Canada’s response to international concerns about the financial crime risks associated with the Islamic Republic of Iran has entered a new phase. In July 2025, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) updated its Ministerial Directive requiring Canadian reporting entities to adopt enhanced countermeasures for any transaction linked to Iran. This shift marks a significant evolution in how Canadian financial institutions, credit unions, and money service businesses handle cross-border activity involving this high-risk jurisdiction, directly reflecting the Financial Action Task Force’s (FATF) persistent calls for robust global AML countermeasures.
Canadian authorities have imposed specific legal and procedural obligations on banks and non-bank entities when managing Iranian transactions, covering identity verification, customer due diligence, record keeping, and regulatory reporting. The directive’s reach is broad, covering even low-value and indirect flows, and compels all covered entities to develop targeted policies, ensure comprehensive training, and update internal controls in real time.
Table of Contents
Scope and Application of the FINTRAC Ministerial Directive
The Ministerial Directive on financial transactions associated with Iran first entered into force in July 2020, with significant amendments in February 2024, and updated regulatory guidance issued in July 2025. Its aim is to safeguard the Canadian financial system from money laundering, terrorist financing, and sanctions evasion connected to Iran—an economy publicly designated by FATF as non-cooperative due to persistent, unresolved AML/CFT weaknesses.
Entities subject to the directive include:
- Domestic and foreign banks operating in Canada
- Credit unions and financial service cooperatives
- Caisses populaires
- Authorized foreign banks
- Money services businesses (MSBs)
These requirements apply to all financial transactions that originate from or are destined for Iran, irrespective of the amount involved. The directive establishes a presumption of high risk for these transactions, compelling regulated entities to apply the most stringent due diligence and ongoing monitoring, regardless of whether the client is already known or the amount is below typical reporting thresholds.
Key Compliance Requirements for Iranian Transactions
Enhanced Due Diligence and Identification
All banks and MSBs must treat any transaction to or from Iran as inherently high risk. This means performing enhanced due diligence (EDD) in every case, starting with the mandatory verification of client identity under any circumstance, regardless of transaction size. Verification must comply with Part 3 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR), extending to both the parties initiating and receiving the funds.
Customer due diligence measures for these transactions must also include:
- Establishing the purpose of the transaction
- Verifying the source of funds or virtual currency
- Determining beneficial ownership and control for any entity involved
Where transactions occur below the usual reporting thresholds, this directive removes the exception. Even micro-transactions tied to Iran now demand the same level of scrutiny and identity verification.
Detecting and Classifying Iranian Transactions
Financial institutions are required to look beyond surface-level transaction data. A transaction qualifies as being associated with Iran not only if it is sent directly to or from a known Iranian address, but also if there is any evidence that the transaction’s ultimate origin or destination is Iranian—even if routed through third countries. This includes payments using Iranian rial, activity involving Iranian diplomatic or governmental entities, or transactions where the client’s information or digital footprint (such as IP addresses) connects the activity to Iran.
If there is any reasonable evidence of Iranian involvement—based on available data, account details, or the client’s own disclosure—the bank or MSB must treat it as an Iranian transaction and apply the full range of required controls.
Mandatory Record Keeping
The directive mandates record retention for all transactions associated with Iran, including:
- Electronic funds transfers and virtual currency transfers, regardless of amount
- Cash or virtual currency receipts tied to Iran
- Issuance or redemption of negotiable instruments involving Iranian rial or Iranian-linked parties
For all these cases, financial entities must keep comprehensive records covering transaction details, source of funds or currency, beneficiary data, and the transaction’s purpose. These records must be retained for at least five years from their creation and be accessible for FINTRAC examination.
Reporting Obligations for Iranian Transactions
Reporting under this directive departs from typical threshold-based obligations. For any qualifying transaction:
- Electronic funds transfers under $10,000 CAD are reportable to FINTRAC, with the ‘IR2020’ code marking the Ministerial Directive as the reason
- Suspicious Transaction Reports (STRs) are required for transfers within Canada, negotiable instruments, and any activity where Iranian connection is the only reporting trigger
- Large Cash Transaction Reports and Large Virtual Currency Transaction Reports must be submitted for any below-threshold transaction tied to Iran, also referencing ‘IR2020’
- Normal reporting rules still apply for aggregate transactions above $10,000 CAD
For virtual currencies, similar rules apply. Any transaction in digital assets associated with Iran must be reported, even for small values. The regulatory logic is to close off opportunities for smurfing or structuring, where large sums are broken into smaller increments to evade reporting thresholds.
When reporting, financial entities must ensure that the information provided clearly demonstrates the Iranian nexus—whether through address, currency type, IP geolocation, or the manner of acquisition and disposition of funds.
Transaction Monitoring and STR Requirements
All Iranian-linked transactions must be monitored for suspicious activity, including attempted as well as completed transactions, where there is any indication of potential money laundering, terrorist financing, or sanctions evasion. If reasonable grounds exist to suspect criminal activity, a Suspicious Transaction Report must be filed with FINTRAC. For listed persons or sanctioned entities, a separate Listed Person or Entity Property Report may be required.
The timeline for reporting is strictly enforced—electronic funds transfers must be reported within five working days, while large cash transactions require reporting within 15 days. Where the directive introduces obligations not previously present (such as on the redemption of negotiable instruments), reporting is expected as soon as practicable.
Internal Controls, Policies, and Compliance Oversight
Policy Development and Staff Training
To operationalize the directive, reporting entities must review and update their internal compliance policies and procedures. This includes establishing detailed steps for identifying Iranian transactions, determining their risk, and outlining precise actions to be taken when one is detected. Policies must describe how to recognize the origin or destination of a transaction, use all available data to assess connection to Iran, and document all decisions.
Staff at every relevant level, from frontline operations to compliance oversight, need specific training on the new rules. Ongoing education is essential as the regulatory landscape can shift with future FATF or Canadian government actions.
Risk Assessment and Mitigation
Risk assessment processes must be revisited and documented, integrating the risks associated with jurisdictions subject to ministerial directives. This encompasses evaluating clients, counterparties, and transaction flows, with controls adapted to the evolving geopolitical and regulatory landscape.
Entities are encouraged to use advanced monitoring tools to analyze transaction patterns and digital footprints, ensuring that even indirect or obfuscated connections to Iran are identified and properly escalated.
Compliance Examinations and Enforcement
FINTRAC actively monitors compliance with ministerial directives as part of its supervisory and enforcement responsibilities. During examinations, FINTRAC will assess whether entities have implemented the required controls, maintained proper records, and reported in accordance with the directive.
Failure to comply can result in severe consequences, including administrative monetary penalties under the PCMLTFR. Such penalties may be substantial, and public disclosure is possible, creating significant reputational risk for non-compliant organizations.
The Broader Context: Global AML Standards and Canada’s Role
Canada’s proactive approach to Iranian transactions reflects its obligations under international law and the FATF framework. The FATF has consistently urged member countries to impose effective countermeasures on jurisdictions identified as having strategic AML/CFT deficiencies—of which Iran remains a primary example. By enforcing strict controls, Canada both protects its own financial system and supports the global fight against financial crime.
The Canadian model is also significant for other countries facing similar FATF-driven requirements. As regulators increasingly target high-risk flows, expectations around customer due diligence, transaction monitoring, and reporting are likely to continue tightening, particularly for jurisdictions under enhanced scrutiny.
Conclusion: Navigating Canadian AML Compliance for Iranian Transactions
The latest FINTRAC Ministerial Directive has fundamentally changed the way Canadian banks and MSBs must handle financial activity linked to Iran. All covered entities must treat these flows as high risk, subject every transaction—regardless of size—to enhanced scrutiny, and ensure prompt, accurate reporting. Compliance demands a coordinated effort, from updating policies and training staff to leveraging technology and maintaining robust audit trails.
As global standards evolve and the geopolitical environment remains dynamic, Canadian entities cannot afford to treat these requirements as a one-off adjustment. Continuous vigilance, adaptive controls, and a culture of compliance are essential for safeguarding the integrity of Canada’s financial sector.
Related Links
- FINTRAC: Ministerial Directives
- Proceeds of Crime (Money Laundering) and Terrorist Financing Act
- FATF Public Statement on Iran
- FINTRAC Guidance: Record Keeping for Financial Entities
- PCMLTFR Administrative Monetary Penalties Regulations
Other Fincrime Central Articles About Sanctions on Iran
- High-Stakes Crackdown on Iranian Electronics Smuggling Uncovers Millions in Sanctions Evasion
- How a $700 Million Tether Freeze Exposed Iran Sanctions Gaps on Tron
- US Treasury’s Decisive Action Disrupts $1 Billion Iranian Shadow Banking Network
Source: FINTRAC
Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.
Want to promote your brand with us or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.
