FINTRAC’s March 24 Revocation Wave: 51 MSBs Cancelled in a Single Day — The Enforcement Escalation Every Compliance Officer Must Understand

1. The March 24 Wave: One Day, 51 Revocations

On 24 March 2026, FINTRAC revoked the registrations of 51 money services businesses in a single day — the largest single-day enforcement action of 2026 and the largest batch revocation in FINTRAC’s public register for the current period. Combined with the March 6 wave of 11 revocations, the March 16 wave of 22 revocations, and the two January actions, Q1 2026 has now produced 86 MSB revocations across five enforcement dates.

To understand the scale of what March 24 represents: eight days earlier, the March 16 wave of 22 revocations was itself the largest single action of the year at that point. The March 24 wave is more than double that. The enforcement pace is not plateauing — it is accelerating.

The 51 entities revoked on March 24 include:

Breinrock Limited · GTS Energy Markets Group Limited · Bane Global Limited · Pure Transfer Ltd. · Anto Global Investment Limited · Flourisi Co., Limited · BTCC Canada Limited · Backers Network Inc. · Surebanqa Corp. (operating as Wealthereum) · 1102913 B.C. Ltd. (operating as Neutronpay Inc.) · Biya Global Limited · Blue Starling Corp (operating as MyFX.ca) · ATM Token Financial Inc. · Africunia Incorporated (operating as Africunia Bank) · NEC Express Ltd (operating as NEC Money) · Hotmax Tech Ltd. · Smart Payments Technologies Ltd. · Cullinan Financial Services Ltd. · Exworth Exchange Inc. · Bitzaro Maple Capital Ltd. · Super Hedge International Markets Limited · Valens Pay Limited (operating as Sense Reserve) · Topcredit Technology Co., Ltd. · Blue Whale Tech Inc. · Pure Payments Inc. · Quorvex Markets Limited · 8 Billion Inc (operating as Fauzia Jewelry) · LBT Exchange Ltd. · Kipmotion Solutions Inc. · Puentes Capital Corporation · Glob Pay Inc (operating as GlobPay) · 2840711 Ontario Inc. (operating as Amin Exchange) · Southern Group Limited · Global Latam Services Inc. (operating as MoneyLatam) · 24Coin Financial Ltd · Bino Finance Ltd. · Viyaka Global Blockchain Limited · QIUNTEXBANK Technology Ltd (operating as Qiuntex — foreign MSB, UK) · Inspire Digi Limited · Spectrum Payments Inc. · Pumpchain Technologies Platforms Limited · 2862526 Ontario Inc. (operating as Sarafi Gisha) · NexGen Smart Trading Corp. (operating as Shiva Exchange) · Arash Trading Inc. · Galaxy Trust Advanced International Inc. · Ayandeh Exchange Inc. · 1000808591 Ontario Inc. (operating as Palladium Currency Exchange) · 1001020743 Ontario Inc. (operating as Opal Exchange) · 2729527 Ontario Inc. (operating as Ava Exchange) · MA Diana Group Inc. (operating as Shayan Exchange) · 1001040592 Ontario Inc. (operating as Jordan Exchange)

As with prior waves, the presence of an entity on this list does not uniformly imply bad faith or criminal activity. Some revoked entities — including operations with active websites and genuine customer-facing products — are more plausibly revoked for compliance programme deficiencies, non-response to FINTRAC information demands, or failure to update their programmes following the 2022 PCMLTFA amendments, rather than for absence of legitimate operations. The important analytical point is that FINTRAC does not distinguish between deliberate abusers and good-faith operators with compliance gaps when applying the statutory eligibility test — both categories of entity become non-eligible under the same grounds and face the same enforcement outcome.

2. Q1 2026 in Full: Four Waves, 86 Revocations, One Clear Direction

To understand the March 24 action properly, it must be placed within the full Q1 2026 enforcement picture.

Wave	Date	Entities Revoked	Primary Cohort
Wave 1	26 Jan 2026	1	Mixed
Wave 2	27 Jan 2026	1	Mixed
Wave 3	6 Mar 2026	11	2021 registrants
Wave 4	16 Mar 2026	22	2021 registrants
Wave 5	24 Mar 2026	51	2020–2021 registrants
Q1 Total		86

What is striking about this sequence is not just the numbers but the trajectory. Each successive wave is larger than the last. January was quiet. March 6 was a moderate action. March 16 doubled it. March 24 more than doubled that again. This is not a pattern of isolated enforcement events. It reflects a regulator that has committed to clearing a substantial backlog of non-eligible registrants and is processing them in increasingly large batches as its assessment infrastructure scales up.

The earlier analysis of the March 6 and 16 waves identified the 2021 registration cohort as the primary enforcement target. The March 24 wave confirms that analysis and extends it materially: FINTRAC has now moved the 2020 cohort explicitly into scope within the same quarter.

For MSB and PSP compliance officers, the question is no longer whether FINTRAC’s enforcement campaign will continue. It will. The question is what registration year cohort comes next — and whether your own registration would survive the scrutiny that has now been applied to the 2020 and 2021 cohorts.

3. What Changed: How the March 24 Cohort Differs from Earlier Waves

The March 24 revocation cohort is analytically distinct from the March 6 and 16 waves in several important ways. Understanding these differences matters for compliance officers assessing their own exposure.

Metric	Mar 6 + 16 Waves	Mar 24 Wave
Total entities	33	51
VC concentration	97%	88%
2021 registrants	94%	39%
2020 registrants	0%	41%
2025 registrants	0%	8%
Federal incorporation	34%	57%
Ontario jurisdiction	~3%	18%
No website	~60%	69%
Revoked while active	83%	86%
PSP services	23%	31%
Foreign MSBs	3	1

Three differences are immediately significant. First, the registration year profile has broadened substantially — March 24 targets 2020 and 2021 registrants almost equally, versus the earlier waves which were almost exclusively 2021. Second, Ontario entities are significantly more prominent at 18%, with several specifically clustered on the Yonge Street corridor in the GTA — a new geographic pattern not visible in the March 6 and 16 data. Third, the PSP concentration has jumped from 23% to 31%, with 16 of 51 revoked entities also holding PSP registrations under the Retail Payment Activities Act.

The reduction in VC concentration from 97% to 88% does not mean the VC enforcement focus has softened. It reflects that this wave picks up a cohort of more traditional FX and money transfer businesses that were registered in 2020 under the pre-VC-classification framework. Virtual currency remains the dominant service type among the revoked cohort by a wide margin and continues to represent FINTRAC’s highest-priority examination segment.

4. The 2020 Cohort Enters the Frame

The single most analytically significant finding in the March 24 data is the emergence of the 2020 registration cohort as an active enforcement target.

Of the 51 revoked entities, 21 (41%) registered in 2020. The year 2020 preceded the formal classification of virtual currency dealers under PCMLTFA — that classification took effect in June 2021. Entities that registered in 2020 did so primarily as traditional FX and money transfer businesses, with some adding VC to their service profile in anticipation of the incoming classification. These entities have now been registered for five to six years and have cycled through two or more registration renewals, making them candidates for the most comprehensive examination of their compliance programme to date.

The 2020 cohort entities in the March 24 wave exhibit a profile consistent with the compliance failure patterns identified in earlier waves: broad-scope service registration across FX, money transfer, and VC simultaneously; no operational websites in the majority of cases; shared or commercial agent addresses; and registration information that in several cases appears not to have been meaningfully updated since the initial application. Entities including Hotmax Tech Ltd., Flourisi Co. Limited, Bane Global Limited, GTS Energy Markets Group Limited, and Anto Global Investment Limited all registered in 2020, none list active websites, and all were revoked while their current registration periods remained valid — meaning FINTRAC made an affirmative determination of ineligibility rather than simply allowing the registrations to expire.

The fact that FINTRAC moved from the 2021 cohort to the 2020 cohort within the same quarter is highly significant. It confirms that the enforcement programme is systematic and backward-looking across cohort years, not a targeted response to specific intelligence. If your MSB registered in 2019, you should treat the current enforcement pattern as a direct signal that your cohort is likely entering the examination pipeline in the next one to two quarters.

5. The Most Alarming Signal: 2025 Registrants Already Revoked

While the 2020 cohort extension is the dominant finding in the March 24 data, the most operationally significant discovery is this: four entities that registered in 2025 appear in the revocation list.

The four entities are:

• 1001020743 Ontario Inc. (operating as Opal Exchange) — registered 6 June 2025, revoked 24 March 2026 — approximately nine months between registration and revocation
• 2729527 Ontario Inc. (operating as Ava Exchange) — registered 6 June 2025, revoked 24 March 2026 — approximately nine months
• MA Diana Group Inc. (operating as Shayan Exchange) — registered 7 August 2025, revoked 24 March 2026 — approximately seven months
• 1001040592 Ontario Inc. (operating as Jordan Exchange) — registered 20 August 2025, revoked 24 March 2026 — approximately seven months

All four registered within a narrow June–August 2025 window. All four are located on or within close proximity of the Yonge Street corridor in Thornhill, North York, and Richmond Hill. None list operational websites. All were revoked while their registration periods remain valid, with expiry dates extending to late 2027.

The time between registration and revocation — seven to nine months — is a material departure from the pattern in earlier waves, where revoked entities had been registered for four to five years before enforcement action. The inference is that FINTRAC’s post-registration monitoring now operates on a significantly shorter cycle than the traditional two-to-three year examination interval. Whether this reflects automated analytics flagging zero-reporting entities, enhanced post-registration compliance questionnaires, or information from third parties such as banks and payment processors, the practical outcome is the same: non-eligible registrants are being identified and actioned more quickly than at any previous point in FINTRAC’s enforcement history.

For the compliance profession, this has a critical practical implication. There is no longer a safe assumption that a newly registered MSB has time to build out its compliance infrastructure after registration. An entity that registers with FINTRAC without a functioning compliance programme from the first day of registration is exposed to enforcement risk from that day forward. The obligation to maintain an adequate compliance programme is not a future requirement — it is an immediate one.

6. The Yonge Street Corridor: Canada’s New Address Cluster Problem

The March 24 data introduces a significant new address cluster that compliance professionals, correspondent banks, and payment processors should note and act on: the Yonge Street corridor in the Greater Toronto Area, running through North York, Thornhill, Richmond Hill, and Markham.

Multiple revoked entities in the March 24 wave are registered on or within immediate proximity of this corridor:

• Ayandeh Exchange Inc. — 7181 Yonge Street, Unit 23, Markham
• 2840711 Ontario Inc. / Amin Exchange — 164-7181 Yonge Street, Toronto
• 1000808591 Ontario Inc. / Palladium Currency Exchange — 7181 Yonge Street, Unit 195, Thornhill
• MA Diana Group Inc. / Shayan Exchange — 7181 Yonge Street, Unit 24, Thornhill
• 1001040592 Ontario Inc. / Jordan Exchange — 6017 Yonge Street, North York
• 1001020743 Ontario Inc. / Opal Exchange — 6015 Yonge Street, North York
• Galaxy Trust Advanced International Inc. — 10212 Yonge Street, Unit 201, Richmond Hill
• NexGen Smart Trading Corp. / Shiva Exchange — 10097 Yonge Street, Unit 7, Richmond Hill

Eight entities clustered across a single corridor, four of them sharing units within the same commercial complex at 7181 Yonge Street. The structural pattern is directly comparable to the 422 Richards Street, Vancouver cluster that has produced revoked entities across every Q1 2026 enforcement wave — a shared commercial address used by multiple entities with near-identical service profiles, registrations within narrow date windows, no web presence, and no identifiable compliance infrastructure.

It is worth noting that Kipmotion Solutions Inc. and Neutronpay Inc. (1102913 B.C. Ltd.) — both 422 Richards Street entities — also appear in the March 24 wave, confirming that the Vancouver cluster is not yet exhausted and continues to produce revocations alongside the newly identified Yonge Street cluster. Two further entities in this wave add an international dimension: Spectrum Payments Inc. is a BC incorporation that lists a Nicosia, Cyprus address in its registration — a clear indicator of an entity using Canadian registration credentials from an offshore base with no Canadian operational presence. QIUNTEXBANK Technology Ltd. (operating as Qiuntex), the sole foreign MSB in this wave, is incorporated in the UK at 20-22 Wenlock Road, London — the same address that appeared in FINTRAC’s 2023 revocation data, suggesting this address has been under FINTRAC’s scrutiny across multiple enforcement cycles.

The practical signal for any MSB currently registered at 7181 Yonge Street or in the immediate corridor: your address is now associated with a confirmed FINTRAC enforcement cluster. That does not automatically mean your own registration is in jeopardy — legitimate operators use commercial addresses throughout the GTA. But it does mean that FINTRAC’s analytics will apply an elevated scrutiny weight to any registrant at that address, and your compliance programme needs to be demonstrably stronger than the median registrant to offset that signal. An immediate independent review is the most defensible posture. ComplyFactor’s FINTRAC MSB audit service provides that assessment.

7. PSP Dual-Registration Failures Are Accelerating

One of the most consequential structural trends in the March 24 data is the jump in PSP-registered entities among the revoked cohort. 16 of the 51 revoked entities — 31% — also held PSP registrations under the Retail Payment Activities Act, up from 23% in the earlier March waves and 0% in prior-year revocation data before RPAA came into full effect.

This matters at several levels.

First, it suggests that compliance failures in this population are systemic rather than technical. An entity that is simultaneously failing its PCMLTFA obligations under FINTRAC and its RPAA obligations under the Bank of Canada is not dealing with an isolated documentation gap. It is exhibiting a structural failure of compliance governance — the absence of the people, processes, and systems required to operate as a regulated financial entity under any framework.

Second, the Bank of Canada and FINTRAC have both committed to enhanced information-sharing between their respective oversight programmes as the RPAA supervision regime has matured. The data is consistent with — though does not conclusively prove — that this coordination is beginning to produce enforcement outputs. Whether FINTRAC is acting on information provided by the Bank of Canada’s PSP supervision programme, or whether both regulators are independently reaching the same population through their own analytical work, the practical consequence for dual-registered entities is identical.

Third, and most importantly for practitioners: for legitimate PSPs that also hold MSB registrations — a common structure for fintech businesses offering payment services alongside money transfer or FX — this trend is a material risk signal that needs to be addressed in compliance programme architecture. PCMLTFA obligations and RPAA obligations are distinct frameworks with different compliance architectures, different reporting timelines, and different supervisor expectations. A single generic AML programme that does not separately and explicitly address both sets of requirements is structurally deficient under each regime. Treating them as one compliance exercise is a documented failure mode.

For a detailed breakdown of how RPAA obligations interact with FINTRAC requirements, see the RPAA compliance guide for Canadian PSPs, the PSP annual reporting requirements guide, and the comprehensive RPAA Bank of Canada compliance guide.

8. What FINTRAC’s Enforcement Escalation Tells Us About Its Direction

Stepping back from the March 24 wave specifically, the full Q1 2026 picture — 86 revocations across five enforcement dates, with each wave larger than the last — tells a clear and consistent institutional story about where FINTRAC is heading and what compliance officers should anticipate.

FINTRAC has committed to structural registry clean-up at scale. The Q1 2026 revocation volume is inconsistent with routine compliance administration and consistent with an institutional decision to clear a substantial population of non-eligible registrants that accumulated during the relatively permissive self-registration environment of 2019–2022. The 2022 enhanced registration framework gave FINTRAC the analytical tools to identify non-compliant registrants systematically. The 2026 enforcement campaign is those tools operating at full scale.

Post-registration monitoring has materially shortened the enforcement cycle. The revocation of 2025 registrants within seven to nine months of approval is the clearest evidence yet that FINTRAC’s post-registration scrutiny is now operating on a far shorter cycle than the traditional two-to-three year examination interval. The specific mechanism — whether automated analytics, enhanced compliance questionnaires, or information from third parties — is not publicly confirmed, but the output is evidenced directly in the data: non-eligible registrants are being identified and actioned significantly faster than at any previous point.

Cohort sweeps are progressing systematically. The movement from 2021 to 2020 registrants within the same quarter strongly indicates that FINTRAC is working backward through registration cohort years. This inference, based on two consecutive data points, suggests that 2019 registrants are the likely next primary target and that the sweep will continue until all cohorts have been assessed against the current eligibility standard.

Banking relationships remain the secondary enforcement mechanism. Every entity on FINTRAC’s revocation register will have its banking relationships reviewed and typically terminated within weeks. Canadian financial institutions and payment processors actively cross-reference the FINTRAC revocation register in their MSB KYB reviews. For any business that depends on its FINTRAC registration to operate, the loss of that registration and the near-simultaneous loss of banking relationships is effectively an immediate business cessation. The overview of banking solutions for Canadian MSBs provides useful context on how banks are using the revocation register in their onboarding and ongoing review processes.

The Canada 2025 National Risk Assessment set the examination agenda. FINTRAC’s examination priorities follow its national risk assessments, and the 2025 NRA identified MSBs and VC dealers as the highest-risk segment in the Canadian financial system. The enforcement campaign we are witnessing in 2026 is the direct operational output of that risk-based prioritisation. Understanding the key AML trends shaping compliance officer priorities globally provides the broader strategic frame for why FINTRAC’s enforcement posture has become as aggressive as the Q1 data demonstrates.

9. The Action Agenda for MSB Compliance Officers

The March 24 wave, and the full Q1 2026 enforcement picture it completes, generates a specific and urgent action agenda for every MSB and PSP compliance officer operating under PCMLTFA. The following points are direct responses to the specific patterns the data reveals — not generic compliance advice.

If You Registered in 2019 or 2020, This Is Your Highest-Priority Compliance Risk

The enforcement sweep has explicitly reached the 2020 cohort. The 2019 cohort is the next logical target based on the pattern. Compliance officers at MSBs registered in these years should not wait for a FINTRAC information demand. Commission an independent compliance programme review now, document its findings, and remediate any gaps before the next enforcement wave. ComplyFactor’s FINTRAC MSB AML audit provides exactly this assessment with findings documented to satisfy PCMLTFA’s independent review requirement.

If You Registered in 2024 or 2025, Your Compliance Programme Must Be Fully Operational Today

The revocation of four entities within seven to nine months of registration eliminates any assumption that recently registered MSBs have time to build their compliance infrastructure after approval. If your programme is incomplete — no documented risk assessment, no formal policies and procedures manual, no compliance training records, no compliance officer named on your FINTRAC registration — you are at enforcement risk today. Review the FINTRAC AML requirements and the five-element FINTRAC-compliant AML programme framework to benchmark your current programme against what is required.

Audit Your Address Profile

If your registered business address is at 7181 Yonge Street, Thornhill or nearby, or at 422 Richards Street, Vancouver — both now confirmed multi-wave enforcement clusters — your address carries an elevated scrutiny weight in FINTRAC’s analytics. Commission an immediate compliance programme review to document the strength of your programme and ensure your registration information is fully current. For guidance on the KYC and CDD obligations that typically surface in examinations of GTA-based MSBs, see the KYC requirements for Canadian MSBs guide.

Verify and Separate Your Dual-Registration Compliance Architecture

If your entity holds both an MSB registration with FINTRAC and a PSP registration under RPAA, verify that your compliance documentation separately addresses the obligations of each regime. PCMLTFA and RPAA have distinct compliance architectures. A single generic AML programme does not satisfy both. The Canada PSP and MSB regulatory framework guide provides a detailed overview of both sets of obligations and how they interact.

Establish and Document Immediate Post-Registration Compliance Activity

For entities that registered in 2024 or 2025, FINTRAC’s monitoring begins at the point of registration. File your first qualifying EFTR, LVCTR, or LCTR as soon as you have triggering transactions. Respond to any FINTRAC correspondence immediately. Keep your compliance officer designation current on the FINTRAC portal. These are not just good practices — they are signals that your entity is genuinely operational and compliant. An entity that registers and then goes silent from a compliance activity perspective creates a risk profile that FINTRAC’s analytics are specifically calibrated to detect.

Complete Your Independent Effectiveness Review

The PCMLTFA requirement for an independent effectiveness review — at minimum every two years — is the compliance obligation most commonly absent from revoked entities. It is also the most important preventive measure, because a qualified external reviewer will identify programme deficiencies before FINTRAC does and allow you to remediate on your own timeline. Our MSB AML audit requirements guide covers what the review must include, and our AML review vs. AML audit guide clarifies the distinction between the two so you commission the right engagement.

Keep Every Field on Your FINTRAC Registration Current

Several entities in the March 24 cohort show registration data inconsistencies — mismatched provinces, outdated addresses, or missing compliance officer information. Update your FINTRAC registration promptly every time a material change occurs. This includes changes to legal name, operating name, address, services, compliance officer, and beneficial ownership. Outdated registration information is a direct revocation ground and is immediately visible to FINTRAC without any examination. See the FINTRAC MSB renewal requirements guide for a checklist of what needs to be current at all times.

10. Frequently Asked Questions

Why did FINTRAC revoke 51 MSBs in a single day?

FINTRAC’s enforcement model is batch-based. The Centre issues information demands or compliance questionnaires to cohorts of similarly-profiled registrants, waits for the response period to expire, and processes all non-responding or non-compliant entities as a batch on a single revocation date. The March 24 wave almost certainly represents the close of a compliance assessment cycle that was initiated in late 2025, with response periods expiring in early 2026 and revocations processed on March 24 after a further administrative period.

What does the 2020 cohort’s appearance mean for my MSB if I registered in 2019?

It strongly suggests your cohort is entering the enforcement pipeline. FINTRAC’s Q1 2026 pattern is a systematic backward sweep through registration years, not a targeted response to specific intelligence. If your compliance programme has not been independently reviewed in the past 12 months, commission that review now — before FINTRAC’s information demand arrives with a 30-day response deadline.

How can FINTRAC revoke a 2025 registrant within seven months of approval?

FINTRAC’s post-registration monitoring is substantially more active than the traditional examination-cycle model implied. The Centre’s analytics can identify indicators of non-compliance — zero reporting activity, no compliance officer engagement, no FINTRAC correspondence — relatively quickly after registration. The specific mechanisms are not publicly confirmed, but the enforcement outcome is documented in the March 24 data: entities that register without functioning compliance programmes are at risk within months, not years.

Should I be concerned if my MSB is registered at 7181 Yonge Street?

Using a commercial office address on the Yonge Street corridor is not prohibited, and operating from a shared commercial address does not automatically make your registration non-compliant. But your address is now associated with a confirmed FINTRAC enforcement cluster, and that generates an elevated scrutiny weighting. The appropriate response is to ensure your compliance programme is thoroughly documented, all registration information is current, and your transaction reporting history is consistent with your service profile. Commission an independent review if you have not done so in the past 12 months.

Does the 31% PSP concentration mean FINTRAC and the Bank of Canada are coordinating enforcement?

The data is consistent with that interpretation. The Bank of Canada and FINTRAC have both publicly committed to information-sharing between their oversight programmes, and the uptick in dual-registered entities in the revocation data is consistent with that coordination producing enforcement outputs. Whether the mechanism is active referral between the two regulators or parallel independent enforcement reaching the same population, the practical implication for dual-registered entities is the same: you need separate, functional compliance architectures for both PCMLTFA and RPAA.

What is FINTRAC likely to do in Q2 and Q3 2026?

Based on the Q1 pattern, further cohort sweeps targeting 2019 and potentially 2018 registrants are the most probable scenario. The pace of revocations is accelerating through Q1, and there is no structural reason for FINTRAC to decelerate given the scale of the backlog it appears to be processing. MSBs registered in 2018 and 2019 should treat the current environment as an active threat to their registration status and prioritise compliance programme review accordingly.

My MSB operates legitimately and remotely — am I at risk?

Operating without a physical Canadian office is not a compliance deficiency under PCMLTFA. What matters is whether your compliance programme exists and functions — documented policies, designated compliance officer, current FINTRAC registration data, transaction reporting history consistent with your business, and an independent effectiveness review completed within the required interval. A legitimately operating remote MSB with a strong programme is not in the same risk category as the non-operational entities that dominate the revocation data, provided its documentation is complete and current.