The information I was referring to was uncovered in the course of our two-year review audits that we've conducted over the years. Essentially, the problems stem from the discretionary criteria applied by financial institutions and providing information to FINTRAC, namely, that a transaction appears suspicious.
It is for the financial institution to determine whether a transaction is suspicious. The institution is well placed to determine that. But in the course of our audits, we found that certain transactions were referred to FINTRAC for reasons such as the ethnic origin or the place of destinations of an individual, or because the age of the individual involved did not match the amount of money at stake.
The risk, I think, is that in gathering massive amounts of information and then trying to make sense of it, you will apply criteria, some of which may be discriminatory. That's one issue.
There's a proposal apparently on the table to get rid of the financial threshold that would result in reporting to FINTRAC from $10,000 to zero dollars. I do not suggest that a financial threshold is necessary, but certainly, if you remove a financial threshold, the risk of catching information about law-abiding citizens increases mostly into your question about protocols.
Either you have objective standards for when financial institutions share information with FINTRAC, or if you get rid of a dollar threshold—and then there is no threshold, there is no objective criteria—then there should be some objective criteria, whereby FINTRAC looks at the data bank that contains all of this information to ensure that it is investigating people involved in criminal or terrorist activities as opposed to law-abiding citizens.