Government of Canada / Gouvernement du Canada
Symbol of the Government of Canada

Search

Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (SOR/2002-184)

Regulations are current to 2024-03-06 and last amended on 2022-06-29. Previous Versions

PART 5General Provisions (continued)

Record-keeping (continued)

 Every record that is required to be kept under these Regulations shall be kept in such a way that it can be provided to an authorized person within 30 days after the day on which a request is made to examine it under section 62 of the Act.

PART 6Exceptions

Payment Card Processing Activities

 Sections 7, 10 to 14, 16, 85 to 88 and 116, subsections 123(1) and (2), sections 135, 138 and 145 and subsection 148(1) do not apply to the activities of a financial entity in respect of the processing for a merchant of payments by credit card or prepaid payment product.

Electronic Funds Transfer by Credit or Debit Card or Prepaid Payment Product

 Paragraphs 7(1)(b) and (c), 12(o) to (q), 13(f) and (g), 14(1)(h) and (i), 70(1)(b) and (c) and 74(2)(c) to (e), clauses 86(a)(iii)(B) and (F), subparagraphs 116(1)(b)(i) and (ii) and paragraphs 120.2(3)(a) and (b) do not apply in respect of an electronic funds transfer that is carried out by means of a credit or debit card or a prepaid payment product if the beneficiary has an agreement with the payment service provider that permits payment by that means for the provision of goods and services.

Requirements with Respect to Virtual Currency

  •  (1) For greater certainty, paragraphs 7(1)(d), section 11, paragraphs 12(r) to (t), 13(h) and 14(1)(j) to (l), sections 19, 21, 26 and 28, paragraphs 30(1)(f), section 32, paragraph 33(1)(f), section 35, paragraphs 36(g), (h) and (j), sections 40, 42, 49, 51, 55, 57, 61, 63, 67 and 69, paragraph 70(1)(d) and sections 73, 79 and 81 do not apply to

    • (a) a transfer or receipt of virtual currency as compensation for the validation of a transaction that is recorded in a distributed ledger; or

    • (b) an exchange, transfer or receipt of a nominal amount of virtual currency for the sole purpose of validating another transaction or a transfer of information.

  • (2) In this section, distributed ledger means a digital ledger that is maintained by multiple persons or entities and that can only be modified by a consensus of those persons or entities.

Requirement To Report Information

  •  (1) The requirement to report information set out in any of Schedules 1 to 6 does not apply in respect of information set out in an item of that Schedule that is not marked with an asterisk if, after taking reasonable measures to do so, the person or entity is unable to obtain the information.

  • (2) The requirement to report information set out in any of Schedules 1 to 4 and 6 does not apply in respect of information set out in an item of that Schedule that is marked with an asterisk if

    • (a) the information is with respect to two or more cash transactions referred to in section 126, electronic funds transfers referred to in section 127 or 128, virtual currency transactions referred to in section 129 or disbursements referred to in section 130 that are deemed to be a single transaction of $10,000 or more; and

    • (b) after taking reasonable measures to do so, the person or entity is unable to obtain the information.

  • (3) For greater certainty, a person or entity is not required to report information set out in any item of Schedules 1 to 6 that is not applicable in the circumstances.

Requirement To Include Information in a Record

 A person or entity that is required to keep a record under these Regulations is not required to include information in that record that is readily obtainable from other records that they are required to keep under these Regulations.

Other Requirements

  •  (1) Subparagraphs 86(a)(i) and (ii), paragraphs 87(a), 89(a) and (d), 94(a), 103(a) and 116(1)(a) and subsections 116(2) and (3), 119(1) to (3) and 120.2(1), (2) and (4) do not apply in respect of

    • (a) a business account, if the financial entity, securities dealer or casino has already verified the identity of at least three persons who are authorized to give instructions in respect of the account;

    • (b) a person who already has an account with the financial entity, securities dealer or casino, as the case may be; or

    • (c) an account that is opened at the request of an entity for the deposit by a life insurance company that is affiliated with the entity of a death benefit under a life insurance policy or annuity if

      • (i) the account is opened in the name of a beneficiary that is a person,

      • (ii) only that death benefit may be deposited into the account, and

      • (iii) the policy or annuity contract under which the claim for the death benefit is made has been in existence for a period of at least two years before the day on which the claim is made; and

    • (d) an account that is opened for the sale of mutual funds if there are reasonable grounds to believe that identity has been verified in accordance with subsection 105(1) by a securities dealer in respect of

      • (i) the sale of the mutual funds for which the account has been opened, or

      • (ii) a transaction that is part of a series of transactions that includes that sale.

  • (2) Sections 12 to 14, 22, 29, 43, 45 and 52, subsection 58(1), sections 64, 74, 82, 86 to 89, 92, 94, 96, 97 and 100, subsection 101(1) and sections 102 to 104, 116, 117, 119 to 120.2 and 123 do not apply in respect of

    • (a) the sale of an exempt policy as defined in subsection 306(1) of the Income Tax Regulations;

    • (b) the sale of a group life insurance policy that does not provide for a cash surrender value or a savings component;

    • (c) the sale of an immediate or deferred annuity that is paid for entirely with funds that are directly transferred from a registered pension plan or from a pension plan that is required to be registered under the Pension Benefits Standards Act, 1985, or similar provincial legislation;

    • (d) the sale of a registered annuity policy or a registered retirement income fund;

    • (e) the sale of an immediate or deferred annuity that is paid for entirely with the proceeds of a group life insurance policy;

    • (f) a transaction that is part of a reverse mortgage or structured settlement;

    • (g) the opening of an account for the deposit and sale of shares from a corporate demutualization or the privatization of a Crown corporation;

    • (h) the opening of an account in the name of an affiliate of a financial entity, if the affiliate carries out activities that are similar to those of persons and entities referred to in paragraphs 5(a) to (g) of the Act;

    • (i) the opening of a registered plan account, including a locked-in retirement plan account, a registered retirement savings plan account and a group registered retirement savings plan account;

    • (j) the opening of an account established in accordance with the escrow requirements of a Canadian securities regulator or Canadian stock exchange or provincial legislation;

    • (k) the opening of an account if the account holder or settlor is a pension fund that is regulated under federal or provincial legislation;

    • (l) the opening of an account in the name of, or in respect of which instructions are authorized to be given by, a financial entity, a securities dealer, a life insurance company or an investment fund that is regulated under provincial securities legislation;

    • (m) a public body;

    • (n) a corporation or trust that has minimum net assets of $75 million on its last audited balance sheet, whose shares or units are traded on a Canadian stock exchange or a stock exchange designated under subsection 262(1) of the Income Tax Act and that operates in a country that is a member of the Financial Action Task Force;

    • (o) a subsidiary of a public body referred to in paragraph (m) or a corporation or trust referred to in paragraph (n) whose financial statements are consolidated with the financial statements of that public body, corporation or trust; or

    • (p) the opening of an account solely in the course of providing accounting services to a securities dealer.

  • (3) A financial entity, securities dealer, life insurance company or life insurance broker or agent is not required to verify the identity of, or to keep a signature card for, a person who is a member of a group plan account or to determine whether they are a politically exposed foreign person, a politically exposed domestic person or a head of an international organization, or a family member — referred to in subsection 2(1) — of, or a person who is closely associated with, one of those persons if

    • (a) the member’s contributions are made by the sponsor of the plan or by means of payroll deductions; and

    • (b) the identity of the plan sponsor has been verified in accordance with subsection 109(1) or 112(1).

  • (4) Subsections (1) to (3) do not apply if a person or entity conducts or attempts to conduct a transaction that is required to be reported to the Centre under section 7 of the Act.

  •  (1) If a person or entity verifies a person’s identity in accordance with subsection 105(1) and complies with section 108 — or if, before the coming into force of this subsection, they ascertained a person’s identity in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify the person’s identity again unless they have doubts about the information that was used for that purpose.

  • (2) If a person or entity verifies a corporation’s identity in accordance with subsection 109(1) — or if, before the coming into force of this subsection, they confirmed the corporation’s existence and ascertained its name and address and the names of its directors in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify it again unless they have doubts about the information that was used for that purpose.

  • (3) If a person or entity verifies the identity of an entity other than a corporation in accordance with subsection 112(1) — or if, before the coming into force of this subsection, they confirmed the entity’s existence in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify it again unless they have doubts about the information that was used for that purpose.

  • (4) If a person or entity determines that a person is a politically exposed foreign person or a family member, referred to in subsection 2(1), of such a person — or if, before the coming into force of this subsection, they determined that a person is a politically exposed foreign person, as defined in subsection 9.3(3) of the Act as it read at the time the determination was made — they are not required to make the determination again.

PART 7Compliance Programs and Special Measures

  •  (1) For the purposes of subsection 9.6(1) of the Act, a person or entity referred to in that subsection shall implement the compliance program referred to in that subsection by

    • (a) appointing a person who is to be responsible for implementing the program or, in the case of a person, taking responsibility for implementing the program;

    • (b) developing and applying written compliance policies and procedures that are kept up to date and, in the case of an entity, are approved by a senior officer;

    • (c) assessing and documenting the risk referred to in subsection 9.6(2) of the Act, taking into consideration

      • (i) their clients and business relationships,

      • (ii) their products, services and delivery channels,

      • (iii) the geographic location of their activities,

      • (iv) in the case of an entity that is referred to in any of paragraphs 5(a) to (g) of the Act, any risk resulting from the activities of an entity that is affiliated with it and that either is referred to in any of those paragraphs or carries out activities outside Canada that are similar to those of a person or entity referred to in any of those paragraphs, and

      • (v) any other relevant factor;

    • (d) if the person or entity has employees, agents or mandataries or other persons who are authorized to act on their behalf, developing and maintaining a written, ongoing compliance training program for those employees, agents or mandataries or other persons;

    • (e) instituting and documenting a plan for the ongoing compliance training program and delivering the training; and

    • (f) instituting and documenting a plan for a review of the compliance program for the purpose of testing its effectiveness.

  • (2) If the person or entity intends to carry out a new development or introduce a new technology that may have an impact on their clients, business relationships, products, services or delivery channels or the geographic location of their activities, they shall, in accordance with paragraph (1)(c), assess and document the risk referred to in subsection 9.6(2) of the Act before doing so.

  • (3) A review referred to in paragraph (1)(f) shall be carried out and the results documented every two years by an internal or external auditor of the person or entity, or by the person or entity if they do not have an auditor.

  • (4) An entity shall report the findings of the review, any updates made to the policies and procedures within the reporting period and the status of the implementation of those updates in writing to a senior officer within 30 days after the day on which the review is completed.

 The prescribed special measures that are required to be taken by a person or entity referred to in subsection 9.6(1) of the Act for the purposes of subsection 9.6(3) of the Act are the development and application of written policies and procedures for

  • (a) taking enhanced measures, based on an assessment of the risk, to verify the identity of any person or entity; and

  • (b) taking any other enhanced measure to mitigate the risks, including

    • (i) ensuring, at a frequency appropriate to the level of risk, that client identification information and information collected under section 138 is up to date, and

    • (ii) conducting, at a frequency appropriate to the level of risk, the ongoing monitoring of business relationships referred to in section 123.1.

 

Date modified: