Integrity, security, and foreign interference

Threats related to integrity and security, ranging from fraud and money laundering to cyber security and foreign interference, are prudential risks. Those risks have the potential to significantly affect institutions, and in turn, Canada’s financial system. We continue to monitor these evolving risks and how institutions are mitigating them.

Expanded mandate

In June 2023, the Office of the Superintendent of Financial Institutions’ (OSFI) mandate was expanded to conduct assessments on whether institutions have adequate policies and procedures to protect themselves against threats to their integrity and security, such as foreign interference. With this, we carry out additional supervisory work to identify and address deficiencies in institutions’ integrity and security policies and procedures. We are required by law to report annually to the Minister of Finance on the adequacy of policies and procedures of institutions to protect themselves against threats to their integrity or security.

Guidance

Our Integrity and Security guideline and other guidance outlines our expectations to institutions’ integrity and security policies and procedures.

Integrity, National Security and Integrated Solutions Sector

We established an Integrity, National Security and Integrated Solutions Sector, which:

  • serves as the area with the needed expertise and security clearance to combine sources of classified information and integrate this analysis into our work
  • provides intelligence and advice to inform OSFI’s supervisory approach
  • supports the Superintendent in his evidence-based decision-making should a serious threat to national security present itself in the Canadian financial system

When we find deficiencies in institutions’ integrity and security policies and procedures

When we find deficiencies in an institution’s policies and procedures and become aware of anti-money laundering risks as an example, we take swift and decisive action, including increased supervisory oversight, based on our Supervisory Framework.

Other measures

Our formal intervention powers are supported by sound analysis that considers the particular facts and circumstances. Other measures can include:

  • Direction of compliance. If the Superintendent is of the opinion that an institution does not have adequate policies and procedures to protect itself from threats to its integrity or security, the Superintendent may direct the institution to take any measures necessary to remedy the situation. 
  • Requiring an institution to increase capital and liquidity to ensure it continues to operate in a financially sound manner. 
  • We have the power to require a meeting of an institution’s board of directors to address specific matters. The Superintendent has a right to attend and be heard at such a meeting where there is an issue we need the board to consider.  
  • The Superintendent can veto the appointment of directors and senior officers of an institution that has been subject to certain statutory measures if the Superintendent is of the opinion that these persons are not suitable to hold that office based on statutory criteria. 
  • Further to this, the Superintendent has the power to remove directors and senior officers if the Superintendent is of the opinion that these persons are not suitable to hold that office based on statutory criteria. 
  • The Superintendent can appoint a third party, such as a monitor, in an institution to report to us on specific operations. 
  • The Superintendent, through a variation of an Order to Commence and Carry on Business, can limit or restrict an institution from engaging in a specific line of business. 

See our general guide to OSFI’s intervention process.

Working together

The Integrity, National Security and Integrated Solutions Sector works with the federal government’s security and intelligence community to better understand integrity, security, and foreign interference risk. For example, we collaborate with the Financial Transactions and Reports Analysis Centre of Canada, also known as FINTRAC, to identify whether institutions we regulate have the required policies and procedures in place to protect them against integrity and security threats, including money laundering and terrorist financing.

OSFI uses FINTRAC’s intelligence disclosures, including suspicious transaction reports, to informs our risk assessments. FINTRAC’s findings complement our supervisory work to assess the risk control effectiveness of an institution.

Alongside Canadian security and intelligence partners, we may also provide threat briefings to institutions to help improve their own assessments and actions.

Read our Annual Risk Outlook- Fiscal Year 2025-2026 for more insight on the integrity and security risk and OSFI’s response.

Report a problem or mistake on this page
Please select all that apply:
Date modified: