advisoryaicontact
Effectiveness Reviews

effectivenessreviewsthatkeepyourregistrationintactandyourbanksatisfied.

Under the PCMLTFA, every reporting entity must have an independent assessment of their compliance program's effectiveness at least once every two years. This is Pillar 5 of the FINTRAC compliance framework — and it's one of the first things FINTRAC and banking partners look for.

whythismattersnow.

The compliance environment has tightened significantly. Programs that were adequate at registration may no longer meet current FINTRAC expectations, and both regulators and banking partners are demanding proof.

  • FINTRAC revoked 86 MSB registrations in Q1 2026, many for program deficiencies
  • Banks increasingly demanding effectiveness reviews as a condition of keeping MSB accounts open
  • Armoured car companies’ first reviews are due mid-2026
  • Compliance programs written before 2023 and not formally reviewed are almost certainly deficient relative to current PCMLTFA obligations

howwehelp.

Three approaches depending on what your situation requires — from conducting the review directly to managing the process with an external firm.

Direct review

We assess your policies, procedures, risk assessments, training records, reporting accuracy, and overall program effectiveness against current FINTRAC expectations. A thorough, independent evaluation.

Liaison service

If your bank requires a review from a Big 4 firm or specific approved reviewer, we act as your internal compliance liaison — sourcing the right reviewer, preparing documentation, and fielding questions throughout the process.

Remediation

Post-review, we implement the findings — policy updates, procedure changes, training gaps, reporting fixes. Not just a report, but actual program improvement that makes your next review cleaner.

Ongoing compliance via Comply+

Comply+ keeps your transaction reporting structured and accurate between reviews, so the next assessment starts from a stronger baseline.

theteam.

has conducted effectiveness reviews for crypto MSBs and managed the process at a publicly listed company. led the first external compliance effectiveness review at Peloton Technologies. They know what reviewers look for because they\u2019ve been on both sides.
CPACFACAMS
Luke ThibodeauCPA · CFA · CAMSFounder and CEO

Luke is a finance and compliance operator who works hands-on with bitcoin-native companies, fintechs, and MSBs as a fractional CFO and CCO through Rockwell Advisory Group. As former CFO & CCO of Bitcoin Well (TSXV:BTCW), he built and ran the finance, compliance, and governance functions across a publicly listed, multi-entity crypto company from the ground up.

Today he brings that same operational depth to clients navigating treasury management, FINTRAC compliance, financial reporting, and corporate governance. Whether it's standing up a compliance program for a new MSB, managing multi-entity consolidations, or advising on AI strategy through Rockwell AI, Luke operates as an embedded member of the team rather than an outside advisor. He also founded Comply+, a RegTech platform automating FINTRAC reporting for Canadian MSBs, born directly from the pain points he encountered building compliance workflows by hand.

Charles KlineCAMSHead of Compliance

Charles leads compliance and risk for Rockwell Advisory Group, helping fintechs, MSBs, and payments companies build AML and KYC programs, tighten onboarding and monitoring, and stay aligned with FINTRAC and Canadian regulatory expectations. CAMS-certified, he works as an embedded operator: policies, controls, training, audit readiness, and the day-to-day execution that backs them up.

Previously he served as Compliance Officer and Director of Risk & Compliance at Peloton Technologies, running the enterprise AML program (including FCAC and RPAA), leading the RPAA roll-out for a large organization, training analysts on KYC, sanctions, and FINTRAC reporting, leading the first external Compliance Effectiveness Review, and rebuilding onboarding for FINTRAC KYC. Before that he was Head of Underwriting & Risk at Orchard Technologies, building PayFac-ready underwriting and AML frameworks and automated onboarding from early stage through Global Payments partnership. At Lightspeed Commerce (Payments), he scaled underwriting from a solo function to a global team of twenty across North America, EMEA, and APAC while keeping fraud losses below industry benchmarks.

Check your review readiness