Blog - Just Commentary - Not Legal Advice and Not the Views of the firm or any of its clients!




Canadian Anti-Money Laundering Compliance Programs:  It's just over a year until the regulations change so it's time to get started on the changes now!  

As of June 21, 2021, one of the key changes to AML compliance programs relates to adoption and implementation of technology. This is a big deal because there are rapid changes happening all the time, and these are now happening at breakneck speed due to COVID-19 and the need to work differently.

In 2021 the new Regulation will REQUIRE that your AML risk assessment happen in advance, and will read:

S. 156(2) – If the person or entity intends to carry out a new development or introduce a new technology that may have an impact on their clients, business relationships, products or delivery channels or the geographic location of their activities, they shall, in accordance with paragraph 1(c), assess and document the risk referred to in subsection 9.6(2) of the Act before doing so. (emphasis added)

The specific section 9.6(2) risk mentioned is the requirement that the Compliance Program address the “risk of a money laundering offence” or a “terrorist activity financing offence”.  You need to start considering how your new technology will engage with and affect your ability to assess and document these risks.

To develop, update and review your AML compliance progam you will almost certainly need an external consultant (or significant in-house expertise) but prior to doing so, frank discussions with counsel in the course of obtaining privileged legal advice can aid in improving your compliance program efficiently and effectively while protecting your entity as the client.

I have a background in information governance and I have been recognized by the IAPP as a Fellow of Information Privacy (FIP) (having IAPP/C, IAPP/E and CIPM certification).  I am also a former crown attorney (criminal prosecutor), and the Law Society of Ontario has granted me the status of Certified Specialist in Criminal Law.

As such I am uniquely qualified to provide privileged legal advice on risk assessment in the area of the criminal offence of money laundering and how adoption of new technology tools affects the risk profile for an organization.

There are some fantastic, experienced and knowledgeable AML consultants out there (there are quite a few but for example the AML Shop and Outlier Solutions are two such companies) and I have a great deal of respect for the work they do to help reporting entities and others to address all their obligations (and beyond).

As legal counsel I can work with you to coordinate the efforts of external AML consultants and assist you in exploring your legal options and assessing the potential impact on your organization and its senior management.



Gerry McGeachy, CAMS, CFE, CFCS


Login to post comments.

Ten Considerations for a Cybersecurity Incident Response Plan

Here is a link to an article I co-wrote with colleagues at McCarthy Tétrault. The risk remains high.  Given the strength of current security technology the largest vulnerability continues to be internal staff vulnerability to phishing and variants such as spearphishing.

Train your staff on the importance of only accessing trusted links to external sources, and techniques for identifying suspicious links.  Then test them with mock phishing attacks to assess and revisit your training if required!

If you need an update to your cybersecurity policies or training, give us a call to see how we can help.


Login to post comments.