The short answer is no, there have not been any convictions and there have not been any allegations of improper disclosure, and to the best of our knowledge--and our knowledge is very good on this point in our organization--there has been no improper disclosure of information from FINTRAC. We have put in place extensive and exhaustive measures to satisfy ourselves that casual disclosures or informal disclosures or nudge-nudge, wink-wink disclosures cannot take place.
A disclosure from FINTRAC can only occur formally and in written form. It can only be made after it is vetted by a disclosure committee, which consists of the senior executives in the organization and is chaired by me, and in this process it is challenged and tested and passed through our legal services to satisfy them as well as us that the information to be disclosed is being disclosed properly and that there are sufficient reasons to disclose it.
I won't go into all the details and technical measures we have put in place, because that would make it easier for someone to circumvent them, but we have a very comprehensive and stringent access control system. It includes biometrics, and we have logging systems that show who accesses what information so that we can monitor and review.
We log the comings and goings in the centre. All the analytic information--in other words, the sensitive personal information--is contained in a vaulted, high-security area of our premises. Not all employees have access to it; only the people who work there have access to the analytic unit, and a few other senior executives like myself. Even I don't have access to their analytic computer system. There's no need for me to have access to it, so I don't have it.