FINA Committee Meeting

    Pursuant to the order of reference of Tuesday, October 24, 2006, we are here today on Bill C-25, An Act to amend the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and the Income Tax Act and to make a consequential amendment to another Act.

    Welcome to our witnesses this morning. We'll begin with a brief presentation.

    Horst Intscher, director, is here. Welcome, sir, and over to you.

    Thank you, Mr. Chairman.

    Allow me to briefly introduce my colleagues: Glynnis French, Deputy Director, Strategies and Partnerships; Peter Bulatovic, Assistant Director, Tactical Financial Intelligence; and Yvon Carrière, our Counsel.

    I'm very pleased to have the opportunity to make some opening remarks about FINTRAC and what we do. I will also say a few words about why the provisions set out in Bill C-25 are important to FINTRAC and to Canada's overall anti-money-laundering and anti-terrorist-financing efforts.

    Following my brief remarks, I will ask Mr. Bulatovic to speak even more briefly to an example of a sanitized FINTRAC case disclosure. I think an illustrative case is perhaps the best way of showing how our intelligence product can capture the complexity of money laundering.

    FINTRAC was created by the Proceeds of Crime, Money Laundering, and Terrorist Financing Act as an independent agency, and we are required to operate at arm's length from entities to which we can disclose information. I will touch upon the reasons for those arrangements a little later on.

    FINTRAC is Canada's financial intelligence unit, or FIU. Our mandate is to analyze financial transaction information that a wide range of financial reporting entities are obliged to report to us. Upon analysis, and if there are reasonable grounds to suspect that information we have received would be relevant to an investigation of money laundering or terrorist financing, FINTRAC must disclose certain portions of that information to the police or to CSIS for investigation. In short, we provide financial intelligence leads to law enforcement and national security investigative agencies.

    It's also worth noting what FINTRAC is not. We are not an investigative body and we do not have powers to gather evidence or lay charges. FINTRAC does not investigate or prosecute suspected offences. Instead, we are an analytical body that produces financial intelligence to be disclosed, if appropriate, to help further investigations conducted by law enforcement and security agencies.

    On a day-to-day basis, FINTRAC receives reports on several kinds of financial transactions from financial reporting entities. We analyze these data in combination with information from other sources, such as law enforcement databases, commercially or publicly available databases, and sometimes, information from foreign financial intelligence units.

    What we specifically look for are financial transactions or patterns that don't quite pass the sniff test and that give rise to suspicions of money laundering or terrorist financing. As you can imagine, the movement of illicit funds is often a well-hidden and complex affair involving hundreds of transactions as well as dozens of individuals and companies. Using state-of-the-art technology and excellent analytical skills, our analysts piece together the information and create a comprehensive picture of money flows. We draw a map that police or CSIS can use to examine the money flows and the suspected criminal activity.

    Although we are required to operate independently and at arm's length from the police and CSIS, our objective is to support and facilitate their work by providing intelligence leads to them. We are one element in a larger constellation of organizations whose collective purpose is to combat money laundering and terrorist activity financing. Other elements include police at the federal, provincial, and municipal levels; security agencies; prosecutors; and the courts.

    FINTRAC is situated near the front end of the process, and the information we provide is intended to assist other agencies to achieve the broader objectives of the act.

    I'm pleased to say that the regime that has been put in place here in Canada is working. It's robust and successful and is widely recognized as such internationally.

    I'm also pleased that FINTRAC makes an important contribution to that success. As we indicated in our annual report tabled a month ago, in 2005-06 we produced 168 case disclosures of suspect financial activity involving more than $5 billion in transactions. In fact, since FINTRAC began its operations five years ago, we have made a total of 610 case disclosures involving transactions valued at $8.2 billion.

    The scope and complexity of our disclosures have also grown dramatically over the past few years, from an average of $3 million per case in 2003-04 to $30 million per case last year, and about 10% of our cases last year each involved transactions well in excess of $50 million.

    Some 32 domestic law enforcement agencies and 10 foreign counterpart organizations have received disclosures from FINTRAC. I'm gratified that more and more financial intelligence contributed by FINTRAC is being reflected in investigations, charges, and prosecutions.

    I'd also like to say a few words about the protection of privacy.

    Our act was carefully crafted to provide the highest possible protection for personal information, while also making it possible for some information to be disclosed to law enforcement to facilitate the detection and deterrence of serious criminal activity.

    The protections begin with the very nature of the institutional arrangements that establish FINTRAC as an independent and arm's-length entity that receives and analyzes reported financial transaction information and can only pass on such information if particular tests are met.

    The information we hold cannot be accessed by any other outside body, except by a court-granted production order, and the act provides for serious criminal penalties to be applied to the unauthorized disclosure of information.

    Our mandate entrusts us with a considerable amount of personal information from individuals and businesses across this country. Protecting it is a responsibility we take very seriously.

    Members of this committee have expressed some concerns about the potential impact of the legislative changes on upholding privacy rights. I want to assure you that I share your preoccupation with privacy protection and firmly believe that safeguarding personal information is and must be the cornerstone of any effective regime.

    Canada has a strong anti-money-laundering and anti-terrorist-financing regime in place, and we can be very proud of it, but we cannot rest on our laurels. Methods used to launder money are constantly changing. International standards that all countries are expected to meet are also rising. Adjustments are necessary to the legislative framework to keep pace with these changes.

    In this regard, I want to note that there are three key thrusts to the proposed legislative package that are of importance to FINTRAC. They are: expanding the coverage of the act to new entities and professions; strengthening the deterrence provisions of the act; and expanding the range of information that FINTRAC may disclose.

    Bill C-25 will expand the coverage of Canada's anti-money-laundering/anti-terrorist-financing regime by bringing additional business sectors within the ambit of legislation and regulations; for example, dealers in precious metals and stones, and lawyers. These sectors have an identified vulnerability to money laundering, and their inclusion will strengthen Canada's efforts to combat both money laundering and terrorist activity financing.

    Second, the bill will strengthen the deterrence component of the regime by creating a registry for money service businesses and establishing a system of administrative monetary penalties. These proposed measures will improve compliance with the reporting, record-keeping, and client identification provisions of the law. This will not only contribute to FINTRAC's analysis, but will greatly strengthen the general deterrence of money laundering and terrorist activity financing.

    Third, Bill C-25 will make it possible to enrich the intelligence product that FINTRAC can disclose to law enforcement and national security agencies by including some additional information in our disclosures while at the same time continuing to scrupulously protect the privacy rights of Canadians. This would respond to the needs of law enforcement and make FINTRAC's core product even more useful to them.

    In conclusion, FINTRAC is very supportive of the amendments proposed in Bill C-25, which will ensure Canada's anti-money-laundering and anti-terrorist-financing regime remains strong and effective well into the future.

    Thank you. I'd now like to ask my colleague, Peter Bulatovic, to give you a very quick presentation of a sanitized case that shows the work we do, how we do it, and what the results are from it.

    Thank you, Director.

    Now, Mr. Chair and members, I'd like you to look at the first chart, entitled “Business Process Flowchart - FINTRAC”, which you have in hand. I'll briefly describe the chart, which will make it possible to summarize the information we receive and to explain who we receive it from, before focusing on the way we conduct our analyses.

    I'd like to draw your attention to the left portion of the chart, in the box entitled “Receiving Information”.

    We start with financial transactions, including deposits and fund transfers, when they are made by entities included in the list on the right, such as banks, savings and credit unions, foreign exchange brokers and casinos.

    These entities must file reports with FINTRAC when they make electronic transfers to Canada or outside Canada, or deposits in the country of CDN $10,000 or more. They must also report dubious transactions, regardless of the amounts involved.

    In the lower left corner, you see that we also receive reports of cross-border currency and monetary instruments of $10,000 or more, as well as reports of currency seizures.

    Virtually all this information is forwarded electronically and entered in our data base. Our act also enables us to access information retained for law enforcement and national security purposes, as well as commercial and public access data bases.

    We are also able to request information from foreign financial information units.

    Lastly, any person may willingly provide us with information. Our partners at law enforcement agencies can also forward information to us on a voluntary basis.

    How do we analyze that information? We very much rely on our staff and technology.

    As regards technology, electronic reception of financial information enables us to use IT systems to sort reports and link financial transactions.

    In the initial examination of these related transactions, we target trends in dubious financial activities and ask one of our analysts to pay special attention to them.

    In developing a case, analysts look at partnership transactions. They then check the identities of individuals and businesses concerned by the transactions and the trends in dubious financial activities.

    When an analysis shows reasonable grounds to suspect that the financial activity could be relevant to a money laundering investigation or the financing of terrorist activities, a report is prepared explaining the reasons for the communication.

    I would now like to refer to the second graphic. It is what we call a link chart. It depicts a money laundering case.

    This chart demonstrates our analysis of financial transactions and other sources of information that enabled us to link three separate clusters of suspect financial transactions into a larger financial network for investigators. These separate clusters are identified as boxes A, B, and C.

    Let me begin by describing the activity in box A. A foreign financial intelligence unit advised FINTRAC of a money laundering investigation of four individuals and a business involved in wiring funds between a number of accounts within a bank in that foreign country. The individuals involved provided Canadian addresses and identification and were described as Canadian. The business would wire funds through several foreign countries, to and between accounts over which the Canadians held power of attorney. The FIU found this activity suspicious but had very little further information.

    Upon receipt of this information, FINTRAC tasked an analyst to search our database for financial transactions to determine if there was any financial activity involving the individuals and the business identified. According to the financial transactions database, the company wired several millions of dollars to multiple companies in Canada, as can be seen on the chart between boxes A and B.

    Searches of open sources conducted to obtain additional contextual information on the Canadian companies identified in box B yielded very little or no information. We found little or no information for the companies in the way of advertising, telephone directory information, or company websites. We were able to confirm that one of the companies was incorporated in Canada. However, the nature of the business was not identified and did not appear to justify the level of financial activity between the companies identified in boxes A and B.

    Further analysis revealed a suspicious transaction report filed by a Canadian reporting entity on one of these companies. The reporting entity stated that the accounts were opened several years ago and were relatively dormant. The dollar value of the wire transfers received into the two Canadian business accounts suddenly began to increase. It further stated that over a short period of time, millions of dollars were wired to the accounts held by this business with no rationale as to why the increase occurred. Wires received from various foreign companies originated in a country with weak anti-money-laundering controls. In addition, the reporting entity indicated that the cheques were being issued from a foreign currency exchange and being deposited to the company's account, which was inconsistent with the company's business identified.

    Several other companies were also found to be operating at the same address. Further, what is important, when the address changed for one of the companies, which occurred several times in the year, all the other companies followed suit with a change of address. Two of the companies shared the same directors and received wire transfers from the same country.

    Our analysis then led us to another company, which enabled us to link the financial activity found in box C. It is this company, company 7 in the centre in the chart, that is key in our analysis of this case, and I will discuss it now.

    A suspicious transaction report was filed on the company in box C involving the two Canadians originally identified by the foreign financial intelligence unit. The report stated that over a period of five months, two individuals received fourteen wire transfers from four different companies. Efforts had been made to contact the individuals, but the mail was returned unopened and the phone number provided was incorrect.

    The reporting entity refused the receipt of several wire transfers. As a result, a male appeared at the reporting entity and claimed that funds were owed to him from his business overseas. When asked about the wires from the various foreign companies, he did not know the companies or why they were sending the payments.

    It is unusual, indeed, that a customer would receive funds from multiple businesses and not know who these businesses were or why the funds were being sent.

    We also received voluntary information from a Canadian law enforcement agency on the same two individuals. It was suspected that the individuals were using their personal accounts to launder proceeds of crime. As a result of our analysis, and all the information available to us, we suspected that the financial transactions identified in the chart would be relevant to investigation or prosecution of a money laundering offence.

    The internationally recognized indicators of money laundering that follow were identified as applicable in this case.

    In this particular case we had large and/or rapid movement of funds. We had large incoming wires on behalf of foreign customers with little or no explanation. We had unexplained disbursal of funds to multiple businesses. We had use of multiple accounts at a single financial institution for no apparent legitimate purpose. We had two ongoing investigations, one by the foreign financial intelligence unit, the other one by local law enforcement. We had reactivation of a dormant account where there was atypical business account behaviour.

    If you look at the top right-hand side of the chart, you see that what was interesting in this case is that we were provided little information by the FIU when the information came in. In the bottom right-hand side of the chart is voluntary information from the law enforcement agency. Through analysis and looking at our records, we were able to identify the key company, which is company 7, in the centre of your chart, linking the three boxes.

    Overall in this case, we received from eight different reporting entities in excess of 400 electronic transfer reports, several large cash transaction reports, as well as suspicious transaction reports. The case identified suspect financial transactions in excess of $21 million U.S. and $2 million Canadian.

    Thank you.

    Thank you, sir.

    Are there any further presentations? No?

    Thank you very much, gentlemen, for your presentations.

    Who's looking after FINTRAC? You seem to have quite a few guests here.

    We still have a few people back at the ranch.

    People taking calls and what have you? Okay, that's good.

    Not all these people here are from FINTRAC; some of them are bank regulators.

    All right. Very good. Welcome to our other guests as well.

    We'll begin with five-minute rounds, Mr. Pacetti.

    Thank you, Mr. Chairman. I guess we're popular this morning.

    I'm trying to focus on the job at hand that FINTRAC has. I'm going to try to stay away from the privacy issues. I think some of my other colleagues will probably be interested in that aspect. I want to make sure that FINTRAC has the tools to do the job they need to do.

    Are you happy with the amendments in this legislation, Bill C-25? Shouldn't we be looking to put in more amendments so that there's more interaction between departments?

    I refer to the audit of the Auditor General, in chapter 2, where we found that the administration would “limit the value” of FINTRAC's disclosure to law enforcement and security agencies, and it goes on and on: law enforcement agents told us the tombstone data they receive is “too limited to justify launching investigations”.

    I have a problem with that. I had a problem with it when FINTRAC appeared before the finance committee. I think FINTRAC should be given more ability to exchange information.

    What's your feeling on that?

    I think the OAG's observation was well-founded, but it was a snapshot in time about three years ago. Even before we arrived at the stage of seeking some amendments to the legislation, we had already taken a number of steps that allow us to expand the range of information we can disclose, in terms of the way we layer the transactions we can disclose by showing greater linkages between the different players, and so on, and by being able to disclose publicly available information in relation to the case as well.

    The amendments that are proposed in the legislation we find quite appealing. They will go a long way to enriching the—

    I don't want to interrupt, but we're limited in time. I'm not asking you how you find the amendments that are in there, because I have no problem with the amendments, but about what amendments are missing that you would like to see. That's what my question is.

    I think for the moment this is a very thorough package of amendments. But because the nature of money laundering activity and the patterns people resort to are constantly changing, these amendments will carry us through for two or three years, and then no doubt we'll be back for some additional ones as we identify new vulnerabilities and new methods that are being used.

    The package of amendments that is proposed here is a very good one, and it will allow us to significantly—

    So you don't feel you're going to have any restrictions when you're doing an investigation or that in conducting an investigation you'll be restricted in disclosing information to law enforcement or other security agencies?

    There are always privacy concerns and privacy considerations in making any disclosures, but I think with this package of amendments we will be able to provide a richer and more contextual set of disclosures that will make it much easier for law enforcement when they receive our disclosures to discern what's going on.

    I understand. Again I apologize for interrupting, but I have a problem when you state that you have 168 cases that you've disclosed, but you're not really sure what the end results were with the 168 cases that were disclosed. You don't know what the final product was in terms of leading to arrest, or money being recovered, or....

    Let me begin by saying that the process of investigating and prosecuting a money laundering case, particularly if it has some complexity, is one that can drag on for a number of years.

    I understand that part, and that's why I'm asking what would help you to make your job easier, so that we do actually prosecute the people who need to be prosecuted. That's really the question. If you're telling me that it's all in the legislation, then I'm okay with that.

    I think actually the people who should be prosecuted are, by and large, being prosecuted, but it does take a lot longer. If we make—

    I understand that part. Is it as a function of the information you've given to the prosecuting agencies?

    I'm trying to answer your question, sir.

    We carry out a feedback survey from law enforcement in respect of our disclosures, because we're constantly trying to enhance their attractiveness and their usefulness.

    Over the past year, 74% of the disclosures that we've made to law enforcement were deemed to relate to persons or businesses that were of interest to the police; 60% provided names and leads on people they had not previously known about; 74% provided useful intelligence; and 24% provided major contributions to their investigations.

    Those are fairly substantial approval ratings. In my discussions with my counterparts in other countries, they would salivate at the prospect of getting approval ratings of that kind from their law enforcement agencies. Typically, organizations like ours will disclose more cases than the police are able to absorb and are able to investigate.

    Okay. Thank you.

    We'll continue with Mr. Paquette. You have five minutes, sir.

    Thank you, Mr. Chair.

    Thank you for your evidence. It enlightens me a little, but I admit there's still a lot of work to do before we can completely decipher this chart.

    I have a first question, and, as Mr. Pacetti says, we have little time.

    In light of the presentation you've made, what more does Bill C-25 do? Ultimately, you've made a presentation to us on the method that already enables you to get results. So how would Bill C-25 add instruments that you don't have, compared to what you've presented to us?

    What it would allow us to do is actually disclose more information.

    For example, two key parts in the bill are reasons for suspicion and the indicators. At this point in time, we cannot disclose the indicators or reasons for suspicion. I think those are two new key elements, among other elements, in disclosures that we'll be able to do in the future when the bill passes.

    You mentioned in your presentation that the protection of personal information was a concern. That's already been raised in previous meetings. In the document you presented, I see the following statement: “The information we hold cannot be accessed by any other outside body, except by a court-granted production order.” That “we” is FINTRAC.

    Can you explain to us how an organization that doesn't have access to your information could ask a court for access to information the existence of which it is not supposed to be aware of?

    Or else that organization is trying its luck, like in the lottery.

    Because of the very broad range of information that the act makes it possible for us to receive from reporting entities, it was determined at the original passage of the legislation that protections had to be built, so it would not be construed that there was a flow-through of massive amounts of personal information directed to law enforcement agencies. For that purpose, FINTRAC was created as a sort of intervening analytic body, and its responsibility is to analyze the information and make disclosures.

    We are also allowed to receive voluntary information from any quarter, including from law enforcement. We are required to operate at arm's length from law enforcement, so that they cannot query us directly and say, please give us everything you have on Joe Blow. But they do provide voluntary information to us, saying, “Joe Blow and his sister-in-law Martha are the subjects of an investigation for drug trafficking and money laundering, and we just thought you should know that.”

    This information is then part of the information holding, against which we analyze and check all our data. If there is a connection or a hit, that would then trigger a further investigation to determine whether the information we have is relevant to their investigation, in which case we are then required to disclose certain identifying information about transactions, parties to the transactions, and so on.

    So it's not actually fully random, but we cannot be directed by law enforcement agencies, yet we are kept informed by law enforcement agencies and other bodies. We receive in the neighbourhood of 600 voluntary information reports per year from a variety of sources, and probably 70, 80, or maybe 100 of those ultimately figure into the disclosures we make.

    Not all of the voluntary information that comes to us is relevant to the information we hold, or we're not able to make a connection with it, or we don't hold the information on it.

    We can also disclose spontaneously. We don't need to rely on voluntary information from any other source, but we do receive voluntary information, and it often figures in our cases. So we are able to make disclosures that link to the investigative priorities of the police.

    Thank you.

    The next questioner will be Madam Ablonczy.

    Thank you, Mr. Chairman.

    Thank you to all of you for appearing.

    This is very interesting, and especially this sanitized money laundering case. I noticed you didn't say “simplified”.

    Some hon. members: Oh, oh!

    Ms. Diane Ablonczy: But it does give us a flavour of what you do, and we appreciate that.

    Of course, the committee is concerned about two things. One is to make sure the regime we have is the strongest it can be, while still balancing our values of privacy and appropriateness. The second is that it's effective. I guess strength and effectiveness go together, but we need to see the link.

    You have probably read the Senate report on this issue. In your view, do the provisions of this bill reflect the concerns that the Senate brought forward, because they did quite an extensive study of this? Some of us were curious as to how closely the bill reflects their recommendations?

    My sense is that the package overall addresses almost all of the issues that are flagged in the Senate report. Some of them will be addressed through regulation and others through legislation. But by and large, I think most of what was flagged or recommended in that report is going to be either in this bill or implemented through regulation at a later stage.

    Is there anything significant in the Senate report that was ignored in the bill for regulations?

    I'm not aware that anything significant was omitted.

    When you talk about privacy, you mentioned that, in your view, catching people who are engaged in money laundering and terrorist financing and preserving and protecting the privacy of Canadians are not two inconsistent concepts. I wonder if you could just expand on that somewhat.

    I've long felt that the protection of privacy is not an impediment to criminal investigation, and it's certainly not an impediment to our being able to conduct the kind of analysis and make the sorts of disclosures we do.

    I think within the bounds of the privacy protections it is possible to conduct meaningful investigations.

    What it has meant over the past 15 or 20 years is that investigative bodies have refined and to some extent changed their investigative practices to be able to continue to be effective. But I don't believe that privacy protection is inconsistent with effective investigation or in our case effective analysis of the data.

    It does mean that you handle the information in a particular way, that you cannot get access willy-nilly to huge quantities of information and then fish around in it.

    If you do get huge quantities, such as we do, then you are circumscribed by law in what you can disclose and what uses you can make of that information.

    In fact, you mentioned to me that in a way FINTRAC is a black box into which this information goes, but really is held there, except in very unusual circumstances.

    That was the trade-off at the time the legislation was passed, because it was felt to be important to be able to look at large quantities of objectively reported information, in other words, large cash transactions or international wire transfers, which individually are not in and of themselves suspicious, but they are the types of transaction among which it was known that a fair amount of suspicious activity was occurring and could occur. Therefore, to be able to access that information, FINTRAC was created as an airtight or a black box into which all of that information could flow. Then we were very tightly circumscribed as to the circumstances under which we could disclose any of that information to law enforcement.

    We have produced quite a number of important leads for law enforcement, and we are increasingly able to identify large networks of individuals who are engaged in money laundering or terrorist financing and were not previously known to the police. Because of the access that we have to the information from a wide variety of reporting entities and information sources, we have been able to identify quite a number of instances where people had been carrying on these activities for many years—eight to ten years—without ever being detected. We have been able to identify them, we've made such disclosures, and some of those disclosures are in fact the subject of prosecutions.

    I can't mention them because we have not been identified as suppliers of information to those particular investigations. But over the past year, just watching them go by in the newspapers every day as we read about prosecutions, we've seen 35, maybe 40 instances where prosecutions were ongoing and convictions were being obtained on cases to which we know we supplied some critical information.

    Thank you.

    We'll continue now with Madam Wasylycia-Leis.

    Thank you, Mr. Chairperson.

    And thanks to all of you.

    I hope I have time to do these four questions.

    I did find a couple of discrepancies between the legislation and the Senate report. One is—and you've touched on it—the inclusion of dealers of precious metals, jewellery, and stones.

    The other day, the parliamentary secretary said—and you've said today—that it's in regulations. I just don't understand why that piece has been left out for regulations when everything else is in the bill. Why not just put it in the bill? Why have a special scenario? What's the reasoning?

    That's really not a question I'm able to answer.

    Fair enough.

    Can you add anything to that?

    I understand there are ongoing consultations between the Department of Finance and representatives of the precious metal industry as to exactly how they will be covered.

    You may be aware that a lot of department stores sell jewellery. There is wholesale movement of jewellery also. To know exactly who will be covered and for what activities, I think there's still some work to be done there.

    So by including them in the regulations, there is some flexibility and also more opportunity for consultation.

    You're saying that once it's sorted out, there's a possibility it could be entrenched in law at some point.

    Certainly I can see no obstacle to that.

    Okay. The other area has to do with privacy. You're right, Mr. Director, it is a big concern for all of us, and I don't know if this bill actually deals with the concerns outlined by us or by the Senate when it comes to protection in the context of foreign financial intelligence units.

    We are going to hear, I hope, from the Privacy Commissioner, but the Senate recommendation is pretty strong in terms of amendments to the bill to further protect privacy.

    I guess my question to you would be about how you see this unfolding. What standards are we operating under when we're dealing with all these 36 foreign financial intelligence units or countries, all of whom have different ideas of privacy?

    In fact, June was just telling me there's a report out today saying Canada is number two in the world in terms of privacy protection, next to Germany, so how in fact are we going to be sure, except through some memorandum of understanding? How are we going to check on that? How are we going to know? How are we going to be able to really give some comfort to Canadians?

    Let me describe the process we go through in determining whether we will establish a memorandum of understanding for information exchange with another organization.

    We undertake a fair bit of due diligence. We look at questions of integrity and corruption. We look at whether the entity has the capacity to protect information physically if we provide it to them. We look at whether they have the legislative capacity to provide protection if we share information with them. If we satisfy ourselves that those things are in place, then we will undertake to negotiate an MOU. In the MOU we expressly have provisions that require that the information be protected and that it not be further disclosed without our prior concurrence.

    This is what is called in the jargon the third-party rule. Intelligence organizations, law enforcement organizations, and financial intelligence units subscribe to that as the basis on which information is exchanged, whether or not they have MOUs in place.

    In our case, we expressly state it in the MOU, and periodically we will also have bilateral sessions with FIUs with whom we have exchanged information, partly to get feedback on the usefulness of the information, but partly to inquire and to satisfy ourselves that the information is being protected and is not being passed on to any other parties without our concurrence.

    In some cases, we might make a disclosure to a financial intelligence unit that a month or two later might come back, tell us that this particular police organization or this particular prosecutorial office would be interested in this information, and ask for permission to pass it on. If the question were to be stated as broadly as that, we would probably say no, but if they could assure us that the investigation or the prosecution would be related to either money laundering or terrorism financing, then we would probably say yes, but in each case--

    I will have to stop you at that point, sir. Excuse me for the interruption, but we have to move to three-minute rounds now.

    We will continue with Mr. Savage.

    Thank you, Mr. Chair, and I thank the witnesses for appearing today.

    This issue is very complex. I think it is something that matters to Canadians, although they may not know about it. I am not sure that putting this chart in my householder would clear it up in people's minds. It looks a little bit like a snakes and ladders game, but I guess that's the business you're in.

    You mention that Bill C-25 would make it possible to enrich the intelligence product that FINTRAC can disclose to law enforcement and national security agencies. Does that information flow go both ways? Are there times when you ask for information from them?

    Are we talking about foreign financial intelligence units, or law enforcement?

    I'm thinking about law enforcement agencies. You gather the information you're giving to prosecuting authorities. Are there times when you actually ask for information from them in doing your original work?

    No, we are not permitted to query police. We have access to some of their databases, which record factual information--Mr. Brown has been convicted three times for X, Y, or Z--but we're not actually authorized to query the investigators as to whether they know anything more about this person or the next person.

    Thank you.

    What about real estate? Do you track real estate? There are cases in which people buy real estate to do illegal activities.

    Real estate dealers, agents, and brokers are covered by the legislation and are required to report suspicious transactions.

    Real estate, then, is part of your mandate.

    Finally, can you give us a sense of how this change makes it easier? In the international scope, in terms of doing the job, where is Canada now--FINTRAC specifically--versus other countries' agencies? Does this move us up the scale?

    We're already at the top of the scale. We're among the top three or four organizations like ours in the world. This will move us up another notch or two, but others are also moving up. Many of the things that we're proposing to undertake in this legislation are also being undertaken by other organizations; as the international standards rise and new laundering methods are discovered, all of us are having to strengthen and expand the coverage of the legislation.

    Thank you very much, sir.

    We continue with Mr. St-Cyr.

    Thank you, Mr. Chair.

    I'm going to continue by talking about a very important concern, privacy. I'm pleased to learn that this is also one of your concerns and that you really believe in it.

    I wanted to know what measures have been put in place, or will be put in place, to ensure that no non-relevant information is disclosed, or to ensure no offences are committed under the act.

    In fact, the entire operation of your organization is designed to ensure compliance with the money laundering act and with legislation related to that offence. We're not content to say that money laundering is prohibited, hoping that people will obey the act. Ways have to be found to detect offences.

    The phenomenon is the same as regards the provisions of the original bill and those added in this bill. That's not at all saying that it's prohibited to violate privacy and that harsh penalties are provided for. You still have to put mechanisms in place to determine whether offences are being committed.

    Are there any mechanisms? Will there be any? Have any cases of prohibited disclosure already been discovered? Has anyone been convicted for that offence?

    The short answer is no, there have not been any convictions and there have not been any allegations of improper disclosure, and to the best of our knowledge--and our knowledge is very good on this point in our organization--there has been no improper disclosure of information from FINTRAC. We have put in place extensive and exhaustive measures to satisfy ourselves that casual disclosures or informal disclosures or nudge-nudge, wink-wink disclosures cannot take place.

    A disclosure from FINTRAC can only occur formally and in written form. It can only be made after it is vetted by a disclosure committee, which consists of the senior executives in the organization and is chaired by me, and in this process it is challenged and tested and passed through our legal services to satisfy them as well as us that the information to be disclosed is being disclosed properly and that there are sufficient reasons to disclose it.

    I won't go into all the details and technical measures we have put in place, because that would make it easier for someone to circumvent them, but we have a very comprehensive and stringent access control system. It includes biometrics, and we have logging systems that show who accesses what information so that we can monitor and review.

    We log the comings and goings in the centre. All the analytic information--in other words, the sensitive personal information--is contained in a vaulted, high-security area of our premises. Not all employees have access to it; only the people who work there have access to the analytic unit, and a few other senior executives like myself. Even I don't have access to their analytic computer system. There's no need for me to have access to it, so I don't have it.

    We'll continue with Mr. Del Mastro now for three minutes.

    Thank you, Mr. Chair.

    I have a couple of quick questions. The example you've shown us illustrates the complexity and certainly the ease of moving money around these days; it is quite fluid.

    One thing that kind of strikes me from the graph is that this was pre-empted by a tip, albeit maybe an ambiguous tip. But it was still something that put you onto the case.

    Also you referred to a sniff test, that something didn't pass the sniff test. The other thing that's on here is that transactions over $10,000 are all reported to FINTRAC. There must be millions of those a day.

    Not millions a day, but there are millions a year. There are about seven million a year of those transactions reported, and similarly about seven or eight million wire transfer reports of $10,000 or more.

    We've invested quite heavily in technology, and we've trained our analysts very extensively. Through a combination of those efforts, we are able to sift through a lot of that information to match it, contrast it, look for anomalies, and so on.

    Of course, our work is easier if there has been a suspicious transaction report filed. Then there's already a basis for suspicion. Or if we have voluntary information from the police, it's easier. But in many instances, we discover these ourselves, even without others' reported suspicion.

    There's also anomalous behaviour, and I'll give you kind of a hypothetical example to illustrate this. If a business purports to be an import-export business and it's regularly making wire transfers in and out of the country in sums that look reasonable in terms of invoice settlement—in other words, they're not rounded sums—they wouldn't attract our attention.

    But if a business is identified, say, as a fast food franchise and it's making large cash deposits, this also is not unusual; it happens regularly. But if three or four times a month that same fast food franchise makes substantial wire transfers out of the country to Malaysia, Indonesia, Dubai, or somewhere like that, it would catch our attention. It would catch our attention in two ways. One is that this kind of transaction behaviour is not characteristic of that kind of business. The other is that the money is probably being transferred to jurisdictions that are either of concern to us in money laundering terms or have very poor money laundering controls.

    Do I have time?

    No, you don't have time.

    Thank you very much.

    We'll continue with Mr. Pacetti.

    Thank you, Mr. Chair.

    Welcome to our world, Mr. Del Mastro.

    Continuing on what I was asking before in my previous line of questioning, I think you were answering Mrs. Ablonczy's question or Ms. Judy Wasylycia-Leis'.

    You say you can't deal directly with the law enforcement agencies or organizations?

    We deal with them directly all the time, but not on specific cases. We are prevented from discussing a case beyond simply saying, here are the transactions we have found, here are the people who are involved, and so on. The information that we're authorized to disclose, we could also say orally to them. But we couldn't, for example, say, you should be looking right over here; this is the really—

    Why can't you do that? I understand the privacy issue. But are we protecting the criminals? Can we do it so you're able to do it? Why do we have to beat around the bush?

    Part of the privacy protection measures incorporated in the bill is this idea that FINTRAC operate at arm's length from those receiving information from it.

    The sources of information that FINTRAC can access are provided for in great detail in the act. So as the director mentioned, we can access data banks maintained by the federal or provincial government for law enforcement purposes. But aside from those data banks, we can't seek or collect information directly from members of law enforcement. This I think is part of the balance that was struck between the needs of law enforcement and the privacy concerns.

    You're still able to work within those parameters, from what I understand.

    Where we have a more frequent contact with them, it involves discussion about sanitized or generic issues that illustrate some difficulties arising from their having failed to recognize the value of a particular corner, or—

    This is quite a complex example, but there are simple transactions where a criminal may conduct only one or two transactions a year and the law enforcement agencies may need your help. Is the act inhibiting your ability to help? I guess I'm focused more on the smaller transactions.

    No, it isn't. When law enforcement is looking for help, they will generally provide a voluntary information report to us. If we have information we judge to be relevant—we make the determination whether it's reasonable to suspect relevance in an investigation—we are then required to make the disclosure. We do this a lot. Probably 65% to 70% of our case disclosures involve some voluntary information that triggers our investigation and identifies the recipient.

    Mr. Wallace.

    With the changes, your organization will be able to sanction fines. Have you started getting ready to issue fines? Have you set out a schedule of what constitutes a fine, what attracts a fine, and all those things?

    We have begun. We've done quite a lot of work. More needs to be done, and a round of consultation with other agencies needs to occur. We will also need a round of consultation with the industry to ensure that we're getting it right.

    The whole purpose of proceeding down this path was that in the current regime we have the power of persuasion—and we can be quite persuasive—but there is also the power to refer for criminal investigation prosecution. Many of the transgressions or deficiencies we identify are in that big grey zone in the middle where some sanction should be applied, but not one as draconian as a criminal investigation prosecution. For example, if we were to proceed with a criminal prosecution against a smallish money service firm that is otherwise law-abiding, we would put them out of business.

    Okay, so you are getting ready for that.

    Are the changes going to make you more cost-efficient and able to find things? Will you be able to prosecute more people, or to find more people who are now slipping through the cracks?

    The registration scheme for MSBs, for example, will make us much more efficient, because we will be able to identify all of them and make sure they're brought under coverage. Moreover, the administrative monetary penalties will make it possible for us to be more effective in ensuring compliance.

    Right. You have no stick for that group at the present time.

    Thank you.

    Merci beaucoup, monsieur.

    Thank you, Director, and thank you all for your participation in the panel this morning.

    Committee, we will reconvene in a moment in room 237-C.

    We are adjourned.