What is an MSB and do I need to register with FINTRAC?

A Money Service Business (MSB) is any entity that provides financial services such as foreign exchange, money transfers, dealing in virtual currencies, or issuing/redeeming money orders. Under Canada's Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), all MSBs — both domestic and foreign — must register with FINTRAC before operating in or from Canada.

How long does MSB registration take in Canada?

With proper preparation, the FINTRAC registration process can be completed within 30 days. This includes incorporating your company, preparing all required documentation, and submitting the MSB registration application. Delays typically occur when documentation is incomplete or the compliance program isn't properly structured.

Do I need a compliance program to register as an MSB?

Yes. Under the PCMLTFA, every registered MSB in Canada must implement a full AML/ATF compliance program. This includes appointing a Compliance Officer, developing written policies and procedures, conducting risk assessments, implementing KYC processes, providing staff training, and maintaining a two-year effectiveness review cycle. FINTRAC can examine your compliance program at any time.

Can a non-resident start an MSB in Canada?

Yes. Non-residents can incorporate a company and register an MSB in Canada. There are specific requirements around directors, registered addresses, and compliance infrastructure that must be met. We work with international founders regularly and can guide you through the entire process — from incorporation to FINTRAC registration and banking.

Why is it so difficult for MSBs to get a bank account in Canada?

Canadian banks consider MSBs high-risk clients due to money laundering and terrorist financing concerns. Many banks have strict de-risking policies. Success depends on having a strong compliance program, clear documentation of your business model, and approaching the right financial institutions with a properly prepared application.

Do crypto businesses need to register as MSBs in Canada?

Yes. Since June 2020, businesses dealing in virtual currencies are classified as MSBs under Canadian law. This includes crypto exchanges, crypto ATM operators, and any business that provides virtual currency exchange services. These businesses must register with FINTRAC, implement a full compliance program, and report transactions just like any other MSB. Foreign-based crypto platforms serving Canadian users are also required to register.

What is the RPAA and does my business need to register?

The Retail Payment Activities Act (RPAA) is a regulatory framework overseen by the Bank of Canada that applies to Payment Service Providers. If your business is involved in electronic funds transfers, holding funds for end users, or providing clearing and settlement services, you likely need to register under the RPAA. The RPAA applies to payment processors, fintech companies, crypto exchanges with payment functions, e-commerce platforms, and prepaid card issuers.

AML/ATF Compliance · Canada

AML/ATF Compliance Programs for Canadian MSBs

Without a strong compliance program, your MSB won't survive its first FINTRAC examination - and no Canadian bank will open an account for you. We build compliance programs that satisfy regulators, unlock banking, and protect your business from day one.

All services

The Hard Truth

Your compliance program isn't just a regulatory requirement. It's the single document that determines whether banks will work with you.

Every Canadian bank that considers opening an account for an MSB will ask for your compliance program. Not a summary - the full document. Your KYC procedures, transaction monitoring protocols, risk assessment methodology, STR filing processes, staff training records, and two-year effectiveness review schedule. If any of these are missing, weak, or clearly copied from a generic template, the bank's compliance team will decline your application. No second review, no follow-up - just a closed door.

FINTRAC operates the same way. During an examination, they don't just check that a compliance program exists - they evaluate whether it's tailored to your specific business model, adequately addresses your risk exposure, and is actually being implemented in practice. A compliance program that looks good on paper but doesn't reflect your real operations will fail examination.

We've seen this pattern repeatedly: founders who paid for cheap templates or generic compliance documents, then spent months trying to open a bank account while being rejected at every institution. By the time they come to us, they've lost half a year of revenue and burned through banking relationships they can't revisit.

We build compliance programs from operational experience - programs that satisfy FINTRAC, open banking doors, and actually work in practice.

What Goes Wrong

Why most MSB compliance programs fail

Generic Templates

Downloaded compliance templates are the most common trap. They contain boilerplate language that doesn't reflect your actual business model, risk profile, or operational processes. FINTRAC examiners and bank compliance officers spot templates immediately - and they signal that your business isn't serious about compliance.

Weak KYC Procedures

Know Your Customer isn't a checkbox exercise. Your KYC procedures must define exactly how you identify clients, verify their identity, screen against sanctions lists, assess risk levels, and conduct ongoing monitoring. Vague or incomplete KYC policies are the number one reason banks reject MSB account applications.

No Risk Assessment

FINTRAC requires every MSB to conduct a risk assessment specific to its business - covering products, services, delivery channels, client types, and geographic exposure. Without a proper risk assessment, your entire compliance program has no foundation. It's the first thing examiners look for, and its absence triggers immediate deficiency findings.

Missing Transaction Monitoring

How do you detect suspicious activity? What are your thresholds? Who reviews flagged transactions? How quickly do you file STRs? Banks and FINTRAC both want clear, documented answers to these questions. MSBs without defined transaction monitoring processes face enforcement action and banking relationship termination.

No Banking Access

This is where weak compliance hits hardest. Canadian banks routinely reject MSBs with inadequate compliance programs - and once you're declined, that institution is often closed to you permanently. Each failed bank application narrows your options and delays your launch. A strong compliance program isn't optional - it's your ticket to banking.

FINTRAC Examination Exposure

FINTRAC can examine your compliance program at any time - including shortly after registration. Non-compliance findings result in administrative monetary penalties starting at tens of thousands of dollars, public disclosure of violations, and potential criminal referrals in serious cases. The cost of a proper compliance program is insignificant compared to the cost of failing an examination.

No compliance program = no bank account

Every Canadian bank that works with MSBs requires a full AML/ATF compliance program as part of the account opening process.

Bank compliance teams review your KYC procedures, risk assessment, transaction monitoring protocols, and reporting processes before approving your application. A weak program gets you declined. A strong program - one that demonstrates you understand your risks and know how to manage them - gets you approved.

We've helped MSBs open accounts at major Canadian financial institutions. The difference between approval and rejection almost always comes down to the quality of the compliance program.

Build Your Compliance Program

What's Included

Complete AML/ATF compliance program

Business-Specific Risk Assessment

A comprehensive risk assessment tailored to your MSB activities, client types, delivery channels, products, services, and geographic exposure - the foundation that shapes every other element of your compliance program.

KYC Policies & Procedures

Detailed Know Your Customer procedures covering client identification, identity verification, beneficial ownership determination, PEP and sanctions screening, risk rating, and ongoing client due diligence - built for your specific business model.

Transaction Monitoring Framework

Defined processes for monitoring transactions, detecting unusual patterns, escalating alerts, and documenting decisions - with thresholds and indicators calibrated to your business type and risk profile.

Suspicious Transaction Reporting

STR filing procedures, internal escalation protocols, documentation requirements, and timelines - ensuring your MSB meets FINTRAC's reporting obligations without gaps or delays.

Record Keeping Policies

Documentation standards for client records, transaction records, large cash transaction reports, electronic fund transfers, and all other recordkeeping obligations under the PCMLTFA - organized for both operational use and FINTRAC examination.

Staff Training Program

A structured training program covering AML/ATF fundamentals, your specific compliance policies, red flag indicators, reporting obligations, and role-specific responsibilities - with documentation that demonstrates ongoing compliance to FINTRAC.

Compliance Officer Appointment

Guidance on appointing your Chief Anti-Money Laundering Officer (CAMLO), defining their responsibilities, and ensuring they have the authority and resources required by the PCMLTFA. We also offer outsourced CAMLO services if needed.

Two-Year Effectiveness Review

A framework for conducting the mandatory biennial review of your compliance program's effectiveness - including testing methodology, reporting templates, and remediation tracking to demonstrate ongoing compliance.

Get Started

Regulatory Requirements

What FINTRAC expects from your compliance program

Compliance Officer

Appointment of a person responsible for the implementation and oversight of the compliance program. Under the PCMLTFA, this role carries personal accountability for your MSB's AML/ATF obligations.

Written Policies & Procedures

Documented policies covering every aspect of your compliance obligations - KYC, transaction monitoring, reporting, record keeping, and risk mitigation. These must be specific to your business, not generic templates.

Risk Assessment

An assessment of the money laundering and terrorist financing risks inherent in your business model - considering your products, services, clients, delivery channels, and geographic exposure.

Ongoing Training

Regular training for all employees and agents on their AML/ATF responsibilities, your compliance policies, and how to identify and report suspicious activity. Training records must be maintained.

Effectiveness Review

A review of your compliance program's effectiveness at least once every two years, conducted by an internal or external auditor. The review must test the program's implementation and identify deficiencies.

Special Measures

Procedures for responding to ministerial directives, implementing special measures for high-risk jurisdictions, and complying with sanctions obligations as directed by the Government of Canada.

20+

Compliance programs built for Canadian MSBs

100%

Clients who secured banking with our compliance programs

FINTRAC deficiency findings on programs we built

2–3

Weeks - typical compliance program delivery

How It Works

From assessment to bank-ready compliance program

Business Analysis

We study your MSB activities, client types, transaction flows, technology stack, and operational model to understand your specific risk landscape and compliance needs.

Risk Assessment

We conduct a comprehensive risk assessment that maps your ML/TF exposure and forms the foundation of your entire compliance program - calibrated to your actual business, not a template.

Program Development

KYC procedures, transaction monitoring, STR protocols, record keeping, training program, and all supporting policies - written, reviewed, and delivered as a complete compliance package.

Banking & Implementation

Your compliance program is ready for bank submission and FINTRAC examination. We support you through banking applications and help implement the program in your daily operations.

Why BEMSB

We build compliance programs that do two things: pass FINTRAC examination and open bank accounts.

Most compliance consultants focus on producing documents. We focus on producing results. Every compliance program we deliver is built with both audiences in mind - the FINTRAC examiner who will test its completeness and the bank compliance officer who will evaluate its strength before approving your account.

We've operated MSBs ourselves. We've sat through FINTRAC examinations with our own compliance programs on the table. We've navigated bank onboarding processes from the applicant side. That experience is embedded in every program we build - it's not theoretical, it's battle-tested.

When other consultants deliver a compliance program, they hand you a PDF. When we deliver one, we hand you a tool that unlocks banking, satisfies regulators, and protects your business. The difference is operational experience, and it shows.

Frequently Asked Questions

MSB compliance programs in Canada

An AML/ATF compliance program is a set of policies, procedures, and controls that a money service business must implement to prevent money laundering and terrorist financing. Under the PCMLTFA, every Canadian MSB is required to have a compliance program that includes: appointment of a compliance officer, written policies and procedures, a risk assessment, ongoing staff training, and a biennial effectiveness review. The program must be tailored to your specific business model and actually implemented - not just documented.

Canadian banks face their own regulatory obligations when onboarding MSB clients. They must assess the money laundering and terrorist financing risk that your business presents to their institution. Your compliance program is the primary evidence they use to make that assessment. A strong program demonstrates that you understand your risks, have controls in place to manage them, and won't expose the bank to regulatory liability. Without one, banks have no basis for approving your account - and they won't take the risk.

You can, but it will likely cost you more than it saves. FINTRAC explicitly expects compliance programs to be tailored to the specific risks of your business. Template-based programs use generic language that doesn't reflect your actual operations, client types, or risk exposure. FINTRAC examiners are trained to identify template programs and will issue deficiency findings. Banks will decline your account application. The money you save on a template today will be spent on remediation, re-application fees, and lost revenue from delayed banking - many times over.

FINTRAC conducts examinations to assess whether your MSB is complying with the PCMLTFA. During an examination, FINTRAC will review your compliance program documentation, test whether your policies are being followed in practice, review client identification and transaction records, check your STR and LCTR filings, and interview staff. If deficiencies are found, FINTRAC may issue non-compliance findings, administrative monetary penalties, or refer serious cases for criminal investigation. We help clients prepare for examinations - and our compliance programs are built to withstand this level of scrutiny.

We typically deliver a complete compliance program within 2 to 3 weeks, depending on the complexity of your business model and the number of MSB activities you're engaged in. This includes the risk assessment, all policies and procedures, KYC documentation, transaction monitoring framework, training materials, and record keeping protocols. We work efficiently because we've built 20+ compliance programs for Canadian MSBs and know exactly what's needed - no wasted time, no unnecessary back-and-forth.

The PCMLTFA requires every MSB to review the effectiveness of its compliance program at least once every two years. This review must be conducted by someone - either internal or external - who is independent of the compliance function. The review tests whether your policies are being followed, your risk assessment is current, your training is effective, and your reporting obligations are being met. We provide effectiveness review services and can also build the framework so your team can conduct future reviews independently.

Yes - crypto MSBs face unique compliance requirements that standard AML programs don't address. Virtual currency transactions require wallet monitoring, blockchain analytics integration, travel rule compliance for virtual asset transfers, and specific KYC procedures for crypto-native clients. Your risk assessment must account for the anonymity risks inherent in virtual currencies, cross-border exposure, and the rapidly evolving regulatory landscape. We specialize in crypto MSB compliance and build programs that address these specific challenges while meeting all PCMLTFA requirements.

Get In Touch

Ready to build a compliance program that unlocks banking?

Start with a free 30-minute consultation. We'll assess your compliance needs, explain what's required for your specific MSB, and outline a clear path to a bank-ready compliance program.

Office 638, 145 1/2 Church Street, Unit 5
Toronto, Ontario, M5B 1Y4, Canada