The FINTRAC enforcement crisis facing Canadian MSBs: what the data actually shows

There are eight regulated sectors subject to FINTRAC administrative monetary penalties under the PCMLTFA. Banks, credit unions, real estate brokerages, securities dealers, casinos, precious metals dealers, accounting firms, and money services businesses. In the three years from 2023 to 2026, every one of those sectors received enforcement action. But when you look at where the penalty dollars actually landed, one sector stands apart by an extraordinary margin.

MSBs: the most penalized sector in Canada

Money services businesses and virtual currency dealers account for 88% of every dollar FINTRAC has collected in administrative monetary penalties over this three-year period. The total: CAD $205 million across 18 enforcement actions. For context, all other regulated sectors combined, banks, real estate, casinos, securities dealers, and the rest, account for the remaining 12%. Real estate brokerages had 16 enforcement actions in the same period, nearly as many as MSBs, yet generated only CAD $1.4 million in total penalties. MSBs are not simply examined more frequently. They are penalized at a structurally different severity level when violations are found.

• MSBs and virtual currency businesses: 18 cases, CAD $205 million total, CAD $226,792 median penalty.
• Banks: 6 cases, CAD $21 million total, CAD $1.9 million median penalty.
• Casinos and gaming: 4 cases, CAD $2.5 million total, CAD $637,000 median penalty.
• Real estate brokerages: 16 cases, CAD $1.4 million total, CAD $95,452 median penalty.
• Securities dealers, precious metals dealers, credit unions, and accounting firms combined: under CAD $2 million total.

Enforcement is not steady-state, it is accelerating

The year-over-year trend in FINTRAC enforcement activity is the data point every MSB compliance officer should be required to review. Total enforcement penalties across all sectors grew from CAD $9.3 million in 2023 to CAD $203 million in 2025, a 22-fold increase. The number of individual enforcement actions grew from 8 to 30 in the same period. This is not a statistical anomaly. It reflects a deliberate policy shift by FINTRAC toward outcome-based, publicly visible enforcement with material financial consequences for non-compliant entities. MSB cases specifically grew from 2 in 2023 to 9 in 2025, with total MSB penalties jumping from CAD $90,000 to CAD $198 million in a single year.

What FINTRAC is actually citing, and what it tells you about your own program

Of the 18 MSB enforcement actions in this three-year dataset, the violation categories cited most frequently are not exotic compliance failures. They are the foundational requirements every MSB compliance program is supposed to address:

• STR reporting failures, cited in 13 of 18 MSB cases (72%). This is the single most common violation across the entire dataset for the sector.
• Risk assessment deficiencies, cited in 11 of 18 cases (61%). Incomplete analysis, missing high-risk factors, no documentation of rationale.
• Compliance policies and procedures, cited in 10 of 18 cases (56%). Generic or outdated policies that don't reflect actual operations.
• EFT reporting failures, cited in 7 of 18 cases (39%). Late or missing electronic funds transfer reports.
• Ministerial directives non-compliance, cited in 5 of 18 cases (28%). Failure to implement country or activity-specific enhanced measures.
• Effectiveness review and record-keeping deficiencies, cited in 4 of 18 cases each (22%).

There is a near-perfect statistical correlation, 0.99, between the number of violations found and the total penalty imposed. Every unresolved compliance gap is not just a regulatory checkbox. It is a calculable financial liability that compounds with each additional deficiency discovered during an examination.

BriteBase Enforcement Analysis, May 2026

Bill C-12: when the same violations cost 40 times more

The enforcement environment described above operated under the previous PCMLTFA penalty regime. Bill C-12, in force since March 2026, increased the maximum administrative monetary penalty per violation by approximately 40 times over the previous ceilings. Applied to the enforcement patterns already documented in the public record, the consequences are severe:

• A single-violation case currently costing CAD $24,750 to $33,000 becomes a CAD $990,000 to $1.3 million exposure.
• A four-to-five violation case currently costing CAD $57,000 to $67,000 becomes a CAD $2.3 to $2.7 million event.
• The median MSB enforcement case, currently a CAD $226,792 penalty, becomes a projected CAD $9.07 million exposure.
• A multi-violation complex case currently assessed at CAD $536,853 becomes a projected CAD $21.5 million liability.

For an MSB operating under CAD $5 million in annual revenue, the median enforcement case under Bill C-12 is not a regulatory setback. It is an existential event. With Bill C-12 in force, the trajectory of enforcement intensity is no longer hypothetical, it should be reflected in every compliance investment decision being made today.

Three questions every MSB compliance officer should answer today

Given that the top three violation categories appear in 56% to 72% of MSB enforcement actions, every compliance officer should be able to answer the following with documented evidence, not an explanation of how the work gets done, but actual records proving it:

• Can you demonstrate that your STR identification and filing process works as documented and has been independently tested in the last 12 months? STR failures appear in 72% of MSB cases. If the answer requires more than one sentence, the answer is probably no.
• Is your customer risk assessment methodology documented, consistently applied, and defensible under examination? Risk assessment deficiencies appear in 61% of cases. Static ratings and spreadsheet-based scoring do not survive scrutiny.
• Do your compliance policies reflect current regulatory requirements, and can you produce records showing staff have read and acknowledged them? Policy gaps appear in 56% of cases. Documents without version control, acknowledgment records, or review dates are among the most common examination findings.

The bottom line

The enforcement curve is not flattening. Penalties grew 22-fold in two years, the most commonly cited violations are the foundational pillars of a functioning compliance program, and Bill C-12, in force since March 2026, has increased the per-violation cost by approximately 40 times. The firms that treat compliance as an operating system, with real workflows, a connected customer record, and a defensible audit trail, are the ones that come through examinations cleanly. Every other firm is one examination away from finding out exactly where their gaps are.