This is an enforcement action by FINTRAC against VersaBank, a bank, for violations of AML/CFT compliance obligations under Canadian money laundering legislation.
The violations involve failure to implement adequate client monitoring and enhanced due diligence procedures, which relate to payment account holder risk management and KYC obligations.
Specialism
FINTRAC imposed a clear administrative monetary penalty of $42,075 on VersaBank for serious violations of AML/CTF obligations including failure to develop adequate compliance policies, suspicious transaction reporting procedures, and enhanced due diligence measures for high-risk clients.
The violations directly concern AML/CTF compliance failures including client monitoring, risk assessment procedures, and enhanced due diligence obligations under Canada's money laundering and terrorist financing legislation.
2026-05-06 16:06:25·ataylor@vixio.com
Meta Id
3125760
Content ID
3134242
GUID
9e823f7dbeec34d4a91a1cd3c45c1324
Nature of the administrative violations committed by VersaBank, a bank headquartered in London, Ontario.
Pipeline Progress
🔄 Pipeline Journey
⏱
13s
total
✓
Queued16:06:12
+0s
✓
Metadata16:06:12
+1s
✓
S3 Content16:06:13
+0s
✓
Extracted16:06:13
+6s
✓
LLM Gen16:06:19
+6s
✓
Stored16:06:25
TITLE: Canada's Financial Transactions and Reports Analysis Centre Imposes Administrative Monetary Penalty on VersaBank
BODY:
On February 23, 2026, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) imposed an administrative monetary penalty of $42,075 on VersaBank, a bank headquartered in London, Ontario, for committing two serious violations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and associated Regulations. The penalty has been paid in full and the case is closed.
The first violation involved VersaBank's failure to develop and apply adequate written compliance policies and procedures as required under subsection 9.6(1) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and paragraph 156(1)(b) of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations. FINTRAC determined that VersaBank inadequately documented policies and procedures relating to the reasonable grounds to suspect threshold for suspicious transaction reports, fraud-related filing requirements, ongoing client monitoring, and prescribed risk assessments. Specifically, the bank's monitoring frequency for elevated and high-risk clients was identical, and its risk assessment policy required completion every three years rather than the mandated two-year requirement.
The second violation concerned VersaBank's failure to take prescribed special measures for high-risk clients under subsection 9.6(3) of the act and section 157 of the Regulations. FINTRAC identified seven instances where VersaBank failed to correctly identify elevated and high-risk clients and apply enhanced due diligence measures. These included three clients incorrectly classified as standard risk despite documented risk factors, three clients with multiple internal control alerts and previous suspicious transaction reports requiring special measures, and one high-risk client lacking required enhanced due diligence.
Both violations were classified as serious violations. The penalty determination considered criteria outlined in section 73.11 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and section 6 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Administrative Monetary Penalties Regulations. The violations were identified during a compliance assessment activity.
Administrative monetary penalty on VersaBank Administrative monetary penalty on VersaBank [ 2026-05-05 ] VersaBank, a bank headquartered in London, Ontario, was imposed an administrative monetary penalty of $42,075 on February 23, 2026, for committing 2 violations. The violations were found during the course of a compliance assessment activity. The administrative monetary penalty has been paid in full and the case is closed. Nature of violation Violation #1 Failure to develop and apply written compliance policies and procedures that are kept up to date and, in the case of an entity, are approved by a senior officer – Proceeds of Crime (Money Laundering) and Terrorist Financing Act, subsection 9.6(1) and Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations, paragraph 156(1)(b) FINTRAC determined that VersaBank did not develop or apply adequate policies and procedures to meet its prescribed obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and associated Regulations. Specifically, VersaBank did not adequately document the required policies and procedures related to the reasonable grounds to suspect threshold for the filing of suspicious transaction reports, the filing of suspicious transaction reports when fraud is suspected, ongoing monitoring of clients, and performing a prescribed risk assessment at least once every 2 years. FINTRAC determined that VersaBank’s policies and procedures for the ongoing monitoring of its elevated and high-risk clients are inadequate because the monitoring frequency is the same for both categories. FINTRAC also identified that VersaBank’s policies and procedures specifies that it will complete the prescribed risk assessment at least once every 3 years. This does not meet the regulatory requirement, which requires financial institutions to complete the prescribed risk assessment at least once every 2 years. Violation #1 is classified by the regulations as a Serious violation. The imposed penalty takes into account the criteria in section 73.11 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and section 6 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Administrative Monetary Penalties Regulations. Violation #2 Failure to take the prescribed special measures that are required to be taken by a person or entity when the person or entity considers that the risk is high, or in the prescribed circumstances, the person or entity shall take the special measures referred to in the regulations – Proceeds of Crime (Money Laundering) and Terrorist Financing Act, subsection 9.6(3) and Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations, section 157. VersaBank failed to correctly identify elevated and high-risk clients in at least 7 instances and apply enhanced due diligence measures. FINTRAC’s assessment identified 3 instances where clients were identified as “standard risk” but should have been identified as “elevated” risk due to the presence of bank-documented risk factors (such as negative media). In addition, there were 3 separate clients who had triggered multiple alerts against VersaBank’s internal controls and had previous suspicious transaction reports filed on them, which necessitated the application of special measures as prescribed by the Regulations. VersaBank also failed to correctly identify a high-risk client and apply the required enhanced due diligence measures. Violation #2 is classified by the regulations as a Serious violation. The imposed penalty takes into account the criteria in section 73.11 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and section 6 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Administrative Monetary Penalties Regulations. Related link News release: FINTRAC imposes an administrative monetary penalty on VersaBank Date Modified: 2026-05-05