Database collecting personal info, despite warning
OTTAWA — The federal agency responsible for monitoring financial institutions for evidence of nefarious activity is still collecting and keeping personal information it should not, even though it was warned to stop gathering such data four years ago, the federal privacy commissioner says.
A new audit of the Financial Transactions and Reports Analysis Centre of Canada, or FINTRAC — the department responsible for monitoring consumer bank accounts across Canada for signs of terrorist fundraising or fraud — has found information is collected and kept seemingly without reason.
The commissioner’s office said, for example, the personal financial information of a store owner was found in FINTRAC’s systems after a financial institution filed a report on the person. The report was filed because the person deposited $570 in $100, $50, $20 and $5 bills. No reason was given about why the transaction was considered suspicious.
In another case, a young businessperson cashed three bank drafts worth almost $100,000 US, purchased from a major Canadian bank. The organization that cashed the drafts confirmed the drafts with the issuing bank but still reported to FINTRAC because it felt that the amount of money seemed “odd” considering the individual’s age.
“Given the examples we found, I have serious concerns about the extent to which FINTRAC’s information holdings are populated with personal information that should never have even been submitted,” privacy commissioner Jennifer Stoddart said. “This is particularly disappointing, given that FINTRAC had previously indicated that it was committed to finding new ways to limit the amount of personal information it was accepting and holding.”