Government of Canada / Gouvernement du Canada
Symbol of the Government of Canada

Search

Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (SOR/2002-184)

Regulations are current to 2021-09-11 and last amended on 2021-06-01. Previous Versions

PART 6Exceptions (continued)

Other Requirements (continued)

  •  (1) If a person or entity verifies a person’s identity in accordance with subsection 105(1) and complies with section 108 — or if, before the coming into force of this subsection, they ascertained a person’s identity in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify the person’s identity again unless they have doubts about the information that was used for that purpose.

  • (2) If a person or entity verifies a corporation’s identity in accordance with subsection 109(1) — or if, before the coming into force of this subsection, they confirmed the corporation’s existence and ascertained its name and address and the names of its directors in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify it again unless they have doubts about the information that was used for that purpose.

  • (3) If a person or entity verifies the identity of an entity other than a corporation in accordance with subsection 112(1) — or if, before the coming into force of this subsection, they confirmed the entity’s existence in accordance with these Regulations, and complied with the related record-keeping provisions, as they read at the time — they are not required to verify it again unless they have doubts about the information that was used for that purpose.

  • (4) If a person or entity determines that a person is a politically exposed foreign person or a family member, referred to in subsection 2(1), of such a person — or if, before the coming into force of this subsection, they determined that a person is a politically exposed foreign person, as defined in subsection 9.3(3) of the Act as it read at the time the determination was made — they are not required to make the determination again.

PART 7Compliance Programs and Special Measures

  •  (1) For the purposes of subsection 9.6(1) of the Act, a person or entity referred to in that subsection shall implement the compliance program referred to in that subsection by

    • (a) appointing a person who is to be responsible for implementing the program or, in the case of a person, taking responsibility for implementing the program;

    • (b) developing and applying written compliance policies and procedures that are kept up to date and, in the case of an entity, are approved by a senior officer;

    • (c) assessing and documenting the risk referred to in subsection 9.6(2) of the Act, taking into consideration

      • (ii) their products, services and delivery channels,

      • (ii) their products and delivery channels,

      • (iii) the geographic location of their activities,

      • (iv) in the case of an entity that is referred to in any of paragraphs 5(a) to (g) of the Act, any risk resulting from the activities of an entity that is affiliated with it and that either is referred to in any of those paragraphs or carries out activities outside Canada that are similar to those of a person or entity referred to in any of those paragraphs, and

      • (v) any other relevant factor;

    • (d) if the person or entity has employees, agents or mandataries or other persons who are authorized to act on their behalf, developing and maintaining a written, ongoing compliance training program for those employees, agents or mandataries or other persons;

    • (e) instituting and documenting a plan for the ongoing compliance training program and delivering the training; and

    • (f) instituting and documenting a plan for a review of the compliance program for the purpose of testing its effectiveness.

  • (2) If the person or entity intends to carry out a new development or introduce a new technology that may have an impact on their clients, business relationships, products, services or delivery channels or the geographic location of their activities, they shall, in accordance with paragraph (1)(c), assess and document the risk referred to in subsection 9.6(2) of the Act before doing so.

  • (3) A review referred to in paragraph (1)(f) shall be carried out and the results documented every two years by an internal or external auditor of the person or entity, or by the person or entity if they do not have an auditor.

  • (4) An entity shall report the findings of the review, any updates made to the policies and procedures within the reporting period and the status of the implementation of those updates in writing to a senior officer within 30 days after the day on which the review is completed.

 The prescribed special measures that are required to be taken by a person or entity referred to in subsection 9.6(1) of the Act for the purposes of subsection 9.6(3) of the Act are the development and application of written policies and procedures for

  • (a) taking enhanced measures, based on an assessment of the risk, to verify the identity of any person or entity; and

  • (b) taking any other enhanced measure to mitigate the risks, including

    • (i) ensuring, at a frequency appropriate to the level of risk, that client identification information and information collected under section 138 is up to date, and

    • (ii) conducting, at a frequency appropriate to the level of risk, the ongoing monitoring of business relationships referred to in section 123.1.

 
Date modified: