Anti-money laundering compliance in the money services business industry2016 Benchmarking report

2 2016 AML Benchmarking report

2016 AML Benchmarking report 3

From the National AML services team

gained by completing over 150 anti-money laundering compliance program-related engagements in 2014-2015. These were focused particularly on the MSB industry as well as others, including securities dealers, financial institutions, online transaction processing organizations, trust companies and government organizations. What’s apparent from our research and experience is that the sector’s anti-money laundering compliance programs are delivering desired results. Specifically, there have been significant improvements in the following areas:

• FINTRAC reporting;• automated recordkeeping and transaction

monitoring systems;• policy and procedure deficiencies; and• staff and agent training comprehension.

However, it’s also apparent that many MSBs need to focus more on the identification of potentially suspicious transactions and enhancing their assessment of inherent risks—although we do see that this shift is already starting. Our recent work indicates that many MSBs are better positioned to focus on these elements now that the other elements of their programs are established.

The anti-money laundering team at Grant Thornton LLP has had the opportunity to work with money services businesses (MSBs)—large, small and everything in between—from all across Canada over the past few years. It has given us great opportunity to meet those who are connected with people, cultures and communities from all over the world. In our experience, the MSB industry is highly entrepreneurial, dynamic, diverse and serves the needs of many Canadians and Canadian residents-to-be.

We believe the experience and knowledge we’ve gained has placed us in a unique position to offer insight into the status of the industry’s anti-money laundering compliance within Canada. This benchmarking report reflects the culmination of public research, as well as the knowledge we’ve

We are pleased to present our 2016 benchmarking report, Anti-money laundering compliance in the money services business industry. We hope that it will be used to benefit organizations across the money services and finance industry and assist you with understanding today’s compliance benchmark, as well as reach your goals for tomorrow.

Don’t hesitate to reach out to a member of our national anti-money laundering services team:

Jennifer Fiddian-GreenPartner, Advisory Services

Patrick HoSenior Manager, Advisory Services

Robert OsbourneSenior Manager, Advisory Services

Albina AlimerkoManager, Advisory Services

Andres BetancourtSenior Associate, Advisory Services

T +1 855 747 2647E msb@ca.gt.com

4 2016 AML Benchmarking report

there are cost benefit decisions being made on whether or not to incur and manage higher risk client relationships, there are also decisions being made based on an individual institution’s ability and capacity to manage higher risk relationships. Meaning that, in some cases, there is really not much a higher-risk client can do to maintain a banking relationship if their financial institution has decided to exit them.

The Mutual Evaluation Report of Canada published by the FATF in September 2016 has indicated that banks and MSBs appear to be the main channels to launder the proceeds of crime due to the products and services they offer, their large client bases and their exposure to high risk jurisdictions with weak Anti-Money Laundering/Counter Financing of Terrorism (AML/CFT) regimes and significant money laundering and terrorist financing (ML/TF) threats. These findings continue to emphasize the challenge that the MSB sector faces in obtaining or maintaining their banking relationships.3

denying access to financial services for the unbanked; it also has significant humanitarian, economic, political and security implications, including driving customers and illicit cash flow to underground “shadow markets.”1

Regulators, including the Financial Action Task Force (FATF), have been emphasizing to financial institutions around the world that, just because a customer may be considered high risk, it does not mean they are “unbankable.” Banks and other financial institutions are encouraged to manage these high-risk customer relationships. Moreover, regulators have reiterated that denying financial services to MSBs will drive underground illicit activities that may have otherwise been reported, inhibiting law enforcement’s efforts to stem the growth of money laundering and terrorist financing. As recently as May 26, 2016, the deputy director of the Financial Crimes Enforcement Network (FINCEN) in the United States, Jamal El-Hindi, highlighted the issue of de-risking MSBs in a speech to the Conference of State Bank Supervisors, State Federal Supervisory Forum.2 What we are learning through this time is that while

own risks or reduce risk management costs—a practice that left some businesses without bank accounts and newer businesses struggling to find banking partners. Unfortunately, the MSB sector has become a regular target for de-risking by financial institutions, especially those that have been hit with fines for AML program breaches. In Asia-Pacific, it is reported that banks no longer provide services to MSBs, while in the United States the situation is becoming more and more difficult, if not impossible, for the smaller MSB businesses. Currently, of the five largest banks in Canada, we are aware that two have programs in place to on-board new MSB clients and maintain accounts with existing MSB clients as long as specific requirements are met on an ongoing basis.

A number of regulatory authorities outside of Canada continue to emphasize that de-risking is not in line with international guidelines and is, in fact, a misapplication of the risk-based approach—and statements have been made publicly to this effect. The impact of account closures expands beyond

In 2012, Grant Thornton prepared the first AML compliance benchmark report for the money services business sector. It was intended to provide useful data to the industry on how it was performing in the various areas of the compliance regime of its members. This was in response to an industry that was just beginning to organize itself into a Canadian association that could train and advocate effectively on members’ behalf. And this organization was necessary, as MSBs both here in Canada and around the world were, as a sector, confronted with the impacts of financial institution de-risking decisions.

Over the last decade, particularly after the introduction of the risk-based approach, financial institutions worldwide have implemented “de-risking” strategies, sometimes referred to as “de-banking” (the closing of accounts), for clients perceived to be “high risk.” Throughout this period there has been a sense that some institutions, rather than manage these higher risk clients, opted to end client relationships across sector groups altogether to minimize their

Introduction

2016 AML Benchmarking report 5

phenomenon, with the estimated amount of money laundered globally in any one year ranging from 2-5% of global GDP, or US$1 trillion to US$2 trillion.5

In Canada, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) created the Financial Transaction and Reports Analysis Centre of Canada (FINTRAC), Canada’s financial intelligence unit. Over the past decade, regulated organizations across the country have worked to protect the integrity of Canada’s financial systems by implementing programs to comply with the PCMLTFA and its regulations and by reporting transactions to FINTRAC.

As of June 23, 2016, there have been 2,113 MSBs registered with FINTRAC. We note that there has been a steady decline in new registrations since 2013 while the number of MSBs that have ceased operations entirely has increased. Since 2008, 787 MSBs have ceased operating while 424 did not renew their registrations on expiry (see table).

The MSB sector plays a vital role in the movement of funds around the world, particularly to developing countries where the banking industry is not well established and residents do not have ready access to banking services. These companies are used by immigrants to send funds to support their relatives and friends in their countries of origin. In 2015, the World Bank estimated that remittance flows by international migrants reached US$581 billion, of which $432 billion flowed to low- or middle-income countries. In 27 countries, remittances were equal to more than 10% of the gross domestic product (GDP) of those countries. In 2014, remittance outflows from Canada amounted US$5.4 billion.4

Every year around the world, large amounts of funds are generated from illegal activities, including drug trafficking, human trafficking, tax evasion, people smuggling, theft, arms trafficking and corrupt practices. Money laundering—the process of concealing the source of illegally obtained money—plays a crucial role in allowing criminals to continue to perpetrate these crimes. Money laundering and terrorist financing is a global

Registered Ceased Expired Revoked

Individual MSBs 68 105 46 12

Corporate MSBs 752 682 378 70

Totals 820 787 424 82

0

100

200

300

400

500

600

700

800

900

Registered Ceased Expired Revoked

Individual MSBsCorporate MSBsTotals

MSB Status since 2008

6 2016 AML Benchmarking report

practices. In several areas throughout this benchmarking report, we measured the number of MSBs out of the benchmarking population that had deficiencies in specific areas. Deficiencies are defined specifically as “items or areas where the MSB’s documentation, process or reporting was not sufficient to meet the requirements of the PCMLTFA and its regulations.”

In evaluating the effectiveness of the various MSB compliance program elements, different measures were used to measure different characteristics depending on the available information. For example, use of an automated versus a manual transaction processing system was assessed to understand the occurrence of, and effectiveness in, identifying transactions where money laundering was suspected and subsequently reported to FINTRAC. In another instance, we reviewed whether or not employee testing as part of an MSB’s training process was effective by comparing this practice against the level of recordkeeping deficiencies identified.

Methodology The information in this report represents the Grant Thornton AML team’s aggregate knowledge, gathered from over 150 AML-related engagements (including over 103 different MSB organizations) completed over the period January 2014 to December 2015. It’s also based on our experience and knowledge from projects completed prior to this period, some of which was incorporated in the previous benchmark and survey reports produced by Grant Thornton, as well as information obtained from publicly available sources.

The data used to compile this benchmarking report has been reviewed to ensure that the confidentiality of each entity is maintained, and that the inclusion of information could not be used to identify an individual business or MSB organization. Only overall summary statistics for the population of data available to us (or a subset as appropriate to the population) were used.

In determining the prevalence of a characteristic or practice in the industry, we only included information that we assessed as being reasonable and reliable. The same MSB may have been reviewed more than once and only the last instance of reviewed results used. Furthermore, information from AML reviews as well as risk assessment assistance engagements was used to assist with determining the prevalence of specific characteristics and

Purpose This benchmarking report is intended to provide MSBs and financial institutions—both of whom have AML compliance objectives—with an essential tool to help evaluate the results of an AML compliance program review and any planned program changes. It’s our experience that the AML compliance programs of many MSB organizations are now delivering rigour and effectiveness that serve to protect Canada’s financial systems from abuse by those with illegal funds or criminal intent. We believe that this report can help both MSBs and financial institutions by establishing today’s benchmark and tomorrow’s goals for AML compliance programs. Specifically, it should help:• identify and evaluate the prevalence of

compliance practices found within the MSB industry,

• determine the impact that specific practices can have on a compliance program’s effectiveness,

• establish effective MSB compliance practices and determine the relative standing of their organization within the Canadian industry,

• enhance relationships between MSBs and their financial institution partners, and

• improve financial institutions' and regulators' understanding of the Canadian industry's compliance practices and evaluate the pace at which industry change is progressing.

As of June 23, 2016, only 820 still remain registered with FINTRAC, employing 17,129 agents.

Despite the vital role foreign exchange and money remittance service providers play in providing financial services to the “unbanked” and “self-banked,” the fact is, these services are targeted by and vulnerable to money laundering and those wishing to finance terrorism. FINTRAC reports indicate that MSBs are the second-most used sector for money laundering and terrorist financing schemes after financial institutions, and transactions through MSBs represent 36% of all case disclosures made by FINTRAC to law enforcement. Given their vulnerability to both illicit activities and resulting de-risking by banks, a rigorous and effective anti-money laundering and terrorist financing deterrence program is critical to the success of today’s MSB organizations and their relationships with stakeholder partners.6

2016 AML Benchmarking report 7

This section of the report provides background information to help the user understand the profile of the MSBs included in the benchmarking population.

Types of services offered by the MSBs The majority of MSBs (80%) included in the benchmark population provide money remittance services and 76% of the population provide currency exchange services. Other services provided include cheque cashing, money orders and payday loans. Many of the MSBs provide several of these services. This population is fairly reflective of the data reported by FINTRAC7 in Money Laundering and Terrorist Financing (ML/TF) Typologies and Trends for Canadian Money Services Businesses (MSBs) – July 2010 in which MSBs were reported as predominantly providing money remittance services (75%) and foreign exchange services (70%).

Services offered by the MSBs included in the benchmarking population Percentage of MSBs offering

80%

Remittance

14%

Money order

12%

Payday loans

17%

Cheque cashing

19%

Remittanceas an agent

76%

Foreign exchange

The graph below shows the services offered by the MSB benchmarking population (note that many MSBs offer more than one of the listed services).

Geographical regions served by MSBs that provide remittance services Of the MSBs that provide money remittance services, we found that while a majority of the MSBs in the population typically serve a specific geographic region, a significant portion (41%)—up from 26% in 2012—provide remittance services broadly to regions around the world, either using established global networks or their own proprietary networks. Geographic service provision shifted in other areas as well, with 4% of MSBs now providing services to North America. Also, while half of the MSBs in the benchmark population provided remittance services to and from Asian countries in 2012, that number has now dropped to 38%.

4%North America

6%South America

41%Non-speci�c

38%Asia

6%Africa

3%Europe

2%Middle East

Money remittance services: Regions served by MSBs 2016

10%South America

26%Non-speci�c

50%Asia

8%Africa

1%Europe

5%Middle East

Money remittance services: Regions served by MSBs 2012

Profile of the MSB population

8 2016 AML Benchmarking report

Customer interaction typesThe MSB benchmarking population was analyzed to understand how MSBs interacted with their customers. The percentage of MSBs providing only online access to customers was just 2% while a strong majority (62%) interacted only face-to-face. Thirty-six percent offered both forms of access, but usually only after an initial face-to-face meeting.

Types of clients served by MSBsClients served by MSBs include corporate or other types of entities, individuals or a combination of both. Corporate clients typically served include institutions or businesses that seek the services of the MSB to assist them with making payments to foreign vendors. These transactions are usually for larger dollar amounts. Individual clients generally seek the services of the MSB to perform smaller currency exchange transactions for the remittance of money to family members, overseas or personal travel.

The graph below shows the proportion of MSBs that have corporate clients, individual clients or both. While a significant number (32%) of MSBs served both, an increasing number are carving out a niche for themselves by targeting either corporations or individuals, with the latter often involving a specific ethnic community.

Size of the MSB: number of locations, employees, use of agentsWhile the MSB industry in Canada is dominated by a handful of larger businesses, there are also numerous smaller MSBs ranging in size from one location to larger organizations with hundreds of locations in Canada and abroad. Location has been defined, for purposes of this report, to include branch and agent locations. Agents are individuals or entities that are not directly employed by the MSB, but are authorized to act on behalf of the MSB to provide money services to clients. Of the MSB benchmark population, 32% provided services to clients using agents, an increase of 24% from 2012. A number of the MSBs in the benchmark population had less than five employees, including owner-operated, family-run businesses.

8%

32%

Individuals

Corporations

Both

60%

Types of clients served by the MSBs included in the benchmarking population 2016

62%

36%

Face-to-face only

Online only2%

Both

Customer interaction 2016

While 2% of MSBs in the population provided online access only, this percentage is expected to grow as FinTech becomes more widely accepted both by consumers and within the financial sector.

Documented contracts with agentsA documented contract between an MSB and its agent(s) can clearly lay out the duties and obligations of each of the parties and allow for an orderly means of settling any disputes that may arise. Our research shows that all MSBs with agency networks had documented contracts in place with their active agents.

Agent monitoring: background due diligence and regular site visitsSixty-one percent of MSBs with agency networks conducted background due diligence when first deciding to take on a new agent. Further, 44% of MSBs perform regular site visits of their agents. Site visits usually included some testing, inspection and inquiry of how regulatory requirements were being adhered to. It was not necessarily the same group of MSBs that performed both of these procedures; only approximately half of the MSBs that conducted due diligence also performed regular agent site visits.

Review of AML compliance programThe MSB benchmarking population was analyzed to understand the percentage of MSBs whose compliance programs had been subject to a prior review(s), either performed by Grant Thornton or another party. Approximately 84% of the benchmarking population had been subject to more than one compliance program review.

For those MSBs that had more than one review of their program completed, there was a decrease in documentation deficiencies such as risk assessments, policy and procedures (66% deficient in 2012 and 57% in 2016); however, there still continued to be recordkeeping and reporting deficiencies.

Referrals are not enough. Background due diligence results can be known within days. Focused investigative research can identify serious issues or concerns you need to know about. Make sure you get the facts about the people you do business with— the potential cost of failing to identify problems can be prohibitively high.

Put in place documented contracts that clearly lay out compliance program obligations and provide right of audit to protect your organization. Upfront background due diligence and regular site visits to test compliance will protect your organization over the longer term.

2016 AML Benchmarking report 9

Compliance program elements

Policies and proceduresA required element of an MSB’s compliance program is to have documented compliance policies and procedures. The majority of the benchmarking population (59% of MSBs) had deficiencies identified in their program reviews. The remaining MSBs with no identified deficiencies were likely to have more than five employees, developed their policies and procedures internally and employed a compliance officer that had received external training.

• no documentation that the manual/policies and procedures had been reviewed and authorized by senior management; and

• no documentation of the responsibilities of the compliance officer.

The most common policy and procedure deficiencies included:• insufficient detail of recordkeeping

responsibilities (e.g., requirement to document beneficial ownership of corporate customers);

• no documentation of when and how to make third-party determinations;

• no definitions of third-party and/or politically exposed foreign person (PEFP) provided;

No de�ciency

41%

Policy and procedure de�ciencies

-100% -80% -60% -40% -20% 0% 20% 40% 60% 80% 100%

No de�ciencyDe�ciency

More than �ve employees52%-46%

Less than or equal to �ve employees48%-54%

P&P developed internally

86%-86%

Trained their compliance of�cer internally45%-51%

Note: This bar chart provides detail data results for the pie chart to the left.

Make sure that your policies and procedures reflect and align with your money services business activities. Ensure this is true for your risk assessment as well. If your risk assessment includes controls to mitigate risk, these controls need to be performed.

10 2016 AML Benchmarking report

2016 AML Benchmarking report 11

The risk assessmentA good risk assessment documents money laundering and terrorist financing risks specific to that individual business and includes mitigating controls. This is a required element of the AML compliance program regime for an MSB, and it can also be a roadmap to assist others with understanding the business, the risks associated with the money service transactions facilitated, the customers and the geographic regions serviced. While all of the MSBs in the benchmarking population had a documented risk assessment, the majority (61%) were still in the process of making the risk assessment a practical reality of their business operations.

Compliance officerEach MSB is required to designate a compliance officer (CO) responsible for its AML compliance program. The data available in the benchmarking population was analyzed to try and understand who was fulfilling the role and if and how this person was supported. In the benchmarking population, 35% of the MSBs had the owner of the organization fulfilling the compliance officer role. In general, these MSBs were identified as smaller and more likely to have policies and procedures with identified deficiencies. For these MSBs, only a third of the owners, in their role as compliance officer, received external training. There was no marked difference regarding recordkeeping or reporting deficiencies for MSBs that had the owner as the compliance officer versus MSBs which had another individual fulfilling that role.

Only a small number of the MSBs had compliance officers that were certified with relevant AML credentials (e.g., a certified anti-money laundering specialist

designation). We expect that going forward more organizations will require this expertise and qualification of their compliance officers.

Of the MSBs in the benchmarking population, 18% (down from 23% in 2012) had a compliance officer that was supported by a team providing assistance to oversee and meet the compliance program requirements. We noted that, for those MSBs with a compliance officer supported by a team, the rates of recordkeeping and reporting deficiencies were higher. This indicates that while these teams are monitoring and processing a higher volume of transactions, ongoing management of the compliance program team is essential to ensure effectiveness of results.

The Compliance Officer role requires expertise and experience and needs to be taken seriously. In 2014, US regulators fined the former chief compliance officer of Moneygram International 8 for AML failures in the company’s compliance regime during his stewardship.

An effectively implemented risk assessment fundamentally affects how an MSB conducts its business. Common areas for improvement include:• the need to identify higher risk clients

and implement specific enhanced due diligence measures;

• the mitigation of controls that are applied consistently and operating as they should;

• the review and periodic testing of risk assessments; and

• the implementation of enhanced due diligence procedures for onboarding and monitoring of agents.

TrainingDocumented ongoing training on compliance program requirements must be maintained. We looked at how the compliance officers of MSBs received and maintained their training as well as how the training for others in the organization was delivered and maintained. In the MSB benchmarking population, the compliance officers primarily obtained their training by accessing internal resources or visiting and using the resources on the FINTRAC website. This group accounted for 51% (2012: 65%) of the compliance officers for which data was available. The remaining 49% (2012: 35%) of compliance officers were also receiving some degree of external training. The data indicates that more compliance officers are

The risk assessment really needs to be the foundation of your AML program. Document your higher risks and ensure you are actively monitoring for these higher risk customers and transactions. Once identified, protect yourself and your business by executing on your documented controls, such as obtaining source of funds information before you take on responsibility for facilitating the transaction.

Compliance of�cer with team Compliance of�cer without team

-80% -70% -60% -50% -40% -30% -20% -10% 0% 10% 20% 30% 40% 50% 60% 70% 80%

Have recordkeeping de�ciencies

4% Have reporting de�ciencies-11%

-74% 65%

12 2016 AML Benchmarking report

internal resources only to train staff had higher rates of deficiency in recordkeeping and reporting as opposed to MSBs using both internal and external resources. This was a significant change from the 2012 benchmark which indicated the opposite.

Testing as part of trainingTesting reinforces learning. It also helps the MSB determine whether its training efforts have been effective and provides additional motivation for staff. In the benchmarking population, 61% of MSBs use testing as part of their staff training program, and 39% do not use any form of documented testing. The MSBs that used testing in their program were actually more likely to have recordkeeping deficiencies and were more likely to operate from one location. However, MSBs that used testing were also more likely to report STRs. This number is

accessing externally-provided training.There was no marked difference regarding recordkeeping or reporting deficiencies between compliance officers trained internally or externally. However, the externally trained officers did have fewer identified deficiencies regarding policy and procedure documentation and risk assessments. It is essential to remember that good training is only one element of your compliance program and that all of the compliance program elements need to be in place and working, including the monitoring for and reporting of suspicious transactions.

There are now MSB industry-tailored training resources available, which organizations can access online and use to track employee completion and test results.

Testing doesn’t only reinforce learning; it also helps MSBs understand the level of knowledge their staff has. Additionally, it demonstrates a commitment to AML and locks in your training investment.

Training programs for staff may be developed internally or externally, or in combination. In the benchmarking population, the majority (69%) of MSBs used internal resources exclusively to train staff, 12% used external resources exclusively and 19% used a combination of programs. The current benchmark indicates that MSBs using

External

12%

19%

Internal69%

Both

Type of training 2016

increasing as anticipated, as training evolves to focus more on how to identify suspicious transactions, with less focus on the details of the recordkeeping requirements.

61%

No testing39%

Use of testing

Use of testing in training 2016

RecordkeepingIn the benchmarking population, 58% of the MSBs had recordkeeping deficiencies (down from 76% in 2012). This is a very significant improvement and may be attributable to the increased use of automated

Have recordkeeping de�ciencies

Trained CO externally

Had more than one location

-100% -80% -60% -40% -20% 0% 20% 40% 60% 80% 100%

Had �led an STR46%

64%

44%

41%-61%

-51%

-69%

-52%

No testing employedTesting employed

Training should include materials that are relevant to the employee’s role within the organization, and should provide an understanding of AML as well as specific knowledge necessary for that person to perform their part of the MSB’s AML strategy. Don’t provide blanket training.

Train and review your specific recordkeeping requirements with staff. Use examples specific to your organization to make it effective.

Transaction reporting (large cash and electronic funds transfers)In the benchmarking population, 40% had large cash and/or electronic funds transfers (LCTs and EFTs) reporting deficiencies, down from 66% in 2012. Given the high rate of deficiency, we looked in detail at the percentage of transaction reports that had reporting deficiencies for each MSB, and then averaged and summarized this. Out of all of the reports reviewed, 26% (2012: 33.4%) of LCT reports and 23% (2012: 38.5%) of EFT reports had deficiencies.

The most common deficiencies were: • late filings (most common),• reportable transactions not identified by

the MSB until the completion of the review (this was most common for transactions meeting the 24-hour rule threshold), and

• incorrect information included in filings.

Transaction processing systemThe transaction processing system refers to the manner in which a customer transaction is recorded. An automated transaction system refers to a system where the customer’s information, as well as the transaction information, is electronically recorded and then processed. A manual system refers to a process for which both the customer and transaction information is first recorded manually (on paper). Information from a manual system is kept in paper format, or it may be entered into a spreadsheet. In the benchmarking population, 72% (2012: 54%) of MSBs used automated transaction systems while 28% (2012: 46%) of MSBs used a manual system. The MSBs that used automated transaction systems usually had more locations and processed a higher volume of customer transactions. Automated systems also resulted in a higher likelihood of the MSB filing an STR report with FINTRAC. The rates of recordkeeping deficiencies were high regardless of whether the MSB was using an automated or manual transaction processing system.

systems to process transactions—which had a particularly positive impact on recordkeeping. In 2016, 72% of MSBs were using automated systems compared to 54% in 2012.

Some common recordkeeping deficiencies were found in the benchmarking population. These include:• Failure to communicate requirements

clearly (i.e., staff were not obtaining address, telephone or date of birth information from clients)

• Incomplete or unclear documentation of information (e.g., self-employed, manager, owner)

• Poorly documented information regarding corporate beneficial ownership or individuals authorized to transact for the corporation

• No documentation for third-party and PEPF client inquiries

Occupation—this is really all about trying to understand the source of a person’s funds, that is, how they earn their money. Documenting that someone is a manager doesn’t provide any information as to source of funds. Be specific and detailed.

Don’t make assumptions for your clients. When required, third party and politically exposed persons inquiries need to be made and documented. Also, for larger transactions, ones out of pattern or not expected for a client, inquire and document as to source of funds—don’t assume it.

Ensuring that the 24-hour reporting rule requirement is met can be tricky for MSBs that process a high volume of transactions using a manual system. It will be harder and harder to justify maintaining manual records. Before you make the system investment, even the use of a simple spreadsheet can assist with ensuring the requirements are met.

Automated72%

28%Manual

Transaction processing system 2016

2016 AML Benchmarking report 13

We identified that less than half of the MSBs in the benchmarking population had transactions which the MSB needed to review in order to determine whether or not any STR filing was required, an improvement over 2012. At the time of the review, these MSBs had not documented any form of previous monitoring of these transactions. The most commonly identified types of transactions were: • numerous transactions made by the same

customer over shorter time periods (e.g., one to ten days); and

• larger transactions conducted by customers where source of funds information was unknown, or what was known/documented was not clear/did not make sense.

Terrorists and designated individualsWe analyzed the data available to identify how many MSBs were using an automated system to check customer names against available listings of sanctioned individuals and entities. Results showed that 29% (2012: 57%) of MSBs were manually checking customer names, and 71% (2012: 43%) had an automated process to do this for them. Most MSB organizations that were manually checking were doing so against the OSFI list only, whereas when an automated process was used to do the checking, usually multiple lists were checked, including at least the OSFI and OFAC lists.

Suspicious transactionsNearly half of the 2016 benchmarking population (48%) submitted STRs with FINTRAC over the time period reviewed, which was generally a three-month to one-year timeframe. This is a significant improvement over the 2012 study where only 27% submitted STRs. This may be a result of more organizations using automated transaction monitoring systems. As well, MSBs that filed STRs were less likely to have delivered their training using internal resources and to have developed their policies and procedures internally.

-80% -60% -40% -20% 0% 20% 40% 60% 80% 100%-100%

Use an automated transaction58%

Develop their P&P internally89%-61%

Trained their compliance of�cer

58%

Trained their staff internally

66%

Had more than �ve employees49%

Had �ve or fewer employees51%

Had more than one location43%

Note: This bar chart provides detail data results for the pie chart on this page.

Had �led an STR Have not �led STRs

-80%

-84%

-38%

-52%

-50%

-50%

-60%

It’s critical that all staff (front counter, back office/ processing and management) are properly trained and aware of how to recognize the red flags of an unusual transaction—one that raises suspicion of money laundering or terrorist financing. Training is now expected to be tailored to the role and position of your staff.

MSBs that are not identifying and reporting suspicious transactions to FINTRAC need to really stand back and assess their risk, identification and monitoring processes. Is their compliance program really effective? Today the expectation is that within this industry an effective program will identify suspicious transactions. If you are not reporting, you need to be able to prove that you don’t have to.

Have not �led STR’s52%

48%Filed STR’s

MSBs that �led STRs 2016

14 2016 AML Benchmarking report

We determined that for the MSBs using an automated system, during the time of their compliance program review, 25% of these MSBs had identified deficiencies.

Deficiencies were specifically related to:• the list the system was using to check

names against being outdated, in some cases by several months; and

• technical issues with the system, such that the comparison process was simply not working as it was supposed to.

Automated71%

29%Manual

Terrorist and designated individuals detection system 2016

De�ciency identi�ed

25%

75%No de�ciency

Automated detection system with de�ciencies 2016

0 banking partners

2%

58%

2 Banking partners

17%

> 2 banking partners

23%

1 Banking partner

Number of banking partners held by MSBs

1. http://www.globalcenter.org/wp-content/uploads/2015/11/rr-bank-de-risking-181115-en.pdf2. https://www.fincen.gov/news_room/nr/html/20160606.html3. http://www.fatf-gafi.org/publications/mutualevaluations/documents/mer-canada-2016.html4. http://www.worldbank.org/en/news/press-release/2016/04/13/remittances-to-developing-countries-edge-up-slightly-in-20155. http://www.unodc.org/unodc/en/money-laundering/globalization.html6. http://www.fintrac.gc.ca/publications/typologies/2012-04-eng.asp#s1-47. Money Laundering and Terrorist Financing (ML/TF) Typologies and Trends for Canadian Money Services Businesses (MSBs),”

FINTRAC Typologies and Trends Reports (July 2010): http://www.fintrac.gc.ca/publications/typologies/2010-07-eng.asp8. https://www.complianceweek.com/blogs/enforcement-action/former-moneygram-cco-fined-1-million#.V_fuD00VDmI

Don’t hesitate to reach out to a member of our national anti-money laundering services team:

Jennifer Fiddian-GreenPartner, Advisory Services

Patrick HoSenior Manager, Advisory Services

Robert OsbourneSenior Manager, Advisory Services

Albina AlimerkoManager, Advisory Services

Andres BetancourtSenior Associate, Advisory Services

T +1 855 747 2647E msb@ca.gt.com

Understanding source of funds: A bank account is where the money last comes from before it comes to your organization; knowing this is not enough. Find out how the money came to be owned and in the control of your potential customer.

Transactions need to be monitored for unusual, potentially suspicious activity. Make sure this process is documented.

2016 AML Benchmarking report 15

Audit • Tax • Advisorywww.GrantThornton.ca

Grant Thornton LLP. A Canadian Member of Grant Thornton International Ltd

About Grant Thornton LLP in CanadaGrant Thornton LLP is a leading Canadian accounting and advisory firm providing audit, tax and advisory services to private and public organizations. We help dynamic organizations unlock their potential for growth by providing meaningful, actionable advice through a broad range of services. Together with the Quebec firm Raymond Chabot Grant Thornton LLP, Grant Thornton in Canada has approximately 4,000 people in offices across Canada. Grant Thornton LLP is a Canadian member of Grant Thornton International Ltd, whose member firms operate in over 100 countries worldwide.