FINTRAC Mortgage Sector Scenarios: Compliance Lessons for Brokers, Lenders, and Administrators

FINTRAC's newest mortgage-sector scenarios are useful because they move the conversation from broad obligations to actual operating moments: a new mortgage loan, a renewal, and loan payments handled through a mortgage administrator.

For mortgage brokers, lenders, and administrators, the main lesson is that AML obligations follow each reporting entity's role in the transaction. A lender's compliance program does not remove a broker's obligations. A broker's file does not remove an administrator's recordkeeping duties. Each participant has to preserve the facts, context, records, and decisions that sit inside its own business process.

What FINTRAC's scenarios cover

FINTRAC's first scenario involves a mortgage broker arranging a mortgage loan for a new client, with a separate lending company funding the loan. FINTRAC explains that both the broker and the lender must keep information records and mortgage loan records, verify the client's identity using a prescribed method, record the purpose and intended nature of the business relationship, perform ongoing monitoring, take reasonable measures to determine whether a third party is involved, and take reasonable measures to determine whether the client is a politically exposed person or head of an international organization.

The second scenario involves a mortgage renewal for an existing client. FINTRAC's example reinforces that renewal files still matter. The broker and lender must keep the required records, update the purpose and intended nature of the business relationship, continue ongoing monitoring, and complete third-party and PEP/HIO reasonable measures. FINTRAC also notes that identity does not always need to be re-verified if the client was previously verified using a prescribed method, the related records were kept, and there are no doubts about the information used to verify the client's identity.

The third scenario involves a mortgage administrator receiving two $7,000 payments from a corporate borrower and remitting those payments to the lender. In that example, FINTRAC walks through records for the administrator and lender, including information records, receipt of funds records, corporate records, mortgage loan records, identity verification, purpose and intended nature, ongoing monitoring, beneficial ownership information, reasonable measures to confirm beneficial ownership accuracy, and third-party determination.

The operational lesson: role clarity comes first

Mortgage transactions often involve several regulated or professionally supervised participants. That structure can create a dangerous assumption: because another party has a file, the local file can be thinner. FINTRAC's scenarios point in the opposite direction. Each participant needs a file that supports its own obligations and reflects the information it actually handled.

A good mortgage AML workflow should identify who arranged the loan, who funded it, who services it, who receives funds, who remits funds, who interacts with the borrower, and who has access to borrower explanations or supporting documents. That role map should then drive what each team captures, reviews, updates, and escalates.

Controls mortgage teams should check now

1. Role-based obligation mapping: Document whether the business is acting as broker, lender, administrator, or a combination of roles, and map records and review steps to that role.
2. New-client file completeness: Confirm that information records, mortgage loan records, identity verification, purpose and intended nature, ongoing monitoring setup, third-party checks, and PEP/HIO reasonable measures are all captured before the file is treated as complete.
3. Renewal refresh logic: Build a renewal checklist that updates purpose and intended nature, confirms whether previous identity verification can be relied on, and records whether anything creates doubts about prior identity information.
4. Corporate borrower records: For corporate borrowers, lenders, and administrators, make sure the file captures corporate records, persons conducting transactions, beneficial ownership information, and reasonable measures to confirm beneficial ownership accuracy.
5. Receipt of funds evidence: For payments received and remitted by administrators or lenders, preserve payment amount, date, source, borrower details, remittance path, and any information required to connect the funds to the mortgage relationship.
6. Third-party determination: Capture the reasoning when a third party is or is not involved, especially where deposits, payments, guarantors, gifts, or instructions come from someone other than the borrower.
7. Training records: Use FINTRAC's scenarios as training material and retain evidence of who completed the training, what was covered, and how the team applies the scenarios in daily files.

STR review should connect facts, context, and indicators

FINTRAC's related mortgage-sector STR video is a useful companion to the scenarios. It explains that mortgage professionals may observe suspicious activity at different stages of a transaction and highlights risks involving shell companies, nominee buyers, and fraudulent documentation.

The STR video also frames suspicious transaction analysis around facts, context, and indicators. Facts are known events or details, such as the property, mortgage payment amount, credit report, source of income, or date of a transaction. Context helps determine whether those facts are expected for the client and transaction. Indicators help explain why the activity may be unusual without a reasonable explanation.

FINTRAC gives examples of mortgage-sector indicators including accelerated repayment shortly after closing, repayment patterns that do not match the client's source of income, structured cash payments, gifted funds, payments from multiple bank accounts, banking information changed to a seemingly unrelated third party, industry professionals receiving funds from unknown sources, collusion concerns, and shell or numbered companies used to conceal the true beneficiary.

The practical point is not to file defensively on every unusual fact. It is to make the review traceable: what the team knew, what context it considered, what indicators were present, what further information was requested, and why the decision did or did not reach reasonable grounds to suspect.

Practical takeaway

FINTRAC's mortgage scenarios are a prompt to audit the file, not just the policy. Mortgage-sector compliance is strongest when every participant can show what it knew, what role it played, what records it kept, how it monitored the relationship, and how it escalated suspicious activity when the facts, context, and indicators supported that decision.

The control to strengthen is the evidence trail between a mortgage file event and a reviewable compliance decision.