I would suggest a couple of things. First, I would echo my co-panellists in terms of guidance to entities. There is vast over-reporting of suspicious transactions, in part because, as the financial institutions have said to other committees, there is so little guidance and such an onerous burden on reporting entities should they miss anything.
Over-reporting is absolutely to be predicted given that you have criminal jeopardy should you not report effectively. There is no guidance as to what constitutes effective reporting, and so we have massive over-reporting of suspicious transactions, thereby not advancing security because we are getting things we don't require. Yet we're not taking them out of the system once they are in the system. FINTRAC retains them, and in fact it's more cost-effective if they don't have a person extract them.
These are some of the things that the OPC does simply because it's more cost-effective to just warehouse the data than it is to cleanse it of the things you don't need. These are the kinds of problems that guidance would fix.
Concerning oversight, we have heard about a number of models.