AML Compliance: Some Perspective About Manulife
I have been reading with interest the press reports criticizing FINTRAC for its decision in 2016 to publish, anonymously, the $1.15 million in administrative penalties levied against a Canadian bank for its failure to comply with Canadian proceeds of crime legislation. One of the reports stated that the violations included the bank’s failure to report to FINTRAC almost 1200 electronic transactions in excess of $10,000 involving a convicted fraudster. If true (which was not the case), the frequency of the non-reporting would have flagged the bank as a potential party to the Criminal Code offence of money laundering. That inaccuracy was probably one reason the bank (Manulife Financial) decided it needed to publicly identify itself, which it did recently.
Lost in the press attention to FINTRAC’s anonymous disclosure of the penalties and the resulting public angst it caused are some compelling public interest factors supporting anonymous or non-publication.
The proceeds of crime legislation is regulatory legislation. It places obligations on banks and other regulated entities to have in place systems intended to detect and report transactions that could be intended to launder money or finance terrorism. Detection and reporting assists Canadian law enforcement and intelligence agencies. That assistance is essential. They could not perform their duties without it. Penalties assessed for non-compliance are intended to promote compliance with the legislation, not to punish.
Needless to say perhaps, but when a regulated entity is penalized, it is because it has failed to meet the standards expected of it in detecting and reporting transactions that could constitute the criminal offences of laundering money or financing terrorism committed by its clients. It does not mean that it has committed those criminal offences itself.
When it was enacting the legislation, Parliament was obviously alert to the risk that naming violators penalized for non-compliance could expose them to serious business disruption and damage. That is not because Canadians will take their business elsewhere. As an example, a bank concerned about its own compliance risk probably will not want to accept business from a MSB penalized for non-compliance. Without a bank to work with, a penalized MSB will not be able to transmit money and will soon find itself out of business. Albeit indirect, the result of naming the violator is punishment – really capital punishment – not compliance.
Compliance can be obtained by the anonymous publication of penalties. That is because regulated entities will continue to invest in compliance assets because they understand that without that investment they risk non-compliance and the sting of penalties.
The letdowns in FINTRAC’s decision not to name Manulife are two-fold.
From a process standpoint, it failed to inform the public why it was publishing anonymously when the circumstances appeared to trigger two of the three factors FINTRAC has advised may (not shall) cause it to name penalized violators. The reason was that it wanted to avoid protracted appeals of the penalties. The fact is that this is the route that FINTRAC frequently takes with violators for that very reason. It names far fewer penalized violators than those it holds in confidence. There is nothing unlawful about this practice, and FINTRAC has agreed to non-publication for both large and small businesses. FINTRAC may have to do some public outreach and communication, but it should be permitted to continue with this flexibility.
More importantly, for a regulated entity like Manulife with assets under management in excess of C$900 billion, a penalty of $1.15 million does not have much sting. This is a substantive issue that should be addressed by Parliament in the legislation. Otherwise, in the case of larger entities, penalties are not a deterrent and risk becoming no more than something akin to a mere licensing fee.