In today’s regulatory environment, setting up a robust compliance program is essential for mortgage brokerages to navigate the complexities of financial regulations and mitigate the risks associated with money laundering and terrorist financing. This comprehensive guide will walk you through the key steps and best practices for establishing an effective compliance program tailored to the needs of a mortgage brokerage.


  1. Understanding the Regulatory Landscape


Mortgage brokerages in Canada are governed by the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), which mandates compliance with specific guidelines set by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). Understanding these requirements is the first step in developing a compliant and effective program.


  • Key Compliance Requirements Include:
    • Appointment of a Compliance Officer
    • Development and implementation of written compliance policies and procedures
    • Conducting a thorough risk assessment
    • Establishing a training program for employees
    • Implementing ongoing monitoring and reporting mechanisms
    • Maintaining detailed records


  1. Appointment of a Compliance Officer


A critical component of any compliance program is the appointment of a Compliance Officer. This individual will be responsible for overseeing and implementing the program, ensuring adherence to regulatory requirements, and acting as the primary point of contact for regulatory bodies.


  • Responsibilities of a Compliance Officer:
    • Implementing and maintaining all elements of the compliance program
    • Conducting regular risk assessments
    • Overseeing the training of employees on compliance matters
    • Ensuring timely reporting of suspicious transactions to FINTRAC
    • Regularly reviewing and updating compliance policies and procedures


Depending on the size and structure of the brokerage, the Compliance Officer could be a senior manager, the owner, or another qualified individual with sufficient authority and resources.


  1. Developing Compliance Policies and Procedures


Written policies and procedures form the backbone of a compliance program. These documents should detail the brokerage’s approach to meeting its obligations under the PCMLTFA and be approved by senior management. They should be kept up to date with regulatory changes and internal process adjustments.


  • Essential Components:
    • Client identification and verification processes
    • Procedures for detecting and reporting suspicious transactions
    • Guidelines for ongoing monitoring of business relationships
    • Methods for maintaining and updating client information


  1. Conducting a Risk Assessment


A thorough risk assessment is necessary to identify and evaluate the potential risks of money laundering and terrorist financing within the brokerage’s operations. This assessment should be documented and periodically reviewed to adapt to changing business environments and regulatory updates.


  • Steps in Conducting a Risk Assessment:
    • Identify the various types of clients, transactions, and services the brokerage offers
    • Assess the risks associated with each category
    • Assign risk levels (e.g., low, medium, high) to clients and transactions
    • Develop and implement strategies to mitigate identified risks


  1. Implementing a Training Program


An ongoing training program ensures that all employees, agents, and authorized individuals are aware of their roles and responsibilities concerning compliance. Training should be comprehensive and continuous, reflecting changes in regulations and internal policies.


  • Elements of a Training Program:
    • Initial training for new employees on AML/ATF regulations and internal policies
    • Regular refresher courses and updates on regulatory changes
    • Practical scenarios and case studies to illustrate compliance requirements
    • Assessments to evaluate understanding and effectiveness of the training


  1. Ongoing Monitoring


Ongoing monitoring involves the regular review and updating of client information and transactions to detect and report suspicious activities promptly. The frequency and depth of monitoring should be based on the risk profiles assigned during the risk assessment.


  • Best Practices for Ongoing Monitoring:
    • Continuous transaction review to identify unusual patterns
    • Regular updates to client identification and beneficial ownership information
    • Enhanced monitoring for high-risk clients
    • Documenting all monitoring activities and findings


  1. Record Keeping and Reporting


Mortgage brokerages must maintain comprehensive records of all transactions, client information, and compliance-related activities for at least five years. These records are crucial for demonstrating compliance during audits and inspections.


  • Records to Maintain:
    • Client identification documents
    • Records of transactions exceeding $10,000
    • Suspicious Transaction Reports (STRs)
    • Terrorist Property Reports (TPRs)
    • Ongoing monitoring records


  1. Reporting Obligations


Brokerages are required to report specific transactions to FINTRAC, including suspicious transactions, large cash transactions, and large virtual currency transactions. These reports must be accurate and submitted promptly to ensure compliance.


  • Types of Reports:
    • Suspicious Transaction Reports (STRs): When there are reasonable grounds to suspect that a transaction is related to money laundering or terrorist financing.
    • Large Cash Transaction Reports (LCTRs): When receiving $10,000 or more in cash in a single transaction.
    • Terrorist Property Reports (TPRs): When property is identified as being owned or controlled by a terrorist or terrorist group.
    • Large Virtual Currency Transaction Reports (LVCTRs): When receiving virtual currency equivalent to $10,000 or more in a single transaction.


  1. Establishing a Compliance Culture


Creating a culture of compliance within the brokerage is essential for the program’s success. This involves integrating compliance into the daily operations and ensuring that all employees understand the importance of adhering to regulatory requirements.


  • Strategies to Foster a Compliance Culture:
    • Leadership Commitment: Ensure that senior management demonstrates a commitment to compliance through their actions and decisions.
    • Clear Communication: Regularly communicate the importance of compliance to all employees and stakeholders.
    • Incentives and Penalties: Implement incentives for compliance and penalties for non-compliance to encourage adherence to policies.


  1. Conducting Regular Reviews and Audits


Regular reviews and audits of the compliance program are necessary to ensure its effectiveness and identify areas for improvement. These reviews should be conducted at least every two years or more frequently if there are significant changes in regulations or business operations.


  • Review Process:
  • Internal Audits: Conduct internal audits to assess the effectiveness of the compliance program and identify gaps.
  • External Audits: Engage third-party auditors to provide an independent assessment of the program.
  • Continuous Improvement: Use audit findings to continuously improve and update the compliance program.




Establishing a compliance program at a mortgage brokerage is a multifaceted process that requires careful planning, implementation, and ongoing management. By following the steps outlined in this guide, brokerages can ensure they meet their regulatory obligations, mitigate risks, and foster a culture of compliance. Regular audits and updates will further enhance the program’s effectiveness, ensuring it remains robust and adaptive to changing regulatory landscapes.


Implementing these best practices will not only help brokerages comply with FINTRAC requirements but also build trust with clients and stakeholders, ultimately contributing to the overall integrity and success of the business.