Public Safety Committee on Jan. 28th, 2019

Thank you, Mr. Chair, and good afternoon, honourable members.

I'm pleased to be here with Mr. Lambert. I have with me Monsieur Juneau, who's going to assist us in flipping through these slides. I would have found it very difficult to do both at the same time.

On behalf of FINTRAC, I'd like to thank you for the opportunity to go through exactly what FINTRAC is and who we are are. I know we're an agency that's not particularly well known, so hopefully I'll be able to expand a bit today on what it is that we do and how we do things.

FINTRAC is the Financial Transactions and Reports Analysis Centre of Canada.

Incidentally, the presentation will probably be mostly in English, but of course we can also answer questions in French.

We were established in 2000. Our enabling legislation is the Proceeds of Crime (Money Laundering) and Terrorist Financing Act; I won't go through all its iterations and all the amendments. We're an independent agency that reports to Parliament through the Minister of Finance. We're the FIU, which is the financial intelligence unit, and also the compliance regulator of those businesses that are subject to the PCMLTFA. We're headquartered in Ottawa. We have three regional offices: one in Montreal, one in Toronto and one in Vancouver. The regional offices do our compliance, our exams and our assessments on all the reporting entities that report to us. All our intelligence is done through our office in Ottawa. Our budget is about $55 million a year, give or take.

We are not—and this is an important point and one that's not always understood—an investigative agency. We are an administrative financial intelligence unit, which means that we receive reports. We cannot actively go out and collect reports. We cannot ask reporting entities to give us specific reports on specific individuals or entities. We do not do any covert work on the web. We don't do any dark web investigative covert work or anything like that. We exist to analyze the reports that we receive under our legislation and from the reporting entities that are required by law to report to us.

We're also limited a little bit in our legislation in terms of specifics. If you were to ask me whether or not I disclosed on a particular case or a particular person, I would not be in a position legally to answer that. If I were to say whether or not I disclosed a particular case on a particular person, it would essentially be tantamount to making an illegal disclosure, for which I'd be subject to a potential five years in jail. As you can appreciate, it's not something that I would like to do. We can't talk specifics, unfortunately, with respect to the cases that we do, but we can talk about how we do it, what we do and what we do generally.

On this first slide, as you can see, we have the number of reporting entity sectors. These are the reporting sectors that must, under our legislation, report and provide reports to us. Our key regime partners in Canada include a number of different agencies and departments, all responsible for certain aspects of the anti-money laundering and anti-terrorist financing regime in Canada. The disclosure recipients, those to whom I can legally disclose depending on when we meet our legal threshold for reporting and for disclosing, are shown on the left of the slide.

Included in the types of reports that we receive at FINTRAC are electronic fund transfers in and out of Canada that are $10,000 or more, and there is a 24-hour rule applied to that as well. We also receive large cash transaction reports of $10,000 or more and casino disbursement reports on $10,000 or more going into or out of a casino. We receive terrorist property activity reports and suspicious transaction reports.

The suspicious transaction reports are in fact what we like to call our bread and butter. There are no monetary thresholds, and it's up to our reporting entities when they deem something to be suspicious relevant to money laundering or terrorist financing to report that to us. They usually provide us with a narrative as well. This provides us with significant quality information that we can then disclose to our law enforcement partners if we meet our own threshold of suspicion that it is relevant or would be relevant to a money laundering or terrorist financing investigation.

Also, while the CBSA is not a reporting entity, we do receive from them cross-border currency reports and cross-border seizure reports as well. We also receive voluntary information records from law enforcement and national security agencies, and we can get that from other government agencies, as well as the public, if they want to submit their own suspicions or their own information on what they perceive as or think is money laundering or terrorist financing.

We also receive queries and disclosures from our international partners. We have 105 MOUs signed with international foreign intelligence units. They can share information with us and we are at liberty to share information with them according to the MOUs that we have signed.

What do we actually do? We get our reports from our reporting entities. On the compliance side we ensure through exams, assessments and different techniques that they in fact are complying with the legislation's regulations under the PCMLTFA. Once we receive the reports, we will then do our own intelligence and analysis on those reports. We will obviously connect those with voluntary information records that we may receive from law enforcement and national security agencies. If we reach our threshold to disclose, we will then disclose tactical financial intelligence in support of ongoing investigations or, in some cases, we will proactively launch investigations.

We also do strategic intelligence in looking mostly at trends, topologies and research that we do on upcoming and emerging technologies and emerging threats to the financial institutions or to the anti-money laundering and anti-terrorist financing regime in Canada.

In terms of the number of reports we receive, we receive approximately 25 million reports a year—all reports, all told. From there, that's what we base our analysis on. As I said earlier, we are not investigative, so we cannot go out seeking additional information. We will of course use open source information to supplement our analysis prior to providing disclosures to our law enforcement or national security agencies.

As I said, we do tactical financial intelligence. That's typically related to specific targets, individuals, entities or investigations. We provide that to police. We can provide that to law enforcement and national security agencies, depending on the thresholds. We can also provide that to the CRA if there is a tax evasion, for example, or to the CBSA if there's an inadmissibility question. We can also provide it to our international partners if there is a connection between Canada and an international partner or another country. If we have an MOU and if we have authority and approval from our law enforcement partners in Canada, we could provide that to our international FIUs as well.

We also do a fair bit of strategic intelligence in order to look at analytical perspectives on the nature, scope and threats in this. It's obviously a fast-moving world when we're talking about anti-money laundering and anti-terrorist financing. We try to stay on top of that as much as we possibly can. We have a strategic intelligence unit that does that.

In terms of our contributions, we have provided disclosures on all types of fraud, including romance scams. We'll go straight to that on the public-private partnership that we launched with HSBC and the Canadian Anti-Fraud Centre, as well as law enforcement and major banks across Canada. Project Chameleon was launched in 2017, building on the success of Project Protect, which was on the money laundering related to human trafficking. This is on money laundering related to romance scams. It is, according to the Canadian Anti-Fraud Centre, one of the biggest and most lucrative types of scams in Canada. It tends to focus on seniors, as you can imagine. I don't think I have to explain what a romance scam is, as we probably all know, but if that comes up in the questions, we'll answer later. In light of time, we'll go to the next slide.

Again, rather than go into all of this, we'll look at our role on the strategic intelligence side in addressing the emerging technologies. We do keep track of innovative financial technology—fintech—trends and developments. We have people whose job it is to do that type of research. We work with our international partners as well, through Egmont or the Financial Action Task Force. We also will work with other international partners to develop trends, topologies and reports and to identify potential threats in the regime—they could be on the regime or potentially on the regime in the future—in looking at where the emerging technologies are and the intersection with anti-money laundering and anti-terrorist financing.

Mr. Chair, I think I've come in just under the time allotted. I will leave it at that. I'm available for any questions you may have.

We are able to do that. As you said, we do strategic analysis, but we also look at the tactical aspect. We can see the changes that have occurred, if there are any.

These past years, we have mainly seen different payment methods, and attempts at anonymity through the use of cryptocurrencies, for instance. For transactions to be even more anonymous, people now use mixers. It is thus becoming harder and harder to detect abnormal behaviours, which exist both in Canada and internationally.

This is a challenge with respect to enforcing the law, as well as for those organizations that fight against money laundering. The development of new payment methods is certainly the biggest challenge.

That is a good question, and I am going to respond in English, because this is getting a bit more technical.

As you know, around the world, a lot of this is in English, so if I'm talking cryptocurrencies—in French I think it's cryptomonnaie—we're seeing a couple of things. Yes, it is faster. The speed of transactions is certainly faster.

If you look at things like romance scams, for example, yes, money laundering tends to be proceeds of crime. However, when it comes to romance scams, the proceeds are already in the financial system. This is the use of social media and the use of different ways of either anonymizing or representing yourself falsely and using social media to take advantage of people: They're sending money to you and you're using that to launder it. The crime is perhaps the false representation of yourself as opposed to committing a physical crime of robbing a bank and then trying to launder that money.

You are correct. It is quicker, and it can bypass.... If you're using cryptocurrency-type stuff, you can bypass the financial system itself to do that.

We're also seeing that the speeds at which transactions can happen are increasing. As for the types of crimes, with the use of social media and those types of things to steal identities and represent yourself falsely—such as putting false representations on Facebook and those kinds of things to “friend” people and take advantage of people—we're seeing more of that. Certainly, the ability to use the Internet and open source to identify potential victims is something that criminals are taking advantage of as well.

Then there are the other areas where you're looking at ransomware, for example, in which a fake email might be sent in or they're taking over somebody's computer and requesting payment from them to get back their access to their computer. We have seen cases of ransomware internationally. That seems to be a growing field right now in terms of criminals being able to take over and request payment. More and more, they'll request payment in cryptocurrency as opposed to cash or an email transfer.

Yes, the ability to use computers is increasing the capacity.

Reporting entities are obliged to disclose transactions of $10,000 or more, but when they use the suspicious transaction report, there is no limit. They can report transactions of $200 that take place three or four times a week. Reporting entities are in a position to detect schemes, and we receive those reports. Our analysis is not limited by that threshold.

Yes.

Yes.

That is correct.

I would not say that it is cryptocurrencies at this time. What we see most is that people can transfer money quickly and internationally using a bank, or what we call peer-to-peer transactions. You can do transactions in that way. The Internet allows people to perform quick and complex transactions without going through a financial institution.

Exactly. Banks have to be vigilant and follow things closely. They know how to spot those transactions.

Yes. They are also informed if transactions are under the $10,000 limit but occur within 24 hours or repetitively.

We work a great deal and very closely with the banks to identify money laundering indicators.

I would say that it is indeed a major issue, but that the banks do very good work. The percentage of fraud and money laundering disclosures we have received over the past five years has been constant at around 34% to 35%.