Skip To Content

Cannabis-related businesses – what you need to know about anti-money laundering requirements

July 6, 2017


In Canada, it is legal to produce, distribute and sell marijuana for medical purposes under federal licence. The Canadian government has announced its intention to also legalize the recreational production, sale and use of cannabis in Canada.  Notwithstanding the legalization of cannabis-related businesses and the growing acceptance of such businesses as legitimate (including in capital market transactions), some financial institutions in Canada continue to view cannabis-related businesses as high-risk clients. Part of the risk assessment by financial institutions includes their compliance requirements under Canada’s anti-money laundering legislation (consisting of Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated regulations and certain provisions of the Criminal Code) (AML Legislation). We expect that compliance with AML Legislation in respect of cannabis-related businesses will become more streamlined (and manageable) by financial institutions in step with the continued regulation and oversight of cannabis-related businesses by federal regulators.

Under the AML Legislation, (i) “reporting entities” (such as financial institutions) are required to comply with client identification, record keeping and reporting requirements, and (ii) every person (and not just reporting entities) is prohibited from dealing with proceeds of crime or dealing with any property that may be used in any terrorist activity.  This note addresses the requirements applicable to reporting entities as they may apply to cannabis-related businesses.

“Reporting entities” include financial institutions and certain other types of businesses (e.g., securities dealers, life insurance companies, casinos, money services businesses) but do not include cannabis-related businesses. However, it would be prudent for cannabis-related businesses to become familiar with the requirements as they apply to them as customers of financial institutions.

Know your client requirements

Financial entities are required to verify the identity of clients for certain activities and transactions. These requirements include identifying clients using certain prescribed methods, including confirming the existence of entities. Entities can be corporations, trusts, partnerships, funds, and unincorporated associations or organizations. When confirming the existence of an entity that is a corporation, financial entities have to verify its name and address, and the names of the corporation’s directors.

When financial entities form a “business relationship” with a client, they are required to conduct ongoing monitoring of such client. For example, a financial entity is in a business relationship with every individual or entity that holds an account with it. For non-account-based relationships, financial entities are considered to be in a business relationship with every individual they have had to identify at least twice, and with every entity whose existence they have had to confirm at least twice. 

Here are examples of transactions when financial entities are responsible for identifying clients:

  • account openings and signature card creation
  • credit card account opening
  • large cash transactions
  • suspicious transactions
  • electronic funds transfers of $1,000 or more
  • foreign currency exchange of $3,000 or more
  • issuing or redeeming $3,000 or more in money orders, traveller’s cheques or other similar negotiable instruments


Financial entities are required to complete reports about certain transactions and property and submit them to Financial Transactions and Reports Analysis Centre of Canada (also known as FINTRAC). FINTRAC is the Canadian federal agency responsible for administering the AML Legislation.  Here are examples of the types of transactions that financial entities are required to report to FINTRAC:

  • Large cash transactions: When a financial entity receives $10,000 or more in cash either in a single transaction or in multiple transactions within a 24-hour period, it must submit a report within 15 calendar days.
  • Electronic funds transfers: When a financial entity sends or receives client-initiated instructions to transfer $10,000 or more internationally, either in a single transaction or in multiple transactions within a 24-hour period, it must submit a report within five business days.
  • Suspicious transactions: Within 30 days of determining that there are reasonable grounds to suspect that a transaction or an attempted transaction is related to the commission or attempted commission of a money laundering or terrorist activity financing offence, financial entities are required to submit a report.
  • Terrorist property: When a financial entity knows that property in its possession or under its control is owned, controlled by or on behalf of a terrorist or a terrorist group, it must submit a report. It must also submit a report to the Royal Canadian Mounted Police and the Canadian Security Intelligence Service.

Record keeping

Financial entities are responsible for keeping certain account, transaction and client identification records. These records are to be kept in such a way that they can be provided to FINTRAC within 30 days if required to do so. Generally, the records are required to be kept for five years from the date when the relevant transaction occurred and the record was created or, in some cases, the account was closed. Here are examples of client activities and transactions when financial entities are required to keep records:

  • Suspicious transaction report records
  • Large cash transaction records
  • Records of transactions of $3,000 or more
  • If the financial entity receives $3,000 or more for the issuance of traveller's cheques, money orders or other similar negotiable instruments
  • If the financial entity redeems $3,000 or more in one or multiple money orders
  • Records of electronic funds transfers of $1,000 or more
  • Foreign currency exchange transaction records
  • Account opening records
  • Signature cards
  • Intended use of an account
  • Account records
  • Deposit slips
  • Account statements
  • Cleared cheque records
  • Credit arrangement records
  • Credit card account opening records
  • Reasonable measures records