Inside the March 2026 AMP increase: new ceilings, new exposure

In March 2026, the administrative monetary penalty (AMP) framework that backs the PCMLTFA was updated with materially higher ceilings. The change is technical in form but strategic in effect: the worst-case dollar exposure for a Canadian reporting entity that fails its compliance obligations has gone up, in some categories, several-fold.

What the increase actually does

AMPs in the AML regime are tiered by violation severity, minor, serious, and very serious, and by whether the entity is a natural person or an entity. The March 2026 changes lifted the per-violation ceilings across these tiers and, importantly, did not change the rule that violations can be assessed per occurrence. A pattern of recurring violations across a customer book or a reporting period can therefore aggregate quickly.

Why the change happened now

Two pressures converged. Internationally, Canada has been responding to FATF mutual evaluation feedback that the AMP framework was not proportionate or dissuasive enough relative to the size of regulated firms and the volumes they process. Domestically, FINTRAC and policymakers wanted to close the gap between the cost of compliance and the cost of non-compliance, which had, in some segments, tilted in the wrong direction.

Where exposure changes most

• High-volume MSBs and PSPs, where per-occurrence violations across thousands of transactions can compound.
• Crypto-asset service providers, where reporting and recordkeeping obligations interact with high transaction velocity.
• Firms with weak documentation, because each undocumented decision becomes a potential separate violation.
• Firms with stale risk assessments, because foundational deficiencies tend to drive multiple downstream findings.

How to think about it as a board or executive

The right framing is no longer 'what's the worst single fine we could receive?' It's 'what's the multi-million-dollar aggregate exposure across our current book if an examination surfaces a foundational deficiency?' That number, for many lean firms, now exceeds the cost of materially upgrading the compliance program, which is precisely the behavioural change the increase is designed to drive.

Practical next steps

• Re-run a gap assessment against the current PCMLTFA standard, not the one your program was built against.
• Quantify exposure: estimate per-occurrence violations across your book if a foundational gap were found.
• Prioritize remediation by exposure-weighted risk, not by ease.
• Make sure your audit trail can prove what you actually did, in the order you did it.

The takeaway

Higher ceilings don't automatically mean higher fines for everyone. They do mean that the firms who treated compliance as a checkbox now have a much larger, much more visible downside. The cost of doing the work properly has, for the first time in years, become clearly cheaper than the cost of not doing it.