Guideline 6A: Record Keeping
and Client Identification for Life Insurance Companies,
Brokers and Agents

July 2010

This replaces the previous version of Guideline 6A: Record Keeping and Client Identification for Life Insurance Companies, Brokers and Agents issued in March 2009. The changes made to this version are indicated by a side bar to the right of the modified text in the PDF version.

Table of Contents

1. General
2. Record Keeping and Client Identification Obligations
3. Records To Be Kept
   • 3.1 General exceptions to record keeping
   • 3.2 Large cash transaction records
   • 3.3 Client information records
   • 3.4 Suspicious transaction report records
   • 3.5 Identification information on all records
4. Client Identity
   • 4.1 When and how do you have to identify clients?
   • 4.2 General exceptions to client identification
   • 4.3 Client identity for large cash transactions
   • 4.4 Client identity for suspicious transactions
   • 4.5 Client identity for client information records: individuals
   • 4.6 Client identity for group plan account individual members
   • 4.7 How to identify an individual
   • 4.8 Client identity for client information records: corporations and other entities
   • 4.9 Keeping client identification information up to date
5. Beneficial Ownership Records
6. Third Party Determination and Related Records
   • 6.1 Third party determination
   • 6.2 Third party records
7. Politically Exposed Foreign Person Determination and Related Records
   • 7.1 Politically exposed foreign person determination
   • 7.2 Politically exposed foreign person records
8. Foreign Subsidiaries or Branches
   • 8.1 Foreign subsidiaries
   • 8.2 Foreign branches
9. How Should Records Be Kept?
10. Penalties for Non-Compliance
11. Comments?
12. How to Contact FINTRAC

• Back to Guideline 6 list
• Back to guidelines menu

Guideline 6A: Record Keeping and Client Identification for Life Insurance Companies, Brokers and Agents (PDF version, 98 KB)

1. General

The objective of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act is to help detect and deter money laundering and the financing of terrorist activities. It is also to facilitate investigations and prosecutions of money laundering and terrorist activity financing offences. This includes reporting, record keeping, client identification and compliance regime requirements for life insurance companies, life insurance brokers and independent life insurance agents.

A life insurance company means one regulated by provincial legislation, or a life company or foreign life company under the Insurance Companies Act. A life insurance broker or agent means an individual or entity registered or licensed provincially to carry on the business of arranging contracts of life insurance.

If you are a life insurance company, a broker or an independent agent, this guideline has been prepared to help you meet your record keeping and client identification obligations, including those applicable for certain foreign subsidiaries or branches. If you deal in reinsurance, certain of the requirements explained in this guideline do not apply to those dealings. These are noted at the beginning of each section as applicable.

This guideline uses plain language to explain the most common situations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act as well as the related Regulations. It is provided as general information only. It is not legal advice, and is not intended to replace the Act and Regulations.

Record keeping and client identification obligations for other types of reporting persons or entities are explained by sector in other versions of this guideline (financial entities; securities dealers; money services businesses; agents of the Crown that sell or redeem money orders; accountants; real estate; dealers in precious metals and stones; British Columbia notaries; and casinos).

For more information about money laundering and terrorist financing, or other requirements under the Act and Regulations applicable to you, see the guidelines in this series:

• Guideline 1: Backgrounder explains money laundering, terrorist financing and their international nature. It also provides an outline of the legislative requirements as well as an overview of FINTRAC's mandate and responsibilities.
• Guideline 2: Suspicious Transactions explains how to report a suspicious transaction. It also provides guidance on how to identify a suspicious transaction, including general and industry-specific indicators that may help when conducting or evaluating transactions.
• Guideline 3: Submitting Suspicious Transaction Reports to FINTRAC explains when and how to submit suspicious transaction reports. There are two different versions of Guideline 3, by reporting method.
• Guideline 4: Implementation of a Compliance Regime explains the requirement for reporting entities to implement a regime to ensure compliance with their obligations under the Act and associated Regulations.
• Guideline 5: Submitting Terrorist Property Reports to FINTRAC explains to reporting entities when and how to submit a terrorist property report.
• Guideline 6: Record Keeping and Client Identification explains the requirement for reporting entities to identify their clients and keep records. There are several different versions of Guideline 6, with each one applicable to a particular sector.
• Guideline 7: Submitting Large Cash Transaction Reports to FINTRAC explains when and how to submit large cash transaction reports. There are two different versions of Guideline 7, by reporting method.
• Guideline 8: Submitting Electronic Funds Transfer Reports to FINTRAC explains when and how to submit electronic funds transfer reports. There are three different versions of Guideline 8, by type of electronic funds transfer and reporting method.
• Guideline 9: Submitting Alternative to Large Cash Transaction Reports to FINTRAC explains when and how financial entities can choose the alternative to large cash transaction reports. This is only applicable to financial entities.
• Guideline 10: Submitting Casino Disbursement Reports to FINTRAC explains when and how to submit casino disbursement reports. There are two different versions of Guideline 10, by reporting method.

If you need more help after you read this or other guidelines, call FINTRAC's national toll-free enquiries line at 1-866-346-8722.

Throughout this guideline, several references are provided to additional information that may be available on external Web sites. FINTRAC is not responsible for the accuracy, reliability or currency of the information contained on those external Web sites. The links provided are based on information available at the time of publishing of this guideline.

Throughout this guideline, any references to dollar amounts (such as $10,000) refer to the amount in Canadian dollars or its equivalent in foreign currency. Furthermore, all references to cash mean money in circulation in any country (bank notes or coins). In this context, cash does not include cheques, money orders or other similar negotiable instruments. Also, any references to the term "securities dealer" means an individual or entity authorized under provincial legislation to engage in the business of dealing in securities or any other financial instruments, or to provide portfolio management or investment advising services.

Your policies and procedures may cover situations other than the ones described in this guideline, for purposes other than your requirements under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act. For example, the federal or provincial regulator for your sector may require you to apply additional policies and procedures, the retention period for your records may vary for purposes other than what is described in this guideline, or you may have to request an individual's social insurance number for income tax purposes.

2. Record Keeping and Client Identification Obligations

As a life insurance company, broker or independent agent, you have to do the following:

• When you conduct a large cash transaction, your record keeping and client identification obligations are as follows:
  • Keep a large cash transaction record (see section 3);
  • Identify the individual (see section 4); and
  • Make a third party determination and keep related records (see section 6).
  
  
• When a client pays you $10,000 or more (whether or not it was in cash) for an annuity or a life insurance policy, your record keeping and client identification obligations are as follows:
  • Keep a client information record (see section 3);
  • Identify the client(s) (see section 4); and
  • Make a third party determination and keep related records (see section 6).
  
  
• When a client makes a lump-sum of $100,000 or more (whether or not it was in cash) for an annuity or a life insurance policy, you have to make a determination of whether you are dealing with a politically exposed foreign person and if so, keep records and take other measures (see section 7);
  
  
• When you have to submit a suspicious transaction report to FINTRAC, your obligations include the following:
  • If you have not already identified the individual who conducted the transaction, identify the individual (see section 4); and
  • Keep a copy of the report (see section 3)
  
  
• If you have to identify an entity, you also have to determine beneficial ownership of the entity and keep records (see section 5)
  
  
• If you have foreign subsidiaries or branches, you may have obligations regarding them (see section 8).
  

If you deal in reinsurance, certain of the record keeping and client identification requirements explained in this guideline do not apply to you regarding those dealings. These are explained throughout each section.

There are other exceptions and these are also explained throughout each section.

The use of personal information in Canadian commercial activities is protected by the Personal Information Protection and Electronic Documents Act (PIPEDA), or by substantially similar provincial legislation. You have to inform individuals concerning the collection of personal information about them. However, you do not have to inform individuals when you include personal information about them in any of the reports that you are required to make to FINTRAC. You can get more information about your responsibilities in this area from the following:

• Industry Canada (http://privacyforbusiness.ic.gc.ca); or
• The Office of the Privacy Commissioner of Canada (http://www.priv.gc.ca).
  • The Office of the Privacy Commissioner of Canada has developed, on its Web site, a Question and Answer document entitled PIPEDA and the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (http://www.priv.gc.ca/resource/t_faqs_index_e.cfm) that will help you in understanding your responsibilities under both federal laws.

3. Records To Be Kept

As a life insurance company, broker or independent agent, in addition to the records described in sections 5 to 8, you have to keep the following records:

• Large cash transaction records;
• Client information records;
• Suspicious transaction report records.

Details about each of these types of records are provided in subsections 3.2 through 3.4. Also, section 9 explains how your records should be kept.

See section 4 for information about identification requirements that may be associated to the events triggering record keeping requirements.

If you deal in reinsurance, the requirements for large cash transaction records and client information records do not apply to you regarding those dealings.

3.1 General exceptions to record keeping

If you keep information in a record that is already readily available in any other record that you have kept under these rules (as described throughout this guideline), you do not have to keep that information again.

You do not have to keep any of the records described in subsections 3.2 and 3.3 or in section 7 for any of the following:

• the purchase of a policy that is an exempt policy (i.e., a policy issued for insurance protection and not for significant investment purposes as defined in subsection 306(1) of the Income Tax Regulations);
• the purchase of a group life insurance policy that does not provide a cash surrender value or a savings component;
• the purchase of an immediate or deferred annuity paid for entirely with funds directly transferred from a registered pension plan or the proceeds of a group life insurance policy;
• the purchase of a registered annuity policy or a registered retirement income fund;
• a registered plan, including a locked-in retirement plan, a registered retirement savings plan, a group registered retirement savings plan, a registered education savings plan and any other registered plan;
• where the account holder or settlor is a federally or provincially regulated pension fund; or
• a transaction that is part of a reverse mortgage or structured settlement.

Transactions for a public body or very large corporation
If you conduct a transaction for a public body or a very large corporation, the record keeping requirements described in subsection 3.2 or 3.3, do not apply. The same is true regarding a subsidiary of either of those entities, if the financial statements of the subsidiary are consolidated with those of the public body or very large corporation.

In this context, a public body means any of the following or their agent:

• a Canadian provincial or federal department or Crown agency;
• an incorporated Canadian municipal body (including an incorporated city, town, village, metropolitan authority, district, county, etc.); or
• a hospital authority. A hospital authority means an organization that operates a public hospital and that is designated to be a hospital authority for GST/HST purposes. For more information on the designation of hospital authorities, refer to GST/HST Memoranda Series, Chapter 25.2, Designation of Hospital Authorities available from the Canada Revenue Agency Web site at http://www.cra-arc.gc.ca in the forms and publications listed by document type.

Also in this context, a very large corporation is one that has minimum net assets of $75 million on its last audited balance sheet. The corporation's shares have to be traded on a Canadian stock or on a stock exchange outside Canada that is designated by the Minister of Finance. The corporation also has to operate in a country that is a member of the Financial Action Task Force (FATF). For more information about stock exchanges outside Canada that are designated by the Minister of Finance, refer to the July 2, 2008 news release available in the News area of the Department of Finance's Web site (http://www.fin.gc.ca).

To find out which countries are members of the FATF, refer to its Web site (http://www.fatf-gafi.org).

3.2 Large cash transaction records

This is a record for every amount of cash of $10,000 or more that you receive from a client in a single transaction. For example, if your client makes a cash deposit of $10,000 for a life insurance policy, you have to keep a large cash transaction record. In addition to this record, a large cash transaction will also require a report to FINTRAC, as explained in Guideline 7: Submitting Large Cash Transaction Reports to FINTRAC.

If you know that two or more cash transactions of less than $10,000 each were made within a 24-hour period (i.e., 24 consecutive hours), by or on behalf of the same client, these are considered to be a single large cash transaction if they add up to $10,000 or more. In this case, you would have to keep a large cash transaction record, and report the transaction to FINTRAC as explained above.

Do not keep a large cash transaction record or make a large cash transaction report to FINTRAC if the cash is received from a financial entity or a public body. In this context, a financial entity means any of the following:

• a bank (i.e., one that is listed in Schedule I or II of the Bank Act) or an authorized foreign bank with respect to its operations in Canada;
• a credit union or a caisse populaire;
• effective July 31, 2010, a financial services cooperative (in the province of Quebec) or a credit union central (in all other provinces);
• a trust and loan company; or
• an agent of the Crown that accepts deposit liabilities.

For information about what is considered a public body in this context, see subsection 3.1.

Contents of a large cash transaction record
For any large cash transaction, the information you have to keep in a large cash transaction record includes the following:

• the amount and currency of the cash received;
• the name, date of birth and address of the individual from whom you received the cash and that individual's principal business or occupation;
• the date of the transaction;
• the purpose, details and type of transaction (for example, the cash was used to put a deposit on a purchase of a life insurance policy, etc.), including whether any other individuals or entities were involved in the transaction;
• how the cash was received (for example, in person, by mail, by armoured car, or any other way); and
• if an account was affected by the transaction, include the following:
  • the number and type of any such account;
  • the full name of the client that holds the account; and
  • the currency in which the account's transactions are conducted.

Be as descriptive as possible regarding the business or occupation. Record information that clearly describes it, rather than use a general term. For example, in the case of a consultant, the occupation recorded should reflect the area of consulting, such as “information technology consultant” or “consulting forester”. As another example, in the case of a professional, the occupation should reflect the nature of the work, such as “petroleum engineer” or “family physician”.

If you have to identify the individual conducting the large cash transaction, see subsection 3.5 for additional information that is required on the large cash transaction record.

3.3 Client information records

If your client is expected to pay you $10,000 or more for an annuity or a life insurance policy, over the duration of the annuity or policy, you have to keep a client information record. This has to be kept no matter how the client paid for the annuity or policy, whether or not it was in cash.

A client information record sets out your client's name, address and the nature of the client's principal business or occupation. In the case of a group life insurance policy or a group annuity, the client information record is about the applicant for the policy or annuity.

For more information about recording business or occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record".

A client information record about an individual also has to include the individual's date of birth, whether or not you had to identify that individual. Furthermore, for a client information record about an individual, if you have to identify that individual, see subsection 3.5 for additional information that is required on the client information record.

Client information record about a corporation
For a client information record about a corporation, you also have to keep the following additional record. If, in the normal course of business, you get a copy of the part of the official corporate records showing the provisions that relate to the power to bind the corporation regarding the purchase, you have to keep a copy of it. This could be a certificate of incumbency, the articles of incorporation or the bylaws of the corporation that set out the officers duly authorized to sign on behalf of the corporation, such as the president, treasurer, vice-president, comptroller, etc. If there were changes subsequent to the articles or bylaws that relate to the power to bind the corporation regarding the purchase and these changes were applicable at the time that the record had to be kept, then the board resolution stating the change would be included in this type of record.

3.4 Suspicious transaction report records

When you have to report a suspicious transaction to FINTRAC, you have to keep a copy of the report. See Guideline 3: Submitting Suspicious Transaction Reports to FINTRAC for more information about obligations related to this report.

3.5 Identification information on all records

If you have to identify an individual, as explained in section 4, in association with any of the records mentioned in section 3, you have to keep the individual's name with that record. You also have to keep the following with that record.

Identification documents
If you have to identify the individual using an identification document, the record has to include the type of document you used to confirm the individual's identity, its reference number and its place of issue.

Identification of clients not physically present
If you do not use an identification document but use methods for a client who is not physically present (as described in subsection 4.7), you have to include whichever of the following, according to the methods used:

• If you use a cleared cheque to confirm the individual's identity, the record has to include the name of the financial entity and the account number of the deposit account on which the cheque was drawn;
• If you confirm that the individual holds a deposit account with a financial entity, the record has to include the date on which you made the confirmation as well as the name of the financial entity where the account is held and the number of the account;
• If you rely on a previous confirmation of the individual's identity by an affiliate of yours or another member of your central cooperative credit society, the record has to include the name of that other entity as well as the type and reference number of the record that they previously relied on to ascertain the individual's identity;
• If you use an identification product, the record has to include the name of the identification product, the name of the entity offering it, the search reference number and the date you used the product to identify the individual;
• If you consult a credit file, the record has to include the name of the entity keeping the credit file and the date you consulted it; and
• If you use an attestation signed by a commissioner of oaths in Canada or a guarantor in Canada, you have to keep the attestation.

4. Client Identity

4.1 When and how do you have to identify clients?

As a life insurance company, a broker or an independent agent, you have client identification obligations. You have to take the following measures to identify individuals or entities, subject to the general exceptions outlined in subsection 4.2.

Subsections 4.3 to 4.5 explain the need to identify individuals when they conduct a large cash transaction or any other transaction for which a record is required. Any individuals that you have not identified according to these rules must be identified if any of the situations described in those subsections occurs, unless an exception applies as explained below.

Refer to section 3 for information about record keeping requirements that may be associated to the events triggering identification requirements.

If you deal in reinsurance, the client identification requirements for large cash transactions (subsection 4.3) and client information records (subsections 4.5 and 4.8) do not apply to you regarding those dealings.

4.2 General exceptions to client identification

In addition to the exceptions explained throughout the rest of section 4, the following general exceptions apply to client identification requirements.

Existing clients
Once you have confirmed the identity of an individual as explained in this guideline, you do not have to confirm their identity again if you recognize the individual (visually or by voice) at the time of a future event that would otherwise trigger the identification requirement. However, if you have any doubts about the identification information previously collected, you will have to identify that individual again.

Once you have confirmed the existence of a corporation and confirmed its name, address and the names of its directors (as explained in subsection 4.7), you are not required to confirm that same information in the future.

Once you have confirmed the existence of an entity other than a corporation (as explained in subsection 4.7), you are not required to confirm that same information in the future.

Certain types of transactions
You do not have to identify clients as described in subsections 4.3, 4.5, 4.6 or 4.8, nor do the requirements described in section 5 or 7 apply, in the following situations:

• the purchase of a policy that is an exempt policy (i.e., a policy issued for insurance protection and not for significant investment purposes as defined in subsection 306(1) of the Income Tax Regulations);
• the purchase of a group life insurance policy that does not provide a cash surrender value or a savings component;
• the purchase of an immediate or deferred annuity paid for entirely with funds directly transferred from a registered pension plan or the proceeds of a group life insurance policy;
• the purchase of a registered annuity policy or a registered retirement income fund;
• a registered plan, including a locked-in retirement plan, a registered retirement savings plan, a group registered retirement savings plan, a registered education savings plan and any other registered plan;
• where the account holder or settlor is a federally or provincially regulated pension fund; or
• a transaction that is part of a reverse mortgage or structured settlement;

Transactions for a public body or very large corporation
If you conduct a transaction for a public body or a very large corporation, the requirements described in subsections 4.3, 4.5 and 4.7 or section 5, do not apply. The same is true regarding a subsidiary of either of those entities, if the financial statements of the subsidiary are consolidated with those of the public body or very large corporation.

For information about what is considered a public body or a very large corporation in this context, see subsection 3.1 under the heading "Transactions for a public body or very large corporation".

4.3 Client identity for large cash transactions

You have to identify any individual with whom you conduct a large cash transaction, at the time of the transaction, if you have to keep a large cash transaction record for it, as described in subsection 3.2.

See Section 4.7 to find out how to identify an individual for a large cash transaction.

4.4 Client identity for suspicious transactions

When you have to send a suspicious transaction report to FINTRAC, you have to take reasonable measures, before the transaction is reported, to identify the individual who conducted it. This does not apply in the following circumstances:

• if you had already identified the individual as required and you have no doubts about that previous identification information;
• if you believe that doing so would inform the individual that you are submitting a suspicious transaction report; or
• the transaction being reported was an attempted transaction. Guideline 2: Suspicious Transactions provides more information about reporting attempted transactions.

In this context, reasonable measures to identify an individual include using Option 1 or Option 2 as explained in subsection 4.7 under the heading “Individual not physically present” . They also include asking the individual for an identification document. However, reasonable measures exclude any method that you believe would inform the individual that you are submitting a suspicious transaction report.

4.5 Client identity for client information records: individuals

You have to identify any individual who purchases an annuity or a life insurance policy for whom you have to keep a client information record (as explained in subsection 3.3), within 30 days of creating this record. This is true whether the transaction is conducted on the individual's own behalf, or on behalf of a third party. However, if you have reasonable grounds to believe that another life insurance company, broker or agent has confirmed the individual's identity as explained in subsection 4.7 for the same transaction, you do not have to confirm their identity again.

See Section 4.7 to find out how to identify an individual for the purposes of a client information record.

4.6 Client identity for group plan account individual members

In the case of a group plan account, you do not have to identify any individual member of the plan if the plan's sponsor is an entity and you have already confirmed its existence. However, unless the plan is exempt from identification requirements as explained in subsection 4.2, you have to identify any individual members for whom a contribution is made that is other than a contribution made by payroll deductions or by the plan's sponsor. In this case, you have to identify individual members when they make contributions to the plan.

4.7 How to identify an individual

See subsection 3.5 for additional information that is required on certain records when you have to identify individuals.

To identify an individual, refer to the individual's birth certificate, driver's licence, passport, record of landing, permanent resident card, or other similar document.

You can refer to an individual's provincial health card, but only if it is not prohibited by provincial or territorial legislation. For example, you cannot refer to an individual's provincial health card from Ontario, Manitoba or Prince Edward Island since health cards cannot be used for this purpose in these provinces. As another example, in Quebec, you cannot request to see a client's health card, but you may accept it if the client wants to use it for identification purposes. If you have questions about the use of health cards for identification, please contact the appropriate provincial issuer for more information.

For a document to be acceptable for identification purposes, it must have a unique identifier number. Also, the document must have been issued by a provincial, territorial or federal government. For example, a birth or baptismal certificate issued by a church would not be acceptable for this purpose. Also, an identification card issued by an employer for an employee (i.e. an employee identification card) is not acceptable.

The document also has to be a valid one and cannot have expired. For example, an expired driver's licence would not be acceptable.

A social insurance number (SIN) card can be used to verify the identity of a client, but the SIN (i.e. the number itself) is not to be provided to FINTRAC on any type of report. The Office of the Privacy Commissioner (http://www.priv.gc.ca) has produced a fact sheet concerning best practices for the use of SINs. Please consult it for more information on this topic.

Examples of other documents that can be used to verify the identity of a client include a certificate of Indian status or a provincial or territorial identification card issued by any of the following (or their successors):

• the Insurance Corporation of British Columbia;
• Alberta Registries;
• Saskatchewan Government Insurance;
• the Department of Service Nova Scotia and Municipal Relations;
• the Department of Transportation and Public Works of the Province of Prince Edward Island;
• Service New Brunswick;
• the Department of Government Services and Lands of the Province of Newfoundland and Labrador;
• the Department of Transportation of the Northwest Territories; or
• the Department of Community Government and Transportation of the Territory of Nunavut.

Valid foreign identification, if equivalent to an acceptable type of Canadian identification document, would also be acceptable for the purposes explained in this guideline. For example, a valid foreign passport is acceptable.

When you refer to a document to identify an individual, it has to be an original, not a copy of the document. In cases where it is not possible for you to view the original yourself, you may choose to use an agent or mandatary to verify the original identification document on your behalf. Even if you use an agent or mandatary, you are responsible for making sure the identification requirements are met.

Use of an agent or mandatary
If you use an agent or mandatary for client identification, you have to enter into a written agreement or arrangement with the agent or mandatary outlining what you expect them to do for you. In addition, you have to obtain from the agent or mandatary the customer information that was obtained according to the agreement or arrangement.

Your agent or mandatary can identify your client for you using an identification document. In cases where your client is not physically present at the conducting of a transaction, your agent or mandatary can also use the options explained below.

Individual not physically present
If you have to identify an individual who is not physically present you will have to use one or the other of the following options to confirm the identity of that individual.

OPTION 1: Affiliate or co-member
To identify an individual using this option, you have to first obtain the individual's name, address and date of birth. Then, you have to confirm that one of the following has identified the individual by referring to an original identification document:

• a financial entity, life insurance company or securities dealer affiliated with you; or
• an entity affiliated with you and whose activities outside Canada are similar to those of a financial entity, life insurance company or securities dealer; or
• another member of a central cooperative credit society (within the meaning of the Cooperative Credit Association Act) of which you also are a member (until July 30, 2010); or
• effective July 31, 2010, another financial entity that is a member of your financial services cooperative association or credit union central association of which you also are a member.

To use this option, you have to verify that the individual's name, address and date of birth provided to you correspond with the information kept in the records of that other entity.

In this context, an entity is affiliated with you if you fully own it or it fully owns you, or you are both fully owned by the same entity.

OPTION 2: Combination of methods
To identify an individual using this option, you have to use a combination of two of the following methods. In each of the two methods you use, the individual's information has to be consistent with what you have in your records. The information also has to be consistent from one method to the other. For example, if each of the methods you use has the name, address and date of birth information about the individual, all of it has to agree with what you have in your records.

The methods below may not apply for all clients. For example, the methods would not be available to identify a client outside Canada who is purchasing a life insurance policy with you, but has no Canadian credit history, no access to a Canadian guarantor and no deposit account with a financial entity. In this case, identification of the client using an identification document may necessitate the use of an agent or mandatary, as explained above.

4.8 Client identity for client information records: corporations and other entities

You have to confirm the existence of any corporation or other entity that purchases an annuity or a life insurance policy and for which you have to keep a client information record, within 30 days of creating this record. In the case of a corporation, in addition to confirming its existence, you also have to determine the corporation's name, address and the names of its directors within 30 days of creating the client information record.

When you have to confirm the existence of an entity, you also have to determine the entity's beneficial ownership, as explained in section 5.

Corporations
To confirm the existence of a corporation as well as the corporation's name and address, refer to the following documents:

• the corporation's certificate of corporate status;
• a record that has to be filed annually under provincial securities legislation; or
• any other record that confirms the corporation's existence. Examples of these include such other records as the corporation's published annual report signed by an independent audit firm, or a letter or a notice of assessment for the corporation from a municipal, provincial, territorial or federal government.

You also have to determine the names of the corporation's directors. To do this, you may need to see the list submitted at the time of their application for incorporation. In the case of a corporation that is a securities dealer, you do not need to determine the name of the corporation's directors.

The record you use to confirm a corporation's existence can be paper or an electronic version. Although such information may be available verbally (such as by telephone), it is not acceptable for these purposes, as you have to refer to a record. If the record is in paper format, you have to keep the record or a copy of it.

If the record is an electronic version, you have to keep a record of the corporation's registration number, the type and source of the record. An electronic version of a record has to be from a public source. For example, you can get information about a corporation's name and address and the names of its directors from the Corporations Canada database which is accessible from Industry Canada's Web site (http://www.ic.gc.ca). As another example, you may also get this type of information if you subscribe to a corporation searching and registration service.

Entities other than corporations
To confirm the existence of an entity other than a corporation, refer to a partnership agreement, articles of association or any other similar record that confirms the entity's existence. The record you use to confirm the existence of an entity can be paper or an electronic version. Although such information may be available verbally (such as by telephone), it is not acceptable for these purposes, as you have to refer to a record. If the record is in paper format, you have to keep the record or a copy of it.

If the record is an electronic version, you have to keep a record of the entity's registration number, the type and source of the record. An electronic version of a record has to be from a public source.

4.9 Keeping client identification information up to date

Your compliance regime has to include an assessment, in the course of your activities, of the risk of money laundering or terrorist financing. According to this assessment, in higher risk situations, you have to take reasonable measures to keep client identification information up to date.

In this context, reasonable measures include asking the client to confirm or update identification information. In the case of an individual client, reasonable measures also include confirming or updating the information through the options available to identify individuals who are not physically present. This can include obtaining information verbally to keep client identification information up to date.

In the case of clients that are entities, reasonable measures include consulting a paper or electronic record as explained in subsection 4.8, or obtaining information verbally to keep client identification information up to date.

The frequency with which client identification information is to be kept up to date will vary in accordance with the context in which transactions occur, and therefore could differ from one situation to the next. However, for high risk situations, frequency for keeping client identification information up to date should be at least every two years.

Guideline 4: Implementation of a Compliance Regime provides more information about risk assessment requirements.

5. Beneficial Ownership Records

If you have to confirm the existence of a corporation or other entity, at that same time, you also have to take reasonable measures to obtain information about the entity's beneficial ownership. In this context, reasonable measures would include asking the individual authorized to act for the entity about beneficial ownership of the entity. It could also include consulting a credible source of publicly or commercially available information.

If obtained, you have to keep a record of the following:

• If the entity is a corporation:
  • the name and occupation of all directors of the corporation; and
  • the name, address and occupation of all individuals who directly or indirectly own or control 25% or more of the shares of the corporation.
• If the entity is other than a corporation:
  • the name, address and occupation of all individuals who directly or indirectly own or control 25% or more of the entity.

If this information cannot be obtained, you have to keep a record explaining why beneficial ownership could not be determined.

For more information about recording occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record".

If you deal in reinsurance, the beneficial ownership requirements do not apply to you regarding those dealings.

Not-for-profit organization
If you have to confirm the existence of an entity that is a not-for-profit organization, you also have to do the following:

• Determine whether or not that entity is a registered charity for income tax purposes and keep a record to that effect. To make this determination, you can ask the client or consult the charities listing on the Canada Revenue Agency Web site (http://www.cra-arc.gc.ca).
• If that entity is not a registered charity, determine whether or not it solicits charitable financial donations from the public and keep a record to that effect. To make this determination, you can ask the client.

Keeping beneficial ownership information up to date
According to your compliance regime's assessment of risk, in higher risk situations, you have to take reasonable measures to keep beneficial ownership information up to date. In this context, reasonable measures include those explained at the beginning of section 5.

The frequency with which such information is to be kept up to date will vary in accordance with the context in which transactions occur, and therefore could differ from one situation to the next. However, for high risk situations, frequency for keeping beneficial ownership information up to date should be at least every two years.

Guideline 4: Implementation of a Compliance Regime provides more information about risk assessment requirements.

6. Third Party Determination and Related Records

6.1 Third party determination

You have to make a third party determination when you have to keep any of the following records:

• Large cash transaction record
  Whenever you have to keep a large cash transaction record (as described in subsection 3.2), you have to take reasonable measures to determine whether the individual who gives you the cash is acting on the instructions of a third party.
• Client information record
  Whenever you are required to keep a client information record as explained in Section 3.3, you have to take reasonable measures to determine whether the client is acting on the instructions of a third party.

In this context, a third party is an individual or entity other than the individual who conducts the transaction. When you are determining whether a "third party" is involved, it is not about who "owns" the money, but rather about who gives instructions to deal with the money. To determine who the third party is, the point to remember is whether the individual in front of you is acting on someone else's instructions. If so, that someone else is the third party.

In making a third party determination when employees are acting on behalf of their employers, they are considered to be acting on behalf of a third party. The only exception to this is applicable to deposit taking institutions when they have to make a third party determination: an employee depositing cash to his or her employer's account is not considered to be acting on behalf of a third party. This is only true if the account in which the employee deposits cash is a business account.

If you deal in reinsurance, the third party determination requirements do not apply to you regarding those dealings.

Reasonable measures
What constitutes reasonable measures will vary in accordance with the context in which they occur, and therefore could differ from one situation to the next. However, reasonable measures would include retrieving the information already contained in your files or elsewhere within your business environment, or obtaining the information directly from the client.

6.2 Third party records

If you determine that there is in fact a third party, as explained above, you have to keep a record of the following information:

• the third party's name, address and principal business or occupation;
• if the third party is an individual, the third party's date of birth;
• the incorporation number and place of incorporation if the third party is a corporation; and
• in the case of a large cash transaction, the nature of the relationship between the third party and the individual who gives you the cash; or
• in the case of a client information record, the nature of the relationship between the third party and the client. For examples of third party relationships, see field 18 of Part G in the large cash transaction report.

For more information about recording business or occupation, see subsection 3.2, under the heading "Contents of a large cash transaction record".

If you are not able to determine that there is in fact a third party, but you have reasonable grounds to suspect that there are instructions of a third party involved, you have to keep a record to indicate the following:

• in the case of a large cash transaction, whether, according to the individual giving the cash, the transaction is being conducted on behalf of a third party; or
• in the case of a client information record, whether, according to the client, the transaction is being conducted on behalf of a third party.

This record must also indicate details of why you suspect the individual is acting on a third party's instructions.

7. Politically Exposed Foreign Person Determination and Related Records

If you deal in reinsurance, the requirements regarding politically exposed foreign persons do not apply to those dealings.

A politically exposed foreign person is an individual who holds or has ever held one of the following offices or positions in or on behalf of a foreign country:

• a head of state or government;
• a member of the executive council of government or member of a legislature;
• a deputy minister (or equivalent);
• an ambassador or an ambassador's attaché or counsellor;
• a military general (or higher rank);
• a president of a state owned company or bank;
• a head of a government agency;
• a judge; or
• a leader or president of a political party in a legislature.

A politically exposed foreign person also includes the following family members of the individual described above:

• mother or father;
• child;
• spouse or common law partner;
• spouse's or common law partner's mother or father and
• brother, sister, half-brother or half-sister (that is, any other child of the individual's mother or father).

Exceptions
The requirements described in this section do not apply in the exceptions described under the heading “Certain types of transactions” in subsection 4.2.

7.1 Politically exposed foreign person determination

If you receive a lump-sum payment of $100,000 from an individual for an annuity or a life insurance policy, you have to take reasonable measures to determine whether you are dealing with a politically exposed foreign person. This has to be done within 14 days after the transaction occurred.

In this context, reasonable measures to determine whether or not you are dealing with a politically exposed foreign person include the following:

• asking the client; or
• consulting a credible source of commercially or publicly available information about politically exposed persons.

Once you have determined that an individual is a politically exposed foreign person, you will not have to do it again.

If the individual from whom you received the lump-sum payment described above is a politically exposed foreign person, you also have to do the following:

• take reasonable measures to establish the source of funds used by the individual for the transaction; and
• within 14 days after the transaction occurred, get a member of senior management to review the transaction.

You have to make the determination and get senior management to review the transaction within a single period of 14 days. For example, if it takes you 5 days after the transaction to make the determination that you are in fact dealing with a politically exposed foreign person, you have 9 days left to get senior management to review the transaction.

In establishing the source of funds, reasonable measures also include asking the client or consulting available information about the transaction. Also in the context of this section, senior management means an individual who has the following:

• authority to make and be held accountable for management decisions about this type of transaction;
• awareness of the money laundering or terrorist financing risks to which the life insurance company, broker or agent or this type of transaction is exposed; and
• awareness of politically exposed foreign persons.

7.2 Politically exposed foreign person records

Once a transaction has been reviewed, as explained in subsection 7.1, you have to keep a record of the following:

• the office or position of the individual who is a politically exposed foreign person;
• the source of the funds, if known, that were used for the transaction;
• the date you determined the individual to be a politically exposed foreign person;
• the name of the member of senior management who reviewed the transaction; and
• the date the transaction was reviewed.

8. Foreign Subsidiaries or Branches

The following requirements concerning foreign subsidiaries or branches apply only to life insurance companies, not to life insurance brokers or agents.

8.1 Foreign subsidiaries

If your life insurance company has foreign subsidiaries, you have to ensure that they develop and apply policies and procedures consistent with record keeping, client identification and compliance regime requirements here in Canada. This only applies if all of the following conditions are met:

• The subsidiary is wholly-owned by your life insurance company.
• The subsidiary carries out life insurance company, financial entity or securities dealer activities.
• The subsidiary is located in a country that is not a member of the Financial Action Task Force (FATF). To find out which countries are members of the FATF, refer to its Web site (http://www.fatf-gafi.org).
• The laws of the country in which the subsidiary operates permit compliance with these requirements.

If a foreign subsidiary meets these conditions, refer to Guideline 4: Implementation of a Compliance Regime for more information about the Canadian compliance regime requirements. The Canadian record keeping and client identification requirements are those explained in this guideline, except that requirements concerning politically exposed foreign person determination and related records (see section 7) do not apply to the foreign subsidiary.

If the laws of the country in which your subsidiary operates prohibit compliance with these Canadian requirements, you have to keep a record to that effect.

If you are an authorized foreign company with respect to insurance in Canada, these Canadian requirements concerning foreign subsidiaries do not apply to you.

8.2 Foreign branches

If your life insurance company has foreign branches, you have to ensure that they develop and apply policies and procedures consistent with record keeping, client identification and compliance regime requirements here in Canada. This only applies if all of the following conditions are met:

• The branch carries out life insurance company, financial entity or securities dealer activities.
• The branch is located in a country that is not a member of the Financial Action Task Force (FATF). To find out which countries are members of the FATF, refer to its Web site (http://www.fatf-gafi.org).
• The laws of the country in which the branch operates permit compliance with these requirements.

If a foreign branch meets these conditions, refer to Guideline 4: Implementation of a Compliance Regime for more information about Canadian compliance regime requirements. The Canadian record keeping and client identification requirements are those explained in this guideline, except that requirements concerning politically exposed foreign person determination and related records (see section 7) do not apply to a foreign branch.

If you are an authorized foreign company with respect to insurance in Canada, these requirements concerning foreign branches do not apply to you.

9. How Should Records Be Kept?

You should maintain an effective record keeping system to enable FINTRAC to have access to the records in a timely fashion. Your records have to be kept in such a way that they can be provided to FINTRAC within 30 days of a request to examine them.

For the requirements explained in this guideline, you can keep records in a machine-readable or electronic form, as long as a paper copy can be readily produced from it. For example, if you have a document imaging system, you do not have to produce the original document for these purposes, as long as you can print the imaged one.

The record keeping requirements explained in this guideline are about each record to be kept. Your record keeping system can store the information required for any one record separately, as long as you are able to readily retrieve and put the information together for the record whenever necessary.

You are not required to keep a copy of the reports you make to FINTRAC (other than the suspicious transaction report as explained in subsection 3.4), but you may choose to do so. It is recommended that you keep the information that FINTRAC sends you in the acknowledgement message about each report processed. This provides the date and time the report was received along with its identification number.

Timeframe for keeping records
In the case of client information records, records to confirm the existence of an entity (including a corporation), beneficial ownership records and politically exposed foreign person records, these records have to be kept for five years from the day the last business transaction was conducted.

In the case of a copy of a suspicious transaction report, the record has to be kept for a period of at least five years following the date the report was made.

In the case of all other records, the records must be kept for a period of at least five years following the date they were created.

Employees, contractors, or agents who keep records for you
Your employees who keep records (as described in section 3) for you are not required to keep those records after the end of their employment with you. The same is true for individuals in a contractual relationship with you, after the end of that contractual relationship. This means that you have to get and keep the records that were kept for you by any employee or contractor before the end of that individual's employment or contract with you.

If you are an independent life insurance agent or broker, you are required to keep records as explained throughout this guideline.

10. Penalties for Non-Compliance

Failure to comply with your record keeping or client identification requirements can lead to criminal charges against you. Conviction of failure to retain records could lead to up to five years imprisonment, to a fine of $500,000, or both. Alternatively, failure to keep records or identify clients can lead to an administrative monetary penalty. For more information on penalties, you can also consult the Penalties for non-compliance section of FINTRAC's Web site.

11. Comments?

These guidelines will be reviewed on a periodic basis. If you have any comments or suggestions to help improve them, please send your comments to the mailing address provided below, or by email to guidelines-lignesdirectrices@fintrac-canafe.gc.ca.

12. How to Contact FINTRAC

For further information on FINTRAC and its activities, reporting and other obligations, please go to FINTRAC's website (http://www.fintrac-canafe.gc.ca) or contact FINTRAC:

Financial Transactions and Reports Analysis Centre of Canada
234 Laurier Avenue West, 24th floor
Ottawa, Ontario
Canada K1P 1H7

Toll-free: 1-866-346-8722