advisoryaicontact
Back to advisory insightsAdvisory Insights

BillC-2TightensFINTRACReporting:MoreObligations,JailExposureforNon-Compliance,andMuchBiggerFines

Rockwell AdvisoryRegulatory Update10 min read

This article is about PCMLTFA compliance, FINTRAC reporting, and administrative penalties. It is easy to confuse those topics with border, immigration, and refugee law, because federal bills have reused similar short titles and bill numbers across sessions. Always verify the exact bill text and Royal Assent on Parliament's LEGISinfo.

Update (April 2026): border bills, C-2, C-12, and FINTRAC

PCMLTFA / FINTRAC: Bill C-12 (Strengthening Canada's Immigration System and Borders Act) received Royal Assent on March 26, 2026. FINTRAC ties key PCMLTFA and administrative monetary penalty updates to that enactment. Earlier commentary often cited Bill C-2 in the same policy debate; for AML compliance planning, use C-12and FINTRAC's modernization page as the current reference point.

Civil society and legal commentators often discuss Bills C-2 and C-12 together as part of a border security and immigration agenda. For example, organizations such as Romero House and similar groups have criticized measures described as restricting refugee rights, enabling mass deportation or status cancellation, expanding surveillance, or both. Some accounts describe an earlier Bill C-2 package (sometimes linked to border "hardening" and broad law-enforcement access proposals) and a later Bill C-12 as a revised Strengthening Canada's Immigration System and Borders Act that adjusted certain contested items while retaining or accelerating strict immigration limits. Rockwell Advisory does not endorse or litigate those positions; we cite them so readers see why social media conflates "C-2" and "C-12" with more than AML.

Why FINTRAC still matters here: The same Strengthening Canada's Immigration System and Borders Act (in the form that received Royal Assent on March 26, 2026 in FINTRAC's published timeline) also amends the PCMLTFA and related AMP rules. FINTRAC lists those money-laundering and reporting-entity items on its modernization page. That is a different chapter of the statute than refugee intake rules, even though the short title sounds immigration-only.

Official FINTRAC summary: Modernization and upcoming changes impacting reporting entities. Our walkthrough: FINTRAC modernization (2026).

For operators:Whatever the political debate, FINTRAC's published expectations for reporting entities, STR quality, and AMP risk are a separate compliance thread you still have to run against your program.

1) More and clearer reporting obligations

Parliamentary debates and omnibus statutes that touch the PCMLTFA have repeatedly pointed at duties that affect FINTRAC filings. FINTRAC's 2026 modernization notes emphasize effective, risk-based compliance programs, limits on anonymous accounts, and (over time) broader enrolment concepts. The policy direction is toward fewer informal gaps and more demonstrable controls, including:

New Requirements

  • Mandatory enrollment with FINTRAC for every reporting entity, with ongoing renewal requirements.
  • Expanded inspection powers, allowing FINTRAC to examine any person or entity it reasonably believes falls under the Act.
  • Explicit accuracy duties: submitting false, misleading, or incomplete information can constitute an offence depending on the provision and facts.
  • Ban on anonymous accounts or accounts for unidentified clients.

These add to the existing requirements to file STRs, LCTRs, LVCTRs, and EFTRs accurately, maintain KYC documentation, train employees, and conduct periodic compliance reviews.

Key takeaway: Treat every submission to FINTRAC as a regulated filing with traceable accuracy. Documentation and audit trails are central to defending your program.

2) Non-compliance can mean imprisonment

Serious PCMLTFA breaches have long carried criminal risk in appropriate cases. Reform bills have continued to stress that certain failures are not merely administrative. Examples that policymakers and commentators have highlighted include:

Criminal Offenses

  • Failing to enroll with FINTRAC.
  • Failing to file a required report.
  • Opening or maintaining anonymous accounts.
  • Making false or misleading statements, including by omission.

In short, gaps once waved away as purely administrative deserve a second look beside your criminal exposure analysis, especially where intent, repeat conduct, or aggravating facts exist.

Critical warning: Get legal advice on which offences apply to your facts. AMPs, compliance orders, and criminal proceedings are different tracks; some matters can still escalate beyond administrative fines.

3) Penalties jump to record highs (PCMLTFA and FINTRAC AMP framework)

The headline increases to administrative monetary penalty maximums that commentators often quote in the ~$4 million / ~$20 million range for individuals and entities are tied in public law-firm summaries and FINTRAC's modernization materials to PCMLTFA amendments that received Royal Assent on March 26, 2026 alongside other provisions of the Strengthening Canada's Immigration System and Borders Act. FINTRAC states that transitional provisions apply, so which cap applies can depend on timing and the specific violation. Treat the table below as a planning guide, not legal advice:

New Maximum Penalties

Standard Violations

  • Individuals: up to $4 million (previously $100k)
  • Entities: up to $20 million (previously $500k)

Breaches of Compliance Orders

  • Individuals: $5 million or 3% of income
  • Entities: $30 million or 3% of gross revenue

Compliance failures can hit the balance sheet hard, especially for larger institutions.

Financial impact: When maximum AMPs rise by an order of magnitude, model your exposure under supervision and fix weak reporting lines before FINTRAC finds repeat contraventions.

For the penalty schedule landing page with MSB examples, see FINTRAC AMP penalty schedule.

What this means right now

Immediate Action Items

  • Treat every filing as a regulated submission, not an internal report.
  • Maintain documentation that proves enrollment, timely reporting, data accuracy, and audit trail integrity.
  • Strengthen "reason-for-no-STR" documentation to show defensible risk-based decisions.
  • Eliminate all anonymous or partial-ID onboarding practices.

The takeaway

Whether the headline is border politics or AML supervision, the operational lesson for reporting entities is the same: Canada's AML regime expects evidence-backed compliance, accurate FINTRAC reporting, and leadership attention. Accuracy and timeliness are non-negotiable when supervisors can combine AMPs, orders, and in serious cases criminal referrals.

To stay ahead, compliance leaders must automate error-checking, submission tracking, and evidence logging.

How Rockwell Advisory Can Help

Rockwell Advisory helps operate FINTRAC reporting workflows, including STRs, LCTRs, LVCTRs, and EFTRs, through a documented review, escalation, and filing workflows that:

  • Validates data before submission to ensure accuracy
  • Ensures on-time delivery of all required reports
  • Maintains a full audit trail for your records
  • Provides compliance documentation for enrollment requirements
  • Adds error-checking and submission tracking

Impact on Different Business Types

Money Services Businesses (MSBs)

  • • Mandatory FINTRAC enrollment verification
  • • Enhanced accuracy requirements for all reports
  • • Criminal liability for false submissions
  • • Zero tolerance for anonymous accounts

Financial Institutions

  • • Expanded FINTRAC inspection powers
  • • Higher accuracy standards for reporting
  • • Potential criminal prosecution for failures
  • • Documentation requirements for all decisions

Securities Dealers

  • • Enhanced compliance monitoring
  • • Criminal penalties for non-compliance
  • • Mandatory enrollment verification
  • • Audit trail requirements

Other Reporting Entities

  • • Universal enrollment requirements
  • • Enhanced inspection exposure
  • • Criminal liability expansion
  • • Documentation standards

Final Thoughts

Taken together, parliamentary debate over border and omnibus bills and the 2026 FINTRAC modernization track reinforce one message: enforcement design is catching up to risk. Universal enrolment, stronger programs, higher AMP caps, and clearer supervisory tools are all pointed at the same outcome: fewer paper programs and more defensible operations.

Organizations should treat FINTRAC compliance as a mission-critical business function, not a checkbox. The cost of non-compliance keeps rising, financially and reputationally, when examinations find systemic gaps.

The time to act is now. Review your compliance programs, strengthen your documentation, and consider operating support to ensure accuracy and timeliness in this new enforcement environment.

stay audit-ready.

join Rockwell compliance insights

Occasional notes on FINTRAC enforcement, AML program operations, effectiveness reviews, and compliance lessons worth acting on.

need a compliance operator?

Rockwell Advisory helps MSBs and reporting entities design, run, and document AML programs that can stand up to banks, auditors, and FINTRAC reviews.

Book a compliance callExplore outsourced CCO