CBA Submission to Consultation on Proposals to Strengthen Canada’s Financial Sector

Supporting Consumers When Banks Close Branches

Notices to the Public and FCAC

The decision to close a branch is never taken lightly by banks. It involves the consideration of a number of factors outside of the volume or value of transactions and number of in-person visits, including confidential leasing matters and the construction of new or expanded branches to better serve communities. In every case, there is careful consideration of the impacts to the community, their customers, and employees. Banks provide advance notice of the closure, and consultations take place with members of the community to help ensure that they are aware of the closure and that they will continue to have access to banking services. Branches are only closed after extensive analysis of a full range of factors.¹⁴

The industry has invested approximately $120 billion in technology across Canada over the last decade and operates a network of over 5,600 branches across Canada, providing accessible, affordable, and competitive banking services. Branches remain a vital part of the banking services offered in Canada, and the country remains a leader in maintaining their branch networks when compared to other jurisdictions (Chart 1 and Chart 2).

Chart   1: Number of Bank Branches

Source: : Various national bank trade associations

Chart   2: Number of Bank Branches per 100,000 Adults

Source: World Development Indicators, World Bank. 2021 is the most recent year which data is available.

In-person banking, while declining in frequency with the steady growth and adoption of digital banking solutions, remains an available method to conduct a range of transactions, and many Canadians continue to value personal service.

The current Notice of Branch Closure Requirements in the Bank Act (see s. 627.993 – 627.995) provides consumers with a substantial amount of information and ensures that banks provide them with the support they need in cases of branch closures. The proposed additional information Finance is considering requiring banks to disclose in their notices to the public and the FCAC, including detailed rationale for the decision; additional data about the impacted branch, including the volume and value of transactions at the branch and the number of annual in-person visits to the branch; and how that data compares to a bank’s branch average volume and value of transactions and number of in-person visits, is competitively sensitive information. It would be inappropriate to require banks to disclose such information publicly.

Recommendation: The Department of Finance retain the existing notice and information requirements that apply when a bank intends to close a branch, cease opening retail deposit accounts, or teller-based cash disbursals, and refrain from layering additional requirements on top of those that already exist.

Facilitate Customer Account Transfers and Waive Associated Transfer Costs

Banks are committed to meeting their customers’ needs. When a bank closes a branch, it transfers the customer’s personal banking deposit accounts to an alternative receiving branch of the same bank at no fee to the customer.

Further clarification on this question is required as it is not clear if the Department of Finance is referring to transferring accounts to another branch within the bank’s branch network, or, a fee to transfer to another bank or FI and what is meant by “facilitate account transfers.” It is also not clear what products are in scope (deposit accounts only or mortgages, etc.). Approaches may differ depending on what is being referred to.

Recommendation: If the Department of Finance is referring to “facilitating account transfers” to another branch outside of the bank’s branch network (e.g., to another bank or FI) and/or capturing products and services other than deposit accounts, this should be clarified. If this broader scope was intended, the sector would welcome further consultation and discussion on this topic before any legislative or regulatory changes are made.

Enhancing Bank Reporting on Branch Networks and Closures

The significant level of detail that banks are currently required to publish in their annual public accountability statement is sufficient to inform stakeholders on how banks make determinations about what branches to maintain. Requiring banks to disclose additional information, including the average volume and value of transactions processed at its branch locations, would result in the exposure of critical inputs in the bank’s retail branch strategy. Exposing such strategic information would constitute a disclosure of competitively sensitive information that could lessen competitive intensity in the sector. For example, disclosing this information could indicate to other banks that branch volume and value of transactions is low in a certain location, which could suggest that a branch should not be opened in that location.

The decision to close a branch, as outlined above, is always carefully considered, and it is inappropriate for regulators, policymakers, and researchers to engage in detailed analysis of a bank’s decision to close a branch. It is also worth noting that the CBA already provides aggregated data on branch networks to the public on its website.¹⁵

Recommendation: The Department of Finance should retain the existing requirement to publish an annual public accountability statement that includes the addresses of the branches opened and closed by the bank during the course of that year and refrain from expanding data-reporting requirements for banks with respect to their branch networks.

Clarifying Rules for Opening Deposit Accounts Outside of Bank Branches

Banks are strongly committed to providing access to basic banking services in accordance with section 627.17 of the Bank Act. This section does not contemplate the opening of a bank account online and was drafted on the assumption that bank accounts would only be opened at a point of sale or a branch. While the CBA understands Finance’s desire to expand this access to digital channels, it is not clear if the current identification requirements used to verify the identity of the consumer in a face-to-face channel can easily be translated to the digital space. Banks may vary in their ability to offer account opening through every channel to all clients. For example, verification of certain types of identification may only be possible in-branch to manage fraud risk. With digital identity theft being a rising trend in Canada, it is important that identification requirements for any new services provided through a remote channel be carefully considered.

The requirements should also be aligned with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) requirements with any necessary changes to the Bank Act. For example, the wording “where the point of service or branch is located” may have to be removed from subparagraph 627.17(1)(a)(ii) of the Bank Act: “if the person’s identity is also confirmed by customer in good standing with the member bank or by a natural person of good standing in the community where the point of service or branch is located” to give banks the requisite flexibility to open a deposit account through digital channels in such cases. In addition, as noted above, drafting changes would likely be required to the opening paragraph of section 627.17 of the Bank Act as it was drafted on the assumption that bank accounts would only be opened at a point of sale or a branch. The sector would welcome further consultation and discussion on this topic before any legislative or regulatory changes are made.

Recommendation: The Department of Finance carefully consider how the application of branch and physical points of service as it relates to retail deposit account opening requirements to digital channels could be done. While banks are not opposed to this policy, managing the possibility of increased fraud should be a primary consideration.

Immediate Access to Funds Deposited by Cheque

Currently, Canadian consumers have same day or next business day access to the first $100 of funds deposited by cheque into their bank accounts, regardless of the customer and the means, whether over the counter, ATM, or mobile application.

As access to the first $100 of deposited funds is provided immediately to consumers (subject to limited exceptions), banks are currently exposed to potential losses as the cheque clearing process has not been completed at the time funds are made available to the consumer. Funds deposited by cheque are not guaranteed funds. When a cheque is deposited, until the cheque clearing process has been completed in accordance with the timeframes set out under Payments Canada’s rules, a bank has no assurance that: (i) there are funds available in the payor’s bank account, (ii) if the payor’s bank account is still open, or (iii) if the payor has requested a stop payment on the cheque. The current regulatory requirements balance the need of consumers to access funds with the need to ensure the safety and security of banks and of the banking system by limiting potential losses in cases of fraud or where the cheque is returned due to insufficient funds. These requirements also help banks protect consumers and merchants (e.g., in cases where a fraudster convinces a consumer or merchant to deposit a cheque that the fraudster has no intention of honouring).

Similarly, with respect to the maximum cheque hold periods, the current timeframes under the Bank Act align with the cheque clearing process set out under the Payments Canada rules. While there have been technological advancements in banking generally, cheques are a legacy payment system, and there have not been changes to the timeframes set out under the Payments Canada rules since 2012. Accordingly, the maximum cheque hold periods under the Bank Act should not be lowered as this would make them out of alignment with the Payments Canada cheque clearing process.

Currently, under the Bank Act, the maximum length of time a bank may put a hold on a cheque is based on: (i) the amount of the cheque ($1,500 or less or more than $1,500), and (ii) how it was deposited (in person or any other way – e.g., at an ATM). These are important parameters to maintain as the amount of the cheque directly ties to the potential monetary losses a bank could incur were the cheque not to clear. Moreover, additional processing time may be required if a cheque is deposited in a non-face-to-face channel as that cheque can be deposited outside the daily clearing cut-off times, and therefore the cheque clearing process does not start until the next business day.

These restrictions were adopted after carefully considering the need of consumers to access funds to help ensure the safety and security of banks and of the banking system by limiting potential losses in cases of fraud or where the cheque is returned due to insufficient funds. They also reflect the high accessibility and low cost of banking services in Canada.

As Finance has recognized, the use of cheques is on the decline with a 45 per cent decrease over the past five years according to Payments Canada. Cheques are losing volume to card and electronic payment types. The CBA believes the Government should focus its efforts on encouraging the use of more modern payment methods. Increasing the amount of funds immediately available when cashing a cheque via any means and lowering the maximum cheque hold period is inconsistent with payments modernization efforts and will result in more fraud and greater losses that will negatively impact consumers, banks, and other stakeholders. Increased cheque fraud will also erode consumer trust in the banking system.

Recommendation: The Department of Finance maintain the current limits for immediate availability of funds when cashing a cheque to limit potential fraud losses, help protect consumers and merchants, and support the modernization of payments.

Theme 3 - Modernizing the Financial Sector Framework

Prohibiting or Restricting Interlocking Directorates in the Financial Sector

While the Bank Act does not specifically address the practice of interlocking directorships, it does establish a general duty of care that includes a requirement for directors to “act honestly and in good faith with a view to the best interests of the bank” (ss. 158(1)). In addition, the Bank Act requires the directors of a bank to establish procedures to resolve conflicts of interest (s. 157) and includes a number of provisions that address conflicts of interest (sections 202-206), This includes requirements for directors to disclose conflicts in certain situations (s. 202) and abstain from director meetings or voting on transactions relating to these conflicts (s. 203). The Bank Act also prohibits banks from entering into certain transactions with its directors (Part XI – Self-Dealing).

This general duty and the related restrictions regarding conflicts and self-dealing are underpinned by, among other things, guidance issued by the OSFI that requires banks to adopt formal conflicts of interest policies and procedures⁶, conduct background checks on directors and senior officers with respect to conflicts of interest¹⁷, and implement a board director independence policy that “considers, among other factors, the specific shareholder/ownership structure of the [bank]”.¹⁸

The above-referenced existing statutory duties and prudential regulatory framework is further supported by an expectation among bank stakeholders for banks to ensure that their board meets this duty of care. This includes recommendations from proxy advisory firms for shareholders to withhold votes in certain circumstances involving interlocking directorates.¹⁹

Banks in Canada have responded to these regulatory and stakeholder expectations by implementing formal interlocking directorate policies or independence standards as an integral part of mitigating potential conflicts of interest and adopting sound corporate governance practices. These typically include tests to assess a director’s independence, and promote independence by:

• Limiting or providing guidance on board members serving on multiple boards of public companies; and/or,
• Implementing a monitoring mechanism to review the impact of any board interlocks or outside directorships to ensure that they do not compromise a director’s ability to operate with independent judgment.

In addition, banks are advocates for strengthening the degree to which their boards and senior management teams reflect the clients and communities they serve. For many years, banks have been recognized leaders in promoting diversity, equity and inclusion throughout their organizations, including at the board level.

In light of the above existing regulatory framework and bank practices, the CBA is strongly of the view that prohibiting or restricting interlocking directorates within the financial sector is unnecessary and risks the unintended consequence of further complicating the board recruitment process by adding an additional constraint to the process. Existing requirements for bank board members currently include:

• A majority of the directors on the board, including the Chief Executive Officer, must be resident Canadians.
• OSFI’s Corporate Governance Guideline specifies there should be appropriate representation of financial industry and risk management expertise at the board and board committee levels.
• Bank Act limits in respect of the number of affiliated directors on the board (sections 162 and 163).
• Banks must ensure that relevant board members and employees have expertise in risk management and compensation based on the Principles for Sound Compensation adopted by the Financial Stability Board.²⁰
• OSFI Guideline E-17 requirements – Background Checks on Directors and Senior Management.
• OSFI’s new Integrity and Security Guideline.

Adding further constraints to the director onboarding process risks further limiting the available pool of qualified candidates for directors. It may also make the recruitment process especially challenging for small- and medium-sized banks by further shrinking the already smaller pool of talent available to them.

The contemplated scope of the prohibition or restrictions, as set out in the Consultation Paper, is problematically broad, potentially precluding a bank director from serving as an employee, executive, partner, owner or director of another “firm” or having another interest in the business of that second “firm” if such “firm” is engaged in any way in the “financial sector”. The term “firm” is not defined and “financial sector” is a term that extends well beyond banks and does not take into account the safeguards banks have implemented to manage potential or actual conflicts of interest.

We are not aware of compelling policy reasons to create new requirements on this topic. As noted in recent commentary from Torys LLP:

We are uncertain why additional restrictions on interlocking directors are necessary since the requirement to establish conflict of interest policies established in 1992 has been very effective and at that time replaced certain restrictions on interlocking directors.²¹ (Emphasis added.)

We also note that interlocking directorates has not been an area of particular focus or concern from a prudential regulatory perspective.

Recommendation: The Department of Finance rely on the existing well-established legislative and regulatory framework and bank practices that serve to manage potential conflicts of interest, including conflicts that may arise as a result of interlocking directorates, rather than prescribing new requirements to regulate interlocking directorates for banks.

Updating Public Holding Requirement Thresholds

The Bank Act requires a bank with more than $2 billion but less than $12 billion in equity to have shares with at least 35% of the voting rights listed and traded on a recognized stock exchange and not held by any major shareholders. This threshold was initially $750 million in 1992, then was increased to $1 billion in 2001 and to $2 billion in 2007. The CBA believes that the threshold should be increased to at least $5 billion in equity. There should also be an ability for a bank that exceeds the threshold to subsequently fall below in the future and no longer be subject to the restriction. In addition, we believe that there should be an explicit exemption for a FRFI which is the subsidiary of another FRFI that satisfies the public float requirement under its governing legislation, as we do not believe there is a policy reason to require such institutions to seek a statutory exemption from the Minister.

Recommendation: The Department of Finance increases the size threshold above which banks must have 35 percent of their voting shares publicly listed from $2 billion in equity to $5 billion in equity. Banks that exceed the threshold and subsequently fall below it should no longer be subject to the requirement. FRFIs which are the subsidiary of another FRFI that satisfies the public float requirement under its governing legislation should be explicitly exempt from the requirement.

A More Transparent Financial Transactions Application Process

The CBA agrees with the proposal to provide a written update to an applicant. The lack of clarity on the status of an application or the timing of an approval can create uncertainty for applicants. The written update to an applicant should describe what the process is that remains as well as the outstanding issue(s).

Recommendation: The Department of Finance implements its proposal to provide a written update to an applicant when they are involved in a financial transactions application process.

Updating Statutory Thresholds

The $250 million investment threshold applicable to specialized financing activities should be materially increased, as that threshold was implemented over 23 years ago in 2001²². Simply adjusting for inflation as a proxy and using the Bank of Canada calculator,²³ the $250 million from 2001 would be today approximately $410 million.

Under the Specialized Financing Regulations, the calculation of the $250 million maximum limit per investment uses the balance sheet value of the investment. The “balance sheet value, in respect of the shares and ownership interests held by an entity, means the value reported on its balance sheet on an unconsolidated basis.” The balance sheet value of an investment made by a specialized financing entity (SFE) can change over time based on the accounting treatment. For example, if the investment increases in value (which obviously is the hope for any investment) the increased value increases the carrying value on the SFE’s balance sheet on an unconsolidated basis and the balance sheet value as defined increases. Given investments could have a life of up to 13 years under the Specialized Financing Regulations there is often a need to ensure the original investment is much lower than the $250 million maximum because of the potential of the investment increasing in value over time. For these reasons, we would suggest an increase to at least $500 million.

The restriction on FRFIs acquiring, by way of specialized financing activities, an entity that acts as an insurance broker or agent in Canada should also be removed. Note the FRFI Acts were amended in 2001 to enable FRFIs to acquire control of, or a substantial investment in, entities that engage in financial services activities (including an insurance agent or broker). However, a corresponding change was not made to the Specialized Financing Regulations to remove the same restriction.

The specialized financing activities limits are contained in regulations, not in the statute. It may be difficult to effectively move this to an OSFI guideline since it is based on government policy, not prudential risk. Given the 5-year review cycle for FRFI legislation, it would not appear to be a significant constraint to keep it in regulations.

In its consultation paper regarding Proposals to Strengthen Canada’s Financial Sector, the Department of Finance refers to considering measures to update “limits on investment powers.” The CBA and its members would appreciate further details and clarification regarding the updates to “limits on investment powers” that are contemplated.

Recommendations:

• The Department of Finance increases the threshold for specialized financing activities to at least $500 million.
• The Department of Finance removes the restriction on FRFIs acquiring, by way of specialized financing activities, an entity that acts as an insurance broker or agent in Canada. If restrictions are removed to a Bank’s investment authority, corresponding changes should be made to the Specialized Financing Regulations.
• The Department of Finance maintains thresholds in regulations (as opposed to in guidelines).
• The Department of Finance provides further details and clarification regarding the updates to “limits on investment powers” that are contemplated.

Theme 4 - Adapting to Geopolitical Risks

Enhancing the Oversight of Financial Sector Risks Related to National Security

The CBA is generally supportive of an oversight committee specializing in financial sector risks related to integrity and security, including national security. Considering the expertise of the Canadian Security Intelligence Service (CSIS) and the Royal Canadian Mounted Police (RCMP), including in relation to national security, threat actors, foreign interference, and terrorist financing, it would be beneficial for CSIS and the RCMP to participate in this oversight committee. A priority for any new measures should be facilitating the sharing of information related to integrity and security, including national security, among financial institutions (with appropriate anti-trust and safe harbour protection to promote active and effective intelligence sharing), as well as the sharing of information from the public sector to banks (including as described in Theme 5, below, under the sub-heading "Sharing of information about integrity and security risks"). Enhancing the ability for financial institutions to share and receive information in the foregoing manner would help support the timely and efficient identification, prevention, and mitigation of geopolitical risks that have the potential to impact the financial sector, such as, for example, international supply chain risks.

Banks are already subject to extensive requirements related to integrity and security including under the OSFI Integrity and Security Guideline and were required to submit by July 31st, 2024 a comprehensive action plan for OSFI’s review, on new and expanded expectations, which includes interim deliverables to achieve compliance in respect of such Guideline.

It is unclear how Finance’s proposed measures, including the establishment of a formal structure to oversee financial sector risks related to integrity and security, will operate within the existing framework and requirements.

To avoid imposing potentially overlapping, conflicting, or cross-purpose regulatory burdens on banks, Finance should further consult with the banking sector, OSFI, and other stakeholders prior to implementing any additional measures.

Recommendation: The Department of Finance, when considering the establishment of an oversight committee specializing in financial sector risks related to integrity and security, including national security (which the CBA is supportive of), carefully consider the mandate of existing committees and supervisory authorities, including that of the Financial Institutions Supervisory Committee (FISC) to ensure that any additional measures to enhance the oversight of financial sector risks related to integrity and security avoid any potential overlap or conflict with other initiatives, requirements or measures. A priority of any additional measures should be facilitating the sharing of information related to integrity and security, including national security, among financial institutions (with appropriate anti-trust and safe harbour protection for participating institutions), as well as the sharing of intelligence and other information from the public sector to banks. The Department of Finance should further consult with the banking sector, OSFI, and other stakeholders prior to implementing any such additional measures.

Enhancing the Minister of Finance and the Superintendent of Financial Institutions’ Compliance Authorities

While the CBA is generally supportive of the proposed enhancements (i.e. the legislative authorities of the Superintendent should refer to an FRFI adhering to policies and procedures to protect itself against threats to its integrity or security, including foreign interference), it will be important for Finance and OSFI to consider the role of CSIS, the RCMP, and other authorities in sharing threat intelligence and other information with banks. For example, it may be difficult for a bank to obtain information on a third-party’s connections to foreign governments (e.g., in the case of widely-held publicly traded companies) without intelligence or other reliable information gathered and shared by law enforcement and intelligence agencies in this regard.

Recommendation: The Department of Finance and OSFI consult further with the banking sector on certain aspects of the proposed enhancements to compliance authorities (which the CBA is supportive of) to support the implementation of such enhancements in a balanced and reasonable manner.

Theme 5 - Upholding World-Class Regulation

Enhancing Federal, Provincial, and Territorial Collaboration

It is imperative that Canada’s financial sector regulatory landscape evolves with increased adoption of technological innovations like AI, new players entering the market, and initiatives such as payments modernization and consumer-driven banking. The regulatory regime needs to foster innovation and competition. It must also ensure Canadians continue to benefit from safe, secure, and reliable financial services while also having consistent protections across jurisdictions and avoiding duplicative, conflicting, or residual obligations.

We encourage federal and provincial/territorial cooperation to help achieve a harmonized set of rules and regulations to help foster innovation and competition in financial services by allowing market participants to more quickly and cost-effectively respond to customer demand by developing and enhancing products and services that are available and consistent in all provinces and territories.

Where there is a robust federal regime, such as the new financial consumer protection framework introduced under the Bank Act, provinces and territories may wish to rely on the federal regime to reduce their own regulatory burden and promote a consistent consumer experience. Where a harmonized framework is lacking, we believe Finance can play a leadership role by developing model financial consumer protection standards for unregulated or under-regulated financial service providers (such as e-commerce platforms and similar entities) for provincial and territorial adoption, and work with provinces and territories to adopt these standards. To the greatest extent possible, the standards should emulate relevant consumer protection regulations to which FRFIs must adhere.

We also encourage greater cooperation and coordination at the federal level, including coordinated periodic announcements on likely forthcoming regulatory actions. There is a multiplicity of initiatives ongoing in federally regulated spaces including in the areas of prudential and market conduct regulation and supervision, payments, consumer-driven banking, housing, competition law, privacy law, deposit insurance, and anti-money laundering. While these initiatives tend to travel on distinct paths, they often converge around the same timelines which adds to complexity, resource burdens, and operational risk for market participants. It is crucial that appropriate prioritization of these initiatives and proper sequencing of key elements within and across multiple projects occurs. This would enable stakeholders to thoughtfully and meaningfully participate in consultations, prepare for regulatory change, and implement pertinent compliance programs in a methodical and timely fashion.

Recommendations:

• Federal and provincial regulatory authorities increase their cooperation and coordination to address potential gaps in regulations that could be exploited by actors in the financial marketplace. This coordination could be achieved by building on the Department of Finance’s long-standing process for consultations with provinces and territories by including consumer protection matters as an area for consideration to ensure better awareness and alignment. This includes having the federal Department of Finance play a leadership role by developing model financial consumer protection standards for unregulated or under-regulated financial service providers (such as e-commerce platforms and similar entities) for provincial and territorial adoption, and working with provinces and territories to adopt these standards.
• Federal and provincial regulatory authorities adopt a regulatory framework that adheres to the principle of "same activity, same risk, same regulation" to ensure actors that engage in equivalent activities as banks are subject to the same rules and oversight.
• Policymakers, regulators, and international partners involved in ongoing digital and data initiatives such as regulatory oversight of AI and consumer-driven banking ensure a degree of harmonization between legislative and regulatory frameworks and continue their engagement between themselves.
• The Department of Finance, along with its federal financial regulatory partners (OSFI, CDIC, FCAC, Bank of Canada, and FINTRAC) increase their cooperation and coordination, including coordinated periodic announcements on likely forthcoming regulatory actions.

A Strong and Predictable Regulatory Framework

Managing AML Regime Changes

The CBA supports the collaborative and consultative approach the Department of Finance has relied on to develop amendments that introduce to the Canadian anti-money laundering (AML) regime, information sharing within the private sector for AML purposes. The Department of Finance has effectively managed a whole-of-government approach, which included sufficient consultation timelines, to develop a critical tool to help industry better detect and deter money laundering (ML) and terrorist financing (TF) activities. The CBA appreciates the Department of Finance’s use of a similar approach on other AML files, including discrepancy reporting for the federal beneficial ownership registry.

Going forward, we encourage the Department of Finance to continue to use this type of whole-of-government approach. Piecemeal reform on an unpredictable cadence undermines the clarity, efficacy, and efficiency of the Canadian AML regime, which is a particular challenge for newly added sectors that require significant regulatory attention and guidance. It also leaves the regime in flux, inhibiting a clear analysis of proposed reforms and undermining a proper understanding of the regime’s strengths and weaknesses and how it should evolve to meet ML and TF risks. Strategic and structured change is needed.

To complement this approach, the CBA also suggests the Department of Finance clearly communicate the policy intent that supports amendments. Clear policy intent, memorialized through regulatory impact analysis statements or other formal mechanisms, assists FINTRAC and reporting entities in understanding and implementing changes as planned. It also helps to ensure the regime remains predictable and does not unintentionally change in ways that create unintended consequences that policymakers and stakeholders have not properly considered.

Recommendation: The Department of Finance effectively manage a whole-of-government approach, including sufficient consultation timelines, and clear communications regarding the policy intent that supports amendments as memorialized through regulatory impact analysis statements or other formal mechanisms, for future changes to the AML regime.

Conducting and Publishing Impact Statements of Regulatory Actions

Global financial regulators in leading financial centers have increasingly utilized cost-benefit and post-implementation impact analyses as tools to determine whether market intervention is justified. These regulators recognize that the policies and regulations they propose to develop and implement should have a net benefit to the financial markets and the broader economy. In Canada, these tools have been used sparingly and not in a way that would deliver a consistent policy development process with predictable results.

Cost-benefit and post-implementation analyses contribute to ensuring policies and regulations advance the public interest. For example, they help ensure the production of net benefits, improvements in transparency and accountability by forcing regulators to communicate their assumptions, and allow regulated entities to plan and predict how regulators will respond to new industry practices.

According to the C.D. Howe Institute, financial regulators must balance different objectives – market integrity, consumer protection, financial stability, and market competitiveness. Decisions to intervene must be targeted at a well-defined problem with metrics to measure the degree of success or failure, considering the trade-offs with other objectives. A properly designed cost-benefit analysis should have a counterfactual or baseline scenario, as well as the identification and quantification of direct and indirect impacts. Once a certain amount of time has passed, a post-implementation impact analysis measuring the desired and actual outcomes should be conducted to determine whether the regulation in fact achieved its objectives and why, in order to influence further planning. Ultimately, such analyses should reduce the overall life cycle of rule development and implementation by reducing the number of new rules that are not demonstrably necessary, allowing both policymakers/regulators as well as market actors to focus their attention on those that are.

We believe the Department of Finance, along with its federal financial regulatory partners (OSFI, CDIC, FCAC, Bank of Canada, and FINTRAC) should implement cost-benefit and post-implementation impact analyses as tools to determine whether market intervention is justified. Consistent with enhancing federal, provincial, and territorial collaboration, federal financial regulatory safety net regulators could work with their provincial counterparts to design a consistent and coordinated approach to such analyses for financial regulation. Combining resources and expertise would enable a harmonized approach to the assessment of the costs and benefits of important rule implementation across all financial markets.

Recommendation: The Department of Finance, along with its federal financial regulatory partners (OSFI, CDIC, FCAC, Bank of Canada, and FINTRAC) implement cost-benefit and post-implementation impact analyses as tools to determine whether market intervention is justified and the impact of that intervention. Federal financial regulatory partners should consider working with their provincial counterparts to design a consistent and coordinated approach to such analyses of financial regulation.

Developing a Forum for Coordinating and Collaborating on International Issues

The global financial crisis ushered in an unprecedented amount of regulatory change. A significant amount of this regulatory change impacting capital, liquidity, deposit insurance, market conduct, prudential supervision, and resolution has been discussed, developed, and agreed to in international organizations such as the Financial Stability Board (FSB), Basel Committee on Banking Supervision (BCBS), International Association of Deposit Insurers (IADI), International Organization of Securities Commissions (IOSCO), among others. Furthermore, individual financial regulators in the United States and the European Union have implemented rules that have impacted Canadian financial institutions such as Title VII of the Dodd-Frank Act, OTC derivatives measures, and the Foreign Account Tax Compliance Act (FATCA). Lastly, there has been an increase in the amount of activity surrounding sanctions and ESG-related disclosures in recent years.

Given the amount of financial regulatory change that is being developed outside of the country’s borders, it is critical that Canada continues to have a strong voice internationally whether in multilateral or bilateral forums. Differences in the regulation and implementation of activity internationally can lead to inefficiencies, uncertainty, and impose undue costs on market participants and their customers.

This is why the CBA has encouraged the use of Financial Services Committees in trade agreements to better communicate concerns about other jurisdictions’ policies and regulations, leading to a greater likelihood of coordination and standardization as well as implementation schedules of cross-border activity. This can include advocating for mutual recognition and substituted compliance, prevention/minimization of the extraterritorial application of laws, and greater alignment of implementation schedules.

In recent years, we have noted that the Department of Finance, in the lead-up to Financial Services Committee meetings, has made an increased effort to reach out to industry to survey issues and concerns to help prepare. This is in addition to OSFI’s efforts to consult with the industry ahead of meetings at international organizations. This engagement is welcomed and appreciated. If the Department of Finance, OSFI, and other regulatory partners would like to create a forum with the objective of coordinating and collaborating on international issues, the CBA and the broader banking sector would be supportive and would welcome the opportunity to participate. Such a forum should have a mechanism where participants can obtain an update as to what was discussed at such meetings and an opportunity to provide feedback to help inform Canada’s positioning and engagement in these international dialogues.

Recommendation: The Department of Finance, along with its federal financial regulatory partners (OSFI, CDIC, FCAC, Bank of Canada, FINTRAC) as well as Global Affairs Canada (GAC) consult, whether formally or informally, with sectoral stakeholders on international issues. Furthermore, a mechanism should be implemented where participants can obtain updates as to what was discussed at such meetings and an opportunity to provide feedback to help inform Canada’s positioning and engagement in these international dialogues.

Sharing of Information About Integrity and Security Risks

As part of its expanded mandate, OSFI published the Integrity and Security Guideline in January this year. The overarching requirement under the Guideline is that FRFIs must have adequate policies and procedures in place to protect against threats to integrity or security, including foreign interference. With certain exceptions, the deadline for complying with new or expanded expectations under the Guideline is January 31st, 2025.

Threat actors may use a range of strategies to target financial institutions in Canada. While the Government of Canada continues to monitor for threats that may be attempts at foreign interference, undue influence, or malicious activity, as defined under the Guideline, FRFIs currently do not have definite or dependable access to intelligence possessed by law enforcement (e.g., the Royal Canadian Mounted Police (RCMP) or investigative agencies such as Canadian Security Intelligence Service (CSIS)).

Given the evolving nature of the threat environment, we welcome Finance’s proposal of information sharing by the federal government about integrity and security risks. Timely notification and information from law enforcement or intelligence agencies about known threats of foreign interference, undue influence, or malicious activity will empower FRFIs to act, where appropriate, to help mitigate such risks. Timely guidance on recent and emerging typologies or indicators of foreign interference, malicious activity, or undue influence, including relevant information as to tactics, techniques, and procedures, will be most helpful.

Public confidence in the Canadian financial system depends on the integrity and security of the financial system and the sharing of such information by the public sector to FRFIs is vital for meeting the policy objective of effectively managing risks to the integrity or security of the financial sector in Canada.

Recommendation: The Department of Finance proceeds with its proposal of information sharing by the federal government about integrity and security risks. Timely notification and information from law enforcement or intelligence agencies about known threats of foreign interference, undue influence, or malicious activity will empower FRFIs to act, where appropriate, to help mitigate such risks. Timely guidance on recent and emerging typologies or indicators of foreign interference, malicious activity, or undue influence, including relevant information as to tactics, techniques, and procedures, will be most helpful.

Advancing Work on Artificial Intelligence

Supporting Responsible Innovation

Banks in Canada recognize the opportunities presented by innovations such as artificial intelligence (AI) to improve the speed, accessibility, and security of services. More and more, banks are using AI and analytics to assess their customers’ needs and offer them personalized financial advice. Very often this advice can support everyday spending decisions and improve the ability of customers to manage their money effectively.

Banks leverage advanced tools like machine learning and AI to produce meaningful insights that improve organizational efficiency and enhance the customer experience while also better combating cybersecurity and fraud related risks. They are responsible innovators with a strong track record of developing and adopting technologies, like AI, to serve and protect their customers better.

As key contributors to Canada’s competitive and innovative financial services sector, Canada’s banks are active contributors to the important dialogue surrounding the safe, transparent, and responsible use of AI in Canada. Our banks are constantly working to maintain trust, stay secure and help Canadians understand and enjoy the significant benefits of this evolving technology.

Risk Based, Harmonized Regulations

The CBA has expressed support²⁵ for policy objectives outlined in federal AI legislation (through the proposed Artificial Intelligence and Data Act, or AIDA) that aim to promote the responsible development and use of AI systems in a manner that supports existing principles under Canadian law, including consistency with applicable privacy and human rights laws.

AI regulation should not be overly prescriptive or contain a set of ‘one-size-fits-all’ risk mitigation measures. In a rapidly evolving field like AI, we believe a flexible, risk-based regulatory AI framework that avoids any duplication or overlap with other frameworks is necessary to ensure Canadian organizations can serve consumers in a manner that fosters confidence and builds trust in the responsible development, deployment and use of AI systems. We believe other, more prescriptive approaches, could impede innovation and become overly complex for organizations as AI systems become more ubiquitous in our daily lives.

For this reason, it is important that any strategy to manage risks proposed by the Government should be principles-based, outcomes-focused and developed in consultation with impacted stakeholders. This means that any legislative or regulatory framework should be flexible, future proof and targeted (while avoiding duplication or overlap with other such frameworks) while acknowledging that AI use cases may change over time as technology evolves. To the extent possible, we believe that any future requirements should be practical, support innovation and align with existing regulatory requirements, such as those under relevant privacy laws. We therefore recommend a separate and substantive set of consultations with impacted stakeholders on the criterion (e.g., system type, requirements, thresholds) for high-impact systems before any legislative or regulatory AI framework is finalized in Canada.

We are concerned that the financial industry may face a complex regulatory environment with the introduction of multiple layers of AI regulation, as general AI legislation is under review in Parliament (such as AIDA). This could lead to challenges in compliance, potentially hindering innovation for financial institutions. We recommend that the government carefully consider the potential impact of overlapping regulations and strive for a streamlined and coordinated approach to AI governance.

Coordination and cooperation with domestic partners such as the federal and provincial governments, including regulatory agencies like OSFI, and international partners, at the G7 level in particular, is also an essential component of ensuring a degree of interoperability and harmony between various AI legislative and regulatory frameworks, particularly as it relates to the definition of AI.

This includes prioritizing federal AI legislation and promoting a harmonized regulatory approach across provinces to ensure Canadians continue to benefit from consistent privacy and other protections across jurisdictions and, importantly, avoiding duplicative, or conflicting obligations.

We urge the Department of Finance to consider research conducted by their peers such as the 2023 OSC report²⁶ on artificial intelligence in Ontario’s capital markets and OSFI’s Edge Principles ,²⁷ to better understand AI use cases in the financial markets and ensure collaboration and coordination between regulators when considering the creation of regulatory guidance, rules or framework, that would support responsible AI innovation while mitigating associated risks.

Recommendation: The federal government prioritize a federal approach to any AI legislative and regulatory framework and promote regulatory harmonization across provinces to ensure Canadians continue to benefit from consistent privacy and other protections across jurisdictions and, importantly, avoiding duplicative, or conflicting obligations by consulting impacted stakeholders extensively in the creation of any requirements for AI systems.

Harnessing the Benefit of AI Systems & Mitigating their Risks

Banks have an established practice of using technology to analyze data to better serve their clients and manage risks while ensuring obligations under prudential guidance and other regulations are being met. We agree it is essential to protect the public against harm that may arise from AI systems and that this is an important area of concern which requires mitigation.

Banks are heavily regulated and to maintain client trust, models are designed, developed and deployed in adherence to OSFI guidance, which has existing principles-based, risk-based guidance on model risk (i.e. Guideline E-23 Model Risk Management) and other non-financial risks more broadly (e.g., Guideline B-10 Third-Party Risk Management and Guideline B-13 Technology and Cyber Risk Management). The AI models banks develop and the use cases they deploy are additionally subject to existing privacy laws, human rights law and the Bank Act (including with respect to consumer protection). This reinforces the importance of avoiding the introduction of any overlapping or duplication requirements that could hinder innovation and positive consumer experiences.

It is important to also consider the potential for unintended consequences resulting from well-intentioned measures. Unintended consequences could restrict or disincentivize Canadian organizations and other entities from using third-party AI systems and impact the ability of vendors to sell or license AI systems to Canadian organizations. This would negatively impact the ability of Canadian financial institutions to deploy value-adding use cases, to innovate and to compete both locally and globally.

Recommendation: The federal government promote a flexible, risk-based AI framework that avoids any duplication or overlap with other frameworks or impedes innovation or the ability of Canadian organizations to compete globally.

Protecting Canadians Against Fraud

AI is a double-edged sword when it comes to fraud and cybersecurity. AI is a tool that greatly enhances capabilities to detect and prevent fraud and cyber-attacks, but the use of AI is also permitting real-time face and voice impersonations, and AI-powered fraud is increasing. As a result of the ever-evolving threat environment, fraud management has become an integral part of the products and services that financial institutions provide to their customers, and AI will also play an increasingly significant role in detecting AI-powered fraud.

Exceptions for risk mitigation measures should always be considered for AI systems that perform functions critical to public safety objectives (e.g. fraud prevention and detection, AML monitoring). Detecting fraud may involve monitoring a consumer’s behaviour on digital channels through the use of AI, for example to assess whether keystroke patterns, spending patterns, and log-in patterns are consistent with typical human behaviour (instead of a bot) or consumer behaviour (instead of a fraudster). The objective is to protect that consumer from others who may attempt to access their financial accounts.

Canadian banks continue to adapt and enhance operations and services by capitalizing on technological advancements without wavering from their steadfast commitment to protect the personal information of their customers. It is also crucial that we strengthen public-private partnerships to increase awareness of cyber and fraud threats. As Finance proceeds to develop its federal strategy, we look forward to providing additional feedback on how to ensure risks arising from technology like AI are appropriately governed and we welcome continued dialogue to support Finance in its efforts to harness the advantageous capabilities of AI in the financial sector.

Recommendation: The federal government, when developing a strategy to mitigate risks posed by AI systems, consider how certain well-intentioned measures may disincentivize innovation, including making it difficult for vendors to sell or license AI systems to Canadian organizations, or for Canadian organizations to adopt third-party AI systems. The federal government additionally should consider how proposed measures may result in the disclosure of sensitive or otherwise confidential information, and introduce risks (e.g. compromising the efficacy of AI systems, exposing exploitable information related to critical systems) that may not be balanced with the benefits such a disclosure is intended to provide.

[1] CBA’s submission on the Consultation on Upholding the Integrity of Canada’s Financial Sector (Financial Institutions Statutes Review), December 4^th, 2023.

[2]    CBA Submission on Strengthening Competition in the Financial Sector, March 1^st, 2024.

[3] Survey of Financing and Growth of Small and Medium-Sized Enterprises and Credit Conditions Survey, Innovation Science and Economic Development (ISED).

 [4] Tracxn, as of August 16^th, 2024. In June 2023, Tracxn reported over 3,800 financial sector fintech firms – an increase of 700 firms or 18% in 14 months.

[5] CBA Submission on Strengthening Competition in the Financial Sector, March 1^st, 2024 

[6] Response of the Government to Large Bank Mergers in Canada: Safeguarding the Public Interest for Canadians and Canadian Business, June 23^rd, 2003. 

 [7] CBA Submission on Strengthening Competition in the Financial Sector, March 1^st, 2024.

[8] How Banks are Helping to Protect Canadians from Fraud and Scams, CBA, August 7^th, 2024.

[9]  Collaboration, National Anti-Scam Centre, Australian Government.

[10]  Bank Act 627.33 (1) The maximum liability of a borrower for the unauthorized use of a credit card issued to them in Canada, the account information of the credit card or the personal authentication information created or adopted in relation to the credit card or credit card account is $50, unless the borrower has demonstrated gross negligence or, in Quebec, gross fault, in safeguarding the credit card, the account information or the personal authentication information.

[11] The Debit Card Code was originally developed through broad consultation with representatives from consumer organizations, financial institutions, retailers, and federal and provincial governments and covers liability for loss and procedures for addressing unauthorized transactions. CBA members have also committed to applying the Debit Card Code to online payments in respect of customer deposit accounts. The FCAC monitors banks’ compliance with the Debit Card Code and several other Codes of Conduct.  See online here: Codes of conduct - Canada.ca for more information.

^[12] The FCAC has already established expectations in respect of investigations of alleged debit and credit card transactions.  See online here: B-6 Investigations of unauthorized credit and debit card transactions - Canada.ca.

[13] Canadian Anti-Fraud Centre’s fraud reporting datasets mark first RCMP addition to Open Government Portal, RCMP, July 11^th, 2023.

[14] More information about banking services offered to consumers in Canada is available online here: Banks and Consumers.

[15] Banks branches in Canada by province, CBA.

[16] Integrity and Security - Guideline, OSFI, January 31^st, 2024.

[17] Background Checks on Directors and Senior Management of FREs – Guideline, OSFI, February 29^th, 2008.

[18] Corporate Governance – Guideline, OSFI, September 30^th, 2018.

[19] 2024 Benchmark Policy Guidelines, Glass Lewis

[20] Guideline Corporate Governance - Sound Business and Financial Practices, OSFI, September 2018. See also: Principles for Sound Compensation Practices, FSB, 2009.

 [21] Canada advances review of financial institution statutes, Torys LLP, August 19^th, 2024.[22] This was increased from the previous threshold of $90 million.

[23] Bank of Canada, Inflation Calculator. The calculator shows a 64.7% change in the Consumer Price Index (CPI) from 2001  to 2024.  

 [24] Paul C. Bourque and Gherardo Gennaro Caracciolo, The Good, the Bad and the Unnecessary: A Scorecard for Financial Regulations in Canada, Commentary 664. C.D. Howe Institute

[25] Briefing Document – CBA Recommendations: Bill C-27 Artificial Intelligence and Data Act, CBA, January 6^th, 2024, to the Standing Committee on Industry and Technology on Bill C-27‘s Artificial Intelligence and Data Act.

[26] OSC releases report on artificial intelligence in Ontario’s capital markets, Ontario Securities Commission (OSC), October 10^th, 2023.

[27] Financial Industry Forum on Artificial Intelligence: A Canadian Perspective on Responsible AI, OSFI, April 30^th, 2023.