Case Study: Building a Defensible AML Framework for Dealers in Precious Metals and Stones

Written By Mohit Gogna

For dealers in precious metals and stones, compliance often begins as a secondary concern. Something to address once the business is established and transactions are flowing. That approach rarely survives first contact with regulatory reality.

In Canada, dealers become subject to anti-money laundering obligations the moment they engage in transactions of $10,000 or more. At that point, requirements around identity verification, reporting, record keeping, and ongoing monitoring are no longer theoretical, they are operational.

This case study reflects how Platino Consulting supported a group of DPMS clients in moving from fragmented, informal processes to a structured, regulator-ready compliance program.

The Starting Point: Compliance Gaps Hidden in Plain Sight

When these clients engaged Platino Consulting, their businesses were growing quickly. Transaction volumes had increased, customer profiles had become more complex, and cross-border exposure was expanding.

On paper, they understood their obligations. In practice, execution was inconsistent.

Policies existed, but they were not aligned with how the business actually operated. Staff knew identity verification was required, but not always when or how to apply it. Reporting processes were reactive rather than embedded. Most critically, risk assessments were either generic or outdated.

This is a common pattern in the DPMS sector. The business model of high-value, portable assets with global liquidity, naturally attracts heightened scrutiny. Regulators expect a risk-based approach that is tailored, documented, and actively used.

The Turning Point: Designing a Program That Works in Practice

Our approach was not to introduce complexity. It was to introduce clarity.

We began by aligning the compliance framework with how the business actually functioned day-to-day. This meant mapping transaction flows, identifying where regulatory triggers occurred, and embedding controls at those exact points.

For example, identity verification was recalibrated to reflect real operational scenarios. Staff were trained to recognize that verification is required not only for large cash transactions, but also for suspicious activity, regardless of amount.

We redesigned policies and procedures so they could be used, not just referenced. Reporting obligations, such as large cash transaction reports, suspicious transaction reports, and application of the 24-hour rule, were integrated into workflows rather than treated as afterthoughts.

Risk assessment was another critical shift. Instead of a static document, it became a working tool. Clients were guided to evaluate risks across products, clients, geographies, and delivery channels, with clear links to mitigation measures.

Training That Changes Behaviour, Not Just Awareness

One of the most significant transformations came through targeted training.

Rather than generic AML sessions, we delivered training grounded in real DPMS scenarios, structured cash transactions, third-party involvement, and atypical purchasing behaviour. Staff were shown how red flags appear in their specific environment, not in abstract terms.

This matters. FINTRAC guidance emphasizes that identifying suspicious activity depends on recognizing patterns and behaviours within the context of the business.

As a result, compliance shifted from being a compliance officer’s responsibility to a shared operational function.

The Outcome: A Program That Withstands Scrutiny

By the end of the engagement, clients had more than documentation, they had a functioning compliance program.

They could demonstrate:

  • Clear and current policies aligned to regulatory requirements

  • A documented and defensible risk assessment

  • Embedded processes for identity verification and transaction reporting

  • Staff who understood both the “what” and the “why” of AML obligations

  • Ongoing monitoring practices tied to real business relationships

Most importantly, they were prepared, not just for regulatory examinations, but for the evolving expectations of financial institutions and partners.

The DPMS sector continues to face increasing regulatory attention due to its inherent exposure to money laundering risk. High-value goods, ease of transfer, and cross-border activity create vulnerabilities that regulators expect businesses to actively manage.

What this case demonstrates is straightforward: compliance is not achieved through templates or checklists. It is achieved through implementation.

How Platino Consulting Supports DPMS Clients

Platino Consulting works with dealers in precious metals and stones to build programs that are both compliant and operationally realistic.

We bring practical expertise in:

  • Translating FINTRAC requirements into business processes

  • Building risk assessments that regulators can rely on

  • Designing reporting frameworks that work under pressure

  • Delivering training that changes behaviour across teams

For businesses that recognize the risk, but are unsure how to operationalize compliance, this is where we step in.

A strong AML framework does more than meet regulatory expectations. It protects the business, strengthens banking relationships, and ensures that growth does not come at the expense of control.

And in today’s environment, that distinction is what separates compliant firms from exposed ones.

Contact Platino Consulting today for a consultation.

Mohit Gogna
Next

What to Expect in an AML Review