I just received a FINTRAC examination notice. Can BriteBase help in time?

Yes. Our managed service can mobilize within days to triage the most likely examination focal points — risk assessment, customer identification, ongoing monitoring, and reporting — and stand up the documentation a FINTRAC examiner expects to see. We work with practitioners who have led examinations on both sides of the table.

How is BriteBase different from a compliance consultant?

Consultants give you advice and an invoice. BriteBase gives you a working operating system plus practitioners who do the work alongside you — so when the engagement ends, you keep the infrastructure, the audit trail, and the institutional knowledge. No per-hour bill shock.

Can BriteBase replace our current AML vendor?

In most cases, yes. Lean MSBs, PSPs, and crypto firms typically consolidate screening, risk rating, alerts, case management, workpapers, and training into BriteBase, replacing several point tools at once.

Is BriteBase aligned with FINTRAC requirements?

Yes. The platform is designed around Canadian reporting entity obligations under the PCMLTFA — onboarding, recordkeeping, ongoing monitoring, risk assessment, training, and reporting are all first-class concepts. BriteBase is a technology and compliance support provider; clients retain full responsibility for their compliance programs.

Is BriteBase a Canadian company?

Yes. BriteBase Technologies Inc. is incorporated in Ontario, built by Canadian compliance practitioners, and customer data is hosted in Canadian cloud regions.

How does pricing compare to hiring a consultant?

Compliance consulting engagements for an MSB or PSP typically run between five and twenty thousand Canadian dollars per engagement — with no platform left behind. BriteBase pricing is scoped to firm size and managed-service intensity, and is designed to be materially lower than a consultant on a sustained basis while leaving you with the operating infrastructure.

How fast can we get onboarded?

Most firms are live within a few weeks. We migrate existing customers, configure your risk model, and run a guided readiness review before go-live. If you have a FINTRAC deadline, tell us — we will sequence accordingly.

Where is our data hosted?

Customer data is hosted in Canadian cloud regions with enterprise-grade controls, encryption at rest and in transit, and full audit logging.

Canadian RegTech

All-in-one AML compliance suite for Canadian firms.

FINTRAC examination notice in your inbox? Bank threatening to offboard you? Or just trying to run a defensible AML program with one or two people? BriteBase combines an automation-driven compliance platform with hands-on practitioner support — so lean teams can run onboarding, monitoring, investigations, and reporting with the rigour FINTRAC expects.

Book a Demo See How It Works

FINTRAC-aligned, PCMLTFA-mapped
Canadian data residency
Encrypted at rest & in transit

Customer riskAuto

Risk score

Medium-High

Auto-rated · 4 factors

Geo

Product

Behaviour

Alert · L2

Sanction match review

A. TremblayOpen

Northbound Ltd.Triage

Workpaper

Q3 review · Onboarding

ID verification captured
Source of funds documented
Risk rationale recorded

Reviewer · M. SinghAudit trail ✓

Built by Canadian compliance practitioners

FINTRAC-aligned
PCMLTFA-mapped
Canadian data residency
Encrypted at rest & in transit

Why now

FINTRAC enforcement is no longer theoretical.

Lean compliance teams are exposed exactly when expectations are rising fastest. The data is from FINTRAC's public AMP notices.

22×
Total FINTRAC enforcement penalties grew roughly 22× from 2023 to 2025.
MSBs
Money Services Businesses and virtual currency firms account for the largest share of cases and penalty value.
Bill C-12
Proposed amendments would multiply maximum AMPs per violation — materially raising exposure for non-compliant reporting entities.

The problem

Compliance work shouldn't feel like duct tape.

Most Canadian non-bank reporting entities are stuck between expensive enterprise software built for global banks and a patchwork of spreadsheets, portals, and consultants.

Disconnected tools

Spreadsheets, screening portals, ticketing, email — nothing speaks to each other.

Legacy vendor cost

Enterprise AML platforms priced for banks, not lean regulated firms.

Manual compliance work

Hours lost to copy-paste, evidence gathering, and re-typing the same data.

Weak audit trails

Decisions made in chats and inboxes that auditors can't reconstruct.

Lean teams under pressure

One or two people responsible for the entire compliance program.

Rising regulator expectations

Higher bar for risk rating, monitoring, training, and documentation.

The platform

One operating system for compliance.

Replace a stack of disconnected tools with a single, structured workspace built around how a Canadian compliance program actually runs.

Customer onboarding

Capture, verify, and document new customers in one flow.

Screening

Sanctions, PEP, and adverse media screening with clear hits.

Risk scoring

Configurable models. Transparent factor breakdowns.

Alerts & cases

Triage, assign, investigate, and close with evidence.

Reporting workpapers

Audit-ready files that mirror your review process.

Training tracking

Assign, complete, and prove staff training.

Policy management

Versioned policies linked to controls and procedures.

Audit readiness

Always-on evidence, not a fire drill.

Software + Service

Not just software. Not just consulting.

BriteBase is built around a simple idea: automate what should be automated, keep humans on the work that requires judgment.

Platform

BriteBase Platform

Software where automation helps.

Onboarding, screening, and risk rating in one workspace
Configurable risk models with clear rationale
Alerts and case management with full audit trail
Workpapers, policies, and training in one place
API & file integrations with your existing stack

Explore the platform

Managed service

Compliance as a Service

Human support where judgment is required.

Fractional Chief AML Officer and compliance officer support
Alert review, escalation, and case write-ups
Policy drafting, updates, and annual reviews
Regulator-ready documentation and reporting
Audit and examination preparation

Talk to our team

Most teams choose both — software for scale, practitioners for judgment calls.

Who it's for

Built for Canadian non-bank reporting entities.

We work with regulated firms that need bank-grade compliance without bank-sized teams or budgets.

Money Services Businesses

Onboarding, monitoring, reporting, and FINTRAC-aligned recordkeeping for MSBs and foreign MSBs registered with FINTRAC.

Payment Service Providers

Customer due diligence, transaction monitoring, and reporting for PSPs operating under PCMLTFA obligations.

Crypto businesses

Travel rule, wallet screening, large virtual currency reporting, and risk-based onboarding for VASPs.

How it works

A clear path from onboarding to audit.

01
Onboard customer
Collect identity, verification, and source of funds in a single guided flow.
02
Run checks
Sanctions, PEP, and adverse media screening with structured outcomes.
03
Assign risk
Configurable risk models produce a transparent score and rationale.
04
Manage alerts & cases
Triage, investigate, escalate, and close with full evidence captured.
05
Report & evidence
Audit-ready workpapers and regulator submissions, ready when you are.

Business value

Built for lean compliance teams.

BriteBase is designed for the reality of small and mid-sized regulated firms — where one person often wears every compliance hat. We give them leverage.

Lower manual workload across the compliance team
Better audit readiness, every day of the year
Faster onboarding reviews without cutting corners
Clear, defensible risk decisions with rationale captured
Easier compliance operations across tools and teams
Practical support for lean compliance functions

Why teams trust BriteBase

Compliance-first by design.

Regulatory alignment

Built around FINTRAC obligations and sector guidance.

Canadian focus

Designed for Canadian reporting entities, not retrofitted.

Audit trail & explainability

Every decision time-stamped, attributed, and defensible.

Human + technology

Software for scale, real compliance professionals on call.

Inside the platform

A workspace that mirrors how compliance actually runs.

app.britebase.ca / cases

Case · CS-2418

Northbound Ltd. — Sanctions match review

Risk score

Medium

3 contributing factors

Recent alerts

4 open

Sanctions screening
L2Open
Threshold transaction
L1Triage
Adverse media match
L2Open
Velocity anomaly
L1Closed

Evidence & rationale

ID & verification captured

Source of funds documented

Reviewer rationale recorded

Resources

Field notes from Canadian AML compliance.

Practical analysis on enforcement trends, PCMLTFA changes, and operating a modern compliance program — written by practitioners, for practitioners.

Enforcement8 min read

The FINTRAC enforcement crisis facing Canadian MSBs: what the data actually shows

Three years of enforcement data expose a sector under extraordinary scrutiny — and proposed legislation that will make it significantly worse. Here is what compliance officers at Canadian MSBs and PSPs need to understand right now.

Enforcement8 min read

FINTRAC's enforcement surge: what two years of penalties tell us

Administrative monetary penalties have accelerated sharply since 2024. Here's what the pattern reveals about regulator priorities — and where lean compliance teams are most exposed.

Regulation9 min read

PCMLTFA amendments: what changed and how it affects regulated firms

Recent amendments to the PCMLTFA expand obligations for MSBs, PSPs, crypto firms, and others. A practical breakdown of what's new and what your program needs to absorb.

Penalties7 min read

Inside the March 2026 AMP increase: new ceilings, new exposure

March 2026 brought a substantial increase in administrative monetary penalty ceilings. Here's what changed, why it matters, and how to think about your firm's exposure.

Crypto8 min read

Crypto and the Travel Rule: where Canadian VASPs are getting it wrong

Canadian crypto firms face overlapping registration, travel rule, and large virtual currency reporting obligations. The most common failure modes — and how to fix them.

Operations9 min read

Building an audit-ready compliance program for FINTRAC examinations

Examinations don't reward effort — they reward evidence. A practical playbook for structuring documentation, workpapers, and operational habits that survive scrutiny.

Self-assessment

FINTRAC readiness quiz.

Seven questions, two minutes. A quick gut-check on whether your AML program would hold up to a FINTRAC examination under the post-March-2026 penalty regime.

Anonymous — nothing leaves your browser.
Maps to the six pillars FINTRAC examiners actually test.
Built by Canadian compliance practitioners.

0 / 7 answered~ 2 min

1.
Are your AML/ATF policies and procedures reviewed and updated within the last 24 months?
FINTRAC expects a documented compliance program review at least every two years.
2.
Do you maintain a documented enterprise-wide risk assessment covering clients, products, geography, and channels?
3.
Can you produce client identification and beneficial ownership records on demand for any active relationship?
4.
Are clients screened against sanctions, PEP, and adverse-media lists at onboarding and on an ongoing basis?
5.
Are STRs, LCTRs, EFTRs, and LVCTRs filed within the prescribed timelines with full audit trails?
6.
Has every employee, agent, and contractor completed AML training in the last 12 months — with records?
7.
Has an independent effectiveness review of your compliance program been completed in the last 24 months?

No data is stored. Results are calculated locally.

FAQ

Questions Canadian compliance teams ask us.

Don't see your question? Our team is happy to walk through the details on a discovery call.

Get started

See BriteBase in your environment.

Book a 30-minute walkthrough. We'll show the platform, talk through your current compliance setup, and outline what a move to BriteBase could look like.

Book a Demo 905-218-7088