Canada’s banking regulator is returning to anti-money laundering and anti-terrorism financing compliance after a three-year hiatus – an about-face that risks sowing more confusion for financial institutions.
The Office of the Superintendent of Financial Institutions previously ended its oversight role in 2021. In doing so, OSFI rescinded its guidance on deterring and detecting money laundering and terrorist financing, and handed over its regulatory responsibilities to the Financial Transactions and Reports Analysis Centre of Canada.
The objective was to make FinTRAC, the federal financial intelligence unit, the exclusive overseer of banks’ anti-money laundering and anti-terrorist financing obligations.
Still, OSFI’s decision to get out of financial crime compliance was bewildering because banks are among the most vulnerable businesses when it comes to both money laundering and terrorist financing, according to the federal government’s threat assessment.
Now, its decision to reprioritize financial crime is muddying the waters about whether OSFI or FinTRAC will get the final say on bank compliance. It is a sensitive issue for banks: Compliance costs in Canada are roughly $6.8-billion a year, but few criminals are convicted.
“FINTRAC and OSFI have distinct but related mandates and collaborate as required,” wrote Cory Harding, an OSFI spokesperson, in an e-mail to The Globe and Mail. He also stressed that OSFI’s role “is supervisory as opposed to regulatory” when it comes to anti-money laundering.
If you’re confused about the distinction, you’re not alone.
When The Globe put a similar query to FinTRAC in recent weeks, spokesperson Erica Constant described the financial intelligence unit as the “sole supervisor” of banks’ anti-money laundering and anti-terrorist financing obligations.
Nomenclature aside, FinTRAC is responsible for ensuring that banks and other businesses comply with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and its associated regulations. OSFI, meanwhile, focuses on the “prudential impact” of financial crime weaknesses – or how those deficiencies affect the financial safety and soundness of banks.
Even so, there is the potential for overlap between OSFI and FinTRAC.
“OSFI’s role is, where necessary, to translate FINTRAC findings into supervisory activities aimed at ensuring FRFIs have policies and procedures in place to protect themselves from threats to their integrity & security,” Mr. Harding said. (FRFI is the acronym for federally regulated financial institutions.)
To be sure, OSFI is trying to differentiate its revamped role from that of FinTRAC.
Mr. Harding confirmed that OSFI will not develop any new regulatory guidance for banks on combatting money laundering and the financing of terrorism. Nor will OSFI resume conducting joint compliance examinations of financial institutions alongside FinTRAC, a process used from 2013 to 2019.
Instead, OSFI will supervise banks’ anti-money laundering compliance under the auspices of its new integrity and security guideline. It will factor any detected weaknesses into its regulatory assessments of lenders, Mr. Harding added.
That’s all well and good, but Canadians deserve to know what prompted OSFI’s turnabout on financial crime. After all, FinTRAC previously told Finance Minister Chrystia Freeland the transition of assessment responsibilities from OSFI was effective.
“Overall, the implementation of the new approach was seen as relatively seamless and was well received by industry and the agencies alike,” states a FinTRAC report, dated Sept. 30, 2020. “The new approach delivers a strong and effective AML/ATF regime while reducing duplication through better alignment with FINTRAC and OSFI’s respective mandates and authorities.”
So, why is OSFI pivoting now? The Globe asked if its decision to sharpen its focus on anti-money laundering was related to the money-laundering woes faced by Toronto-Dominion Bank.
“OSFI’s mandate was expanded in 2023, as a result of Bill C-47, from determining whether FRFIs are in sound financial condition and obliging prompt corrective action if they are not, to also to determining whether FRFIs have protections in place to guard against threats to their integrity and security,” Mr. Harding said.
FinTRAC, meanwhile, has spent years modernizing its compliance program. Its requirements include client identification, recordkeeping and reporting certain types of financial transactions, including international electronic funds transfers, large cash transactions and suspicious transactions.
After the 2021 transition, FinTRAC developed a comprehensive monitoring framework for financial institutions of all sizes. FinTRAC also meets with every big bank each quarter.
Although OSFI and FinTRAC are seeking to avoid duplication regarding their roles, it is unclear how they plan to prevent regulatory dissonance. The last time that OSFI and FinTRAC pursued separate remits on these issues, banks experienced regulatory redundancy and, at times, conflicting advice.
That’s because prudential banking regulators and financial intelligence units view banking activities through different lenses.
For instance, correspondent banking – when a bank facilitates transactions such as wire transfers on behalf of another lender in a foreign market – is considered very risky from an anti-money laundering compliance perspective.
A prudential regulator, on the other hand, could consider such activities to be sound because correspondent banking transactions generate a steady stream of fee income for banks.
OSFI is right that anti-money laundering compliance is “one of the many protections necessary” for financial institutions. But it needs to offer more clarity on how it is adjusting its approach to anti-money laundering this time around.