Finance Committee on Feb. 28th, 2018

Good afternoon, Mr. Chairperson.

Thank you very much for the invitation to appear before you today. My name is Tony Manconi, and I'm the Director General of the Charities Directorate within the Canada Revenue Agency.

With me is Alastair Bland, Director of the Review and Analysis Division, which is the area responsible for carrying out the charities directorate’s national security mandate.

Also from the Canada Revenue Agency, or CRA, is Stéphane Bonin, Director of the Criminal Investigations Division. I will be sharing my time with him.

We are pleased to be here today to answer any questions you may have regarding CRA's involvement with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, PCMLTFA, as FINTRAC discloses information to two distinct areas within the CRA.

When FINTRAC has reasonable grounds to suspect that information would be relevant to money laundering and also to tax evasion, it discloses that information to the CRA's Criminal Investigations Division. My colleague, Mr. Bonin, will speak more about that role in a moment.

In addition, when FINTRAC has reasonable grounds to suspect that information would be relevant to the risk of terrorist abuse of the charitable sector, it discloses that information to the CRA's Charities Directorate.

I would now like to provide an overview of the charities directorate’s general mandate, as well as its role as a national security partner in Canada’s anti-money laundering and counterterrorism financing regime.

Under the Constitution, the provinces have jurisdiction over the establishment, maintenance and management of charities. However, registered charities are afforded certain privileges under the Income Tax Act, including exemption from paying tax on income and the ability to issue tax receipts for donations they receive. It's because of these privileges that the CRA has been overseeing the conduct of charities since 1967.

The Charities Directorate is responsible for ensuring that registered charities meet the legal requirements for registration under the Income Tax Act. This includes ensuring that charitable registration benefits only those organizations that are exclusively charitable at law, and that charitable donations reach intended legitimate beneficiaries. We achieve this through a balanced program of education, service and reasonable enforcement.

In the course of its work, the charities directorate has been determining whether the registration system was being abused by individuals or groups having links to terrorist organizations. Various legislative developments have assisted in this endeavour.

The Charities Registration (Security Information) Act, the public security and anti-terrorism initiative, the PCMLTFA, and the Security of Canada Information Sharing Act, as well as consequential amendments to the Income Tax Act, have provided the CRA with the mandate and the ability to staff a dedicated team within the charities directorate, called the review and analysis division, focused on protecting the charitable sector from the risk of terrorist abuse. These statutory developments also permit the use of classified information for determining whether charities should be registered under the Income Tax Act, and have increased the CRA's ability to share relevant information with government partners, including FINTRAC.

While the Income Tax Act remains the primary authority for administrative decisions made by the review and analysis division about charitable status, disclosures received from FINTRAC under the PCMLTFA contribute valuable intelligence required to make informed decisions.

I now turn to my colleague, Stéphane Bonin, who will speak about the criminal investigations division of the CRA.

Mr. Chair, I am Stéphane Bonin, Director of the Criminal Investigations Division of the Canada Revenue Agency.

Thank you for the opportunity to speak to you today about our participation in Canada’s anti-money laundering and anti-terrorist financing regime.

The criminal investigations program's mandate is to ensure that significant cases of tax evasion are investigated and, where appropriate, referred to the Public Prosecution Service of Canada for criminal prosecution. We use a risk-based approach for file selection...significant cases of tax evasion with an international element; promoters of sophisticated and well-organized tax schemes aimed at defrauding the government; joint financial crime cases with other law enforcement agencies, including cases involving money laundering and terrorist financing; and significant or material cases involving income tax or GST evasion, including the underground economy.

From a broader perspective, offshore tax evasion, which also may lead to money laundering charges, has become more complex, global, and aggressive, thereby presenting increased challenges to tax administrations around the world. To address these new challenges, the criminal investigations program went through a complete business transformation in 2013-14, going from 32 small offices across Canada to six large offices. The objective of that transformation was to strategically position its 600 resources in larger units across the country, with offices in Halifax, Montreal, Ottawa, Toronto, Calgary, and Vancouver. Now with a greater critical mass of investigators in larger centres being closer with our primary partners, such as the PPSC and the RCMP, CRA criminal investigations...are now well positioned to meet current and future challenges.

As an example, the CRA criminal investigations division recently executed three search warrants, during the course of an offshore tax evasion criminal investigation related to the data leak from the Panamanian law firm Mossack Fonseca, made public in the Panama Papers.

Approximately 30 CRA criminal investigators, assisted by members of the RCMP, took part in the operation that unfolded in Calgary, west Vancouver, and the greater Toronto area. The CRA’s investigation identified a series of transactions involving foreign corporations and several transfers through offshore bank accounts used allegedly to evade taxes.

In our media release, the CRA publicly acknowledged the significant contribution of the Financial Transactions and Reports Analysis Centre of Canada, or FINTRAC, to this criminal investigation.

This example demonstrates the effectiveness of various regime partners working together. Domestically, the CRA collaborates with FINTRAC and law enforcement agencies to ensure the effective use of financial intelligence in its criminal investigations. As my colleague Mr. Manconi mentioned earlier, the CRA receives disclosures from FINTRAC when it suspects that information would be relevant to money laundering and also to tax evasion.

To conclude, Mr. Chairman, tackling this global problem of tax evasion and money laundering takes a firm commitment and the effective use of tools and partnerships to identify and bring into compliance those who try to cheat and misuse the system, which is why the CRA’s Criminal Investigations Program remains a committed partner in the anti-money laundering regime and will continue to investigate those taxpayers who participate in money laundering related to tax evasion.

I look forward to your questions.

Thank you, Mr. Chair.

I’d like to thank the members of the committee for the opportunity to appear before you today as part of your statutory review of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, or PCMLTFA.

We, of course, support Canada's efforts to combat money laundering and terrorist financing. However, the manner in which these efforts are undertaken must strike an appropriate balance between the need to combat such activities and respecting privacy rights of Canadians.

The most apparent privacy implication with this regime is that it casts a wide net capturing a great deal of information about law-abiding Canadians conducting financial transactions, with a view to uncovering threats to national security or incidents of money laundering.

In our previous parliamentary briefs on Bill C-51 and Bill C-59, we signalled concerns around information collection and sharing regimes in the context of national security.

Specifically, we have highlighted the need for rigorous legal standards around the collection and sharing of personal information, effective oversight, and minimization of risks to the privacy of law-abiding Canadians, in part through prudent retention and destruction practices.

As you are aware, subsection 72(2) of the PCMLTFA provides my office with a mandate to conduct biennial reviews of how FINTRAC protects information it receives or collects under this act. We can also conduct reviews under section 37 of the Privacy Act.

All of our audits have identified issues with FINTRAC receiving and retaining reports that do not meet legislative thresholds for reporting.

In 2014, the PCMLTFA was amended by Bill C-31 to add subsection 54(2), which requires that FINTRAC destroy information in its holdings that was not required to be reported.

Although FINTRAC has implemented measures to validate incoming reports, a significant improvement, we continue to identify information in FINTRAC databases that did not meet thresholds and should not have been retained.

Also, we have generally found FINTRAC to have a comprehensive approach to security, including controls to safeguard personal information. Our most recent audit did identify governance issues between FINTRAC and Shared Services Canada, which FINTRAC has committed to addressing.

Beyond these issues, which we are mandated to review under the PCMLTFA, our principal concern, based on our experience reviewing FINTRAC over the past 10 years, relates to the lack of proportionality of the regime. Disclosures to law enforcement and other investigative agencies made in a given fiscal year represent a very small number when compared with the information received during that same time frame. For every 10,000 reports received, one disclosure is made.

Information received is also retained for long periods. FINTRAC's retention of undisclosed reports increased from five to 10 years in 2007.

Even if one accepts that sharing financial transaction data related to law-abiding citizens may lead to the identification of threats of money laundering or terrorist financing activities, once that information is analyzed and leads to the conclusion that someone is not a threat, it should no longer be retained.

More broadly, we have noted a trend to broaden the regime over the years, and we note the Department of Finance Canada's vision of moving towards a holistic information collection scheme, which would create an environment supporting increased analytics and information sharing. We have already seen discussion about lowering existing thresholds for reporting, which could be done through regulations without parliamentary approval. In the consultation paper, the Department of Finance Canada also suggests increasing the number of reporting agencies and establishing a new model for engagement of the private sector.

While I appreciate that a holistic approach to the collection and sharing of information might be useful to identify threats, what is proposed, unless appropriate privacy safeguards are adopted, would further exacerbate our concerns with proportionality.

Instead, I would suggest that a risk-based approach be adopted in order to minimize the risk of over-collecting and retaining the financial and personal information of law-abiding citizens. Under such an approach, FINTRAC, based on a thorough risk-based analysis of its data, would develop criteria to limit collection, sharing, and retention to only situations likely to represent potential manifestations of terrorist financing or money laundering.

We realize this may be challenging, but as privacy experts, we at the OPC believe we can play a role in the assessment of these factors, which leads me to this: currently our review mandate, under the PCMLTFA and the Privacy Act, is limited to ensuring that these statutes and regulations, as enacted, including monetary thresholds for collection, are respected.

We think a more useful contribution would be to provide advice, after review, on amendments that could be made, to either the statutes or the regulations or the practices of FINTRAC, to ensure greater proportionality, including the assessment of risk factors that might govern information collection, sharing, and retention.

The government is recommending that the PCMLTFA be amended to provide that the reviews we currently undertake every two years under section 72 now occur every four years. We agree in part, but we would recommend a change of purpose for these reviews.

First, we would recommend that the purpose of our reviews under the act be modified to include advice or recommendations on proportionality, as just mentioned.

Second, they would begin at least one year before every anticipated five-year review that Parliament must undertake. The OPC would continue to conduct compliance reviews under section 37 of the Privacy Act, which would not need to be amended. As it relates to proportionality, the committee may wish to consider part 4 of Bill C-59, currently before Parliament, concerning CSIS datasets and their retention, which might be instructive.

Under that model, CSIS must clean data promptly—that is, within 90 days—and can retain Canadian datasets only if the Federal Court is satisfied that doing so is likely to assist in the performance of CSIS's mandate, including the detection of threats to the national security of Canada. In addition, with respect to any contemplated changes to reduce existing thresholds through regulations, which would also affect proportionality, I would reiterate my recommendation in the context of Privacy Act reform, that government institutions should be legally required to consult with my office on draft legislation and regulations with privacy implications before they are tabled.

My written statement now goes into questions of oversight. Do I have time?

In terms of review and oversight of this regime, there are some review mechanisms in place and others proposed in Bill C-59, but I would argue that there are still some gaps in terms of comprehensive oversight.

While some decisions are subject to statutory or judicial review by the federal courts, which is one form of oversight, by the courts, a decision by FINTRAC to disclose information is more likely to be challenged in the context of a proceeding involving a disclosure to an investigative body such as a law enforcement agency. In many cases, however, an individual whose information is disclosed by FINTRAC might never know the disclosure took place.

Bill C-59, if passed, would create a new expert review body, the national security and intelligence review agency, with broad jurisdiction to examine the activities of all departments and agencies involved in national security, which includes FINTRAC. In addition, the new National Security and Intelligence Committee of Parliamentarians will also have a role to produce well-informed and comprehensive reviews of the work of these agencies.

However, the NSIRA will not review all of FINTRAC's activities, given the latter's mandate to identify criminality related to money laundering, and the NSIRA's national security mandate. Its national security review might also be limited given that not all of FINTRAC's disclosures are within the federal family.

The OPC is another oversight mechanism. We have an important mandated role, as already examined, and insight on the privacy aspects, including 10 years of audit experience in this area. However, as we've said in the context of Bill C-59, we currently would not have the legal authority to work with other national security review bodies, such as the NSIRA, to co-operate and provide effective oversight in this area.

To summarize, I would recommend the following: one, that the purpose of our reviews under the PCMLTFA be modified to include advice or recommendations on proportionality; two, that they begin at least one year before every anticipated five-year review that Parliament must undertake; and three, with respect to any contemplated changes to the regulations, Finance Canada should be legally required to consult with my office on draft legislation and regulations with privacy implications, before they are tabled.

Thank you very much, and I look forward to your questions.

Thank you.

Good afternoon, Mr. Chair.

My name is Lynne Tomson, and I am the Director General of the Integrity Regime and Financial Accounting Management Group of Public Services and Procurement Canada, or PSPC.

Accompanying me is Nicholas Trudel, Director General with the department's Specialized Service Sector.

For those of you who might not know, Public Services and Procurement Canada acts as the Government of Canada's central purchasing agent and real property manager on behalf of all government departments and agencies. PSPC also provides specialized services to other departments and agencies. It is in the second context that the department directly supports Canada's anti-money laundering and anti-terrorist financing regime.

PSPC provides two services that are directly linked to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.

The first of these services is forensic accounting, which is delivered through the forensic accounting management group of the integrity regime renewal branch within PSPC.

The second service is the disposal of seized property. This is managed through the seized property management directorate of the integrated services branch, which Nicholas will speak to briefly.

I'd like to share with you now a bit of background on the forensic accounting management group, FAMG. It was created in 1998 following the implementation of the Proceeds of Crime Act to support both the Royal Canadian Mounted Police and the prosecution service in relation to proceeds of crime or money laundering investigations, and through a 2002 order in council:

the provision of forensic accounting services...by the Minister of Public Works and Government Services Canada to provincial, territorial, municipal, and aboriginal governments and their police forces, and foreign governments, upon request by these governments for such services.

Across Canada, approximately 40 forensic accountants are co-located with the RCMP in 11 of their offices. They play an active support role in the detection and disruption of money laundering and terrorist financing by collecting and assembling financial evidence to support or refute allegations.

Their analysis of financial transactions helps lead to the identification of wrongdoers, provides evidence for the elements of the crime, and allows law enforcement to trace and seize any ill-gotten gains. These accountants also provide advice on various financial and accounting aspects of the investigation, including analysis of corporate documents, banking data, tax information, financial statements, and FINTRAC disclosures.

To give you a sense of the vast scope of this work, in the past five years, the group has been involved in approximately 100 RCMP money laundering and terrorist financing investigations, and has testified in nearly 30 criminal trials. The combined value of seized assets and court-imposed fines in these files totalled nearly $10 million.

Money laundering and terrorist financing investigations have become increasingly complex and almost always include an international component. To share our knowledge in finance and accounting, we also work with the RCMP in order to provide specialized training to the investigators working on these files.

In order to combat these crimes, it is important to remove the financial incentive. The analysis of financial transactions is a key part of that work. Therefore, the impact that forensic accounting services can have in money laundering and terrorist financing criminal investigations is significant, and has been proven in Canada as well as internationally.

Finally, I'd like to note that PSPC indirectly supports the objectives of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, as it is responsible for administering the Government of Canada's integrity regime. This regime ensures that the government does business with ethical suppliers and that suppliers who have been convicted of listed offences are rendered ineligible to be awarded a government contract. In line with the duties of my group, one of the listed offences is for convictions of laundering proceeds of crime.

I will now turn to my colleague, who will speak to you about the management of seized property.

We aren't necessarily suggesting that the documents be destroyed within a short time frame. We are recommending a risk-based approach. A great deal of information is collected on a huge number of transactions, the vast majority of which relates to the financial transactions of law-abiding Canadians. That is the basis of the approach used to detect criminals or terrorists and is very similar to the procedure proposed in Bill C-51 and Bill C-59. It has merit, but the information has to be screened using numerous pieces of data to uncover threats and individuals who are security threats or criminals.

I am not calling the process into question, but it's helpful to keep some figures in mind. Over the past few years, the ratio of actionable disclosures to law enforcement or other organizations has been one for every 10,000 reports received. For every 10,000 reports received, only one disclosure is made to police, the Canada Revenue Agency, or security agencies. We found that a significant amount of information is collected but that people pose a security threat in a very small number of cases.

I'm not saying that the information should no longer be collected, but I am recommending that a risk-based approach be adopted, as the Canada Revenue Agency officials more or less suggested. A considerable amount of information can be gathered initially, but a risk-based approach—one that takes into account the usefulness of the information for forensic evidence purposes—can be applied. That could be one of the factors given consideration. However, a risk analysis should be conducted fairly early on to determine whether the information needs to be retained or not. It is possible that, for a variety of reasons, a certain number of reports would need to be retained for a long period of time. On the flip side, I think many other reports would need to be destroyed rather quickly, as proposed in Bill C-59.

Personally, I see similarities between the approach set out in Bill C-59, which proposes extensive data collection in order to identify the small number of people who pose a threat, and the collection of financial transaction information under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, in order to identify a small number of criminals who are laundering money or contributing to terrorist financing.

We are asked by the RCMP to assist in specific criminal investigations, and the need to retain information depends on the period during which the activities transpired. In forensic accounting, it's preferable to have access to as much financial information as possible in order to build a financial picture of the individual or company, establish the source and use of funds, and track their movement and the manner in which they flow from one account to another.

What we actually need is the capacity to identify who the money or assets genuinely belong to.

Yes, we need to be able to determine—

—who the true owners are.

and have access to national and especially international information. If the money is sitting in a foreign bank account, we have to work with the RCMP to identify where and then submit an application to Justice Canada in an effort to access the information.

Technology may well help to bring greater proportionality.