What do you need to prepare for your next FINTRAC audit?

The world of foreign exchange is a competitive one right? And with that, comes regulations, rules and audits to ensure that any Money Service Business (MSB) is complying to the new government Anti-Money Laundering AML regulations.  “Compliance” is a term used to encompass all systematic methodologies used to conform with these regulations.

What is the definition of a Money Service Business?

Money Service Businesses (MSBs) are businesses offering check cashing, money orders, travellers checks, money transfer and remittance services, currency dealing or exchange, and pre-paid access (formerly stored value) products. In Canada, the regulatory body is called FINTRAC, which stands for Financial Transactions and Reports Analysis Centre of Canada.

It is therefore more important than ever that your financial institution has a robust and comprehensive AML audit process to measure and govern your AML program’s compliance with applicable AML and BSA laws and regulations.

FINTRAC AuditHow does the AML audit differ from regular audits?

Auditing is a normal process completed by all financial institutions in some capacity. It can be done by internal staff and self-governing third parties, and typically it is approached from a financial viewpoint.

Distinct from the usual financial audit, which concentrates more on the number of reconciliations and number crunching, AML audits look at program compliance and the operative, timely completion of daily tasks.

AML audits need to identify shortages, breaches, and weaknesses that may exist in the content, controls, and operations of the AML program. In this context, content is defined as having a written policy, procedures, training, monitoring, and reporting.

A consequence of ineffective auditing may lead to potential AML violations, such as failing to report suspicious activity or collecting the proper customer identification documents. An AML enforcement action by a regulator can cost a financial institution a fortune – both in standings of reputational damage and monetary penalties.

So how can you ensure you pass your AML audit with flying colours?

Compliance RegulationsAML exams can be nerve-wracking. You’re working around the clock to ensure that your Money Service Business is doing an outstanding job of catching suspicious activity at your institution. However, when the audit rolls around, you are still nervous because it’s hard to know exactly what the regulators are expecting.

Fortunately, we are here to help. Use these tips to help prepare for your next AML audit.

If you can get these basics in place, you will be well on your way to passing your AML audit with flying colours.

For your next AML Compliance audit make sure you have the following documents in order:

  • Your comprehensive risk assessment document will be required in the audit
  • Method of risk assessments, especially how to determine high risk customers, PEPs and MSBs
  • Solutions for generated audit reports
  • Proof of AML training for you and your staff – a training log book should be sufficient
  • Written policies and procedures, which includes the compliance manual (Compliance Regiment)
  • FINTRAC outline that corporate customer’s documents should be fully complete, including their registration and shareholder structure.
  • KYC due diligence – so all customer information should be entered electronically into your record-keeping system, including their occupation, date of birth, address etc.
  • Prepare the selected queries as requested in the auditor’s letter well in advance
  • Ask all your staff members to review their documents and materials and prepare them for interviews
  • Note the methods of determining high risk customers
  • Proof of Enhanced Customer Due Diligence (ECDD, or EDD) for high risk transactions and customers. The EDD include such Proof of Address, Source of Funds, Purpose of Transaction, Third party determination, PEP determination.
  • Proof that your software checks the name of your regular customers against the sanction lists. You can obtain this proof by asking your software provider.
  • Have your F2R reports available on request and ensure all confirmation numbers have been entered into your electronic system

For further help and advice on your AML audit, contact us for a chat.


Saima Omar


Leave a Reply