With media reports and international policy-making bodies pointing to Canadian real estate as a high-risk area for money laundering, and the promise of increased enforcement by regulators, it may be time for real estate brokers to review their compliance programs to ensure they’re up to snuff.
Real estate brokers and developers are subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and, as such, are required to have compliance programs in place. As the sector has been subject to the act for more than a decade, it is likely that most brokers already have some form of compliance program in place.
The issue is whether these compliance programs meet the evolving requirements under the act – and there are many indications that they don’t. For example, between 2012 and 2016, FINTRAC, the agency charged with enforcing many of the provisions under the act, conducted 823 examinations of real estate companies and found that 60 per cent of those companies had “significant” or “very significant” deficiencies in their compliance programs.
Penalties for non-compliance are significant – companies can be subject to administrative penalties of up to $500,000 per violation. For example, in April 2016, FINTRAC fined Manulife Bank $1.15 million for reporting violations under the act. That said, the act has been largely unenforced since 2016, after the Federal Court of Appeal ruled that the way FINTRAC calculates fines is opaque and requires more transparency. FINTRAC essentially stopped issuing administrative monetary penalties until it completed a review of its penalty program. That review is scheduled to be completed by summer 2018, so more penalties may be on the way.
In the meantime, FINTRAC has increased audits of real estate companies. During the last two years, it conducted 343 real estate audits across the country, a significant increase from the number of annual examinations conducted between 2012 and 2016.
Given the context, it may be a prudent for brokers to review their compliance programs to ensure they are up to date and comply with the act. What follows is a review of the five basic compliance program requirements based on FINTRAC guidelines and some of the pitfalls brokers may face in implementation.
1. Compliance officer:
The first requirement of a compliance program is the appointment of an appropriate compliance officer, who is responsible for implementing the compliance program, including the necessary policies and procedures, ongoing training, risk assessment and effectiveness review. The challenge here is appointing an appropriate person. This is not a role for junior administrative staff. The compliance officer must have the authority and access to resources to effectively implement the program and make changes to it as necessary. In the case of a small business, the compliance officer could be a senior manager, or owner or operator of the business. In a larger business, it should be someone at a senior level who has direct access to senior management and the board of directors.
2. Compliance policies and procedures:
Compliance policies and procedures must be written and accessible to the intended audience. They must be frequently reviewed and always kept up to date in line with any material changes, such as changes to the act, newly identified non-compliance issues, the addition of new products or services or as a result of the required effectiveness review of the compliance program.
Compliance policies and procedures must describe the compliance program, including your risk assessment and mitigation measures, training program and procedures for reviewing the effectiveness of the program. Policies and procedures should also, among other things, detail “know your client” requirements (how you verify client identification), and the special measures that are implemented when high-risk transactions or clients are identified.
They must also cover your transaction reporting requirements, including suspicious transaction reports, terrorist property reports and large cash transaction reports, among others.
Suspicious transaction reporting is a particular area in which the real estate sector may be deficient. For example, FINTRAC estimates that five million real estate purchase and sale transactions took place between 2003 and 2013, yet they only received 127 suspicious transaction reports from real estate brokers, agents or developers.
CREA has made template policies and procedures available to brokers to help them meet this requirement. It is important to keep in mind that these must still be adapted for the specific brokerage. Each brokerage is different and the CREA templates must be customized to reflect the context of each individual brokerage.
3. Risk assessment:
The third basic compliance program requirement is an analysis of risks and vulnerabilities that could expose the business to money laundering activities. In conducting this assessment, risks associated with clients, business relationships, activity patterns and geographic locations, among other things, must be considered. The risk assessment should document the risks considered and the mitigation measures introduced to address factors that are high risk. They should be repeated every two years in conjunction with the required effectiveness review of the compliance program. The risk assessment and implementation of enhanced measures to mitigate high risks is perhaps one of the most challenging aspects of a compliance program. CREA has template risk assessment documents that can be drawn upon for this purpose. In addition, last year, FINTRAC released a real estate-specific workbook to assist brokers in conducting this risk assessment.
4. Ongoing training program:
A compliance program must include ongoing training, which must be in writing. The training program must detail who must be trained, what type of training is required and the topics covered, how training is provided and how often training is needed. It must document whether the training has taken place. The training itself, however, does not need to be in writing. The program should cover, among other things, money laundering concepts, your compliance policies and procedures, how to detect and prevent money laundering, reporting requirements, “know your client” and record keeping obligations.
5. Effectiveness review:
At least every two years, a broker must review the effectiveness of the compliance program. This review should address whether the policies and procedures, risk assessment and training program are effective and comply with the relevant legislative and regulatory requirements. The review should be conducted by someone who is not directly involved in the compliance program, such as the compliance officer. Though not required, a third party with adequate knowledge of the broker’s obligations under the act and its regulations would be an ideal candidate to conduct the review. Finally, the results of the review must be reported in writing to a senior officer in the organization within 30 days after the completion of the review.