A convicted felon attempted to move at least $12 million through a Canadian bank, which failed to report the transactions to authorities in a breach of anti-money-laundering law, new documents obtained by the Toronto Star and National Observer show.

For keeping the transactions secret, the bank, whose name has been removed from the documents, was fined $1.15 million — the first and only time a bank has been penalized for this kind of offence in Canada.

It committed the “very serious” offence of failing to report “a suspicious transaction related to the commission or attempted commission of a money laundering offence,” according to 109 pages of heavily censored documents obtained through an access to information request by the National Observer.

From early 2012 to the end of 2013, the unnamed bank processed 1,179 international electronic transfers of $10,000 or more from the mystery client, who used a “potential shell company” and operated out of an unnamed country associated with money laundering. It also accepted 45 cash deposits of $10,000 or more, all without ever reporting the transactions to Fintrac, Canada’s money laundering and terrorist financing enforcement agency, as required by law.

The vast number of unreported transactions is “shocking,” one financial expert said. Richard Leblanc, a professor of corporate governance at York University, said it pointed to the possibility of bank employees conspiring with the client.

“This is a remarkable failure of governance at a major financial institution,” Leblanc said. “It’s shocking that this would occur.”

Adam Ross, who authored a recent report on money laundering in Canada for Transparency International, said the case highlighted a total lack of due diligence.

“It’s either systematic collapse of a monitoring system or employees of the bank were aiding and abetting this guy.”

The Canadian Bankers Association declined to comment on the new information and sent an eight-month-old statement first made when the fine was announced in April.

While the newly released Fintrac documents censor the client’s name, the dates and descriptions of his activities line up directly with those of Manitoba online pharmacy entrepreneur Andrew Strempler, 42, who pleaded guilty to mail fraud charges in the U.S. after his shipments were found to contain counterfeit medication:

The Fintrac documents say the client was arrested in June 2012, “following his deportation from (redacted).” Strempler, according to news reports, was arrested in Miami in June 2012, during a stopover on his deportation flight from Panama to Canada.

The Fintrac documents say the client pleaded guilty in October 2012, “related to the commission or attempted commission of a money laundering offence.” Strempler, according to court documents, pleaded guilty in a Southern District of Florida court on Oct. 4, 2012, to “conspiracy to commit mail fraud and wire fraud.”

The Fintrac documents say the bank was aware of a Food and Drug Administration (FDA) investigation into the client in 2011. On Sept. 8, 2011, an FDA investigator “confirmed” to the bank that “there was an active investigation of (redacted).” Strempler’s factual proffer, signed Oct. 8, 2012, states that the FDA sent him a letter as early as 2001, saying “it would be illegal for RxNorth to ship drugs that were not FDA-approved into the United States.”

The Fintrac documents say the client was sentenced in January 2013. Court documents show Strempler was sentenced to 48 months in prison and fined $25,000 (U.S.) by Judge Jose E. Martinez on Jan. 9, 2013.

Strempler was transferred to a minimum security prison in Manitoba in July 2015 and was released in October last year. His name now appears on a website for a consulting firm based outside Winnipeg.

Despite repeated attempts to reach Strempler this week for comment, he did not respond.

According to the timeline of the case, at least some of the 1,224 unreported transactions occurred while Strempler was incarcerated. According to U.S. court transcripts, the district attorney was able to determine that Strempler made $95 million from his mail-order pharmaceuticals business in 2005 and 2006 alone, $20 million of which was put in his wife’s name.

Since Fintrac oversees only financial institutions, its findings against the bank have no bearing on Strempler.

The financial oversight body said it is prevented by law from naming the bank’s client.

Fintrac does have the authority to name the bank, but has refused to do so.

In the documents obtained by the Star and the National Observer, Fintrac lays out the criteria for public naming in three “media lines.” The unknown bank meets two of those three criteria: it committed a “very serious violation” and its penalty was greater than $250,000.

In April, Fintrac officials said the bank couldn’t be named until all appeals were exhausted. At that time, the agency issued a public notice of the fine, “in order to send a message of deterrence now and bring about improved compliance behaviour as quickly as possible.”

This week, however, Fintrac spokesperson Darren Gibb confirmed all appeals have now been exhausted and the agency is still keeping the bank’s name secret.

This ongoing refusal to name the bank involved in such a large-scale financial breach is “un-Canadian,” said York University’s Leblanc.

“Normally, in a country like ours, there’s disclosure and transparency,” he said. “You can’t have deterrence without names. That’s the most important thing — the name of the institution and individuals involved … There’s a public right to know.”

Loading... Loading... Loading... Loading... Loading... Loading...

Richard Powers, director of governance programs at the University of Toronto’s Rotman School of Management, said corporations found guilty of wrongdoing should face the same public accountability as individuals.

“If it were me, the name would be on the front page,” he said. “Any person would be identified. Why should a corporation not face the same? To act as a deterrent, there should be full disclosure.”

The bank’s infractions — which also included failing to develop and apply compliance policies and procedures — were not referred to police for a criminal investigation because Fintrac determined “an administrative monetary penalty was the most appropriate course of action.”

The most serious violation assessed by Fintrac involves an incident in February 2012 when the bank received a “suspicious transaction related to the commission or attempted commission of a money laundering offence which … should have (been) reported,” reads a Fintrac analysis document.

That transaction was an incoming electronic funds transfer of $10,000 or more with several red flags, the document reads.

At the time of the transfer, Strempler was already facing fraud-related charges in the U.S. The bank had confirmed he was under investigation by the FDA and the RCMP. His account was frozen. The bank filed two previous “suspicious transaction reports” and placed him on “enhanced monitoring,” which included filing to Fintrac on a quarterly basis about his activities.

“High volumes of wire transfers were received in the client’s account and the transactions involved a potential shell company,” the Fintrac analysis document reads. “The transactions involved (redacted) which is known or suspected to be a country facilitating money laundering activities and a country where illicit drug production or exporting may be prevalent.”

Shortly after the transfer arrived, it was reversed and “the funds were returned to the sender.”

Still, the bank filed no suspicious transaction report to Fintrac.

In the documents, Fintrac describes suspicious transaction reports as “the most significant report that Fintrac receives as it conveys information directly relevant to money laundering or terrorism financing.”

Failing to file such a report reconstitutes a “violation with the most impact,” because it undermines the “foundation of the regime which is reporting of transactions to Fintrac,” the reasons for the decision say.

The bank did not contest Fintrac’s findings.

“(Redacted) admitted to the violation by stating that it should have reported the transaction in question as a suspicious transaction,” the documents state.

The documents show the bank’s maximum fine was $1.8 million. Fintrac originally imposed a fine of $1.5 million, but that was reduced further.

In a letter to the bank on Dec. 15, 2015, an unnamed Fintrac official wrote that the $1.5-million figure “was reviewed in light of the written representations you had submitted” and that “after full consideration … I impose a total administrative monetary penalty of $1,154,670.”

Those bank submissions, filed Sept. 30, 2015, argued the proposed penalty was “too high in consideration of the nature and actual circumstances of the violations,” and that “the harm done … is minimal.”

When asked if the fine levied was appropriate for the severity and number of violations, Fintrac said “administrative monetary penalties are intended to be non-punitive and are issued to encourage change in the non-compliant behaviour.”

Fintrac imposed the penalty Dec. 15, 2015, but would not make its first-ever fine against a bank public for more than three months.