiving much public critique, proposed Bill C-12 was introduced shortly after to replace proposed Bill-C2, eliminating these controversial measures.

But guess what? The proposed regulations were not left behind entirely - in actuality, they were paused - and are now BACK on the table...this time in the Government of Canada’s Fall 2025 Budget (also known as “Canada Strong”).

How this will ultimately shape within the regulatory landscape in 2026 is still to be determined - but critiques of these proposed regulations remain, including:

🔴 The possibility of unnecessary administrative burdens for developing new processes. There are many situations where cash deposits over $10,000 (especially since $10,000 is quite a low deposit amount) or transfers by a third-party over are indeed legitimate. For example, a family member sending funds to a relative in a foreign country, employee deposits into a company bank account or a parent depositing money into their child’s bank account all can constitute legitimate transaction types that should not be flagged or require enforcement – ultimately prohibiting these types of deposits could lead businesses to develop new processes to accommodate the law, resulting in administrative burdens.

🔴 Too many legitimate transactions will be prohibited.  Because acceptance of cash transactions over $10,000 will be banned for all businesses in Canada (excluding banks), many payments that are for legitimate reasons will be banned and might adversely affect groups that have large reserves of cash required for a transaction (for example, immigrants who are trying to pay for housing or school who may not have the correct banking channels established in Canada to send digital payments or inter-family transactions, for example, repaying a loan to a family member).

🔴 Negative impacts and losses for charities and non-profits that often rely on large cash donations. Many charities and non-profits also rely on very large cash donations to fulfill their mandates. These new policies would introduce a roadblock for charities and non-profits generating donation revenue...which is meant for good.

If you have any questions about how these regulatory changes if enacted could affect your business or clients, reach out to us today to connect with an AML expert.

CONTACT US

Bank of Canada - RPAA FAQ update on pre-approving insurance or guarantee products

Did you know that the Bank of Canada (BoC) has RPAA frequently asked questions (FAQs) that they update on a regular basis? 💡

In a recent newsletter, the BoC featured an FAQ that many of our clients have inquired about and we thought you might be interested in knowing their position:

“Will the Bank develop or pre-approve insurance or guarantee products that meet the requirements of the RPAA and Retail Payments Activities Regulations ❓”

The simple answer is no 🚫

The BoC will not pre-approve designs for potential insurance or guarantee products. The Bank’s role is to supervise PSPs that perform retail payment activities in order to determine whether they comply with the RPAA ✅

This ‘no pre-approval’ stance from The Bank of Canada highlights a core principle of the RPAA’s supervisory framework: the responsibility of compliance is entirely on the PSP.

This reinforces the importance for each PSP to independently conduct thorough due diligence aligning with the RPAA’s risk mitigation objectives. This diligence must ensure safeguarding of end-user funds when choosing a financial protection mechanism, whether that be insurance or guarantee products.

If your business needs help with due diligence or navigating how to choose insurance or guarantee products that are RPAA compliant, our in-house experts can advise. We have worked on volumes of RPAA programs and your business could be next to benefit from our expert support.

LEARN MORE ABOUT RPAA

RPAA Application Approvals Update

A banner with The AML Shop logo and the words RPAA Expert Updates PSP Registry news

Has your Retail Payment Activities Act (RPAA) application approval been delayed? 🏦 🇨🇦 

As we previously reported, the Bank of Canada’s Registry of approved Payment Service Providers is now live, with a list of registered PSPs published to date. You can also view applicants currently under review here

In a recent update, the Bank of Canada noted that some PSPs have received a notice from the Department of Finance stating that their RPAA registration may take an additional 60 days to process. 

Not to worry - these notices are routine and a standard part of the legislative process, but PSPs must be prepared for potential delays. 

Why does this delay occur in certain cases?

The Minister of Finance may need more time to determine if a national security review of the applicant is required. When the notice is issued, the period for the Minister to decide if a review is required is extended by 60 days.

Note, It is possible that the decision may be made and communicated before the 60 days has lapsed. 


Can the applicant ask questions if this happens?

Yes, they can - the applicant may reply directly to the email notice they were issued with any questions they may have. However you should note: the Bank of Canada does not have answers specific to questions regarding National Security Screenings - these questions must be directed to the Department of Finance. 

Virtually every MSB (who are now also considered PSPs) in Canada is regulated now under the RPAA - ease the friction with regulators and contact our experts today to find out how we can help you, help keep FINTRAC and The Bank of Canada Happy 😎

Learn more about rpaa services

Operationalizing RPAA Requirements Webinar

Struggling to translate Retail Payment Activities Act (RPAA) regulatory expectations into day-to-day processes? 

Join us on December 10th from 12pm-2pm EST for a focused webinar where we break down some best practices for operationalizing RPAA requirements, to better ensure PSPs compliance.

Topics to be discussed include:

📒Ledger Reconciliation

👥 Human & Financial Resource Planning

🛡️Third-Party Service Provider Risk Management

This session is hosted by The AML Shop’s Marcelle Dadoun (Principal, Program Design and Advisory) and Deanna Ladouceur (AML Advisor) and is a must attend for PSPs. 

Don’t miss your chance to get practical insights and pose your RPAA questions to us in advance, via our registration form.

Spots are limited!

REGISTER YOUR SPOT HERE

Important FINTRAC Update on the Ministerial Directive on Financial Transactions associated with the Islamic Republic of Iran.

This week there was a very important guidance update from FINTRAC below on the Ministerial Directive on financial transactions associated with the Islamic Republic of Iran.

FINTRAC has announced that the Iran directive is now applicable to ALL reporting entities (REs). Previously, only Financial Institutions and MSBs had to comply.

The guidance updates include:

❗All REs subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) must report every financial transaction to or from Iran, regardless of amount

❗Risk assessment of a sanctions evasion offence

❗New correspondent banking relationship requirements

If you are an RE, it is imperative that you update your program documents to reflect your compliance with these updates immediately. And, very important - you must now begin to report every financial transaction to and from this jurisdiction to avoid non-compliance and potential enforcement.

You can read the updated guidance here .

Reach out to us for more information on how our expert team can help you complete these updates accurately and swiftly. 

FINTRAC New Guidance on Private-to-Private information sharing

Recently, FINTRAC released crucial new guidance regarding private-to-private information sharing between Reporting Entities (REs) 🔐 

Private Information sharing is intended to help close gaps typically exploited by criminals and money launderers by enabling REs to obtain a more complete view of client activity and to better detect suspicious transactions.  

 The key takeaway?  

Information sharing is voluntary, but for those REs that wish to engage - they must do so legally according to the rules as set forth in the guidance. This includes: 

🟠 Establishing and implementing an internal Code of Practice for disclosure, collection and use of information. Codes of Practice are submitted to FINTRAC and the Office of the Privacy Commissioner of Canada (OPC) and approved by the OPC. The OPC has 120 days to review your application and provide a decision, with an additional 15-day extension if required. If no decision is communicated to you by the end of the review period, your Code of Practice will be deemed approved.  

🟠 The code of practice must be accompanied by an acknowledgement that each participating reporting entity has approved the code of practice and has consented to its submission to FINTRAC and the Office of the Privacy Commissioner of Canada. 

🟠 If your Code of Practice is approved, you may only share information with other reporting entities identified within your Code of Practice. Remember, information sharing is voluntary and not a mandatory requirement.  

What should a Code of Practice include?  

✅ The legal names and FINTRAC reporting entity numbers for all REs involved in private information sharing activities  

✅ A description of the personal information that may be shared, including the purpose for sharing and the way information is shared 

✅ Detailed measures to securely protect and retain shared information.  

✅ Your Code of Practice should demonstrate adherence with privacy regulations as set forth in the Proceeds of Crime (Money Laundering) and Terrorist Financing (PCMLTFA), meeting substantially the same or greater privacy protections as PIPEDA. 

Looking beyond compliance - why does having an approved Code of Practice matter? 🤔 

If your information sharing activities are completed in compliance with the PCMLTFA, regulations and in good faith, an approved Code of Practice could provide at least a soft layer of liability protection, although not a complete “safe harbour” for your business. 

Information sharing can be a complicated matter - especially when it comes to AML compliance, privacy and situations where REs may feel grey areas exist. 

Our team of AML and network of legal experts can help your business navigate these nuanced situations and figure out how to execute compliantly - please reach out to us today should you have any questions regarding this update or anything regarding AML and information sharing.  


CONTACT US

 

The National Risk Assessment 2025 and Why your Risk Based Approach Matters. 

With the release of the latest National Risk Assessment in Canada, now is the perfect time to ensure your Risk Based Approach (RBA) is in good order ✨ 

Recently, the Government of Canada published the 2025 Assessment of Money Laundering and Terrorist Financing Risks in Canada (aka the National Risk Assessment).  

All businesses regulated under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) have an obligation to assess and document their Money Laundering and Terrorist Financing Risks. 

What does this mean? 

Your company requires a Risk Based Approach (RBA) as part of your overall AML compliance plan and it should be informed by the latest National Risk Assessment (and of course the specifics of your own business and inherent risks involved…but we will get more into that later!).   

And remember - your RBA must be effective - it’s not enough just to have an RBA “on paper”, you need to demonstrate that your RBA is effective in practice. 

2025 National Risk Assessment Highlights 

The updated 2025 National Risk Assessment for Canada was created based on historical data, strategic intelligence and sector specific guidance and comes with notable updates, including: 

🟠 A focus on residual risk.  

Although the National Risk Assessment focuses on Canada’s inherent risk, the 2025 update notably highlights the importance of “Residual Risk”.  Determining the appropriate Residual Risk of a nation provides a true picture of faced risk and is the foundation for making effective policy and resource decisions.  

So, what is residual risk and how is it determined?  

 

In the National Risk Assessment, the residual risk of Money Laundering and Terrorist Financing (ML/TF) risk is determined by:  

✅ first, highlighting the inherent ML/TF risk that exists within Canada   

✅ then, analyzing existing mitigation measures that are in place to respond to this risk  

✅ and finally, noting the residual risk levels that remains after mitigation measures and controls are put in place.   

This process helps inform the nation’s overall approach to ML/TF risk, and regulators expect that reporting entities will use this blueprint in determining their own RBA.  

 Determining your residual risk is the cornerstone of a sound compliance program, as it will give you the clearest scope of the ML/TF risk your business faces.  FINTRAC requires that all reporting entities document their RBA, including noting all mitigation measures to control risk and then, establishing the residual risk that remains after those controls are put in place.  

 Failure to document this end-to-end process and demonstrate the effectiveness of your RBA and residual risk assessment is a big error…and a common and costly deficiency cited in FINTRAC penalty actions! 

🟠 There are Sector Specific changes to assessed risk, 

Below are a few examples of Sectors and Industries that have been highlighted in the National Risk Assessment:   

📄 Mortgage Companies:  Mortgage Fraud has been flagged as a high-risk vulnerability. Given this, the expectation will be that mortgage businesses will need to have stronger processes in place to mitigate risks. This is already evident as seen in the implementation of Beneficial Ownership Discrepancy reporting obligations, which became effective October 1st under the PCMLTFA. The Mortgage Industry is one of the industries that will need to comply with this update. 

🏡 Real Estate: with more ways than ever to conceal cash through a seemingly valid economic transaction, there will be a greater expectation for real estate companies to assess risk appropriately and demonstrate that their RBA is sound. Of critical importance will be identifying the possible misuse of funds in large cash transactions, anonymous ownership structures, over or under valuations, exploitation of assignment clauses and other real estate transactions that could potentially involve illegal funds. We are seeing more FINTRAC oversight in 2025 within the real estate transaction and this will continue to trend. For example, 2025 PCMLTFA requirements have recently expanded when it comes to client identification obligations and the addition of more newly regulated industries like Title Insurers (who are a vital player in real estate transactions).  

💰MSBs (this includes Crypto and Virtual Currency companies!) will face increasing scrutiny due to a high level of inherent risk because of high transaction volumes, speed of transactions, cross-border dealings and risk of sanctioned persons and geography clients. For these sectors, stronger AML processes, effective RBA’s and ensuring transparency in transactions with proper record keeping and filing of STRs, is more crucial than ever. In 2025 for non-compliant MSBs, we have seen record penalties issued by FINTRAC – to the tune of nearly $176 Million against FMSB (registered in British Columbia) Crypto MSB Xeltox (operating as Cryptomus) – and FINTRAC’s priority is to continue ramping up on enforcements here. 

 

How exactly does FINTRAC approach enforcement and penalties when it comes to RBA’s?   

As, far as enforcement and penalties go -  FINTRAC does not take a prescribed or linear approach when it comes to expectation of a risk assessment and how they penalize non-compliance; but what is certain is that avoiding enforcement and penalties requires an effective, proven RBA in your AML compliance plan (it is not enough just to have documentation stating your RBA, your actions must demonstrate adherence to your RBA).  

 
FINTRAC will be ensuring reporting entities are considering the National Risk Assessment within their RBA’s – and deficiencies in implementing these guidelines can result in sky-high penalties and reputational damage.  

How Can We Help? 

Taking a Risk Based Approach is essential for your overall compliance health.  

Our team can help upgrade your RBA by: 

🔶 Assessing your company’s inherent risks, including your client base, geographic risk, technology or factors specific to your business that might indicate Money Laundering or Terrorist Financing Risk 

🔶 Determining an acceptable level of risk for your organization and establishing thresholds within your compliance program  

🔶 Implementing compliance processes and strategies to help you determine risk including, Enhanced Due Diligence processes, KYC (Know Your Customer) Protocols, Record Keeping, Transaction Monitoring and Reporting, application of ministerial directives and ongoing monitoring of ML/TF risk and effectiveness

 

What are your next steps? 

Get valuable expert help! 

Our team has routinely engaged with clients that need their RBA refreshed and we have been present for hundreds of FINTRAC exams – we KNOW what regulators are looking for and what is truly valuable within a compliance program.  

In this risk-focused regulatory landscape, now is the time to reach out to us and learn about how our experts can help with your RBA. Contact us via the form below or email contactus@theamlshop.ca

We Help Keep FINTRAC Happy.  

 


 

Bishnoi Gang listed as Terrorist Entity by Public Safety Canada

Newly listed Terrorist Entity alert 🚨 You are going to want to read this update as this impacts a variety of entities and businesses subject to Anti-Money Laundering regulations.

Recently, Public Safety Canada named the transnational criminal organization Bishnoi Gang as a listed Terrorist Entity under the Criminal Code of Canada.

Criminal organizations like the Bishnoi Gang threaten the security and safety of the nation and our citizens - and much of the reason why they can operate and proliferate is due to the flow of illicit money that funds their day-to-day illegal operations.

FINTRAC is emphasizing their enforcement of Sanctions related offences more than ever to stop the illegal activities of Listed Terrorist Entities…. And you need to take note of the following compliance requirements 📝

✅ Suspicious Transaction Reports (STRs)

You must report any transactions (whether completed or attempted) where you have reasonable grounds to suspect Money, Laundering, Terrorist Financing or Sanctions evasion offences; and this applies to interactions with Listed Terrorist Entities - like the Bishnoi Gang.

✅ Compliance Program Updates.

FINTRAC requires you to keep your risk assessment and processes up to date for newly Listed Terrorist Entities. You must always ensure your company records are up to date with any new additions to this list.

And yes…it is expected that you comb through retroactive transactions and consider submitting reports as required.

✅ Prohibited Dealings

Reporting entities are prohibited from dealing in money or property owned or controlled by listed entities and from providing financial services that will benefit terrorist groups. As you can imagine, the threat of illegal activity via listed entities can span a variety of entities and industries including Financial Services, MSBs, Real Estate, Securities, Mortgage and more…

Get onside and reach out to one of our experts today to discuss how to incorporate or strengthen your sanctions compliance within your overall AML objectives.  We have helped hundreds of clients nationwide be compliant and avoid enforcements - and you could be next!

Contact US

Retail Payment Activities Act - Bank of Canada releases registry of Payment Service Providers (PSPs)

🚨 Update: The Bank of Canada has published their registry of payment service providers (PSPs), registered under the Retail Payment Activities Act (RPAA). This list will be updated regularly as applicants become approved. 

We know our PSP followers and clients will want to check the registry to see their status. You can consult the registry here https://tinyurl.com/5crcauwv

Additionally, the bank has also published (as promised) a list of applicants under review  https://tinyurl.com/3ymkkuu4

Our RPAA expert team is on standby to support you with any questions you may have. If you have been approved or are under review and need support, reach out to us to find out how We Help Keep the Bank of Canada Happy 😎

CONTACT US

Canada's AML Powerhouse, TAS, goes global in fight against financial crime

TORONTO, 30 September 2025 -- The AML Shop (TAS), the Canadian anti-money laundering (AML) consultancy and compliance solutions provider leading the fight against financial crime, today announced a significant strategic investment from London-based venture studio, Big Ideas Group (BIG).

The deal marks TAS’s transformation from national advisory leader into a global force in financial crime compliance, with expansion into both the US and UK already underway and a wave of new services and solutions slated for 2026.

TAS serves companies across a wide range of sectors, from banking, insurance and mortgages to real estate, crypto and casinos, with AI increasingly powering the solutions it provides.

The urgency is clear: Less than 1% of the world’s laundered money is intercepted, leaving an estimated $2 trillion flowing freely through the global financial system[1].

With regulators applying ever more pressure and financial crime becoming increasingly sophisticated, institutions need not just cutting-edge software but expert-led insight, faster execution and future-ready tools. TAS delivers all of this and more.

Backed by BIG, a London-based venture studio with extensive experience in AML and financial technology, the firm is now accelerating into the UK and US, scaling its Financial Intelligence Unit (FIU) and investing heavily in AI-driven compliance technology.

Importantly, TAS will remain fully independent, with its existing leadership, people, and values intact — while gaining the firepower to think bigger, move faster and deliver robust, future-proof AML solutions at scale.


Matt McGuire, Principal & Co-Founder, TAS, commented:

“Financial crime is getting smarter. While AI is reshaping the tools available to fight it, it is also increasing the threats we face. Yet the industry still drowns in false positives with around 95% of alerts going nowhere, wasting thousands of hours and driving financial exclusion. Our mission at TAS is to make AML functional, affordable and accessible to businesses in multiple sectors. This investment gives us the scale, expertise, and reach to expand into the UK and US while keeping our independence and leadership exactly as they are today. What changes is our ability to move faster and give clients the confidence to stay ahead and stay compliant.”


Monika Cywinska, Principal & Co-Founder, TAS, added:

“TAS has always combined deep AML expertise with practical solutions. With BIG’s backing we can now accelerate our Financial Intelligence Unit (FIU), an elite force of financial crime first responders harnessing AI and emerging technologies to help clients worldwide strengthen their defences, outpace regulatory change and stay ahead of increasingly sophisticated threats.”


Sebastian Gray, Founder, Big Ideas Group, commented:

“TAS has built something rare: a trusted, independent firm with a culture clients love and AML expertise they can trust. With global demand for smarter compliance surging, we believe TAS has the potential to become the go-to brand in AML internationally and are excited to back that journey. It offers an end-to-end service for financial institutions, fintech platforms and businesses in countless other sectors seeking smarter, faster and more cost-effective compliance.”

1. World Economic Forum (Global Coalition to Fight Financial Crime)

For more information, pics and interviews, please contact: 

Newspage.agency

agency@newspage.media 

+44 7507 706434


About TAS

The AML Shop (TAS) is Canada’s leading anti-money laundering advisory and managed services firm, working with financial institutions and regulated entities across the country to deliver expert-driven compliance, investigation, and risk solutions.

https://www.theamlshop.ca

About BIG

Big Ideas Group (BIG) is a London-based fund investing in purpose-led, high-growth fintech and financial services companies. Its portfolio includes innovators in AML, local banking and digital tools helping financial institutions thrive.

https://www.bigideasgroup.co.uk

Beneficial Ownership Discrepancy Reporting - Steps to take starting October 1st

infographic from The AML Shop on steps to take for beneficial ownership discrepancy reporting in Canada,

October 1st is almost here and so is Beneficial Ownership Discrepancy Reporting

As of October 1st, FINTRAC reporting entities will be required to report to Corporations Canada any material discrepancies identified between the beneficial ownership information that they have obtained and the information related to individuals with significant control (ISC) that is available in Corporations Canada's database. 

Reporting entities will have to submit discrepancy reports when they determine that an active corporation incorporated under the Canada Business Corporations Act (CBCA) poses a high risk of a money laundering offence or terrorist activity financing offence. 

Reports are made directly to Corporations Canada, via their website and will need to be made within 30 days of discovering the discrepancy, unless the discrepancy has been resolved within 30 days of being identified. 🗓️

Now here’s the fun part where we break down the process and explain what could indicate a material discrepancy…

ENROLL IN FINTRAC’S WEB REPORTING SYSTEM

In order to submit a discrepancy report, the reporting entity must first be enrolled in FINTRAC’s Web Reporting system. If you are not yet enrolled, you must work with FINTRAC directly. 🤝


CREATE A “MY ISED ACCOUNT” 

Once enrolled in the FINTRAC Web Reporting System, reporting entities will also be required to create a “My ISED Account” - you can find instructions for doing so here.

CROSS-CHECK AND DETERMINE DISCREPANCIES

When you have a high risk client, you will cross check your high risk client Beneficial Ownership records information with the ISC information found in Corporation’s Canada’s database. If there are any discrepancies related to the ISC information, you will scroll to the bottom of the corporation’s results page, log into your My ISED Account and follow the instructions for submitting the discrepancy report. ☑️

HOW TO DETERMINE IF A DISCREPANCY IS A “MATERIAL DISCREPANCY”

Although FINTRAC and Corporations Canada have not yet formally released a list of material discrepancies, here are some examples of situations where a material discrepancy could arise:

🟠 Beneficial Owners found in the registry are different individuals vs. your records

🟠 You spot any differences in stated percentage of ownership or control of the corporation

🟠 Identity Information does not match what your client has provided to you. For example: addresses, names, dates of birth or citizenship of owners

🟠 Any indication or information that suggests public records are inaccurate


And if any of the above occur in tandem with a high risk client, this is when your obligations to report a discrepancy are triggered. 


NEXT STEPS

Recently, Corporations Canada released some guidance to help reporting entities with these new obligations and reporting material discrepancies. We strongly encourage you to review in advance of October 1st.  

And of course, like many things in AML, there are interpretations and nuances when it comes to figuring out what constitutes a material discrepancy and when risk is present.  That’s why the safest bet is always to leave it to the experts! 🤓

Our AML team has helped numerous clients reduce the regulatory burden associated with beneficial ownership, using technology led approaches that minimize client friction. ✅

Reach out to us today if you have any questions about these upcoming changes to your obligations or if you want to learn more about how We Help Keep FINTRAC Happy. 

Up the learning curve – AML training - Michael Ecclestone in Money Laundering Bulletin

The AML Shop's Michael Ecclestone is back with another feature in Money Laundering Bulletin titled:  “Up the learning curve - AML Training”.

This article highlights how the world of AML training is changing and discusses best practices in developing knowledge, understanding and skills - all of which are now largely driven and delivered by AI. 

From the article:

“AI has the ability to identify opportunities to make it (training) more relevant for specific audiences, skillsets, goals and outcomes.” And the move away from relying on “ one PowerPoint deck that everybody has to click through once a year and press ‘Ok’, so the computer knows you’ve done it, to actual targeted outcomes that are almost microtrainings…” 

 Read more about what Michael has to say on this topic…read the full article below!

Read Article

Checking your RPAA Application Status

PSPs… don’t forget, you can check your application and registration status with the Bank of Canada via your PSP connect portal.

We know that with the RPAA coming into effect this week, many of you are eager for updates on your application status. 🔄

With that in mind, we have supplied a useful screenshot below of the details that you will see when checking your application status in PSP Connect, along with each step of the review process, including reviews by the Bank of Canada, FINTRAC, and the Department of Finance…with the most important part - the decision! 

Know that The AML Shop is *always* here to help with anything RPAA related. Contactus@thamlshop.ca with any questions you may have and someone from our team will be in touch.

The RPAA is here.

The Retail Payment Activities Act (RPAA) - applicable to virtually every MSB (who are now considered PSPs) - is now in effect.

What does this mean for PSPs?

🔶  You should have by now applied for registration under the RPAA

🔶  Supervisory Requirements come into effect on today

If you have been approved as a registered PSP, you are now regulated under the RPAA 🎉

New obligations are set forth in the act and you must now comply with:

🔴  Operational risk management

🔴  Safeguarding of end-user funds

🔴  Reporting Obligations under the Retail Payment Activities Act (RPAA)

For a full recap of detailed expert insights and key-dates you need to know about the RPAA, be sure to check out our RPAA expert article series straight from our in-house RPAA team.

LEARN MORE ABOUT THE RPAA