Skip to content
FINTRAC

ALERT: Private ABM Acquirer Services Must Register with FINTRAC and Comply by October 1, 2025

September 9, 2025 5 min read
ALERT: Private ABM Acquirer Services Must Register with FINTRAC and Comply by October 1, 2025

By Oct 1, 2025, private ABM acquirers must register with FINTRAC and meet PCMLTFA AML rules. Comply North helps operators build and maintain compliance.

Introduction: FINTRAC Expands AML Rules to Private ABM Acquirers

On October 1, 2025, private automated banking machine (ABM) acquirers will become subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA). This means that businesses involved in cash loading, transaction processing, or settlement account management for non-bank ATMs must register with FINTRAC and comply with the same anti-money laundering standards as other regulated money services businesses.

This regulatory expansion closes a long-standing gap in the “white-label ATM” sector, which has historically been linked to money laundering risks due to the absence of oversight. FINTRAC’s official guidance explains how ABM acquirers will now be supervised.

Who Qualifies as a Private ABM Acquirer

You are considered a private ABM acquirer if your business:

  • Owns or operates non-bank or white-label ATMs
  • Provides settlement or processing services for ATM transactions
  • Loads or arranges cash replenishment for ATMs
  • Holds or controls the settlement account for cash withdrawn from private ATMs

Banks and credit unions remain outside the scope. These rules specifically capture non-financial entities in the white-label ecosystem that handle high volumes of anonymous cash transactions.

Registration with FINTRAC

All ABM acquirers must register as Money Services Businesses (MSBs) before October 1, 2025. Registration requires disclosure of ATM locations, transaction types, cash-handling arrangements, and details of corporate control and beneficial ownership. Registrations must also be renewed annually.

Instead of navigating this process alone, operators are encouraged to use Comply North’s MSB Registration Service. Our team ensures registration is completed accurately, updated when needed, and aligned with FINTRAC expectations.

Compliance Program Requirements for ABM Acquirers

Registering as an MSB is only the starting point. FINTRAC requires private ABM acquirers to implement a comprehensive compliance program. This framework must be risk-based and operationally realistic, not simply a generic template.

Policies, Oversight, and Risk Assessment

Every operator must draft written policies and procedures that reflect how cash flows, transactions, and settlement accounts are handled in their network. These policies should describe how suspicious activity is identified, how records are kept, and how employees are trained.

A compliance officer must be appointed to oversee the program. This person should have enough authority to implement changes and escalate concerns. At the same time, FINTRAC requires a documented risk assessment. For ABM acquirers, risk factors include geography, cash intensity, and the independence of third-party operators. Machines in areas with high volumes of cash-only businesses, for example, carry a different risk profile than those in low-volume residential zones.

KYC, Recordkeeping, and Monitoring

While ABM acquirers do not interact with customers in the same way as banks, they must still maintain extensive records. These include ownership and settlement account details, ATM serial numbers, maintenance logs, and cash replenishment records. FINTRAC requires all such records to be retained for five years.

Monitoring is another essential obligation. Acquirers must detect red flags such as:

  • ATMs that consistently hit daily withdrawal limits
  • Machines with unusually high night-time usage
  • Devices in close proximity to known high-risk businesses
  • Repeated use of the same cards across multiple ATMs in the same network

These monitoring obligations are not optional. FINTRAC expects operators to explain how they identify suspicious patterns and what action is taken when concerns arise.

Reporting Obligations

Suspicious Transaction Reports and other MSB reporting requirements are central to the PCMLTFA. FINTRAC guidance stresses that operators must file a report when they have reasonable grounds to suspect money laundering or terrorist financing activity through their ATMs. Reports must be filed promptly and with sufficient detail to allow regulators to investigate. Failure to file reports can result in enforcement action, including penalties and public disclosure.

Training and Effectiveness Reviews

All staff involved in ATM operations, whether directly or through contracted agents, must receive ongoing AML training. Training should explain how to identify suspicious transactions, what escalation steps to take, and how to comply with reporting requirements. FINTRAC expects training to be documented and tailored to the role of the employee.

Every compliance program must also be independently reviewed at least once every two years. The purpose is to test whether policies, monitoring systems, and reporting obligations are being carried out effectively. Many operators engage Comply North’s Chief Compliance Officer Service to conduct these reviews and keep their programs audit-ready.

Consequences of Non-Compliance

FINTRAC enforces these requirements actively. Penalties for non-compliance can include fines of $500,000 or more, suspension or revocation of MSB registration, and publication of the violation on FINTRAC’s website. Beyond regulatory action, the reputational consequences of being named by FINTRAC can make it difficult to maintain banking relationships or expand operations.

Practical Action Plan for ABM Operators

To prepare for October 1, 2025, ABM acquirers should begin now:

Conclusion and Call to Action

Any business that processes, supports, or settles transactions for non-bank ATMs in Canada must register with FINTRAC and implement an AML compliance program by October 1, 2025. Registration is only the first step. Firms must maintain robust programs that include tailored policies, transaction monitoring, suspicious reporting, and independent reviews.

By working with Comply North’s MSB Registration Service and Chief Compliance Officer Service, ABM operators can meet these requirements efficiently, protect their business relationships, and reduce the risk of regulatory penalties.

All articles
Share:

Need help with this for your MSB?

We handle FINTRAC, RPAA, AML programs, and bank onboarding end to end, at honest, fixed-fee rates.

Book a Consultation

Related articles

FINTRAC MSB Registration in Canada: Your Complete Step-by-Step Guide
FINTRAC

FINTRAC MSB Registration in Canada: Your Complete Step-by-Step Guide

Starting a money services business (MSB) in Canada is exciting, but before you can move a dollar, you need to deal with your first regulatory requirement, FINTRAC MSB registration.

November 12, 2025 4 min read
Title Insurers Must Register with FINTRAC by October 1, 2025 – AML Compliance Now Mandatory
FINTRAC

Title Insurers Must Register with FINTRAC by October 1, 2025 – AML Compliance Now Mandatory

Introduction: FINTRAC Brings Title Insurers Under PCMLTFA Beginning October 1, 2025, title insurers in Canada will be subject to the Proceeds of Crime (Money Laundering) and Terror

September 9, 2025 4 min read
The Ultimate Guide to Building an MSB Compliance Program: FINTRAC Guide 4 Explained
FINTRAC

The Ultimate Guide to Building an MSB Compliance Program: FINTRAC Guide 4 Explained

Running a Money Services Business (MSB) in Canada means more than just moving money. It means taking responsibility for keeping the financial system safe from money laundering and

November 19, 2025 5 min read

Ready to get your compliance handled by experts?

Get clear, effective compliance at a fraction of the typical cost. Book a free consultation and we’ll send a detailed, fixed-fee proposal.

Book a Consultation View Pricing