Evidence of meeting #46 for Industry and Technology in the 45th Parliament, 1st session. (The original version is on Parliament’s site, as are the minutes.) The winning word was scams.

A recording is available from Parliament.

On the agenda

Members speaking

Before the committee

Hines  Head of Fraud Product, Interac Corp.
Harroun  Vice-President, Compliance and Enforcement, Canadian Radio-television and Telecommunications Commission
Brun  Vice-President, Government Relations, Desjardins Group
Lapalme  Senior Director and Deputy Head, Fraud and Financial Crime Management and Supervision Unit, Desjardins Group
Hutton  Vice-President, Consumer, Analytics and Strategy, Canadian Radio-television and Telecommunications Commission

Doly Begum Liberal Scarborough Southwest, ON

If I may, I would ask Mr. Harroun the same question.

The Chair Liberal Ben Carr

Ms. Begum, I'm afraid we're quite a bit over, so we may have to circle back.

It's timely. I just looked down, for a moment, at an email from FIFA World that reads, “$4 million has been awarded thus far, Ben Carr. Click here for your exclusive reward.” When I clicked on FIFA World, let's just say it looks fraudulent. I'm glad I've been educated on the matter, but it's quite appropriate.

I don't see any of your logos there, so everyone is safe at the moment.

Mr. Ste‑Marie, you have the floor for two minutes and a half minutes.

Gabriel Ste-Marie Bloc Joliette—Manawan, QC

Congratulations on your vigilance, Mr. Chair.

I'll continue my discussion with the representatives of the Mouvement des caisses Desjardins.

I'd like to hear your thoughts on the role of AI in fraud, but also in prevention.

4:20 p.m.

Senior Director and Deputy Head, Fraud and Financial Crime Management and Supervision Unit, Desjardins Group

Frédéric Lapalme

AI is the new thing, the flavour of the month and probably of the next decades. Fraudsters are already using it. I'll give you an example. In Quebec, the use of French has increased. It used to be a barrier that somewhat protected us. Unfortunately, that's no longer the case with text messages and emails. A chatbot can write a really good email.

When it comes to prevention and detection, as a financial institution, we need to use those tools. Again, it comes back to the privacy elements. That's important, but to be able to use AI, we need data. Financial institutions have a lot of data that can be used to protect their clients, their members, so my answer would be along the same lines.

Gabriel Ste-Marie Bloc Joliette—Manawan, QC

Let's move on to the topic of open banking.

Currently, when someone makes an unauthorized transaction, which is a fraud, the financial institution has to pay. However, with open banking, there's a risk the institution and the trading platform will pass each other the buck, or that fintechs won't even have the means to pay.

How can we ensure consumers don't lose out?

4:20 p.m.

Vice-President, Government Relations, Desjardins Group

Bernard Brun

That's a very good question. We're entering another dimension where the focus is more on data portability. Open banking will also lead to more frequent transactions.

It's important to understand that this system already exists, but it takes the form of screen scraping. The first thing I'd say is it would be an excellent idea to adopt a regulatory framework, because that'll really make it possible to define responsibilities.

That said, we're really touching on the hot-button issue, meaning all the coordination that needs to be done. There has to be very clear coordination between jurisdictions, whether it be Quebec or other provinces and the federal government, to determine who's responsible and to what extent, especially in the context of open banking and consumer services, given the acceleration of transactions.

Gabriel Ste-Marie Bloc Joliette—Manawan, QC

Okay. Thank you very much.

Mr. Chair, I'll give you the few seconds I have left. Thank you.

The Chair Liberal Ben Carr

Thank you, Mr. Ste‑Marie.

Mr. Falk, you have five minutes, sir.

4:25 p.m.

Conservative

Ted Falk Conservative Provencher, MB

Thank you, Mr. Chair.

Thank you, witnesses, for your presence at committee today.

Mr. Hines, I'd like to begin with you.

Payments Canada was here a few meetings ago, and they talked about their RTR, real-time rail, system coming out later this fall, which will speed up transactions.

Currently, we don't have that system. We have a system that is slower. How much slower is it? What would a typical time for clearing be?

4:25 p.m.

Head of Fraud Product, Interac Corp.

Mark Hines

E-transfer today is actually made up of a few components, including real-time components of e-transfer. The majority of our business payments and part of our retail payments are, in fact, real-time, and then the bulk of our system has delays between the user payment and the actual movement of the money. That exists today for fraud purposes, predominantly. The specific time of that window is mostly set by the financial institutions, and it can be anywhere from a couple of minutes up to half an hour. The real-time transactions will usually occur in a number of seconds, but usually under a minute.

4:25 p.m.

Conservative

Ted Falk Conservative Provencher, MB

There is a bit of an offset today in the time that a transfer is made until it's received. It goes through the Interac system when a transfer is made.

I'm going to look at a case here. It was mentioned at one of our previous committee meetings.

Peter Squire, who's a realtor from Winnipeg, was defrauded on the phone in October 2022. In November of that year he made a transfer to the fraudster's account, an RBC branch in Toronto, and subsequently made a larger transfer there for a total of about $650,000. Somewhere along the line, the fraudster was able to establish an account at RBC and from there, transferred it to Citibank in Hong Kong.

You guys all play in the same sandbox. Is there no recourse for someone like Peter Squire?

4:25 p.m.

Head of Fraud Product, Interac Corp.

Mark Hines

Once the money is moved, the loss has happened. That's precisely why my focus, both in my opening remarks and a few times today, is on how we need to focus on the prevention intelligence sharing. Once the money is moved and you're into recourse territory, there is room to optimize on the receive side.

I don't mean to be dismissive of it, but you've already missed the primary point, in my opinion. The opportunity is to stop it leaving the account in the first place because, for every one of these horrible stories, even if it has some form of happy ending, the amount of time that it takes today for that to happen has an outsized impact on folks.

That's precisely why we are saying to focus on the preventative aspect of it. Follow the models of other jurisdictions that are getting it right and are seeing the results of it.

4:25 p.m.

Conservative

Ted Falk Conservative Provencher, MB

Do you, as Interac, flag certain transactions to your FIs, financial institutions, as potentially being fraudulent?

4:25 p.m.

Head of Fraud Product, Interac Corp.

4:25 p.m.

Conservative

Ted Falk Conservative Provencher, MB

At what frequency would that happen?

4:25 p.m.

Head of Fraud Product, Interac Corp.

Mark Hines

On every e-transfer transaction today, we will score the transaction and deliver that score to a financial institution. They will then use that to make their decision on whether or not to process the transaction, to actually make the transaction. We do that today.

On the RTR and the upgraded e-transfer system, when we go live on the RTR, there will be four main elements. The scoring is one of them. An input to that scoring is what I've referred to as the risk list, which is the index of previously identified fraud. The key element on the RTR is this: The RTR side and the e-transfer side will benefit from each other's risk list. We've already taken a step in that data sharing to try to get ahead of this issue. The next one is something called confirmation of payee, which is that, before you make the payment, it will confirm whether the destination matches what you're intending to send. The last one is reporting, which is post facto intelligence.

4:30 p.m.

Conservative

Ted Falk Conservative Provencher, MB

You're communicating with both ends of the transaction.

4:30 p.m.

Head of Fraud Product, Interac Corp.

4:30 p.m.

Conservative

Ted Falk Conservative Provencher, MB

Do you find that your communications are helpful? Do you have a degree of success in those communications that you have documented?

June 16th, 2026 / 4:30 p.m.

Head of Fraud Product, Interac Corp.

Mark Hines

Yes. Don't get me wrong. We have a lot of room to improve, but today we stop a lot of fraud already. In 2025, we stopped $99.8 million of fraud on our network. Our headline metric is measured in basis points, and it is 3.89 for our financial year 2025, which is on par with networks globally, like Zelle. We'd like to improve that. It's not the top end of those networks, but we already stop a lot today. What we're trying to do is steepen that response curve to reduce impacts on Canadians.

The Chair Liberal Ben Carr

Thank you, Mr. Falk.

Mr. Bardeesy, the floor is yours for five minutes.

Karim Bardeesy Liberal Taiaiako'n—Parkdale—High Park, ON

I'll be sharing with Mr. Bains.

I have a couple of questions for Mr. Hines.

You have a very well-known brand, and your e-transfer product is a very well-known product. To what extent are scammers using or misusing the brand and logo, perhaps through digital social media platforms, such as on Meta's platforms, to impersonate as part of their scams? What kind of response do you usually have for that?

4:30 p.m.

Head of Fraud Product, Interac Corp.

Mark Hines

Trust is our biggest strength. People use Interac because they trust us, and that's why fraud is such an important issue to us. It sounds very trite, but from a purely commercial perspective, if people don't feel comfortable using our platform, they won't use it as much.

With the RTR, competition is coming for us more than it has in the past, so that's why it matters. Being able to target the use of our marks on any platform that isn't authorized by us is part and parcel of why we're promoting this data sharing; it's that we can target it more effectively.

For us, it's no different from Wealthsimple's example, which is, again, another trusted brand. We suffer in the same way, and that feedback loop is really what we're looking for so that we can more effectively target it.

Karim Bardeesy Liberal Taiaiako'n—Parkdale—High Park, ON

I have a question for the CRTC.

We heard testimony earlier that Meta is blocking news articles, news links, through their response to the Online News Act. To what extent does their implementation of news blocking demonstrate their technical ability to rapidly respond to suspicious links that they can identify with some specificity? What is your take on their inability to put news links back up, including those that might help respond to fraud?

Scott Hutton Vice-President, Consumer, Analytics and Strategy, Canadian Radio-television and Telecommunications Commission

We've been engaging with Meta on the news front for a number of years, and we currently have an open proceeding in front of us. When we did ask them questions, from what we understand, it is very much a light-handed approach. They are looking at bona fide news sites, and these are what they are blocking access to. It's a very limited approach that they are taking.

Certainly, they are making an effort for their own purposes not to distribute that news, but that's what they are doing. They are identifying the limited number, hundreds as opposed to potentially hundreds of thousands, of fraudsters out there.