FINTRAC Penalizes Northern Isga Foundation $91,162 for Casino Compliance Program Failures

What Happened

On March 26, 2026, FINTRAC announced an administrative monetary penalty of $91,162.50 against Northern Isga Foundation, the non-profit charitable organization that operates the Eagle River Casino and Travel Plaza in Glenevis, Alberta, on behalf of the Alexis Nakota Sioux Nation.

The penalty, imposed on March 2, 2026, follows a compliance examination that found 4 violations of Part 1 of the *Proceeds of Crime (Money Laundering) and Terrorist Financing Act* (PCMLTFA).

What stands out: every single violation targets the compliance program itself — not a missed transaction report or a KYC failure. This was a program-level breakdown.

The 4 Violations

FINTRAC's news release identifies each violation explicitly:

1. Failure to develop and apply written compliance policies and procedures that are kept up to date and approved by a senior officer
2. Failure to assess and document risk, taking into consideration prescribed factors
3. Failure to develop and maintain a written ongoing compliance training program for employees, agents, or other authorized persons
4. Failure to institute and document a plan for a two-year effectiveness review of the compliance program

These map directly to the five pillars of a FINTRAC compliance program. Northern Isga Foundation was found deficient on four of them.

Why Compliance Program Violations Are the Most Dangerous

Transaction reporting failures — a missed LCTR or a late STR — are visible, discrete, and fixable. A compliance program failure is different. It means the infrastructure that's supposed to catch and prevent those errors doesn't exist, or doesn't work.

When FINTRAC examines a reporting entity and finds that the policies aren't current, the risk assessment hasn't been documented, training hasn't been delivered, and no effectiveness review has been planned — there's no foundation to stand on. Every other obligation becomes suspect.

This is why FINTRAC treats compliance program violations seriously. In 2024–25 alone, the Centre issued 23 Notices of Violation — the largest number in a single year in its history — totaling more than $25 million in penalties across sectors.

What This Means for Casino Operators

The casino sector handles high volumes of cash, serves higher-risk clientele, and operates in an environment where money laundering risk is structurally elevated. FINTRAC has consistently increased scrutiny of this sector.

If you operate a casino or gaming establishment in Canada, this enforcement action is a direct signal to check your own compliance program against the four areas where Northern Isga Foundation was found deficient:

1. Written Compliance Policies and Procedures Do you have a written compliance manual that covers all PCMLTFA obligations specific to your casino operations? Is it approved by a senior officer? Has it been reviewed and updated in the last 12 months? If you can't answer yes to all three, you have the same gap.

2. Documented Risk Assessment FINTRAC requires a documented risk assessment that considers prescribed factors — the products and services you offer, your delivery channels, your client base geography, and other relevant risk indicators. A risk assessment that exists only in conversation or in someone's memory does not satisfy the regulation.

3. Ongoing Compliance Training Every person who handles transactions, interacts with clients, or has a compliance role needs documented training. "We told them during onboarding" is not a program. FINTRAC expects written training materials, tracked participation, and evidence that the program is maintained over time.

4. Two-Year Effectiveness Review Plan The PCMLTFA requires reporting entities to plan and conduct an independent review of their compliance program's effectiveness every two years. Northern Isga Foundation failed to even institute and document the plan — let alone execute it. If you don't have a documented review schedule with a designated reviewer, this violation applies to you too.

Beyond Casinos: This Applies to All Reporting Entities

While this penalty was imposed on a casino operator, the four violations cited are universal PCMLTFA obligations. They apply identically to money services businesses, real estate brokerages, financial entities, dealers in precious metals, and every other reporting entity sector.

If your compliance program has gaps in any of these four areas, a FINTRAC examination will find them.

The Cost of an Incomplete Compliance Program

$91,162.50 in penalties. A public notice on FINTRAC's website for 5 years. The operational disruption of a formal examination. And the remediation work required afterward.

All four violations in this case are preventable with a structured compliance program — written policies maintained by a designated compliance officer, a current risk assessment, documented training, and a scheduled effectiveness review.

That's exactly what Comply+'s Managed Filing service provides. Our team maintains your FINTRAC compliance program end to end — written policies, risk assessments, report filing through the FINTRAC API, training oversight, and coordination of the two-year effectiveness review. You focus on running your business. We make sure your compliance program is examination-ready.

If you're not confident your compliance program would hold up under a FINTRAC examination, book a 30-minute call and we'll walk you through what a structured program looks like.

---

Sources: FINTRAC News Release, March 26, 2026 · Public Notice of Administrative Monetary Penalties